Go to homepage
€0.00
Menu

Privacy Policy

Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required and is not necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide it will generally have no consequences. This only applies insofar as no other information is provided in the following processing operations.

“Personal data” means any information relating to an identified or identifiable natural person.

1. Controller

The controller responsible for data processing is:

SARU Trading GmbH
Grün Str. 5
42697 Solingen
Germany
Phone: +49 (0) 212 73871660
Email: support@rm-time.de

2. Access Data, Hosting and Server Log Files

You can visit our website without providing any personal information. Each time our website is accessed, usage data is transmitted by your internet browser to us or to our web host or IT service provider and stored in so-called server log files.

This may include in particular: the name of the page accessed, date and time of access, IP address, amount of data transferred, browser type and browser version, operating system used, referrer URL and requesting provider.

The processing is carried out on the basis of Art. 6(1)(f) GDPR, based on our legitimate interest in the technical provision, stability, security and optimization of our website.

The server log files are stored only for as long as necessary for the aforementioned purposes and are then deleted, unless statutory retention obligations or security interests prevent deletion.

3. Content Delivery Network / Creoline CDN

We use a Content Delivery Network (CDN) provided by Creoline for the fast, secure and stable delivery of images and, where applicable, other static content on our website. The provider is creoline GmbH, Bergstraße 9a, 48341 Altenberge, Germany.

When images or static content are accessed via the CDN, the following data in particular may be processed: IP address, device and browser information, retrieved file or resource, date and time of access, referrer URL and technical connection data.

The processing serves the efficient delivery of our website content, the reduction of loading times, technical stability and the security of our website.

The legal basis is Art. 6(1)(f) GDPR, based on our legitimate interest in the fast, secure and stable provision of our website. If cookies or similar technologies are used in this context, this is done only in accordance with the applicable legal requirements.

Further information:
https://www.creoline.com/de/legal/privacy
Creoline CDN privacy information

4. Contact by Email, Telephone, WhatsApp or Contact Form

If you contact us by email, telephone, WhatsApp or via a contact form, we process the personal data you provide, in particular your name, email address, telephone number, message content and, where applicable, order or customer data.

If your request serves the implementation of pre-contractual measures or the processing of an existing contract, the processing is carried out on the basis of Art. 6(1)(b) GDPR.

In all other cases, the processing is carried out on the basis of Art. 6(1)(f) GDPR, based on our legitimate interest in processing and responding to your request.

Your data will be deleted once it is no longer required for processing your request, unless statutory retention periods apply.

5. WhatsApp Business

If you contact us via WhatsApp, we use WhatsApp Business for this purpose. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

In this context, we process in particular your mobile phone number, your name if provided, your message and, where applicable, order or customer data if you provide such information.

The processing serves the purpose of fast and simple communication with you. If the communication serves contract processing or pre-contractual communication, the processing is carried out on the basis of Art. 6(1)(b) GDPR. In other cases, the processing is carried out on the basis of Art. 6(1)(f) GDPR.

When using WhatsApp, personal data may also be processed by WhatsApp or Meta and may be transferred to third countries, in particular the USA.

Further information:
https://www.whatsapp.com/legal/privacy-policy-eea

6. Customer Account

When creating a customer account, we process the personal data you provide, in particular your name, address, email address, telephone number, login details and order history.

The processing serves the administration of your customer account, the simplification of future orders and the processing of existing contractual relationships.

The legal basis is Art. 6(1)(b) GDPR insofar as the customer account serves contract processing. Insofar as voluntary convenience functions are concerned, the processing is based on Art. 6(1)(f) GDPR.

You may request deletion of your customer account at any time. Statutory retention obligations, in particular tax and commercial law retention periods, remain unaffected.

7. Orders and Contract Processing

When placing an order, we process personal data insofar as this is necessary for accepting, processing, delivering, paying for and handling your order.

This includes in particular your name, billing and shipping address, email address, telephone number, order data, payment data, shipping data and communication relating to the order.

The provision of this data is necessary for the conclusion of the contract. Without this data, the contract cannot be concluded or performed.

The legal basis is Art. 6(1)(b) GDPR.

Your data will be passed on, where necessary, to shipping service providers, payment service providers, merchandise management and ERP service providers, accounting and tax service providers, IT and hosting service providers and other service providers involved in order processing. The scope of data transfer is limited to the necessary minimum.

8. Applications by Email

If you apply to us by email, we process the personal data you submit, in particular your name, contact details, application documents, information on education, qualifications and professional experience, as well as any other information you provide.

The processing serves the purpose of carrying out the application process and deciding on the establishment of an employment relationship. The legal basis is Art. 6(1)(b) GDPR in conjunction with Section 26 BDSG.

Your application data will be deleted no later than six months after completion of the application process, unless statutory reasons require longer storage or you have consented to longer storage, for example for an applicant pool.

9. Reviews and Review Reminders

If you submit a review or comment, we process the data you provide, in particular your name, review text, email address, order number if required for verification, and IP address for abuse prevention.

When a review is published, only the name you provide or a shortened/abbreviated name will be displayed. Your email address will not be published.

Depending on the review function, the processing is carried out on the basis of your consent pursuant to Art. 6(1)(a) GDPR or on the basis of our legitimate interest pursuant to Art. 6(1)(f) GDPR in displaying and verifying customer reviews and preventing abuse.

If we send you a review reminder by email after an order, this will only be done if the relevant consent exists or if there is a legally permissible basis. You may object to advertising communication at any time or withdraw your consent at any time.

10. Google Customer Reviews

We may use functions of Google Customer Reviews on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

In this context, in particular your email address, order number, delivery country, expected delivery date, product information, IP address and browser and device data may be processed.

The processing serves the purpose of obtaining and displaying customer reviews. Insofar as cookies or similar technologies are used or data is processed for marketing purposes, this is done on the basis of your consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.

Further information:
Google Customer Reviews Terms of Service
Google Privacy Policy

11. Newsletter, Direct Advertising and Klaviyo

11.1 Newsletter

If you subscribe to our newsletter, we process your email address and, where applicable, any additional data voluntarily provided by you. The processing is carried out on the basis of your consent pursuant to Art. 6(1)(a) GDPR.

You may withdraw your consent at any time with effect for the future, for example via the unsubscribe link in the newsletter or by contacting us.

To prevent further sending, we may store your email address in a suppression list after you unsubscribe. The legal basis for this is Art. 6(1)(f) GDPR.

11.2 Direct Advertising to Existing Customers

If we have received your email address in connection with the sale of goods or services, we may use it to advertise our own similar goods or services, provided you have not objected to such use.

The legal basis is Art. 6(1)(f) GDPR. You may object to this use at any time.

11.3 Klaviyo

We use Klaviyo for newsletters, marketing automation and the evaluation of our email campaigns. The provider is Klaviyo Inc., 125 Summer St, Boston, MA 02110, USA.

In particular, the following data may be processed: email address, name, opening and click behavior, purchase and order data, shopping cart data, product interests, device and browser data, IP address and times of interactions.

Klaviyo may use tracking technologies such as tracking pixels and tracking links. This enables us to determine whether newsletters have been opened and whether links have been clicked. Automated marketing processes, such as abandoned cart reminders or product recommendations, may also be used.

The processing for newsletters and marketing tracking is carried out on the basis of your consent pursuant to Art. 6(1)(a) GDPR and, insofar as cookies or similar technologies are used, pursuant to Section 25(1) TDDDG.

Where Klaviyo is used as a service provider for technical implementation, this is done within the scope of commissioned processing.

Further information:
https://www.klaviyo.com/legal/privacy-notice
https://www.klaviyo.com/legal/data-processing-agreement

12. Availability Notifications

If you register for an availability notification, we process your email address in order to inform you once, or in accordance with your consent, about the availability of an item.

The legal basis is Art. 6(1)(a) GDPR. You may withdraw your consent at any time.

13. Postal Advertising

We may use your postal address, which we have received in connection with the sale of goods or services, for our own postal advertising, provided you have not objected to this.

The legal basis is Art. 6(1)(f) GDPR. You may object to the use of your address for postal advertising at any time.

14. Shipping Service Providers and Shipping Processing

For the delivery of your order, we pass on the data required for this purpose to shipping service providers, in particular your name, shipping address, email address where applicable, telephone number where applicable and shipment data.

The transfer is carried out on the basis of Art. 6(1)(b) GDPR insofar as it is necessary for delivery.

If your email address or telephone number is transmitted to the shipping service provider for shipping notifications or parcel tracking, this will only be done where there is an appropriate legal basis, in particular your consent pursuant to Art. 6(1)(a) GDPR or a legitimate interest pursuant to Art. 6(1)(f) GDPR.

We work in particular with the following shipping service providers and shipping platforms:

  • DHL Paket GmbH, Charles-de-Gaulle-Straße 20, 53113 Bonn, Germany
  • United Parcel Service Deutschland S.à r.l. & Co. OHG, Görlitzer Straße 1, 41460 Neuss, Germany
  • Sendcloud GmbH, Kanalstraße 10, 80538 Munich, Germany

Sendcloud serves as a technical platform for creating shipping labels, shipping processing, shipment tracking and, where applicable, returns processing. In this context, in particular your name, address, email address, telephone number, order number, shipment number and shipping information may be processed.

Further information:
DHL Privacy Information
UPS Privacy Notice
Sendcloud Privacy Policy

15. Merchandise Management, Accounting and ERP

For order processing, merchandise management, warehouse management and accounting, we use external service providers and systems, in particular Pickware and Lexware/Haufe-Lexware.

In this context, in particular order data, customer data, invoice data, payment and shipping information and product data may be processed.

The processing serves contract processing, accounting, merchandise management and compliance with legal obligations. The legal bases are Art. 6(1)(b) GDPR, Art. 6(1)(c) GDPR and Art. 6(1)(f) GDPR.

Further information:
Pickware Privacy Policy
Lexware Privacy Policy

16. Payment Service Providers

16.1 Mollie

For payment processing, we use Mollie. The provider is Mollie B.V., Keizersgracht 126, 1015 CW Amsterdam, Netherlands.

Various payment methods may be offered via Mollie, in particular Klarna, credit card, Apple Pay, Google Pay and other payment methods supported by Mollie.

When selecting a payment method offered via Mollie, the data required for payment processing is transmitted to Mollie. This may include in particular your name, billing and shipping address, email address, telephone number, order data, payment data, transaction data, IP address and device and browser information.

The processing is carried out for payment processing on the basis of Art. 6(1)(b) GDPR. Depending on the payment method selected, Mollie may forward the data to other payment service providers, banks, card organizations or providers of the selected payment method.

Further information:
https://www.mollie.com/de/privacy

16.2 Klarna via Mollie

If you choose a Klarna payment method, personal data may also be transmitted to Klarna and processed by Klarna. The provider is Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden.

In particular, the following data may be processed: name, address, date of birth if required, email address, telephone number, order data, payment data and creditworthiness and scoring data.

Klarna may carry out credit checks and obtain information from credit agencies in order to decide on the provision of certain payment methods.

The legal bases are Art. 6(1)(b) GDPR for payment processing and Art. 6(1)(f) GDPR for fraud prevention and risk assessment.

Further information:
https://www.klarna.com/de/datenschutz/

16.3 Credit Card via Mollie

When paying by credit card via Mollie, the data required for payment processing is transmitted to Mollie and to the participating card and payment networks.

The legal basis is Art. 6(1)(b) GDPR.

16.4 Apple Pay via Mollie

If you use Apple Pay, personal data may be processed by Apple. The provider is Apple Distribution International Ltd., Hollyhill Industrial Estate, Cork, Ireland.

Payment processing is carried out via Apple Pay and Mollie. The data processed by Apple is determined by Apple’s privacy policy.

The legal basis for payment processing is Art. 6(1)(b) GDPR.

Further information:
https://www.apple.com/legal/privacy/de-ww/

16.5 Google Pay via Mollie

If you use Google Pay, personal data may be processed by Google. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Payment processing is carried out via Google Pay and Mollie. The data processed by Google is determined by Google’s privacy policy.

The legal basis for payment processing is Art. 6(1)(b) GDPR.

Further information:
Google Payments Privacy Notice
Google Privacy Policy

16.6 PayPal

If you choose PayPal as a payment method, the data required for payment processing is transmitted to PayPal. The provider is PayPal (Europe) S.à r.l. et Cie, S.C.A., 22–24 Boulevard Royal, L-2449 Luxembourg.

In particular, your name, email address, billing and shipping address, payment data, order data and transaction data are processed.

The legal basis is Art. 6(1)(b) GDPR. PayPal may carry out credit checks for certain payment methods. In this context, PayPal may transmit personal data to credit agencies.

Further information:
https://www.paypal.com/de/webapps/mpp/ua/privacy-full

17. Cookies and Similar Technologies

Our website uses cookies and similar technologies. Cookies are small text files that are stored on your device. We distinguish in particular between essential technologies, functional technologies, analytics and statistics technologies and marketing technologies.

Essential technologies are required for the operation of the website. Their use is based on Section 25(2) TDDDG. The subsequent processing of personal data is carried out on the basis of Art. 6(1)(f) GDPR or, where legal obligations are fulfilled, Art. 6(1)(c) GDPR.

Non-essential technologies, in particular analytics, marketing and tracking technologies, are used only with your consent. The legal basis is Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.

You may withdraw or change your consent at any time via our consent management tool.

18. Usercentrics Consent Management Platform

We use the Usercentrics Consent Management Platform. The provider is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany.

Usercentrics serves to obtain, manage and document consent for cookies and similar technologies.

In particular, the consent status, date and time of consent, IP address in shortened or anonymized form, browser and device information, consent ID and opt-in and opt-out data may be processed.

The processing is carried out to fulfill legal obligations on the basis of Art. 6(1)(c) GDPR.

Further information:
https://usercentrics.com/privacy-policy/

19. Google Tag Manager

We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager serves to manage and deploy tags, scripts and services on our website. According to Google, Google Tag Manager itself does not set cookies for analytics or marketing purposes. However, Google Tag Manager may be used to integrate other services that process personal data or set cookies.

The processing is carried out on the basis of our legitimate interest pursuant to Art. 6(1)(f) GDPR in the efficient technical management of our website. Insofar as services requiring consent are loaded via Google Tag Manager, their use will only take place after your consent.

Further information:
https://support.google.com/tagmanager/answer/9323295?hl=en
https://policies.google.com/privacy?hl=en

20. Google Analytics 4

We use Google Analytics 4. The provider is Google Ireland Limited.

Google Analytics serves to analyze the use of our website and to optimize our offer. In particular, IP address, device and browser information, page views, click paths, referrer URL, location data based on the IP address, purchase and conversion data and interactions on the website may be processed.

Google Analytics uses cookies or similar technologies only after your consent. The legal basis is Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.

Further information:
https://policies.google.com/privacy?hl=en
https://policies.google.com/technologies/partner-sites?hl=en
https://business.safety.google/privacy/

21. Google Consent Mode

We use Google Consent Mode. Consent Mode makes it possible to transmit users’ consent status to Google services.

Depending on the technical configuration, Google tags may be completely blocked before consent is given, or cookieless signals may be sent in the so-called Advanced Consent Mode. If Advanced Consent Mode is used, so-called cookieless pings may be transmitted to Google even if consent has not been given.

Insofar as personal data is processed or technologies requiring consent are used, this is done on the basis of your consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.

Further information:
https://support.google.com/google-ads/answer/10000067?hl=en

22. Google Ads, Conversion Tracking, Conversion Linker, DoubleClick and Google Syndication

We use Google Ads, Google Ads Conversion Tracking, Conversion Linker and services from the Google advertising network, in particular DoubleClick/Google Marketing Platform and Google Syndication. The provider is Google Ireland Limited.

These services serve the display, measurement and optimization of advertisements and the recording of conversions.

In particular, IP address, device and browser information, referrer URL, pages visited, clicks on advertisements, conversion events, cookie IDs, advertising IDs and order and revenue data may be processed.

The use of cookies or similar technologies takes place only with your consent pursuant to Section 25(1) TDDDG. The processing of personal data is carried out on the basis of your consent pursuant to Art. 6(1)(a) GDPR.

Further information:
https://policies.google.com/technologies/ads?hl=en
https://business.safety.google/privacy/

23. Meta Pixel, Facebook Pixel, Facebook Social Plugins and Server-Side Tracking via Stape

We use Meta Pixel or Facebook Pixel and, where applicable, Facebook Social Plugins. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

These services serve the measurement and optimization of our advertising as well as the display of interest-based advertising on Facebook and Instagram.

In particular, IP address, device and browser information, pages visited, click behavior, shopping cart and purchase events, cookie IDs and Meta/Facebook user IDs may be processed.

In addition, we use server-side tracking or the Meta Conversions API via Stape for Meta. The provider is Stape, Inc. or Stape Europe OÜ, insofar as contractually agreed. With server-side tracking, tracking events are not transmitted exclusively directly from the browser to Meta, but may first be processed via a server-side tracking infrastructure and then forwarded to Meta.

In particular, the following data may be processed: event data, timestamps, order and conversion data, shopping cart values, product data, technical information, pseudonymous identifiers and, where applicable, hashed contact information, insofar as this is technically used and legally permissible.

The use of server-side tracking serves the improved measurement of conversions, the optimization of our advertising campaigns, the reduction of incorrect duplicate measurements and better control over which data is transmitted to advertising platforms.

The processing is carried out only with your consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR, insofar as tracking technologies or marketing processing requiring consent are concerned.

Further information:
https://www.facebook.com/privacy/policy/
https://www.facebook.com/legal/terms/businesstools
https://stape.io/privacy-notice
https://stape.io/eu-gdpr

24. TikTok Pixel

We use TikTok Pixel. The providers are TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, Ireland, and TikTok Information Technologies UK Limited, London, United Kingdom.

TikTok Pixel serves the measurement, analysis and optimization of our advertising on TikTok. In particular, IP address, device and browser information, pages visited, click and purchase events, times of interactions and cookie IDs or similar identifiers may be processed.

The processing is carried out only with your consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.

Further information:
https://www.tiktok.com/legal/page/eea/privacy-policy/en
https://ads.tiktok.com/i18n/official/policy/controller-to-controller

25. Microsoft Advertising Remarketing

We use Microsoft Advertising Remarketing. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.

The service serves performance measurement, conversion tracking and the display of interest-based advertising via Microsoft Advertising.

In particular, IP address, device and browser information, clicks on advertisements, conversion events, referrer URL and cookie IDs may be processed.

The processing is carried out only with your consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.

Further information:
https://privacy.microsoft.com/en-us/privacystatement

26. Microsoft Clarity

We use Microsoft Clarity. The provider is Microsoft Ireland Operations Limited.

Microsoft Clarity serves to analyze user behavior, in particular through heatmaps, session recordings, click and scroll analyses.

In particular, IP address, device and browser information, screen resolution, clicks, scrolling behavior, mouse movements, pages visited and time spent on the website may be processed.

The processing is carried out only with your consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.

Further information:
https://learn.microsoft.com/en-us/clarity/faq#privacy
Clarity Cookie List
Microsoft Privacy Statement

27. Hotjar

We use Hotjar. The provider is Hotjar Ltd., Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian’s STJ 3141, Malta.

Hotjar serves to analyze and improve the user-friendliness of our website. Heatmaps, click analyses and user recordings may be used for this purpose.

In particular, IP address in shortened or anonymized form, device information, browser information, clicks, scrolling behavior, mouse movements, pages visited and time spent on the website may be processed.

The processing is carried out only with your consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.

Further information:
https://www.hotjar.com/legal/policies/privacy/
Hotjar Cookie Information

28. ProfitMetrics

We use ProfitMetrics for the economic evaluation of our orders and marketing activities.

According to our current technical configuration, no direct personal customer data such as name, address, email address or telephone number is transmitted to ProfitMetrics. In particular, order and revenue data, product data, shopping cart values, campaign and channel information and conversion data are processed.

The processing serves business analysis, the attribution of orders to marketing channels and the optimization of our advertising activities.

Insofar as ProfitMetrics is used exclusively without cookies, pixels, access to the user’s device or user-related identifiers and no direct identification of the user takes place, the processing is carried out on the basis of our legitimate interest pursuant to Art. 6(1)(f) GDPR.

Insofar as ProfitMetrics uses cookies, pixels, pseudonymous user identifiers or similar technologies or accesses information on the user’s device, the processing is carried out only with your consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.

Further information:
https://profitmetrics.io/privacy-policy/

29. Elfsight Widgets, Elfsight Reviews and Elfsight WhatsApp Chat

We use widgets from Elfsight, in particular review and chat widgets. The provider is Elfsight, LLC.

Elfsight may be used to integrate content and functions from external services into our website, for example review widgets, Google Reviews by Elfsight, All-in-One Reviews by Elfsight and WhatsApp Chat widgets.

In particular, IP address, device and browser information, the page accessed, interactions with the widget and, where applicable, communication data entered may be processed.

The processing is carried out, unless technically strictly necessary, on the basis of your consent pursuant to Art. 6(1)(a) GDPR or Section 25(1) TDDDG.

Further information:
https://elfsight.com/privacy-policy/

30. Doofinder

We use Doofinder as a search function on our website. The provider is DooFinder S.L., Spain.

Doofinder serves to improve product search and user-friendliness. In particular, search terms, IP address, device and browser information, clicked search results and pseudonymous user identifiers may be processed.

The processing is carried out on the basis of Art. 6(1)(f) GDPR, based on our legitimate interest in a user-friendly product search. Insofar as cookies or similar technologies are used, this is done in accordance with the applicable legal requirements and, where applicable, your consent.

Further information:
https://www.doofinder.com/en/privacy-policy

31. Loadbee

We use Loadbee to display additional product information and manufacturer content. The provider is Loadbee GmbH, Rotebühlstraße 59A, 70178 Stuttgart, Germany.

When pages containing Loadbee content are accessed, in particular IP address, device and browser information, the product page accessed and usage and interaction data may be processed.

The processing serves the display of additional product information and thus the improvement of product advice. The legal basis is Art. 6(1)(f) GDPR. Insofar as cookies or similar technologies are used, this is done in accordance with the applicable legal requirements and, where applicable, your consent pursuant to Section 25(1) TDDDG.

Further information:
https://www.loadbee.com/de/datenschutz/

32. Google reCAPTCHA

We use Google reCAPTCHA to secure our forms and protect against spam and abusive automated use. The provider is Google Ireland Limited.

In particular, IP address, device and browser information, mouse movements, time spent, input behavior, referrer URL and, where applicable, Google cookies may be processed.

Insofar as reCAPTCHA is necessary for technical security, the processing is carried out on the basis of Art. 6(1)(f) GDPR. Insofar as cookies or similar technologies are used that are not strictly necessary, this is done on the basis of your consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.

Further information:
https://www.google.com/recaptcha/about/
https://policies.google.com/privacy?hl=en

33. YouTube Video

We embed YouTube videos on our website. The provider is Google Ireland Limited.

When a page with an embedded YouTube video is accessed, data may be transmitted to Google or YouTube, in particular IP address, device and browser information, the page accessed, playback information and, where applicable, cookie IDs.

Where possible, we use the enhanced privacy mode. Nevertheless, when a video is played, data may be transmitted to YouTube or Google.

The processing is carried out on the basis of your consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.

Further information:
https://www.youtube.com/t/privacy
https://policies.google.com/privacy?hl=en

34. Google Fonts, gstatic.com and Google AJAX

Our website may use Google services for technical presentation and functionality, in particular Google Fonts, gstatic.com and Google AJAX. The provider is Google Ireland Limited.

In particular, IP address, device and browser information, the page accessed and technical access data may be processed.

Insofar as Google Fonts are loaded externally, this is done only in accordance with the applicable legal requirements. To reduce data protection risks, we recommend hosting fonts locally.

Depending on the integration, the processing is carried out on the basis of Art. 6(1)(f) GDPR or, insofar as technologies requiring consent are used, on the basis of your consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.

Further information:
Google Fonts Privacy FAQ
Google Privacy Policy

35. Google Docs, Google Forms and Google Play

Insofar as content or functions from Google Docs, Google Forms or Google Play are embedded on our website, these services are provided by Google Ireland Limited.

In particular, IP address, device and browser information, the page accessed, interactions with the embedded content and, where applicable, data entered in forms may be processed.

The processing is carried out, unless technically necessary, on the basis of your consent pursuant to Art. 6(1)(a) GDPR and Section 25(1) TDDDG.

If these services are not actually actively embedded on our website, they should be removed from the cookie banner and from this privacy policy.

Further information:
https://policies.google.com/privacy?hl=en

36. Google Maps

Insofar as Google Maps is embedded on our website, we use this service to display maps and locations. The provider is Google Ireland Limited.

In particular, IP address, location data if enabled, device and browser information and the page accessed may be processed.

The processing is carried out on the basis of your consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.

Further information:
https://policies.google.com/privacy?hl=en
Google Maps Terms of Service

37. Online Presences in Social Media

We maintain online presences on social networks and platforms in order to communicate with customers, interested parties and users and to provide information about our offers.

When visiting our profiles, personal data may be processed by the respective platform operators. This may include in particular IP address, device information, usage data, interactions, messages and profile information.

We point out that data processing may partly take place outside the European Union or the European Economic Area. The privacy policies of the respective platform operators apply to processing by those operators.

We may in particular operate profiles on the following platforms:

  • Facebook / Meta
  • Instagram / Meta
  • YouTube / Google
  • TikTok

Further information:
Meta / Facebook Privacy Policy
Instagram Privacy Policy
Google / YouTube Privacy Policy
TikTok Privacy Policy

38. Transfers to Third Countries

When using certain services, personal data may be transferred to third countries outside the European Union or the European Economic Area, in particular to the USA.

For certain companies in the USA, data transfer may be based on the EU-U.S. Data Privacy Framework, provided that the respective company is certified accordingly.

Where no adequacy decision exists, transfers take place on the basis of appropriate safeguards, in particular standard contractual clauses, or on the basis of your consent where required.

Further information:
European Commission: Adequacy Decisions
EU-U.S. Data Privacy Framework

39. Storage Duration

We store personal data only for as long as necessary for the respective purpose.

After complete contract processing, data is initially stored for the duration of warranty periods and subsequently in accordance with statutory retention periods, in particular under commercial and tax law.

After expiry of the respective periods, the data will be deleted unless there is another legal basis for storage.

40. Rights of Data Subjects

You have the following rights if the statutory requirements are met:

  • Right of access pursuant to Art. 15 GDPR
  • Right to rectification pursuant to Art. 16 GDPR
  • Right to erasure pursuant to Art. 17 GDPR
  • Right to restriction of processing pursuant to Art. 18 GDPR
  • Right to data portability pursuant to Art. 20 GDPR
  • Right to object pursuant to Art. 21 GDPR
  • Right to withdraw consent given pursuant to Art. 7(3) GDPR

If you withdraw consent, the lawfulness of the processing carried out until the withdrawal remains unaffected.

41. Right to Lodge a Complaint with a Supervisory Authority

Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data is unlawful.

The supervisory authority responsible for us is:

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
Postfach 20 04 44
40102 Düsseldorf
Phone: +49 211 38424-0
Email: poststelle@ldi.nrw.de
Website: https://www.ldi.nrw.de/

42. Right to Object

If data processing is based on Art. 6(1)(f) GDPR, you have the right to object to this processing at any time for reasons arising from your particular situation.

If processing is carried out for direct marketing purposes, you may object to this processing at any time. After your objection, your personal data will no longer be processed for direct marketing purposes.

43. Version

May 2026