Data protection

Data Protection

1) Introduction and contact details of the person responsible

1.1 We are pleased that you visit our website and thank you for your interest. Below we inform you about the handling of your personal data when using our website. Personal data here means all data by which you can be personally identified.

1.2 The person responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Izonn GmbH, Senator-Braun-Allee 9, 31135 Hildesheim, Germany, Tel.: 08001100077, E-Mail: shop@Izonn.com. The person responsible for the processing of personal data is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data.

2) Data collection when visiting our website

2.1 When using our website for purely informational purposes, i.e., if you do not register or otherwise provide us with information, we only collect data that your browser transmits to the page server (so-called "server log files"). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:

Our visited website
Date and time at the time of access
Amount of data sent in bytes
Source/referral from which you accessed the site
Used browser
Used operating system
Used IP address (if applicable: in anonymized form)

The processing is carried out according to Art. 6 para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. No transfer or other use of the data takes place. However, we reserve the right to review the server log files afterward if there are concrete indications of unlawful use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the responsible party), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the "https://" prefix and the lock symbol in your browser's address bar.

3) Hosting & Content Delivery Network

Cloudflare

We use a content delivery network from the following provider: Cloudflare Inc., 101 Townsend St. San Francisco, CA 94107, USA

This service allows us to deliver large media files such as graphics, page content, or scripts faster via a network of regionally distributed servers. The processing is carried out to protect our legitimate interest in improving the stability and functionality of our website according to Art. 6 para. 1 lit. f GDPR. We have concluded a data processing agreement with the provider, which ensures the protection of our site visitors' data and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.

4) Cookies

To make visiting our website attractive and to enable the use of certain functions, we use cookies, which are small text files stored on your device. Some of these cookies are automatically deleted after closing the browser (so-called "session cookies"), while others remain on your device longer and allow the saving of page settings (so-called "persistent cookies"). In the latter case, you can find the storage duration in the overview of your web browser's cookie settings.

If personal data is also processed by individual cookies used by us, processing is carried out according to Art. 6 para. 1 lit. b GDPR either for the performance of the contract, according to Art. 6 para. 1 lit. a GDPR in the case of given consent, or according to Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the site visit.

You can set your browser so that you are informed about the setting of cookies and decide individually on their acceptance or exclude the acceptance of cookies for certain cases or in general.

Please note that if cookies are not accepted, the functionality of our website may be limited.

5) Contact

5.1 Zendesk

This website uses a live chat system from the following provider: Zendesk International Ltd., 55 Charlemont Place, Saint Kevin's, Dublin D02 F985, Ireland

The processing of personal data transmitted via the chat is carried out either according to Art. 6 para. 1 lit. b GDPR because it is necessary for the initiation or performance of the contract, or according to Art. 6 para. 1 lit. f GDPR due to our legitimate interest in the effective support of our site visitors.
Your data transmitted in this way will be deleted subject to contrary statutory retention periods once the relevant matter has been conclusively clarified.

Additionally, for the purpose of creating pseudonymized usage profiles, further information may be collected and evaluated using cookies, which, however, do not serve your personal identification and are not merged with other data sets. If this information contains personal references, processing is carried out according to Art. 6 para. 1 lit. f GDPR based on our legitimate interest in the statistical analysis of user behavior for optimization purposes.

Setting cookies can be prevented by appropriate browser settings. However, the functionality of our website may be limited in this case. You can object to the collection and storage of data for the purpose of creating a pseudonymized usage profile at any time with effect for the future.

We have concluded a data processing agreement with the provider that ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

5.2 Trusted Shops

For review reminders, we use the services of the following provider: Trusted Shops AG, Subbelrather Str. 15c, 50823 Cologne, Germany

Only based on your explicit consent according to Art. 6 para. 1 lit. a GDPR do we transmit your email address and, if applicable, other customer data to the provider so that they can contact you by email with a review reminder.

You can revoke your consent at any time with effect for the future towards us or the provider.

We have concluded a data processing agreement with the provider that ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

5.3 Zendesk

For processing customer inquiries, we use the email ticketing system of the following provider: Zendesk International Ltd., 55 Charlemont Place, Saint Kevin's, Dublin D02 F985, Ireland

If you submit contact inquiries via email through our website, these are stored and organized in the ticket system to enable chronological processing and improve the service experience. You can always view the current status of the processing of your request via the individually assigned ticket number.

For the organization and processing of inquiries, personal data is collected according to the extent of its provision, but at least name, first name, and email address, transmitted to the provider, stored there, and read out.

The legal basis for processing this data is our legitimate interest in the efficient design of our customer service, the fastest possible response to your request, and the optimization of our service offering according to Art. 6 para. 1 lit. f GDPR.

We have concluded a data processing agreement with the provider that ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

5.4 As part of contacting us (e.g., via contact form or email), personal data is processed exclusively for the purpose of handling and responding to your request and only to the extent necessary.

The legal basis for processing this data is our legitimate interest in responding to your request according to Art. 6 para. 1 lit. f GDPR. If your contact is aimed at a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted if the circumstances indicate that the matter concerned has been conclusively clarified and provided no legal retention obligations oppose this.

6) Comment function

As part of the comment function on this website, in addition to your comment, information about the time the comment was created and the commentator name you chose is stored and published on this website. Furthermore, your IP address is logged and stored. This storage of the IP address is for security reasons and in case the affected person violates the rights of third parties or posts unlawful content through a comment. We need your email address to contact you if a third party objects to your published content as unlawful.

Legal bases for storing your data are Art. 6 para. 1 lit. b and f GDPR. We reserve the right to delete comments if they are reported as unlawful by third parties.

7) Data processing when opening a customer account

According to Art. 6 para. 1 lit. b GDPR, personal data will continue to be collected and processed to the extent necessary if you provide it to us when opening a customer account. Which data is required for account opening can be found in the input mask of the corresponding form on our website.

Deletion of your customer account is possible at any time and can be done by sending a message to the above-mentioned address of the responsible party. After deletion of your customer account, your data will be deleted provided that all contracts concluded have been fully processed, no legal retention periods prevent this, and we have no legitimate interest in further storage.

8) Use of customer data for direct advertising

8.1 Registration for our email newsletter

When you sign up for our email newsletter, we regularly send you information about our offers. The only mandatory information for sending the newsletter is your email address. Providing additional data is voluntary and is used to address you personally. For sending the newsletter, we use the so-called double opt-in procedure, which ensures that you only receive newsletters after you have explicitly confirmed your consent to receive the newsletter by clicking a verification link sent to the specified email address.

By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6 para. 1 lit. a GDPR. In doing so, we store the IP address registered by your Internet Service Provider (ISP) as well as the date and time of registration to be able to trace any possible misuse of your email address at a later time. The data collected by us during newsletter registration is used strictly for the intended purpose.

You can unsubscribe from the newsletter at any time via the designated link in the newsletter or by sending a corresponding message to the responsible party named above. After unsubscribing, your email address will be deleted from our newsletter distribution list immediately, unless you have explicitly consented to further use of your data or we reserve the right to use the data beyond this, which is legally permitted and about which we inform you in this declaration.

8.2 Sending the email newsletter to existing customers

If you have provided us with your email address when purchasing goods or services, we reserve the right to regularly send you offers for similar goods or services from our range by email, similar to those already purchased. For this purpose, we do not need to obtain separate consent from you in accordance with § 7 para. 3 UWG. The data processing is therefore based solely on our legitimate interest in personalized direct advertising pursuant to Art. 6 para. 1 lit. f GDPR. If you initially objected to the use of your email address for this purpose, no emails will be sent by us.

You have the right to object to the use of your e-mail address for the aforementioned advertising purpose at any time with effect for the future by sending a message to the responsible party named at the beginning. Only transmission costs according to the basic rates will be charged to you. After receipt of your objection, the use of your e-mail address for advertising purposes will be discontinued immediately.

8.3 MailChimp

The dispatch of our e-mail newsletters is carried out via this provider: The Rocket Science Group, LLC d/b/a MailChimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA

Based on our legitimate interest in effective and user-friendly newsletter marketing, we pass on the data you provide when registering for the newsletter in accordance with Art. 6 para. 1 lit. f DSGVO to this provider so that they can carry out the newsletter dispatch on our behalf.

Subject to your explicit consent according to Art. 6 para. 1 lit. a DSGVO, the provider also conducts a statistical success evaluation of newsletter campaigns using web beacons or tracking pixels in the sent e-mails, which can measure open rates and specific interactions with the newsletter content. Device information (e.g., time of access, IP address, browser type, and operating system) is also collected and evaluated but not merged with other data sets.

You can revoke your consent to newsletter tracking at any time with effect for the future.

We have concluded a data processing agreement with the provider that protects the data of our site visitors and prohibits passing it on to third parties.

8.4 Shopping cart reminders by e-mail

In case you abandon your purchase with us before completing the order, you have the option to be reminded once by e-mail of the contents of your virtual shopping cart.

The only mandatory information for sending this reminder is your e-mail address. Providing additional data is voluntary and may be used to address you personally. For sending the mail, we use the so-called double opt-in procedure, which ensures that you only receive a notification after you have explicitly confirmed your consent by clicking a verification link sent to the specified e-mail address.

By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6 para. 1 lit. a DSGVO for sending a shopping cart reminder. In doing so, we store your IP address registered by the Internet Service Provider (ISP) as well as the date and time of registration to be able to trace any possible misuse of your e-mail address at a later time. The data collected by us when registering for our e-mail notification service is used strictly for the intended purpose.

You can unsubscribe from the shopping cart reminders at any time by sending a corresponding message to the responsible party named at the beginning. After deregistration, your email address will be deleted immediately from our distribution list set up for this purpose, unless you have explicitly consented to further use of your data or we reserve the right to use data beyond this, which is legally permitted and about which we inform you in this declaration.

9) Data processing for order processing

9.1 To the extent necessary for contract processing for delivery and payment purposes, the personal data collected by us are forwarded in accordance with Art. 6 para. 1 lit. b GDPR to the commissioned transport company and the commissioned credit institution.

If, based on a corresponding contract, we owe you updates for goods with digital elements or for digital products, we process the contact data you provided during the order (name, address, email address) to inform you personally about upcoming updates within the legally prescribed period via suitable communication channels (such as by post or email) in accordance with our legal information obligations under Art. 6 para. 1 lit. c GDPR. Your contact data is used strictly for the purpose of notifications about updates owed by us and is only processed by us to the extent necessary for the respective information.

For the processing of your order, we also cooperate with the following service provider(s) who support us wholly or partly in the execution of concluded contracts. Certain personal data are transmitted to these service providers in accordance with the following information.

9.2 Disclosure of personal data to shipping service providers

- DHL

As a transport service provider, we use the following provider: DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn, Germany

We forward your email address and/or phone number in accordance with Art. 6 para. 1 lit. a GDPR before delivery of the goods for the purpose of coordinating a delivery date or for delivery notification to the provider, provided you have given your explicit consent for this in the ordering process. Otherwise, for the purpose of delivery in accordance with Art. 6 para. 1 lit. b GDPR, we only forward the recipient's name and delivery address to the provider. The forwarding only takes place insofar as it is necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the provider or delivery notification is not possible.

Consent can be revoked at any time with effect for the future towards the responsible party named above or towards the provider.

9.3 Use of payment service providers (payment services)

- Amazon Pay

One or more online payment methods from the following provider are available on this website: Amazon Payments Europe s.c.a., 38 avenue J.F. Kennedy, L-1855 Luxembourg

When selecting a payment method from the provider where you pay in advance (such as credit card payment), your payment data provided during the order process (including name, address, bank and card information, currency, and transaction number) as well as information about the content of your order are passed on to them in accordance with Art. 6 para. 1 lit. b GDPR. The transfer of your data in this case is exclusively for the purpose of payment processing with the provider and only to the extent necessary for this purpose.
- Apple Pay

If you choose the payment method "Apple Pay" from Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, the payment processing is carried out via the "Apple Pay" function of your device running iOS, watchOS, or macOS by charging a payment card stored in "Apple Pay." Apple Pay uses security features integrated into your device's hardware and software to protect your transactions. To authorize a payment, you must enter a code previously set by you and verify it using the "Face ID" or "Touch ID" function of your device.

For the purpose of payment processing, the information you provide during the order process along with your order information is transmitted to Apple in encrypted form. Apple then re-encrypts this data with a developer-specific key before transmitting the data to the payment service provider of the payment card stored in Apple Pay to carry out the payment. The encryption ensures that only the website through which the purchase was made can access the payment data. After the payment is made, Apple sends your device account number and a transaction-specific, dynamic security code to the originating website to confirm the payment success.

If personal data is processed in the described transmissions, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 para. 1 lit. b GDPR.

Apple retains anonymized transaction data, including the approximate purchase amount, approximate date and time, and whether the transaction was successfully completed. Anonymization completely excludes any personal reference. Apple uses the anonymized data to improve "Apple Pay" and other Apple products and services.

When you use Apple Pay on the iPhone or Apple Watch to complete a purchase you made via Safari on the Mac, the Mac and the authorization device communicate over an encrypted channel on Apple's servers. Apple does not process or store any of this information in a format that can identify you. You can disable the ability to use Apple Pay on your Mac in your iPhone settings. Go to "Wallet & Apple Pay" and turn off "Allow Payments on Mac".

For more information on data protection with Apple Pay, please visit the following website: https://support.apple.com/de-de/HT203027
- bancontact

One or more online payment methods from the following provider are available on this website: Bancontact Payconiq Company, Rue d'Arlon 82, 1040 Brussels, Belgium

One or more online payment methods from the following provider are available on this website: PSA Payment Services Austria GmbH, Handelskai 92, Gate 2, 1200 Vienna, Austria

One or more online payment methods from the following provider are available on this website: paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main, Germany

If you choose the payment method “Google Pay” of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), the payment processing is carried out via the “Google Pay” application on your mobile device running at least Android 4.4 (“KitKat”) and equipped with an NFC function by charging a payment card stored in Google Pay or a verified payment system there (e.g., PayPal). To authorize a payment via Google Pay exceeding €25, you must first unlock your mobile device using the configured verification method (such as facial recognition, password, fingerprint, or pattern).

For the purpose of payment processing, the information you provide during the ordering process along with the information about your order is passed on to Google. Google then transmits your payment information stored in Google Pay in the form of a one-time transaction number to the originating website, which verifies a completed payment. This transaction number contains no information about the real payment data of your payment methods stored in Google Pay but is created and transmitted as a one-time valid numeric token. For all transactions via Google Pay, Google acts solely as an intermediary to process the payment. The transaction is conducted exclusively between the user and the originating website by charging the payment method stored in Google Pay.

If personal data is processed in the described transmissions, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 para. 1 lit. b GDPR.

Google reserves the right to collect, store, and analyze certain transaction-specific information for every transaction made via Google Pay. This includes the date, time, and amount of the transaction, merchant location and description, a description of the purchased goods or services provided by the merchant, photos you attached to the transaction, the name and email address of the seller and buyer or sender and recipient, the payment method used, your description of the reason for the transaction, and, if applicable, the offer associated with the transaction.

According to Google, this processing is carried out exclusively in accordance with Art. 6 para. 1 lit. f DSGVO based on the legitimate interest in proper invoicing, verification of transaction data, and optimization and maintenance of the Google Pay service.

Google also reserves the right to combine the processed transaction data with other information collected and stored by Google when using other Google services.

The terms of use of Google Pay can be found here:

https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=googlepaytos&ldl=de
Further information on data protection at Google Pay can be found at the following internet address:
https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de
- Klarna

One or more online payment methods from the following provider are available on this website: Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden

When selecting a payment method where the provider advances payment (such as invoice or installment purchase or direct debit), you will also be asked during the ordering process to provide certain personal data (first and last name, street, house number, postal code, city, date of birth, email address, telephone number, if applicable data on an alternative payment method).

To protect our legitimate interest in determining the creditworthiness of our customers, these data are forwarded by us to the provider for the purpose of a credit check in accordance with Art. 6 para. 1 lit. f GDPR. The provider checks, based on the personal data you have provided as well as other data (such as shopping cart, invoice amount, order history, payment experiences), whether the payment method you selected can be granted with regard to payment and/or default risks.

In addition to internal provider criteria, identity and credit information from the following credit agencies may also be included in the decision within the scope of the application review in accordance with Art. 6 para. 1 lit. f DSGVO:

https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies

You can object to the processing of your data at any time by sending a message to us or to the provider. However, the provider may still be entitled to process your personal data if this is necessary for the contractual payment processing.
- Mollie

One or more online payment methods from the following provider are available on this website: Mollie B.V., Keizersgracht 313, 1016 EE Amsterdam, Netherlands

One or more online payment methods from the following provider are available on this website: PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg

When selecting a payment method of the provider for which you advance payment, your payment data provided during the ordering process (including name, address, bank and card information, currency and transaction number) as well as information about the content of your order are passed on to them in accordance with Art. 6 para. 1 lit. b DSGVO. The transfer of your data in this case is exclusively for the purpose of payment processing with the provider and only to the extent necessary for this purpose.

When selecting a payment method for which we advance payment, you will also be asked during the ordering process to provide certain personal data (first and last name, street, house number, postal code, city, date of birth, email address, telephone number, if applicable data for an alternative payment method).

In order to protect our legitimate interest in determining your creditworthiness in such cases, this data is forwarded by us to the provider for the purpose of a credit check in accordance with Art. 6 para. 1 lit. f DSGVO. The provider checks, based on the personal data you have provided as well as other data (such as shopping cart, invoice amount, order history, payment experiences), whether the payment method you have selected can be granted with regard to payment and/or default risks.

This website uses PayPal Checkout, an online payment system from PayPal, which consists of PayPal's own payment methods and local payment methods from third-party providers.

When paying via PayPal, credit card via PayPal, direct debit via PayPal, or – if offered – "Pay Later" via PayPal, we forward your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") as part of the payment processing. The transfer is made pursuant to Art. 6 para. 1 lit. b GDPR and only to the extent necessary for payment processing.

PayPal reserves the right to conduct a credit check for the payment methods credit card via PayPal, direct debit via PayPal, or – if offered – "Pay Later" via PayPal. For this purpose, your payment data may be forwarded to credit agencies based on PayPal's legitimate interest in determining your creditworthiness pursuant to Art. 6 para. 1 lit. f GDPR. The result of the credit check regarding the statistical probability of default is used by PayPal to decide on the provision of the respective payment method. The credit report may contain probability values (so-called score values). Where score values are included in the credit report result, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, among other things but not exclusively, address data. You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for contract-compliant payment processing.

When selecting the PayPal payment method "Invoice Purchase," your payment data is initially transmitted to PayPal to prepare the payment, after which PayPal forwards it to Ratepay GmbH, Franklinstraße 28-29, 10587 Berlin ("Ratepay") to carry out the payment. The legal basis is Art. 6 para. 1 lit. b GDPR. In this case, RatePay conducts an identity and credit check in its own name to determine creditworthiness according to the principle mentioned above and forwards your payment data to credit agencies based on the legitimate interest in determining creditworthiness pursuant to Art. 6 para. 1 lit. f GDPR. A list of the credit agencies Ratepay can access can be found here: https://www.ratepay.com/legal-payment-creditagencies/

When using the payment method of a local third party, your payment data will first be passed on to PayPal for payment preparation in accordance with Art. 6 para. 1 lit. b GDPR. Depending on your selection of an available local payment method, PayPal will then transmit your payment data to the respective provider for the execution of the payment in accordance with Art. 6 para. 1 lit. b GDPR:
- Sofort (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany)
- iDeal (Currence Holding BV, Beethovenstraat 300 Amsterdam, Netherlands)
- giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main
- bancontact (Bancontact Payconiq Company, Rue d'Arlon 82, 1040 Brussels, Belgium)
- blik (Polski Standard Płatności sp. z o.o., ul. Czerniakowska 87A, 00-718 Warsaw, Poland)
- eps (PSA Payment Services Austria GmbH, Handelskai 92, Gate 2
1200 Vienna, Austria)
- MyBank (PRETA S.A.S, 40 Rue de Courcelles, F-75008 Paris, France)
- Przelewy24 (PayPro SA, Kanclerska 15A, 60-326 Poznań, Poland)
For further data protection information, please refer to PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
- SOFORT

One or more online payment methods from the following provider are available on this website: SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany

One or more online payment methods from the following provider are available on this website: Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland

9.4 Credit check

If we advance payment (e.g., delivery on account), we reserve the right to carry out a credit check based on mathematical-statistical procedures in order to protect our legitimate interest in determining the creditworthiness of our customers. The personal data necessary for a credit check will be transmitted by us in accordance with Art. 6 para. 1 lit. f GDPR to the following service provider:

Allgemeiner Debitoren- und Inkassodienst GmbH

The credit report may contain probability values (so-called score values). As far as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, among other things but not exclusively, address data. We use the result of the credit check regarding the statistical probability of default for the purpose of deciding on the establishment, execution, or termination of a contractual relationship.
You can object to the processing of your data at any time by sending a message to the person responsible for data processing or to the aforementioned credit agency. However, we may still be entitled to process your personal data if this is necessary for the contractual payment processing.

9.5 We reserve the right to forward your data to the debt collection service provider Creditreform if our payment claim has not been settled despite prior reminder. In this case, the claim will be collected directly by the debt collection service provider.

The transfer of your data serves the fulfillment of the contract according to Art. 6 para. 1 sentence 1 lit. b GDPR as well as the protection of our overriding legitimate interests within the framework of a balancing of interests for the effective assertion or enforcement of our payment claim according to Art. 6 para. 1 sentence 1 lit. f GDPR.

10) Online Marketing

10.1 ADCELL Partner Program

We participate in the affiliate program of the following provider: Firstlead GmbH, Rosenfelder St. 15-16, 10315 Berlin, Germany

In this context, we have placed links on our website that lead to offers on the provider's or third parties' websites ("partner sites").

To measure the success of an affiliate link, to evaluate orders generated via such a link, and to settle commission payments accordingly, the provider uses cookies and/or comparable technologies, which are generally set on the partner sites and for which we are not responsible under data protection law. In this context, the provider regularly also processes the IP address and possibly other device information.

All the above-described processing, especially reading or storing information on the device you use, only takes place if you have given your explicit consent for this in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your once given consent at any time with effect for the future by using the cookie consent management options on the partner sites.

10.2 AWIN Performance Advertising Network

We participate in the affiliate program of the following provider: AWIN AG, Eichhornstraße 3, 10785 Berlin, Germany

In this context, we have placed links on our website that lead to offers on the provider's or third parties' websites ("partner sites").

10.3 Sovendus Sales

For our voucher offers, we use the services of the following provider: Sovendus GmbH, Hermann-Veit-Str. 6, 76135 Karlsruhe, Germany

The provider operates a voucher network through which participating partner shops can post vouchers and distribute them to their customers. For this purpose, your data necessary for issuing your voucher is forwarded by us to the provider in encrypted form. The data is only forwarded to the provider if you have completed your purchase and clicked on the voucher banner. The transfer of this data serves exclusively to pre-fill the fields for voucher issuance.

The described processing of data is carried out in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in advertising addressed to you by advertising third parties, from whose benefits you can profit by using the vouchers.

11) Web analytics services

11.1 Google Analytics 4

This website uses Google Analytics 4, a web analytics service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), which enables an analysis of your use of our website.

By default, when visiting the website, Google Analytics 4 sets cookies, which are small text files stored on your device and collect certain information. This information also includes your IP address, which is shortened by Google by the last digits to exclude direct personal identification.

The information is transmitted to Google servers and further processed there. Transfers to Google LLC based in the USA are also possible.

Google uses the collected information on our behalf to evaluate your use of the website, compile reports about website activities for us, and provide other services related to website and internet usage. The truncated IP address transmitted by your browser within Google Analytics is not merged with other Google data. The data collected during the use of Google Analytics 4 is stored for a period of two months and then deleted.

All the processing described above, especially the setting of cookies on the device used, only takes place if you have given us your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR.
Without your consent, the use of Google Analytics 4 during your site visit will not take place. You can revoke your given consent at any time with effect for the future. To exercise your right of withdrawal, please deactivate this service via the "Cookie Consent Tool" provided on the website.

We have concluded a data processing agreement with Google that ensures the protection of our site visitors' data and prohibits unauthorized disclosure to third parties.

Further legal information about Google Analytics 4 can be found at https://policies.google.com/privacy?hl=de&gl=de and at https://policies.google.com/technologies/partner-sites

Demographic Characteristics
Google Analytics 4 uses the special feature "demographic characteristics" and can create statistics that provide information about the age, gender, and interests of site visitors. This is done by analyzing advertising and information from third parties. This allows target groups for marketing activities to be identified. However, the collected data cannot be assigned to any specific person and is deleted after being stored for a period of two months.

Google Signals
As an extension to Google Analytics 4, Google Signals can be used on this website to create cross-device reports. If you have enabled personalized ads and linked your devices to your Google account, Google, subject to your consent to the use of Google Analytics according to Art. 6 para. 1 lit. a GDPR, can analyze your usage behavior across devices and create database models, including for cross-device conversions. We do not receive any personal data from Google, only statistics. If you want to stop cross-device analysis, you can disable the "Personalized Ads" feature in your Google account settings. Follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=de More information about Google Signals can be found at the following link: https://support.google.com/analytics/answer/7532985?hl=de

UserIDs
As an extension to Google Analytics 4, the "UserIDs" function can be used on this website. If you have consented to the use of Google Analytics 4 according to Art. 6 para. 1 lit. a GDPR, have set up an account on this website, and log in with this account on different devices, your activities, including conversions, can be analyzed across devices.

11.2 Cloudflare Web Analytics

This website uses the web analytics service of the following provider: Cloudflare, Inc., 101 Townsend St. San Francisco, CA 94107, USA

Using cookies and/or comparable technologies (tracking pixels, web beacons, algorithms to read device and browser information), the service collects and stores pseudonymized visitor data, including information about the device used such as IP address and browser information, to evaluate it for statistical analyses of user behavior on our website and to create pseudonymized usage profiles. Among other things, this allows the evaluation of movement patterns (so-called heatmaps), which show the duration of page visits as well as interactions with page content (e.g., text entries, scrolling, clicks, and mouse-overs). The pseudonymization generally excludes direct personal reference. No merging with clear data collected in other ways about you takes place.

All the processing described above, especially reading or storing information on the device used, is only carried out if you have given us your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by disabling this service in the "Cookie Consent Tool" provided on the website.

We have concluded a data processing agreement with the provider that ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

11.3 Google Tag Manager

This website uses "Google Tag Manager", a service of the following provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: "Google").

Google Tag Manager provides a technical foundation to bundle various web applications, including tracking and analytics services, and to calibrate, control, and link them to conditions via a unified user interface. Google Tag Manager itself does not store any information on user devices or read such information. The service also does not perform independent data analyses. However, Google Tag Manager transmits your IP address to Google upon page request and may store it there. Transmission to servers of Google LLC in the USA is also possible.

This processing is only carried out if you have given us your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR. Without this consent, the use of Google Tag Manager during your visit to the site will not take place. You can revoke your given consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the "Cookie Consent Tool" provided on the website.

We have concluded a data processing agreement with the provider that ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

12) Retargeting/Remarketing and Conversion Tracking

12.1 Facebook Pixel for creating Custom Audiences with extended data matching (with cookie consent tool)

Within our online offering, we use the "Facebook Pixel" service of the following provider in extended data matching mode: Meta Platforms Ireland Limited, 4 Grand Canal Quare, Dublin 2, Ireland ("Facebook")

When a user clicks on an ad we placed on Facebook, the URL of our linked page is extended by a parameter using "Facebook Pixel." This URL parameter is then entered into the user's browser after redirection by a cookie set by our linked page itself. In addition, this cookie collects specific customer data such as the email address, which we collect on our website linked to the Facebook ad during actions like purchases, account registrations, or sign-ups (extended data matching). The cookie is then read and enables the transmission of data including the specific customer data to Facebook.

We use "Facebook Pixel" with extended data matching to make our Facebook ads (so-called Facebook-Ads") more effective and to ensure that they correspond to users' interests or have certain characteristics (e.g., interests in specific topics or products determined by the visited websites) that we transmit to Facebook (so-called "Custom Audiences").

In addition, we analyze the effectiveness of our advertisements by tracking whether users are redirected to our website after clicking on an ad (conversion). Compared to the standard version of "Facebook Pixel," the extended data matching feature helps us better measure the effectiveness of our advertising campaigns by capturing more attributed conversions.

All transmitted data is stored and processed by Facebook so that it can be assigned to the respective user profile and Facebook can use the data for its own advertising purposes in accordance with Facebook's data use policies (https://www.facebook.com/about/privacy/). The data may enable Facebook and its partners to display ads on and off Facebook.

All processing described above, especially setting cookies to read information on the device used, is only carried out if you have given us your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your given consent at any time with effect for the future by disabling this service in the “Cookie Consent Tool” provided on the website.

We have concluded a data processing agreement with the provider that ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

The information generated by Facebook is usually transmitted to a Facebook server and stored there; in this context, transmission to servers of Meta Platforms Inc. in the USA may also occur.

12.2 idealo Performance Tracking

We use tracking technology from Ingenious Technologies AG, Französische Straße 48, 10117 Berlin, to establish the connection between a user's click on an advertising medium or an impression of an advertising medium (touch-point) and an action by you (e.g., a purchase in the online shop or a newsletter registration). At each touch-point, your browser sends an HTTP request to the Ingenious server, transmitting certain information.

This information includes the URL of the webpage where the advertising medium is placed (referrer URL), the browser identification (user agent) of the device (including information about the device type and operating system), the IP address of the device (this IP address is anonymized by Ingenious before storage), HTTP headers (data packets automatically transmitted by your browser with various technical information), the time of the request, and, if previously stored on the device, the cookie with its entire content.

A cookie is a small data packet exchanged between your browser and the server. This data packet can store and transmit information relevant to the web application, e.g., the contents of a virtual shopping cart.

The tracking technology stores cookies on your device to document actions. The cookie stores information about the last touch-points (i.e., when a specific advertising medium was displayed or clicked from a device). Additionally, a cookie ID generated by Ingenious is stored in the cookie. Ingenious stores data about the touch-points and information about your actions linked to this cookie ID. The stored touch-points can possibly be combined into a sequence chain (user journey).

In an action request, the order number and the cart value of your order are usually also transmitted and stored by Ingenious. Additionally, the following values can be transmitted and stored: your customer number, new customer attribute, your age and gender, as well as the information you provided in a customer survey.

The information transmitted to Ingenious and the cookies serve exclusively the purpose of correctly attributing the success of an advertising medium and the corresponding billing.

Collecting and processing tracking data can alternatively also be disabled by accessing the tracking opt-out page named below:

https://marketing.net.idealo-partner.com/ts/i5040718/tsv?settrackingoptout

When the tracking opt-out page is accessed, a special cookie is written, which disables tracking in the current web browser of the device. However, tracking will be reactivated as soon as you delete the tracking opt-out cookie.

We inform you below about which cookies are specifically used by our tracking technology:

The cookie named "tsv" is written when an advertising medium is displayed. This cookie contains a cookie ID and a list of data about the last view touch points, consisting of time, referrer URL, and Admedia code (unique identification of an advertising medium, which includes information about the distribution channel, publisher, publisher's website, and advertising medium).

The cookie named "tsc" is written when an advertising medium is clicked. This cookie contains a cookie ID and a list of data about the last click touch points, consisting of time, referrer URL, page ID in the customer's shop system, and Admedia code (unique identification of an advertising medium, which includes information about the distribution channel, publisher, publisher's website, and advertising medium).

The cookie named "trackingoptout" is written when the opt-out link is clicked, so that tracking is disabled for the current web browser of this device.

12.3 Getback

This website uses retargeting technology from the following provider: adfocus GmbH, Theilerstrasse 7, 6300 Zug, Switzerland

This allows visitors to our websites to be specifically targeted with personalized, interest-based advertising, who have already shown interest in our shop and our products. The display of advertising media is based on a cookie-based analysis of past and current usage behavior, but no personal data is stored. In cases of retargeting technology, a cookie is stored on your computer or mobile device to collect pseudonymized data about your interests and thus tailor the advertising individually to the stored information. These cookies are small text files stored on your computer or mobile device. This way, you are shown advertising that is highly likely to correspond to your product and information interests.

All the processing described above, especially the setting of cookies to read information on the device used, is only carried out if you have given us your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR. Without this consent, the use of retargeting technology during your visit to the site will not take place.

You can revoke your given consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the "Cookie-Consent-Tool" provided on the website.

When data is transferred to the provider's location, an adequate level of data protection is ensured by an adequacy decision of the European Commission.

12.4 Microsoft Advertising

This website uses retargeting technology from the following provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA

You can revoke your given consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the "Cookie-Consent-Tool" provided on the website.

12.5 billiger.de Sales Tracking

This website uses the conversion tracking technology of the following provider: solute.de GmbH, Zeppelinstraße 15, D-76185 Karlsruhe, Germany

If you have reached our website from an advertisement on the provider's domain, the success of the advertisement can be tracked using cookies and/or comparable technologies (tracking pixels, web beacons, pings or HTTP requests).

For this purpose, certain device and browser information, including possibly your IP address, is read out via the tracking technology to record and evaluate predefined user actions by us (e.g., completed transactions, leads, search queries on the website, product page views). This enables the creation of statistics about usage behavior on our website after referral from an advertisement, which serve us to optimize our offer.

We have concluded a data processing agreement with the provider that ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

12.6 Google Ads Conversion Tracking

This website uses the online advertising program "Google Ads" and, within the framework of Google Ads, the conversion tracking of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

We use the Google Ads service to draw attention to our attractive offers on external websites using advertising materials (so-called Google Adwords). We can determine the success of individual advertising measures in relation to the data of the advertising campaigns. Our goal is to show you advertisements that are of interest to you, to make our website more interesting for you, and to achieve a fair calculation of the advertising costs incurred.

The cookie for conversion tracking is set when a user clicks on an ad placed by Google Ads. Cookies are small text files stored on your device. These cookies usually expire after 30 days and are not used for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Therefore, cookies cannot be tracked across the websites of Google Ads customers. The information collected using the conversion cookie is used to create conversion statistics for Google Ads customers who have opted for conversion tracking. The customers learn the total number of users who clicked on their ad and were redirected to a page tagged with conversion tracking. However, they do not receive any information that would allow personal identification of users.

In the context of using Google Ads, there may also be a transmission of personal data to the servers of Google LLC in the USA.

Details about the processing triggered by Google Ads Conversion Tracking and Google's handling of data from websites can be found here: https://policies.google.com/technologies/partner-sites

You can also permanently object to the setting of cookies by Google Ads Conversion Tracking by downloading and installing the browser plug-in available at the following link:
https://www.google.com/settings/ads/plugin?hl=de

To address users whose data we have received in the context of business or business-like relationships in a more interest-oriented advertising manner, we use a customer matching function within Google Ads. For this purpose, we transmit one or more files with aggregated customer data (mainly email addresses and phone numbers) electronically to Google. Google does not gain access to clear data but automatically encrypts the information in the customer files during the transmission process using a special algorithm. The encrypted information can then only be used by Google to assign it to existing Google accounts set up by the affected individuals. This enables the delivery of personalized advertising across all Google services linked to the respective Google account.

The transmission of customer data to Google only takes place if you have given us your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke this consent at any time with effect for the future. More information about Google's data protection measures regarding the customer matching function can be found here: https://support.google.com/google-ads/answer/6334160?hl=de&ref_topic=10550182
Google's privacy policy can be viewed here: https://www.google.de/policies/privacy/

12.7 Kelkoo Sales Tracking

This website uses the conversion tracking technology of the following provider: Kelkoo Group, Parc Sud Galaxie, 6 rue des Méridiens, 38130 Échirolles, France

We have concluded a data processing agreement with the provider that ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

12.8 shopping24 Conversion Tracking

This website uses the conversion tracking technology of the following provider: shopping24 Gesellschaft für multimediale Anwendungen mbH, Poßmoorweg 2
22301 Hamburg, Germany

We have concluded a data processing agreement with the provider that ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

13) Page functionalities

13.1 EHI Test Seal Widget

Our website includes graphic elements from the following provider to display external customer reviews and/or an externally awarded quality seal: EHI Retail Institute GmbH, Spichernstraße 55, 50672 Köln, Germany

When you visit a page of our website that contains such graphic elements, your browser establishes a direct connection to the provider's servers to properly load the elements. Certain browser information, including your IP address, is transmitted to the provider in the process.

If personal data is also processed in the process, this is done in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in the optimal marketing of our offer and the appealing design of our website.

13.2 idealo Logo

Our website includes graphic elements from the following provider to display external customer reviews and/or an externally awarded quality seal: idealo internet GmbH, Zimmerstraße 50, 10888 Berlin, Germany

13.3 Trustami Trust Seal

Our website includes graphic elements from the following provider to display external customer reviews and/or an externally awarded quality seal: Trustami GmbH, Schröderstraße 5, 10115 Berlin, Germany

13.4 Trusted Shops Trustbadge

Our website includes graphic elements from the following provider to display external customer reviews and/or an externally awarded quality seal: Trusted Shops AG, Subbelrather Str. 15C, 50823 Köln, Germany

14) Tools and Miscellaneous

14.1 Cookie-Consent-Tool

This website uses a so-called “Cookie-Consent-Tool” to obtain effective user consents for cookies requiring consent and cookie-based applications. The “Cookie-Consent-Tool” is displayed to users upon page access in the form of an interactive user interface, where consents for certain cookies and/or cookie-based applications can be granted by ticking checkboxes. By using the tool, all cookies/services requiring consent are only loaded if the respective user has given the corresponding consent by ticking the checkbox. This ensures that such cookies are only set on the user's respective device if consent has been given.

The tool sets technically necessary cookies to save your cookie preferences. Personal user data is generally not processed in this context.

If, in individual cases, the processing of personal data (such as the IP address) occurs for the purpose of storing, assigning, or logging cookie settings, this is done in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in a legally compliant, user-specific, and user-friendly consent management for cookies and thus in a legally compliant design of our internet presence.

Another legal basis for the processing is also Art. 6 para. 1 lit. c GDPR. As controllers, we are legally obliged to make the use of technically unnecessary cookies dependent on the respective user consent.

Where necessary, we have concluded a data processing agreement with the provider that ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

Further information about the operator and the configuration options of the Cookie-Consent-Tool can be found directly in the corresponding user interface on our website.

14.2 Cloudflare

For security purposes, this website uses the service of the following provider: Cloudflare, Inc., 101 Townsend St. San Francisco, CA 94107, USA

The provider protects the website and the associated IT infrastructure from unauthorized third-party access, cyberattacks, as well as from viruses and malware. The provider collects the IP addresses of users as well as, if applicable, further data about your behavior on our website (in particular accessed URLs and header information) to detect and prevent illegitimate site accesses and threats. The collected IP address is compared with a list of known attackers. If the collected IP address is recognized as a security risk, the provider can automatically block it from accessing the site. The information collected in this way is transmitted to a server of the provider and stored there.

The described data processing is carried out pursuant to Art. 6 para. 1 lit. f GDPR based on our legitimate interests in protecting the website against harmful cyber-attacks and in maintaining the structural and data integrity and security.

We have concluded a data processing agreement with the provider that ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

14.3 FINDOLOGIC

This website uses the search technology service of the following provider: FINDOLOGIC GmbH, Jakob-Haringer-Straße 5a, 5020 Salzburg, Austria

For providing the search function for articles via the search field and for navigation and filters, the provider collects and stores certain user information (such as the user or session ID) in anonymized form.

If personal data is also processed in this context, the processing is carried out pursuant to Art. 6 para. 1 lit. f GDPR based on our legitimate interest in providing a fault-tolerant search for articles and thus in optimal marketing of our offer.

15) Rights of the data subject

15.1 The applicable data protection law grants you the following data subject rights (rights to information and intervention) vis-à-vis the controller regarding the processing of your personal data, whereby the respective legal basis for exercising these rights is referred to:

Right of access pursuant to Art. 15 GDPR;
Right to rectification pursuant to Art. 16 GDPR;
Right to deletion pursuant to Art. 17 GDPR;
Right to restriction of processing pursuant to Art. 18 GDPR;
Right to information pursuant to Art. 19 GDPR;
Right to data portability pursuant to Art. 20 GDPR;
Right to withdraw given consents pursuant to Art. 7 para. 3 GDPR;
Right to lodge a complaint pursuant to Art. 77 GDPR.

15.2 RIGHT TO OBJECT

IF WE PROCESS YOUR PERSONAL DATA BASED ON OUR LEGITIMATE INTERESTS WITHIN THE SCOPE OF A BALANCE OF INTERESTS, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE AFFECTED DATA. HOWEVER, FURTHER PROCESSING IS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS, AND FUNDAMENTAL FREEDOMS, OR IF THE PROCESSING SERVES THE ASSERTION, EXERCISE, OR DEFENSE OF LEGAL CLAIMS.

IF YOUR PERSONAL DATA IS PROCESSED BY US TO CONDUCT DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR SUCH MARKETING PURPOSES. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE AFFECTED DATA FOR DIRECT MARKETING PURPOSES.

16) Duration of storage of personal data

The duration of the storage of personal data is determined based on the respective legal basis, the processing purpose, and – if applicable – additionally based on the respective statutory retention period (e.g., commercial and tax law retention periods).

When processing personal data based on an explicit consent according to Art. 6 para. 1 lit. a GDPR, the affected data will be stored as long as you revoke your consent.

If there are statutory retention periods for data processed within the framework of contractual or contract-like obligations based on Art. 6 para. 1 lit. b GDPR, these data will be routinely deleted after the expiration of the retention periods, provided they are no longer required for contract fulfillment or contract initiation and/or we no longer have a legitimate interest in further storage.

When processing personal data based on Art. 6 para. 1 lit. f GDPR, these data will be stored as long as you exercise your right to object under Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves the assertion, exercise, or defense of legal claims.

When processing personal data for the purpose of direct advertising based on Art. 6 para. 1 lit. f GDPR, these data will be stored as long as you exercise your right to object under Art. 21 para. 2 GDPR.

Unless otherwise specified by the other information in this declaration regarding specific processing situations, stored personal data will otherwise be deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.