We are forced by law (and lawyers) to provide these long texts that no one will read, but since we believe data privacy is important we will provide a simple version for the normal person:
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.
Unless stated otherwise below, the provision of your personal data is neither legally nor contractually obligatory, nor required for conclusion of a contract. You are not obliged to provide your data. Not providing it will have no consequences. This only applies as long as the processing procedures below do not state otherwise.
“Personal data” is any information relating to an identified or identifiable natural person.
Server log files
You can use our websites without submitting personal data.
Every time our website is accessed, user data is transferred to us or our web hosts/IT service providers by your internet browser and stored in server log files. This stored data includes for example the name of the site called up, date and time of the request, the IP address, amount of data transferred and the provider making the request. The processing is carried out on the basis of Article 6(1) f) GDPR due to our legitimate interests in ensuring the smooth operation of our website as well as improving our services.
Responsible person
Contact us at any time. The person responsible for data processing is:
SevenShift GmbH
Im Mediapark 5
50670 Cologne Germany
Phone: +49 221 952 609 12
Email: info@bunkai.io
Web: https://bunkai.io and https://sevenshift.de
Proactive contact of the customer by e-mail
If you make contact with us proactively via email, we shall collect your personal data (name, email address, message text) only to the extent provided by you. The purpose of the data processing is to handle and respond to your contact request.
If the initial contact serves to implement pre-contractual measures (e.g. consultation in the case of purchase interest, order creation) or concerns an agreement already concluded between you and us, this data processing takes place on the basis of Article 6(1)(b) GDPR.
If the initial contact occurs for other reasons, this data processing takes place on the basis of Article 6(1)(f) GDPR for the purposes of our overriding, legitimate interest in handling and responding to your request. In this case, on grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you and carried out on the basis of Article 6(1)(f) GDPR.
We will only use your email address to process your request. Your data will subsequently be deleted in compliance with statutory retention periods, unless you have agreed to further processing and use.
Collection and processing when using the contact form
When you use the contact form we will only collect your personal data (name, email address, message text) in the scope provided by you. The data processing is for the purpose of making contact.
If the initial contact serves to implement pre-contractual measures (e.g. consultation in the case of purchase interest, order creation) or concerns an agreement already concluded between you and us, this data processing takes place on the basis of Article 6(1)(b) GDPR. If the initial contact occurs for other reasons, this data processing takes place on the basis of Article 6(1)(f) GDPR for the purposes of our overriding, legitimate interest in handling and responding to your request. In this case, on grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you and carried out on the basis of Article 6(1)(f) GDPR.
We will only use your email address to process your request. Finally your data will be deleted, unless you have agreed to further processing and use.
Collection and processing when using the application form
When using the application form, we collect your personal data only to the extent provided by you. This includes your contact details (e.g., name, e-mail address, telephone number), details of your professional qualifications and training, details of further professional training and performance-specific evidence.
The purpose of this data processing is to contact you and to decide on the establishment of an employment relationship with you. The provision of the data is necessary to carry out the application procedure. The processing of your personal data takes place on the basis of Art. 6 para. 1(b) GDPR in conjunction with Art. 26 para. 1 Federal Data Protection Act (BDSG) for the implementation of pre-contractual measures (undergoing the application procedure as an initiation of the employment contract).
If you have given us permission to process personal data for inclusion in our pool of applicants, e.g., by checking a checkbox, the processing takes place on the basis of Art. 6 para. 1(a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
If specific categories of personal data within the meaning of Art. 9 para. 1 of the GDPR are requested from the applicants, such as information on the degree of severe disability, this is carried out on the basis of Art. 9 para. 2(b) GDPR, so that we can exercise the rights arising from labor law and the social security and social protection legislation and fulfill our obligations in this regard.
We will store your personal data as long as this is necessary for the decision about your application. Your data will then be deleted after six months at the latest, provided that you have not consented to further processing and use. If an employment relationship is established following the application procedure, the data provided will be further processed and then transferred to the personnel file for the purposes of implementing the employment relationship pursuant to Art. 6 para. 1 (b) GDPR in conjunction with Art. 26 Para. 1 of the Federal Data Protection Act (BDSG).
Use of Calendly
We use the appointment booking function “Calendly” from the provider Calendly LLC (BB&T Tower, 271 17th St NW, Atlanta, GA 30363, USA) on our website.
When using this function, we collect and process your personal data (first and last name, email address and telephone number, message text) only to the extent provided by you. The data processing serves the purpose of assigning appointments, as well as improving user friendliness.
Calendly uses technologies such as cookies. The following information, among other things, may be collected and transmitted to Calendly: IP address, date and time of the page view, device model, information about the browser and operating system you are using, as well as the location.
Your data may be transferred to third countries such as the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Calendly has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The processing of your personal data for booking appointments is realised on the basis of Art. 6 Para. 1 Letter b GDPR for the fulfilment of the contract concluded with us, or for the implementation of pre-contractual measures.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more information on data protection and the use of cookies by Calendly at https://calendly.com/privacy .
Customer account
When you open a customer account, we will collect your personal data in the scope given there. The data processing is for the purpose of improving your experience and simplifying order processing. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. Your customer account will then be deleted.
Collection, processing, and transfer of personal data in orders
When you submit an order we only collect and use your personal data insofar as this is necessary for the fulfilment and handling of your order as well as processing of your queries. The provision of data is necessary for conclusion of a contract. Failure to provide it will prevent the conclusion of any contract. The processing will occur on the basis of Article 6(1) b) GDPR and is required for the fulfilment of a contract with you.
Your data will be shared, for example, with shipping companies, dropshipping or fulfillment providers, payment service providers, service providers for order processing, and IT service providers. We will comply strictly with legal requirements in every case. The scope of data transmission is restricted to a minimum.
Advertising
Use of your email address for mailing of newsletters
We use your email address outside of contractual processing exclusively to send you a newsletter for our own marketing purposes, if you have explicitly agreed to this. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal. You can unsubscribe from the newsletter at any time using the relevant link in the newsletter or by contacting us. Your email address will then be removed from the distributor.
Use of Mailchimp
We use the service of Rocket Science Group LLC (675 Ponce de Leon Ave NE, Suite 5000 Atlanta, GA 30308, USA; “Mailchimp”) for newsletter dispatch as part of an order processing.
We pass on the information you provide during the newsletter registration (e-mail address, first and last name, if applicable) to Mailchimp. The data processing serves the purpose of sending the newsletter and its statistical evaluation.
In order to evaluate newsletter campaigns, the newsletters sent contain a 1×1 pixel graphic (tracking pixel) or a tracking link. This enables us to determine whether you have opened the newsletter and whether you have clicked any integrated links. Within this context, we collect your personal data such as IP address, browser type and device as well as the time. A usage profile can be generated from this data under a pseudonym. The data collected will not be used to identify you personally. The collected data is only used for statistical analysis to improve newsletter campaigns.
The data processing serves the purpose of sending the newsletter and its statistical evaluation. Your data is usually transmitted to Mailchimp servers in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Mailchimp is not certified under the TAPF. The data transfer takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de).
The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in a targeted, effective advertising and user-friendly newsletter system. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you.
You can find more information and MailChimp’s privacy policy at: https://mailchimp.com/de/legal/data-processing-addendum/ and https://www.intuit.com/privacy/statement/ .
Use of HubSpot
We use the service of HubSpot Ireland Ltd. (Ground Floor, Two Dockland Central Guild Street, Dublin 1, Ireland; “HubSpot”) for the newsletter dispatch as part of an order processing. HubSpot is an affiliated company of HubSpot, Inc. (25 First Street, Cambridge, MA 02141 USA).
We pass on the information you provide during newsletter registration (e-mail address, first and last name, if applicable) to HubSpot. The data processing serves the purpose of sending the newsletter and its statistical evaluation.
In order to evaluate newsletter campaigns, the newsletters sent contain a 1×1 pixel graphic (tracking pixel) or a tracking link. This enables us to determine whether you have opened the newsletter and whether you have clicked any integrated links. Within this context, we collect your personal data such as IP address, browser type and device as well as the time. A usage profile can be generated from this data under a pseudonym. The data collected will not be used to identify you personally. The collected data is only used for statistical analysis to improve newsletter campaigns.
Your data may be transmitted to HubSpot servers in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). HubSpot has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in a targeted, effective advertising and user-friendly newsletter system. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you.
You can find more information and HubSpot’s privacy policy at: https://legal.hubspot.com/de/privacy-policy .
Payment service providers
Use of the payment service provider Stripe
On our website we use the Stripe payment service of Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland). The data processing serves the purpose of offering you payment via the payment service. By selecting and using Stripe, the data required for payment processing is transmitted to Stripe in order to be able to fulfil the contract with you with of the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If required, Stripe reserves the right to obtain a credit report on the basis of mathematical-statistical procedures using credit rating agencies. For this purpose, Stripe transmits the personal data required for credit assessment to a credit rating agency and uses the obtained information on the statistical probability of payment default in order to reach a reasonable decision on the establishment, implementation or termination of the contractual relationship. The credit report may contain probability values (score values) which are calculated on the basis of scientifically recognised mathematical-statistical methods and include, among other things, address data. Your legitimate interests will be taken into account in accordance with the legal requirements. The data processing serves the purpose of a credit check for contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default if Stripe pays in advance.
For reasons that arise from your particular situation, you have the right to object to the processing of your personal data carried out on the basis of Art. 6 para. 1 lit. f GDPR at any time by notifying Stripe. The provision of the data is necessary for the conclusion of the contract with the payment method of your choice. Failure to provide such data shall mean that the contract cannot be concluded with the payment method you have selected.
All Stripe transactions are subject to Stripe Privacy Policy. You can find these at https://stripe.com/de/privacy
Cookies
Our website uses cookies. Cookies are small text files which are saved in a user’s internet browser or by the user’s internet browser on their computer system. When a user calls up a website, a cookie may be saved on the user’s operating system. This cookie contains a characteristic character string which allows the browser to be clearly identified when the website is called up again.
Cookies will be stored on your computer. You therefore have full control over the use of cookies. By choosing corresponding technical settings in your internet browser, you can be notified before the setting of cookies and you can decide whether to accept this setting in each individual case as well as prevent the storage of cookies and transmission of the data they contain. Cookies which have already been saved may be deleted at any time. We would, however, like to point out that this may prevent you from making full use of all the functions of this website. Using the links below, you can find out how to manage cookies (or deactivate them, among other things) in major browsers: Chrome Browser: https://support.google.com/accounts/answer/61416?hl=en Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09 Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac
technically necessary cookies
Insofar as no other information is given in the data protection declaration below we use only these technically necessary cookies cookies to make our offering more user-friendly, effective and secure. Cookies also allow our systems to recognise your browser after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. These services require the browser to be recognised again after a page change.
The use of cookies or comparable technologies is carried out on the basis of Art. 25 para. 2 TDDDG. Processing is carried out on the basis of art. 6 (1) lit. f GDPR due to our largely justified interest in ensuring the optimal functionality of the website as well as a user-friendly and effective design of our range of services.
You have the right to veto this processing of your personal data according to art. 6 (1) lit. f GDPR, for reasons relating to your personal situation.
Use of the Cookie Consent Manager CCM19
On our website, we use the Cookie Consent Manager CCM19 from HB legal tech GmbH (Kohlgartenstraße 11-13, 04315 Leipzig, Germany; “CCM19”) within the framework of order processing.
The plug-in is hosted on consenttool.haendlerbund.de (https://consenttool.haendlerbund.de/) and enables you to give your consent to data processing via the website, in particular to set cookies, as well as to make use of your right of revocation for consents already provided. The data processing serves the purpose of obtaining and documenting necessary consents to data processing and thus to comply with legal obligations. Cookies are used for this purpose. Among other things, the following information can be collected, stored and, if necessary, transferred to HB legal tech GmbH: randomly assigned ID, consent status, date and time of consent/rejection. The data is stored for one year and one month and then deleted. This data will not be passed on to any other third parties.
The data processing is carried out on the basis of Article 6 para. 1 lit. c GDPR to comply with a legal obligation.
For more information about data protection, please visit: https://www.haendlerbund.de/de/datenschutzerklaerung .
Use of Google reCAPTCHA
Our website uses the reCAPTCHA service by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”). The request serves to distinguish whether the input was made by a human or automatic machine processing. For this purpose your input will be transmitted to Google and used by them further. In addition, the IP address and any other data required by Google for the reCAPTCHA service will be transferred to Google. This data will be processed by Google within the EU and potentially also in the USA.
For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para.1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more detailed information on Google reCAPTCHA and the associated data protection declaration at: https://www.google.com/recaptcha/intro/android.html and
https://www.google.com/privacy .
Use of Wordfence
We use the Wordfence security plugin from Defiant Inc. (00 5th Ave Ste 4100, Seattle, WA 98104, USA “Wordfence”) on our website as part of order processing. Data processing is used in particular to protect against viruses and malware, to detect and defend against brute force and DDoS attacks. For this purpose, Wordfence uses cookies to categorise website visitors as questionable or harmless. For this purpose, the IP address of the website visitor is stored on the Wordfence servers. IP addresses classified as harmless are placed on a whitelist. Dubious IP addresses, on the other hand, are placed on a blacklist. For this purpose, our website establishes a permanent connection to the Wordfence servers so that Wordfence can compare its databases with the access requests sent to our website and block them if necessary.
Your data will be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Wordfence is not certified under the TADPF. The data transfer takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://www.wordfence.com/standard-contractual-clauses/ (https://www.wordfence.com/standard-contractual-clauses/).
The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 para. 1 sentence 1 of the TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more detailed information on Wordfence’s collection and use of data and your associated rights and options for protecting your privacy in Wordfence’s privacy policy: https://www.wordfence.com/privacy-policy/ and https://www.wordfence.com/help/general-data-protection-regulation/#standard-contractual-clauses .
Use of Cloudfront
Our website uses the Cloudfront CDN content delivery network provided by Amazon Web Services EMEA SARL (38 avenue John F. Kennedy, L-1855, Luxembourg; “”Cloudfront””).
This is a supra-regional network of servers in various data centers to which our web server connects and through which certain content on our website is delivered.
The data processing serves the purpose of optimizing the loading times of our website and thus making our offer more user-friendly.
The following information, among others, may be collected: IP address, system configuration information, information about traffic to and from customer websites (so-called server log files).
Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Cloudfront has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
Processing is carried out on the basis of Article 6(1)(f) GDPR for the purposes of our legitimate interest in needs-based and targeted design of the website. On grounds relating to your particular situation, you have the right to object at any time to this processing of your personal data and carried out on the basis of Article 6(1)(f) GDPR.
For more information on data protection when using Cloudfront, please visit https://docs.aws.amazon.com/de_de/AmazonCloudFront/latest/DeveloperGuide/data-protection-summary.html and https://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf .
Use of Google Fonts
We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves to facilitate the consistent display of fonts on our website. In order to load the fonts, a connection to Google servers is established when the page is accessed. Among other things, your IP address and information about the browser you are using will be processed and transmitted to Google. This data is not linked to your Google account. Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more detailed information on the data processing and data protection at https://www.google.de/intl/de/policies/ and at https://developers.google.com/fonts/faq .
Duration of storage
After contractual processing has been completed, the data is initially stored for the duration of the warranty period, then in accordance with the retention periods prescribed by law, especially tax and commercial law, and then deleted after the period has elapsed, unless you have agreed to further processing and use.
Rights of the affected person
If the legal requirements are fulfilled, you have the following rights according to art. 15 to 20 GDPR: Right to information, correction, deletion, restriction of processing, data portability. You also have a right of objection against processing based on art. 6 (1) GDPR, and to processing for the purposes of direct marketing, according to art. 21 (1) GDPR.
Right to complain to the regulatory authority
You have the right to complain to the regulatory authority according to art. 77 GDPR if you believe that your data is not being processed legally.
You can lodge a complaint with, among others, the supervisory authority responsible for us, which you may reach at the following contact details:Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen Postfach 20 04 44 40102 Düsseldorf Tel.: +49 211 384240 Fax: +49 211 38424999 E-Mail: poststelle@ldi.nrw.de
Right to object
If the data processing outlined here is based on our legitimate interests in accordance with Article 6(1)f) GDPR, you have the right for reasons arising from your particular situation to object at any time to the processing of your data with future effect.
If the objection is successful, we will no longer process the personal data, unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests or rights and freedoms, or the processing is intended for the assertion, exercise or defence of legal claims.
last update: 22.10.2024
Unless stated otherwise below, the provision of your personal data is neither legally nor contractually obligatory, nor required for conclusion of a contract. You are not obliged to provide your data. Not providing it will have no consequences. This only applies as long as the processing procedures below do not state otherwise.
“Personal data” is any information relating to an identified or identifiable natural person.
Server log files
You can use our websites without submitting personal data.
Every time our website is accessed, user data is transferred to us or our web hosts/IT service providers by your internet browser and stored in server log files. This stored data includes for example the name of the site called up, date and time of the request, the IP address, amount of data transferred and the provider making the request. The processing is carried out on the basis of Article 6(1) f) GDPR due to our legitimate interests in ensuring the smooth operation of our website as well as improving our services.
Responsible person
Contact us at any time. The person responsible for data processing is:
SevenShift GmbH
Im Mediapark 5
50670 Cologne Germany
Phone: +49 221 952 609 12
Email: info@bunkai.io
Web: https://bunkai.io and https://sevenshift.de
Proactive contact of the customer by e-mail
If you make contact with us proactively via email, we shall collect your personal data (name, email address, message text) only to the extent provided by you. The purpose of the data processing is to handle and respond to your contact request.
If the initial contact serves to implement pre-contractual measures (e.g. consultation in the case of purchase interest, order creation) or concerns an agreement already concluded between you and us, this data processing takes place on the basis of Article 6(1)(b) GDPR.
If the initial contact occurs for other reasons, this data processing takes place on the basis of Article 6(1)(f) GDPR for the purposes of our overriding, legitimate interest in handling and responding to your request. In this case, on grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you and carried out on the basis of Article 6(1)(f) GDPR.
We will only use your email address to process your request. Your data will subsequently be deleted in compliance with statutory retention periods, unless you have agreed to further processing and use.
Collection and processing when using the contact form
When you use the contact form we will only collect your personal data (name, email address, message text) in the scope provided by you. The data processing is for the purpose of making contact.
If the initial contact serves to implement pre-contractual measures (e.g. consultation in the case of purchase interest, order creation) or concerns an agreement already concluded between you and us, this data processing takes place on the basis of Article 6(1)(b) GDPR. If the initial contact occurs for other reasons, this data processing takes place on the basis of Article 6(1)(f) GDPR for the purposes of our overriding, legitimate interest in handling and responding to your request. In this case, on grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you and carried out on the basis of Article 6(1)(f) GDPR.
We will only use your email address to process your request. Finally your data will be deleted, unless you have agreed to further processing and use.
Collection and processing when using the application form
When using the application form, we collect your personal data only to the extent provided by you. This includes your contact details (e.g., name, e-mail address, telephone number), details of your professional qualifications and training, details of further professional training and performance-specific evidence.
The purpose of this data processing is to contact you and to decide on the establishment of an employment relationship with you. The provision of the data is necessary to carry out the application procedure. The processing of your personal data takes place on the basis of Art. 6 para. 1(b) GDPR in conjunction with Art. 26 para. 1 Federal Data Protection Act (BDSG) for the implementation of pre-contractual measures (undergoing the application procedure as an initiation of the employment contract).
If you have given us permission to process personal data for inclusion in our pool of applicants, e.g., by checking a checkbox, the processing takes place on the basis of Art. 6 para. 1(a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
If specific categories of personal data within the meaning of Art. 9 para. 1 of the GDPR are requested from the applicants, such as information on the degree of severe disability, this is carried out on the basis of Art. 9 para. 2(b) GDPR, so that we can exercise the rights arising from labor law and the social security and social protection legislation and fulfill our obligations in this regard.
We will store your personal data as long as this is necessary for the decision about your application. Your data will then be deleted after six months at the latest, provided that you have not consented to further processing and use. If an employment relationship is established following the application procedure, the data provided will be further processed and then transferred to the personnel file for the purposes of implementing the employment relationship pursuant to Art. 6 para. 1 (b) GDPR in conjunction with Art. 26 Para. 1 of the Federal Data Protection Act (BDSG).
Use of Calendly
We use the appointment booking function “Calendly” from the provider Calendly LLC (BB&T Tower, 271 17th St NW, Atlanta, GA 30363, USA) on our website.
When using this function, we collect and process your personal data (first and last name, email address and telephone number, message text) only to the extent provided by you. The data processing serves the purpose of assigning appointments, as well as improving user friendliness.
Calendly uses technologies such as cookies. The following information, among other things, may be collected and transmitted to Calendly: IP address, date and time of the page view, device model, information about the browser and operating system you are using, as well as the location.
Your data may be transferred to third countries such as the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Calendly has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The processing of your personal data for booking appointments is realised on the basis of Art. 6 Para. 1 Letter b GDPR for the fulfilment of the contract concluded with us, or for the implementation of pre-contractual measures.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more information on data protection and the use of cookies by Calendly at https://calendly.com/privacy .
Customer account
When you open a customer account, we will collect your personal data in the scope given there. The data processing is for the purpose of improving your experience and simplifying order processing. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. Your customer account will then be deleted.
Collection, processing, and transfer of personal data in orders
When you submit an order we only collect and use your personal data insofar as this is necessary for the fulfilment and handling of your order as well as processing of your queries. The provision of data is necessary for conclusion of a contract. Failure to provide it will prevent the conclusion of any contract. The processing will occur on the basis of Article 6(1) b) GDPR and is required for the fulfilment of a contract with you.
Your data will be shared, for example, with shipping companies, dropshipping or fulfillment providers, payment service providers, service providers for order processing, and IT service providers. We will comply strictly with legal requirements in every case. The scope of data transmission is restricted to a minimum.
Advertising
Use of your email address for mailing of newsletters
We use your email address outside of contractual processing exclusively to send you a newsletter for our own marketing purposes, if you have explicitly agreed to this. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal. You can unsubscribe from the newsletter at any time using the relevant link in the newsletter or by contacting us. Your email address will then be removed from the distributor.
Use of Mailchimp
We use the service of Rocket Science Group LLC (675 Ponce de Leon Ave NE, Suite 5000 Atlanta, GA 30308, USA; “Mailchimp”) for newsletter dispatch as part of an order processing.
We pass on the information you provide during the newsletter registration (e-mail address, first and last name, if applicable) to Mailchimp. The data processing serves the purpose of sending the newsletter and its statistical evaluation.
In order to evaluate newsletter campaigns, the newsletters sent contain a 1×1 pixel graphic (tracking pixel) or a tracking link. This enables us to determine whether you have opened the newsletter and whether you have clicked any integrated links. Within this context, we collect your personal data such as IP address, browser type and device as well as the time. A usage profile can be generated from this data under a pseudonym. The data collected will not be used to identify you personally. The collected data is only used for statistical analysis to improve newsletter campaigns.
The data processing serves the purpose of sending the newsletter and its statistical evaluation. Your data is usually transmitted to Mailchimp servers in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Mailchimp is not certified under the TAPF. The data transfer takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de).
The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in a targeted, effective advertising and user-friendly newsletter system. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you.
You can find more information and MailChimp’s privacy policy at: https://mailchimp.com/de/legal/data-processing-addendum/ and https://www.intuit.com/privacy/statement/ .
Use of HubSpot
We use the service of HubSpot Ireland Ltd. (Ground Floor, Two Dockland Central Guild Street, Dublin 1, Ireland; “HubSpot”) for the newsletter dispatch as part of an order processing. HubSpot is an affiliated company of HubSpot, Inc. (25 First Street, Cambridge, MA 02141 USA).
We pass on the information you provide during newsletter registration (e-mail address, first and last name, if applicable) to HubSpot. The data processing serves the purpose of sending the newsletter and its statistical evaluation.
In order to evaluate newsletter campaigns, the newsletters sent contain a 1×1 pixel graphic (tracking pixel) or a tracking link. This enables us to determine whether you have opened the newsletter and whether you have clicked any integrated links. Within this context, we collect your personal data such as IP address, browser type and device as well as the time. A usage profile can be generated from this data under a pseudonym. The data collected will not be used to identify you personally. The collected data is only used for statistical analysis to improve newsletter campaigns.
Your data may be transmitted to HubSpot servers in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). HubSpot has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in a targeted, effective advertising and user-friendly newsletter system. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you.
You can find more information and HubSpot’s privacy policy at: https://legal.hubspot.com/de/privacy-policy .
Payment service providers
Use of the payment service provider Stripe
On our website we use the Stripe payment service of Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland). The data processing serves the purpose of offering you payment via the payment service. By selecting and using Stripe, the data required for payment processing is transmitted to Stripe in order to be able to fulfil the contract with you with of the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If required, Stripe reserves the right to obtain a credit report on the basis of mathematical-statistical procedures using credit rating agencies. For this purpose, Stripe transmits the personal data required for credit assessment to a credit rating agency and uses the obtained information on the statistical probability of payment default in order to reach a reasonable decision on the establishment, implementation or termination of the contractual relationship. The credit report may contain probability values (score values) which are calculated on the basis of scientifically recognised mathematical-statistical methods and include, among other things, address data. Your legitimate interests will be taken into account in accordance with the legal requirements. The data processing serves the purpose of a credit check for contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default if Stripe pays in advance.
For reasons that arise from your particular situation, you have the right to object to the processing of your personal data carried out on the basis of Art. 6 para. 1 lit. f GDPR at any time by notifying Stripe. The provision of the data is necessary for the conclusion of the contract with the payment method of your choice. Failure to provide such data shall mean that the contract cannot be concluded with the payment method you have selected.
All Stripe transactions are subject to Stripe Privacy Policy. You can find these at https://stripe.com/de/privacy
Cookies
Our website uses cookies. Cookies are small text files which are saved in a user’s internet browser or by the user’s internet browser on their computer system. When a user calls up a website, a cookie may be saved on the user’s operating system. This cookie contains a characteristic character string which allows the browser to be clearly identified when the website is called up again.
Cookies will be stored on your computer. You therefore have full control over the use of cookies. By choosing corresponding technical settings in your internet browser, you can be notified before the setting of cookies and you can decide whether to accept this setting in each individual case as well as prevent the storage of cookies and transmission of the data they contain. Cookies which have already been saved may be deleted at any time. We would, however, like to point out that this may prevent you from making full use of all the functions of this website. Using the links below, you can find out how to manage cookies (or deactivate them, among other things) in major browsers: Chrome Browser: https://support.google.com/accounts/answer/61416?hl=en Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09 Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac
technically necessary cookies
Insofar as no other information is given in the data protection declaration below we use only these technically necessary cookies cookies to make our offering more user-friendly, effective and secure. Cookies also allow our systems to recognise your browser after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. These services require the browser to be recognised again after a page change.
The use of cookies or comparable technologies is carried out on the basis of Art. 25 para. 2 TDDDG. Processing is carried out on the basis of art. 6 (1) lit. f GDPR due to our largely justified interest in ensuring the optimal functionality of the website as well as a user-friendly and effective design of our range of services.
You have the right to veto this processing of your personal data according to art. 6 (1) lit. f GDPR, for reasons relating to your personal situation.
Use of the Cookie Consent Manager CCM19
On our website, we use the Cookie Consent Manager CCM19 from HB legal tech GmbH (Kohlgartenstraße 11-13, 04315 Leipzig, Germany; “CCM19”) within the framework of order processing.
The plug-in is hosted on consenttool.haendlerbund.de (https://consenttool.haendlerbund.de/) and enables you to give your consent to data processing via the website, in particular to set cookies, as well as to make use of your right of revocation for consents already provided. The data processing serves the purpose of obtaining and documenting necessary consents to data processing and thus to comply with legal obligations. Cookies are used for this purpose. Among other things, the following information can be collected, stored and, if necessary, transferred to HB legal tech GmbH: randomly assigned ID, consent status, date and time of consent/rejection. The data is stored for one year and one month and then deleted. This data will not be passed on to any other third parties.
The data processing is carried out on the basis of Article 6 para. 1 lit. c GDPR to comply with a legal obligation.
For more information about data protection, please visit: https://www.haendlerbund.de/de/datenschutzerklaerung .
Use of Google reCAPTCHA
Our website uses the reCAPTCHA service by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”). The request serves to distinguish whether the input was made by a human or automatic machine processing. For this purpose your input will be transmitted to Google and used by them further. In addition, the IP address and any other data required by Google for the reCAPTCHA service will be transferred to Google. This data will be processed by Google within the EU and potentially also in the USA.
For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para.1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more detailed information on Google reCAPTCHA and the associated data protection declaration at: https://www.google.com/recaptcha/intro/android.html and
https://www.google.com/privacy .
Use of Wordfence
We use the Wordfence security plugin from Defiant Inc. (00 5th Ave Ste 4100, Seattle, WA 98104, USA “Wordfence”) on our website as part of order processing. Data processing is used in particular to protect against viruses and malware, to detect and defend against brute force and DDoS attacks. For this purpose, Wordfence uses cookies to categorise website visitors as questionable or harmless. For this purpose, the IP address of the website visitor is stored on the Wordfence servers. IP addresses classified as harmless are placed on a whitelist. Dubious IP addresses, on the other hand, are placed on a blacklist. For this purpose, our website establishes a permanent connection to the Wordfence servers so that Wordfence can compare its databases with the access requests sent to our website and block them if necessary.
Your data will be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Wordfence is not certified under the TADPF. The data transfer takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://www.wordfence.com/standard-contractual-clauses/ (https://www.wordfence.com/standard-contractual-clauses/).
The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 para. 1 sentence 1 of the TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more detailed information on Wordfence’s collection and use of data and your associated rights and options for protecting your privacy in Wordfence’s privacy policy: https://www.wordfence.com/privacy-policy/ and https://www.wordfence.com/help/general-data-protection-regulation/#standard-contractual-clauses .
Use of Cloudfront
Our website uses the Cloudfront CDN content delivery network provided by Amazon Web Services EMEA SARL (38 avenue John F. Kennedy, L-1855, Luxembourg; “”Cloudfront””).
This is a supra-regional network of servers in various data centers to which our web server connects and through which certain content on our website is delivered.
The data processing serves the purpose of optimizing the loading times of our website and thus making our offer more user-friendly.
The following information, among others, may be collected: IP address, system configuration information, information about traffic to and from customer websites (so-called server log files).
Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Cloudfront has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
Processing is carried out on the basis of Article 6(1)(f) GDPR for the purposes of our legitimate interest in needs-based and targeted design of the website. On grounds relating to your particular situation, you have the right to object at any time to this processing of your personal data and carried out on the basis of Article 6(1)(f) GDPR.
For more information on data protection when using Cloudfront, please visit https://docs.aws.amazon.com/de_de/AmazonCloudFront/latest/DeveloperGuide/data-protection-summary.html and https://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf .
Use of Google Fonts
We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves to facilitate the consistent display of fonts on our website. In order to load the fonts, a connection to Google servers is established when the page is accessed. Among other things, your IP address and information about the browser you are using will be processed and transmitted to Google. This data is not linked to your Google account. Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more detailed information on the data processing and data protection at https://www.google.de/intl/de/policies/ and at https://developers.google.com/fonts/faq .
Duration of storage
After contractual processing has been completed, the data is initially stored for the duration of the warranty period, then in accordance with the retention periods prescribed by law, especially tax and commercial law, and then deleted after the period has elapsed, unless you have agreed to further processing and use.
Rights of the affected person
If the legal requirements are fulfilled, you have the following rights according to art. 15 to 20 GDPR: Right to information, correction, deletion, restriction of processing, data portability. You also have a right of objection against processing based on art. 6 (1) GDPR, and to processing for the purposes of direct marketing, according to art. 21 (1) GDPR.
Right to complain to the regulatory authority
You have the right to complain to the regulatory authority according to art. 77 GDPR if you believe that your data is not being processed legally.
You can lodge a complaint with, among others, the supervisory authority responsible for us, which you may reach at the following contact details:Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen Postfach 20 04 44 40102 Düsseldorf Tel.: +49 211 384240 Fax: +49 211 38424999 E-Mail: poststelle@ldi.nrw.de
Right to object
If the data processing outlined here is based on our legitimate interests in accordance with Article 6(1)f) GDPR, you have the right for reasons arising from your particular situation to object at any time to the processing of your data with future effect.
If the objection is successful, we will no longer process the personal data, unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests or rights and freedoms, or the processing is intended for the assertion, exercise or defence of legal claims.
last update: 22.10.2024