As of [08-29], 2024 What's new?

We take the protection of your personal data very seriously. With this Privacy Policy, we inform you which personal data we collect and how and for what purposes it is processed. We always treat your personal data in accordance with the statutory data protection regulations and this Privacy Policy.

Controller is:

Room 1202, Capital Center, 5-19 Jardine's Barzaar, Causeway Bay, HK China

Email: data-privacy@tineco.com

Website: https://de-store.tineco.com/

(hereinafter „Tineco“).

The controller's data protection officer (representative) is:

Name: LUCID Compliance GmbH

Ledererstrasse 19

80331 Munich

Germany

Email: info@lucid-compliance.com

If you have any questions about data protection, you can contact our data protection officer at any time.

Each time you visit our website, our system automatically collects data and information from the computer system of the calling computer. The following data is logged:

This data is processed in order to be able to present the website, to ensure the security, availability and integrity of the website (e.g., detection and defense against DoS attacks or access by bots), to improve the quality and presentation of the website, to be able to identify and correct errors and for statistical purposes.

Our website is hosted by a service provider named Shopify International Ltd., the headquarter of which is located in Canada.

The legal basis for this data processing is Art. 6 (1) lit. f) GDPR. Our overriding legitimate interest is the above purposes.

We use a Content Delivery Network (CDN) to increase the security and delivery speed of the website. A CDN is a network of servers distributed worldwide that is capable of delivering optimized content to users. For this purpose, personal data may be processed in server log files by the provider of the CDN.

The provider of the CDN acts as a data processor for us on the basis of a data processing agreement pursuant to Art. 28 GDPR.

Since a CDN represents a network of servers distributed worldwide, the use of a CDN may result in the transfer of personal data to a third country without an adequate level of data protection. In this case, we ensure that appropriate safeguards are provided for the transfer in accordance with Art. 46 GDPR. We will provide you with proof of the appropriate safeguards (Standard Contractual Clauses) at any time upon request.

The legal basis for this data processing is our legitimate interest pursuant to Art. 6 (1) lit. f) GDPR. Our overriding legitimate interest is to increase the security and delivery speed of the website.

If you contact us, e.g., by e-mail, via a contact form, live chat, telephone or other information transmission tools, the information you provide will be stored for the purpose of processing the request.

We need the information requested in a contact form or live chat to process your request, to address you correctly and to send you a reply.

The legal basis for this data processing is Art. 6 (1) lit. f) GDPR. Our overriding legitimate interest is the communication with prospects, visitors, and customers. If the purpose of the contact is to conclude a contract, legal basis for processing is Art. 6 (1) lit. b) GDPR.

We process the data of our customers, service providers and suppliers as part of the provision of our contractual services. In this context, inventory data (for example, surname and first name of the contact person(s), address), contact data (for example, e-mail address, telephone number), contract data (for example, subject matter of the contract, term), payment and shipping data (if applicable, such as payment amount, payment method information, user name, billing and/or shipping address), communication records and other data collected in the context of the provision of services and/or required for the provision of services are processed, if applicable. Inquiries and customer relations are regularly stored and processed in our CRM system. To process your request, we are using Sobot, provided by北京智齿众服技术咨询有限公司 located in China. The information collected will be used to provide and improve our customer services. If the problem you meet would obtain a clearer description by taking a photo/screenshot, you may also consider sending to the customer service such pictures or audios.

Inquiries and customer relations are regularly stored and processed in our CRM system. The data processed in this context (surname, first name, title, postal address, date of birth if applicable, your specific interest with regard to our products and services and your interactions with us) may also be used by us for direct marketing purposes, in particular for postal advertising, in compliance with the legal requirements.

The legal basis for this storage and processing is our legitimate interest pursuant to Art. 6 (1) lit. f) GDPR. Our overriding legitimate interest is the marketing of our products and services and the maintenance of our prospect, customer and service provider relationships

On our website, you can register to receive a newsletter by e-mail. During registration, the data from the input mask, the IP address of the calling computer and the date and time of registration are transmitted to us. For the processing of the data, your consent is obtained during registration and reference is made to this Privacy Policy.

The registration for the newsletter can be terminated at any time by using the unsubscribe link contained in each newsletter or by contacting us at the above contact details.

The legal basis for the processing of data after registration for the newsletter is your consent pursuant to Art. 6 (1) lit. a) GDPR.

We would like to point out that in the event of a withdrawal of the consent, we will retain the data relating to consent until expiry of the statutory limitation period (pursuant to Section 195 of the German Civil Code (BGB), three calendar years after the last e-mail newsletter was sent) in order to be able to defend ourselves legally if necessary. The accountability obligation takes precedence over the deletion obligation here for this period (Art. 17 (3) lit. e) GDPR). The legal basis for this retention of consent data is Art. 6 (1) lit. c) in conjunction with Art. 5 (1) lit. a), (2), Art. 7 ( 1) GDPR and Art. 6 (1)= lit. f) GDPR.

If you have concluded a product or service contract with us and provide your e-mail address, we may use your email address to send direct advertising for our own similar goods or services. You can object to the use of your e-mail address at any time, without incurring any costs other than the transmission costs according to the basic rates, by using the unsubscribe link contained in every newsletter or by contacting us at the above-mentioned contact details.

The legal basis for sending the newsletter as a result of the sale of goods or services is our legitimate interest pursuant to Art. 6 (1) lit. f) GDPR.

We would like to point out that, in case of an objection to further marketing use and if your data has already been used for sending e-mail marketing in the context of an existing customer relationship, we will retain the data on the existence of the requirements of Section 7 (3) of the German Unfair Competition Act (UWG) until the expiry of the statutory limitation period (pursuant to Section 195 of the German Civil Code (BGB), three calendar years after the last advertising e-mail was sent) in order to be able to defend ourselves legally if necessary. The accountability obligation takes precedence over the deletion obligation here for this period (Art. 17 (3) lit. e) GDPR). The legal basis for this retention of consent data is Art. 6 (1) lit. c) in conjunction with Art. 5 (1) lit. a), (2), Art. 7 ( 1) GDPR and Art. 6 (1)= lit. f) GDPR.

We may use external service provider as a data processor for sending and analyzing our newsletter on the basis of a data processing agreement pursuant to Art. 28 GDPR.

This may involve the transfer of personal data to a third country outside the EU without an adequate level of data protection.

In this case, we ensure that appropriate safeguards are provided for the transfer in accordance with Art. 46 GDPR. We will provide you with proof of the appropriate safeguards (Standard Contractual Clauses) at any time upon request.

We may partner with advertising networks and other advertising serving providers (“Advertising Providers”) that may push advertisements on our behalf and others within the website or to your email account with the consent of you. Some of these advertisements may be personalized based on your user profiling. This type of advertising is known as interest-based advertising. We will distinct advertisements with an “ad” imprint on all advertisements for your ease of identification.

We involve Advertising Providers to identify advertising that might be of interest for you and/or for products that can be used with your Device and to present them to you within the website and to analyze the effectiveness of our advertisements presented in the website and your interactions with them. This information will not be used to identify you personally, but to analyze it in a pseudonymized way. This technology enables us to pursue our legitimate interests to present you advertisements that suit your individual interests and to perform direct marketing campaigns for our products and services to our customers.

You may opt-out from such personalized advertising, by using the "Do Not Track" or relevant functions of a supporting browser, by deactivating the execution of script code in your browser or through other methods as described in this Privacy Policy or those of the service providers. Please note that electing to opt out will not prevent advertisements from appearing in your browser or applications. However, opting out will allow the advertisements pushed to you to be irrelevant to your interests.

Our website uses cookies and implements third-party tools and functions.

Cookies are pieces of information that are transferred from our web server or third-party web servers to your browser and stored there for later retrieval. Cookies may be small files or other types of information storage. Information is stored in cookies that is related to the specific end device used. Cookies contain a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. A cookie also contains information about its origin and the storage period. However, this does not mean that we gain immediate knowledge of your identity.

We also use third-party tools and functions, for example, to expand the functional scope of the website, to analyze the use of the website, and to optimize the content accordingly.

When integrating tools and functions from third-party providers, personal data may be transmitted to the providers of the integrated tools and functions in order to be able to provide the tools and functions.

Cookies and third-party tools and functions are referred to uniformly below as "cookies" for the sake of simplicity.

When visiting our website, cookies are set that are absolutely necessary for the operation of the website. These essential cookies may be, for example, cookies that are required for the display of the website with a content management system, which are used to recognize language settings, or which are used to document whether you have consented to the setting of further (non-essential) cookies or whether you have rejected them.

The technically necessary cookies, including their purpose and storage period or deletion period, are explained to you in our cookie banner, which is displayed when you access the website.

The legal basis for the processing of personal data using essential cookies is our legitimate interest pursuant to Art. 6 (1) lit. f) GDPR. Our overriding legitimate interest are the operation and provision of our website.

We also use non-essential cookies, for example to collect additional information about the interests of visitors to our websites or about their usage behavior, in order to analyze and optimize our website and generally our customer interactions on this basis.

Non-essential cookies, including their purpose and storage period or deletion period, are also explained to you in our cookie banner, which is displayed when you access the website.

Non-essential cookies are only set if you have expressly consented to the setting of non-essential cookies. You can also select different categories of non-essential cookies that you wish to allow in the cookie banner.

When using non-essential cookies, the legal basis for the storage and reading of information is § 25 (1) TTDSG (or in Austria § 96 (3) TKG) and, with regard to the processing of personal data, Art. 6 (1) lit. a) GDPR.

On our website, we use the cookie consent management tool Pandectes to obtain your consent to store certain cookies in your browser and to document this in accordance with the relevant data protection law. The provider is Cybot A/S , with its registered seat in Denmark (hereinafter Cookiebot).

When you enter our website, a cookie is stored in your browser, in which the consents you have given or the revocation of these consents are being stored. This data is not shared with the service provider. You can change the settings by managing your cookie preferences.

The legal basis for this data processing is initially Art. 6 (1) lit. f) GDPR, the provision of our website and ensuring the possibility to obtain consent for non-essential cookies. If you give consent, the legal basis for the processing of the data relating to your consent is Art. 7 (1) and 6 (1) lit a) GDPR.

On our website we use the tool Google Tag Manager. Google Tag Manager is provided by Google Ireland Limited in Ireland. Through this tool, website tags can be managed via an interface. Google Tag Manager only implements tags, but no cookies are used, and no personal data is collected. Google Tag Manager triggers other tags, which in turn may collect data, but Google Tag Manager does not access this data.

We use web analytics services to understand how our website and our Platform are used by their visitors or users and to optimize the website and the Platform in terms of content and technology.

We use the web analytics service Google Analytics with IP anonymization. Google Analytics is a web analytics service provided by Google Ireland Limited ("Google").

JavaScript tags allow us to collect information about your use of the website and the Platform. Google Analytics also regularly uses cookies to collect information about a user's interactions with the website or Platform.

Within the scope of the use of Google Analytics, your IP address and information about the use of the website or Platform, browser type and version, operating system used, the previously visited page and the time of the server request are transferred to Google servers and processed there.

Within the scope of IP anonymization, the collected IP addresses of users within the European Economic Area are shortened before being transmitted to the USA. Only in exceptional cases, in the event of technical malfunctions in Europe, will the unabbreviated IP address be transmitted to Google in the USA and shortened there. The transmitted IP addresses are not merged with other data from Google.

Google will act for us as a processor on the basis of a data processing agreement pursuant to Art. 28 GDPR.

As explained, this may involve the transfer of personal data to a third country without an adequate level of data protection. In this case, we ensure that appropriate safeguards are provided for the transfer in accordance with Art. 46 GDPR. We will provide you with proof of the appropriate safeguards (Standard Contractual Clauses) at any time upon request.

The legal basis for this data processing is your express consent pursuant to Art. 6 (1) lit. a) GDPR.

Tracking pixels from various providers are used on our website to track website usage and the actions of website visitors for the purpose of conversion tracking. Tracking pixels from the following providers may be used: LinkedIn, Bing, Meta, Google Ads, Outbrain, Pinterest, Snapchat, Taboola, TikTok, Twitter/X, Yahoo Native (Gemini).

Tracking pixels are a code snippet that allows us to track the actions of website visitors, which further allows us to personalize and improve our advertisements and measure their success. This allows us to evaluate our website for statistical and market research purposes and optimize advertising campaigns.

The data collected via the tracking pixels may be used by the providers of the respective pixels for their own tracking and advertising purposes. For further details, please refer to the privacy statements of the providers of the respective pixels.

If you are a member of a social media platform of one of the providers of the tracking pixels and have allowed the respective provider to do so via the settings of your user account with the social media network, the provider of the social media network or the tracking pixel may link the information collected about your visit to our website to your user account with the respective social media network and use it for the targeted placement of advertisements.

We can also measure the effectiveness of advertisements on the respective social media networks and see whether a user was redirected to our website via such ads (conversion measurement).

The integration of such tracking pixels may result in the transfer of personal data to a third country without an adequate level of data protection. In this case, we ensure that appropriate safeguards are provided for the transfer in accordance with Art. 46 DSGVO. We will gladly provide you with proof of the appropriate guarantees (standard contractual clauses) at any time upon request.

The legal basis for this data processing is your express consent pursuant to Art. 6 (1) a) DSGVO.

In order to display the content of our website correctly and graphically appealing across browsers, we use the font library Web Fonts of Google Ireland Ltd. in Ireland (hereinafter “Google”). When you call up a website on which a font library is integrated, the required font is loaded into the browser cache in order to display texts and fonts correctly. In doing so, the operator receives the information that the font required for our website or platform was called up from your IP address.

You can prevent the use of such libraries and the associated data transmission by installing a JavaScript blocker (e.g. www.noscript.net). If the use of Web Fonts is not supported or prevented, a default font will be used by your computer.

Google acts for us as a data processor on the basis of a data processing agreement pursuant to Art. 28 GDPR.

This may involve the transfer of personal data to a third country without an adequate level of data protection. In this case, we ensure that appropriate safeguards are provided for the transfer in accordance with Art. 46 GDPR. We will provide you with proof of the appropriate safeguards (Standard Contractual Clauses) at any time upon request.

The legal basis for this data processing is your express consent pursuant to Art. 6 (1) lit. a) GDPR.

YouTube videos are embedded on our website. These are provided, via a plugin, by Google Ireland Ltd. in Ireland ("YouTube").

We use the "extended data protection settings" for embedded YouTube videos, this means that YouTube does not set any cookies.

Nevertheless, when you visit a website with the YouTube plugin, a connection to YouTube is inevitably established and your IP address is transmitted to YouTube in the process.

When using YouTube, personal data is transferred to a third country outside the EU. We ensure that suitable guarantees are provided for the transfer in accordance with Art. 46 GDPR. We will be happy to provide you with proof of the appropriate guarantees (Standard Contractual Clauses/Standard Data Protection Clauses) at any time upon request. To do so, please contact us using the contact details above.

Further information on data protection at YouTube can be found in YouTube's Data Protection and Security Centre:

https://support.google.com/youtube/topic/2803240?hl=de&ref_topic=6151248

The legal basis for this data processing when using YouTube is Art. 6 (1) lit. f) GDPR. Our legitimate interest is the integration of videos and the associated optimization of the interactivity of our website and our customer interactions.

On our website, we use the reCAPTCHA service of Google Ireland Limited in Ireland. With reCAPTCHA, we determine whether a person or a computer makes a certain entry in a form. Google uses the following data to check whether a person or computer makes an entry: IP address of the end device used, the website that is visited on our site and on which the captcha is embedded, the date and duration of the visit to the website, information on the browser and operating system type used, the Google account if the user is logged in to Google, mouse movements on the reCAPTCHA areas and tasks in which images are to be identified.

Further information on data processing and data protection at Google can be found in Google's Privacy Policy at https://policies.google.com/privacy?hl=en.

This may involve the transfer of personal data to a third country without an adequate level of data protection. In this case, we ensure that appropriate safeguards are provided for the transfer in accordance with Art. 46 GDPR. We will gladly provide you with proof of the appropriate We will provide you with proof of the appropriate safeguards (Standard Contractual Clauses) at any time upon request.

The legal basis for the data processing is our legitimate interest pursuant to Art. 6 (1) lit. f) GDPR. Our overriding legitimate interests are the operation, provision and security of our website, specifically the protection against automated entries and attacks.

On our website, we use the service Friendly Captcha, provided by Friendly Captcha GmbH in Germany. With Friendly Captcha, we determine whether a person or a computer makes a certain entry in a form. As part of this process, Friendly Captcha captures the IP address of the requesting end device in order to send a cryptographic task to the end device. This task is solved in the background and once solved, a confirmation is sent by Friendly Captcha to the server that the user is a natural person and not a bot. Friendly Captcha uses the following data to check whether a person or a computer is making an entry: Anonymized IP address of the requesting computer, information about the browser used, as well as operating system, anonymized counter per IP address to control the cryptographic tasks, website from which the access took place (so-called referer URL).

For more information about data processing and data protection at Friendly Captcha, please see the Privacy Policy of Friendly Captcha at ttps://friendlycaptcha.com/en/privacy.

The legal basis for the data processing is our legitimate interest according to Art. 6 (1) lit. f) GDPR. Our overriding legitimate interests are the operation, provision and security of our website, specifically the protection against automated entries and attacks.

We use the IP address and other information provided by the user (in particular postcode as part of registration or ordering) to address regional target groups (so-called "geotargeting").

The regional target group approach is used, for example, to automatically show you regional offers or advertising that are often more relevant for users. The legal basis for the use of the IP address and, if applicable, other information provided by the user (in particular postal code) is Art. 6 (1) (f) GDPR, based on our interest in ensuring a more precise target group approach and thus providing offers and advertising with higher relevance for users.

In doing so, part of the IP address as well as the additional information provided by the user (in particular postal code) are only read out data.

You can prevent geo-targeting, for example, by using a VPN or proxy server that prevents accurate localization. In addition, depending on the browser used, you can also deactivate location localization in the corresponding browser settings (as far as the respective browser supports this).

Social media buttons of various social media networks (e.g. Linkedin, Instagram, Twitter/X, Facebook and TikTok) are integrated on our website.

If you click on one of these social media buttons, you will be redirected to our pages on the respective social media network. In this case, the provider of the respective social media network receives the information that your browser has accessed the corresponding page of our website, even if you do not have a profile with the respective social media network or are not logged in there. This information (including your IP address) is transmitted by your browser directly to a server of the respective provider. If you click on a social media button and are either logged in to the respective social media network or then log in to the page of the respective social media network, the transmitted information can be assigned to your account with the social media network.

For information on the purpose and scope of data collection and processing by the providers of the respective social media network, the provider identification, a contact option and your rights and setting options for data protection, please refer to the respective privacy policy of the providers of the social media networks. The legal basis for the integration and use of social media buttons is Art. 6 (1) lit. f) GDPR. Our overriding legitimate interest is the marketing of our offers and our website.

We maintain a publicly accessible profile on various social media networks (e.g. Linkedin, Instagram, Twitter/X and Facebook).

If you visit our social media pages and are logged in to the respective social media network, the provider of the respective social media network can analyze your usage behavior and assign the information collected to your account with the social media network and enrich it there. Even if you are not logged in or if you do not have an account with the respective social media network, personal data may be collected by the provider of the respective social media network, for example your IP address or data collected via a cookie.

The operators of the social media networks can use this data to create user profiles. Based on your user profile, you can then be shown interest-based advertisements both on the websites of the social media network and on other websites.

If you visit one of our social media pages, we are jointly responsible with the provider of the social media network for the collection and processing of your personal data that takes place there. For information on the collection and processing of your personal data that takes place there, we refer you to the privacy policy of the respective social media network.

You can assert your data subject rights in accordance with Chapter III. of the GDPR (right to information, correction, deletion, restriction of processing, data portability, etc.) both against us and against the provider of the respective social media network. In this context, we would like to point out that we can only influence the processing of personal data and the implementation of data subject rights within the framework of our social media pages within the scope of the possibilities made available to us by the respective provider.

The legal basis for our use of social media pages is Art. 6 (1) lit. f) GDPR. Our overriding legitimate interest is the presence and marketing of our products and services on the Internet.

When participating in one of our offline or online competitions/sweepstakes, we collect and process the personal data provided by the participant as part of the participation in the competition, usually first name, address and e-mail address.

We collect this data in order to enable participation in the competition, to carry out the competition, to inform the participant of a prize, if applicable, and to send the participant a possible prize.

We process the participants' personal data to conduct the competition and to determine and notify the winners.

Insofar as participants provide information as part of their participation that is not required for participation in the respective competition, this is done on a voluntary basis.

If you do not provide us with the data required to participate in a competition, it will not be possible to participate in the competition or to contact you regarding notification of a prize.

The legal basis for data collection and data processing is the performance of the contract according to Art. 6 (1) lit. b) GDPR.

If we are involved in a restructuring, acquisition, asset sale, merger, financing, transfer of services to another provider, due diligence, insolvency or receivership, your personal data may be transferred to third parties to the extent legally permitted in connection with and as part of the relevant legal process, subject to the basic principles of data protection law.

This website is not intended or designed for use by children under the age of 16 (or other age as a child pursuant to the laws and regulations in your jurisdiction). We do not knowingly collect personally identifiable information from or about anyone under the age of 16. If you are a child or minor pursuant to the laws and regulations of the place in which you reside, we recommend you to ask your parents or guardians to read this Policy and use our services or provide your information to us with the prior consent from your parents or guardians. If your guardians do not allow you to use our services or provide your information to us according to this Policy, please stop using our services immediately and give a notice on time so that we can react accordingly. If, due to reasons out of our control such collection occurs, we will remove such information once we are notified. We will keep personal data collected confidential and safe in accordance with the relevant laws and regulations.

Within our company, those internal departments or organisational units receive your data which they need to fulfil their tasks, to fulfil contracts with you if necessary, for data processing with your consent or to safeguard our overriding legitimate interests.

Data will only be passed on to third parties within the framework of legal requirements. We will only pass on your data to third parties if, for example, this is necessary for contractual purposes on the basis of Art. 6 (1) lit. b) GDPR or to safeguard our overriding legitimate interest pursuant to Art. 6 (1) lit. f) GDPR in the effective conduct of our business operations. Examples include fulfilling orders for products or services, delivering packages, sending postal mail and email, analyzing data, providing marketing assistance, providing search results and links, processing payments, transmitting content, and providing customer service. These third-party service providers have access to personal data needed to perform their functions, but may not use it for other purposes. Specifically, we currently involve cloud services providers to host the website and store data in Germany, to collect information about the crash history of the website and your using behavior and to send out push notifications. The legal basis is Art. 6 (1) b) GDPR.

There are also cases where we are required to provide your personal data to the competent supervisory authorities pursuant to the Law, court orders, any other provisions of legal proceedings, or mandatory requirements imposed by administrative or judicial bodies. Information sharing under this circumstance may not require your prior authorization or consent. Insofar we are required to provide your personal data under legal obligations. The legal basis for such disclosure of your information will be Art. 6 (1) c) GDPR. For other cases of disclosure of your personal data, the legal basis for such disclosure will be Art. 6 (1) f) GDPR.

Third parties to whom we may, or is obliged to, transfer personal data on the basis of the above, can be located in another country subject to prior establishment of additional guarantees acc ording Art. 44 et seq. GDPR.

Specifically, we use below third-party providers such as plugins and content delivery networks on our website for various purposes.

Insofar as we use service providers within the framework of the provision of the website and/or Platform or other services, we take appropriate legal precautions as well as appropriate technical and organisational measures to ensure the protection of your personal data.

Since we provide products or services based on our resources and servers worldwide, your personal data might be transmitted to a jurisdiction or accessed from a jurisdiction outside of the country where you reside. Such destination jurisdictions include: (i) the jurisdiction where your personal data is stored (if it is the same as where you are located (cross-border transfer does not apply); (ii) China, where our affiliates’ registered office, our affiliates which are involved in our Websites products and services and most of our service providers, are located, and when our employees need to have access to your personal data for handling your issues and also conducting general analysis; (iii) the storage location of some other service providers which serve you on behalf of us through their API integrated into the Website, mostly at your local jurisdictions, or at the jurisdiction where their relevant branch resides to specifically serve your local jurisdiction; and (iv) some other jurisdictions from where your Website account was once logged in, provided that the data storage location for such jurisdiction differs from your domicile country. Specifically, if you send to data-privacy@tineco.com an email, your personal data contained in such email and its delivery will be directed to China, where our email-box server is located. All such international transfers are made in connection by and between the relevant servers housed in third-party cloud facilities and physically located in such jurisdictions, and we will require third-party cloud suppliers to adopt appropriate safeguards in compliance with the Law.

You have the rights explained below with regard to the personal data processed by us concerning you:

You can request information in accordance with Art. 15 GDPR about your personal data that we process.

If the information concerning you is not (or no longer) accurate, you may request a correction in accordance with Art. 16 GDPR. If your data is incomplete, you may request that it be completed.

You may request the erasure of your personal data in accordance with Art. 17 GDPR.

In accordance with Art. 18 GDPR you have the right to request restriction of processing of your personal data.

Insofar as you have given your consent for processing, you have a right to withdraw your consent pursuant to Art. 7 (3) GDPR.

You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format ("data portability") as well as the right to have this data transferred to another controller if the conditions of Art. 20 (1) lit. (a) and (b) GDPR are met.

You can exercise your rights by notifying the above contact details for the data controller or the data protection officer.

If you believe that our processing of your personal data violates data protection law, you also have the right to complain to a data protection supervisory authority of your choice pursuant to Article 77 of the GDPR.

We adhere to the principles of data avoidance and data economy and only store your personal data for as long as is necessary to achieve the respective purpose of the data processing purposes or as stipulated by the storage periods provided by law.

If the purpose of storage no longer applies or if a storage period provided for by law expires, the personal data will be routinely anonymized or deleted in accordance with the statutory provisions.

We take appropriate technical and organizational measures in accordance with the state of the art to ensure a level of protection for the personal data we process that is appropriate to the risk of the respective processing and to protect the data we process against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.

Our website uses SSL encryption for security reasons and to protect the transmission of confidential content, such as orders, inquiries or payment data that you send to us.

Our employees receive regular training on data protection and information security and are committed to confidentiality and data protection.

A restrictive rights and roles concept on a "need to know" basis ensures that employees only have access to the personal data they absolutely need to perform their duties.

We reserve the right to amend this Privacy Policy from time to time so that it always complies with current legal requirements and/or in order to implement changes to our services in the Privacy Policy, e.g. when introducing new services. When visiting the website or using our services, the current privacy policy always applies.