Privacy policy
1. Data protection at a glance
General information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data with which you can be personally identified. For more detailed information on data protection, please refer to our privacy policy listed below this text.
Data collection on this website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find his contact details in the section "Information on the responsible party" in this data protection declaration.
How do we collect your data?
On the one hand, your data is collected by you providing it to us. This can be, for example, data that you enter in a contact form.
Other data is collected automatically or after your consent when you visit the website by our IT systems. This is mainly technical data (e.g. Internet browser, operating system or time of page view). This data is collected automatically as soon as you enter this website.
What do we use your data for?
Part of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior.
What rights do you have regarding your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
For this purpose, as well as for further questions on the subject of data protection, you can contact us at any time.
Analysis tools and tools from third parties
When visiting this website, your surfing behavior may be statistically analyzed. This is done primarily with so-called analysis programs.
Detailed information about these analysis programs can be found in the following privacy policy.
2. Hosting and Content Delivery Networks (CDN)
We host the content of our website with the following provider:
Shopify
The provider is Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (hereinafter "Shopify"). Shopify is a tool for creating and hosting websites. When you visit our website, Shopify collects your IP address and information about the device and browser you are using. Shopify also analyzes the number of visitors, visitor sources, and customer behavior, and compiles user statistics. When you make a purchase on our website, Shopify also collects your name, email address, shipping and billing addresses, payment information, and other data related to the purchase (e.g., phone number, amount of sales, etc.). For the analyses, Shopify stores cookies in your browser.
For details, please refer to Shopify's privacy policy: https://www.shopify.de/legal/datenschutz.
The use of Shopify is based on Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in the most reliable presentation of our website. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.
External hosting
This website is hosted externally. The personal data collected on this website is stored on the servers of the hoster(s). This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website.
External hosting is carried out for the purpose of contract performance vis-à-vis our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO). Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.
Our hoster(s) will only process your data to the extent necessary to fulfill their service obligations and follow our instructions regarding this data.
We use the following hosters:
Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
Germany
Order processing
We have concluded an order processing agreement (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that this provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the DSGVO.
Cloudflare
Cloudflare, Inc.
101 Townsend St,
San Francisco, CA 94107 USA
We use the service "Cloudflare". The provider is Cloudflare Inc, 101 Townsend St, San Francisco, CA 94107, USA (hereinafter "Cloudflare").
Cloudflare offers a globally distributed content delivery network with DNS. This technically routes the transfer of information between your browser and our website through Cloudflare's network. This enables Cloudflare to analyze traffic between your browser and our website and serve as a filter between our servers and potentially malicious traffic from the Internet. In doing so, Cloudflare may also use cookies or other technologies to recognize Internet users, but these are used solely for the purpose described here.
The use of Cloudflare is based on our legitimate interest in providing our website as error-free and secure as possible (Art. 6 para. 1 lit. f DSGVO).
The data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details can be found here:
https://www.cloudflare.com/privacypolicy/.
You can find more information about security and data protection at Cloudflare here: https://www.cloudflare.com/privacypolicy/.
Google Cloud CDN
We use the content delivery network Google Cloud CDN. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google offers a globally distributed content delivery network. This technically routes the transfer of information between your browser and our website via Google's network. This allows us to increase the worldwide accessibility and performance of our website.
The use of Google Cloud CDN is based on our legitimate interest in providing our website as error-free and secure as possible (Art. 6 para. 1 lit. f DSGVO).
The data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details can be found here:
https://cloud.google.com/terms/eu-model-contract-clause.
You can find more information about Google Cloud CDN here: https://cloud.google.com/cdn/docs/overview?hl=de.
3. General notes and mandatory information
Privacy policy
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations and this privacy policy.
When you use this website, various personal data are collected. Personal data is data with which you can be personally identified. This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose this is done.
We point out that data transmission on the Internet (for example, when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.
Note on the responsible party
The responsible party for data processing on this website is: Days of Northern Lights GbR
represented by:
Hanna Dreu
Tristan Leander Riedinger
Philipp Ellerbrock
Maximilian Neßmann
Max Wiechmann
Address: Days of Northern Lights GbR, Bickbüschen 18D, 23843 Bad Oldesloe, Germany
Phone: 040-22861310]
E-mail: info@noa-lone.com
The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses or similar).
Storage period
Unless a more specific storage period has been mentioned within this privacy policy, your personal data will remain with us until the purpose for data processing ceases to apply. If you assert a legitimate request for deletion or revoke consent for data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be deleted after these reasons cease to apply.
General information on the legal basis for data processing on this website
If you have consented to data processing, we process your personal data on the basis of Art. 6(1)(a) DSGVO or Art. 9(2)(a) DSGVO, if special categories of data are processed pursuant to Art. 9(1) DSGVO. In the case of explicit consent to the transfer of personal data to third countries, the data processing is also based on Art. 49 (1) a DSGVO. If you have consented to the storage of cookies or to the access to information in your terminal device (e.g. via device fingerprinting), the data processing is additionally carried out on the basis of Section 25 (1) TTDSG. The consent can be revoked at any time. If your data is required for the performance of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b DSGVO. Furthermore, we process your data if this is necessary for the fulfillment of a legal obligation on the basis of Art. 6 para. 1 lit. c DSGVO. Furthermore, data processing may be based on our legitimate interest according to Art. 6 (1) f DSGVO. Information on the relevant legal basis in each individual case is provided in the following paragraphs of this privacy policy.
Note on data transfer to the USA and other third countries.
Transfers may involve the transfer of personal data to recipients outside the European Union/European Economic Area. Standard contractual clauses have been concluded with these external service providers, unless they are based in countries with an adequacy decision pursuant to Art 45 DSGVO. More about the standard contractual clauses:
https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?uri=CELEX:32021D0914&locale=en
Withdrawal of your consent to data processing
Many data processing operations are only possible with your explicit consent. You can revoke consent you have already given at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to object to data collection in special cases and to direct marketing (Art. 21 DSGVO)
IF THE DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 6 ABS. 1 LIT. E OR F DSGVO, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING SERVES THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS (OBJECTION UNDER ARTICLE 21 (1) DSGVO).
IF YOUR PERSONAL DATA IS PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS CONNECTED WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ART. 21 PARA. 2 DSGVO).
Right of appeal to the competent supervisory authority
In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged violation. The right of appeal is without prejudice to any other administrative or judicial remedy.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in performance of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done insofar as it is technically feasible.
Information, deletion and correction
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, a right to correction or deletion of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time.
Right to restriction of processing
You have the right to request the restriction of the processing of your personal data. For this purpose, you can contact us at any time. The right to restriction of processing exists in the following cases:
If you dispute the accuracy of your personal data stored by us, we usually need time to check this. For the duration of the review, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data happened/is happening unlawfully, you can request the restriction of the data processing instead of the deletion. If we no longer need your personal data, but you need it to exercise, defend or enforce legal claims, you have the right to request the restriction of the processing of your personal data instead of the erasure.
If you have lodged an objection pursuant to Art. 21 (1) of the GDPR, a balancing of your and our interests must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data - apart from its storage - may only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Encrypted payment transactions on this website
If there is an obligation to transmit your payment data (e.g. account number in the case of direct debit authorization) to us after the conclusion of a contract with costs, this data is required for payment processing.
Payment transactions via the common means of payment (Visa/MasterCard, direct debit, etc.) are made exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the fact that the address line of your browser changes from "http://" to "https://" and by the lock symbol in your browser line.
With encrypted communication, your payment data that you transmit to us cannot be read by third parties.
Objection to advertising e-mails
We hereby object to the use of contact data published within the framework of the imprint obligation to send advertising and information material that has not been expressly requested. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.
4. Data collection on this website
Cookies
Our Internet pages use so-called "cookies". Cookies are small data packets and do not cause any damage to your terminal device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your terminal device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or an automatic deletion by your web browser takes place.
In some cases, cookies from third-party companies may also be stored on your terminal device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services). Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or display advertising.
Cookies that are necessary to carry out the electronic communication process, to provide certain functions desired by you (e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 (1) lit. f DSGVO, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG); consent can be revoked at any time.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.
If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately within the framework of this privacy policy and, if necessary, request your consent.
Consent with Usercentrics
This website uses the consent technology of Usercentrics to obtain your consent to the storage of certain cookies on your terminal device or to the use of certain technologies and to document this consent in accordance with data protection law. The provider of this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany, website: https://usercentrics.com/de/ (hereinafter "Usercentrics").
When you enter our website, the following personal data is transferred to Usercentrics:
- Your consent(s) or revocation of your consent(s).
- Your IP address
- Information about your browser
- Information about your terminal device
- Time of your visit to the website
Furthermore, Usercentrics stores a cookie in your browser in order to be able to assign the consent(s) given or their revocation to you. The data collected in this way will be stored until you request us to delete it, until you delete the Usercentrics cookie yourself, or until the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected.
Usercentrics is used to obtain the legally required consent for the use of certain technologies. The legal basis for this is Art. 6 para. 1 lit. c DSGVO.
Contact form
If you send us inquiries via the contact form, your data from the inquiry form, including the contact data you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.
The processing of this data is based on Art. 6 (1) lit. b DSGVO, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests sent to us (Art. 6 (1) (f) DSGVO) or on your consent (Art. 6 (1) (a) DSGVO) if this was requested; the consent can be revoked at any time.
The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions - in particular retention periods - remain unaffected.
6. Social media
Facebook
Elements of the social network Facebook are integrated on this website. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.
You can find an overview of the Facebook social media elements here: https://developers.facebook.com/docs/plugins/?locale=de_DE.
Only when the social media element is active is a direct connection established between your end device and the Facebook server. Facebook thereby receives the information that you have visited this website with your IP address. If you click the Facebook "Like" button while you are logged into your Facebook account, you can link the content of this website on your Facebook profile. This allows Facebook to associate your visit to this website with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook.
You can find more information about this in Facebook's privacy policy at: https://de-de.facebook.com/privacy/explanation.
Insofar as consent has been obtained, the use of the above-mentioned service is based on Art. 6 Para. 1 lit. a DSGVO and § 25 TTDSG. The consent can be revoked at any time. Insofar as no consent has been obtained, the use of the service is based on our legitimate interest in achieving the greatest possible visibility in social media.
Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement.
You can find the text of the agreement at: https://www.facebook.com/legal/controller_addendum.
According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of the Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum,
https://de-de.facebook.com/help/566994660333381 und
https://www.facebook.com/policy.php.
Instagram
On this website, functions of the service Instagram are integrated. These functions are offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
When the social media element is active, a direct connection is established between your end device and the Instagram server. Instagram thereby receives information about your visit to this website.
If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to this website with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Instagram.
Insofar as consent has been obtained, the use of the above-mentioned service is based on Art. 6 para. 1 lit. a DSGVO and § 25 TTDSG. The consent can be revoked at any time. Insofar as no consent has been obtained, the use of the service is based on our legitimate interest in achieving the greatest possible visibility in social media.
Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook or Instagram. The processing by Facebook or Instagram that takes place after the forwarding is not part of the joint responsibility. Our joint obligations have been set forth in a Joint Processing Agreement. You can find the text of the agreement at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for issuing 11 / 19 the privacy information when using the Facebook or Instagram tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of the Facebook or Instagram products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook or Instagram directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum,
https://help.instagram.com/519522125107875
und https://de-de.facebook.com/help/566994660333381.
For more information, please see Instagram's privacy policy: https://instagram.com/about/legal/privacy/.
6. Newsletter
Newsletter data
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the specified e-mail address and agree to receive the newsletter. Further data will not be collected or only on a voluntary basis. For the handling of the newsletter we use newsletter service providers, which are described below.
Shopify Email
This website uses a service provided by Shopify E-Mail for sending newsletters. The provider is Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (hereinafter "Shopify"). Shopify is a service with which the newsletter dispatch can be organized and analyzed. The data you enter for the purpose of receiving newsletters (e.g. e-mail address) is stored on Shopify's servers.
Our newsletters sent with Shopify allow us to analyze the behavior of newsletter recipients. Here, among other things, it can be analyzed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a predefined action (e.g. purchase of a product on this website) has taken place after clicking on the link in the newsletter. For more information about Shopify newsletter data analysis, please visit:
https://www.shopify.de/legal/datenschutz.
The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
If you do not want any analysis by Shopify, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in each newsletter message.
The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe. Data that has been stored by us for other purposes remains unaffected by this.
7. Plugins and tools
YouTube with enhanced data protection
This website embeds videos from YouTube. The operator of the pages is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
We use YouTube in the extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the transfer of data to YouTube partners is not necessarily excluded by the extended data protection mode. Thus, YouTube - regardless of whether you watch a video - establishes a connection to the Google DoubleClick network.
As soon as you start a YouTube video on this website, a connection to YouTube's servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, YouTube can save various cookies on your end device after starting a video or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve the user experience, and prevent fraud attempts.
If necessary, further data processing operations may be triggered after the start of a YouTube video, over which we have no control.
YouTube is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.
For more information about data protection at YouTube, please see their privacy policy at: https://policies.google.com/privacy?hl=de.
Google Fonts
This site uses so-called Google Fonts, which are provided by Google, for the uniform display of fonts. When you call up a page, your browser loads the required fonts into your browser cache in order to display texts and fonts correctly. 13 / 19 For this purpose, the browser you are using must connect to Google's servers. Through this, Google obtains knowledge that this website was accessed via your IP address. The use of Google Fonts is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the uniform presentation of the typeface on its website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.
If your browser does not support Google Fonts, a standard font from your computer will be used.
You can find more information about Google Fonts at:
https://developers.google.com/fonts/faq and in Google's privacy policy: https://policies.google.com/privacy?hl=de.
Adobe Fonts
This website uses web fonts from Adobe for the uniform display of certain fonts. The provider is Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (Adobe).
When you access this website, your browser loads the required fonts directly from Adobe so that they can be displayed correctly on your terminal device. In doing so, your browser establishes a connection to Adobe's servers in the USA. This enables Adobe to know that your IP address has been used to access this website. According to Adobe, no cookies are stored when providing the fonts.
The storage and analysis of the data is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the uniform presentation of the typeface on its website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.adobe.com/de/privacy/eudatatransfers.html.
For more information on Adobe Fonts, please visit: https://www.adobe.com/de/privacy/policies/adobe-fonts.html.
Adobe's privacy policy can be found at: https://www.adobe.com/de/privacy/policy.html.
Google reCAPTCHA
We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on this website. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA is to verify whether data entry on this website (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run entirely in the background. Website visitors are not notified that an analysis is taking place.
The storage and analysis of the data is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in protecting its web offers from abusive automated spying and from SPAM. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.
For more information on Google reCAPTCHA, please refer to the Google Privacy Policy and the Google Terms of Use at the following links:
https://policies.google.com/privacy?hl=de and
https://policies.google.com/terms?hl=de.
SoundCloud
Plugins of the social network SoundCloud (SoundCloud Limited, Berners House, 47-48 Berners Street, London W1T 3NF, United Kingdom.) may be integrated on this website. You can recognize the SoundCloud plugins by the SoundCloud logo on the pages concerned.
When you visit this website, a direct connection between your browser and the SoundCloud server is established after activation of the plugin. SoundCloud thereby receives the information that you have visited this website with your IP address. If you click the "Like button" or "Share button" while logged into your SoundCloud user account, you can link and/or share the content of this website with your SoundCloud profile. This allows SoundCloud to associate your visit to this website with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by SoundCloud.
The storage and analysis of the data is based on Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in ensuring the greatest possible visibility in social media. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. DeviceFingerprinting) as defined by the TTDSG. Consent can be revoked at any time.
The United Kingdom is considered a secure third country under data protection law. This means that the United Kingdom has a level of data protection that corresponds to the level of data protection in the European Union.
For more information, please see SoundCloud's privacy policy at: https://soundcloud.com/pages/privacy.
If you do not want SoundCloud to associate your visit to this website with your SoundCloud user account, please log out of your SoundCloud user account before activating any SoundCloud plugin content.
Spotify
On this website, functions of the music service Spotify are integrated. The provider is Spotify AB, Birger Jarlsgatan 61, 113 56 Stockholm in Sweden. You can recognize the Spotify plugins by the green logo on this website. You can find an overview of the Spotify plugins at: https://developer.spotify.com.
This allows a direct connection between your browser and the Spotify server to be established via the plugin when you visit this website. Spotify thereby receives the information that you have visited this website with your IP address. If you click the Spotify button while logged into your Spotify account, you can link the content of this website on your Spotify profile. This allows Spotify to associate your visit to this website with your user account.
We would like to point out that cookies from Google Analytics are used when using Spotify, so that your usage data can also be passed on to Google when using Spotify. Google Analytics is a tool of the Google Group for analyzing user behavior based in the USA. Spotify is solely responsible for this integration. We as website operator have no influence on this processing.
The storage and analysis of the data is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the appealing acoustic design of its website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.
For more information, please see Spotify's privacy policy: https://www.spotify.com/de/legal/privacy-policy/.
If you do not want Spotify to associate your visit to this website with your Spotify user account, please log out of your Spotify user account.
Sanity IO
We use functions of the headless content management software (CMS) of the provider Sanity IO on our website. The provider is Sanity IO, Trondheimsveien 2k, 0560 Oslo in Norway. The headless CMS allows reduced loading times of e.g. media files through prior rendering or an interface to integrate text and media files into the programmed website.
8. eCommerce and payment providers
Processing of customer and contract data
We collect, process and use personal customer and contract data for the purpose of establishing, defining the content of and amending our contractual relationships. We collect, process and use personal data about the use of this website (usage data) only to the extent necessary to enable the user to use the service or to bill the user. The legal basis for this is Art. 6 para. 1 lit. b DSGVO.
The collected customer data will be deleted after completion of the order or termination of the business relationship and expiration of any existing legal retention periods. Legal retention periods remain unaffected.
Data transfer upon conclusion of the contract for online stores, retailers and shipment of goods
If you order goods from us, we will pass on your personal data to the transport company entrusted with the delivery and to the payment service provider entrusted with the payment processing. Only such data is released that the respective service provider requires to fulfill its task. The legal basis for this is Art. 6 (1) lit. b DSGVO, which permits the processing of data for the fulfillment of a contract or pre-contractual measures. If you have given the relevant consent in accordance with Art. 6 (1) lit. a DSGVO, we will hand over your e-mail address to the transport company entrusted with the delivery so that they can inform you by e-mail about the shipping status of your order; you can revoke your consent at any time.
Payment services
We incorporate third-party payment services on our website. When you make a purchase from us, your payment information (e.g. name, payment amount, account details, credit card number) is processed by the payment service provider for the purpose of processing the payment. For these transactions, the respective contract and data protection provisions of the respective providers apply. The payment service providers are used on the basis of Art. 6 para. 1 lit. b DSGVO (contract processing) and in the interest of a smooth, convenient and secure payment process (Art. 6 para. 1 lit. f DSGVO). Insofar as your consent is requested for certain actions, Art. 6 para. 1 lit. a DSGVO is the legal basis for data processing; consents can be revoked at any time for the future.
We use the following payment services / payment service providers within the scope of this website:
PayPal
The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal").
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.
For details, please refer to PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Apple Pay
Provider of the payment service is Apple Inc, Infinite Loop, Cupertino, CA 95014, USA. You can find Apple's privacy policy at: https://www.apple.com/legal/privacy/de-ww/.
Google Pay
The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. You can find Google's privacy policy here: https://policies.google.com/privacy.
giropay
Provider of this payment service is paydirekt GmbH, Stephanstraße 14 - 16, 60313 Frankfurt am Main (hereinafter "giropay"). Details can be found in the privacy policy of giropay: https://www.paydirekt.de/agb/index.html.
Shopify Payment
The provider of this payment service in the EU is Shopify International Limited, 2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (hereinafter "Shopify Payment"). For details, please see Shopify Payment's privacy policy: https://www.shopify.de/legal/datenschutz.
American Express
The provider of this payment service is American Express Europe S.A., Theodor-Heuss-Allee 112, 60486 Frankfurt am Main, Germany (hereinafter "American Express").
American Express may transfer data to its parent company in the USA. The data transfer to the USA is based on the Binding Corporate Rules. Details can be found here: https://www.americanexpress.com/en-pl/company/legal/privacy-centre/european-implementingprinciples/.
For further information, please refer to the American Express privacy policy: https://www.americanexpress.com/de/legal/online-datenschutzerklarung.html.
KLARNA
Klarna provider is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter "Klarna"). Klarna offers various payment options (e.g. installment purchase). If you choose to pay with Klarna (Klarna checkout solution), Klarna will collect various personal data from you. Klarna uses cookies to optimize the use of the Klarna checkout solution. Details on the use of Klarna cookies can be found at the following link: https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf. Details can be found in Klarna's privacy policy at the following link: https://www.klarna.com/de/datenschutz/.
Mastercard
The provider of this payment service is Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium (hereinafter "Mastercard").
Mastercard may transfer data to its parent company in the USA. The data transfer to the USA is based on Mastercard's Binding Corporate Rules. Details can be found here:
https://www.mastercard.de/de-de/datenschutz.html and https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf.
VISA
The provider of this payment service is Visa Europe Services Inc, London Branch, 1 Sheldon Square, London W2 6TT, United Kingdom (hereinafter "VISA").
The United Kingdom is considered a secure third country under data protection law. This means that the United Kingdom has a level of data protection equivalent to the level of data protection in the European Union.
VISA may transfer data to its parent company in the USA. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung/mitteilung-zuzustandigkeitsfragen-fur-den-ewr.html.
For further information, please refer to VISA's privacy policy: https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.