data protection

We run our websites according to the following principles:

We are committed to complying with legal data protection regulations and strive to always take into account the principles of data avoidance and data minimization.

1. Name and address of the person responsible and the data protection officer

a) The person responsible

The person responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the member states of the European Union as well as other data protection regulations is:

MOe Beauty Group GmbH & Co.KG

At Leimengrube 21,

74243 Langenbrettach

Tel.: 01739-93770

Fax: 07139-9377100

E-mail: info@n2.de

b) The data protection officer

You can reach the data protection officer of the person responsible as follows:

ESB DATA

Dr. Jens Brücking

Schockenriedstraße 8A, 70565 Stuttgart

2. Explanations of terms

We have designed our data protection declaration according to the principles of clarity and transparency. If there are any uncertainties regarding the use of different terms, the corresponding definitions can be found here can be viewed.

3. Legal basis for processing data

Processing of personal data according to the GDPR

We process your personal data such as your first and last name, your email address and IP address, etc. only if there is a legal basis for this. According to the General Data Protection Regulation, the following regulations in particular come into consideration here:

6 Paragraph 1 Sentence 1 Letter a GDPR: The data subject has given their consent to the processing of personal data concerning them for one or more specific purposes.
6 Paragraph 1 Sentence 1 Letter b GDPR: Processing is necessary for the performance of a contract to which the data subject is a party or to carry out pre-contractual measures that are carried out at the request of the data subject.
6 Paragraph 1 Sentence 1 Letter c GDPR: Processing is necessary to fulfill a legal obligation to which the person responsible is subject
6 Paragraph 1 Sentence 1 Letter d GDPR: Processing is necessary to protect the vital interests of the data subject or another natural person
6 Paragraph 1 Sentence 1 Letter e GDPR: the processing is necessary for the performance of a task that is in the public interest or in the exercise of official authority vested in the person responsible
6 Paragraph 1 Sentence 1 Letter f GDPR: processing is necessary to safeguard the legitimate interests of the controller or a third party, unless the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, outweigh this, in particular , if the person concerned is a child

However, we will always point out to you at the relevant points in this data protection declaration the legal basis on which the processing of your personal data takes place.

Consent of the legal guardians in accordance with Art. 8 Para. 1 Sentence 2 Alt. 2 GDPR

A legal guardian must consent to all data processing on this website for which the consent of a minor who has not yet reached the age of 16 is required.

Information about the individual data processing operations, their purposes and the data categories affected, for which the consent of the person concerned is required, can be found in the data protection declaration.

You can revoke your consent at any time by sending the declaration of revocation in text form to the contact details of the person responsible. Processing until revocation remains lawful.

c) Processing of information in accordance with Section 25 Paragraph 1 TTDSG

We also process information in accordance with Section 25 Paragraph 1 TTDSG by storing information on your device or accessing information that is already stored in your device. This can include both personal information and non-personal information, such as cookies, browser fingerprints, advertising IDs, MAC addresses and IMEI numbers. Terminal equipment is any device that is directly or indirectly connected to the interface of a public telecommunications network for sending, processing or receiving messages, Section 2 Paragraph 2 No. 6 TTDSG.

We usually process this information based on your consent, Section 25 Paragraph 1 TTDSG.

If there is an exception according to Section 25 Paragraph 2 No. 1 and No. 2 TTDSG, we do not require your consent. Such an exception applies if we access or store the information solely to transmit a message over a public telecommunications network or if this is strictly necessary so that we can provide a telemedia service that you have specifically requested. You can revoke your consent at any time.

We would like to inform you that revoking your consent will not affect the lawfulness of the processing carried out based on your consent before its revocation.

4. Disclosure of personal data

The passing on of personal data also involves processing within the meaning of the previous section 3. However, at this point we would like to inform you separately about the topic of passing on to third parties. The protection of your personal data is very important to us. For this reason, we are particularly careful when it comes to passing on your data to third parties.

Data will therefore only be passed on to third parties if there is a legal basis for the processing. For example, we pass on personal data to people or companies who work for us as processors in accordance with Art. 28 GDPR. A processor is anyone who processes personal data on our behalf - i.e. in particular in an instruction and control relationship with us

In accordance with the requirements of the GDPR, we conclude a contract with each of our processors in order to oblige them to comply with data protection regulations and thus guarantee your data comprehensive protection.

5. Storage period and deletion

We will delete your personal data to the extent that it is no longer necessary for the purposes for which it was collected or otherwise processed, and the processing is not carried out to exercise the right to freedom of expression and information, or to fulfill a legal obligation reasons of public interest or to assert, exercise or defend legal claims.

6. SSL or TLS encryption

This website uses for security reasons and to protect the transmission of confidential content, such as: B. the requests that you send to us as the website operator use SSL or TLS encryption. You can recognize an encrypted connection by the browser's address line changing from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

7. Cookies

We use cookies on our website. Cookies are small data packages that your browser automatically creates and that are stored on your device when you visit our website. These cookies are used to store information related to the device used.

When using cookies, a distinction is made between technically necessary cookies and “other” cookies. Technically necessary cookies exist when they are absolutely necessary to provide an information society service that you have expressly requested.

Technically necessary cookies

In order to make the use of our offer more pleasant for you, we use technically necessary cookies. These can be so-called session cookies (e.g. choice of language and font, shopping cart, etc.), consent cookies, cookies to ensure server stability and security, etc . Ä. act. The legal basis for the cookies arises from Article 6 Paragraph 1 Sentence 1 Letter f) GDPR, our legitimate interest in the error-free operation of the website and the interest in providing you with our services in an optimized manner.

More cookies

Other cookies include cookies for statistical, analytical, marketing and retargeting purposes.

We use these cookies for you based on your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a) GDPR.

You can revoke your consent to the use of cookies at any time.

We would like to inform you that revoking your consent will not affect the lawfulness of the processing carried out based on your consent before its revocation.

To do this, you can either edit your cookie settings on our website, deactivate the use of cookies in your browser settings (which may also limit the functionality of the online offering) or, in individual cases, set an opt-out for the relevant service.

For each service, we will inform you in the data protection declaration on which legal basis this data is processed.

Change cookie settings

8. Cookie banners

To obtain consent for the cookies we use, we use the cookie banner of the service provider Consentmo Ltd., 4 Prof. Georgi Bradistilov, entr. A, 4th floor, Sofia, Bulgaria. This itself sets a so-called consent cookie in order to query and process the respective consent status. This consent cookie is technically necessary and is therefore used based on our legitimate interest in accordance with Article 6 Paragraph 1 Sentence 1 Letter f GDPR, Section 25 Paragraph 1 TTDSG.

9. Collection and storage of personal data as well as their type and purpose of use

External hosting

Our website is located at Shopify International Limited, Victoria Buildings, 2nd Floor

1-2 Haddington Road Dublin 4, D04 XN32, Ireland. For this reason, all personal data collected on our website is stored on our host's servers, unless an external third-party service is integrated. This can be the IP address, your email address, communication data or similar. You can find out what specific personal data is involved in the individual functions and services we explain below. If we use an external service from a third party, this will be made clear in the description of the respective service or tool.

The hoster only processes your data on our instructions and to the extent that this is necessary to fulfill the services on the website. The hoster does not process the data for its own purposes. We have a contract for order processing [4] closed with this.

b) When visiting the website

When you access our website, the browser used on your device automatically sends information to our website server. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted:

IP address of the requesting computer
Date and time of access
Name and URL of the retrieved file
Website from which access is made (referrer URL)
browser used and, if applicable, the operating system of your computer as well as the name of your access provider

The data mentioned will be processed by us for the following purposes:

Ensuring a smooth connection to the website
Ensuring comfortable use of our website
Evaluation of system security and stability
Error analysis

Data that allows us to identify you personally, such as your IP address, will be deleted after 7 days at the latest. If we store the data beyond this period, this data will be pseudonymized so that it can no longer be assigned to you.

The legal basis for data processing is Article 6 Paragraph 1 Sentence 1 Letter f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally.

Shop system

To offer our goods/services, we use the shop system of Shopify International Limited, Victoria Buildings, 2nd Floor 1-2 Haddington Road Dublin 4, D04 XN32, Ireland.

The data you provide will therefore also be processed by our shop provider as part of the operation of the shop system. In addition, the shop system may set additional cookies.

For this reason, we have concluded a contract for data processing/standard contractual clauses with them.

Further information on data protection can be found at:

https://www.shopify.com/de/legal/datenschutz

contractual relationship

Conclusion of contract

As part of the establishment of the contractual relationship, only the personal data absolutely necessary for the execution of the contract will be processed in accordance with Article 6 Paragraph 1 Sentence 1 Letter b of the GDPR.

If you provide additional voluntary information, this will only be processed based on your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a of the GDPR [5] . We use this voluntary information to offer a customer-friendly service and to continually improve it.

Customer account [6]

You have the option of creating a customer account with us. For this purpose, in addition to your personal data for contract processing, your other voluntary information as well as the purchases you have made from us in the past are stored and processed. You can access this at any time and get an overview of the purchases you have made with us. This data is used so that you can easily log in with your login data for your next purchase. It is also intended to help you manage your purchasing activities.

The legal basis arises from the consent you have given in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR.

You have the option to change or delete your data in the customer account at any time and to delete the account as a whole. If you use this function, your customer account and all the data it contains will be deleted immediately.

Transfer of data for shipping

We pass on the data necessary for shipping our goods (first name and surname, address, e-mail address, telephone number if required due to shipping goods) to the relevant shipping service provider for notification/coordination for the delivery of the goods and for the delivery of the goods.

The legal basis for the transfer results from Article 6 Paragraph 1 Sentence 1 Letter b GDPR.

In this context, we will pass on your data to one of the following shipping service providers [7] further. You will then receive further information about the processing of your data from them:

UPS

UPS Europa SA, Ave Ariane 5, Brussels, B-1200, Belgium: https://www.ups.com/de/de/help-center/legal-terms-conditions/privacy-notice.page?

Passing on of data when using online payment service providers

If you decide to pay with one of the online payment service providers we offer as part of your ordering process, your contact details will be transmitted to them as part of the order placed in this way. The legality of passing on the data results from Article 6 Paragraph 1 Sentence 1 Letter b GDPR, to carry out the payment method you have chosen and our legitimate interests in accordance with Article 6 Paragraph 1 Clause 1 Letter f GDPR Enabling user-friendly and straightforward payment processing.

The personal data transmitted to the online payment service provider is usually first name, last name, address, telephone number, IP address, email address, or other data that is necessary for order processing, as well as data that is related to this with the order, such as number of items, item number, invoice amount and taxes in percent, invoice information, etc.

This transmission is necessary to process your order with the payment method you selected, in particular to confirm your identity, to administer your payment and the customer relationship.

Please note, however, that the online payment service provider may also pass on personal data to service providers, subcontractors or other affiliated companies to the extent that this is necessary to fulfill the contractual obligations arising from your order or the personal data is to be processed in the order.

Depending on the payment method selected, e.g. invoice or direct debit, the personal data transmitted to the provider will be transmitted by the provider to credit reporting agencies. This transmission serves to check your identity and creditworthiness in relation to the order you have placed. You can find out which credit agencies these are and which data is generally collected, processed, stored and passed on by the respective provider in the respective data protection declarations of the providers:

PayPal

PayPal (Europe) S.à.rl & Cie. SCA, 22-24 Boulevard Royal, L-2449 Luxembourg at https://www.paypal.com/de/webapps/mpp/ua/privacy-full

Instant bank transfer

SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany

If you have any further questions about the use of your personal data, you can contact Sofortüberweisung by email (datenschutz@sofort.com) or in writing (SOFORT GmbH, Data Protection, Theresienhöhe 12, 80339 Munich).

Further information on data protection:

https://cdn.klarna.com/1.0/shared/content/legal/terms/de/bt_payment_data_privacy

Klarna

Klarna AB, registered office Sveavägen 46, 111 34 Stockholm, Sweden

You can also obtain further information on data protection directly from Klarna:

Klarna AB’s privacy policy

You can obtain information about the personal data stored by Klarna at any time by contacting Datenschutz@klarna.de .

Credit card payment

If you decide to pay by credit card, we collect and process your necessary personal data and forward it to the card issuing institution for payment processing and to fulfill legal requirements, such as customer authentication in accordance with the EU Payment Services Directive PSD2.

This data is forwarded for payment processing in accordance with Article 6 Paragraph 1 Sentence 1 Letter b) GDPR and to fulfill our legal obligation to carry out strong customer authentication in accordance with Article 6 Paragraph 1 Clause 1 Letter c) GDPR in conjunction with Directive EU 2015/2366 (PSD 2) and the Payment Services Supervision Act (ZAG) on combating money laundering and criminal prosecution.

The technical processing of credit card payments is carried out by Shopify Payments, Victoria Biuldings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04XN32 Ireland. This was commissioned for the technical control of payment transactions including the implementation of the 3D Secure 2.0 process in accordance with Article 28 GDPR. Other recipients of the data are the banks involved (on the one hand, the card-issuing bank - the issuer - and on the other hand, the merchant's credit card-accepting bank - the acquirer.

The data protection regulations for Shopify Payments can be found at https://www.shopify.com/de/legal/datenschutz .

Newsletter [8]

Content of the newsletter and registration details

The sending of our newsletter as well as the carrying out of statistical surveys and analyzes as well as the logging of the registration process only takes place if you order it from us and your corresponding consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR, Section 25 Paragraph 1 TTDSG.

The contents of the newsletter are specifically described when you register for the newsletter. To register for the newsletter, it is sufficient to provide your email address. If you provide further voluntary information such as your name and/or gender, this will only be used to personalize the newsletter addressed to you.

Double opt-in and logging

To register for our newsletter, we use the so-called double opt-in procedure for security reasons so that no one can register with someone else's email address. After registering for our newsletter, you will first receive an email asking you to confirm your registration. This only becomes effective once your registration is confirmed.

Furthermore, your registration for the newsletter will be logged. The logging includes the storage of the registration and confirmation time, the data you provide and your IP address. If you make changes to your data, these changes will also be logged.

revocation

If you no longer wish to receive our newsletter, you can revoke your consent at any time in the future. To do this, you can click on the unsubscribe link at the end of each newsletter or send us an email to the following email address: info@n2.de

The revocation of consent does not affect the lawfulness of the processing carried out based on the consent before its revocation.

Use of “The Newsletter Plugin” from Wordpress

We send our newsletter using the newsletter service “The Newsletter Plugin” from Wordpress, which is offered by Automattic Inc. (60 29th Street #343, San Francisco, CA 94110, USA). This tool gives us the opportunity to evaluate how many subscribers the newsletter has and how this newsletter is opened and used.

contact form

We provide you with a form on our website so that you have the opportunity to contact us at any time. To use the contact form, it is necessary to provide a name for a personal salutation and a valid email address to contact you so that we know who the request comes from and can process it.

If you send us inquiries using the contact form, your details from the inquiry form, including the contact details you provided there and your IP address, will be used in accordance with Article 6 Paragraph 1 Sentence 1 Letters b and f of the GDPR in order to carry out pre-contractual measures at your request or processed to pursue our legitimate interest, namely to carry out our business activities.

The inquiries and the associated data will be sent no later than 3 months deleted upon receipt unless they are required for a further contractual relationship.

g) Use of Google

We use the reCAPTCHA service from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) on our websites in our contact form in order to be able to distinguish between input by a human or by automated, abusive, machine processing. We have a legitimate interest in protecting our web offerings from abusive automated spying and SPAM.

When you query the reCAPTCHA service, both your IP address and any other data required by Google for the reCAPTCHA service are forwarded to Google and further processed there.

When using reCAPTCHA, you must accept Google's Terms of Service. There is a separate field for this. We have activated IP anonymization on this website so that your IP address is previously shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

On our behalf, Google will use this information to evaluate your use of this service. The IP address transmitted by your browser as part of reCaptcha is not merged with other Google data. The different data protection regulations of Google apply to this data.

We have concluded an order processing contract with Google.

For more information about Google's privacy policy, please visit: https://www.google.com/intl/de/policies/privacy/ .

By integrating reCAPTCHA, Google's Google Fonts are also dynamically reloaded without the website operator or visitor actively determining this. These web fonts are integrated via a server call, usually a Google server in the USA. This may result in the following being transmitted to the server and stored by Google:

Name and version of the browser used
Website from which the request was triggered (referrer URL)
Operating system of your computer
Screen resolution of your computer
IP address of the requesting computer
Language settings of the browser or operating system that the user uses

Further information can be found in Google's data protection information, which you can access here:

www.google.com/fonts#AboutPlace:about

www.google.com/policies/privacy/

The use of Google reCAPTCHA is based on your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR.

10. Analysis and tracking tools

We use the analysis and tracking tools listed below on our website. These serve to ensure the ongoing optimization of our website and to design it in line with needs.

We use these tools based on the consent you have given in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR. You can revoke your consent at any time by changing the cookie settings. Processing until revocation remains lawful.

The respective data processing purposes and data categories can be found in the corresponding tools. We would like to point out that we have no influence on whether and to what extent the service providers carry out further data processing.

a) Google Analytics

We use Google Analytics, a web analysis service from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter “Google”) on our website.

Google Analytics uses cookies in this context (see section 7). The information generated by the cookie about your use of this website such as

Name and version of the browser used
Operating system of your computer
Website from which access is made (referrer URL)
IP address of the requesting computer
Time of server request

are usually transferred to a Google server in the USA and stored there.

Your IP address is automatically anonymized by Google before it is recorded across EU domains and servers. There is therefore no logging or storage of your IP address.

On our behalf, Google will use this information to evaluate your use of our website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics is not combined with other Google data.

We have concluded an order processing contract with Google [15] .

Please click here for an overview of data protection at Google. [ https://support.google.com/analytics/answer/6004245 ]

b) Google Remarketing

We use the remarketing function of Google Analytics to direct advertising campaigns - including Google AdWords campaigns - to visitors to our website.

Based on your previous visits to our website, you will be presented with relevant advertisements when you visit other websites in the Google Display Network.

The DoubleClick cookie enables Google to show us and other third parties targeted advertising that matches the interests determined based on your previous visits to our website and/or other websites. This advertising may be displayed on websites owned by Google and/or other operators of the Google advertising network. We also use the Google Analytics advertising features to analyze the effectiveness of our own advertising campaigns.

If you have agreed in your Google Account that your web and app browsing history will be linked by Google to your Google Account and that information from your Google Account will be used to personalize ads, Google will use data from you together with Google Analytics -Data to create audience lists for cross-device remarketing. To do this, Google Analytics first collects Google-authenticated IDs for you as a user on our website, which are linked to your Google account. Google Analytics then temporarily links these IDs with Google Analytics data to optimize our target groups.

We have concluded an order processing contract with Google [16] .

Please click here for an overview of data protection at Google. [ https://support.google.com/analytics/answer/6004245 ]

c) Google Ads Conversion Tracking

On our website we use Google Ads, an online advertising program from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). Conversion tracking is also used. With this tool, Google Ads sets a cookie on your device when you come to our website via a Google ad.

The cookie does not serve any personal traceability. If you as a user visit our website and the cookie is still working, we will be able to see, together with Google, that you have clicked on the relevant ad and have been redirected to our site. Each Google Ads customer is assigned a different cookie. Cookies cannot be tracked via the websites of Ads customers.

The data collected through conversion cookies is used to create conversion statistics for Ads customers. As Google Ads customers, we find out the total number of users who responded to our ad and were then directed to a website that was provided with a conversion tracking tag. This allows us to recognize the success of individual advertising measures. During this process, we do not receive any information with which we could personally identify you as a user.

When using Google Ads, your browser automatically establishes a direct connection with the Google server and, if you have a Google account and are logged in, can assign the visit to your account. If you don't have a Google account, Google will give you your own ID. We have no influence on what other data Google collects and stores.

We have concluded an order processing contract with Google.

You can find out more about Google's data protection regulations at http://www.google.de/policies/privacy/ .

d) Google AdSense

We use the Google AdSense service from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) on our website to integrate advertisements.

Google AdSense uses cookies. These are files that, by storing them on your device, allow Google to analyze the data about your use of our website. In addition, Google AdSense also uses web beacons, invisible graphics that enable Google to analyze clicks on our website, traffic on it and similar information.

The information obtained via cookies and web beacons, your IP address and the delivery of advertising formats are transmitted to a Google server located in the USA and stored there. Google may pass on this collected information to third parties if this is required by law or if Google commissions third parties to process the data. However, Google will not combine your IP address with the other stored data.

We have concluded an order processing contract with Google [19] .

You can find out more about Google's data protection regulations at

http://www.google.de/policies/privacy/ .

e) Facebook conversion pixels

We use the “conversion pixel” or visitor action pixel from Meta Platforms Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland). By calling up this pixel from your browser, Meta Platforms can subsequently recognize whether a Facebook ad was successful, e.g. B. led to an online purchase.

We only receive statistical data from Meta Platforms without reference to a specific person. This allows us to record the effectiveness of Facebook advertisements for statistical and market research purposes. In particular, if you are logged in to Facebook, we refer you to their data protection information https://www.facebook.com/about/privacy/ .

11. Social media

The social media plugins listed below are used on our website to make our website better known. The legal basis for the use of the social media plugins arises from your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR.

The responsibility for data protection-compliant operation must be ensured by the respective provider.

a) Facebook “Like” plugin

The Facebook “Like” plugin is integrated into this website. You can recognize it by the blue Facebook logo and the addition “Like” next to it. The plugin is operated by Meta Platforms Ireland Limited (Hanover Reach, 5-7 Hanover Quay, Dublin 2 Ireland) and is directly connected to the Meta Platforms servers. Data will not be passed on to the website operator.

As soon as you activate the plugin, it collects, uses and transmits data to Meta Platforms - independently of this website - to the extent and for the purpose set out in Facebook's data protection guidelines http://www.facebook.com/policy.php (including the information that and when you visited this website). If you actively use the plugin (e.g. by clicking the “Like” button), this information will also be transmitted to Meta Platforms and used there.

The type, scope and purpose of the data collected depends on whether you are registered and/or logged in to Facebook. However, data will only be assigned to your Facebook account if you are currently logged in to Facebook. This means that you should log out of Facebook before visiting this website if you want to prevent any association with your Facebook profile. Meta Platforms may also process the data collected in third countries in accordance with the Facebook data protection guidelines.

The most frequently asked questions about the data protection of the plugin are generally understandable below http://www.facebook.com/help.php?page=1068 explained.

b) Pinterest

On our site we use the plugin for the social network Pinterest, which is provided by Pinterest Europe Ltd. (Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland).

When you activate the plugin, your browser establishes a direct connection to Pinterest's servers. The plugin transmits log data to Pinterest’s server in the USA. This log data may contain your IP address, the address of the websites visited that also contain Pinterest functions, the type and settings of the browser, the date and time of the request, how you use Pinterest and cookies.

Further information on the purpose, scope and further processing and use of data by Pinterest as well as your related rights and options for protecting your privacy can be found in Pinterest's data protection information:

https://policy.pinterest.com/de/privacy-policy

c) Instagram

On our websites we use functions of the Instagram service, which is provided by Meta Platforms Ireland Ltd. (Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland).

If you click on the Instagram button on our website, the content of our website will be linked to your Instagram profile. However, this is only possible if you are logged into your Instagram account.

We would like to point out that, as the website provider, we have no knowledge of the content of the transmitted data or its use by Instagram.

Further information can be found in Instagram's privacy policy: http://instagram.com/about/legal/privacy/

12. Image, sound and video integration

YouTube

Our website uses the YouTube plugin, which is operated by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland).

If you activate the YouTube plugin during your visit, a connection will be established to YouTube's servers and the YouTube server will be informed which of our pages you have visited. This allows YouTube to assign your surfing behavior directly to your personal profile. You can prevent this if you log out of your member account before visiting our website.

Further information on how user data is handled can be found in YouTube's privacy policy at: https://www.google.de/intl/de/policies/privacy

By integrating YouTube, Google's Google Fonts are also dynamically reloaded without the website operator or visitor actively determining this. These web fonts are integrated via a server call, usually a Google server in the USA. This may result in the following being transmitted to the server and stored by Google:

Name and version of the browser used
Website from which the request was triggered (referrer URL)
Operating system of your computer
Screen resolution of your computer
IP address of the requesting computer
Language settings of the browser or operating system that the user uses

Further information can be found in Google's data protection information, which you can access here:

www.google.com/fonts#AboutPlace:about

www.google.com/policies/privacy/

The legal basis arises from the consent you have given in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR. You can revoke your consent at any time by changing the cookie settings on our website.

13. Rights of the person concerned

You have the following rights:

a) Information

In accordance with Art. 15 GDPR, you have the right to request information about your personal data processed by us. This right to information includes information about

the processing purposes
the categories of personal data
the recipients or categories of recipients to whom your data has been or will be disclosed
the planned storage period or at least the criteria for determining the storage period
the existence of a right to correction, deletion, restriction of processing or objection
the existence of a right to lodge a complaint with a supervisory authority
the origin of your personal data, if it was not collected by us
the existence of automated decision-making, including profiling and, if necessary, meaningful information about its details

b) Correction

According to Art. 16 GDPR, you have the right to immediately correct any incorrect or incomplete personal data we have stored.

deletion

According to Art. 17 GDPR, you have the right to request that we delete your personal data immediately, unless further processing is necessary for one of the following reasons:

the personal data are still necessary for the purposes for which they were collected or otherwise processed
to exercise the right to freedom of expression and information
to fulfill a legal obligation which requires processing under the law of the European Union or the Member States to which the controller is subject, or to carry out a task carried out in the public interest or in the exercise of official authority vested in the controller
for reasons of public interest in the area of public health in accordance with Article 9 Paragraph 2 Letters h and i and Article 9 Paragraph 3 GDPR
for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes in accordance with Article 89 Para. 1 GDPR, insofar as the law mentioned under section a) is likely to make the achievement of the objectives of this processing impossible or seriously impair it
to assert, exercise or defend legal claims

d) Restriction of processing

In accordance with Art. 18 GDPR, you can request the restriction of the processing of your personal data for one of the following reasons:

You dispute the accuracy of your personal data.
The processing is unlawful and you refuse to delete the personal data.
We no longer need the personal data for the purposes of processing, but you need it to assert, exercise or defend legal claims.
You object to the processing in accordance with Art. 21 Para. 1 GDPR.

e) Instruction

If you have requested the correction or deletion of your personal data or a restriction of processing in accordance with Art. 16, Art. 17 or Art. 18 GDPR, we will inform all recipients to whom your personal data has been disclosed, unless this proves to be impossible or involves disproportionate effort. You can request that we inform you of these recipients.

f) Transmission

You have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format.

You also have the right to request that this data be transmitted to a third party, provided that the processing was carried out using automated procedures and is based on consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a or Article 9 Paragraph 2 Letter a or based on a contract in accordance with Article 6 Paragraph 1 Sentence 1 Letter b GDPR.

g) Revocation

In accordance with Art. 7 Para. 3 GDPR, you have the right to revoke your consent to us at any time. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent before its revocation. In the future, we will no longer be allowed to continue data processing based on your revoked consent.

h) Complaint

According to Art. 77 GDPR, you have the right to complain to a supervisory authority if you believe that the processing of your personal data violates the GDPR.

i) Contradiction

If your personal data is processed on the basis of legitimate interests in accordance with Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 of the GDPR, provided there are reasons for doing so. which arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which we will implement without specifying the particular situation. If you would like to exercise your right of withdrawal or objection, simply send an email to info@n2.de.

j) Automated decision-making in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision

is necessary for the conclusion or performance of a contract between you and us
is permitted by the laws of the European Union or the Member States to which we are subject and such laws contain appropriate measures to safeguard your rights and freedoms and your legitimate interests

with your express consent

However, these decisions may not be based on special categories of personal data in accordance with Article 9 Paragraph 1 GDPR, unless Article 9 Paragraph 2 Letters a or g GDPR applies and appropriate measures have been taken to protect your rights and freedoms as well as your legitimate interests .

With regard to the cases mentioned in i) and iii), we take appropriate measures to protect your rights and freedoms as well as your legitimate interests, including at least the right to obtain human intervention on our part, to express one's own point of view and to contest the decision belongs.