Privacy Policy

Data protection is of particularly high importance to Love & Other Stories (hereinafter: Provider). The use of the Provider's website is generally possible without providing any personal data. However, if a data subject wishes to make use of special services offered via our website, the processing of personal data may become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain consent from the data subject.

The processing of personal data, such as the name, address, email address or telephone number of a data subject, shall always be in line with the General Data Protection Regulation and in accordance with the country-specific data protection provisions applicable to the controller. By means of this data protection declaration, our company wishes to inform the public about the nature, scope and purpose of the personal data collected, used and processed by us. Furthermore, data subjects shall be informed of their rights by means of this data protection declaration.

The provider, as the controller of the processing, has implemented numerous technical and organisational measures to ensure the most complete protection possible of the personal data processed via this website. Nevertheless, internet-based data transmissions can fundamentally have security gaps, so that absolute protection cannot be guaranteed. For this reason, it is free for every data subject to transmit personal data to us via alternative means, for example by telephone.

Definitions

The provider's privacy policy is based on the terminology used by the European legislator when enacting the General Data Protection Regulation (GDPR). Our privacy policy is intended to be easily readable and understandable for both the public and our customers and business partners. To ensure this, we would like to explain the terms used in advance.

In this privacy policy, we use the following terms, among others:

Personal data

Personal data is any information relating to an identified or identifiable natural person (hereinafter referred to as the „data subject“). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Affected person

The data subject is any identifiable natural person whose personal data is processed by the controller.

Processing

Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of restricting its future processing.

Profiling

Profiling is any form of automated processing of personal data that consists of using that personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's work performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

Pseudonymisation

Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

Controller

Controller or data controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

Data processor

A processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Recipient

The recipient is a natural or legal person, public authority, agency or other body to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

Third

A third party is a natural or legal person, public authority, agency or other body, other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

Consent

Consent is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Name and address of the controller

The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is:

Love & Other Stories

Address: see imprint

E-mail: hello@loveandotherstories.de

Website: www.loveandotherstories.de

Cookies

The provider's websites use cookies. Cookies are text files that are placed and stored on a computer system via an internet browser.

Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier for the cookie. It consists of a string of characters by which websites and servers can be assigned to the specific internet browser in which the cookie was stored. This allows the visited websites and servers to distinguish the individual browser of the affected person from other internet browsers containing other cookies. A specific internet browser can be recognised and identified via the unique cookie ID.

By using cookies, the provider can offer users of this website more user-friendly services that would not be possible without setting cookies.

Using a cookie, the information and offers on our website can be optimised for the user. As already mentioned, cookies enable us to recognise users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, a user of a website that uses cookies does not have to re-enter their login details every time they visit the website, because this is handled by the website and the cookie stored on the user's computer system. Another example is the cookie used for a shopping basket in an online shop. The online shop remembers the items that a customer has placed in their virtual shopping basket via a cookie.

The data subject can prevent the setting of cookies by our website at any time by means of a corresponding setting of the Internet browser used and thus permanently object to the setting of cookies. Furthermore, already set cookies can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, it is possible that not all functions of our Internet site can be fully used.

Collection of general data and information

When a data subject or an automated system accesses the provider's website, the website collects a range of general data and information. This general data and information is stored in the server's log files. The data collected may include (1) the type and version of the browser used, (2) the operating system used by the accessing system, (3) the website from which an accessing system arrives at our website (so-called referrers), (4) the sub-websites visited from within our website via an accessing system, (5) the date and time of access to the website, (6) an Internet Protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) other similar data and information that serve to ward off dangers in the event of attacks on our information technology systems.

When using this general data and information, the provider does not draw any conclusions about the data subject. Rather, this information is required to (1) correctly deliver the content of our website, (2) optimise the content of our website and the advertising for it, (3) ensure the long-term functionality of our information technology systems and the technology of our website and (4) provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber attack. This anonymously collected data and information is therefore analysed by the provider both statistically and with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

Registration on our website

The data subject has the option to register on the website of the controller by providing personal data. Which personal data are transmitted to the controller results from the respective input mask used for registration. The personal data entered by the data subject are collected and stored exclusively for internal use by the controller and for their own purposes. The controller may arrange for the transfer to one or more processors, for example a parcel service provider, who will also use the personal data exclusively for internal use attributable to the controller.

By registering on the website of the data controller, the IP address assigned by the data subject's Internet service provider (ISP), the date and time of registration are also stored. This data is stored on the grounds that it is the only way to prevent abuse of our services, and these data make it possible to investigate criminal offences if necessary. In this respect, the storage of this data is necessary for the protection of the data controller. This data will not generally be passed on to third parties, unless there is a legal obligation to pass it on or the disclosure serves criminal prosecution.

The registration of the data subject, by voluntarily providing personal data, serves the controller to offer the data subject content or services that, by their nature, can only be offered to registered users. Registered persons are free to amend the personal data provided during registration at any time or to have it completely deleted from the controller's database.

The controller shall provide information about the personal data stored about the data subject to the data subject at any time upon request. Furthermore, the controller shall rectify or delete

Responsible for personal data upon request or notification by the data subject, provided that there are no statutory retention obligations to the contrary. The entirety of the controller's employees are available to the data subject as contact persons in this context.

Newsletter subscription

The provider's website offers users the opportunity to subscribe to our company's newsletter. The personal data transmitted to the controller when ordering the newsletter can be found in the input mask used for this purpose.

The provider regularly informs its customers and business partners about the company's offers via a newsletter. The company's newsletter can generally only be received by the data subject if (1) the data subject has a valid e-mail address and (2) the data subject registers for the newsletter distribution. For legal reasons, a confirmation e-mail will be sent to the e-mail address initially registered for newsletter distribution by the data subject using the double opt-in procedure. This confirmation e-mail serves to verify whether the owner of the e-mail address, as the data subject, has authorised the receipt of the newsletter.

When registering for the newsletter, we further store the IP address assigned by the Internet Service Provider (ISP) of the computer system used by the data subject at the time of registration, as well as the date and time of registration. The collection of this data is necessary in order to be able to trace any (possible) misuse of an individual's email address at a later date and therefore serves the legal protection of the controller.

The personal data collected as part of a registration for the newsletter is used exclusively to send our newsletter. Furthermore, subscribers to the newsletter may be informed by e-mail if this is necessary for the operation of the newsletter service or a registration in this regard, as could be the case in the event of changes to the newsletter offer or changes to the technical circumstances. The personal data collected as part of the newsletter service will not be passed on to third parties. The subscription to our newsletter can be cancelled by the data subject at any time. The consent to the storage of personal data, which the data subject has given us for the newsletter dispatch, can be revoked at any time. There is a corresponding link in every newsletter for the purpose of revoking consent. It is also possible to unsubscribe from the newsletter at any time directly on the controller's website or to inform the controller of this in another way.

Newsletter Tracking

The provider's newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in emails sent in HTML format to enable log file recording and analysis. This allows for a statistical evaluation of the success or failure of online marketing campaigns. Using the embedded tracking pixel, the provider can detect if and when an email has been opened by a data subject and which links within the email have been accessed by the data subject.

The personal data collected via tracking pixels in the newsletters are stored and analysed by the data controller to optimise newsletter distribution and to better tailor the content of future newsletters to the recipient's interests. This personal data will not be passed on to third parties. Affected individuals are entitled at any time to withdraw the separate consent given via the double opt-in procedure. Following withdrawal, this personal data will be deleted by the data controller. Unsubscribing from receiving the newsletter will be automatically interpreted by the provider as consent withdrawal.

Contact options via the website

The provider's website, due to legal regulations, contains information that enables rapid electronic contact with our company and direct communication with us, which also includes a general electronic mail (e-mail) address. If a data subject contacts the controller via e-mail or a contact form, the personal data transmitted by the data subject will be automatically stored. Such personal data voluntarily transmitted by a data subject to the controller will be stored for the purposes of processing or contacting the data subject. This personal data will not be passed on to third parties.

Blog comment function on the website

The provider offers users the opportunity to leave individual comments on specific blog posts on a blog hosted on the website of the controller. A blog is a portal, usually publicly accessible, run on a website, in which one or more people, referred to as bloggers or web bloggers, can post articles or write down thoughts in so-called blog posts. The blog posts can generally be commented on by third parties.

If a data subject leaves a comment on the blog published on this website, information on the time of the comment entry and the user name (pseudonym) chosen by the data subject are stored and published in addition to the comments left by the data subject. Furthermore, the IP address assigned by the data subject's Internet service provider (ISP) is also logged. The IP address is stored for security reasons and in the event that the data subject violates the rights of third parties or posts illegal content by posting a comment. This personal data is therefore stored in the controller's own interest so that the controller can exculpate itself in the event of an infringement. The personal data collected will not be passed on to third parties unless such a transfer is required by law or serves the legal defence of the controller.

Data protection in applications and the application process

The controller collects and processes the personal data of applicants for the purpose of handling the application process. Processing may also be carried out electronically. This is particularly the case if an applicant submits relevant application documents to the controller by electronic means, for example by email or via a web form on the website. If the controller concludes an employment contract with an applicant, the data transmitted will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted two months after notification of the rejection decision, unless deletion conflicts with any other legitimate interests of the controller. Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).

Routine deletion and blocking of personal data

The controller shall process and store personal data of the data subject only for the period necessary to achieve the purpose of storage or as provided for by European directives and regulations or by other legislation to which the controller is subject.

If the purpose of storage ceases to apply or if a storage period prescribed by the European legislature or other competent legislator expires, personal data will be routinely blocked or deleted in accordance with the statutory provisions.

Data subject rights

Right to confirmation

Every data subject has the right granted by the European legislator and regulator to obtain confirmation from the controller as to whether personal data concerning them is being processed. If a data subject wishes to exercise this right to confirmation, they may contact an employee of the controller at any time for this purpose.

Right to information

Every data subject shall have the right granted by the European legislator and regulator to obtain from the controller free information about the personal data stored concerning them and a copy of this information. Furthermore, the European legislator and regulator has granted the data subject access to the following information:

the processing purposes
the categories of personal data that are processed
the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations
If possible, the planned duration for which the personal data will be stored, or, if this is not possible, the criteria for determining this duration.
the existence of a right to rectification or erasure of the personal data concerning them or to restriction of processing by the controller or a right to object to such processing
the existence of a right of appeal to a supervisory authority
All available information as to the source of the personal data.
the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR, and — at least in these cases — meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject

Furthermore, the data subject has the right to obtain information as to whether personal data have been transferred to a third country or to an international organisation. If this is the case, the data subject shall also have the right to be informed about the appropriate safeguards relating to the transfer.

If a person affected by this wants to exercise this right of access, they can contact an employee of the data controller at any time.

Right to rectification

Every data subject shall have the right granted by the European legislator and regulator to require the controller to rectify without delay personal data concerning him that is inaccurate. In addition, the data subject shall have the right to have incomplete personal data completed, including by means of a supplementary statement, having regard to the purposes of the processing.

Should a data subject wish to exercise this right to rectification, they may contact an employee of the data controller at any time.

Right to erasure (right to be forgotten)

Every data subject whose personal data is being processed has the right, granted by the European legislator and regulator, to request from the controller the erasure of personal data concerning them without undue delay, provided that one of the following grounds applies and to the extent that the processing is not necessary:

The personal data was collected or otherwise processed for purposes for which it is no longer necessary.

The affected person withdraws their consent on which the processing was based pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, and there is no other legal basis for the processing.

The data subject objects to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for processing, or the data subject objects to the processing pursuant to Art. 21(2) GDPR.

The personal data was processed unlawfully.

The erasure of personal data is necessary for compliance with a legal obligation to which the controller is subject under Union or Member State law.

The personal data were collected in relation to information society services offered, in accordance with Article 8(1) of the GDPR.

Should any of the aforementioned reasons apply and a data subject wish to arrange for the deletion of personal data stored by the provider, they may contact an employee of the data controller at any time for this purpose. The provider's employee will arrange for the deletion request to be fulfilled immediately.

If the personal data has been made public by the provider and our company, as controller, is obliged to erase the personal data pursuant to Art. 17(1) GDPR, the provider shall take reasonable measures, including technical measures, having regard to the technology available and the costs of implementation, to inform other controllers, which are processing the public personal data, that the data subject has requested the erasure by those other controllers of any links to, or copies or replications of, those personal data, in so far as processing is not required. The provider's employee will arrange for what is necessary on a case-by-case basis.

Right to restriction of processing

Every data subject has the right, granted by the European Directive and regulation maker, to request the restriction of processing from the controller if one of the following conditions is met:

The accuracy of the personal data is contested by the data subject for a period enabling the controller to verify the accuracy of the personal data.

The processing is unlawful, the data subject objects to the erasure of personal data and requests, in lieu thereof, the restriction of the use of personal data.

The controller no longer needs the personal data for the purposes for which it was processed, but the data subject requires it for the establishment, exercise or defence of legal claims.

The data subject has objected to the processing pursuant to Art. 21(1) GDPR and it has not yet been determined whether the controller's legitimate grounds override those of the data subject.

If one of the above conditions is met and an affected person wishes to restrict the processing of personal data stored by the provider, they can contact a member of the data controller's staff at any time. The provider's employee will arrange for the processing to be restricted.

Right to data portability

Each data subject has the right granted by the European Directive and legislator to receive the personal data concerning them, which have been provided to a controller by the data subject, in a structured, common, and machine-readable format. They also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data have been provided, provided that the processing is based on consent pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR or on a contract pursuant to Art. 6(1)(b) GDPR and the processing is carried out by automated means, provided that the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Furthermore, when exercising their right to data portability under Article 20(1) of the GDPR, the data subject shall have the right to have personal data transmitted directly from one controller to another, where technically feasible and without prejudice to the rights and freedoms of others.

To assert the right to data portability, the data subject may contact an employee of the provider at any time.

Right to object

Every data subject has the right granted by the European legislator and regulators to object, on grounds relating to their particular situation, at any time to processing of personal data concerning them which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to profiling based on these provisions.

The provider shall no longer process the personal data in the event of an objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing is for the establishment, exercise or defence of legal claims.

If the controller processes personal data for direct marketing purposes, the data subject shall have the right to object at any time to the processing of personal data for such marketing. This also applies to profiling, in so far as it is related to direct marketing. If the data subject objects to the processing for direct marketing purposes by the controller, the controller shall cease to process the personal data for such purposes.

In addition, the data subject shall have the right to object, on grounds relating to their particular situation, to the processing of personal data concerning them which is carried out by the provider for scientific or historical research purposes or for statistical purposes pursuant to Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

To exercise the right to object, the data subject may contact any employee of the provider or another employee directly. The data subject is also free to exercise their right to object in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures using technical specifications.

Automated individual decision-making, including profiling

Every data subject has the right granted by the European legislator to not be subjected to a decision based solely on automated processing – including profiling – which produces legal effects concerning them or similarly significantly affects them, provided that the decision (1) is not necessary for the conclusion or performance of a contract between the data subject and a controller, or (2) is not authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject's rights and freedoms and legitimate interests, or (3) is not based on the data subject's explicit consent.

Whether the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is made with the explicit consent of the data subject, the provider shall take appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject, including at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.

If the data subject wishes to assert rights concerning automated decisions, they may at any time contact an employee of the data controller.

Right to withdraw consent under data protection law

Every data subject has the right, granted by the European legislator, to withdraw consent to the processing of personal data at any time.

If the affected person wishes to exercise their right to withdraw consent, they can contact an employee of the controller at any time.

Special Data Protection Provisions

Data Protection Provisions on the Use and Employment of ActiveCampaign

The controller has integrated the ActiveCampaign component on this website. ActiveCampaign, LLC (“ActiveCampaign”) is a marketing platform that enables users to reach their customers and understand how their customers interact with these communications and other content. The aim is to tailor marketing based on customer interests. ActiveCampaign collects and uses information from applicants, website visitors, and current and potential customers when they use websites, platforms, mobile applications, and other online products and services.

The operating company is ActiveCampaign LLC, 1 North Dearborn Street, 5th Floor Chicago, IL 60602.

We collect information that you provide directly to us. This includes, for example, information when you create an account, participate in interactive features of the Services, fill out a form, make a purchase, enter a contest or promotion, communicate with us through third-party social media sites, interact with a message board, apply for a job, request customer support, use our Platform, or otherwise communicate with us. The types of information that may be collected include: (1) identifiers, such as your full name, phone number, email address, mailing address, unique personal identifier, online ID, Internet Protocol address, (2) commercial information, such as records of personal property, products or services purchased or considered, or other purchase or consumption histories or tendencies, (3) professional or employment-related information, such as company name, company payment information, and business contact information (e.g., company phone number, address, or email); and (4) any other information you choose to provide.

Log information, transaction information, device information, and information collected through cookies and other tracking technologies are also automatically captured.

ActiveCampaign uses cookies.

ActiveCampaign engages third parties and individuals (such as payment processors, research companies, and analytics and security providers) who assist in managing and providing the Services. These third parties have limited access to information about you, may only use this information to perform these tasks on behalf of ActiveCampaign, and are obligated not to disclose or use information about you for any other purpose.

To provide you with the services you subscribe to or request from us, information about you may be transferred to ActiveCampaign's locations in the United States, Australia, and Ireland, as well as to countries where our service providers are based.

You have the right to withdraw your consent to the processing of your personal data if we are processing it on the basis of your consent.

Further information and the applicable Google data protection provisions can be found at.

Data protection regulations on the use and deployment of All-Inkl.com

The controller has integrated components of the company All-Inkl.com on this website. All-Inkl.com is a web hosting service. Personal data is processed for the provision of web hosting services (providing storage space, including for internet presences, as well as databases and e-mail mailboxes), including the provision of domains, within the scope of fulfilling our contracts with our customers or for carrying out pre-contractual measures initiated by them.

The owner of All-Inkl.com is Rene Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany.

The purposes of data processing are primarily determined by the specific contract product (e.g. web hosting plan, server plan) and also include consulting (support) as well as technical user support.

The contract is generally concluded online via the website. The user of the website, whether as a consumer or an entrepreneur, has the option to register on the aforementioned website by providing personal data for the contract product they have selected. Which personal data must be provided and is transmitted via buttons can be seen from the respective input mask used for the order. The personal data entered by the future customer are collected and further processed exclusively for internal use for our own purposes, and in the case of brokerage services, also for third-party purposes. Disclosure to one or more processors is arranged, who also process the personal data exclusively for internal use attributable to us.

When the website is used purely for informational purposes, i.e. if users do not register or otherwise transmit information directly, or do not enter into a contract with All-Inkl.com, All-Inkl.com may collect data relating to a person via the IP address. For technical reasons, users must use an IP address assigned by an access provider when accessing the All-Inkl.com websites. As a general rule: the IP address is an individual „address“ of an end device (computer, smartphone, tablet) in a computer network. In exceptional cases, an IP address could allow a conclusion to be drawn about the person and make them identifiable.

When using websites (the so-called „web browser“ or just „browser“) installed by the user on their end device, the following information is transmitted to the web server used by All-Inkl.com:

This information is stored on the web server in a log file. This would at least indirectly allow us to establish a personal reference, i.e. by determining the owner of the IP address via disclosure from the access provider that supplies the IP addresses. However, this is only possible if this access provider is legally entitled to provide the information.

The current data protection regulations of All-Inkl.com can be accessed at https://all-inkl.com/datenschutzinformationen/.

Data Protection Provisions on the Use and Application of Amazon Affiliate Programme Functions

The controller has integrated Amazon components on this website as a participant in the Amazon Programme. The Amazon components were designed by Amazon with the aim of referring customers via advertising to various websites of the Amazon group, particularly Amazon.co.uk, Local.Amazon.co.uk, Amazon.de, BuyVIP.com, Amazon.fr, Amazon.it and Amazon.es, for a commission. The controller can generate advertising revenue by using the Amazon components.

The operator of these Amazon components is Amazon EU S.à.r.l, 5 Rue Plaetis, L-2338 Luxembourg, Luxembourg.

Amazon places a cookie on the affected person's information technology system. What cookies are has already been explained above. With each call-up of one of the individual pages of this website, which is operated by the controller and on which an Amazon component has been integrated, the internet browser on the affected person's information technology system is automatically prompted by the respective Amazon component to transmit data to Amazon for the purpose of online advertising and commission settlement. As part of this technical process, Amazon gains knowledge of personal data, which Amazon uses to understand the origin of orders received by Amazon and to subsequently enable commission settlement. Among other things, Amazon can understand that the affected person clicked on a partner link on our website.

The data subject can prevent the setting of cookies by our website, as already shown above, at any time by means of a corresponding setting of the internet browser used, and thus permanently object to the setting of cookies. Such a setting of the internet browser used would also prevent Amazon from setting a cookie on the data subject's information technology system. Furthermore, cookies already set by Amazon can be deleted at any time via an internet browser or other software programmes.

Further information and Amazon's applicable data protection provisions can be accessed at.

Data Protection Regulations on the Use and Application of Antispam Bee

The data controller has integrated components of Antispam Bee on this website. Antispam Bee is an extension for the WordPress blogging system designed to protect blogs against comment and trackback spam. Antispam Bee effectively blocks spam comments and trackbacks without using CAPTCHAs and without sending personal data to third-party services. Additionally, Antispam Bee features further filters for the detection and sorting of spam comments: black and white-listing for specific countries, support for Project Honey Pot, checking for manipulated IP addresses, etc. Email notifications inform about suspected cases.

The operator of the Antispam Bee plugin for WordPress is Automattic Inc., 132 Hawthorne Street, San Francisco, CA 94107, USA. The operator uses the tracking technology of Quantcast Inc., 201 Third Street, San Francisco, CA 94103, USA.

Under certain circumstances, Antispam Bee may send your IP address to a public spam database for spam checks. Furthermore, it’s possible that your IP address will be sent to the operator company’s servers to determine country affiliation, in order to allow or block comments from specific countries.

The current data protection regulations for Antispam Bee can be accessed at and at.

Privacy Policy on the Use and Application of Calendly

The controller has integrated components of Calendly on this website. Calendly is a subscription-based appointment scheduling software in the form of an online calendar, with which meetings can be planned easily, quickly, and simply. Calendly works with personal calendars and adjusts schedules based on availability settings and time zone recognition. Calendly is used to save time, control schedules, and prevent last-minute meetings and scheduling conflicts through buffer times, daily limits, and secret event types.

The operating company is Calendly LLC, BB&T Tower, 271 17th St NW #1000, Atlanta, GA 30363, USA.

When using the tool, personal data such as name, e-mail address and telephone number are requested. It is also possible to present various concerns and provide further information. If you use the tool, your details from the Calendly form, including the data you provide there, will be stored on this website and at Calendly for the purpose of processing the enquiry and in the event of follow-up questions. The data of Calendly users and invitees are stored in data centres in the USA, which are provided by Amazon Web Services (“AWS”) and Google (selected back-ups). This data remains on this website and at Calendly until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. appointment has taken place). All connections from the browser to the Calendly platform are encrypted during transmission using TLS SHA-256 with RSA encryption. All data is encrypted at rest. Calendly user passwords are stored as encrypted password hashes. User passwords for the iCloud Calendar integration are stored with salted encryption. The data entered is processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR).

The applicable Calendly data protection regulations can be found at.

Data Protection Regulations on the Use and Application of Contact Form 7

The controller has integrated components of Contact Form 7 as a WordPress plugin on this website. WordPress.org websites (collectively referred to as „WordPress.org“ in this document) refer to websites hosted on WordPress.org, WordPress.net, WordCamp.org, BuddyPress.org, bbPress.org, and other associated domains and subdomains. Contact Form 7 is a plugin that allows you to create, customise, and integrate any type of contact form on your WordPress website.

The operating company is Rock Lobster, LLC., 810-0041 1-1-29 Daimyo, Chuo-ku, Fukuoka City, Fukuoka Prefecture, Japan.

Contact Form 7 stores user input data sent via the contact forms on the website, along with meta-information about the inputs, including the timestamp, originating IP address, and user agent (browser). Third-party services may also collect information about website visitors. The information is sent as email messages, which are only accessible by a select group of individuals. The information is also stored in the database on the hosting server for backup and later reference purposes.

Contact Form 7 does not set specific time limits for storing information, as it is required for future reference. If users wish for their information to be removed from the database, direct contact with Contact Form 7 is required. Contact Form 7 will delete any data collected from users at any time if there are any concerns regarding user privacy.

Contact Form 7 only uses WordPress plugins and themes that are hosted on WordPress.org. WordPress.org's guidelines clearly prohibit tracking users without their express informed consent.

The applicable data protection regulations can be accessed at.

Data protection regulations on the use and application of Copecart

The controller has integrated the CopeCart component on this website. CopeCart is shop software that companies can use to sell digital and physical products and services. The platform is a so-called full-service provider, meaning it supports sellers in all stages of the sale. With CopeCart, they can list their products and services, sell them, have customers pay via the platform, and analyse and evaluate their sales.

The operating company of CopeCart is CopeCart GmbH, Ufnaustraße 10, 10553 Berlin, Telephone: 04103-7003001, E-mail: .

When a user purchases a product or service from the controller, they enter into a purchase contract with them. However, not only the seller receives the data for the processing of the purchase, but also the platform CopeCart. In this context, personal data such as names, addresses, email addresses, payment data, and phone numbers are transmitted to a third party.

The Data Controller has therefore concluded a contract for order processing with CopeCart.

The personal data is collected via CopeCart to ensure the smooth processing of purchase contracts, to analyse and evaluate user purchasing behaviour, and thereby to continuously optimise the data controller's offering and its website.

The data will be deleted as soon as it is no longer required for the purpose for which it was collected.

The processing of personal data in the manner described is based on Art. 6(1)(c) and (f) GDPR.

Users have the option to object to data processing by CopeCart at any time. This does not apply, however, to data that CopeCart absolutely needs to sell products and process payments.

Further information on how this is processed can be found at.

CopeCart's privacy policy is available at.

Data Protection Regulations on the Use and Application of Digistore24

The controller has integrated the Digistore24 component on this website. Digistore24 is an online sales platform that offers you an integrated online shop, the most important payment methods, simplified accounting including tax automation, and an affiliate network. The essential service of Digistore24 is the sale of digital products and similar items over the internet. For this purpose, the buyer is provided with information and tips on the products on third-party websites. To enable the providers of this information to maintain their service, Digistore24 often reimburses them for their advertising costs. This is essential for the operation of Digistore24.

The operating company of Digistore24 is Digistore24 GmbH, St.-Godehard-Str. 32, 31139 Hildesheim.

Digistore24 automatically collects data and information from the computer system of the accessing computer with each call to the user's website. The information collected includes the browser type and version used, the user's operating system, the user's internet service provider (ISP), the user's IP address, the date and time of access, and the websites from which the user's system accessed our website. This data is not stored.

The temporary storage of the IP address by the system is necessary to enable the delivery of the website to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.

The storage in log files is carried out to ensure the functionality of the website. In addition, we use the data to optimise the website and to ensure the security of our information technology systems. The data is not analysed for marketing purposes in this context.

We also have a legitimate interest in processing data for these purposes, pursuant to Article 6(1)(f) of the GDPR. The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected.

Digistore24 uses cookies. What cookies are has already been explained above. Digistore24 uses cookies with two lifespans. On the one hand, cookies are stored until the end of the session to enable a login (a session). This is necessary so that the server recognises your web browser after you have entered your login details. A session is also started during an ordering process so that the order can be processed correctly. On the other hand, cookies are stored by Digistore24 for up to 185 days for affiliate tracking, screen size, certain authorisations, prevention of duplicate orders, language settings, the „Stay logged in“ function and for products that have been placed in a shopping basket.

You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data which is based on Article 6(1)(e) or (f) of the GDPR; this also applies to profiling based on those provisions.

Further information and the applicable data protection regulations of Digistore24 can be found at.

Data Protection Regulations on the Use and Application of Elementor

The controller has integrated components of the Elementor service on this website. Elementor Website Builder allows WordPress users to create and edit websites using the drag-and-drop technique with integrated responsive mode.

The operator of the Elementor services is Elementor Ltd., 2600 Flatbush Ave, Brooklyn, New York, 11234, United States.

Elementor collects information in three different ways: when users use the website, when users use the services and when users use the software. Among other things, Elementor collects payment information (for subscription purposes) and stores a token for recurring billing when users have purchased a subscription that cannot be used to re-identify their credit card. Elementor also collects aggregated data from third parties, such as social media sites and other services they use, as well as joint ventures that Elementor may establish. Elementor also collects the information that users provide to them through emails or other communications. Elementor collects information about how users use its website, such as the pages users have viewed, the links users have clicked on, the websites that referred them to Elementor, device type, screen resolution, operating system and browser.

When users utilise Elementor's services, Elementor may automatically collect information from users' devices, including, without limitation, information and statistics regarding their online/offline status, their IP address, their internet service provider, browser type, hosting environment, web server, regional and language settings, and software and hardware attributes. Elementor's systems may automatically record and store technical information regarding the method and manner of service usage.

Elementor collects the email of the website administrator using the software, along with some of the following information depending on specific user implementation: the IP address of said server, the license key, and the following information: server software & version, MySQL version, PHP settings & version, WordPress version, WordPress debug mode, WordPress memory limit, WordPress max upload size, WordPress settings (permalink structure, multisite, locale, theme, plugins), site URL, number of custom templates saved in the library, number of posts using Elementor, and number of widgets used.

Elementor uses personal data to provide users with services and software. Elementor may conduct research on user demographics, interests, and behaviour based on personal data and other information collected by Elementor.

Elementor's servers may be hosted in various countries and jurisdictions, which may be located outside of the country from which users access the services, and which may be located outside of their country of residence. Elementor may transfer personal data across multiple countries.

Some uses and disclosures may involve the transfer of users' personal data to various countries around the world, which may have a different level of data protection than the user's country, and may be transferred outside the European Economic Area. Elementor may share information when necessary for the provision or maintenance of the services. Elementor may also share information in compliance with a written legal request from a valid legal authority.

To collect the data described above, Elementor may use temporary cookies which remain on the browser for a limited period.

Users have the right to know what personal data is being collected about them and have the right to ensure that this data is correct and relevant for the purposes for which Elementor collected it. Users can also request the deletion of their data. Users can also withdraw their consent regarding the collection of data at any time.

Further information and Elementor's applicable data protection provisions can be found at [Link].

Data protection provisions on the use and deployment of Facebook

The controller has integrated components of the company Facebook on this website. Facebook is a social network.

A social network is a social meeting place operated on the internet, an online community that generally allows users to communicate with each other and interact in virtual space. A social network can serve as a platform for exchanging opinions and experiences, or it enables the internet community to provide personal or company-related information. Facebook, among other things, allows users of the social network to create private profiles, upload photos, and connect through friendship requests.

The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. For the processing of personal data, the controller, if a data subject lives outside the USA or Canada, is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

With every call to one of the individual pages of this website, which is operated by the controller and on which a Facebook component (Facebook plug-in) has been integrated, the internet browser on the affected person's IT system is automatically prompted by that respective Facebook component to download a representation of the corresponding Facebook component from Facebook. A complete overview of all Facebook plug-ins can be accessed at. As part of this technical procedure, Facebook receives knowledge of which specific sub-page of our website is being visited by the affected person.

If the data subject is simultaneously logged into Facebook, Facebook will recognise, with every call-up of our website by the data subject and for the entire duration of the stay on our website, which specific sub-page of our website the data subject is visiting.

This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the data subject. If the data subject activates one of the Facebook buttons integrated on our website, for example the „Like“ button, or if the data subject leaves a comment, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data.

Facebook receives information that the data subject has visited our website via the Facebook component whenever the data subject is simultaneously logged into Facebook at the time of visiting our website; this happens regardless of whether the data subject clicks on the Facebook component or not. If the data subject does not want such transmission of this information to Facebook, they can prevent the transmission by logging out of their Facebook account before visiting our website.

The data policy published by Facebook, available at [link to policy], provides information on Facebook's collection, processing, and use of personal data. It also explains the settings available to protect the individual's privacy. Furthermore, various applications are available that allow for the suppression of data transmission to Facebook. Such applications can be used by the individual to suppress data transmission to Facebook.

Data Protection Policy on the Use and Application of Facebook Pixel

This website incorporates components of the Facebook Pixel from Facebook. The Facebook Pixel is a snippet of JavaScript code that loads a collection of functions which enable Facebook to track your user actions, provided you arrived at the user's website via Facebook Ads.

The operator of Facebook Pixel is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

If the data subject is simultaneously logged into Facebook, Facebook will recognise, with each call of our website by the data subject and for the entire duration of their stay on our website, which specific sub-page of our website the data subject is visiting. This information is collected by the Facebook component and associated by Facebook with the respective Facebook account of the data subject. If the data subject activates one of the Facebook buttons integrated into our website, for example, the „Like“ button, or if the data subject leaves a comment, this information is associated by Facebook with the personal Facebook user account of the data subject and stored by Facebook.

Using Facebook pixels, advertising measures can be better tailored to users' wishes and interests. This means that Facebook users (provided they have allowed personalised advertising) will see relevant adverts. Furthermore, Facebook uses the data collected for analysis purposes and its own advertising.

Further information regarding Facebook Pixel's data protection provisions can be found at.

Data Protection Regulations on the Use and Application of Google AdWords

The controller has integrated Google AdWords on this website. Google AdWords is an Internet advertising service that allows advertisers to place ads both in Google's search engine results and on the Google advertising network. Google AdWords allows an advertiser to pre-define specific keywords, by means of which an ad is displayed in Google's search engine results only when the user retrieves a keyword-relevant search result using the search engine. In the Google advertising network, the ads are distributed via an automatic algorithm and taking into account the previously defined keywords on topic-relevant websites.

The operator of the Google AdWords services is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The purpose of Google AdWords is to advertise our website by displaying interest-relevant advertisements on the websites of third-party companies and in the search engine results of the Google search engine, as well as displaying third-party advertisements on our website.

If a person visits our website via a Google advertisement, Google places a so-called conversion cookie on their IT system. What cookies are has already been explained above. A conversion cookie expires after 30 days and is not used to identify the person. As long as the cookie has not expired, it is used to track whether certain sub-pages, for example the shopping basket of an online shop system, have been accessed on our website. Via the conversion cookie, both we and Google can track whether a person who reached our website via an AdWords ad generated revenue, i.e. completed or abandoned a purchase.

The data and information collected by the use of the conversion cookie are used by Google to compile visit statistics for our website. We, in turn, use these visit statistics to determine the total number of users who have been referred to us through AdWords advertisements, in order to determine the success or failure of the respective AdWords advertisement and to optimise our AdWords advertisements for the future. Neither our company nor other Google AdWords advertisers receive information from Google that could be used to identify the person concerned.

Personal information, such as the internet pages visited by the data subject, is stored using the conversion cookie. With each visit to our internet pages, personal data, including the IP address of the internet connection used by the data subject, is thus transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on this personal data, collected through the technical procedure, to third parties.

The affected person can at any time prevent the setting of cookies by our website, as explained above, by making appropriate settings in their internet browser, thereby permanently objecting to the setting of cookies. Such a setting in the used internet browser would also prevent Google from setting a conversion cookie on the affected person's information technology system. Furthermore, a cookie already set by Google AdWords can be deleted at any time via the internet browser or other software programs.

Furthermore, the data subject has the option to object to Google's interest-based advertising. To do this, the data subject must access the link from each internet browser they use and make the desired settings there.

Further information and Google's applicable data protection provisions can be found at.

Data Protection Provisions on the Use and Application of Google Analytics (with Anonymisation Function)

The controller has integrated the Google Analytics component (with anonymisation function) on this website. Google Analytics is a web analytics service. Web analytics is the collection, gathering and analysis of data about the behaviour of visitors to websites. A web analytics service records, among other things, data about which website a data subject came to a website from (so-called referrers), which sub-pages of the website were accessed, or how often and for what duration a sub-page was viewed. Web analytics is primarily used for the optimisation of a website and for the cost-benefit analysis of internet advertising.

The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The data controller uses the “_gat._anonymizeIp” tag for web analytics via Google Analytics. With this tag, the IP address of the data subject's internet connection is truncated and anonymised by Google when accessing our internet pages from a member state of the European Union or another contracting state to the Agreement on the European Economic Area.

The purpose of the Google Analytics component is to analyse visitor traffic on our website. Google uses the data and information obtained for various purposes, including evaluating the use of our website to compile online reports for us that show the activities on our websites, and to provide other services related to the use of our website.

Google Analytics places a cookie on the information technology system of the data subject. What cookies are has already been explained above. By setting the cookie, Google is enabled to analyse the use of our website. With each call-up of one of the individual pages of this website, which is operated by the controller and on which a Google Analytics component has been integrated, the internet browser on the information technology system of the data subject shall automatically be prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. As part of this technical procedure, Google gains knowledge of personal data, such as the IP address of the data subject, which Google uses, among other things, to track the origin of visitors and clicks and, consequently, to enable commission accounting.

Through the cookie, personal information is stored, for example, about the access time, the location from which access originated, and the frequency of visits to our website by the data subject. With every visit to our website, this personal data, including the IP address of the internet connection used by the data subject, is transferred to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on this personal data collected through the technical process to third parties.

The data subject can prevent the setting of cookies by our website, as already described above, at any time by means of a corresponding setting of the internet browser used and thus permanently object to the setting of cookies. Such a setting of the internet browser used would also prevent Google from setting a cookie on the data subject's information technology system. In addition, a cookie already set by Google Analytics can be deleted at any time via the internet browser or other software programs.

Furthermore, the data subject has the option of objecting to and preventing the collection of data generated by Google Analytics relating to the use of this website and the processing of this data by Google. To do this, the data subject must download and install a browser add-on from the link. This browser add-on informs Google Analytics via JavaScript that no data and information about visits to websites may be transmitted to Google Analytics. The installation of the browser add-on is recognised by Google as an objection. If the data subject's IT system is deleted, formatted or reinstalled at a later date, the data subject must reinstall the browser add-on in order to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or another person who is attributable to their sphere of control, it is possible to reinstall or reactivate the browser add-on.

Further information and Google's applicable data protection regulations can be found at and at. Google Analytics is explained in more detail at this link.

Data protection provisions on the use and deployment of Google Drive

The data controller has integrated Google Drive on this website. Google Drive is an online file hosting service that allows documents to be stored, shared and edited in the cloud. Google Drive includes Google Docs, Sheets, Slides and Forms.

The purpose of Google Drive is to store files as well as directly edit text documents, spreadsheets, and presentations.

The operator of the Google Drive component is Alphabet Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

A cookie is a short snippet of text sent from a website you visit to your browser. This stores information about your last visit.

The affected person can prevent the placement of cookies on our website at any time by adjusting the settings of their internet browser, thereby permanently objecting to the placement of cookies. Such a setting in the internet browser would also prevent Alphabet Inc. from placing a cookie on the affected person's IT system. Furthermore, a cookie that has already been placed by Alphabet Inc. can be deleted at any time via the internet browser or other software programmes.

Google Drive is explained in more detail at this link.

Further information and Google's applicable data protection regulations can be found at and at.

Privacy Policy on the Use and Application of Google Fonts

The controller has integrated components of the company Google Fonts on this website. Google Fonts is a service of Google Inc. (“Google”). Google Fonts provides a catalogue of various designer web fonts for respective websites.

The operating company for Google Fonts is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The integration of these web fonts is done via a server call, usually to a Google server in the United States of America. This transmits to the server which webpages you have visited. Google also stores the IP address of the browser of the end device of the visitor to these webpages.

Google Fonts collects information to offer you better services – from basic things like the language you speak to more complex things like the ads you'll find most useful, the people most important to you online or the YouTube videos you might like. What information Google collects and how that information is used depends on how you use our services and how you manage your privacy settings.

If you are not logged into a Google Account, Google Fonts stores the collected information with unique identifiers linked to the browser, application, or device you are using. This way, for example, your language preferences are maintained across multiple browsing sessions.

When you are logged in, Google Fonts also collects information that Google stores with your Google account and treats as personal information.

Google Fonts stores your data, particularly for the purposes of service improvement and communication with users or customers. You can object to the storage of your data at any time.

Further information and Google's applicable data protection provisions can be found at.

Privacy Policy on the Use and Application of Hubspot

The data controller has integrated components of the Hubspot service on this website.

The operating company of the Hubspot services is HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA.

HubSpot uses its own subscription services to create websites where visitors can learn more about HubSpot. The data collected and managed by HubSpot with the subscription service for its own marketing belongs to HubSpot and is used, disclosed, and protected in accordance with its privacy policy.

Users are free to visit Hubspot's websites without sharing personal data with Hubspot. When users visit the websites or register for the subscription service, Hubspot requires users to share their personal data with Hubspot and Hubspot collects navigation data. Hubspot collects the personal data when users submit web forms or interact with the website, e.g. when users subscribe to a HubSpot blog, register for a webinar or contact customer support for assistance. Hubspot also collects personal data when users register for a HubSpot account. Personal data includes navigation data or payment data if such information directly or indirectly serves or can contribute to the identification of a person. „Sensitive Data“ includes credit or debit card numbers, bank account or wire transfer information, government-issued identification numbers (such as national insurance numbers or passport/ID card numbers), biometric information, personal health information (or other information subject to applicable health privacy laws), personal data of children subject to child privacy laws, and any other information or combination of information that falls into the category of „special categories of personal data“ under the GDPR or other applicable data protection laws.

When users view content provided by HubSpot, HubSpot automatically collects data about users' hardware and software. This data may include IP addresses, browser type, domain names, Internet service provider (ISP), files viewed on our website (e.g., HTML pages and graphics), operating system, clickstream data, access times, and the addresses of websites from which users accessed our website. HubSpot uses this data to generate general statistics about usage of the HubSpot websites. To do this, HubSpot links this automatically collected data with other personal data such as name, email address, address, and phone number.

Hubspot sometimes receives personal data about an individual from external sources, including those partners with whom Hubspot offers co-branded services or engages in joint marketing activities.

The collected data is used by HubSpot in particular to improve and further develop its own products and services, to communicate with users, to bring the service closer, and to provide statistical usage data to other companies.

HubSpot's websites contain links to third-party websites.

The length of time HubSpot stores information collected from users depends on the type of information. After the relevant period, HubSpot will either delete or anonymise the information. If neither of these is possible, HubSpot will securely store the information and block it from further use until deletion is possible.

HubSpot stores personal data that users provide to them for as long as there is a legitimate business interest (for example, to fulfil our legal obligations, resolve disputes, and enforce our contractual rights).

If HubSpot no longer has a legitimate business interest in processing the personal data, HubSpot shall securely delete or anonymise this data. If neither is possible, HubSpot shall securely store the personal data and exclude it from any further data processing until deletion becomes possible. If users request HubSpot to do so, HubSpot shall delete the data at an earlier date.

Hubspot can, amongst other things, exchange data with trusted partners so that they can contact users after they have requested to receive such communications, as well as for statistical analysis or customer service.

Users have the right to request the deletion of their data. Users can also, among other things, access the data collected or withdraw consent that has been given.

Further information and HubSpot's applicable data protection provisions can be found at.

Data protection provisions on the use and application of Instagram

The controller has integrated components of the Instagram service on this website. Instagram is a service that can be classified as an audiovisual platform, enabling users to share photos and videos, as well as to redistribute such data on other social networks.

The operator of Instagram's services is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA.

Each time any of the individual pages of this website, operated by the controller, which has an integrated Instagram component (Insta-button) is called up, the internet browser on the information technology system of the data subject is automatically prompted by the respective Instagram component to download a representation of the corresponding component from Instagram. As part of this technical procedure, Instagram becomes aware of which specific sub-page of our website is being visited by the data subject.

If the data subject is simultaneously logged into Instagram, then Instagram recognises with every call of our website by the data subject and for the entire duration of their stay on our website, which specific sub-page the data subject visits. This information is collected by the Instagram component and assigned by Instagram to the respective Instagram account of the data subject. If the data subject actuates one of the Instagram buttons integrated on our website, the data and information transmitted thereby are assigned to the personal Instagram user account of the data subject and are stored and processed by Instagram.

Instagram is informed whenever users visit our website via the Instagram component, provided they are logged into Instagram at the time of their visit. This happens regardless of whether the user clicks on the Instagram component or not. If users do not wish for this information to be transmitted to Instagram, they can prevent it by logging out of their Instagram account before visiting our website.

Further information and Instagram's applicable data protection provisions can be accessed at and .

Privacy Policy on the Use and Operation of Kajabi

The controller has integrated Kajabi components on this website.

The operating company is KAJABI, LLC, 333 El Camino Real, Suite 200, Tustin, CA 92780, USA.

Kajabi provides online video courses, landing pages, and videos for payment processing. Kajabi also provides services for collecting newsletter subscribers, as well as organising and analysing newsletter distribution. If you provide data for the purpose of newsletter subscriptions (e.g., name and email address), this data will be stored on Kajabi's servers in the United States of America. The data provided in connection with registration and use of our websites and online video courses, such as your name, email address, address, and payment details, will be stored on Kajabi's servers in the United States of America.

Using KAJABI, we can analyse our newsletter campaigns. When you open an email sent with KAJABI, a file contained within the email (known as a web beacon) connects to KAJABI's servers in the United States of America. This allows us to determine whether a newsletter message has been opened and which links, if any, have been clicked. Technical information is also collected (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the individual newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to your interests.

Unless you want an analysis by KAJABI, you must unsubscribe from the newsletter. For this, we provide a corresponding link in every newsletter message. Furthermore, you can also unsubscribe from the newsletter directly on the website.

The data processing is carried out on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The lawfulness of the data processing operations already carried out remains unaffected by the revocation.

The data you have provided to us for the purpose of newsletter subscription will be stored by us until you unsubscribe from the newsletter and will be deleted from both our servers and KAJABI's servers after you unsubscribe. Data stored by us for other purposes (e.g. email addresses for the members' area) will remain unaffected.

KAJABI uses this data for the provision and payment processing of online video courses and for sending newsletters on our behalf. The provider also uses this data to optimise or improve its own services, for example for the technical optimisation of the services. According to our information, KAJABI does not use this data to pass it on to third parties.

The conclusion of a corresponding contract for order data processing is currently underway. KAJABI, LLC takes data protection just as seriously, in compliance with statutory regulations under the GDPR. You can find more information on this here:

You can find KAJABI's new „Data Processing Agreement“ here

Data Protection Regulations on the Use and Application of Rank Math SEO

The controller has integrated components of Rank Math SEO on this website.

The operating company is Rank Math Ventures LLP, EC-320, G-8, Rajouri Garden Area, Maya Enclave, Hari Nagar, New Delhi, IN – 110064.

Among the types of personal data that this Website collects, either independently or through third parties, are amongst others trackers, usage data, first name, last name, company name, email address, website, and data provided during the use of the service. Personal data may be freely provided by the user, or, in the case of usage data, collected automatically when this Website is used. Rank Math takes appropriate security measures to prevent unauthorised access, disclosure, modification, or unauthorised destruction of the data.

The owner may process users' personal data in particular if users have given their consent for one or more specific purposes or if the processing is necessary for compliance with a legal obligation. The data is processed in the operating offices of Rank Math and in any other places where the parties involved in the processing are located. Depending on the user's location, data transfers may involve transferring the user's data to a country other than their own.

Personal data will be processed and stored for as long as the purpose for which it was collected requires.

Rank Math may be entitled to store personal data for a longer period if the user has given their consent to such processing, as long as that consent is not withdrawn. Furthermore, the owner may be required to retain personal data for a longer period if it is necessary to comply with a legal obligation or by order of an authority.

The data concerning the user is collected specifically to enable Rank Math to provide its service, comply with its legal obligations, respond to enforcement requests, protect its rights and interests (or those of its users or third parties), and detect any malicious or fraudulent activity.

Users have the right, among other things, to withdraw their consent if they have previously given their consent to the processing of their personal data. Users also have the right to object to the processing of their data if the processing is based on a legal basis other than consent.

Where personal data is processed in the public interest, in the exercise of official authority vested in the controller, or for the purposes of the legitimate interests pursued by the controller, the user may object to such processing by providing reasons related to their particular situation.

Rank Math uses cookies.

The current data protection regulations of Rank Math can be found at.

Data Protection Policy for the Use and Application of Trustpilot

The data controller has integrated components of the Trustpilot service on this website. Trustpilot.com is a Danish consumer review website, founded in Denmark in 2007 and featuring reviews of businesses worldwide. Almost 1 million new reviews are published every month. The website offers companies freemium services.

The service operator for Trustpilot is Trustpilot A/S, Pilestraede 58, 5th floor, 1112 Copenhagen K, Denmark.

When users create a user account on Trustpilot, submit a review, set up a business account on behalf of a company, or use the portal in any other way, Trustpilot may collect and process the following personal data, among others: names, email addresses, and other contact information, IP addresses, browser settings, locations, usernames, passwords, photos, and preferred language.

Users can link their Trustpilot profile to profiles on social media, such as Facebook (referred to as „social networks“). When such a link is made, Trustpilot automatically collects certain information about users from their social network, depending on what information has been made available on that social network and what privacy settings have been set on that social network for sharing the information.

Trustpilot primarily collects the personal data processed directly from the user when users provide this information to create an account with Trustpilot, or when users interact with the platform, for example, when they submit reviews or post replies to reviews.

Trustpilot sometimes receives information about users from third parties.

For example, if they sign up for a Trustpilot account via Facebook. In this case, the account is automatically populated with the information that Trustpilot receives from Facebook. Also, when Trustpilot sends a review invitation to users on behalf of a company, Trustpilot receives the users' name, email address, and a reference number, such as an order number or similar, from that company.

Furthermore, Trustpilot automatically generates or collects information from users' computers or devices when they use the services, such as IP address, location, or information about the device and browser used to access Trustpilot.

The personal data collected will be used by Trustpilot for various purposes, including to provide services, display reviews, and enable access to user accounts and portals, or to grant access to a company's business account and website. Data is also used to identify users. The data is further collected to, among other things, carry out various internal business activities, such as data analysis, audits, monitoring and preventive measures to protect against fraud attempts, development of new products and services, improvements or changes to the portal or services, including TrustBoxes, identification of usage trends, determination of the effectiveness of advertising campaigns, and the conduct and expansion of business activities. However, the data is primarily used to, among other things, verify the authenticity of a review.

Trustpilot shares personal data with selected third parties (which include Trustpilot's subsidiaries and other companies within the Trustpilot group) who provide various services for Trustpilot, thereby supporting the technical operation of the portal and the provision of services („Data Processors“). These third parties are Data Processors of personal data, for whom Trustpilot is the Data Controller. Trustpilot has entered into Data Processing Agreements with these Data Processors, stipulating that the Data Processors may act solely in accordance with Trustpilot's instructions.

We only retain your data for as long as we need it or are legally obliged to do so. We then delete or anonymise your data so that you are no longer identifiable from it. We handle certain data differently depending on its intended use. However, you can delete your personal data at any time or ask us to delete this data for you (you can find more information about this further down in the „Your Rights“ section).

Trustpilot retains personal data provided by users, including their reviews, for as long as users have a Trustpilot account or as long as is necessary to provide services. If users delete their user account, Trustpilot will only keep a log of the following data: name, email address, and the date of account deletion. Trustpilot will retain this log for three years. All other data, including user reviews, will be deleted.

In certain instances, even if users delete their accounts, Trustpilot retains certain data in anonymised or aggregated form (such as portal visits).

Trustpilot retains personal data that it receives from companies using Trustpilot's services for three years. Trustpilot uses cookies and similar technologies to provide, optimise, personalise and analyze its services, as well as for advertising purposes.

If users have a user account with Trustpilot, they can access, edit, download, or delete the most important personal data associated with their profile at any time by logging into their account. From there, you can also manage your subscription and marketing preferences. Users can access the stored data, request deletion and correction, and have the right to object to the processing of their personal data, and to restrict the processing of their personal data.

Further information and Trustpilot's applicable data protection provisions can be found at.

Data protection provisions on the use and application of Typeform

The data controller has integrated components from Typeform on this website. Typeform is an online Software-as-a-Service (SaaS) company based in Barcelona, specialising in the creation of online forms and online surveys. Its main software creates dynamic forms based on user requirements.

The operating company of Typeform is Typeform S.L., Carrer Bac de Roda, 163, 08018 Barcelona.

The data entered will be stored by this service and forwarded to us or made accessible to us. Typeform does not use this data for its own purposes.

The legal basis for this data processing is Article 6(1)(f) GDPR (legitimate interests of the controller).

There is a legitimate interest in the targeted display of contact forms tailored to specific topics and questions, as well as the ability to adapt them quickly and cost-effectively oneself.

This personal data will not be passed on to third parties.

Further information and the applicable data protection provisions can be found at typeform.com.

Data Protection Regulations on the Use and Application of Vimeo

The controller has integrated Vimeo components on this website.

The operating company of Vimeo is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
This tells the Vimeo server which of our pages you have visited. Vimeo also obtains your IP address. This also applies if you are not logged into Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to the Vimeo server in the United States of America. When you visit one of our pages equipped with a Vimeo plugin, a connection is established to Vimeo's servers.

When you are logged into your Vimeo account, you allow Vimeo to directly associate your browsing behaviour with your personal profile. You can prevent this by logging out of your Vimeo account.

The use of Vimeo is in the interest of an engaging presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR.

Provided that corresponding consent has been requested, processing will exclusively take place on the basis of Article 6(1)(a) GDPR; consent can be withdrawn at any time.

Further information and the applicable data protection provisions can be found at.

Privacy Policy on the use and deployment of Webinarjam

The data controller has integrated components of Webinarjam on this website. Free webinars are offered here.

The operating company is Genesis Digital LLC, 7660 Fay Ave #H184, La Jolla, CA 9203, USA.

After registering for webinars, WebinarJam will be aware of your email address and you will receive an invitation link. Clicking the invitation link establishes a connection to WebinarJam's servers. This process informs the servers which of our pages you have visited (referrer). Your IP address will also be transmitted to the WebinarJam server. This applies even if you are not logged into WebinarJam or do not have an account with WebinarJam.

Further information and the applicable data protection regulations can be found at home.webinarjam.com.

Data Protection Policy on the Use and Application of Zapier

The data controller has integrated components of Zapier on this website. Zapier is used for integrating different databases and tools.

The operating company is Zapier Inc., 548 Market St #62411, San Francisco, California 94104, USA.

Customer data can be transmitted with the exception of payment data. Zapier collects user information. This includes information provided by the user such as name, email address and address. In addition, Zapier automatically collects user information when a new account is created, such as payment information. Zapier receives information about users from other sources such as third-party service providers, public databases and our business and distribution partners. This information may include business contact information, address, job title, email address and phone number. Zapier may combine this information with information collected in other ways. Zapier collects user information in particular to improve its own services, to respond to user queries and to protect the integrity or security of the company, the website, the services or third-party applications. The data may also be used to fulfil obligations, enforce rights, comply with a legal obligation (including assisting customers in fulfilling their legal obligations), if this is necessary for the legitimate interests or to fulfil another purpose for which you have provided the data. Information that Zapier collects from the Site will be transferred to, and processed in, the United States and any other country in which Zapier or its affiliates, subsidiaries or third party service providers maintain facilities or personnel. Zapier takes reasonable steps to protect users' personal data from loss, misuse and unauthorised access, disclosure, alteration or destruction, taking into account the risks involved in the processing and the nature of the personal data. However, no application, internet or email transmission is ever completely secure or error-free and Zapier does not guarantee the security of personal data.

Further information and the applicable data protection regulations can be found at zapier.com

Data protection provisions on the use and application of Zoom

The controller has integrated components from Zoom on this website.

The operating company is Zoom Video Communications, Inc., 55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA.

Zoom collects the following information, among others, when users register for a free Zoom account: date of birth (solely for age verification), first and last name, and telephone numbers. For users who create a paid Zoom account, Zoom specifically stores user data related to a Zoom account, telephone number for billing purposes, and billing address. Zoom automatically collects technical information from software or systems of Zoom that host the services, as well as from systems, applications, and devices used to access the services, as soon as the Zoom services are used. Location data is also automatically collected, among other things.

Zoom shares personal data with companies, organisations and people outside of Zoom and third parties, where user consent has been obtained (where required). If Zoom has received personal data through a Zoom partner and the user becomes a customer, Zoom may share selected personal data with the relevant partner or its representative under the partner agreement to reward a referral partner for a jointly sponsored event. Zoom's partners have contractually committed to adhere to appropriate data protection and security commitments. Zoom provides personal data to vendors and service providers to assist Zoom in delivering services and for Zoom's business purposes.

If users wish to correct or update information they have provided to Zoom, they must contact Zoom directly and update their profile. If users are located in the European Economic Area, they may have the right to exercise certain data protection rights afforded to them under applicable law. Zoom will process requests from these users in accordance with applicable data protection laws. Zoom may need to retain certain information for record-keeping purposes or to complete transactions that users commenced prior to requesting deletion.

Zoom operates globally, meaning personal data may be stored and processed in any country where Zoom or its service providers have facilities or conduct events. Zoom stores personal data collected for as long as necessary, unless a longer retention period is required by law.

The applicable data protection regulations can be accessed at.

Legal basis for processing

Art. 6 I lit. a GDPR serves our company as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the fulfilment of a contract to which the data subject is a party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of another service or consideration, the processing is based on Art. 6 I lit. b GDPR. The same applies to such processing operations that are necessary for the performance of pre-contractual measures, for example in cases of enquiries about our products or services. If our company is subject to a legal obligation which requires the processing of personal data, such as for the fulfilment of tax obligations, the processing is based on Art. 6 I lit. c GDPR. In rare cases, the processing of personal data may become necessary in order to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were injured in our company and their name, age, health insurance details or other vital information would have to be passed on to a doctor, hospital or other third party. The processing would then be based on Art. 6 I lit. d GDPR. Ultimately, processing operations could be based on Art. 6 I lit. f GDPR. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not prevail. We are permitted to carry out such processing operations in particular because they have been specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47 Sentence 2 GDPR).

Legitimate interests pursued by the controller or by a third party

Where the processing of personal data is based on Article 6(1)(f) GDPR, our legitimate interest is the pursuit of our business activities for the benefit of all our employees and our shareholders.

Duration for which the personal data will be stored

The criterion for the duration of personal data storage is the respective statutory retention period. Once the period has expired, the relevant data will be routinely deleted, provided it is no longer required for contract fulfilment or the initiation of a contract.

Legal or contractual regulations for the provision of personal data; necessity for the conclusion of a contract; obligation of the data subject to provide personal data; possible consequences of non-provision

We would like to inform you that the provision of personal data is partly required by law (e.g. tax regulations) or may also result from contractual provisions (e.g. information on the contractual partner). Sometimes it may be necessary for a contract to be concluded for a data subject to provide us with personal data that must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with them. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before personal data is provided by the data subject, the data subject must contact one of our employees. Our employee will inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what the consequences would be if the personal data were not provided.

Existence of automated decision-making

As a responsible company, we do not use automated decision-making or profiling.

Creation of this privacy policy

This privacy policy was created by SYLVENSTEIN Rechtsanwälte in collaboration with DGD Deutsche Gesellschaft für Datenschutz GmbH.

Italy

J & R Tuscany

Majorca

L & L Son Marroig

All

View all Weddings

Definitions

Name and address of the controller

Cookies

Collection of general data and information

Registration on our website

Newsletter subscription

Newsletter Tracking

Contact options via the website

Blog comment function on the website

Data protection in applications and the application process

Routine deletion and blocking of personal data

Data subject rights

Right to confirmation

Right to information

Right to rectification

Right to erasure (right to be forgotten)

Right to restriction of processing

Right to data portability

Right to object

Automated individual decision-making, including profiling

Right to withdraw consent under data protection law

Special Data Protection Provisions

Data Protection Provisions on the Use and Employment of ActiveCampaign

Data protection regulations on the use and deployment of All-Inkl.com

Data Protection Provisions on the Use and Application of Amazon Affiliate Programme Functions

Data Protection Regulations on the Use and Application of Antispam Bee

Privacy Policy on the Use and Application of Calendly

Data Protection Regulations on the Use and Application of Contact Form 7

Data protection regulations on the use and application of Copecart

Data Protection Regulations on the Use and Application of Digistore24

Data Protection Regulations on the Use and Application of Elementor

Data protection provisions on the use and deployment of Facebook

Data Protection Policy on the Use and Application of Facebook Pixel

Data Protection Regulations on the Use and Application of Google AdWords

Data Protection Provisions on the Use and Application of Google Analytics (with Anonymisation Function)

Data protection provisions on the use and deployment of Google Drive

Privacy Policy on the Use and Application of Google Fonts

Privacy Policy on the Use and Application of Hubspot

Data protection provisions on the use and application of Instagram

Privacy Policy on the Use and Operation of Kajabi

Data Protection Regulations on the Use and Application of Rank Math SEO

Data Protection Policy for the Use and Application of Trustpilot

Data protection provisions on the use and application of Typeform

Data Protection Regulations on the Use and Application of Vimeo

Privacy Policy on the use and deployment of Webinarjam

Data Protection Policy on the Use and Application of Zapier

Data protection provisions on the use and application of Zoom

Legal basis for processing

Legitimate interests pursued by the controller or by a third party

Duration for which the personal data will be stored

Legal or contractual regulations for the provision of personal data; necessity for the conclusion of a contract; obligation of the data subject to provide personal data; possible consequences of non-provision

Existence of automated decision-making

Creation of this privacy policy

J & R
Tuscany

L & L
Son Marroig

View all
Weddings