1 Privacy at a glance
1.1 General information
The following notes give a simple overview of what happens to your personal information when you visit our website. Personal data is all data that personally identifies you. Detailed information on data protection can be found in the privacy statement below.
1.2 What do you need to know about the data collection on our website?
• Who is responsible for the data collection on this website?
The data processing on this website is carried out by the website operator. Its contact details can be found in the imprint of this website.
• How do we collect your data?
Your data will be collected on the one hand, that you tell us. This may be, for example, data that you enter in a contact form, when completing a membership or in the member area. Other data is collected automatically when visiting the website through our IT systems. These are above all technical data (eg Internet browser, operating system or time of the page request). The collection of this data is automatic as soon as you enter our website.
• What do we use your data for?
Part of the data is collected to ensure a flawless provision of the website. Other data can be used to analyze your user behavior. Again, additional data can be used to create customized content for you, such as customized recipes.
• What rights do you have regarding your data?
You have the right at any time to receive information about the origin, recipient and purpose of your stored personal data free of charge. You also have a right to request the correction, blocking or deletion of this data. You can contact us at any time under the address given in the imprint for further information on data protection. Furthermore, you have a right of appeal to the competent supervisory authority.
1.3 third-party analysis tools and tools
2 General information and mandatory information
We point out that the data transmission in the Internet (eg in the communication by E-Mail) can exhibit security gaps. A complete protection of the data from access by third parties is not possible.
2.1 Note to the responsible body
The responsible data processing unit on this website is:
Point Media GmbH
Telephone: +49 30 34060029-40
Fax: +49 30 34060029-41
Responsible body is the natural or legal person who, alone or together with others, decides on the purposes and means of processing personal data (eg names, e-mail addresses, etc.).
2.2 Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke an existing consent at any time. An informal message by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
2.3 Right of appeal to the competent supervisory authority
In the case of violations of data protection law, the person concerned has the right of appeal to the responsible supervisory authority. Responsible supervisory authority in data protection questions is the Lan-desdatenschutzbeauftragte of the state of Berlin. You can find the contact details here.
2.4 Right to Data Portability
You have the right to have data, which we process automatically on the basis of your consent or in the performance of a contract, handed to itself or to a third party in a common, machine-readable format. If you require the direct transfer of the data to another person in charge, this will only be done to the extent technically feasible.
2.5 SSL or TLS encryption
This site uses, for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as a site operator, an SSL or. TLS encryption. You can recognize an encrypted connection by changing the address line of the browser from "http: //" to "https: //" and the lock symbol in your browser line.
If SSL or TLS encryption is enabled, the data you submit to us can not be read by third parties.
2.6 Encrypted payments on this website
If, after the conclusion of a fee-based contract, there is an obligation to send us your payment data (eg account number for direct debit authorization), this data will be required for payment processing.
However, the data for payment transactions are not stored with us. Instead, they are sent directly to the payment service provider. This is BS PAYONE GmbH, Lyoner Strasse 9, 60528 Frankfurt / Main.
Payment via the common means of payment (Visa / MasterCard, direct debit, immediate transfer) is made exclusively via an encrypted SSL or TLS connection. You can tell from an encrypted connection that the browser's address bar changes from "http: //" to "https: //" and to the padlock icon in your browser bar.
In the case of encrypted communication, your payment data that you send to us or to our payment service provider can not be read by third parties.
2.7 Information, Blocking, Deletion
Within the scope of the applicable legal provisions, you have the right at any time to provide information free of charge about your stored personal data, their origin and recipient and the purpose of the data processing and, if necessary, the right to correct, block or delete this data. For this purpose and for further questions about personal data, you can contact us anytime at the address given in the imprint.
2.8 Opposition to advertising mails
The use of contact data published in the context of the imprint obligation for sending unsolicited advertising and information materials is hereby rejected. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example through spam e-mails.
3 Data Protection Officer
We have appointed a data protection officer for our company.
Point Media GmbH
Data Protection Officer
4 Data collection on our website
The internet pages partly use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and stored by your browser.
Most of the cookies we use are so-called "session cookies". They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to re-recognize your browser on your next visit.
You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, the acceptance of cookies in certain cases or generally exclude and activate the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.
4.2 server log files
We automatically collect and store information in so-called server log files, which your browser automatically transmits to us. These are:
• Browser type and browser version
• used operating system
• Referrer URL
• Host name of the accessing computer
• Time of the server request
• IP address
A combination of this data with other data sources is not made, we are therefore unable to identify you on the basis of this information without the involvement of the knowledge of a third party (eg your Internet service provider). Under certain circumstances, such a merger will only take place in the exceptional cases in which your IP address has been punishable by interference on our web server.
The basis for data processing is Art. 6 para. 1 lit. f DSGVO, which permits the processing of data in order to safeguard our legitimate interests (in particular, protection against hacking, spamming, denial of service attacks, ensuring and improving the functionality and stability of the website, etc.).
Server log files are stored for 7 days according to legal retention periods. A longer storage period may be warranted in exceptional cases due to certain IT security incidents associated with our web servers.
4.3 contact form
If you send us inquiries via the contact form, your details will be saved from the Anfra form including the contact details provided by you for the purpose of processing the request and in case of follow-up questions. We will not share this information without your consent.
The processing of the data entered into the contact form is therefore exclusively based on your consent (Art. 6 (1) lit. DSGVO). You can revoke this consent at any time. An informal message by e-mail to us is sufficient. The lawfulness of the data processing operations carried out until the recall remains unaffected by the revocation.
The data entered by you in the contact form remain with us until you ask us for deletion, revoke your consent to the storage or the purpose for the data storage is omitted (eg after completion of your request). Mandatory statutory provisions - especially retention periods - remain unaffected.
4.4 Registration on our website
You can register on our website to use additional features on the site. On the one hand, you can do this for free, with a correspondingly limited scope of functions. However, you can also purchase paid access to the members area. We only use the data entered for the purpose of using the respective offer or service for which you have registered. The mandatory information requested during registration must be given in full, so that a proper contractual relationship can be entered into and the online offer can be matched with you. Otherwise, we will reject the registration.
For important changes, such as the scope of the offer or for technically necessary changes, we use the e-mail address specified during the registration in order to inform you in this way.
The processing of the data entered during registration takes place on the basis of your consent (Art. 6 (1) (a) GDPR). You can revoke your consent at any time. An informal message by e-mail to us is sufficient. The legality of the data processing already carried out remains unaffected by the revocation.
The data collected during registration will be stored by us as long as you are registered on our website and will then be deleted. Legal retention periods remain unaffected.
4.5 commentary on this website
In addition to your comment, the comment function on this page will also contain information about the time you created the comment, your e-mail address and, if you are not anonymous, the user name you have selected.
Our comment function stores the IP addresses of the users who write comments. Since we do not usually review comments on our site prior to activation, we need this information in order to act against the author in the event of infringement, such as insults or propaganda.
As a user of the page you can subscribe to comments after registering. You will receive a confirmation email to verify that you are the owner of the given email address. You can unsubscribe from this function at any time via a link in the info mails. The data entered in the course of subscribing to comments will be deleted in this case; however, if you have submitted this data to us for other purposes and elsewhere (eg, newsletter order), they will remain with us.
The comments and the associated data (eg IP address) are stored and remain on our website until the commented content has been completely deleted or the comments have to be deleted for legal reasons (eg offensive comments).
The comments are stored on the basis of your consent (Art. 6 (1) a DSGVO). You can revoke your consent at any time. An informal message by e-mail to us is sufficient. The legality of the already completed data processing operations remains unaffected by the revocation.
4.6 Processing of data (customer and contract data)
We collect, process and use personal data only insofar as they are necessary for the establishment, content or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b DSGVO, which allows the processing of data to fulfill a contract or pre-contractual measures.
We collect, process and use personal data on the use of our website (usage data) only insofar as this is necessary in order to enable or charge the user for the use of the service. The collected customer data will be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected. In particular, due to the nature of the product in the form of a digital delivery to the customer, the content retrieved by the customer on the website, the time and the IP address are stored as proof of delivery. This delivery data will be kept in our administration program until you ask us to delete it, revoke your consent for storage or the purpose for data storage no longer applies. Subsequently only by separately protected access in data backups according to the legal regulations available. Compulsory statutory provisions - in particular retention periods - remain unaffected.
4.7 Data transmission at the conclusion of the contract
We only transfer personal data to third parties if this is necessary in the course of the contract, for example to the companies entrusted with the delivery of the goods or to the bank responsible for processing the payment. Any further transmission of the data does not follow or only if you have expressly consented to the transmission. A transfer of your data to third parties without explicit consent, such as for advertising purposes, does not take place.
The basis for data processing is Art. 6 para. 1 lit. b DSGVO, which allows the processing of data to fulfill a contract or pre-contractual measures.
5 Social Media
5.1 Share content via plugins (Facebook, Google+, Twitter & Co.)
The content on our pages can be shared in privacy-friendly social networks such as Facebook, Twitter or Google+. This site does not actively embed the provider's sharing buttons. Direct contact between the networks and you as a user is not established until you actively click on one of these buttons as a user.
An automatic transfer of user data to the operators of these platforms is therefore not. If the user is logged in to one of the social networks, when using the social buttons of Facebook, Google + 1, Twitter & Co. an information window appears, in which the user can confirm the text before submitting.
Our users can share the content of this page in social networks in compliance with data protection laws without the creation of complete surf profiles by the network operators.
5.2 Facebook plugins (Like & Share button)
On our pages plugins of the social network Facebook, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, are integrated. The Facebook plugins can be recognized by the face-book logo or the "Like-Button" ("Like") on our site. An overview of the Facebook plugins can be found here: https://developers.facebook.com/docs/plugins/.
When you visit our pages, the plugin establishes a direct connection between your browser and the Facebook server. Facebook receives the information that you have visited our site with your IP address. If you click on the Facebook "Like-Button" while you are logged into your Facebook account, you can link the contents of our pages to your Facebook profile. As a result, Facebook can assign the visit to our pages to your user account.
If you do not wish Facebook to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.
5.3 Instagram plugin
Functions of the service Instagram are integrated on our sides. These features are provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, United States.
If you are logged in to your Instagram account, you can link the contents of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate the search of our pages with your user account. We point out that we as the provider of the pages do not know the content of the transmitted data and their use by Instagram.
5.4 Pinterest Plugin
On our site, we use social plugins from the Pinterest social network operated by Pinte-rest Inc., 808 Brannan Street, San Francisco, CA 94103-490, USA ("Pinterest").
When you visit a page that contains such a plugin, your browser connects directly to the servers of Pinterest. The plugin transmits log data to the server of Pin-terest in the USA. This log data may include your IP address, the address of the visited Web sites that also contain Pinterest features, browser type and settings, the date and time of the request, how you use Pinterest, and cookies.
6 analysis tools and advertising
6.1 Google Analytics
This website uses functions of the web analytics service Google Analytics. Provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
Google Analytics cookies are stored on the basis of Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.
6.1.1 IP anonymization
We have activated the function IP anonymization on this website. As a result, your IP address will be truncated by Google within member states of the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other website and internet related services to the website operator. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data.
6.1.2 Browser Plugin
You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible. In addition, you may prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by using the browser available at the following link. Download and install plugin: https://tools.google.com/dlpage/gaoptout?hl=en.
6.1.3 Opposition to data collection
6.1.4 Conclusion of an order data processing contract
We have entered into a contract data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
6.1.5 Demographics in Google Analytics
This website uses the demographics feature of Google Analytics. As a result, reports can be produced that contain statements on the age, gender and interests of the site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This data can not be assigned to a specific person. You can disable this feature at any time through the ad settings in your Google Account, or generally prohibit the collection of your data by Google Analytics as outlined in the section "Opposition to data collection".
6.2 Google Analytics Remarketing
Our websites leverage the features of Google Analytics Remarketing with the cross-device capabilities of Google AdWords and DoubleClick. Provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
This feature allows the Google Analytics remarketing ad groups to be linked to the cross-device features of Google AdWords and Google DoubleClick. In this way, interest-based, personalized advertising messages that were adapted to you depending on your previous usage and surfing behavior on one device (eg mobile phone) can also be displayed on another of your devices (eg tablet or PC).
Once you have given your consent, Google will associate your web and app browsing history with your Google Account for this purpose. That way, any device that signs in to your Google Account will be able to post the same personalized promotional messages.
To support this feature, Google Analytics collects Google-authenticated IDs of users who are temporarily linked to our Google Analytics data to define and create audience for cross-device ad promotion.
You can permanently opt out of cross-device remarketing / targeting by turning off personalized advertising in your Google Account; follow this link: https://www.google.com/settings/ads/onweb/.
The aggregation of the collected data in your Google Account is based solely on your consent, which you can submit or revoke on Google (Article 6 (1) (a) GDPR). For data collection operations that are not merged into your Google Account (eg, because you do not have a Google Account or have objected to the merge), the collection of data is based on Art. 6 para. 1 let. f DSGVO. The legitimate interest results from the fact that the website operator has an interest in the anonymous analysis of website visitors for advertising purposes.
6.3 Google AdWords and Google Conversion Tracking
This website uses Google AdWords. AdWords is an online advertising program of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States ("Google").
As part of Google AdWords, we use the so-called conversion tracking. When you click on an ad served by Google, a conversion tracking cookie is set. Coo-kies are small text files that the Internet browser stores on the user's computer. These cookies lose their validity after 30 days and are not used for the personal identification of the users. If the user visits certain pages of this website and the cookie has not expired yet, Google and we can recognize that the user clicked on the ad and was redirected to this page.
Each Google AdWords customer receives a different cookie. The cookies can not be tracked through the websites of advertisers. The information obtained from the conversion cookie is used to generate conversion statistics for AdWords advertisers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, they do not receive information that personally identifies users.
If you do not want to participate in tracking, you can opt-out of this by disabling the Google Conversion Tracking cookie through its Internet browser under User Preferences. You will not be included in the conversion tracking statistics.
The storage of "conversion cookies" is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.
You can set your browser so that you are informed about the setting of cookies and cookies only in individual cases allow, the acceptance of cookies in certain cases or generally exclude and enable the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.
6.4 Facebook pixels
Our website uses Facebook's visitor action pixel for conversion measurement, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook").
This way, the behavior of the site visitors can be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. As a result, the effectiveness of Facebook advertisements can be evaluated for statistical and market research purposes and future advertising measures optimized.
The collected data are anonymous to us as the operator of this website, we can not draw conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook data usage directive. This allows Facebook to enable ads to be displayed on Facebook and outside of Facebook. This use of data can not be influenced by us as the site operator.
You can also disable the remarketing Custom Audiences feature in the Ad Settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_set-tings_screen. To do this, you must be logged in to Facebook.
7 Newsletters, Email Marketing, LiveChat, Product Information and Support
7.1 Newsletter data
If you would like to receive the newsletter offered on the website, we require an e-mail address from you, as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter , Further data are not collected or only on a voluntary basis. We use this data exclusively for the delivery of the requested information and do not pass it on to third parties.
The processing of the data entered into the newsletter registration form takes place exclusively on the basis of your consent (Art. 6 (1) lit. DSGVO). The granted consent to the storage of the data, the e-mail address and their use for sending the newsletter can be revoked at any time, for example via the "unsubscribe" link in the newsletter. The legality of the already completed data processing operations remains unaffected by the revocation.
The data deposited with us for the purpose of subscribing to the Newsletter will be saved by us from the newsletter until your cancellation and deleted after cancellation of the newsletter. Data stored for other purposes with us (eg e-mail addresses for the member area) remain unaffected.
7.2 Newsletter distribution and e-mail marketing based on product information
When you purchase products, services, or memberships on our website, stating your e-mail address, we may subsequently use it to send you product information. In such a case, the newsletter will only send direct advertising for your own similar products, services or memberships.
In connection with the processing of data for the sending of newsletters, the data will not be forwarded to third parties. The data will be used exclusively for sending the newsletter.
For sending our e-mails, including newsletters and e-mail marketing, we use the Send-Grid service of the eponymous company SendGrid, Inc., 1801 California Street, Suite 500, Denver, Colorado 80202, USA.
The servers on which SendGrid processes the data are in the US, so their e-mail address is transferred there. We have completed the EU standard contractual clauses with SendGrid.
Our customer communications service is Intercom Inc. 98 Battery Street, Suite 402, San Francisco, CA 94111 USA.
With its service, we connect with our customers and visitors via e-mail, direct mail, push notifications and LiveChat to provide assistance, to provide product information, to inform about technical malfunctions.
The use of Intercom is based on our legitimate interest acc. Art. 6 para. 1 lit. f DSGVO.
More information about Intercom can be found here: https://docs.intercom.com/pricing-privacy-and-terms/data-protection/how-were-preparing-for-gdpr.
To process customer inquiries, we use the Zendesk ticket system, a Zendesk Inc. Customer Service Platform, 989 Market Street # 300, San Francisco, CA 94102. To do this, we collect necessary data such as first name and email address through our website ,
The use of Zendesk is based on our legitimate interest acc. Art. 6 para. 1 lit. f DSGVO.
Zendesk is a certified participant of the so-called "Privacy Shield Framework" and thus meets the minimum requirements for legally compliant order data processing.
Further information on Zendesk's data processing can be found here: https://www.zendesk.de/company/customers-partners/eu-data-protection/.
If you contact us via e-mail or via the form on the website, we will only use the personal data you have provided to process the specific request. The given data will of course be treated confidentially. The specified data and the message history with our support area will be saved for follow-up questions and subsequent contact. The processing of the data entered into the contact form is based on your consent (Article 6 (1) (a) GDPR).
We have signed an agreement with Zendesk for order data processing and fully implement the requirements of the German data protection authorities when using Zendesk.
8. Plugins, tools and other third party services
Our website uses plugins from the Google-powered YouTube page. Site operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
When you visit one of our YouTube plug-in sites, you will be connected to the servers of YouTube. This tells the YouTube server which of our pages you've visited.
If you're logged in to your YouTube account, YouTube will allow you to direct your surfing behavior directly to your personal profile. You can prevent this by logging out of your Y-ouTube account.
The use of YouTube is in the interest of an attractive presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.
Our website uses plugins from the video portal Vimeo. Provider is Vimeo Inc., 555 West 18th Street, NY, New York 10011, USA.
If you visit any of our sites equipped with a Vimeo plugin, you will be connected to Vimeo's servers. This tells the Vimeo server which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo will be transmitted to the Vimeo server in the United States.
If you are logged in to your Vimeo account, you allow Vimeo to associate your surfing behavior directly with your personal profile. You can prevent this by logging out of your Vimeo account.
8.3 Google Web Fonts
This site uses so-called web fonts, provided by Google, for the uniform representation of fonts. When you call up a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
To do this, the browser you use must connect to Google's servers. As a result, Google learns that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a consistent and attractive presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.
If your browser does not support web fonts, a default font will be used by your computer.
8.4 Google Maps
This site uses the mapping service Google Maps via an API. Provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
To use the features of Google Maps, it is necessary to save your IP address. You will also be asked for your location as an option. This information is usually transmitted to and stored on a Google server in the United States. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of an attractive presentation of our online offers and an easy findability of the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.
To secure this website and optimize load times CloudFlare is used as CDN ("Content Delivery Network"). As a result, all requests are forcibly routed through their servers and consolidated into non-deactivatable statistics. According to information provided by the provider, the collected raw data will normally be deleted within 4 hours, at the latest after 3 days. Here you will find information about the data collected there (https://blog.cloudflare.com/what-cloudflare-logs/) and about security and privacy (https://www.cloudflare.com/security-policy/) at CloudFlare ,
The CDN (Content Delivery Network) service is provided to you by technology partner CloudFlare Inc., based in the United States. For the CDN service, content data is purposefully processed for performance improvement worldwide on CloudFlare servers. In addition, security tools and traffic monitoring will be provided through CloudFlare Inc., based in the United States. For this purpose, the usage data of visitors to this website is processed on CloudFlare servers.
The basis for data processing is Art. 6 para. 1 lit. f DSGVO, which permits the processing of data in order to safeguard our legitimate interests (in particular protection against denial of service attacks).
8.6 Amazon CloudFront
To secure this website and optimize load times, Amazon CloudFront is used as the CDN ("Content Delivery Network").
Operation of the service requires that all inquiries about the servers be managed by Amazon and consolidated into non-deactivatable statistics. Here you will find information about the data collected there (https://www.amazon.de/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=201909010) on Amazon.
The CDN (Content Delivery Network) service is provided to you by the technology partner Amazon Services Europe S.à.rl (Société à responsabilité limitée), 5 Rue Plaetis, L-2338 Luxembourg. For the CDN service, content data is purposefully processed for performance improvement worldwide on Amazon servers. In addition, security tools and traffic monitoring via Amazon CloudFront are provided.
The basis for data processing is Art. 6 para. 1 lit. f DSGVO, which permits the processing of data in order to safeguard our legitimate interests (in particular protection against denial of service attacks).
8.7 Use of ajax.googleapis.com/jQuery
The likelihood is that you've already used jQuery on another page of the Google CDN. If so, your browser can use the cached copy and it does not need to be downloaded again. If your browser has not cached a copy or for any other reason downloads the file from the Google CDN, then in turn, data will be transferred from your browser to Google Inc. ("Google").
For more information about Google's data processing and opt-out options, please refer to Google's Privacy Notice, currently available at: https://www.google.com/intl/en/policies/privacy/
If you pay in a currency other than Euros, we will need to convert the amount you have paid into Euros. To do this, we need to determine the current price that is relevant to your transaction. For this we use the service OpenExchangeRates of the Open Exchange Rates (UK) Limited, 5 Luke Street, London, England EC2A 4PX.
The basis for this are statutory requirements that we as a corporation must fulfill (Article 6 (1) (c) GDPR).
Only data that is required for the day-to-day conversion of the amount of your used currency into euros will be transferred.
More information can be found here: https://openexchangerates.org/privacy.
For accounting support we may use the service of Candis GmbH, Stubbenkammerstr. 3, 10437 Berlin.
Our legitimate interest in using this service provider is based on Art. 6 para. 1 lit. f DSGVO.
It transmits data that is relevant to our internal accounting. There is a contract for order data processing with the service provider.
Further information can be found here: https://candis.io/datenschutz/.
The EU VAT Directive requires the capture of the customer's location. For this, the country of an IP address is determined. In addition, to provide you with specific services (such as displaying the products available in your country) and to protect our web pages from attacks, we use a geoligation service from MaxMind Inc., 14 Spring Street, 3rd FloorWaltham, MA on our website 02451, USA.
This service analyzes IP addresses to determine your approximate location. A precise site-orientation of the website visitor is excluded, there is only the storage of the land.
Our website uses plugins of the service provider VDOcipher. The supplier is VdoCipher Media Solutions Pvt Ltd. D-312, FF, Sushant Shopping Arcade, Sushant Lok-1, Gurgaon.
When you visit one of our pages equipped with a VDOcipher plugin, a connection is made to VDOcipher's servers. The VDOcipher server is informed which of our pages you have visited. In addition, VDOcipher obtains your IP address. This also applies if you are not logged in to VDOcipher or do not have an account with VDOcipher. The information collected by VDOcipher can be transmitted to the VDOcipher server in the USA.
The basis for data processing is Art. 6 para. 1 lit. f DSGVO, which allows the processing of data in order to safeguard our legitimate interests (in particular copy protection of our videos).
8.12 Domain Factory
Our website is partly hosted on servers of the following service providers: domainfactory GmbH, Oskar-Messter-Str. 33, D-85737 Ismaning.
The basis for this is Art. 28 GDPR.
There is a contract for order data processing.
8.13 Amazon Web Services
Our website is partially hosted on servers by the following service providers: Amazon Web Services, Inc., 410 Terry Avenue North, Seattle WA 98109, USA.
The basis for this is Art. 28 GDPR.
There is a contract for order data processing.
Our website is hosted in part on servers by the following service providers: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
The basis for this is Art. 28 GDPR.
There is a contract for order data processing.
9 payment providers
On our website we offer the payment via PayPal. Provider of this payment service is PayPal (Europe) S.à.rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal").
If you select payment via PayPal, the payment details you have entered (in particular your e-mail address) will be transmitted to PayPal.
The transmission of your data to PayPal is based on Art. 6 para. 1 lit.a DSGVO (consent) and Art. 6 para. 1 lit. b DSGVO (processing to fulfill a contract). You have the opportunity to revoke your consent to data processing at any time. Revocation does not affect the effectiveness of historical data processing operations.
On our website we offer, among other things, the payment with the services of Klarna. Provider is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter "Klarna").
The transmission of your data to Klarna is based on Art. 6 para. 1 lit. a DSGVO (consent) and Art. 6 para. 1 lit. b DSGVO (processing to fulfill a contract). You have the opportunity to revoke your consent to data processing at any time. Revocation does not affect the effectiveness of historical data processing operations.
On our website we offer the payment via "Sofortüberweisung". Provider of this payment service is the Sofort GmbH, Theresienhöhe 12, 80339 Munich (hereinafter "Sofort GmbH").
With the help of the procedure "Sofortüberweisung" we receive a payment confirmation from Sofort GmbH in real time and can immediately start to fulfill our obligations.
If you have decided to use the "Sofortüberweisung" method of payment, please forward the PIN and a valid TAN to Sofort GmbH, with which you can log in to your online banking account. Sofort GmbH automatically checks your account balance after logging in and transfers the money to us using the TAN you have submitted. Afterwards it will send us a transaction confirmation without delay. After logging in, your sales, the credit line of the credit line and the existence of other accounts as well as their stocks will be checked automatically.
In addition to the PIN and the TAN, the payment data entered by you as well as personal data will be transmitted to Sofort GmbH. The personal data are first name, surname, address, telephone number (s), e-mail address, IP address and possibly other data required for payment processing. The transmission of this data is necessary to establish your identity without any duplication and to prevent fraud.
The transmission of your data to Sofort GmbH is based on Art. 6 para. 1 lit. a DSGVO (consent) and Art. 6 para. 1 lit.b DSGVO (processing to fulfill a contract). You have the option to revoke your consent to data processing at any time. Revocation does not affect the effectiveness of historical data processing operations.
For details on payment with Sofortüberweisung refer to the following links: https://www.sofort.de/da-tenschutz.html and https://www.klarna.com/sofort/.
Among other things, we offer payment via Paydirekt on our website. The provider of this payment service is Paydirekt GmbH, Hamburger Allee 26-28, 60486 Frankfurt am Main, Germany ("Paydirekt").
If you execute the payment via Paydirekt, Paydirekt collects different transaction data and forwards them to the bank where you are registered with Paydirekt. In addition to the data required for the payment, Paydirekt collects additional data as part of the transaction processing, such as delivery address or individual items in the shopping cart.
Paydirect then authenticates the transaction using the authentication method stored at the bank. Subsequently, the payment amount will be transferred from your account to our account. Neither we nor third parties have access to your account information.
We have commissioned BS PAYONE GmbH, Fraunhoferstraße 2-4, 24118 Kiel, to process the payments (PayPal, Giropay, SOFORT transfer, SEPA direct debit, advance payment by SEPA transfer). For this purpose, BS PAYONE GmbH requires, among other things, your name and address, account number and bank code or IBAN and BIC or credit card number (including validity period), invoice amount and currency as well as the transaction number. BS PAYONE GmbH may use this information for the purpose of payment processing and pass it on to us.
We have concluded a contract data processing contract with PAYONE and, of course, fully implement the strict requirements of the German data protection authorities when using PAYONE.
1 Datenschutz auf einen Blick
1.1 Allgemeine Hinweise
Die folgenden Hinweise geben einen einfachen Überblick darüber, was mit Ihren personenbezogenen Daten passiert, wenn Sie unsere Website besuchen. Personenbezogene Daten sind alle Daten, mit denen Sie persönlich identifiziert werden können. Ausführliche Informationen zum Thema Datenschutz entnehmen Sie der im folgenden aufgeführten Datenschutzerklärung.
1.2 Was müssen Sie über die Datenerfassung auf unserer Website wissen?
• Wer ist verantwortlich für die Datenerfassung auf dieser Website?
Die Datenverarbeitung auf dieser Website erfolgt durch den Websitebetreiber. Dessen Kontaktdaten können Sie dem Impressum dieser Website entnehmen.
• Wie erfassen wir Ihre Daten?
Ihre Daten werden zum einen dadurch erhoben, dass Sie uns diese mitteilen. Hierbei kann es sich z.B. um Daten handeln, die Sie in ein Kontaktformular, beim Abschluss einer Mitgliedschaft oder im Mit-gliederbereich eingeben. Andere Daten werden automatisch beim Besuch der Website durch unsere IT-Systeme erfasst. Das sind vor allem technische Daten (z.B. Internetbrowser, Betriebssystem oder Uhrzeit des Seitenaufrufs). Die Erfassung dieser Daten erfolgt automatisch, sobald Sie unsere Website betreten.
• Wofür nutzen wir Ihre Daten?
Ein Teil der Daten wird erhoben, um eine fehlerfreie Bereitstellung der Website zu gewährleisten. Andere Daten können zur Analyse Ihres Nutzerverhaltens verwendet werden. Wiederum weitere Da-ten können verwendet werden, um individualisierte Inhalte für Sie zu erstellen, beispielsweise men-genmäßig angepasste Rezepte.
• Welche Rechte haben Sie bezüglich Ihrer Daten?
Sie haben jederzeit das Recht, unentgeltlich Auskunft über Herkunft, Empfänger und Zweck Ihrer ge-speicherten personenbezogenen Daten zu erhalten. Sie haben außerdem ein Recht, die Berichtigung, Sperrung oder Löschung dieser Daten zu verlangen. Hierzu sowie zu weiteren Fragen zum Thema Da-tenschutz können Sie sich jederzeit unter der im Impressum angegebenen Adresse an uns wenden. Des Weiteren steht Ihnen ein Beschwerderecht bei der zuständigen Aufsichtsbehörde zu.
1.3 Analyse-Tools und Tools von Drittanbietern
Beim Besuch unserer Website kann Ihr Surf-Verhalten statistisch ausgewertet werden. Das geschieht vor allem mit Cookies und mit sogenannten Analyseprogrammen. Die Analyse Ihres Surf-Verhaltens erfolgt in der Regel anonym; das Surf-Verhalten kann nicht zu Ihnen zurückverfolgt werden. Sie können dieser Analyse widersprechen oder sie durch die Benutzung bestimmter Tools oder durch das setzen so genannter Opt-Out-Cookies verhindern. Detailierte Informationen dazu finden Sie in der folgenden Datenschutzerklärung.
2 Allgemeine Hinweise und Pflichtinformationen
Die Betreiber dieser Seiten nehmen den Schutz Ihrer persönlichen Daten sehr ernst. Wir behandeln Ihre personenbezogenen Daten vertraulich und entsprechend der gesetzlichen Datenschutzvorschriften sowie dieser Datenschutzerklärung.
Wenn Sie diese Website benutzen, werden verschiedene personenbezogene Daten erhoben. Perso-nenbezogene Daten sind Daten, mit denen Sie persönlich identifiziert werden können. Die vorliegende Datenschutzerklärung erläutert, welche Daten wir erheben und wofür wir sie nutzen. Sie erläutert auch, wie und zu welchem Zweck das geschieht.
Wir weisen darauf hin, dass die Datenübertragung im Internet (z.B. bei der Kommunikation per E-Mail) Sicherheitslücken aufweisen kann. Ein lückenloser Schutz der Daten vor dem Zugriff durch Dritte ist nicht möglich.
2.1 Hinweis zur verantwortlichen Stelle
Die verantwortliche Stelle für die Datenverarbeitung auf dieser Website ist:
Point Media GmbH
Telefon: +49 30 34060029-40
Telefax: +49 30 34060029-41
Verantwortliche Stelle ist die natürliche oder juristische Person, die allein oder gemeinsam mit ande-ren über die Zwecke und Mittel der Verarbeitung von personenbezogenen Daten (z.B. Namen, E-Mail-Adressen o. Ä.) entscheidet.
2.2 Widerruf Ihrer Einwilligung zur Datenverarbeitung
Viele Datenverarbeitungsvorgänge sind nur mit Ihrer ausdrücklichen Einwilligung möglich. Sie können eine bereits erteilte Einwilligung jederzeit widerrufen. Dazu reicht eine formlose Mitteilung per E-Mail an uns. Die Rechtmäßigkeit der bis zum Widerruf erfolgten Datenverarbeitung bleibt vom Widerruf unberührt.
2.3 Beschwerderecht bei der zuständigen Aufsichtsbehörde
Im Falle datenschutzrechtlicher Verstöße steht dem Betroffenen ein Beschwerderecht bei der zustän-digen Aufsichtsbehörde zu. Zuständige Aufsichtsbehörde in datenschutzrechtlichen Fragen ist der Lan-desdatenschutzbeauftragte des Landes Berlin. Die Kontaktdaten finden Sie hier.
2.4 Recht auf Datenübertragbarkeit
Sie haben das Recht, Daten, die wir auf Grundlage Ihrer Einwilligung oder in Erfüllung eines Vertrags automatisiert verarbeiten, an sich oder an einen Dritten in einem gängigen, maschinenlesbaren For-mat aushändigen zu lassen. Sofern Sie die direkte Übertragung der Daten an einen anderen Verant-wortlichen verlangen, erfolgt dies nur, soweit es technisch machbar ist.
2.5 SSL- bzw. TLS-Verschlüsselung
Diese Seite nutzt aus Sicherheitsgründen und zum Schutz der Übertragung vertraulicher Inhalte, wie zum Beispiel Bestellungen oder Anfragen, die Sie an uns als Seitenbetreiber senden, eine SSL-bzw. TLS-Verschlüsselung. Eine verschlüsselte Verbindung erkennen Sie daran, dass die Adresszeile des Browsers von “http://” auf “https://” wechselt und an dem Schloss-Symbol in Ihrer Browserzeile.
Wenn die SSL- bzw. TLS-Verschlüsselung aktiviert ist, können die Daten, die Sie an uns übermitteln, nicht von Dritten mitgelesen werden.
2.6 Verschlüsselter Zahlungsverkehr auf dieser Website
Besteht nach dem Abschluss eines kostenpflichtigen Vertrags eine Verpflichtung, uns Ihre Zahlungsda-ten (z.B. Kontonummer bei Einzugsermächtigung) zu übermitteln, werden diese Daten zur Zahlungs-abwicklung benötigt.
Die Daten für den Zahlungsverkehr werden jedoch nicht bei uns gespeichert. Stattdessen werden diese direkt an den Zahlungsdienstleister übermittelt. Dieser lautet BS PAYONE GmbH, Lyoner Straße 9, 60528 Frankfurt/Main.
Der Zahlungsverkehr über die gängigen Zahlungsmittel (Visa/MasterCard, Lastschriftverfahren, Sofort-überweisung) erfolgt ausschließlich über eine verschlüsselte SSL- bzw. TLS-Verbindung. Eine verschlüs-selte Verbindung erkennen Sie daran, dass die Adresszeile des Browsers von "http://" auf "https://" wechselt und an dem Schloss-Symbol in Ihrer Browserzeile.
Bei verschlüsselter Kommunikation können Ihre Zahlungsdaten, die Sie an uns bzw. Unseren Zahlungs-dienstleister übermitteln, nicht von Dritten mitgelesen werden.
2.7 Auskunft, Sperrung, Löschung
Sie haben im Rahmen der geltenden gesetzlichen Bestimmungen jederzeit das Recht auf unentgeltli-che Auskunft über Ihre gespeicherten personenbezogenen Daten, deren Herkunft und Empfänger und den Zweck der Datenverarbeitung und ggf. ein Recht auf Berichtigung, Sperrung oder Löschung dieser Daten. Hierzu sowie zu weiteren Fragen zum Thema personenbezogene Daten können Sie sich jeder-zeit unter der im Impressum angegebenen Adresse an uns wenden.
2.8 Widerspruch gegen Werbe-Mails
Der Nutzung von im Rahmen der Impressumspflicht veröffentlichten Kontaktdaten zur Übersendung von nicht ausdrücklich angeforderter Werbung und Informationsmaterialien wird hiermit widerspro-chen. Die Betreiber der Seiten behalten sich ausdrücklich rechtliche Schritte im Falle der unverlangten Zusendung von Werbeinformationen, etwa durch Spam-E-Mails, vor.
Wir haben für unser Unternehmen einen Datenschutzbeauftragten bestellt.
Point Media GmbH