Enviamos el mismo día Envío gratis a partir de 50 € (España) Derecho de devolución de 365 días 00 800 / 1978 1978 (lun.-vier. de 9:00 a 19:00)

Privacidad

Privacy Policy


Data Protection Declaration

Thank you for your interest in our website and our company. The protection of your personal data during collection, processing, and usage during your visit to our homepage is of great importance to us. We collect, process, and use your personal data in accordance with the laws and regulations of the Federal Republic of Germany as well as paramount European legal regulations. Below, you will find information on which data we collect during your visit to our website, and how this data is used:

1. Name and Address of Responsible Authority 

The responsible authority within the meaning of the Federal Data Protection Act as well as other data protection provisions is:

titus GmbH

Scheibenstr. 121

48153 Münster

Germany

Tel.: 0251 / 777 111

Fax: 0251 / 52 000 49

Email: datenschutz@titus.de

Website: www.titus.de, www.titus.at, www.titus-shop.com

 

II. Name and Address of Data Protection Officer

The responsible data protection officer is:

 

Frank Thiel

titus GmbH

Scheibenstr. 121

48153 Münster

Telephone: 0251 / 777 111

E-Mail: datenschutz@titus.de

Website: www.titus.de, www.titus.at, www.titus-shop.com

 

III. General Information Regarding Data Processing

1. Processing of Personal Data

Titus GmbH only processes personal data of users and/or customers if it is necessary to provide a functional website, to provide our content and services, to fulfill purchase contracts with our customers, or to comply with legal regulations. The processing of personal data of our users and/or customers takes place only with the consent of the user and/or customer. An exception applies in cases which prior consent cannot be obtained for valid reasons and/or the processing of the data is permitted by legal regulations.

 

2. Legal Basis for the Processing of Personal Data

The legal basis for consensually obtained personal data is Art. 6 para. 1 lit. a EU Data Protection Ordinance (DSGVO).

In processing personal data required for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b DSGVO serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.When processing of personal data is required to fulfill a legal obligation to which our company is obliged, Art. 6 para. 1 lit. c DSGVO serves as the legal basis.

In the event that the vital interests of a data subject or another natural person requires processing of personal data, Article 6(1)(d) DSGVO serves as the legal basis.

If data processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests and fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f DSGVO serves as the legal basis.

 

3. Deletion of Data and Data Storage Time

The personal data of the user concerned will be deleted or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if it has been provided for the European or national legislator in EU regulations, laws or other provisions to which the person responsible is subject. The data will be blocked or deleted if a storage period set forth by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.

 

IV. Hosting

The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage and database services, security services and technical maintenance services that we use for the purpose of operating this online offering.

 

We or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta- and communication data of customers, interested parties and visitors of our online offerings on the basis of our legitimate interests in an efficient and secure provision according to Art. 6 Para. 1 lit. f DSGVO in conjunction with. Art. 28 DSGVO (conclusion of order processing contract).

 

V. Website Provisions and Creation of Log Files

1.     Description and Scope of Data Processing

Each time a user visits our website, our system automatically collects data and information from the (computer) system operated by the user.

The following data is collected:

 

·           Time stamp

·           Transmission protocol

·           HTTP status code

·           Amount of data transferred

·           URL

·           Web browser / Operating system

 

The log files contain data that enable assignment to a user. This could be the case, for example, if the link to the website from which the user accesses our website or the link to our website to which the user switches to contains personal data.

 

The data is stored in the log files of our system. This data is not stored together with other personal data of the user.

 

2.     Legal Basis for Data Processing

The legal basis for data processing and log files is Art. 6 Abs. 1 lit. f DSGVO.

 

3.     Purpose of Data Processing

The temporary storage of the IP address by our system is necessary to enable the website to be delivered to the user's computer. For this, the IP address of the user must remain stored for the duration of the user’s session.

 

The data is stored in log files to ensure functionality of our website. In addition, the data serves us to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

 

Our legitimate interest in data processing is pursuant to Art. 6 para. 1 lit. f DSGVO.

 

4.     Duration of Data Storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

 

If the data is stored in log files, this is the case after seven days. However, further storage is possible. In the case of further storage, the IP address of the users are deleted or alienated, so that it is no longer possible to associate the data with a specific user.

 

5.     Possibility of Opposition For Users

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

 

VI. Use of Cookies

1. Description and Scope of Data Processing

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. If a user visits a website, a cookie may be stored on the user's internet browser. This cookie contains a character string that enables a unique identification of the browser when the website is visited again.

We use the following cookies to make our website more user-friendly. Some elements of our website require that the browser can be identified even after a page change.

 

·         CSRF-Cookie: You can find information for CSRF-Protection here: CSRF-Protection

·         Session-Cookie: Using the session cookie, our website decides whether the respective user has an active shopping basket and whether the user is logged in. It serves as identification between browser and server. No further information except the session ID is stored in the browser.

·         x-cache-context-hash-Cookie: A cookie used to tell what content should be cached.

·         x-ua-device-Cookie

·         Currency-Cookie                      

·         selectedCountry-Cookie      

 

In addition to the data listed above, the following data is stored and transmitted in cookies:

 

·           Language settings

·           Items in shopping cart

·           Log-In information

·           Selected country

·           Selected currency

·           Device type

 

We also use cookies on our website to enable analysis of the user's surfing behavior.

For this, the following data can be transmitted:

 

·           Entered search terms

·           Frequency of page views

·           Use of website functions

·        Accessed web pages

·        Registrations in customer account

·        Adding/Removing items from shopping cart

·        Website purchases

·        Use of Titus live chat function

·        Registration to newsletter

·           Purchases with advertising partners

 

When you visit our website, an information banner informs you about the use of cookies for analytical purposes and refers you to this data protection statement. In this context, there is also a note on how the storage of cookies can be prevented in the browser settings.

 

2. Legal Basis for Data Processing

The legal basis for data processing and logfiles is Art. 6 Abs. 1 lit. f DSGVO.

 

3. Purpose of Data Processing

The purpose of using necessary cookies is to simplify the use of our websites for users. Some functions of our website cannot be offered without the use of cookies. For this, it is necessary that the browser is recognized even after a page change.

 

Cookies are necessary for the following uses:

·           Functionality of shopping cart features

·           Language settings

·           Remembering search terms

·           Display of offers on the home page

·           Keeping track of acceptance during processing steps

 

The user data collected by necessary cookies are not used to create user profiles.

 

The analysis cookies are used to improve the quality of our website and its content. Through use of analysis cookies, we learn how the website is used and can thus continuously optimize the website.

 

For these purposes, our legitimate interest also lies in the processing of personal data in accordance with Art. 6 para. 1 lit. f DSGVO.

 

4. Duration of Storage and Possibility of User Objection

Cookies are stored on the user's computer and transmitted to our website. Therefore, you, as a user, have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website in full.

 

VII. Newsletter

1.  Description and Scope of Data Processing

Our website offers the option to subscribe to a free newsletter.

 

a)     When registering for our Email Newsletter, the following data is transmitted to us:

 

Mandatory Data:

·            Email address of the user

 

Voluntary Data:

·            Salutation

·            First name

·            Last name

·            Street and house number

·            ZIP code

·            City

·            Type of newsletter – men‘s or women‘s

 

In addition, the following data is automatically collected during registration:

·            Date of registration

·            Source of contact

·            Language of registration

·            Opt-In status

 

In the course of the registration process, reference is made to this privacy policy and your consent to receive the newsletter and have your voluntary data processed is obtained.

If you purchase goods or services on our website and provide us with your email address, we may subsequently use it to send you a newsletter. In such a case, the newsletter will only send direct advertising for similar goods or services of our own.

In connection with the data processing for the dispatch of newsletters, data is passed on to our service provider Emarsys Interactive Services GmbH, Stralauer Platz 34, 10243 Berlin. 

The following data will be passed on to Emarsys Interactive Services GmbH, Stralauer Platz 34, 10243 Berlin:

 

·            Email address

·            First name – when given by the user

·            Last name – when given by the user

·            Street and house number – when given by the user

·            ZIP code – when given by the user

·            City – when given by the user

·            Type of newsletter – male or female – when given by the user

·            Language Settings

 

 

The data will be used exclusively for sending the newsletter. To protect your data, a contract has been concluded with Emarsys Interactive Services GmbH for the processing of order data.

 

The newsletters contain a so-called "web-beacon", i.e. a small file that is retrieved from our service provider's server when the newsletter is opened. Within the scope of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval are collected.

 

This information is used to improve the services based on technical data of the target groups and their reading behavior based on their retrieval locations (which can be determined using the IP address) or access times. The statistical surveys also include determination of whether the newsletters are opened, when they are opened, and which links are clicked. For technical purposes, this information can be assigned to individual newsletter recipients. However, it is not our intention, nor that of the service provider, to observe individual users. The evaluations serve us to recognize the reading habits of our users and to adapt our content to them according to their interests.

 

b)     When Registering for our WhatsApp Newsletter, the following data is transmitted:

·       Mobile phone number

·       Sent messages

·       Date of registration

·       Any other data that the user transmits while using the Whatsapp Messaging service

 

The WhatsApp newsletter is sent via the WhatsApp Messenger application. WhatsApp's privacy policy can be found here: https://www.whatsapp.com/legal/?lang=en

 

2.     Legal Basis for Data Processing

The legal basis for the processing of the data after registration for the newsletter is Art. 6 para. 1 lit. a DSGVO.

 

If the information serves the fulfilment of a contract to which the user is a party, e.g. the provision of a free service or the implementation of pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 para. 1 lit. b DSGVO.

 

The legal basis for the processing of data transmitted in the course of registration for the newsletter is Art. 6 para. 1 lit. f DSGVO.

 

The legal basis for sending the newsletter as a result of the sale of goods or services is Section 7 para. 3 UWG.

 

3.     Purpose of Data Processing

The collection of the user's email address serves to send the newsletter.

 

By voluntarily providing further data by the user, the newsletter can be personalized for the user.

 

The collection of other personal data as part of the registration process serves to prevent misuse of the services or the email address provided.

 

4.     Duration of Data Storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. The user's email address will therefore be stored for as long as the subscription to the newsletter is active.

 

5.     Possibility of User Objection

The subscription to the newsletter can be cancelled by the user at any time. For this purpose, there is a corresponding link in every newsletter.

 

If the user deletes our telephone number from the phone book of their mobile phone, the sending of the newsletter is automatically stopped and resumed as soon as our number is saved again. To permanently end the sending of the WhatsApp newsletter, a message stating "STOP" must be sent to us. However, the user can also unsubscribe from receiving the newsletter by sending any other message which makes it clear that the user no longer wishes to receive the newsletter.  

 

This also makes it possible to revoke consent to the storage of personal data collected during the newsletter registration process.

 

VIII. Other Emails Sent to Users

1.     Description and Scope of Data Processing

On our website, users have the possibility to use the following functions:

·           Notification when an item becomes available again – „Coming Soon“ 

The following data will be transmitted to us:

 

·            Email address of user

·            Item that the user chooses to be notified about 

In addition, the following data is collected during registration:

·           IP Address of the user’s computer

·           Time and date that the request was made

·           Opt-In Status

·           Language

As soon as the notifications requested by the user have been sent, the status "sent" is saved by us.


Within the framework of setting up the notification function, your consent is obtained for the processing of data and reference is made to this privacy policy.

 

The data will only be used for sending the desired notifications.

 

2.     Legal Basis for Data Processing

The legal basis for the processing of the data transmitted by the user when setting up the notification function is Art. 6 para. 1 lit. a DSGVO if the user has given his consent.

If the information serves the fulfilment of a contract to which the user is a party, e.g. the provision of a free service or the implementation of pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 para. 1 lit. b DSGVO.

The legal basis for the processing of data transmitted in the course of setting up the notification function is Art. 6 para. 1 lit. f DSGVO.

 

3.     Purpose of Data Processing

The collection of the user's e-mail address and the article for which information is requested serves to transmit the Coming Soon information to the user.

The collection of other personal data as part of the activation of Coming Soon mailings serves to prevent misuse of the services or the e-mail address used.

 

4.     Duration of Data Storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. The user's email address will therefore be stored for as long as the notification function is active.

 

5.     Possibility of User Objection

The notification function can be cancelled by the user at any time. For this purpose, there is a corresponding cancellation link in each notification.

 

It is possible to revoke consent to the storage of personal data collected during registration for notifications.

 

IX. Registration

1.     Description and Scope of Data Processing

On our website, we offer users the option to register for an account by providing personal data. The data is entered into an input mask, transmitted to us, and saved. The following data is collected during the registration process: 

Mandatory data:

·            Salutation – With option of “no gender” selection

·            First name

·            Last name

·            Email address

·            Password

·            Birth date/age

·            Address (street and house number, ZIP code, city, country)

 

Voluntary data:

·            Phone number

·            Shipping address/additional address info

·            Pack station shipping address/Pack station number

 

At the time of registration, the following data is also stored:

 

·           IP Address of the user

·           Time and date of registration

·           Cookie session ID

·           Device type

·           User agent (browser, country, language, operating system, etc.)

·           Language

·           Last login

·           Failed login attempts

 

For the processing of the data within the registration process, reference is made to this data protection declaration and user consent is obtained for the processing of voluntary data.

 

2.     Legal Basis for Data Processing

The legal basis for the processing of data is Art. 6 para. 1 lit. a DSGVO if the user has given their consent.

 If registration serves the fulfillment of a contract to which the user is a party or the implementation of pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 para. 1 lit. b DSGVO.

The legal basis for the processing of data transmitted in the course of creating the customer account is Art. 6 para. 1 lit. f DSGVO.

 

3.     Purpose of Data Processing

User registration is necessary for the fulfillment of a contract with the user or for the implementation of pre-contractual measures.

The creation of a customer account facilitates the ordering process for the user. The customer account eliminates the need to re-enter the data for each new order. The user only has to log into his customer account with his user name and password and can place an order.

For the creation of a customer account, it is necessary to secure it with a user name/email and password to prevent third parties from misusing the account to place orders.

In order to fulfill sales contracts concluded with the user, the following data is necessary to deliver the items ordered by the user and to create order confirmations and invoices for the items ordered by the user:

·           First name

·           Last name

·           Address (street and house number, ZIP code, city, country)

·           Additional address info

The indication of a birth date is necessary to check the user's legal capacity and, in the event of loss of receivables by the user, to be able to request the user's address from the registration office to assert claims.

Further information serves to optimize communication with the user. The salutation serves to address the user correctly gender-specifically, for example with "Hello Mr...." or "Hello Mrs..." and the correct title. The email address is intended to facilitate communication in order to transmit order confirmations, invoices and the order status to the user. If the user enters a telephone number, this should also be used to optimize communication for the processing of purchase contracts, in particular to clarify any queries that may arise regarding orders or complaints quickly with the customer. 

The user has the possibility to indicate a different delivery address, if he wishes that the order is not delivered to his home address. This can also be a packing station, for example. In this case we need the number of the packing station to deliver the order.

In addition, maintaining contact with our customers is very important to us. For this reason, we send you birthday greetings and ask you to rate items and your shopping experience with us. In addition, users have the option of being informed by email about new shipments from your favorite brands at your express request.

The other personal data processed during the registration process serves to prevent misuse of the registration function and to ensure the security of our information technology systems.

Furthermore, the storage of device type and user data is necessary to ensure the functionality of the website. In addition, the data serves us for optimization, especially user-friendly display of the website, e.g. display of the website in the correct language, currency and optimized for the device used. An evaluation of the data for marketing purposes does not take place in this context.

 

4.     Duration of Data Storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected.

This is the case for those during the registration process to fulfill a contract or to carry out pre-contractual measures when the data is no longer required for the execution of a contract. Even after conclusion of the contract, it may still be necessary to store personal data of the contractual partner in order to fulfill contractual or legal obligations.

 

5.     Possibility of User Objection

Every user has the possibility to cancel their customer registration at any time. Users can also change the data stored about them at any time.

Please contact our data protection officer with the following information:

 

Frank Thiel

titus GmbH

Scheibenstr. 121

48153 Münster

Telephone: 0251 / 777 111

E-Mail: datenschutz@titus.de

 

If the data is required to fulfill a contract or to carry out pre-contractual measures, deletion of user data is only possible insofar as there are no contractual or statutory obligations to the contrary.

In addition, users can object to the transmission of birthday greetings and requests for product evaluations at any time. Users can also object to their consent of brand notifications at any time. For this purpose, there is a corresponding link in each message.

X. Conclusion of Sales Contracts

1.     Description and Scope of Data Processing

On our website, we offer users the opportunity to place orders, therefore concluding purchase contracts. For this, it is necessary to collect personal data. The data is entered into an input mask, transmitted to us, and saved.

The following data is saved during the sales contract process:

·           Customer Number

·           Item Name

·           Item Number

·           Color (if applicable)

·           Size (if applicable)

·           Quantity

·           Discount (if applicable)

·           Unit Price

·           Total Item Price

·           Shipping Costs

·           Total Order Price

·           Value added tax included in purchase price

·           Currency and conversion factor

·           Discount Codes (if applicable)

·           Value of Discount Codes

·           Cashpoints – Please reference XII. Ziff. 1 - Cashpoints

·           Billing Address

·           Shipping Address

·           Shipping Method

·           Payment Method and payment details

 

When paying by credit card, the following info is also collected:

 

·           Transaction ID

·           Order ID

·           Temporary Order ID

·           Alias for display

·           Active Alias

·           Payment Machine Name(Credit card or Postfinance Efinance)

·           Payment Method

·           Payment ID

·           Transaction Object

·           Authorization Type

·             Customer ID

·             Created On

·             Updated On

·             Authorization Amount

·             Authorization Status

·             Paid

·             Currency

·             Shop ID

·             Transaction Binary Object

·             Session Binary Data

 

 

When the order process is started, the following data is also collected:

·           IP Address of the user

·           Time and date of the order

·           Language

·           Device type

 

In the context of the purchase process, reference is made to this privacy policy and consent is obtained from the user for the conclusion of the purchase contract (order processing) and for all data which is not necessary for order processing or collection of which we have no legitimate interest.

During the processing of an order, the status of the order changes continuously from e.g. "order received", "order confirmation sent", "order delivered to customer" or "return completed". Every change of the status of the order is saved with date and time as well as the corresponding status.

In addition, it is necessary to assign identification numbers at various points in order to process the order. These are required by our service providers to provide individual partial services. For example, the respective payment service providers assign PaymentIDs, the shipping service provider assigns a ShippingID (tracking code) which are stored by us. 

If you purchase goods or services from us, we may use your address to send you promotional mail, such as our product flyers. In connection with data processing for the dispatch of advertising mail, data is passed on to our service provider mediaport production GmbH & Co. KG, Oststrasse 104a, 22844 Norderstedt.  The following data is sent to mediaport production GmbH & Co. KG, Oststraße 104a, 22844 Norderstedt, Germany:

 

·           First Name

·           Last Name

·           Street and House Number

·           ZIP Code

·           City

The data will be used exclusively for sending advertising mail. For the protection of your data, a contract exists between us and mediaport production GmbH & Co. KG for order data processing.

In order to process sales contracts and fulfill the mutual obligations arising from sales contracts, we have partly commissioned service providers to whom we must pass on personal data. These are the following service providers:

 

a)     Payment Services and Procedures

i.       Wirecard Bank AG

Wirecard Bank AG processes the payment method of iDeal online bank transfer. If the user chooses this payment method, the data necessary for payment processing will be sent to Wirecard Bank AG, Einsteinring 35, 85609 Aschheim.

 

Your data will be used by Wirecard Bank AG exclusively for processing your iDeal online transfer.

 

ii.      SIX Payment Services  (Europe) S.A.

SIX Payment Services (Europe) S.A. processes user credit card payments. They are a Luxembourg-based Société Anonyme with a registered office at 10, rue Gabriel Lippmann, 5365 Munsbach, Luxembourg. If the user chooses this payment method, the necessary data for payment processing will be transmitted to SIX Payment Services (Europe) S.A.

 

Your data will be used by SIX Payment Services (Europe) S.A. exclusively for processing your credit card payment.

 

iii.     PostFinance AG

PostFinance AG, Obernauerstrasse 18, 6010 Kriens, Switzerland, processes Sofortüberweisungen (Online Bank Transfers). If the user chooses this payment method, the data required for payment processing will be passed on to PostFinance AG.

 

Your data will be used by PostFinance AG exclusively for processing user bank transfers.

 

iv.     BS PAYONE GmbH

BS Payone GmbH, Lyoner Straße 9, 60528 Frankfurt/Main, Germany, processes credit card payments and bank transfer payments. If the user chooses one of these payment methods, the necessary data for payment processing will be transmitted to BS Payone GmbH.

 

Your data will be used by BS Payone GmbH exclusively for processing user credit card or bank transfer payments.

 

v.      Klarna

Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden processes Sofortüberweisungen (Online Bank Transfers). If the user chooses this payment method, the data required for payment processing will be passed on to Klarna Bank AB (publ).

 

Your data will be used by Klarna Bank AB (publ) exclusively for processing user bank transfers.

 

vi.     PayPal

PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg processes the payment method of PayPal. If the user chooses this payment method, the data necessary for payment processing will be transmitted to PayPal (Europe) S.à r.l. et Cie, S.C.A..

 

Your data will be used by PayPal (Europe) S.à r.l. et Cie, S.C.A. exclusively for processing user PayPal payments.

 

vii.    DHL Nachname

The DHL Vertriebs GmbH & Co. KG processes the payment method of Cash on Delivery. If the user chooses this payment method, the data necessary for payment processing will be sent to DHL Vertriebs GmbH & Co. KG.

 

User data will be used by DHL Vertriebs GmbH & Co. KG exclusively for the processing of Cash on Delivery payments.

 

viii.   American Express 

American Express Services Europe Limited, Branch office Frankfurt am Main, Theodor-Heuss-Allee 112, 60486 Frankfurt am Main processes credit card payments. If the user chooses this payment method, the data necessary for payment processing will be transmitted to American Express Services Europe Limited.

 

American Express Services Europe Limited uses customer data exclusively for processing credit card payments.

 

b)     Logistics Services

We have commissioned a service provider for logistics services. These are the following services:

·            Packaging of items ordered by the customer

·            Printing of invoices as well as personalized return labels included in packages

·            Transfer of shipping data to the shipping service provider

·            Acceptance and processing of returns

·            Acceptance and processing of customer disputes

 

For the purposes stated above, all data necessary for the provision of the stated services are transmitted to Dittmann GmbH, our logistics service provider.

 

The data will be used exclusively for the provision of the logistics services listed above.

 

c)     Shipping Service Provider

DHL Vertriebs GmbH & Co. KG is commissioned by Titus GmbH to send orders to customers. For this purpose, we transmit the recipient's first and last name and address information to DHL Vertriebs GmbH & Co. KG. The data is only used to send parcels to customers.

 

 

2.     Legal Basis for Data Processing

The legal basis for the processing of data is Art. 6 para. 1 lit. a DSGVO if the user has given consent.

 

If the information serves to fulfill a contract or the implementation of pre-contractual measures to which the user is a party, the additional legal basis for data processing is Art. 6 para. 1 letter b DSGVO.

The legal basis for transmission of data to service providers is Art. 6 para. 1 lit. b DSGVO and Art. 6 para. 1 lit. f DSGVO.

The legal basis for the processing of data transmitted in the course of the order is Art. 6 para. 1 lit. f DSGVO.

 

3.     Purpose of Data Processing

The data collected during the order process will be used exclusively to process the order and payment, in particular to create order confirmations, invoices, dispatch of the order, processing of returns and complaints, creation of credit notes and reversal of the purchase contract. In addition, we refer to the further explanations under item IX, article 3 (Registration of customer account/purpose of data processing).

To optimize the shipping of your order and to enable an overview of the current status of your order, we use stored data to send you status update emails when the status of your order changes as follows, for example:

 

·           Order is ready for delivery

·           In the case of partial delivery: order has been partially delivered

·           Order has been completely delivered

·           If you cancel or return (part of) the order: order was cancelled/returned

The transfer of your personal data to our service providers is necessary in order to fulfill our obligations under the purchase contract concluded with you efficiently.

The other personal data processed during the order process serve to prevent misuse of the order function and to ensure the security of our information technology systems. Furthermore, the storage of data on device type and language is necessary to ensure the functionality of the website. In addition, the data serves us for optimization, especially user-friendly display of the order page, e.g. display of the order page in the correct language and optimized for the device used as well as continuation of further communication, e.g. transmission of the invoice and status messages in the correct language. An evaluation of the data for marketing purposes does not take place in this context.

Our legitimate interest in data processing is pursuant to Art. 6 para. 1 lit. f DSGVO.

 

4.     Duration of Data Storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected.

This is the case for the performance of a contract or for the implementation of pre-contractual measures when the data is no longer required for the implementation of a contract. Even after conclusion of the contract, it may still be necessary to store personal data of the contractual partner in order to fulfill contractual or legal obligations.

 

5.     Possibility of User Objection

Users can change their stored user data at any time.

Please contact our data protection officer using the following info:

 

Frank Thiel

titus GmbH

Scheibenstr. 121

48153 Münster

Telephone: 0251 / 777 111

E-Mail: datenschutz@titus.de

If the data is required to fulfill a contract or to carry out pre-contractual measures, deletion of user data is only possible insofar as there are no contractual or statutory obligations to the contrary. 

XI. Product Reviews

1.     Description and Scope of Data Processing

A form on our website can be used for the submission of product reviews or comments. If a user utilizes this feature, the data will be entered into the input mask and transmitted to us, stored, and published on our online shop on the product page of the evaluated product.

User product reviews or comments can be found on the following web pages:

·           www.titus.de

·           www.titus-shop.com

·           www.titus.at

The following data is collected when a user product review/comment is submitted:

 

Mandatory Data:

·            Name – possibility of entering a pseudonym

·            „Star“ rating

 

Voluntary Data:

·            Entry title

·            „Your opinion“ comment

The following data is also stored when a user submits a product review/comment:

·           Language of the user

·           Time and date of the user entry

User consent must be obtained for the processing of the data within the framework of the product evaluations and reference is made to this privacy policy.

 

In this context, the data will not be passed on to third parties. The data will be used exclusively for publication on our websites and on the product page of the evaluated product.

 

2.     Legal Basis for Data Processing

The legal basis for the processing of data is Art. 6 para. 1 lit. a DSGVO if the user has given their consent.

If registration serves the fulfillment of a contract to which the user is a party or the implementation of pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 para. 1 lit. b DSGVO.

 

3.     Purpose of Data Processing

The processing of personal data from the input mask serves for the publication of a user product evaluation the evaluated product on our web pages, in order to help other prospective buyers with purchase decisions.

The other personal data processed during the sending process serve to prevent misuse of the product evaluation form and to ensure the security of our information technology systems includes:

·         Language type is used to publish the product evaluation in the corresponding language version of our website. For example, product reviews are published in Spanish on our Spanish website.

·         The date and time of the product evaluation should be published together with the product evaluation so that other interested parties can also classify the product evaluation over time and, for example, get an overall picture of product quality changes over time.

 

 

4.     Duration of Data Storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For the personal data from the input mask of the product evaluation form, this is the case if the evaluated product is no longer available for purchase.

 

5.     Possibility of User Objection

The user has the possibility to revoke their consent to the processing of personal data at any time.

Please contact our data protection officer using the following info:

 

Frank Thiel

titus GmbH

Scheibenstr. 121

48153 Münster

Telephone: 0251 / 777 111

E-Mail: datenschutz@titus.de

Following contact with us, all personal data used for product review/comment purposes will be deleted upon request.

XII. Collecting Cashpoints

1.     Description and Scope of Data Processing

A specific number of cash points are assigned to each product - except gift vouchers - which is offered in our webshop and in physical Titus shops (including Titus franchise partners). The amount of cash points is displayed in our webshop under the item price on each product page. In our physical Titus shops, we cannot guarantee that the cashpoint value is also stated for each item. For this reason, the number of cash points can be requested at the checkout when shopping in a Titus store. With each purchase, the cashpoints assigned to the purchased items are transferred to us, stored, and credited to the user's points account. If the purchase takes place in a physical Titus shop, it is necessary that you log into your customer account. Cashpoints balances are found under "My account" on the "Cashpoints" page. If you are in the Cashpoints program, a QR code will be displayed. The QR code can be scanned at the checkout, and the cashpoints collected with the purchase will be credited to your customer account. As soon as the user has collected enough cashpoints, they can be exchanged for a discount voucher. The cashpoints expire 2 years after they have been credited to the user's Cashpoints account.

The following data is collected for the Cashpoints program:

 

·           Email address of the user

·           Customer number

·           Number of Cashpoints collected

·           Currency type

·           Time when Cashpoints were collected

·           Order number that Cashpoints were earned

·           Expiration date of Cashpoints

·           Number of deleted Cashpoints

·           Number of redeemed Cashpoints

·           If the cash points were collected during a purchase in a stationary Titus store, we will save the Titus store location in which the cash points were collected.

·           If the cash points were collected by participating in a competition, the respective competition will be saved.

 

For processing of data within the scope of registration with the Cashpoints program, reference is made to this privacy policy for your participation in the Cashpoints program, for all data which is not necessary for your participation in the Cashpoins program, and in the collection of data which we have no legitimate interest. Your consent for the processing of this data is obtained.

User data will not be passed on to third parties.

2.     Legal Basis for Data Processing

The legal basis for the processing of data is Art. 6 para. 1 lit. a DSGVO if the user has given their consent.

 

If the information serves the fulfilment of a contract to which the user is a party, e.g. the provision of a free service or the implementation of pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 para. 1 lit. b DSGVO.

 

3.     Purpose of Data Processing

The user's email address is used within the scope of the Cashpoint program in order to inform the user about the imminent expiry in good time before cashpoints expire.

Other data is necessary to document the number of cashpoints, in the correct currency, their validity period, and expiration. The customer number must be saved in order to be able to assign the cashpoints to the user's customer account. It is necessary to save the store, since the conditions for the creation and expiration of cash points in over-the-counter stores differ. It is also necessary to be able to delete the corresponding cashpoints when returning items.

 

4.     Duration of Data Storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected.

This is the case if the cash points have been redeemed by the user or expire over time. 

 

5.     Possibility of User Objection

The user has the possibility to revoke his consent to the processing of personal data at any time.  In this case, further participation of the user in the Cashpoint program cannot be granted.

Please contact our data protection officer using the following info:

 

Frank Thiel

titus GmbH

Scheibenstr. 121

48153 Münster

Telephone: 0251 / 777 111

E-Mail: datenschutz@titus.de

 

Following contact with us, all personal data used for Cashpoints purposes will be deleted upon request.

 

XIII. Sweepstakes/Raffle Participation

1.     Description and Scope of Data Processing

We offer sweepstakes on our website at random intervals. When registering for a sweepstakes, data will be transmitted to us, which the user specifies himself. Since different types of sweepstakes are offered, the data collected from the user in connection with participation in the lottery varies. If you participate in a sweepstakes, the data from the input mask will be transmitted to us when you register for the competition.

Mandatory Data:

·            First and last name

·            Birth date

·            Street, house number, ZIP code, city

·            Country

·            If participant is a minor – yes/no

·            Consent to publication of personal data on our homepage or newsletter

 

Voluntary Data:

·            Gender

·            Email address

·            Telephone number

 

Depending on the sweepstakes, it may be necessary to collect additional data. These can be, for example, clothing size, shoe size, or other questions related to the specific sweepstakes criteria.

In addition, the following data is collected upon submission of a sweepstakes entry:

·           Language

·           Name of sweepstakes entered

·           Time and date of registration

 

Upon submission of an entry for our sweepstakes, the user’s consent is obtained for participation in the sweepstakes, for the processing of voluntary information, and reference is made to this privacy policy.

User data will not be passed on to third parties. The data will be used exclusively for the sweepstakes.

 

2.     Legal Basis for Data Processing

The legal basis for the processing of data is Art. 6 para. 1 lit. a DSGVO if the user has given their consent.

If the information serves the fulfilment of a contract to which the user is a party, e.g. the provision of a free service or the implementation of pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 para. 1 lit. b DSGVO.

Legal basis for the transfer of data to service providers is Art. 6 Abs. 1 lit. b DSGVO.

 

3.     Purpose of Data Processing

To complete the competition, the following information is required to send the prizes to the winner and to ensure that each entrant participates only once in the competition:

·         First name

·         Last name

·         Address (street and house number, ZIP code, city, country)

The date of birth is necessary to verify the user's legal capacity.

The voluntary information serves to optimize communication with the user. The salutation serves to address the user correctly gender-specifically, for example with "Hello Mr...." or "Hello Mrs..." The email address is intended to facilitate communication in order to send prize notifications to the lottery participant. If the lottery participant enters a telephone number, this number should also be used to optimize communication for handling the lottery, in particular to inform the lottery participant about a prize.

Depending on the prizes awarded, it may be necessary to request a clothing size in the course of the competition, for example, in order to send the desired size if you win clothing. In some cases, we also use competition questions that may have a personal connection to the participants involved. 

The other personal data processed during the participation in the competition serves to prevent misuse of the competition and to ensure the security of our information technology systems.

 

4.     Duration of Data Storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected.

Data of participants who have not won any of the prizes will be deleted after the winners have been drawn. Data of participants who have been drawn as winners will be deleted as soon as they are no longer required for the processing of the prize.  

 

5.     Possibility of User Objection

The user has the possibility to revoke his consent to the processing of personal data at any time.  In this case, further participation of the user in the competition cannot be granted.

Please contact our data protection officer using the following info:

 

Frank Thiel

titus GmbH

Scheibenstr. 121

48153 Münster

Telephone: 0251 / 777 111

E-Mail: datenschutz@titus.de

 

Following contact with us, all personal data used for sweepstakes purposes will be deleted upon request.

 

XIV. Contact forms, Email contact, contact per WhatsApp and Skype

1.     Description and Scope of Data Processing

There is a contact form on our website which can be used for contacting us online. If a user takes advantage of this possibility, the data entered in the input mask will be transmitted to us and stored. This data is:

 

Mandatory Data:

·            First name

·            Last name

·            Email address

·            Question provided

 

Voluntary Data:

·            Customer number

·            Street and house number

·            ZIP code and city

·            Country

·            Telephone

 

The following data is also collected upon submission of data using the contact form:

 

·           The IP Address of the user

·           Date and time the message was submitted

 

We refer to this privacy policy for the processing of the data within the scope of the sending process. Your consent is obtained for the sending of messages and processing of voluntary data. 

Alternatively, you can contact us via the email address provided, Skype and the WhatsApp messaging service. In this case, the user's personal data transmitted with the email, Skype or WhatsApp message will be stored.

User data will not be passed on to third parties. The data is used exclusively for processing the conversation involved.

We point out that information sent to us unencrypted by electronic mail, by WhatsApp or by using our contact form, may be read by third parties via transmission. We cannot verify your identity and do not know who is behind an email address. A legally secure communication by Email, WhatsApp or the contact form is therefore not guaranteed. For the transmission of messages worthy of protection, we recommend that you send your request by conventional mail.

Persons under 16 years of age should not transmit any personal data to us unless the consent of their legal guardians has been granted. The consent must then be expressly noted in the message. We do not request or knowingly collect personal data from children under 16 years old.

 

 

2.     Legal Basis for Data Processing

The legal basis for the processing of data is Art. 6 para. 1 lit. a DSGVO if the user has given consent.

The legal basis for the processing of data transmitted in the course of sending an e-mail, Skype, or WhatsApp message is Art. 6 para. 1 lit. f DSGVO. If the e-mail/skype or WhatsApp message is aimed at concluding a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b DSGVO.

 

3.     Purpose of Data Processing

The processing of personal data from the input mask serves us only for the contact itself. If you contact us by e-mail, Skype or WhatsApp, you have a legitimate interest in the processing of your data.

The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

 

4.     Duration of Data Storage

User data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For the personal data from the contact form input mask and those sent by e-mail, Skype or WhatsApp, this is the case when the conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the facts in question have been clarified.

 

5.     Possibility of User Objection

The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, Skype or WhatsApp, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

 

Please contact our data protection officer using the following info:

 

Frank Thiel

titus GmbH

Scheibenstr. 121

48153 Münster

Telephone: 0251 / 777 111

E-Mail: datenschutz@titus.de

 

Following contact with us, all personal data used during the contact form process will be deleted upon request.

 

XV. Disclosure of Data to Service Providers

1.     Userlike

a)    Description and Scope of Data Processing

Users can contact us via our website via Titus live chat.  If a user takes advantage of this feature, the content of the call is transmitted to us.

At the time a message is sent via Titus live chat, we store the following data:

 

·           IP Address of the user

·           Time and date of the chat log

·           Name of the Titus employee that user communicated with

 

The Titus live chat is offered by a service provider commissioned by us. This is the company Userlike UG (limited liability),

Probsteigasse 44-46, 50670 Cologne.

Userlike UG stores the following data about users:

 

·           Complete conversation of each chat log

·           Chat language

·           Duration

·           URL from which the chat began

·           URL from which the chat ended

·           Name of Titus employee that user communicated with

 

The data is used exclusively for the conversation. However, we expressly point out the direct storage of data by Userlike UG during the Titus live chat.

 

b)    Legal Basis for Data Processing

The legal basis for the processing of data is Art. 6 para. 1 lit. a DSGVO if the user has given consent.

Additional legal basis for the processing of personal data is Art. 6 para. 1 lit. f DSGVO.

 

c)     Purpose of Data Processing

Other personal data processed by us during use of the Titus Live Chat serves to prevent misuse of the contact form and ensure the security of our information technology systems.

 

Regarding data collected by our service provider - Userlike UG - please refer to the Userlike UG privacy policy, found here: https://www.userlike.com/de/terms#privacy-policy.

 

d)    Duration of Data Storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected.

The additional personal data collected by us during the use of the Titus Live Chat will be deleted after a period of seven days at the latest.

The data collected by Userlike UG will be deleted after a period of one month.

 

e)    Possibility of User Objection

The user has the possibility to revoke their consent to the processing of personal data at any time by contacting us via email. In such a case, a Userlike chat conversation cannot be continued.

Please contact our data protection officer using the following info:

 

Frank Thiel

titus GmbH

Scheibenstr. 121

48153 Münster

Telephone: 0251 / 777 111

E-Mail: datenschutz@titus.de

 

Following contact with us, all personal data retrieved by Titus GmbH during use of the Userlike system will be deleted upon request.

 

2.     Eprofessional

a)    Description and Scope of Data Processing

On the basis of our legitimate interests, (i.e. analysis, optimization and economic operation of our websites within Art. 6 para. 1 lit. f. DSGVO) we use the services of Eprofessional GmbH, Heidenkampsweg 74-76, 20097 Hamburg (hereafter referred to as "EProfessional").

We use EProfessional's online marketing system to place ads on the Google advertising network (e.g., in search results, videos, on websites, etc.) targeted towards users who have a suspected interest in the ads. Their services allow us to display ads for and within our online offering to present users with ads that potentially correspond to their interests. For example, a user is shown ads for products in which he is interested in while visiting other online offers, referred to as "remarketing". For these purposes, when our and other websites on which the Google advertising network is active, Google directly executes a code that accesses remarketing tags (graphics or code, also known as "web beacons") that are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user's browser (comparable technologies can also be used instead of cookies). In this file, it is noted which websites the user visits, which contents he is interested in, which offers the user has clicked on, technical information such as the browser and operating system, referring websites, visiting time, and further information on the use of the online offer.

We also receive an individual "conversion cookie". The information collected with the help of the conversion cookie is used by Eprofessional to generate conversion statistics for us. However, Titus GmbH only sees the total number of anonymous users who clicked on our ad and were redirected to a page with a conversion tracking tag. However, we do not receive any information that personally identifies users.

User data is processed by Eprofessional under a pseudonym. This means that EProfessional does not store and process, for example, the names or email addresses of users, but processes the relevant cookie-related data within pseudonymous user profiles. This means that from Eprofessional's point of view, the ads are not managed and displayed for a specifically identified person, but for the cookie holder, regardless of who the cookie holder is. The following information collected about users is transmitted and stored by Eprofessional:

·           New or existing customer

·           Currency of the order

·           Net total of the order

·           Unique identification number assigned by Eprofessional that can be used to link a purchase to an advertisement

·           Order number

 

b)    Legal Basis for Data Processing

The legal basis for processing users' personal data is Art. 6 para. 1 lit. f DSGVO.

 

c)     Purpose of Data Processing

The purpose of data processing is the targeted placement of advertisements on the Google advertising network and the subsequent billing of the service with our service provider, EProfessional.

 

d)    Duration of Data Storage, Possibility of User Objection

Cookies are stored on the user's computer and transmitted to our site. Therefore, as a user, you have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated while using our website, it may not be possible to use all of the website functions in full.

 

XVI. Google Online Marketing Services

1.     Google Analytics

On the basis of our legitimate interests (i.e. analysis, optimization and economic operation of our websites within Art. 6 para. 1 lit. f. DSGVO) we use Google Analytics, a web analysis service of Google LLC ("Google"). Google utilizes cookies. The information generated from user cookies about the use of the online offering is transferred to a Google server in the USA and stored. Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). Google will use this information on our behalf to evaluate the use of our websites by users, to compile reports on the activities within our online offer, and to provide us with further services associated with the use of our online offer. Pseudonymous user profiles can be created from the processed data. We always use Google Analytics with IP anonymization enabled. This means that Google will reduce the IP address of users within Member States of the European Union or in other states to the Agreement of the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA before it is shortened. The IP address transmitted by the user's browser is not merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent Google from collecting the data generated by the cookie and relating to their use of an online offer and the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en. Further information on data use by Google, possible settings or objections can be found in Google's privacy policy (https://policies.google.com/technologies/ads) and in the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated). Users personal data will be deleted or made anonymous after 14 months.

 

We use Google Analytics to display the ads placed by Google and its partners within advertising services only to users who have also shown an interest in our online offering or who have certain characteristics (e.g. interests in certain topics or products that are determined by web pages visited) that we transmit to Google (so-called "remarketing" or "Google Analytics Audiences"). With the help of remarketing audiences we would also like to ensure that our ads correspond to the potential interests of users.

 

2.     Google Tag Manager

Google Tag Manager is used to manage “website tags” via an interface (and thus integrate Google Analytics and other Google marketing services into our online offering, for example). The Tag Manager (which implements the tags) does not process any personal data of users. With regard to the processing of users' personal data, reference is made to the following information on the Google services usage guidelines: https://www.google.com/analytics/tag-manager/use-policy/.

 

3.     Google AdWords and Conversion Measurements

On the basis of our legitimate interests (i.e. analysis, optimization and economic operation of our websites within Art. 6 para. 1 lit. f. DSGVO) we use the services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, ("Google").

 

Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

 

We use the online marketing system of Google "AdWords" to place ads in the Google advertising network (e.g., in search results, in videos, on websites, etc.) targeted towards users who have a suspected interest in the ads. Their services allow us to display ads for and within our online offering to present users with ads that potentially correspond to their interests. For example, a user is shown ads for products in which he is interested in while visiting other online offers, referred to as "remarketing". For these purposes, when our and other websites on which the Google advertising network is active, Google directly executes a code that accesses remarketing tags (graphics or code, also known as "web beacons") that are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user's browser (comparable technologies can also be used instead of cookies). In this file, it is noted which websites the user visits, which contents he is interested in, which offers the user has clicked on, technical information such as the browser and operating system, referring websites, visiting time, and further information on the use of the online offer..

We also receive an individual "conversion cookie". The information collected with the help of the conversion cookie is used by Google to generate conversion statistics for us. However, Titus GmbH only sees the total number of anonymous users who clicked on our ad and were redirected to a page with a conversion tracking tag. However, we do not receive any information that personally identifies users.

User data is processed pseudonymously within the Google advertising network. This means that Google does not store and process, for example, the names or email addresses of users, but processes the relevant cookie-related data within pseudonymous user profiles. This means that from Google's point of view, the ads are not managed and displayed for a specifically identified person, but for the cookie holder, regardless of who this cookie holder is. This does not apply if a user has expressly permitted Google to process the data without this pseudonymisation. The information collected about the users is transmitted to Google and stored on Google's servers in the USA.

Further information on data use by Google, possible settings, and objections can be found in Google's Privacy Policy (https://policies.google.com/technologies/ads) and in the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated).

 

4.     Google-Re/Marketing-Services

On the basis of our legitimate interests (i.e. analysis, optimization and economic operation of our websites within Art. 6 para. 1 lit. f. DSGVO) we use the marketing and remarketing services ("Google Marketing Services" for short) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, ("Google"). Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). Google marketing services allow us to target ads for and on our websites in order to present users with ads that potentially match their interests. For example, if a user sees ads for products he has been interested in on other websites, this data can be referenced and used for "remarketing" purposes. For these purposes, when our and other websites on which Google marketing services are active, Google directly creates remarketing tags (graphics or code, also known as "web beacons") which are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user's device (comparable technologies can also be used instead of cookies). Cookies can be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. In this file it is noted which websites the user visits, which contents he is interested in and which offers he has clicked on. Furthermore, technical information about the browser and operating system, referring websites, visiting time as well as further information about the use of the online offer is saved. The IP address of the user is also recorded, within the framework of Google Analytics, the IP address is shortened within member states of the European Union or in other signatory states of the European Economic Area Agreement and only in exceptional cases is it completely transmitted to a Google server in the USA before it is shortened. The IP address is not combined with the user's data within other Google offers. The above information may also be linked by Google to information from other sources. If the user then visits other websites, the ads tailored to his interests can be displayed. User data is processed pseudonymously within the framework of Google marketing services. This means that Google does not store and process, for example, the names or email addresses of users, but processes the relevant cookie-related data within pseudonymous user profiles. This means from Google's point of view, the ads are not managed and displayed for a specifically identified person, but for the cookie holder, regardless of who this cookie holder is. This does not apply if a user has expressly permitted Google to process the data without this pseudonymisation. The information collected by Google marketing services about users is transmitted to Google and stored on Google's servers in the USA. One of the Google marketing services we use is the online advertising program "Google AdWords". In the case of Google AdWords, each AdWords customer receives a different "conversion cookie". Cookies cannot therefore be traced through the websites of AdWords customers. The information collected by the cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers see the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, you will not receive any information that personally identifies users. We may include third-party advertisements based on the Google marketing service "AdSense". AdSense uses cookies to enable Google and its partner sites to serve ads based on users' visits to this site or other sites on the Internet. We can also use the "Google Tag Manager" to integrate and manage Google analysis and marketing services into our website. Further information on Google's use of data for marketing purposes can be found on the overview page: https://www.google.com/policies/technologies/ads, Google's Privacy Policy can be accessed at https://www.google.com/policies/privacy If you wish to object to interest-based advertising by Google marketing services, you can use the setting and opt-out options provided by Google: http://www.google.com/ads/preferences.

XVII.   Facebook Analytics

Due to our legitimate interests in the analysis, optimization and economic operation of our websites, the "Facebook pixel" of the social network Facebook, operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or, if user is based in the EU, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"), is used within our online offering. Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). With the help of the Facebook pixel, Facebook is able to determine the visitors of our online offering as a target group for the presentation of ads (so-called "Facebook ads"). Accordingly, we use the Facebook pixel to display the Facebook ads we post only to Facebook users who have also shown an interest in our online offering or who have certain features (e.g. interests in certain topics or products that are determined by the websites visited) that we transmit to Facebook (so-called "custom audiences"). We use the Facebook pixel to ensure that our Facebook ads meet the potential interest of users and are not a nuisance. The Facebook pixel also helps us understand the effectiveness of Facebook ads for statistical and market research purposes by showing whether users have been redirected to our website after clicking on a Facebook ad (so-called "conversion"). Facebook processes the data in accordance with Facebook's Data Usage Policy. Accordingly, general information on the display of Facebook ads can be found in the Facebook Data Usage Policy: https://www.facebook.com/policy.php. Special information and details about the Facebook pixel and how it works can be found in the Facebook help section: https://www.facebook.com/business/help/651294705016616. You can object to data collection by the Facebook pixel and use of your data to display Facebook ads. To set what types of ads you see within Facebook, you can visit Facebook and follow the instructions on usage-based advertising settings: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices. You may also object to the use of cookies for range measurement and advertising purposes via the deactivation page of the network advertising initiative (http://optout.networkadvertising.org/) and the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

XVIII. Bing Ads

On the basis of our legitimate interests (i.e. analysis, optimization and economic operation of our websites within Art. 6 para. 1 lit. f. DSGVO) we use the conversion and tracking tool "Bing Ads" of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Microsoft stores cookies on user devices in order to enable analysis of the use of our online offerings by the user, if user has accessed our online offering via a Microsoft Bing Service (so-called "conversion measurement"). Microsoft and we can recognize in this way that someone has clicked on an ad, has been redirected to our online offering, and has reached a previously defined target page (so-called "conversion page"). We only see the total number of users who clicked on a Bing ad who were then redirected to the conversion page. No IP addresses are stored. No personal information about the identity of the users is stored or communicated.

Microsoft is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active).

If users do not wish to participate in the Bing Ads tracking process, they can deactivate the necessary setting of a cookie via browser settings or use Microsoft's opt-out page: http://choice.microsoft.com/de-DE/opt-out.

Users can find further information on data protection and the cookies used for Microsoft Bing Ads in Microsoft's Privacy Policy: https://privacy.microsoft.com/en-us/privacystatement.

XIX. Online Presence in Social Media

We maintain online presences within social media networks and platforms in order to communicate with active customers, interested parties, and users to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply.

Unless otherwise stated in our privacy policy, we process the data of users who communicate with us within social networks and platforms, e.g. write articles on our websites or send us messages.

XX. Integration of Third Party Content

On the basis of our legitimate interests (i.e. analysis, optimization and economic operation of our websites within Art. 6 para. 1 lit. f. DSGVO) we integrate third party content and services, such as videos, (hereafter referred to as "content"). This always presupposes that the third party content providers receive the IP address of the users, because the IP Address is necessary for them to send the content to the user. The IP address is therefore required for the display of this content. We will only use content whose respective providers use the IP address only for the delivery of the contents, whenever possible for us to do so. Third-party providers may also use pixel tags ("web beacons") for statistical or marketing purposes. Pixel tags can be used to evaluate information such as visitor traffic on the pages of a website. The pseudonymous information may also be stored in cookies on the user's device and may include technical information about the browser and operating system, referring websites, visiting time and other information about the use of our online offering, as well as being linked to such information from other sources.

1.     Youtube

We integrate videos from the platform "YouTube" provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. View their privacy policy here: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

2.     Google Maps

We integrate services from "Google Maps" provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The processed data may include particular IP addresses and location data of the users, which, however, are not collected without their consent (as a rule, within the framework of the settings on a user’s mobile device). The data can be processed by Google in the USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

3.     Use of Facebook Social Plugins

On the basis of our legitimate interests (i.e. analysis, optimization and economic operation of our websites within Art. 6 para. 1 lit. f. DSGVO) we use social plugins ("Plugins") of the social media network facebook.com, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). The plugins can display interaction elements or content (e.g. videos, graphics or text contributions) and are identified by one of the Facebook logos (white "f" on blue tile, the terms "like", "like" or a "thumbs up" sign) or are marked with "Facebook Social Plugin". The list and appearance of Facebook Social Plugins can be viewed here: https://developers.facebook.com/docs/plugins/. Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). When a user activates a function of our online offering that contains such a plugin, his device establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to the user's device and integrated into the online offering. The processed data can be used to create user profiles. We therefore have no influence on the amount of data Facebook collects with the help of this plugin or ability to inform users according to respective level of knowledge. By integrating the plugins, Facebook receives information that a user has requested the corresponding page of the online offer. If the user is logged in to Facebook, Facebook can assign the visit to his Facebook account. When users interact with the plugins, such as pressing the Like button or posting a comment, the information is sent directly from your device to Facebook and stored there. If a user is not a member of Facebook, it is still possible for Facebook to obtain and store their IP address. According to Facebook, only an anonymized IP address is stored for users in Germany. The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the relevant rights and setting options for the protection of users' privacy, can be found in Facebook's data protection information: https://www.facebook.com/about/privacy/. If a user is a Facebook member and does not want Facebook to collect data via this online offer and link it to his membership data stored on Facebook, they must log out of Facebook before using our online offering and delete their cookies. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US page http://www.aboutads.info/choices/ or the EU page http://www.youronlinechoices.com/. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices of the user.

4.     Twitter

Functions and contents of the Twitter service, offered by Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, can be integrated into our online offering. This may include, for example, content such as images, videos or texts and buttons with which users can express their appreciation of the content, subscribe to the authors of the content or our contributions. If the users are members of the Twitter platform, Twitter can assign the above content and functions to their user profiles. Twitter is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active). Privacy Policy: https://twitter.com/en/privacy, Opt-Out: https://twitter.com/personalization.

 

5.     Instagram

Within our online offering, functions and contents of the Instagram service, offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA, can be integrated. This may include, for example, content such as images, videos or texts and buttons with which users can express their appreciation of the content, subscribe to the authors of the content or our contributions. If the users are members of the Instagram platform, Instagram can assign the the above contents and functions to the profiles of their users. Instagram Privacy Policy: http://instagram.com/about/legal/privacy/.

 

6.     Pinterest

Within our online offering, functions and contents of the Pinterest service, offered by Pinterest Inc. 635 High Street, Palo Alto, CA, 94301, USA, can be integrated. This may include, for example, content such as images, videos or texts and buttons with which users can express their appreciation of the content, subscribe to the authors of the content or our contributions. If the users are members of the Pinterest platform, Pinterest can assign the the above contents and functions to the profiles of their users. Pinterest's privacy policy: https://about.pinterest.com/en/privacy-policy.

 

7.     Google Fonts

We integrate the fonts ("Google Fonts") of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated

 

XXI.  Presence in Social Networks

We maintain online presences within social networks and platforms in order to communicate with active customers, interested parties, and users to inform them about our services.

We point out that user data can be processed outside the European Union. This can pose risks for users as the enforcement of users' rights could be made more difficult. With regard to US providers certified under the Privacy Shield, we would like to point out that they commit themselves to comply with EU data protection standards.

Furthermore, user data can be processed for market research and advertising purposes. For example, user profiles can be created from user behavior and the resulting interests of users. The usage profiles can in turn be used, for example, to place advertisements inside and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the user's computer, in which the user's usage behavior and interests are stored. Furthermore, data can be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to these).

The processing of users' personal data is carried out on the basis of our legitimate interests in effective user information and communication with users pursuant to Art. 6 para. 1 lit. f. DSGVO. If the users are asked by the respective providers for consent to data processing (i.e. to give their consent e.g. by ticking a checkbox or confirming a button), the legal basis of processing is Art. 6 para. 1 lit. a., Art. 7 DSGVO.

For a detailed description of the respective data processing and possibility of objection (opt-out), please refer to the information given by the providers below.

In the case of requests for information and the assertion of user rights, we point out that these can be asserted most effectively with the providers directly. Only the providers have access to user data and can take appropriate measures to provide information. If further assistance is required, please contact us.

 - Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland) – Privacy Policy: https://www.facebook.com/about/privacy/, Opt-Out: https://www.facebook.com/settings?tab=ads und http://www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.

- Google/ YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) – Privacy Policy:  
https://policies.google.com/privacy, Opt-Out: https://adssettings.google.com/authenticated, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

- Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) – Privacy Policy/ Opt-Out: https://help.instagram.com/519522125107875.

- Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – Privacy Policy: https://twitter.com/en/privacy, Opt-Out:
https://twitter.com/personalization, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.

- Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA) – Privacy Policy/ Opt-Out: https://policy.pinterest.com/en-gb/privacy-policy.

- Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Deutschland) – Privacy Policy/ Opt-Out: https://privacy.xing.com/en/privacy-policy.

XXII.     Data Subject‘s Rights

If personal data is processed for a user, the user is affected within meaning of the DSGVO and has the following rights:

 

1.     Right to Information

The user may ask the person in charge to confirm whether personal data concerning them will be processed by us.

If such processing has taken place, you can request the following information from the responsible person:

(1)     the purposes for which the personal data is processed;

(2)     the categories of personal data processed;

(3)     the recipients or categories of recipients to whom the personal data concerning you have been or are still being disclosed;

(4)     the planned duration of the storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage period;

(5)     the existence of a right to have your personal data concerning you corrected or deleted, a right to have processing restricted by the controller or a right to object to such processing;

(6)     the existence of a right of appeal to a supervisory authority;

(7)     any available information on the origin of the data if the personal data was not collected from the data subject;

(8)     the existence of automated decision-making, including profiling in accordance with Article 22(1) and (4) DSGVO and - at least in these cases - meaningful information on the logic involved and the scope and intended effects of such processing for the data subject.

 

You have the right to request information as to whether the personal data concerning you is transferred to a third party or to an international organization. In this context, you may request to be informed of the appropriate guarantees pursuant to Art. 46 DSGVO related to the transmission.

This right to information may be limited to the extent that it is likely to make it impossible or to impair the realization of research or statistical purposes and the limitation is necessary for the fulfillment of research or statistical purposes.

 

2.     Right to Rectification

Users have a right of rectification and/or correction by the data controller if the personal data processed concerning a user is incorrect or incomplete. The person responsible shall make the correction without delay.

Your right to rectification may be limited to the extent that it is likely to render impossible or to impair research or statistical purposes and the limitation is necessary for the fulfillment of the research or statistical purposes.

 

3.     Right to Limitation of Processing

Under the following conditions, you may request that the processing of personal data concerning you be restricted:

(1)     if you dispute the accuracy of the personal data concerning you for a period of time that enables the person responsible to verify the accuracy of the personal data;

(2)     if the data processing is unlawful;

(3)     if the controller no longer needs the personal data for processing purposes and the user objects to further storage, or

(4)     if the user has filed an objection to the processing pursuant to Art. 21 para. 1 DSGVO and it has not yet been determined whether the legitimate reasons of the person responsible outweigh the user’s reasons.

 

If the processing of personal data concerning you has been restricted, such data may only be processed - apart from being stored - with your consent or for the purpose of asserting, exercising, or defending rights or protecting the rights of another natural or legal person or on grounds of an important public interest of the Union or a Member State.

If the processing restriction has been set in place according to the above conditions, you will be informed by the person responsible before the restriction is lifted.

Your right to limitation of processing may be limited to the extent that it is likely to render impossible or seriously impair research or statistical purposes and the restriction is necessary for the fulfillment of research or statistical purposes.

 

4.     Right of Deletion

a)    Duty to Delete

Users may request that the data officer delete the personal data relating to them without delay and the controller is obliged to delete this data without delay if one of the following reasons applies:

(1)     The personal data concerning you is no longer necessary for the purposes for which they were collected or otherwise processed.

(2)     You revoke your consent, on which the processing was based pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a DSGVO, and there is no other legal basis for the processing.

(3)     You file an objection against the processing pursuant to Art. 21 para. 1 DSGVO and there are no overriding legitimate reasons for the processing.

(4)     The personal data concerning the user has been processed unlawfully.

(5)     The deletion of personal data concerning the user is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the data officer is subject.

(6)               The personal data concerning the user has been collected in relation to information society services pursuant to Art. 8 para. 1 DSGVO.

 

b)    Third Party Information

If the data controller has made the personal data concerning you public and is obliged to delete it pursuant to Art. 17 para. 1 DSGVO, he shall take appropriate measures, taking into account the available technology and the implementation costs, to inform data processors who process the personal data that you as the data subject have requested deletion of all links to this personal data or of copies or replications of this personal data.

 

c)     Exceptions

The right to cancellation does not exist insofar as the processing is necessary:

(1)     to exercise freedom of expression and information;

(2)     for the performance of a legal obligation required for processing under the law of the Union or of the Member States to which the controller is subject or for the performance of a task in the public interest or in the exercise of official authority conferred on the controller;

(3)     for reasons of public interest in the field of public health pursuant to Art. 9 para. 2 lit. h and i and Art. 9 para. 3 DSGVO;

(4)     for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 para. 1 DSGVO, insofar as the law referred to under a) is likely to render impossible or to impair the attainment of the objectives of such processing, or

(5)     to assert, exercise or defend legal claims.

 

5.     Right to Information

If you have exercised your right to have the data officer correct, delete or limit the data processing, he/she is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction on processing, unless this proves impossible or involves a disproportionate effort.

The person responsible shall have the right to be informed of such recipients.

 

6.     Right to Data Transferability

You have the right to receive the personal data concerning you that you have provided to the person responsible in a structured, common and readable format. In addition, you have the right to pass this data on to another person in charge without obstruction by the person in charge to whom the data was provided, in that;

 

(1)     the processing is based on consent pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO or on a contract pursuant to Art. 6 para. 1 lit. b DSGVO and

(2)     the processing is carried out using automated methods.

 

In exercising this right, you also have the right to request that the personal data concerning you be transferred directly from one data controller to another data controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.

The right to transferability shall not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority conferred on the controller.

 

7.     Right to Objection

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you under Article 6(1)(e) or (f) of the DSBER; this also applies to profiling based on these provisions.

 

The data controller no longer processes the personal data concerning you, unless he can prove logical reasons to why the data processing is required, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If the personal data concerning a user is processed for direct marketing purposes, the user has the right to object at any time to the processing of the personal data concerning them for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct marketing.

If a user is subject to the processing for direct marketing purposes, the personal data concerning said user will no longer be processed for these purposes.

You have the possibility to exercise your right of objection in connection with the use of Information Society services by means of automated procedures using technical specifications, notwithstanding Directive 2002/58/EC.

You also have the right to object to the processing of personal data concerning you for scientific or historical research purposes or for statistical purposes pursuant to Art. 89 para. 1 DSGVO.

Your right of objection may be limited to the extent that it is likely to make it impossible or to impair the realization of the research or statistical purposes and the limitation is necessary for the fulfillment of the research or statistical purposes.

 

8.     Right to Object Consent to Privacy Policy

You have the right to revoke your consent to the privacy policy at any time. The revocation of consent shall not affect the legality of data processing carried out on the basis of the consent until revocation.

 

9.     Automated Decision in Individual Cases Including Profiling

Users have the right not to be subject to a decision based exclusively on automated data processing - including profiling - that has a legal effect against the user or significantly impairs the user in a similar manner. This does not apply if the decision

(1)     is necessary for the conclusion or performance of a contract between you and the person responsible,

(2)     is admissible by law of the Union or of the Member States to which the person responsible is subject and that law contains appropriate measures to safeguard your rights, freedoms and legitimate interests, or

(3)     is processed with the users express consent.

These decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 DSGVO, unless Art. 9 para. 2 lit. a or g DSGVO applies and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests.

In the cases referred to in (1) and (3), the person responsible shall take reasonable measures to safeguard their rights, freedoms and legitimate interests, including the right to obtain an intervention by the person responsible, to state their own position and to challenge the decision.

 

10.  Right to Appeal to a Supervisory Authority

Without prejudice to any other administrative or judicial body, users have the right of appeal to a supervisory authority, in particular in the Member State where they reside, work, or suspect infringement, if they believe that the processing of personal data concerning them is contrary to the DSGVO.

The supervisory authority to which the complaint has been filed shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Article 78 DSGVO.