Privacy policy

INTRODUCTION AND TERMS

1. Introduction
The Majuma GmbH operates an Instagram management service called “ROCKETORA”, which can be accessed on the Internet at the URL www.rocketora.com. With ROCKETORA, users can subscribe to an Instagram manager that promotes the reach of an Instagram profile by generating followers and likes. By operating our website www.rocketora.com (hereinafter referred to as “Website”) and our Instagram management service (hereinafter referred to as “ROCKETORA”), we process personal data. The personal data will be treated confidentially by us and processed in accordance with the applicable laws – in particular the German Data Protection Regulation (DSGVO) and the German Federal Data Protection Act (BDSG-neu). With our data protection regulations we want to inform you which personal data we collect from you, for which purposes and on which legal basis we use it and, if applicable, to whom we disclose it. In addition, we will explain what rights you have to protect and enforce your data privacy.

 

2. Terms
Our privacy policy contains technical terms that are in the DSGVO and the BDSG-neu. For your better understanding we want to explain these terms in simple words in advance:

2.1 Personal data

“Personal data” means any information relating to an identified or identifiable individual (Art. 4 No. 1 GDPR). Information of an identified person can be e.g. the name or the e-mail address. However, personal data also includes data for which the identity is not immediately apparent, but which can be determined by combining one’s own information or that of others and thus finding out who the data subject is. A person becomes identifiable, for example, by providing his or her address or bank details, date of birth or user name, IP addresses and/or location data. Relevant here is all information that in any way allows a conclusion to be drawn about a person.

2.2 Processing

A “processing” is understood by Art. 4 No. 2 GDPR to mean any operation related to personal data. This applies in particular to the collection, recording, organization, ordering, storage, adaptation or modification, reading, querying, use, disclosure, transmission, dissemination or any other form of provision, comparison or linking, restriction, deletion or destruction of personal data.

3. Responsible company

Responsible
Responsible for data processing is:

Company: Majuma GmbH (“we”)
Legal representative: Shareholders Marco Enzmann, Manuel Facchin and Julian Facchin

Address: Schatzbogen 33, 81829 Munich
E-mail: info@rocketora.com

PROCESSING FRAME

4. Processing framework: Website and ROCKETORA service
By operating our website and our Instagram management service ROCKETORA, we process the personal data of you listed in detail below in section 5-15. We only process data from you that you actively provide (e.g. by filling out forms, submitting your Instagram access data) or that you automatically provide when using our offer.

Your data will be processed exclusively by us and will not be sold, lent or passed on to third parties. If we use the help of external service providers to process your personal data, this is done within the framework of so-called commissioned processing, in which we as the client are authorized to issue instructions to our contractors. To operate our website, we use an external service provider for hosting. We host our website at the external provider ALL-INKL (ALL-INKL.COM – Neue Medien Münnich, Hauptstraße 68, D-02742 Friedersdorf, www.all-inkl.com) in the data center location Dresden. If further external service providers are used for individual processing operations listed in sections 5-15, they will be named there.

Data transfer to third countries does not take place and is not planned. We will inform about exceptions to this principle in the processing operations presented below.

THE PROCESSING IN DETAIL

5. Provision of the website
5.1 Description of the processing

Each time you visit the website, we automatically collect information that your browser transmits to our server. These are the following data:

Your IP address
the browser software you use, as well as its version and language
the operating system you are using
the website from which you have reached our website (so-called referrer)
the subpages you call up on our website
the date and time of your visit to our website
Your Internet Service Provider
Amount of data transferred
Country and place from which you visited our website
Your length of stay on our website
This is necessary to be able to deliver the website correctly to the browser of your end device. However, no so-called log files are stored in our system. Consequently, your IP address is not recorded in any log files.

5.2 Purpose

The processing is carried out to enable the website to be called up and to ensure its stability and security.

5.3 Legal basis

The processing is necessary to protect the overriding legitimate interests of the controller (Art. 6 para. 1 lit. f DSGVO). Our legitimate interest lies in the purpose named in section 5.2.

5.4 Storage duration

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

6. Conclusion of contract
6.1 Description of the processing

You can sign a subscription contract to our ROCKETORA service on our website. You have the option of taking out a weekly or monthly subscription with us. To conclude the contract, you will be asked to provide your first name, last name and address in an order form. In addition, you can choose one of the payment methods we offer (Paypal or credit card via Stripe). You will then be taken to the “ORDER OVERVIEW”, where you will once again receive an overview of your subscription as well as the obligatory order information. Here you can make final changes and view your order. By clicking the button “ORDER PAYMENT” the form with your personal data will be transmitted to us. Upon completion of your order, the data required for payment will be passed on to the payment service provider selected by you (Paypal or Stripe). After sending an order, you will receive an order confirmation from us by e-mail, in which the information about your order is listed once again. With the confirmation email or in a separate email, you will receive information on how to send your Instagram credentials to us via a secure transmission method.

6.2 Purpose

The processing is carried out for the conclusion and execution of contracts via the ROCKETORA service.

6.3 Legal basis

The processing is necessary for the conclusion and fulfillment of the contracts for the ROCKETORA service (Art. 6 para. 1 lit. b DSGVO).

6.4 Storage duration

Due to commercial and tax law requirements, we are obliged to store your address, payment and order data for a period of ten years. However, we do restrict processing after two years. I.e. your data will then only be stored separately for compliance with the statutory retention periods and deleted immediately after their expiry.

6.5 Receiver

In order to process your payment, personal data will be passed on to one of the external payment service providers listed below and selected by you as part of your order:

PayPal: PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. For more information about PayPal’s privacy policy, please visit https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE.
Credit card: Stripe, Inc., 185 Berry Street, Suite 550, San Francisco, California 94107, USA. For more information about Stripe’s privacy policy, please visit https://stripe.com/de/privacy.

7. Provision of ROCKETORA services
7.1 Description of the processing

In order to be able to provide the ROCKETORA services, we require the access data of the Instagram account that is the subject of the contract, which you must provide to us in a timely manner. With the order confirmation email for the conclusion of the contract or with a separate email you will receive information on how to transfer your Instagram access data to us. Even during the term of the contract, you are responsible for notifying us of any changes to your Instagram account credentials via a secure transmission method. Your access data will be stored securely by us and will only be shared with your personal account manager to look after your Instagram account. The account manager will then log into your Instagram profile. However, it strives to promote organic growth of a client’s Instagram profile by manually exercising interactions on Instagram, namely Follow, Like, and Story View. The Account Manager does not create or publish any content on your Instagram profile (including, without limitation, any posts, stories, or comments). In addition, an account manager will not read or send Instagram messages. Our services are limited to the Instagram management services described. We have no influence on and no knowledge of what additional data is processed by Instagram as part of our activity on their Instagram account. For more information about Instagram privacy, please visit https://help.instagram.com/519522125107875.

7.2 Purpose

The processing is carried out in order to provide the contracted ROCKETORA services.

7.3 Legal basis

The processing is necessary to fulfill the contracts for the ROCKETORA service (Art. 6 para. 1 lit. b DSGVO).

7.4 Storage duration

We will delete the access data to your Instagram profile as soon as the contract for the ROCKETORA services has ended. With the termination of the contractual relationship, the customer has the post-contractual obligation to change the password for his Instagram account for security reasons.

7.5 Receiver

By interacting with your Instagram account, data is transmitted to Instagram (Instagram LLC, 1601 Willow Rd, Menlo Park, California 94025, USA) or processed by this social network. Instagram also processes data in the USA and has submitted to the EU-US Privacy Shield. For more information on the EU-US Privacy Shield, please visit https://www.privacyshield.gov/EU-US-Framework.

8. Contact form and contact by e-mail
8.1 Description of the processing

To contact us, we have provided a contact form on our website. In this form you will be asked to enter your e-mail address, name and a message to us. When you click the “Submit” button, the data is transmitted to us using SSL encryption (see section 16). The contact form can only be transmitted if you accept our privacy policy by clicking the corresponding checkbox.

You can also contact us via the email addresses provided on the website. In this case, the personal data transmitted with the e-mail will be processed by us.

8.2 Purpose

By providing a contact form on our website, we want to offer you a convenient way to get in touch with us. The data transmitted with and in the contact form or your e-mail will be used exclusively for the purpose of processing and responding to your request.

8.3 Legal basis

The processing is necessary to protect the overriding legitimate interests of the controller (Art. 6 para. 1 lit. f DSGVO). Our legitimate interest lies in the purpose named in section 8.2. If the e-mail contact is aimed at the conclusion or fulfillment of a contract, the data processing is carried out for the fulfillment of the contract (Art. 6 para. 1 lit. b DSGVO).

8.4 Storage duration

We delete the data as soon as they are no longer required to achieve the purpose for which they were collected. This is usually the case when the respective communication with you has ended. The communication is terminated when it is clear from the circumstances that your concern has been conclusively clarified. If legal retention periods prevent deletion, the data will be deleted immediately after the expiry of the legal retention period.

9. Live chat
9.1 Description of the processing

For faster contact and processing of your request, we have integrated a live chat function with our customer support on our website. We use the communication service Tidio for this purpose, which is operated by Tidio Ltd. 220C Blythe Road, W14 0HH, London, United Kingdom. Tidio offers us the possibility to communicate with users via live chat. In the process, the messages sent via the chat and the data you provide (if applicable, your name, e-mail address, telephone number) are processed by us on the servers of Tidio. Tidio uses cookies (see section 10). For more information about Tidio’s privacy practices, please visit https://www.tidiochat.com/en/privacy-policy.

9.2 Purpose

By providing live chat, we want to offer you a convenient and fast way to contact us. The data transmitted with and in the live chat will be used exclusively for the purpose of processing and responding to your request.

9.3 Legal basis

The processing is necessary to protect the overriding legitimate interests of the controller (Art. 6 para. 1 lit. f DSGVO). Our legitimate interest lies in the purpose named in section 9.2. If the live chat aims at the conclusion or fulfillment of a contract, the data processing is carried out for the fulfillment of the contract (Art. 6 para. 1 lit. b DSGVO).

9.4 Storage duration

We delete the data as soon as they are no longer required to achieve the purpose for which they were collected. This is usually the case when the respective communication with you has ended. The communication is terminated when it is clear from the circumstances that your concern has been conclusively clarified. If legal retention periods prevent deletion, the data will be deleted immediately after the legal retention period of 10 years has expired.

9.5 Recipients and transfer to third countries

Tidio acts as a service provider for us within the scope of an order processing. Personal data may be processed by Tidio in third countries outside the EU.

10. Cookies
10.1 Description of processing

Our website uses cookies. Cookies are small text files that are stored on the user’s terminal device when a website is visited. Cookies contain information that enables the recognition of a terminal device and possibly certain functions of a website. For the most part, we only use so-called “session cookies”. These are automatically deleted when you end your Internet session and close the browser. Other cookies remain stored on your terminal device for a longer period of time. We use the following cookies on our website:

NamePurposeStorage duration
_gatUsed by Google Analytics to limit the request rate1 day
_gidRegisters a unique ID that is used to generate statistical data about how the visitor uses the website.1 day
CookieConsentStores the user’s consent status for cookies on the current domain.1 year
cookielawinfo-checkbox-necessaryDetermines whether the visitor has accepted the cookie consent field.1 day
 Google Analytics24 hours
_gaGoogle Analytics. Registers a unique ID that is used to generate statistical data about how the visitor uses the website.2 years
_cfduidTidio Live Chat30 days
_gcl_auGoogle Ads Google Ads90 days
cidThis cookie is necessary to perform credit card transactions on the website. The service is provided by Stripe.com, which allows online transactions without storing credit card information.2914571 days
ab_disable_remember_meThis cookie is used to securely store a customer’s credentials when making a purchase on the website – the cookie is necessary to complete a secure transaction online.7 years
checkout-live-sessionThis cookie is necessary to perform credit card transactions on the website. The service is provided by Stripe.com, which allows online transactions without storing credit card information.10 years
mStripe. Determines the device used to access the web page. This allows the web page to be formatted accordingly.10 years
https://q.stripe.com/This cookie is necessary to perform credit card transactions on the website. The service is provided by Stripe.com, which allows online transactions without storing credit card information.Session
test_cookieUsed to check whether the user’s browser supports cookies.1 day
IDEUsed by Google DoubleClick to record and report the user’s actions on the website after viewing or clicking on one of the provider’s ads, with the purpose of measuring the effectiveness of an advertisement and displaying targeted advertisements to the user.1 year
ads/ga-audiencesPixel TrackerSession
pagead/1p-conversion/#Pixel TrackerSession
lsidSets a unique ID for the visitor that enables third-party advertisers to target the visitor with relevant ads. This pairing service is provided by third-party advertising hubs that enable real-time bids for advertisers.Persistent
_gcl_auUsed by Google AdSense to experiment with advertising efficiency on websites that use their services.3 months

10.2 Purpose

We use cookies to make our website more user-friendly and to offer the functions described in section 10.1.

10.3 Legal basis

The processing is necessary to protect the overriding legitimate interests of the controller (Art. 6 para. 1 lit. f DSGVO). Our legitimate interest lies in the purpose named in section 10.2. If you are asked by us for consent in the context of a cookie banner or cookie consent tool, the legal basis is Art. 6 para. 1 lit. a GDPR. Such consent is voluntary.

10.4 Storage period, revocation of consent

Cookies are automatically deleted at the end of a session or when the specified storage period expires. Since cookies are stored on your terminal device, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transfer of cookies. Cookies that have already been saved can be deleted at any time. This can also be automated. If cookies are deactivated for our website, individual functions of our website cannot be used or can only be used to a limited extent. If we obtain consent for the use of cookies via a cookie banner or a cookie consent tool, you can revoke this consent at any time within the settings of the cookie banner or the cookie consent tool with effect for the future.

11. Newsletter
11.1 Description of the processing

We send out a newsletter at irregular intervals. With the newsletter we inform you about our services. You will only receive our newsletter if you actively subscribe to our mailing list. You can subscribe to it by filling out and submitting a newsletter subscription form on our website. For the newsletter registration only the specification of your e-mail address is required.

For the execution and verification of newsletter registrations, we use the so-called double opt-in procedure. A registration takes place in several steps. First, sign up for the newsletter on our website. You will then receive an email from us at the email address you provided. With this e-mail, we ask you to confirm that you have indeed subscribed to the newsletter and wish to receive it. A confirmation takes place by clicking on a confirmation link in the e-mail. Only after a successful confirmation we will add you to our newsletter distribution list and send you future emails. As part of the double opt-in process, we store the date, time and your IP addresses both during registration and confirmation.

If you conclude a contract for ROCKETORA services on our website, in which you also provide your e-mail address, this may subsequently be used by us to send a so-called existing customer newsletter. In such a case, only direct advertising for our own similar goods or services will be sent via the newsletter.

 

11.2 Purpose

The processing takes place in order to offer the newsletter function and to be able to send newsletter emails to subscribers, as well as existing customers. The collection and storage of date, time and IP addresses during newsletter registration serves to document consent given and to protect against the misuse of e-mail addresses.

11.3 Legal basis

In the case of our subscriber newsletter, processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR. Your consent is voluntary. The collection and storage of date, time and IP addresses during newsletter registration is necessary to protect the overriding legitimate interests of the controller (Art. 6 para. 1 lit. f DSGVO). Our legitimate interest lies in the purpose named in section 11.2.

The processing is carried out for our existing customer newsletter on the basis of Art. 6 para. 1 lit. f DSGVO to safeguard the overriding interests of the controller. Our legitimate interest lies in direct advertising to existing customers. This is within the framework observed by us of § 7 para. 3 UWG permissible.

11.4 Storage period and revocation of consent

If you do not confirm your registration to our newsletter within 24 hours after receiving the corresponding registration email, your data will be automatically deleted. We process your personal data for the duration of your newsletter subscription. You can stop receiving our newsletter at any time by revoking your consent. You can also object to the use of your e-mail address for sending our newsletter to existing customers at any time. A simple declaration (by e-mail to info@rocketora.com) is sufficient for this purpose. You can also unsubscribe by clicking the unsubscribe link in the footer of your newsletter. With the revocation of your consent, you will no longer be sent newsletters and your personal data will be removed from our active distribution list.

12. Google Web Fonts
12.1 Description of the processing

Our website uses “Google Web Fonts”, a font substitution service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”). With Google Web Fonts, the standard fonts of your end device are replaced by fonts from Google’s catalog when displaying our website. If your browser disables the integration of Google Web Fonts, the text of our website will be displayed in the default fonts of your end device. Google fonts are loaded directly from a Google server. For this to happen, your browser sends a request to a Google server. As a result, your IP address may also be transmitted to Google in connection with the address of our website. However, Google Webfonts does not store any cookies on your terminal device. According to Google, data processed as part of the Google Web Fonts service is transferred to resource-specific domains such as fonts.googleapis.com or fonts.gstatic.com. They are not associated with data that may be related to the use of other Google services, such as the search engine of the same name or Gmail. Further information on data protection at Google Webfonts can be found at https://developers.google.com/fonts/faq?hl=de-DE&csw=1. General information on data protection at Google can be found at https://policies.google.com/privacy?hl=de-DE.

12.2 Purpose

The processing is carried out in order to display the text of our website in a more readable and aesthetically pleasing way.

12.3 Legal basis

The processing is necessary to protect the overriding legitimate interests of the controller (Art. 6 para. 1 lit. f DSGVO). Our legitimate interest lies in the purpose named in section 12.2.

12.4 Recipients and transfer to third countries

By using Google Web Fonts, personal data may be transmitted to Google. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield. For more information on the EU-US Privacy Shield, please visit https://www.privacyshield.gov/EU-US-Framework.

13. Google Analytics
13.1 Description of the processing

Our website uses “Google Analytics”, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”). Google Analytics uses cookies (see section 10), which enable an analysis of your use of our offer. We use Google Analytics in the offered version “Universal Analytics”, which allows this analysis across devices by assigning the data to a pseudonymous user ID. The information generated by the cookie is usually transferred to a Google server in the USA and stored there. However, we use Google Analytics exclusively with IP anonymization. This means that your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google. The statistics generated by Google Analytics record in particular how many users visit our website, from which country or location the access takes place, which subpages are called up and via which links or search terms visitors reach our website. The Google Analytics user terms and conditions can be found at https://marketingplatform.google.com/about/analytics/terms/de/. An overview of data protection at Google Analytics is available at http://www.google.com/intl/de/analytics/learn/privacy.html. Google’s privacy policy can be viewed at https://policies.google.com/privacy?hl=de-DE.

13.2 Purpose

The processing takes place in order to be able to evaluate the use of our website. The information obtained in this way is used to improve our online presence and to design it in line with requirements.

13.3 Legal basis

The processing is necessary to protect the overriding legitimate interests of the controller (Art. 6 para. 1 lit. f DSGVO). Our legitimate interest lies in the purpose named in section 13.2. If you are asked by us for consent in the context of a cookie banner or cookie consent tool, which also covers the use of Google Analytics, then the legal basis is Art. 6 para. 1 lit. a GDPR. Such consent is voluntary.

13.4 Storage period and right to object, revocation of consent

We have explained the storage period and your control and setting options for cookies in section 10. You can object to data processing by Google Analytics at any time by downloading and installing the browser add-on offered by Google at https://tools.google.com/dlpage/gaoptout?hl=de. Alternatively, you have the option to click on the link below. This will set an opt-out cookie on your terminal device that will prevent the collection of your data during future visits to this website: Disable Google Analytics. The analysis data processed and stored with Google Analytics is automatically deleted by us after 14 months. If we obtain consent for the use of Google Analytics via a cookie banner or a cookie consent tool, such consent can be revoked by you at any time within the settings of the cookie banner or the cookie consent tool with effect for the future.

 

13.5 Recipients and transfer to third countries

Google Analytics acts as a service provider for us within the scope of order processing. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield. For more information on the EU-US Privacy Shield, please visit https://www.privacyshield.gov/EU-US-Framework.

 

14. GOOGLE ADSENSE
14.1 Description of the processing

Our website uses Google AdSense, an advertising service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”). Google Adsense uses cookies (see section 10). In addition, so-called web beacons (invisible graphics, tracking pixels) are used. Google AdSense enables the placement of advertisements on third-party sites in line with the content of the respective third-party site. With Google Adsense, we include advertisements on our website. For targeted advertising, interest-related targeting of the users of our website is also carried out on the basis of user profiles. The information generated by Google Adsense about the use of this website (including your IP address) and the delivery of advertising formats will be transmitted to and stored by Google on servers in the United States. For more information about Google Adsense, please visit: https://www.google.com/adsense/start/?hl=de-DE .

14.2 Purpose

The processing takes place in order to be able to deliver advertisements on our website.

14.3 Legal basis

The processing is necessary to protect the overriding legitimate interests of the controller (Art. 6 para. 1 lit. f DSGVO). Our legitimate interest lies in the purpose named in section 14.2 . If you are asked by us for consent in the context of a cookie banner or cookie consent tool, the legal basis is Art. 6 para. 1 lit. a GDPR. Such consent is voluntary.

 

14.4 Storage period and right to object, revocation of consent

We have explained the storage period and your control and setting options for cookies in section 10. If we obtain consent to use Google Adsense via a cookie banner or a cookie consent tool, you can revoke this consent at any time within the settings of the cookie banner or cookie consent tool with effect for the future.

14.5 Recipients and transfer to third countries

Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield. For more information about the EU-US Privacy Shield, see https://www.privacyshield.gov/EU-US-Framework. Google’s privacy policy can be found at https://policies.google.com/privacy?hl=de&gl=de view.

15. doubleClick by Google

15.1 Description of processing

Our website uses Doubleclick by Google, a marketing service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”).

Doubleclick uses cookies to serve you ads that are relevant to you, to measure the success of advertising campaigns, and to prevent visitors from being served the same ads multiple times. In the process, a pseudonymous identification number (ID) is assigned to your browser, which is used to check which ads have been displayed in your browser and which ads have been called up. In addition, DoubleClick can use cookie IDs to record so-called conversions that are related to the requests/retrievals of the individual ads – for example, when a visitor sees a DoubleClick ad and later uses the same browser to visit the advertiser’s website and make a purchase. Cookies from Doubleclick do not contain any personal information, according to Google. Through the use of Doubleclick, data is transmitted to Google. We have no influence on the scope and further use of data by Google and inform you according to our knowledge: Through the use of Doubleclick, Google receives the information that you have called up a corresponding sub-page of our website or clicked on an advertisement from us. If you are registered with Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that Google stores information about you.

15.2 Purpose

The processing takes place in order to carry out targeted online advertising for our own offers and to be able to evaluate its effectiveness and reach.

15.3 Legal basis

The processing is necessary to protect the overriding legitimate interests of the controller (Art. 6 para. 1 lit. f DSGVO). Our legitimate interest lies in the purpose named in section 15.2. If you are asked by us for consent in the context of a cookie banner or cookie consent tool, the legal basis is Art. 6 para. 1 lit. a GDPR. Such consent is voluntary.

15.4 Storage period and right to object, revocation of consent

We have explained the storage period and your control and setting options for cookies in section 10. You can also prevent the collection of the data generated by the cookies and related to your use of the websites to Google, as well as the processing of this data by Google, by using the link available under the following Link download and install the browser plugin available under the item Doubleclick deactivation extension. Alternatively, you can check the Doubleclick cookies on the Digital Advertising Alliance site at the following Link disable If we obtain consent to use Doubleclick via a cookie banner or a cookie consent tool, you can revoke this consent at any time within the settings of the cookie banner or cookie consent tool with effect for the future.

15.5 Recipients and transfer to third countries

Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield. For more information on the EU-US Privacy Shield, see https://www.privacyshield.gov/EU-US-Framework. Google’s privacy policy can be found at https://policies.google.com/privacy?hl=de&gl=de view.

SAFETY MEASURES

Security measures
To protect your personal data from unauthorized access, we have provided our website with an SSL or TLS certificate. SSL stands for “Secure Sockets Layer” and TLS for “Transport Layer Security” and encrypts the communication of data between a website and the user’s end device. You can recognize active SSL or TLS encryption by a small lock logo that appears on the far left of the browser’s address bar.

YOUR RIGHTS

17. Data subject rights
With regard to the data processing by our company described above, you are entitled to the following data subject rights:

17.1 Information (Art. 15 GDPR)

You have the right to request confirmation from us as to whether we are processing personal data relating to you. If this is the case, you have a right to information about this personal data and to the further information listed in Art. 15 DSGVO under the conditions specified in Art. 15 DSGVO.

17.2 Correction (Art. 16 DSGVO)

You have the right to demand that we immediately correct any inaccurate personal data concerning you and, if necessary, complete any incomplete personal data.

17.3 Deletion (Art. 17 GDPR)

You have the right to demand that we delete personal data relating to you without delay, provided that one of the reasons listed in detail in Article 17 of the GDPR applies, e.g. if your data is no longer required for the purposes pursued by us.

17.4 Restriction of data processing (Art. 18 DSGVO)

You have the right to request us to restrict processing if one of the conditions listed in Art. 18 DSGVO is met, e.g. if you dispute the accuracy of your personal data, data processing will be restricted for the period of time that allows us to verify the accuracy of your data.

17.5 Data portability (Art. 20 GDPR)

You have the right, under the conditions listed in Art. 20 DSGVO, to request the return of the data concerning you in a structured, common and machine-readable format.

17.6 Revocation of consent (Art. 7 (3) DSGVO)

You have the right to withdraw your consent at any time in the case of processing based on consent. The revocation is valid from the time of its assertion. In other words, it works for the future. The processing therefore does not become retroactively unlawful by the revocation of consent.

17.7 Complaint (Art. 77 GDPR)

If you believe that the processing of personal data concerning you violates the GDPR, you have the right to lodge a complaint with a supervisory authority. You may exercise this right by contacting a supervisory authority in the EU Member State of your residence, workplace or the place of the alleged infringement.

17.8 Prohibition of automated decisions/profiling (Art. 22 GDPR)

Decisions that have legal consequences for you or significantly affect you must not be based solely on automated processing of personal data – including profiling. We inform you that we do not use automated decision making including profiling with regard to your personal data.

17.9 Objection (Art. 21 GDPR)

If we collect personal data from you on the basis of Art. 6 para. 1 lit. f DSGVO (for the protection of overriding legitimate interests), you have the right to object to this under the conditions listed in Art. 21 DSGVO. However, this only applies if there are reasons arising from your particular situation. After an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms. We also do not have to stop processing if it serves the assertion, exercise or defense of legal claims. In any case – also independent of a specific situation – you have the right to object to the processing of your personal data for direct marketing at any time.

Status: August 2022