• Home
  • Privacy policy

Privacy policy

Privacy Policy
We operate our websites in accordance with the principles set out below. We are committed to complying with the legal provisions on data protection and always endeavor to observe the principles of data avoidance and data minimization.

1. Name and Address of the Controller

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states of the European Union, as well as other data protection provisions, is:

Arider GmbH & Co. KG
Kettelerstraße 5 - 11, Pavilion 12
97222 Rimpar
Germany
Email: kontakt@arider.de
Phone: +49 9365 8979268
Commercial Register: Würzburg District Court, HRA 8922
Personally liable partner: Arider Verwaltungs GmbH, a limited liability company, registered with the Würzburg District Court under HRB 17675
Represented by the Managing Director: Marius Klein
Tax Identification Number: DE451510652

arider.com/es/

2. Definitions

We have designed our Privacy Policy in accordance with the principles of clarity and transparency. Nevertheless, if there are any doubts about the use of different terms, the corresponding definitions can be found here.

3. Legal Basis for Data Processing

a) Processing of Personal Data in accordance with the GDPR
We only process your personal data, such as your surname and first name, your email address, and your IP address, etc., if there is a legal basis for doing so. Under the General Data Protection Regulation, in particular, the following regulations are taken into account:

  • Art. 6 para. 1 sentence 1 lit. a GDPR: The data subject has given their consent to the processing of their personal data for one or more specific purposes.
  • Art. 6 para. 1 sentence 1 lit. b GDPR: The processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject before entering into a contract.
  • Art. 6 para. 1 sentence 1 lit. c GDPR: The processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Art. 6 para. 1 sentence 1 lit. d GDPR: The processing is necessary to protect the vital interests of the data subject or of another natural person.
  • Art. 6 para. 1 sentence 1 lit. e GDPR: The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
  • Art. 6 para. 1 sentence 1 lit. f GDPR: The processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data, in particular if the data subject is a child.

Nevertheless, we will always indicate the legal basis on which your personal data is processed at the relevant points in this Privacy Policy.

b) Consent of Legal Guardians in accordance with Art. 8 para. 1 sentence 2 alt. 2 GDPR
A legal guardian must consent to all data processing on this website that requires the consent of a minor who has not yet reached the age of 16.

Information on the individual data processing operations, their purposes, and the categories of data in question, for which the data subject’s consent is required, can be found in the Privacy Policy.

You can revoke your consent at any time by sending a declaration of revocation in text form to the controller’s contact details. Processing remains lawful until you withdraw your consent.

c) Processing of Information in accordance with Article 25(1) TTDSG
We also process information in accordance with Section 25(1) TTDSG by storing information on your terminal equipment or accessing information already stored on your terminal equipment. This may involve both personal information and non-personal data, such as cookies, browser fingerprints, advertising IDs, MAC addresses, and IMEI numbers. A terminal device is any device connected directly or indirectly to the interface of a public telecommunications network for sending, processing, or receiving messages, Section 2(2) No. 6 TTDSG.

As a rule, we process this information based on your consent, Section 25(1) TTDSG.

Where an exception is granted under Section 25(2) Nos. 1 and 2 TTDSG, we will not require your consent. Such an exception exists if we only access or store the information to transmit a message over a public telecommunications network or if it is absolutely necessary for us to provide a telemedia service expressly requested by you. You can withdraw your consent at any time.

We inform you that the withdrawal of consent does not affect the legality of the processing carried out on the basis of the consent prior to its withdrawal.

4. Disclosure of Personal Data

The disclosure of personal data also constitutes processing within the meaning of Section 3 above. However, we would like to take this opportunity to inform you separately about the issue of disclosure to third parties. Protecting your personal data is very important to us. For this reason, we are especially careful when transmitting your data to third parties.

Accordingly, data is only disclosed to third parties if there is a legal basis for the processing. For example, we disclose personal data to individuals or companies that work for us as processors in accordance with Art. 28 GDPR. A processor is anyone who processes personal data on our behalf, specifically in an instruction and control relationship with us.

In accordance with the requirements of the GDPR, we conclude a contract with each of our processors to obligate them to comply with data protection regulations and thus ensure comprehensive protection for your data.

5. Storage Period and Erasure

Your personal data will be erased by us if it is no longer required for the purposes for which it was collected or otherwise processed, if the processing is not necessary to exercise the right to freedom of expression and information, to comply with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims.

6. SSL or TLS Encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to us as the website operator. You can recognize an encrypted connection by the fact that the browser’s address line changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

7. Cookies

We use cookies on our website. Cookies are small data packets that your browser automatically creates and that are stored on your terminal device when you visit our website. These cookies are used to store information related to the terminal device used.

When cookies are used, a distinction is made between technically necessary cookies and “other” cookies. Technically necessary cookies are those that are absolutely necessary to provide an information society service that you have expressly requested.

a) Technically Necessary Cookies
To make the use of our website more pleasant for you, we use technically necessary cookies, which may be so-called session cookies (e.g., language and font selection, shopping cart, etc.), consent cookies, cookies to ensure server stability and security, or similar. The legal basis for cookies arises from Art. 6 para. 1 sentence 1 lit. f) GDPR, our legitimate interest in the error-free operation of the website and in offering our services to you in an optimized manner.

b) Other Cookies
Other cookies include cookies for statistical, analytical, marketing, and retargeting purposes.

We use these cookies based on your consent under Art. 6 para. 1 sentence 1 lit. a) GDPR.

You can revoke your consent to the use of cookies at any time.

We inform you that the withdrawal of consent does not affect the legality of the processing carried out on the basis of the consent before its withdrawal.

For this, you can either edit your cookie settings on our website, disable the use of cookies in your browser settings (which may also restrict the functionality of the online offering), or set an opt-out for the corresponding service in individual cases.

We will inform you of the legal basis on which these data are processed for the respective services within the Privacy Policy.

[Change Cookie Settings]

8. Cookie Banner

To obtain consent for the cookies we use, we employ the cookie banner of the service provider Borlabs GmbH, Hamburger Str. 11, 22083 Hamburg. This sets a so-called consent cookie in order to query and process the respective consent status. This consent cookie is technically necessary and is therefore used on the basis of our legitimate interest under Art. 6 para. 1 sentence 1 lit. f GDPR, § 25 para. 1 TTDSG.

9. Collection and Storage of Personal Data and the Nature and Purpose of Their Use

a) External Hosting
Our website is hosted at ALL-INKL.COM – Neue Medien Münnich, René Münnich, Hauptstraße 68, D-02742 Friedersdorf. For this reason, all personal data collected on our website is stored on the servers of our host, unless a third-party external service is integrated. This may involve the IP address, your email address, communication data, or similar. Below you can see which specific personal data is involved for each of the functions and services we explain. If we use a third-party external service, this will be clarified in the description of the respective service or tool.

The host only processes your data according to our instructions and to the extent necessary to fulfill the services on the website. The host does not process the data for its own purposes. We have concluded a processing contract with the hosting provider.

b) When Visiting the Website
When you visit our website, the browser used on your device automatically sends information to our website’s server. This information is temporarily stored in a so-called log file. The following information is collected without any action on your part and is stored until it is automatically deleted:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which access is made (referrer URL)
  • The browser used and, if applicable, the operating system of your computer and the name of your access provider

We process the data mentioned for the following purposes:

  • Ensuring a smooth connection to the website
  • Ensuring comfortable use of our website
  • Evaluating system security and stability
  • Error analysis
  • For other administrative purposes

Data that allow conclusions about you personally, such as the IP address, are deleted at the latest after 7 days. If we store the data beyond this period, these data are pseudonymized so that they can no longer be assigned to you.

The legal basis for the data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes for data collection listed above. Under no circumstances do we use the collected data to draw conclusions about you personally.

c) Shop System
To offer our products, we use the WooCommerce shop system from Automattic Inc, 60 29th Street #343, San Francisco, CA 94110-4929, USA.

Thus, the data you provide will also be processed by our shop provider as part of operating the shop system. The shop system may also install additional cookies.

For this reason, we have concluded a data processing contract/standard contractual clauses with them.

You can find more information on data protection at:

https://automattic.com/privacy/

d) Contractual Relationship
(1) Conclusion of the Contract
Within the scope of establishing the contractual relationship, only the personal data absolutely necessary for performing the contract under Art. 6 para. 1 sentence 1 lit. b GDPR will be processed.

If you provide additional voluntary information, it will only be processed on the basis of your consent under Art. 6 para. 1 sentence 1 lit. a GDPR. We use this voluntary information to offer a user-friendly service to the customer and to constantly improve it.

(2) Customer Account
You have the option of creating a customer account with us. In addition to your personal data for contract processing, your other voluntary information and past purchases made with us will be stored and processed. You can access them at any time, thus obtaining an overview of the purchases you have made with us. This data is also used so that you can log in with your login details the next time you make a purchase. It is also intended to help you manage your purchasing activities.

The legal basis is based on the consent you have given us in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

You can change or delete your data in the customer account at any time, as well as delete the entire account. If you use this feature, your customer account and all data contained therein will be deleted immediately.

(3) Transfer of Data for Shipping
We transmit the data necessary for shipping our goods (first and last name, address, email address, telephone number if necessary due to shipping the goods) to the respective shipping service provider for notification/coordination for delivery of the goods and for delivery of the goods.

The legal basis for the transfer results from Art. 6 para. 1 sentence 1 lit. b GDPR.

In this context, we will transfer your data to one of the following shipping service providers. They will give you more information about how they process your data:

DHL
DHL Paket GmbH, Sträßchensweg 10, postal code/city: 53113 Bonn, phone: +49/(0) 228/18 20, email: impressum.paket[at]dhl.com; https://www.dhl.de/de/toolbar/footer/datenschutz.html

(4) Transfer of Data When Using Online Payment Service Providers
If you decide to pay with one of the online payment service providers we offer as part of your ordering process, your contact details will be transmitted to them as part of the order triggered in this way. The legality of this data transfer is based on Art. 6 para. 1 sentence 1 lit. b GDPR for the execution of the payment method you have chosen, and our legitimate interests under Art. 6 para. 1 sentence 1 lit. f GDPR in enabling an easy and uncomplicated payment process.

The personal data transferred to the online payment service provider typically include the first and last name, address, telephone number, IP address, email address, or other data required for order processing, as well as data related to the order, such as the number of items, item number, invoice amount, and taxes in percentage, billing information, etc.

This transfer is necessary to process your order using the payment method you have selected, in particular to confirm your identity, manage your payment, and handle the customer relationship.

However, please note that the online payment service provider may also transfer personal data to service providers, subcontractors, or other affiliated companies if this is necessary to fulfill the contractual obligations arising from your order or if personal data must be processed on our behalf.

Depending on the payment method selected, e.g., invoice or direct debit, the personal data transmitted to the provider will be transmitted by the provider to credit agencies. This transfer serves to check your identity and creditworthiness in connection with the order you have placed. You can see which credit agencies are involved and which data is generally collected, processed, stored, and transferred by the respective provider in the respective privacy statements of the providers:

PayPal
PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg at https://www.paypal.com/de/webapps/mpp/ua/privacy-full

(5) Credit Card Payment
If you decide to pay by credit card, we collect and process the necessary personal data and transmit it to the card-issuing institution to process payment and comply with legal requirements, such as customer authentication in accordance with the EU Payment Services Directive PSD2.

This data is transferred for payment processing under Art. 6 para. 1 sentence 1 lit. b) GDPR and to fulfill our legal obligation to carry out strong customer authentication in accordance with Art. 6 para. 1 sentence 1 lit. c) GDPR in conjunction with EU Directive 2015/2366 (PSD 2) or the Payment Services Supervision Act (ZAG) to combat money laundering and criminal prosecution.

The technical processing of credit card payments is carried out by PayPal’s credit card service, PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg.

The latter has been commissioned to handle the technical control of payment transactions, including the implementation of the 3D Secure 2.0 procedure under Art. 28 GDPR. Other recipients of the data are the participating banks (on the one hand, the card-issuing bank — the issuer — and on the other, the credit card-accepting bank of the merchant — the acquirer).

You can view PayPal’s privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

e) Billbee CRM System
We have connected the Billbee CRM system of Billbee Gesellschaft mit beschränkter Haftung, Arolser Str. 10, 34477 Twistetal, to our website. We can use it to manage and process all incoming orders, commissions, queries, and contacts.

We use this CRM system on the basis of our legitimate interests in the simple management of customers, prospects, products, and contract processing under Art. 6 para. 1 sentence 1 lit. f GDPR.

We have concluded a processing contract with Billbee. You can find Billbee’s privacy policy at https://www.billbee.io/rechtliches/datenschutz.

f) Newsletter
Content of the Newsletter and Registration Data
We only send our newsletter, conduct statistical surveys and analyses, and record the registration process if you request it and if you have given your consent under Art. 6 para. 1 sentence 1 lit. a GDPR, § 25 para. 1 TTDSG.

The content of the newsletter is described in detail when you sign up for the newsletter. To subscribe to the newsletter, simply provide your email address. If you provide additional voluntary information such as your name and/or gender, it will be used exclusively to personalize the newsletter addressed to you.

Double Opt-In and Registration
For security reasons, we use the so-called double opt-in procedure to register for our newsletter, so that no one can register with other people’s email addresses. Therefore, after registering for our newsletter, you will first receive an email asking you to confirm your registration. Your registration only becomes effective once you confirm it.

Furthermore, your registration for the newsletter is recorded. The recording includes storing the time of registration and confirmation, the data you provide, and your IP address. If you change your data, these changes are also recorded.

Revocation
If you no longer wish to receive our newsletter, you can revoke your consent at any time for the future. To do so, you can click on the unsubscribe link at the end of each newsletter or send us an email to the following address: kontakt@arider.de.

Revoking consent does not affect the legality of the processing carried out on the basis of the consent prior to its withdrawal.

Use of ActiveCampaign
We send our newsletters with the help of the “ActiveCampaign” newsletter service, operated by ActiveCampaign, LLC (1 North Dearborn St, 5th Floor, Chicago, IL 60602, USA).

The email addresses of our newsletter recipients, as well as other data described in these notices, are stored on ActiveCampaign’s servers in the USA. ActiveCampaign uses this information to send and evaluate the newsletter on our behalf.

Furthermore, according to its own information, ActiveCampaign may use this data in pseudonymous form — that is, without assigning it to a user — to optimize or improve its own services, for example, to optimize the technical sending and display of the newsletter or for statistical purposes to determine from which countries the recipients come. However, the newsletter service provider does not use the data of our newsletter recipients to contact them itself or to pass them on to third parties.

We have concluded the Standard Contractual Clauses with ActiveCampaign.

You can find ActiveCampaign’s privacy policy here: https://www.activecampaign.com/legal/privacy-policy

Statistical Surveys and Analyses
The newsletters sent via AcitveCampaign contain a so-called “web beacon,” i.e., a pixel-sized file that is retrieved from the server of the newsletter service provider when the newsletter is opened. As part of this retrieval, technical information is first collected, such as information about the browser and your system, as well as your IP address and the time of retrieval.

This information is used for the technical improvement of the services based on technical data or the target groups and their reading behavior, based on their retrieval locations (which can be determined with the help of the IP address) or access times.

Statistical surveys also include determining whether the newsletters are opened, when they are opened, and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our intention nor that of ActiveCampaign to observe individual users. Rather, the evaluations help us recognize the reading habits of our users and adapt our content to them, or to send different content according to the interests of our users. We have agreed on a contract with ActiveCampaign for processing in accordance with Art. 26 GDPR and the Standard Contractual Clauses.

g) Contact Form
We provide a form on our website so you have the opportunity to contact us at any time. To use the contact form, it is necessary to provide a name for a personal greeting and a valid email address, so we know who sent the inquiry and can process it.

If you send us inquiries via the contact form, your data from the inquiry form — including the contact data you provide there and your IP address — will be processed in accordance with Art. 6 para. 1 sentence 1 lit. b and f GDPR for the purpose of taking pre-contractual measures at your request or to safeguard our legitimate interests, namely to conduct our business activities.

The inquiries and associated data are deleted at the latest 3 months after receipt, unless they are needed for a subsequent contractual relationship.

i) Use of Google Maps

Our website uses the Google Maps API. By using Google Maps, information about your use of this website (including your IP address) may be transferred to a server of Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) in the USA and stored there.

Google may pass on the information obtained through Maps to third parties if required by law or if such third parties process the information on Google’s behalf. However, your IP address will under no circumstances be merged with other Google data. Nevertheless, we must point out that, from a technical perspective, it would be possible for Google to identify individual users based on the data received.

We have no influence over whether your personal data and personality profiles are processed by Google for other purposes. If you absolutely wish to prevent this, you can disable Google Maps and thus prevent data transfer to Google. All you have to do is disable JavaScript in your browser. In this case, no data will be transmitted, but you will no longer be able to use the map display on our website.

We have concluded a processing contract with Google.

You can view Google’s Privacy Policy here: https://www.google.com/policies/privacy/?hl=de

By integrating Google Maps, Google Fonts are also dynamically loaded by Google without either the website operator or visitor actively deciding this. These web fonts are integrated by calling a server, usually a Google server in the USA. This may result in the following data being transmitted to the server and stored by Google:

  • Name and version of the browser used
  • The website from which the request originated (referrer URL)
  • The operating system of your computer
  • The screen resolution of your computer
  • The IP address of the requesting computer
  • The language settings of the browser or operating system used by the user

You can find more information in Google’s privacy policy, which you can access here:

www.google.com/fonts#AboutPlace:about
www.google.com/policies/privacy/

Using Google Maps is a service that allows you to precisely identify our location and, if necessary, better plan your visit to us. The use of Google Maps is based on your consent under Art. 6 para. 1 sentence 1 lit. a GDPR.

j) Google Tag Manager

We use Google Tag Manager from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) on our website. Google Tag Manager is a management and administration tool in which other tracking and/or statistics tools can be centrally managed and served.

When you visit our website and give your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR, Google Tag Manager collects and processes your IP address, which may also be transferred to the USA. However, Google Tag Manager itself does not create any user profiles or analyses.

We have concluded a processing contract with Google.

You can view Google’s privacy policy here: https://www.google.com/policies/privacy/?hl=de

10. Analysis and Tracking Tools

We use the analysis and tracking tools listed below on our website. These serve to ensure the continuous optimization of our website and its design in line with requirements.

We use these tools based on your consent under Art. 6 para. 1 sentence 1 lit. a GDPR. You can withdraw your consent at any time by changing your cookie settings. Processing remains lawful until you withdraw your consent.

You can see the respective purposes of processing and categories of data in the respective tools. We note that we have no influence on whether and to what extent the service providers carry out further data processing.

a) Google Analytics
We use Google Analytics on our website, a web analytics service by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereafter referred to as “Google”).

Google Analytics uses cookies in this context (see Section 7). The information generated by the cookie about your use of this website, such as:

  • Name and version of the browser used
  • The operating system of your computer
  • The website from which access is made (referrer URL)
  • The IP address of the requesting computer
  • The time of the server request

is generally transferred to and stored on a Google server in the USA.

Google automatically anonymizes your IP address before recording it via EU domains and servers. Therefore, your IP address is neither recorded nor stored.

On our behalf, Google uses this information to evaluate your use of our website, compile reports on website activity, and provide other services related to the use of the website and the internet. The IP address transmitted by your browser within the scope of Google Analytics is not merged with other Google data.

We have concluded a processing contract with Google.

Here you will find general information on data protection at Google: https://support.google.com/analytics/answer/6004245

b) Google Remarketing
We use the remarketing function of Google Analytics to target advertising campaigns — including Google AdWords campaigns — at visitors to our website.

Based on your previous visits to our website, relevant ads will be presented to you when visiting other websites in the Google Display Network.

The DoubleClick cookie enables Google to show us and other third-party providers targeted advertising matching the interests identified based on your previous visits to our website and/or other websites. This advertising may be displayed on websites owned by Google and/or other operators within the Google advertising network. We also use the Google Analytics advertising features to analyze the effectiveness of our own advertising campaigns.

If you have agreed in your Google account that Google can link your web and app browsing history with your Google account and that information from your Google account is used to personalize ads, Google uses your data along with Google Analytics data to create cross-device remarketing target group lists. For this purpose, Google Analytics first collects Google-authenticated IDs for you as a user on our website, which are linked to your Google account. Google Analytics then temporarily links these IDs with Google Analytics data to optimize our target groups.

We have concluded a processing contract with Google.

Here you will find an overview of data protection at Google: https://support.google.com/analytics/answer/6004245

c) Google Ads Conversion Tracking
We use Google Ads, an online advertising program by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), on our website. Conversion tracking is also used. With this tool, Google Ads places a cookie on your terminal device when you reach our website via a Google advertisement.

The cookie is not used for personal tracking. If you visit our website as a user and the cookie is still active, we and Google can see that you clicked on the relevant ad and were redirected to our site. Each Google Ads customer receives a different cookie. Therefore, cookies cannot be tracked across the websites of Ads customers.

The data collected by the conversion cookies is used to generate conversion statistics for Ads customers. As Google Ads customers, we can see the total number of users who responded to our advertisement and were redirected to a website tagged with a conversion tracking tag. This enables us to identify the success of individual advertising measures. In this process, we do not receive any information that can be used to personally identify you as a user.

By using Google Ads, your browser automatically establishes a direct connection to Google’s server and can, if you have a Google account and are logged into it, assign the visit to your account. If you do not have a Google account, Google assigns you a unique ID. We have no influence on which additional data Google collects and stores.

We have concluded a processing contract with Google.

You can find more information on Google’s Privacy Policy at http://www.google.de/policies/privacy/

d) Facebook Conversion Pixel
We use the “conversion pixel” or visitor action pixel from Meta Platforms Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland). When this pixel is called by your browser, Meta Platforms can subsequently recognize if a Facebook ad was successful, such as if it led to an online purchase.

We only receive statistical data from Meta Platforms for this purpose, with no reference to a specific individual. This allows us to record the effectiveness of Facebook ads for statistical and market research purposes. In particular, if you are logged in to Facebook, we refer you to Facebook’s data protection information at https://www.facebook.com/about/privacy/.

e) Microsoft Advertising Conversion Tracking
We use the Microsoft Advertising program on our website, provided and operated by Microsoft Ireland Operations Limited, One Microsoft Place, South Country Business Park, Leopardstown, Dublin, Ireland 18, D18 P521 (“Microsoft”).

With the help of the Microsoft Advertising program, we can place ads in various search engines and networks. We have implemented Universal Event Tracking (UET) on our site so we can recognize which ad or keyword brought you to our website. This is a conversion tracking tag that allows us to know more about your behavior on our website. We use this information to optimize our advertisements and offers and tailor them better to your needs.

Microsoft collects, processes, and uses information via the cookie, from which user profiles are created using pseudonyms. These user profiles are used to analyze visitor behavior and display ads. No personal information about the user’s identity is processed.

Microsoft Advertising can collect, among other things, the following information:

  • Information about the browser you use and the device you use
  • Identifiers (tags) assigned by Microsoft
  • The website or ad from which access originated (referrer URL)
  • The IP address of the requesting computer
  • Duration and time of access

We have concluded a processing contract with Microsoft, which ensures that your data is processed in accordance with European data protection standards.

It cannot be ruled out that personal data may also be processed by the service provider in the USA, as the parent company Microsoft Corporation is headquartered in the USA.

For more information on data protection and the cookies used by Microsoft, see Microsoft’s website: https://privacy.microsoft.com/de-de/privacystatement

f) TikTok Pixel
We use the TikTok Pixel on our website provided by TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland) and TikTok Information Technologies UK Limited (WeWork, 125 Kingsway, London, WC2B 6NH, United Kingdom), which act as joint controllers in Europe.

The TikTok Pixel is a TikTok advertiser tool. It is a JavaScript snippet that allows us to see and track visitors’ activities on our website. This involves collecting and processing information about the visitors to our website and the devices they use (the so-called event data).

The purpose of processing these event data is, for example, to target our ads, improve ad delivery, and deliver personalized advertising. These event data are transmitted to TikTok.

We act as joint controllers with TikTok for collecting and transmitting event data. For this reason, we have signed an agreement with TikTok on joint processing. Under the concluded agreements, we are responsible for providing you with all information in accordance with Art. 13 and 14 GDPR regarding the joint processing of personal data. TikTok, in turn, is responsible for ensuring that data subjects can exercise their rights under Art. 15 to 20 GDPR.

You can access the agreement concluded between us and TikTok at https://ads.tiktok.com/i18n/official/policy/jurisdiction-specific-terms.

TikTok is the sole controller for the processing that immediately follows the transmission of the event data. For more information about how TikTok processes personal data, including the legal basis TikTok relies on and how to exercise your rights against TikTok, please refer to TikTok’s Data Policy at https://www.tiktok.com/legal/privacy-policy?lang=de-DE.

11. Integration of Images, Audio, and Video

YouTube
Our website uses the YouTube plugin, operated by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland).

If you activate the YouTube plugin during your visit, a connection is established with YouTube’s servers, and the YouTube server is informed which of our pages you have visited. This allows YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your member account before visiting our website.

You can find more information on how YouTube handles user data in YouTube’s Privacy Policy at: https://www.google.de/intl/de/policies/privacy.

By integrating YouTube, Google Fonts are also loaded dynamically by Google without the website operator or the visitor actively determining this. These web fonts are integrated via a server call, usually to a Google server in the USA. This may cause the following data to be transmitted to the server and stored by Google:

  • Name and version of the browser used
  • The website from which the request originated (referrer URL)
  • The operating system of your computer
  • The screen resolution of your computer
  • The IP address of the requesting computer
  • The language settings of the browser or operating system used by the user

You can find more information in Google’s Privacy Policy, accessible here:

www.google.com/fonts#AboutPlace:about
www.google.com/policies/privacy/

The legal basis follows from the consent you have granted in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can withdraw your consent at any time by changing the cookie settings on our website.

12. Rights of the Data Subject

You have the following rights:

a) Access
Under Art. 15 GDPR, you have the right to request information about your personal data processed by us. This right of access includes information about:

  • The purposes of processing
  • The categories of personal data
  • The recipients or categories of recipients to whom your data has been or will be disclosed
  • The planned retention period or at least the criteria for determining the retention period
  • The existence of a right to rectification, erasure, restriction of processing, or objection
  • The existence of a right to lodge a complaint with a supervisory authority
  • The origin of your personal data, if we have not collected it
  • The existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details

b) Rectification
Under Art. 16 GDPR, you have the right to immediate correction of inaccurate or incomplete personal data stored by us.

c) Erasure
Under Art. 17 GDPR, you have the right to require us to erase your personal data without undue delay, unless further processing is necessary for one of the following reasons:

  • The personal data is still necessary for the purposes for which it was collected or otherwise processed
  • To exercise the right to freedom of expression and information
  • To comply with a legal obligation that requires processing under the law of the European Union or of the Member States to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
  • For reasons of public interest in the area of public health under Art. 9 para. 2 lit. h) and i) and Art. 9 para. 3 GDPR
  • For archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes under Art. 89 para. 1 GDPR, to the extent that the right mentioned in section a) is likely to make impossible or seriously impair the achievement of the objectives of such processing
  • For the establishment, exercise, or defense of legal claims

d) Restriction of Processing
Under Art. 18 GDPR, you may request the restriction of the processing of your personal data if one of the following reasons applies:

  • You dispute the accuracy of your personal data.
  • The processing is unlawful, and you oppose the erasure of the personal data.
  • We no longer need the personal data for the purposes of processing, but you need it for the establishment, exercise, or defense of legal claims.
  • You object to the processing under Art. 21 para. 1 GDPR.

e) Notification
If you have requested the rectification or erasure of your personal data or the restriction of processing under Art. 16, Art. 17, or Art. 18 GDPR, we will notify all recipients to whom your personal data has been disclosed, unless this proves impossible or involves a disproportionate effort. You may request that we inform you about these recipients.

f) Data Portability
You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format.

You also have the right to request the transmission of this data to a third party, provided that processing is carried out by automated means and is based on consent under Art. 6 para. 1 sentence 1 lit. a or Art. 9 para. 2 lit. a, or on a contract under Art. 6 para. 1 sentence 1 lit. b GDPR.

g) Withdrawal
Under Art. 7 para. 3 GDPR, you have the right to withdraw the consent you have given us at any time. Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal. In the future, we may no longer carry out the data processing that was based on your withdrawn consent.

h) Complaint
Under Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates the GDPR.

i) Objection
If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right under Art. 21 GDPR to object to the processing of your personal data provided there are grounds for this arising from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without needing a special situation. If you wish to exercise your right of withdrawal or objection, simply send an email to kontakt@arider.de.

j) Automated Decision-Making in Individual Cases, including Profiling
You have the right not to be subject to a decision based solely on automated processing — including profiling — that produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision:

i. is necessary for entering into or performing a contract between you and us,
ii. is authorized by Union or Member State law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or
iii. is made with your explicit consent.

However, such decisions may not be based on special categories of personal data under Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect your rights and freedoms, as well as your legitimate interests.

In the cases mentioned in i) and iii), we will take appropriate measures to safeguard your rights, freedoms, and legitimate interests, which include at least the right to obtain human intervention on our part, to express your point of view, and to challenge the decision.

13. Changes to the Privacy Policy

If we change our Privacy Policy, this will be indicated on the website and registered customers will be informed accordingly.