Privacy policy

We operate our websites in accordance with the principles set out below:

We are committed to complying with the statutory provisions on data protection and strive to always observae the principles of data avoidance and data minimization.

1. Name and address of the person responsible

 The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states of the European Union as well as other data protection regulations is

Marius Klein Arider

Kettelerstrasse 5 – 11

Pavilion 12

97222 Rimpar

E-mail: kontakt@arider.de

Phone: +49 9365 8979268

www.arider.de

2. Definitions

 We have designed our privacy policy in accordance with the principles of clarity and transparency. However, if there are any uncertainties regarding the use of various terms, the corresponding definitions can be viewed here.

3. Legal basis for the processing of data

a) Processing of personal data in accordance with the GDPR

We only process your personal data, such as your surname and first name, your email address and IP address, etc., if there is a legal basis for doing so.  According to the General Data Protection Regulation, the following regulations in particular come into consideration here:

– Art. 6 para. 1 sentence 1 lit. a GDPR: The data subject has given their consent to the processing of their personal data for one or more specific purposes.

– Art. 6 para. 1 sentence 1 lit. b GDPR: Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

– Art. 6 para. 1 sentence 1 lit. c GDPR: Processing is necessary for compliance with a legal obligation to which the controller is subject

– Art. 6 para. 1 sentence 1 lit. d GDPR: Processing is necessary in order to protect the vital interests of the data subject or of another natural person

– Art. 6 para. 1 sentence 1 lit. e GDPR: processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller

– Art. 6 para. 1 sentence 1 lit. f GDPR: processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child

However, we will always point out the legal basis on which your personal data is processed at the relevant points in this privacy policy.

b) Consent of the legal guardians pursuant to Art. 8 para. 1 sentence 2 alt. 2 GDPR

A legal guardian must consent to all data processing on this website for which the consent of a minor who has not yet reached the age of 16 is required. 

Information on the individual data processing operations, their purposes and the categories of data concerned, for which the consent of the data subject is required, can be found in the privacy policy.

You can revoke your consent at any time by sending a declaration of revocation in text form to the contact details of the controller. Processing will remain lawful until you withdraw your consent.

c) Processing of information in accordance with Section 25 (1) TTDSG

We also process information in accordance with Section 25 (1) TTDSG by storing information on your terminal equipment or by accessing information that is already stored on your terminal equipment. This may involve both personal information and non-personal data, e.g. cookies, browser fingerprints, advertising IDs, MAC addresses and IMEI numbers. Terminal equipment is any equipment connected directly or indirectly to the interface of a public telecommunications network for sending, processing or receiving messages, Section 2 (2) No. 6 TTDSG.

As a rule, we process this information on the basis of your consent, Section 25 (1) TTDSG.

Insofar as an exception according to § 25 para. 2 no. 1 and no. 2 TTDSG is given, we do not require consent. Such an exception is given if we only access or store the information in order to transmit a message via a public telecommunications network or if this is absolutely necessary so that we can provide a telemedia service expressly requested by you. You can withdraw your consent at any time.

We inform you that the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

4. Disclosure of personal data

The disclosure of personal data also constitutes processing within the meaning of section 3 above. However, we would like to take this opportunity to inform you separately about the issue of disclosure to third parties. The protection of your personal data is very important to us. For this reason, we are particularly careful when it comes to passing on your data to third parties.

Data is therefore only passed on to third parties if there is a legal basis for the processing. For example, we pass on personal data to persons or companies who work for us as processors in accordance with Art. 28 GDPR. A processor is anyone who processes personal data on our behalf – i.e. in particular in a relationship of instruction and control with us

In accordance with the requirements of the GDPR, we conclude a contract with each of our processors in order to oblige them to comply with data protection regulations and thus ensure comprehensive protection of your data.

5. Storage period and deletion

Your personal data will be deleted by us if they are no longer necessary for the purposes for which they were collected or otherwise processed, if the processing is not necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.

6. SSL or TLS encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to us as the website operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

7. Cookies

We use cookies on our website. Cookies are small data packets that your browser automatically creates and that are stored on your end device when you visit our website. These cookies are used to store information in connection with the end device used.

When cookies are used, a distinction is made between technically necessary cookies and “other” cookies. Technically necessary cookies are those that are absolutely necessary in order to provide an information society service that you have expressly requested.

a) Technically necessary cookies

In order to make the use of our website more pleasant for you, we use technically necessary cookies, which may be so-called session cookies (e.g. language and font selection, shopping cart, etc.), consent cookies, cookies to ensure server stability and security or similar. The legal basis for the cookies results from Art. 6 para. 1 sentence 1 lit. f) GDPR, our legitimate interest in the error-free operation of the website and the interest in providing you with our services in an optimized manner.

b) Other cookies

Other cookies include cookies for statistical, analytical, marketing and retargeting purposes.

We use these cookies for you on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR.

You can revoke your consent to the use of cookies at any time.

We inform you that the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

To do this, you can either edit your cookie settings on our website, deactivate the use of cookies in your browser settings (whereby this may also restrict the functionality of the online offer) or set an opt-out for the corresponding service in individual cases.

We will inform you of the legal basis on which this data is processed for the respective services within the privacy policy.

Change cookie settings

8. Cookie banner

To obtain consent for the cookies we use, we use the cookie banner of the service provider Borlabs GmbH, Hamburger Str. 11, 22083 Hamburg. This sets a so-called consent cookie in order to query and process the respective consent status. This consent cookie is technically necessary and is therefore used on the basis of our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, § 25 para. 1 TTDSG.

9. Collection and storage of personal data and the nature and purpose of its use

a) External hosting

Our website is hosted by ALL-INKL.COM – Neue Medien Münnich, René Münnich, Hauptstraße 68, D-02742 Friedersdorf. For this reason, all personal data collected on our website is stored on the servers of our hoster, unless an external service of a third party is integrated. This may be the IP address, your e-mail address, communication data or similar. You can find out which specific personal data is involved in the individual functions and services explained by us below. If we use an external service from a third party, this will be made clear in the description of the respective service or tool.

The hoster processes your data only on our instructions and insofar as this is necessary to fulfill the services on the website. The hoster does not process the data for its own purposes. We have concluded an order processing contract with the host.

b) When visiting the website

When you visit our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without any action on your part and stored until it is automatically deleted:

– IP address of the requesting computer

– Date and time of access

– Name and URL of the retrieved file

– Website from which the access is made (referrer URL)

– the browser used and, if applicable, the operating system of your computer and the name of your access provider

We process the aforementioned data for the following purposes:

– Ensuring a smooth connection to the website

– Ensuring a comfortable use of our website

– Evaluation of system security and stability

– Error analysis

– for further administrative purposes

Data that allows conclusions to be drawn about your person, such as the IP address, will be deleted after 7 days at the latest. If we store the data beyond this period, this data is pseudonymized so that it can no longer be assigned to you.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes for data collection listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.

c) Shop system

We use the Woocommerce store system from Automattic Inc, 60 29 th Street #343, San Francisco, CA 94110-4929, USA, to offer our goods. 

The data you provide will therefore also be processed by our store provider as part of the operation of the store system. The store system may also set additional cookies.

For this reason, we have concluded a contract for commissioned data processing/the standard contractual clauses with them.

Further information on data protection can be found at:

https://automattic.com/privacy/

d) Contractual relationship

(1) Conclusion of contract

As part of the establishment of the contractual relationship, only the personal data absolutely necessary for the execution of the contract will be processed in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR.

If you provide additional voluntary information, this will only be processed on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. We use this voluntary information to offer a customer-friendly service and to constantly improve it.

(2) Customer account

You have the option of creating a customer account with us. In addition to your personal data for contract processing, your other voluntary details and the purchases you have made from us in the past will be stored and processed. You can access these at any time and thus obtain an overview of the purchases you have made with us. This data is used so that you can simply log in with your login details the next time you make a purchase. It is also intended to help you manage your purchasing activities.

The legal basis is based on the consent you have given in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

You can change or delete your data in the customer account at any time and also delete the account as a whole. If you make use of this function, your customer account and all the data it contains will be deleted immediately.

(3) Forwarding of data for dispatch

We pass on the data required for the shipment of our goods (first name and surname, address, e-mail address, telephone number if required due to shipping goods) to the corresponding shipping service provider for notification/coordination for the delivery of the goods and for the delivery of the goods.

The legal basis for the transfer results from Art. 6 para. 1 sentence 1 lit. b GDPR.

In this context, we will forward your data to one of the following shipping service providers. They will then provide you with further information on the processing of your data:

DHL

DHL Paket GmbH, Sträßchensweg 10, postcode/city: 53113 Bonn, telephone: +49/ (0) 228/ 18 20, e-mail: impressum.paket[at]dhl.com; https://www.dhl.de/de/toolbar/footer/datenschutz.html

(4) Forwarding of data when using online payment service providers

If you decide to pay with one of the online payment service providers offered by us as part of your order process, your contact details will be transmitted to them as part of the order triggered in this way. The lawfulness of the transfer of the data is based on Art. 6 para. 1 sentence 1 lit. b GDPR, for the execution of the payment method you have chosen and our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR to enable user-friendly and uncomplicated payment processing.

The personal data transmitted to the online payment service provider is usually first name, last name, address, telephone number, IP address, e-mail address, or other data required for order processing, as well as data related to the order, such as number of items, item number, invoice amount and taxes as a percentage, billing information, etc.

This transmission is necessary to process your order with the payment method you have selected, in particular to confirm your identity, to administer your payment and the customer relationship.

Please note, however, that personal data may also be passed on by the online payment service provider to service providers, subcontractors or other affiliated companies if this is necessary to fulfill the contractual obligations arising from your order or if the personal data is to be processed on our behalf.

Depending on the selected payment method, e.g. invoice or direct debit, the personal data transmitted to the provider will be transmitted by the provider to credit agencies. This transmission serves to check your identity and creditworthiness in relation to the order you have placed. You can find out which credit agencies are involved here and which data is generally collected, processed, stored and passed on by the respective provider in the respective data protection declarations of the providers:

PayPal

PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg at https://www.paypal.com/de/webapps/mpp/ua/privacy-full

(5) Credit card payment

If you decide to pay by credit card, we collect and process your necessary personal data and forward it to the card-issuing institution for payment processing and to fulfill the legal requirements, such as customer authentication in accordance with the EU Payment Services Directive PSD2.

This data is forwarded for payment processing in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR and to fulfill our legal obligation to carry out strong customer authentication in accordance with Art. 6 para. 1 sentence 1 lit. c) GDPR in conjunction with Directive EU 2015/2366 (PSD 2) or the Payment Services Supervision Act (ZAG) to combat money laundering and criminal prosecution.

The technical processing of credit card payments is carried out by the PayPal credit card service, PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg.

The latter was commissioned for the technical control of payment transactions including the implementation of the 3D Secure 2.0 procedure in accordance with Art. 28 GDPR. Other recipients of the data are the banks involved (on the one hand the card-issuing bank – the issuer – and on the other hand the merchant’s credit card-accepting bank – the acquirer.

You can find PayPal’s privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full

e) Billbee CRM system

We have connected the Billbee CRM system from Billbee Gesellschaft mit beschränkter Haftung, Arolser Str. 10, 34477 Twistetal to our website. We can use this to manage and process all incoming orders, commissions, inquiries and contacts.

The use of this CRM system is based on our legitimate interests in the simple management of customers, interested parties, articles and the processing of contracts in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

We have concluded an order processing contract with Billbee. You can find Billbee’s privacy policy at https://www.billbee.io/rechtliches/datenschutz.

f) Newsletter

Content of the newsletter and registration data

We will only send you our newsletter and carry out statistical surveys and analyses and log the registration process if you order it from us and have given your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, § 25 para.1 TTDSG.

The contents of the newsletter are described in detail when you register for the newsletter. To subscribe to the newsletter, it is sufficient to provide your e-mail address. If you provide further voluntary information, such as your name and/or gender, this will be used exclusively to personalize the newsletter addressed to you.

Double opt-in and logging

For security reasons, we use the so-called double opt-in procedure to register for our newsletter so that nobody can register with other people’s e-mail addresses. After registering for our newsletter, you will therefore first receive an e-mail asking you to confirm your registration. Your registration only becomes effective once it has been confirmed.

Furthermore, your registration for the newsletter will be logged. The logging includes the storage of the time of registration and confirmation, the data you provide and your IP address. If you make changes to your data, these changes will also be logged.

Revocation

If you no longer wish to receive our newsletter, you can revoke your consent at any time for the future. To do so, you can click on the unsubscribe link at the end of each newsletter or send us an email to the following email address: kontakt@arider.de

The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Use of ActiveCampaign 

We send our newsletter with the help of the newsletter service “ActiveCampaign”, which is operated by ActiveCampaign, LLC (1 North Dearborn St, 5th Floor, Chicago, IL 60602, USA).

The email addresses of our newsletter recipients, as well as their other data described in this notice, are stored on ActiveCampaign’s servers in the USA. ActiveCampaign uses this information to send and analyze the newsletter on our behalf.

Furthermore, ActiveCampaign may, according to its own information, use this data in pseudonymous form, i.e. without allocation to a user, to optimize or improve its own services, e.g. to technically optimize the dispatch and presentation of the newsletter or for statistical purposes in order to determine which countries the recipients come from. However, the mailing service provider does not use the data of our newsletter recipients to write to them itself or to pass it on to third parties.

We have concluded the standard contractual clauses with Active Campaign.

You can find ActiveCampaign’s privacy policy here:

Statistical surveys and analyses

The newsletters sent via AcitveCampaign contain a so-called “web-beacon”, i.e. a pixel-sized file that is retrieved from the server of the mailing service provider when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval are initially collected.

This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined with the help of the IP address) or the access times.

The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our intention nor that of ActiveCampaign to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users. we have agreed a contract with ActiveCampaign for order processing in accordance with Art. 26 GDPR and the standard contractual clauses.

g) Contact form

We provide you with a form on our website so that you have the opportunity to contact us at any time. To use the contact form, it is necessary to provide a name for a personal salutation and a valid e-mail address so that we know who sent the request and can process it.

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provide there and your IP address, will be processed in accordance with Art. 6 para. 1 sentence 1 lit. b and f GDPR to carry out pre-contractual measures in response to your inquiry or to safeguard our legitimate interests, namely to carry out our business activities.

The requests and the associated data will be deleted no later than 3 months after receipt, unless they are required for a further contractual relationship.

i) Use of Google Maps

Our website uses the Google Maps API. By using Google Maps, information about your use of this website (including your IP address) may be transferred to a Google server (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) in the USA and stored there.

Google may transfer the information obtained through Maps to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. However, under no circumstances will your IP address be associated with other Google data. Nevertheless, we must point out that it would be technically possible for Google to identify individual users on the basis of the data received.

We have no influence on whether your personal data and personality profiles are processed by Google for other purposes. If you want to avoid this in any case, you can deactivate the Google Maps service and thus prevent the transfer of data to Google. All you have to do is deactivate JavaScript in your browser. In this case, no data will be transferred, but you will no longer be able to use the map display on our website.

We have concluded an order processing contract with Google.

You can find the Google privacy policy here

By integrating Google Maps, Google fonts are also dynamically loaded by Google without the website operator or visitor actively determining this. These web fonts are integrated by a server call, usually a Google server in the USA. This may result in the following data being transmitted to the server and stored by Google:

– Name and version of the browser used

– Website from which the request was triggered (referrer URL)

– Operating system of your computer

– Screen resolution of your computer

– IP address of the requesting computer

– Language settings of the browser or operating system used by the user

You can find more information in Google’s privacy policy, which you can access here:

www.google.com/fonts#AboutPlace:about

www.google.com/policies/privacy/

The use of Google Maps is a service for you so that you can accurately recognize our location and, if necessary, better plan your visit to us. The use of Google Maps is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

j) Google Tag Manager

We use the Google Tag Manager from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) on our website. Google Tag Manager is an administration and management tool in which other tracking and/or statistics tools can be centrally managed and played out. 

When you visit our website and if you give your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR, Google Tag Manager collects and processes your IP address, which may also be transferred to the USA. However, Google Tag Manager itself does not create any user profiles or analyses.

We have concluded an order processing contract with Google.

You can find the Google privacy policy here

10. Analysis and tracking tools

We use the analysis and tracking tools listed below on our website. These serve to ensure the continuous optimization of our website and to design it in line with requirements.

We use these tools on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can withdraw your consent at any time by changing the cookie settings. Processing remains lawful until you withdraw your consent.

The respective data processing purposes and data categories can be found in the corresponding tools. We would like to point out that we have no influence on whether and to what extent the service providers carry out further data processing.

a) Google Analytics

We use Google Analytics on our website, a web analysis service from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”).

Google Analytics uses cookies in this context (see section 7). The information generated by the cookie about your use of this website such as

– Name and version of the browser used

– Operating system of your computer

– Website from which the access is made (referrer URL)

– IP address of the requesting computer

– Time of the server request

are usually transferred to a Google server in the USA and stored there.

Your IP address is automatically anonymized by Google before it is recorded via EU domains and servers. There is therefore no logging or storage of your IP address.

Google will use this information on our behalf to evaluate your use of our website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

We have concluded an order processing contract with Google.

Please click here for an overview of data protection at Google. [https://support.google.com/analytics/answer/6004245]

b) Google Remarketing

We use the remarketing function of Google Analytics to target advertising campaigns – including Google AdWords campaigns – to visitors to our website.

Based on your previous visits to our website, you will be presented with relevant advertisements when you visit other websites in the Google Display Network.

The DoubleClick cookie enables Google to show us and other third-party providers targeted advertising that matches the interests determined on the basis of your previous visits to our website and/or other websites. This advertising may be displayed on Google websites and/or other operators of the Google advertising network. We also use the Google Analytics advertising functions to analyze the effectiveness of our own advertising campaigns.

If you have agreed in your Google account that your web and app browsing history will be linked by Google to your Google account and information from your Google account will be used to personalize ads, Google will use data from you together with Google Analytics data to create target group lists for cross-device remarketing. For this purpose, Google Analytics first collects Google-authenticated IDs for you as a user on our website, which are linked to your Google account. Google Analytics then temporarily links these IDs with Google Analytics data in order to optimize our target groups.

We have concluded an order processing contract with Google.

Please click here for an overview of data protection at Google. [https://support.google.com/analytics/answer/6004245]

c) Google Ads conversion tracking

We use Google Ads, an online advertising program from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) on our website. Conversion tracking is also used. With this tool, Google Ads places a cookie on your end device when you access our website via a Google ad.

The cookie is not used for personal traceability. If you visit our website as a user and the cookie is still working, we and Google will recognize that you clicked on the corresponding ad and were redirected to our site. A different cookie is assigned to each Google Ads customer. Cookies are therefore not traceable via the websites of Ads customers.

The data collected by conversion cookies is used to generate conversion statistics for Ads customers. As Google Ads customers, we learn the total number of users who responded to our ad and were then redirected to a website that was provided with a conversion tracking tag. This allows us to recognize the success of individual advertising measures. We do not receive any information during this process that could be used to personally identify you as a user.

When using Google Ads, your browser automatically establishes a direct connection with the Google server and, if you have a Google account and are logged into it, can assign the visit to your account. If you do not have a Google account, Google will assign you a unique identifier. We have no influence on what other data Google collects and stores.

We have concluded an order processing contract with Google.

You can find out more about Google’s privacy policy at http://www.google.de/policies/privacy/.

d) Facebook conversion pixel

We use the “conversion pixel” or visitor action pixel of Meta Platforms Ireland Ltd (4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland). By calling up this pixel from your browser, Meta Platforms can subsequently recognize whether a Facebook ad was successful, e.g. whether it led to an online purchase.

We only receive statistical data from Meta Platforms for this purpose without reference to a specific person. This enables us to record the effectiveness of Facebook ads for statistical and market research purposes. In particular, if you are logged in to Facebook, we refer you to their data protection information https://www.facebook.com/about/privacy/.

e) Microsoft Advertising Conversion Tracking

We use the Microsoft Advertising program on our website, which is provided and operated by Microsoft Ireland Operations Limited, One Microsoft Place, South Country Business Park, Leopardstown, Dublin, Ireland 18, D18 P521 (“Microsoft”).

With the help of the Microsoft Advertising program, we can place advertisements in various search engines and networks. We have implemented Universal Event Tracking (UET) on our website in order to recognize which ad or keyword brought you to our website. This is a conversion tracking tag that allows us to learn more about your user behavior on our website. We use this information to optimize our advertisements and offers and better adapt them to your needs.

Microsoft collects, processes and uses information via the cookie, from which user profiles are created using pseudonyms. These user profiles are used to analyze visitor behavior and are used to display advertisements. No personal information about the identity of the user is processed.

Microsoft Advertising may collect the following information, among others:

  • Information about the browser you are using and the device you are using
  • identifiers (labels) assigned by Microsoft,
  • Website or display from which access is made (referrer URL)
  • IP address of the requesting computer,
  • Access duration and time.

We have concluded an order processing contract with Microsoft, which ensures that your data will be processed in accordance with European data protection standards.

It cannot be ruled out that personal data will also be processed by the service provider in the USA, as the parent company Microsoft Corporation has its headquarters in the USA.

Further information on data protection and the cookies used by Microsoft can be found on the Microsoft website https://privacy.microsoft.com/de-de/privacystatement.

f) TikTok Pixel

On our website we use the TikTok Pixel of TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland) and TikTok Information Technologies UK Limited (WeWork, 125 Kingsway, London, WC2B 6NH, United Kingdom), which act as joint controllers in Europe.

The TikTok Pixel is a TikTok advertiser tool. It is a JavaScript code snippet that allows us to see and track the activities of visitors to our website. For this purpose, information about visitors to our website and the devices they use (so-called event data) is collected and processed.

The purpose of processing this event data is, for example, the targeting of our advertisements, the improvement of ad delivery and personalized advertising. This event data is transmitted to TikTok.

We act as joint controllers with TikTok for the collection and transmission of event data. For this reason, we have entered into an agreement with TikTok on processing as joint controllers. In accordance with the agreements made, we are responsible for providing you with all information pursuant to Art. 13 and 14 GDPR on the joint processing of personal data. TikTok is in turn responsible for ensuring that data subjects can exercise their rights in accordance with Art. 15 to 20 GDPR.

You can access the agreement concluded between us and TikTok at https://ads.tiktok.com/i18n/official/policy/jurisdiction-specific-terms.

TikTok is the sole controller for the processing that immediately follows the transmission of the Event Data. For more information on how TikTok processes personal data, including the legal basis on which TikTok relies and how to exercise your rights against TikTok, please refer to TikTok’s Data Policy at https://www.tiktok.com/legal/privacy-policy?lang=de-DE.

11. Image, sound and video integration

YouTube

Our website uses the YouTube plugin, which is operated by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland).

If you activate the YouTube plugin during your visit, a connection to the YouTube servers is established and the YouTube server is informed which of our pages you have visited. This allows YouTube to associate your surfing behavior directly with your personal profile. You can prevent this by logging out of your member account before visiting our website.

Further information on the handling of user data can be found in YouTube’s privacy policy at: https://www.google.de/intl/de/policies/privacy

By integrating YouTube, Google fonts are also dynamically loaded by Google without the website operator or visitor actively determining this. These web fonts are integrated by a server call, usually a Google server in the USA. This may result in the following data being transmitted to the server and stored by Google:

– Name and version of the browser used

– Website from which the request was triggered (referrer URL)

– Operating system of your computer

– Screen resolution of your computer

– IP address of the requesting computer

– Language settings of the browser or operating system used by the user

You can find more information in Google’s privacy policy, which you can access here:

www.google.com/fonts#AboutPlace:about

www.google.com/policies/privacy/

The legal basis results from the consent you have given in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can withdraw your consent at any time by changing the cookie setting on our website.

12. Rights of the data subject

You have the following rights:

  1. a) Information

In accordance with Art. 15 GDPR, you have the right to request information about your personal data processed by us. This right to information includes information about

– the purposes of processing

– the categories of personal data

– the recipients or categories of recipients to whom your data has been or will be disclosed

– the planned storage period or at least the criteria for determining the storage period

– the existence of a right to rectification, erasure, restriction of processing or objection

– the existence of a right to lodge a complaint with a supervisory authority

– the origin of your personal data if it was not collected by us

– the existence of automated decision-making, including profiling and, where applicable, meaningful information about its details

  1. b) Correction

According to Art. 16 GDPR, you have the right to immediate correction of incorrect or incomplete personal data stored by us.

  1. c) Deletion

In accordance with Art. 17 GDPR, you have the right to demand that we erase your personal data without undue delay, unless further processing is necessary for one of the following reasons:

– the personal data are still necessary for the purposes for which they were collected or otherwise processed

– to exercise the right to freedom of expression and information

– for compliance with a legal obligation which requires processing by European Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller

– for reasons of public interest in the area of public health pursuant to Art. 9 para. 2 lit. h and i and Art. 9 para. 3 GDPR

– for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 para. 1 GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing

– for the assertion, exercise or defense of legal claims

  1. d) Restriction of processing

In accordance with Art. 18 GDPR, you can request the restriction of the processing of your personal data for one of the following reasons

– You dispute the accuracy of your personal data.

– The processing is unlawful and you oppose the erasure of the personal data.

– We no longer need the personal data for the purposes of the processing, but you need it for the establishment, exercise or defense of legal claims.

– You object to the processing pursuant to Art. 21 (1) GDPR.

  1. e) Information

If you have requested the rectification or erasure of your personal data or a restriction of processing in accordance with Art. 16, Art. 17 or Art. 18 GDPR, we will inform all recipients to whom your personal data has been disclosed, unless this proves impossible or involves a disproportionate effort. You can request that we inform you of these recipients.

  1. f) Transmission

You have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format.

You also have the right to request the transfer of this data to a third party, provided that the processing is carried out using automated procedures and is based on consent pursuant to Art. 6 para. 1 sentence 1 lit. a or Art. 9 para. 2 lit. a or on a contract pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR.

  1. g) Revocation

In accordance with Art. 7 (3) GDPR, you have the right to withdraw your consent to us at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. In future, we may no longer continue the data processing that was based on your withdrawn consent.

  1. h) Complaint

In accordance with Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates the GDPR.

  1. i) Objection

If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which will be implemented by us without specifying the particular situation. If you wish to exercise your right of revocation or objection, simply send an e-mail to kontakt@arider.de

  1. j) Automated decision in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision

  1. is necessary for the conclusion or performance of a contract between you and us
  2. is authorized by European Union or Member State law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests

             iii. with your express consent

However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.

In the cases referred to in i) and iii), we will take reasonable steps to safeguard your rights and freedoms and legitimate interests, including at least the right to obtain human intervention on our part, to express your point of view and to contest the decision.

13. Amendment of the privacy policy

If we change the privacy policy, this will be indicated on the website and registered customers will be informed.