Privacy policy

1) Introduction and Contact Details of the Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about how your personal data is handled when using our website. Personal data refers to all data that can be used to personally identify you.

1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:
Dr. Niedermaier Pharma GmbH
Georg-Knorr-Str. 1, 85662 Hohenbrunn, Germany
Phone: +49 (0)89 660797-0
Email: info@drniedermaier.com

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

1.3 The controller has appointed a data protection officer, who can be contacted as follows:
Institut für IT-Recht – IITR Datenschutz GmbH
Attorney Dr. Sebastian Kraska
Marienplatz 2, 80331 Munich, Germany
Phone: +49 (0)89 1891 7360
Email: email@iitr.de

2) Data Collection When Visiting Our Website

2.1 When using our website purely for informational purposes, i.e., if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to our server (so-called “server log files”). This includes:

Visited website
Date and time of access
Amount of data sent in bytes
Source/referrer from which you accessed the page
Browser used
Operating system used
IP address used (possibly in anonymized form)

Processing is carried out in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of our website. This data is not passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of unlawful use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the “https://” prefix and the lock symbol in your browser’s address bar.

3) Hosting & Content Delivery Network

Shopify

We use the services of the following provider for hosting and displaying the website:
Shopify International Limited
Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland

Data is also transferred to:
Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada

All data collected on our website is processed on the provider’s servers. We have concluded a data processing agreement with the provider to ensure the protection of our website visitors’ data and to prohibit unauthorized disclosure to third parties.

An adequate level of data protection for data transfers to Canada is ensured by an adequacy decision of the European Commission.

4) Cookies

To make visiting our website attractive and to enable the use of certain functions, we use cookies—small text files stored on your device. Some cookies are deleted after closing your browser (session cookies), while others remain on your device to enable us to recognize your browser on your next visit (persistent cookies). You can find the storage duration in your browser’s cookie settings.

If personal data is also processed by individual cookies, the processing is carried out in accordance with:

Art. 6(1)(b) GDPR for the performance of a contract,
Art. 6(1)(a) GDPR if consent has been given, or
Art. 6(1)(f) GDPR to safeguard our legitimate interests in the best possible functionality of the website and a user-friendly experience.

You can configure your browser to inform you about the setting of cookies and to decide individually whether to accept them, or to exclude the acceptance of cookies for specific cases or in general.

Please note that if you do not accept cookies, the functionality of our website may be limited.

5) Contacting Us

5.1 Trusted Shops

For review reminders, we use the services of the following provider:
Trusted Shops AG, Subbelrather Str. 15c, 50823 Cologne, Germany.

Based solely on your explicit consent in accordance with Art. 6(1)(a) GDPR, we transmit your email address and, if applicable, other customer data to the provider so that they can contact you with a review reminder via email.

You may revoke your consent at any time with effect for the future, either to us or directly to the provider.

We are jointly responsible with the provider for the above-described processing in accordance with Art. 26 GDPR. The agreement on joint responsibility can be viewed here:
https://help.etrusted.com/hc/de/articles/4402587369105-Vertrag-%C3%BCber-die-gemeinsame-Verantwortlichkeit-nach-DSGVO

5.2 WhatsApp Business

You have the option to contact us via the WhatsApp messaging service provided by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. We use the “Business” version of WhatsApp for this purpose.

If you contact us via WhatsApp in connection with a specific transaction (e.g., an order), we will store and use the mobile phone number you use on WhatsApp and—if provided—your first and last name in accordance with Art. 6(1)(b) GDPR to process and respond to your request. On the same legal basis, we may ask you for additional information (e.g., order number, customer number, address, or email address) to assign your request to a specific transaction.

If you use our WhatsApp contact for general inquiries (e.g., about services, availability, or our website), we will store and use your mobile number and—if provided—your name in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in efficiently providing the requested information.

Your data will be used solely to respond to your inquiry via WhatsApp. It will not be shared with third parties.

Please note that WhatsApp Business has access to the address book of the mobile device we use and automatically transfers stored phone numbers to a server of Meta Platforms Inc. in the USA. We ensure that only contact data of users who have contacted us via WhatsApp are stored in our address book.

This ensures that every person whose WhatsApp contact details are stored has already consented to the transmission of their phone number in accordance with Art. 6(1)(a) GDPR by accepting WhatsApp’s terms of use.

For more information on the purpose and scope of data collection and further processing by WhatsApp, please refer to their privacy policy:
https://www.whatsapp.com/legal/?eea=1#privacy-policy

We have concluded a data processing agreement with WhatsApp to protect our users’ data and prevent unauthorized disclosure.

In the context of this processing, data may be transferred to servers of Meta Platforms Inc. in the USA. WhatsApp is certified under the EU-U.S. Data Privacy Framework, ensuring compliance with European data protection standards.

5.3 General Contact

When contacting us (e.g., via contact form or email), personal data is processed solely for the purpose of handling and responding to your inquiry and only to the extent necessary.

The legal basis for this processing is our legitimate interest in responding to your request in accordance with Art. 6(1)(f) GDPR. If your inquiry is aimed at concluding a contract, the additional legal basis is Art. 6(1)(b) GDPR.

Your data will be deleted once it is clear that the matter has been conclusively resolved and no legal retention obligations apply.

6) Data Processing When Opening a Customer Account

In accordance with Art. 6(1)(b) GDPR, personal data is collected and processed to the extent necessary when you provide it to us during the creation of a customer account. The required data is specified in the input form on our website.

You may delete your customer account at any time by contacting the controller at the address provided above. After deletion, your data will be erased unless all related contracts have been fully processed, no legal retention periods apply, and there is no legitimate interest in continued storage.

7) Use of Customer Data for Direct Advertising

7.1 Subscription to Our Email Newsletter

If you subscribe to our email newsletter, we will regularly send you information about our offers. The only mandatory information required for sending the newsletter is your email address. Providing additional data is voluntary and is used to address you personally.

We use the so-called double opt-in procedure for sending the newsletter. This ensures that you only receive newsletters once you have explicitly confirmed your consent by clicking on a verification link sent to the provided email address.

By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6(1)(a) GDPR. In this context, we store your IP address as provided by your Internet Service Provider (ISP), as well as the date and time of registration, in order to trace any potential misuse of your email address at a later time.

The data collected during the newsletter registration process is used strictly for the intended purpose.

You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending a corresponding message to the controller mentioned above. After unsubscribing, your email address will be promptly deleted from our newsletter distribution list, unless you have expressly consented to further use of your data or we reserve the right to use your data beyond this scope, as permitted by law and as explained in this privacy notice.

7.2 Klaviyo

Our email newsletters are sent via the following provider:
Klaviyo, Inc., 125 Summer St., Ste 600, Boston, MA 02110, USA

Based on our legitimate interest in effective and user-friendly newsletter marketing, we transmit the data you provided during newsletter registration to this provider in accordance with Art. 6(1)(f) GDPR so that they can send the newsletter on our behalf.

Subject to your explicit consent in accordance with Art. 6(1)(a) GDPR, the provider also performs statistical analysis of newsletter campaigns using web beacons or tracking pixels embedded in the emails. These allow measurement of open rates and specific interactions with newsletter content. Device information (e.g., time of access, IP address, browser type, and operating system) may also be collected and analyzed, but is not merged with other data sources.

You may revoke your consent to newsletter tracking at any time with effect for the future.

We have concluded a data processing agreement with the provider to protect the data of our website visitors and to prohibit unauthorized disclosure to third parties.

For data transfers to the USA, the provider is certified under the EU-U.S. Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.

7.3 WhatsApp Newsletter

If you subscribe to our WhatsApp newsletter, we will regularly send you information about our offers via WhatsApp. The only required information for sending the newsletter is your mobile phone number.

To subscribe, you must save our provided mobile number in your phone’s contacts and send us the message “Start” via WhatsApp. By sending this message, you give us your consent to use your personal data in accordance with Art. 6(1)(a) GDPR for the purpose of sending the newsletter. We will then add you to our newsletter distribution list.

The data collected during newsletter registration is used exclusively for promotional communication via WhatsApp. You can unsubscribe at any time by sending the message “Stop” via WhatsApp. After unsubscribing, your mobile number will be promptly deleted from our distribution list, unless you have expressly consented to further use of your data or we are legally permitted to use it for other purposes, which we inform you about in this privacy notice.

Please note that WhatsApp Business has access to the address book of the mobile device we use and automatically transfers stored phone numbers to a server of its parent company, Meta Platforms Inc., in the USA.

To ensure data protection, we use a mobile device for our WhatsApp newsletter that stores only the contact details of users who have subscribed to the newsletter. This ensures that every person whose WhatsApp contact details are stored has already consented to the transmission of their phone number in accordance with Art. 6(1)(a) GDPR by accepting WhatsApp’s terms of use when first using the app.

For more information on the purpose and scope of data collection and further processing by WhatsApp, as well as your rights and privacy settings, please refer to WhatsApp’s privacy policy:
https://www.whatsapp.com/legal/?eea=1#privacy-policy

We have concluded a data processing agreement with WhatsApp to protect the data of our newsletter recipients and to prohibit unauthorized disclosure to third parties.

In the context of the above-mentioned processing, data may be transferred to servers of Meta Platforms Inc. in the USA.

For data transfers to the USA, the provider is certified under the EU-U.S. Data Privacy Framework, ensuring compliance with the European data protection level based on an adequacy decision by the European Commission.

7.4 Sinch

Our WhatsApp newsletters are sent via the following provider:
Sinch Sweden AB, Lindhagensgatan 74, 112 18 Stockholm, Sweden

Based on our legitimate interest in effective and user-friendly newsletter marketing, we transmit your phone number linked to your WhatsApp account and, if applicable, your first and last name to this provider in accordance with Art. 6(1)(f) GDPR so that they can send the newsletter on our behalf.

Subject to your explicit consent in accordance with Art. 6(1)(a) GDPR, the provider also performs statistical analysis of newsletter campaigns using web beacons or tracking pixels embedded in WhatsApp messages. These allow measurement of open rates and specific interactions with newsletter content. Device information (e.g., time of access, IP address, browser type, and operating system) may also be collected and analyzed, but is not merged with other data sources.

You may revoke your consent to newsletter tracking at any time with effect for the future.

We have concluded a data processing agreement with the provider to protect the data of our website visitors and to prohibit unauthorized disclosure to third parties.

7.5 Cart Reminder Emails

If you abandon your purchase before completing the order, you may receive a one-time reminder email about the contents of your virtual shopping cart.

The only required information for sending this reminder is your email address. Providing additional data is voluntary and may be used to address you personally. We use the double opt-in procedure to ensure that you only receive such notifications after confirming your consent via a verification link sent to your email address.

By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6(1)(a) GDPR for the purpose of sending a cart reminder. In this context, we store your IP address as provided by your Internet Service Provider (ISP), as well as the date and time of registration, to trace any potential misuse of your email address.

The data collected for this notification service is used strictly for the intended purpose.

You can unsubscribe from cart reminders at any time by sending a message to the controller mentioned above. After unsubscribing, your email address will be promptly deleted from our distribution list, unless you have expressly consented to further use of your data or we are legally permitted to use it for other purposes, which we inform you about in this privacy notice.

7.6 Postal Advertising

Based on our legitimate interest in personalized direct advertising, we reserve the right to store your first and last name, postal address, and—if provided during the course of the contractual relationship—your title, academic degree, year of birth, and professional, industry, or business designation in accordance with Art. 6(1)(f) GDPR, and to use this information to send you interesting offers and information about our products by postal mail.

You may object to the storage and use of your data for this purpose at any time by contacting us.

8) Data Processing for Order Fulfillment

8.1 General Information

To the extent necessary for the performance of the contract for delivery and payment purposes, the personal data we collect will be passed on to the commissioned transport company and the commissioned financial institution in accordance with Art. 6(1)(b) GDPR.

If we owe you updates for goods with digital elements or for digital products based on a corresponding contract, we will use the contact details you provided during the order process to inform you personally in accordance with our legal obligations under Art. 6(1)(c) GDPR. Your contact details will be used strictly for the purpose of providing such updates and will only be processed to the extent necessary for this purpose.

To process your order, we also work with the following service providers who support us in whole or in part in fulfilling concluded contracts. Certain personal data is transmitted to these service providers as described below.

8.2 Transfer of Personal Data to Shipping Providers

– DHL

We use the following provider as a shipping service:
DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn, Germany

If you have given your explicit consent during the ordering process in accordance with Art. 6(1)(a) GDPR, we will forward your email address and/or phone number to DHL prior to delivery for the purpose of coordinating a delivery date or providing delivery notifications.

If no such consent is given, we will only forward the recipient’s name and delivery address to DHL for the purpose of delivery in accordance with Art. 6(1)(b) GDPR. The data will only be shared to the extent necessary for the delivery of the goods. In this case, prior coordination of the delivery date or delivery notification is not possible.

You may revoke your consent at any time with effect for the future by contacting either the controller named above or DHL directly.

– UPS

We use the following provider as a shipping service:
United Parcel Service Deutschland Inc. & Co. OHG, Görlitzer Straße 1, 41460 Neuss, Germany

If you have given your explicit consent during the ordering process in accordance with Art. 6(1)(a) GDPR, we will forward your email address and/or phone number to UPS prior to delivery for the purpose of coordinating a delivery date or providing delivery notifications.

If no such consent is given, we will only forward the recipient’s name and delivery address to UPS for the purpose of delivery in accordance with Art. 6(1)(b) GDPR. The data will only be shared to the extent necessary for the delivery of the goods. In this case, prior coordination of the delivery date or delivery notification is not possible.

You may revoke your consent at any time with effect for the future by contacting either the controller named above or UPS directly.

8.3 Use of Payment Service Providers (Payment Services)

– Apple Pay

If you choose the payment method “Apple Pay” provided by Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, the payment will be processed via the “Apple Pay” function on your iOS, watchOS, or macOS device by charging a payment card stored in Apple Pay. Apple Pay uses security features built into your device’s hardware and software to protect your transactions. To authorize a payment, you must enter a code you previously set and verify using the Face ID or Touch ID function of your device.

For the purpose of payment processing, the information you provide during the order process, along with order details, is transmitted to Apple in encrypted form. Apple then re-encrypts this data with a developer-specific key before forwarding it to the payment service provider of the card stored in Apple Pay. This encryption ensures that only the website where the purchase was made can access the payment data. After the payment is completed, Apple sends your device account number and a transaction-specific dynamic security code to the originating website to confirm the payment.

If personal data is processed during these transmissions, it is done solely for the purpose of payment processing in accordance with Art. 6(1)(b) GDPR.

Apple stores anonymized transaction data, such as the approximate purchase amount, date and time, and whether the transaction was successful. This anonymization ensures that no personal reference can be made. Apple uses this data to improve Apple Pay and other Apple products and services.

If you use Apple Pay on your iPhone or Apple Watch to complete a purchase made via Safari on your Mac, the Mac and the authorization device communicate via an encrypted channel on Apple’s servers. Apple does not process or store this information in a format that can identify you. You can disable the use of Apple Pay on your Mac in your iPhone settings under “Wallet & Apple Pay” by turning off “Allow Payments on Mac.”

For more information on data protection with Apple Pay, visit:
https://support.apple.com/de-de/HT203027

– EPS Transfer

This website offers one or more online payment methods provided by:
PSA Payment Services Austria GmbH, Handelskai 92, Gate 2, 1200 Vienna, Austria

If you select a payment method from this provider that requires advance payment (e.g., credit card payment), the payment data you provide during the order process (including name, address, bank and card information, currency, and transaction number) as well as order details will be transmitted to the provider in accordance with Art. 6(1)(b) GDPR. This data is shared solely for the purpose of payment processing and only to the extent necessary.

– Google Pay

If you choose the payment method “Google Pay” provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), the payment will be processed via the Google Pay app on your Android device (version 4.4 “KitKat” or higher) with NFC functionality, by charging a payment card stored in Google Pay or a verified payment system (e.g., PayPal).

To authorize a payment over €25, you must first unlock your device using the verification method you have set up (e.g., facial recognition, password, fingerprint, or pattern).

For the purpose of payment processing, the information you provide during the order process, along with order details, is transmitted to Google. Google then forwards your stored payment information in the form of a one-time transaction number to the originating website to verify the payment. This transaction number contains no real payment data and is generated as a one-time-use numeric token. In all Google Pay transactions, Google acts solely as an intermediary. The transaction itself is carried out exclusively between the user and the originating website by charging the payment method stored in Google Pay.

If personal data is processed during these transmissions, it is done solely for the purpose of payment processing in accordance with Art. 6(1)(b) GDPR.

– Google Pay (continued)

Google reserves the right to collect, store, and evaluate certain transaction-specific information for each transaction made via Google Pay. This includes the date, time, and amount of the transaction, the merchant’s location and description, a description of the purchased goods or services provided by the merchant, any photos you attach to the transaction, the names and email addresses of the seller and buyer or sender and recipient, the payment method used, your description of the transaction’s purpose, and any offers associated with the transaction.

According to Google, this processing is carried out solely in accordance with Art. 6(1)(f) GDPR based on its legitimate interest in proper accounting, verification of transaction data, and optimization and maintenance of the Google Pay service.

Google also reserves the right to combine the processed transaction data with other information collected and stored through the use of other Google services.

You can find Google Pay’s terms of use here:
https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=googlepaytos&ldl=de

Further information on data protection with Google Pay is available at:
https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de

– Klarna

This website offers one or more online payment methods provided by:
Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden

If you select a Klarna payment method that requires advance payment (e.g., credit card), the payment data you provide during the order process (including name, address, bank and card information, currency, and transaction number) as well as order details will be transmitted to Klarna in accordance with Art. 6(1)(b) GDPR. This data is shared solely for the purpose of payment processing and only to the extent necessary.

If you select a Klarna payment method where Klarna provides advance payment (e.g., invoice, installment purchase, or direct debit), you will be asked during the order process to provide certain personal data (e.g., full name, address, date of birth, email address, phone number, and possibly alternative payment details).

To safeguard our legitimate interest in assessing our customers’ creditworthiness, we transmit this data to Klarna in accordance with Art. 6(1)(f) GDPR for the purpose of a credit check. Klarna uses the personal data you provide, along with other data (e.g., shopping cart contents, invoice amount, order history, payment experience), to determine whether the selected payment method can be granted with regard to payment and/or default risks.

As part of the application review, Klarna may also obtain identity and credit information from the following credit agencies, based on Art. 6(1)(f) GDPR:
https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies

The credit report may include probability values (so-called score values), which are calculated using scientifically recognized mathematical-statistical methods. Address data may be included in the calculation.

You may object to this processing of your data at any time by contacting us or Klarna. However, Klarna may still be entitled to process your personal data if this is necessary for contractual payment processing.

– PayPal

This website offers one or more online payment methods provided by:
PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg

If you select a PayPal payment method that requires advance payment, the payment data you provide during the order process (including name, address, bank and card information, currency, and transaction number) as well as order details will be transmitted to PayPal in accordance with Art. 6(1)(b) GDPR. This data is shared solely for the purpose of payment processing and only to the extent necessary.

If you select a PayPal payment method where we provide advance payment, you will be asked during the order process to provide certain personal data (e.g., full name, address, date of birth, email address, phone number, and possibly alternative payment details).

To safeguard our legitimate interest in assessing your creditworthiness, we transmit this data to PayPal in accordance with Art. 6(1)(f) GDPR for the purpose of a credit check. PayPal uses the personal data you provide, along with other data (e.g., shopping cart contents, invoice amount, order history, payment experience), to determine whether the selected payment method can be granted with regard to payment and/or default risks.

You may object to this processing of your data at any time by contacting us or PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for contractual payment processing.

– Shopify Payments

This website offers one or more online payment methods provided by:
Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland

If you select a payment method from this provider that requires advance payment (e.g., credit card), the payment data you provide during the order process (including name, address, bank and card information, currency, and transaction number) as well as order details will be transmitted to Shopify in accordance with Art. 6(1)(b) GDPR. This data is shared solely for the purpose of payment processing and only to the extent necessary.

8.4 Electronic Termination Option for Ongoing Consumer Contracts

Consumers who have entered into paid ongoing contractual relationships (e.g., subscription contracts) via this website have the option to terminate these contracts electronically in accordance with applicable notice periods.

Clicking the termination button leads to a confirmation page where the consumer can provide further details about the termination, clearly identify themselves, and submit the termination electronically.

The collection and transmission of personal data to us in this context is carried out in accordance with Art. 6(1)(b) GDPR and only to the extent necessary for the proper processing of the termination. Based on the same legal basis, the provided personal data is also used to confirm receipt of the termination notice and the termination date in text form via electronic means.

An additional legal basis for processing is Art. 6(1)(c) GDPR. We are legally required to provide an electronic termination option for consumer contracts involving ongoing payment obligations that are concluded via electronic commerce.

9) Web Analytics Services

Google Analytics 4

This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), which enables analysis of your use of our website.

By default, Google Analytics 4 sets cookies when you visit the website. These are small text files stored on your device that collect certain information. This includes your IP address, which is, however, truncated by Google before storage to prevent direct personal identification.

The information is transmitted to and processed on Google servers. This may also involve transfers to Google LLC servers in the United States.

Google uses the collected information on our behalf to evaluate your use of the website, compile reports on website activity, and provide other services related to website and internet usage. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. Data collected through Google Analytics 4 is stored for two months and then deleted.

All processing described above, especially the setting of cookies on your device, only takes place if you have given us your explicit consent in accordance with Art. 6(1)(a) GDPR. Without your consent, Google Analytics 4 will not be used during your visit. You can revoke your consent at any time with future effect by deactivating the service via the cookie consent tool provided on the website.

We have concluded a data processing agreement with Google to ensure the protection of our website visitors’ data and to prohibit unauthorized disclosure to third parties.

Further legal information on Google Analytics 4 can be found at:

https://business.safety.google/intl/en/privacy/
https://policies.google.com/privacy
https://policies.google.com/technologies/partner-sites

Demographic Features

Google Analytics 4 includes the “demographic features” function, which allows the creation of statistics about the age, gender, and interests of website visitors. This is based on the analysis of advertising and third-party information. It helps identify target audiences for marketing purposes. The collected data cannot be linked to any specific individual and is deleted after two months.

Google Signals

As an extension of Google Analytics 4, this website may use Google Signals to generate cross-device reports. If you have enabled personalized ads and linked your devices to your Google account, Google may—subject to your consent under Art. 6(1)(a) GDPR—analyze your usage behavior across devices and create database models, including cross-device conversions. We do not receive any personal data from Google, only aggregated statistics.

If you wish to disable cross-device analysis, you can deactivate “Personalized Ads” in your Google account settings:
https://support.google.com/ads/answer/2662922?hl=en

More information on Google Signals is available here:
https://support.google.com/analytics/answer/7532985?hl=en

UserIDs

As an additional feature of Google Analytics 4, this website may use the “UserIDs” function. If you have consented to the use of Google Analytics 4 under Art. 6(1)(a) GDPR, created an account on this website, and log in across multiple devices, your activities—including conversions—can be analyzed across devices.

Data Transfers to the USA

For data transfers to the USA, Google is certified under the EU-U.S. Data Privacy Framework, which ensures compliance with the European level of data protection based on an adequacy decision by the European Commission.

10) Retargeting / Remarketing and Conversion Tracking

10.1 Meta Pixel with Enhanced Data Matching

Within our online offering, we use the “Meta Pixel” service in enhanced data matching mode, provided by:
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Meta”).

When a user clicks on an ad we place on Facebook or Instagram, the URL of our linked page is extended by a parameter using Meta Pixel. This URL parameter is then stored in the user’s browser via a cookie set by our linked page. This cookie also captures specific customer data, such as the email address, which we collect on our website linked to the Facebook or Instagram ad during actions like purchases, account logins, or registrations (enhanced data matching). The cookie is then read and enables the transmission of this data, including specific customer data, to Meta.

We use Meta Pixel with enhanced data matching to make our ads on Facebook and/or Instagram more effective and to ensure they match users’ interests or specific characteristics (e.g., interest in certain topics or products based on visited websites), which we transmit to Meta (so-called “Custom Audiences”).

Additionally, we analyze the effectiveness of our ads by tracking whether users were redirected to our website after clicking on an ad (conversion). Compared to the standard version of Meta Pixel, the enhanced data matching feature helps us better measure the success of our advertising campaigns by capturing more attributed conversions.

All transmitted data is stored and processed by Meta, allowing it to be linked to the respective user profile. Meta may use this data for its own advertising purposes in accordance with its data usage policy:
https://www.facebook.com/about/privacy/

This data may also enable Meta and its partners to display ads on and outside of Facebook.

All processing described above, especially the setting of cookies for reading information on the user’s device, only takes place if you have given us your explicit consent in accordance with Art. 6(1)(a) GDPR. You can revoke your consent at any time with future effect by deactivating this service via the cookie consent tool provided on our website.

We have concluded a data processing agreement with Meta to ensure the protection of our website visitors’ data and to prohibit unauthorized disclosure to third parties.

The information generated by Meta is usually transmitted to and stored on a Meta server, which may also involve transfers to Meta Platforms Inc. servers in the USA.

For data transfers to the USA, Meta is certified under the EU-U.S. Data Privacy Framework, which ensures compliance with the European level of data protection based on an adequacy decision by the European Commission.

10.2 Google Ads Remarketing

This website uses retargeting technology from the following provider:
Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

For this purpose, Google sets a cookie in your browser that enables interest-based advertising using a pseudonymous cookie ID and based on the pages you have visited. Further data processing only occurs if you have consented to Google linking your web and app browsing history with your Google account and using information from your Google account to personalize ads you see online. If you are logged into Google while visiting our website and have given such consent, Google uses your data in combination with Google Analytics data to create and define audience lists for cross-device remarketing. Your personal data is temporarily linked with Google Analytics data by Google to form target groups.

In the context of using Google Ads Remarketing, personal data may also be transmitted to Google LLC servers in the USA.

All processing described above, especially the setting of cookies to read information on your device, only takes place if you have given us your explicit consent in accordance with Art. 6(1)(a) GDPR. Without this consent, retargeting technology will not be used during your visit.

You may revoke your consent at any time with future effect by deactivating this service via the cookie consent tool provided on the website.

For data transfers to the USA, Google is certified under the EU-U.S. Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.

Details on how Google processes data and handles information from websites can be found here:
https://policies.google.com/technologies/partner-sites

Further information on Google’s privacy policies is available at:
https://business.safety.google/intl/en/privacy/
https://www.google.com/policies/privacy/

10.3 Google Marketing Platform

This website uses the online marketing tool Google Marketing Platform (GMP) operated by
Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

GMP uses cookies to display ads that are relevant to users, improve campaign performance reports, or prevent users from seeing the same ads multiple times. Google uses a cookie ID to track which ads are displayed in which browser and can thus prevent them from being shown repeatedly. GMP can also use cookie IDs to track conversions related to ad requests—for example, when a user sees a GMP ad and later visits the advertiser’s website using the same browser and makes a purchase. According to Google, GMP cookies do not contain any personal information.

Due to the marketing tools used, your browser automatically establishes a direct connection to Google’s servers.

We have no control over the scope and further use of the data collected by Google through this tool and inform you based on our current knowledge: By integrating GMP, Google receives the information that you have accessed the relevant part of our website or clicked on one of our ads. If you are registered with a Google service, Google may associate the visit with your account. Even if you are not registered or logged in, it is possible that Google will obtain and store your IP address.

In the context of using GMP, personal data may also be transmitted to Google LLC servers in the USA.

All processing described above, especially the setting of cookies to read information on your device, only takes place if you have given us your explicit consent in accordance with Art. 6(1)(a) GDPR. You may revoke your consent at any time with future effect by deactivating this service via the cookie consent tool provided on the website.

Google is certified under the EU-U.S. Data Privacy Framework, ensuring compliance with the European data protection level based on an adequacy decision by the European Commission.

You can find GMP’s privacy policy here:
https://business.safety.google/intl/en/privacy/
https://www.google.com/policies/privacy/

11) Site Functionality

11.1 Facebook Plugins

Our website uses plugins from the social network operated by:
Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

These plugins enable direct interaction with content on the social network.

To enhance the protection of your data when visiting our website, the plugins are initially deactivated and integrated into the site using a so-called “2-click” or “Shariff” solution.

This integration ensures that no connection to the provider’s servers is established when you access a page on our website that contains such plugins.

Only when you activate the plugins and thereby give your consent to data transmission in accordance with Art. 6(1)(a) GDPR does your browser establish a direct connection to the provider’s servers. In this process, certain information about your device (including your IP address), your browser, and your browsing behavior may be transmitted to the provider and processed there, regardless of whether you are logged into an existing user profile.

If you are logged into a user profile on the provider’s social network, interactions performed via the plugins may also be published and displayed to your contacts.

You can revoke your consent at any time by deactivating the plugin again with another click. However, this revocation does not affect data already transmitted to the provider.

Data may also be transferred to: Meta Platforms Inc., USA

We have concluded a data processing agreement with the provider to ensure the protection of our website visitors’ data and to prohibit unauthorized disclosure to third parties.

For data transfers to the USA, the provider is certified under the EU-U.S. Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.

11.2 Instagram Plugins