Table of contents
• Data protection
• Automatic data storage
• Storage of personal data
• Rights according to the General Data Protection Regulation
• TLS encryption with https
We have written this data protection declaration (version 30.04.2021-111729276) in order to explain you, according to the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data we process, which personal data we will process in the future and which lawful choices you have as a visitor of this website.
Privacy statements usually sound very technical. However, this version should describe the most important things to you as simply and clearly as possible. As far as possible, technical terms are explained in a reader-friendly manner. We would also like to convey that we only collect and use information with this website if there is a corresponding legal basis. This is certainly not possible if you give the briefest possible technical explanations, as they are often standard on the Internet when it comes to data protection. We hope you find the following explanations interesting and informative and maybe there is one or the other piece of information that you were not familiar with.
If you still have questions, we would like to ask you to follow the existing links and see further information on third-party sites, or simply write us an email. You will find our contact information in the company information.
Automatic data storage
When you visit websites these days, certain information is automatically created and stored, including on this website. This collected data should be collected as sparingly as possible and only with justification. By website, we mean the entirety of all websites on our domain, i.e. everything from the start page (homepage) to the very last subpage (like this one here). By domain we mean example.de or musterbeispiel.com.
Even while you are currently visiting our website, our web server – this is the computer on which this website is stored – usually automatically saves data for reasons of operational security, to create access statistics, etc. such as
• the complete Internet address (URL) of the website called up (e.g. https://www.beispielwebsite.de/beispielunterseite.html/)
• Browser and browser version (e.g. Chrome 87)
• the operating system used (e.g. Windows 10)
• the address (URL) of the previously visited page (referrer URL) (e.g. https://www.beispielquellsite.de/vondabinichgekommen.html/)
• the host name and the IP address of the device from which access is made (e.g. COMPUTERNAME and 184.108.40.206)
• Date and Time
• in files, the so-called web server log files.
These files are usually stored for two weeks and automatically deleted afterwards. We do not pass on this data, but we cannot exclude that this data will be viewed by authorities in the event of illegal behavior.
In short: your visit will be logged by our provider (company that runs our website on special computers (servers)), but we will not pass on your data!
Our website uses HTTP cookies to save user-specific data.
In the following we explain what cookies are and why they are used so that you can better understand the following data protection declaration.
What exactly are cookies?
Whenever you surf on the Internet, you are using a browser. Well-known browsers are, for example, Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites save small text files in your browser. These files are called cookies.
Cookies save certain user data from you, such as language or personal page settings. When you call up our site again, your browser transmits the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you the settings you are used to. In some browsers, each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.
There are both first-party cookies and third-party cookies. First-party cookies are created directly from our side, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, trojans or other “bugs”. Cookies cannot access information on your PC either.
For example, cookie data can look like this:
Purpose of usage: distinction of website visitors
Expiry date: after 2 years
A browser should be able to support these minimum sizes:
• At least 4096 bytes per cookie
• At least 50 cookies per domain
• At least 3000 cookies in total
What types of cookies are there?
Which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies.
There are 4 types of cookies:
These cookies are necessary to ensure the basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues surfing on other pages and only goes to check out later. These cookies do not delete the shopping cart, even if the user closes his browser window.
These cookies collect information about user behavior. In addition, these cookies are used to measure the loading time and the behavior of the website in different browsers.
These cookies ensure better user-friendliness. For example, entered locations, font sizes or form data are saved.
These cookies are also called targeting cookies. They serve to deliver customized advertising to the user. That can be very practical, but also very annoying.
When you visit a website for the first time, you will usually be asked which of these types of cookies you would like to allow. And of course, this decision is also saved in a cookie.
How can I delete cookies?
If you want to find out which cookies have been stored in your browser or if you want to change or delete cookie settings, you can find this in your browser settings.
If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is being set. For each individual cookie, you can decide whether to allow the cookie. The procedure is different depending on the browser. The best thing to do is to search for the instructions in Google with the search term “delete cookies Chrome” or “deactivate cookies Chrome” in the case of a Chrome browser.
What about my data protection?
The so-called “cookie guidelines” have existed since 2009. It states that the storage of cookies requires your consent. Within the EU countries, however, there are still very different reactions to these guidelines. In Austria, however, this directive was implemented in Section 96 (3) of the Telecommunications Act (TKG). In Germany, the cookie guidelines have not been implemented as national law. Instead, this guideline was largely implemented in Section 15 (3) of the Telemedia Act (TMG).
If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.
Storage of personal data
Personal data that you transmit to us electronically on this website, such as name, e-mail address, address or other personal information in the context of submitting a form or comments in the blog, are stored by us together with the time and the IP address. Address is only used for the specified purpose, stored securely and not passed on to third parties.
We therefore only use your personal data for communication with those visitors who expressly request contact and for processing the services and products offered on this website. We do not pass on your personal data without your consent, but we cannot rule out that this data will be viewed in the event of illegal behavior.
If you send us personal data by email – outside of this website – we cannot guarantee secure transmission and protection of your data. We recommend that you never send confidential data unencrypted by email.
Rights according to the General Data Protection Regulation
According to the provisions of the GDPR, you have the following rights:
• Right to rectification (Article 16 GDPR)
• Right to deletion (“right to be forgotten”) (Article 17 GDPR)
• Right to restriction of processing (Article 18 GDPR)
• Right to notification – obligation to notify in connection with the correction or deletion of personal data or the restriction of processing (Article 19 GDPR)
• Right to data portability (Article 20 GDPR)
• Right of objection (Article 21 GDPR)
• Right not to be subject to a decision based solely on automated processing – including profiling (Article 22 GDPR)
If you believe that the processing of your data violates data protection law or that your data protection claims have been violated in any other way, you can complain to the supervisory authority. For Austria this is the data protection authority, whose website you can find at https://www.dsb.gv.at/ and for Germany you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
TLS encryption with https
TLS, encryption and https sound and are very technical. We use HTTPS (Hypertext Transfer Protocol Secure) to transfer data securely on the Internet.
This means that the complete transmission of all data from your browser to our web server is secured.
We have introduced an additional security layer and comply with data protection through technology design (Article 25 (1) GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data.
You can recognize the use of this protection of data transmission by the small lock symbol in the top left of the browser to the left of the Internet address (e.g. examplepage.de) and the use of the https scheme (instead of http) as part of our Internet address.
If you want to know more about encryption, we recommend doing a Google search for “Hypertext Transfer Protocol Secure wiki” for good links to further information.
We use the WP Statistics analysis plug-in on our website. This plugin was developed by VeronaLabs (5460 W Main St, Verona, NY 13478, United States), an American software company. With this plugin we receive simple statistics on how you as a user use our website. In this data protection declaration we go into more detail about the analysis tool and show you which data is stored where and for how long.
What are WP Statistics?
This plugin is an analysis software that was specially developed for websites that use the WordPress content management system. WordPress helps us to easily edit our website even without programming knowledge. WP Statistics can, for example, collect data on how long you stay on our website, which sub-pages you visit, how many visitors are on the website or from which website you came to us. No cookies are set by WP Statistics and you cannot be identified as a person by the data collected.
Why do we use WP Statistics?
With the help of WP Statistics, we receive simple statistics that help us to make our website even more interesting and better for you. Our website and the content, products and / or services offered on it should meet your requirements and wishes as well as possible. In order to achieve this goal, we also have to find out where we should make improvements and changes. The statistics obtained help us to get one step closer to this goal.
What data does WP Statistics store?
WP Statistics does not set any cookies and the data collected is only used to generate statistics on the use of our website in an anonymous form. WP Statistics also anonymizes your IP address. You cannot be identified as a person.
WP Statistics collects visitor data when your web browser connects to our web server. This data is stored in our database on our server. These include, for example:
• the address (URL) of the accessed website
• Browser and browser version
• the operating system used
• the address (URL) of the previously visited page (referrer URL)
• the host name and the IP address of the device from which access is made
• Date and Time
• Country / city information
• Number of visitors that come from a search engine
• Duration of the website stay
• Clicks on the website
The data will not be passed on and will not be sold.
How long and where will the data be stored?
All data is saved locally on our web server. The data is stored on our web server until it is no longer required for the purposes listed above.
How can I delete my data or prevent data storage?
You have the right to information, correction or deletion and restriction of the processing of your personal data at any time. You can also revoke your consent to the processing of data at any time.
Our primary goal is to secure and protect our website for you and for us in the best possible way. To ensure this, we use Google reCAPTCHA from Google Inc. For the European area, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. With reCAPTCHA we can determine whether you are really a human being and not a robot or other spam software. We understand spam as any unsolicited information that comes to us electronically. With the classic CAPTCHAS, you mostly had to solve text or picture puzzles to check. With reCAPTCHA from Google, we usually don’t have to bother you with such puzzles. In most cases, it is sufficient to simply tick the box and confirm that you are not a bot. With the new Invisible reCAPTCHA version you don’t even have to check the box anymore. How this works exactly, and, above all, which data is used for it, you will find out in the course of this data protection declaration.
What is reCAPTCHA?
Why do we use reCAPTCHA on our website?
We only want to welcome human beings on our website. Bots or spam software of all kinds can safely stay at home. That is why we do all we can to protect ourselves and offer you the best possible user-friendliness. For this reason, we use Google reCAPTCHA from Google so we can be pretty sure that we will remain a “bot-free” website. By using reCAPTCHA, data is transmitted to Google in order to determine whether you are a human. reCAPTCHA therefore serves the security of our website and consequently also your security. For example, without reCAPTCHA it could happen that a bot registers as many email addresses as possible in order to “spam” on forums or blogs with unwanted advertising content. With reCAPTCHA we can avoid such bot attacks.
Which data is saved by reCAPTCHA?
reCAPTCHA collects personal data from users in order to determine whether the actions on our website actually originate from people. The IP address and other data that Google needs for the reCAPTCHA service can therefore be sent to Google. IP addresses are almost always shortened beforehand within the member states of the EU or other signatory states to the Agreement on the European Economic Area before the data ends up on a server in the USA. The IP address will not be combined with other Google data unless you are logged into your Google account while using reCAPTCHA. First, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube, Gmail, etc.) have already been placed on your browser. ReCAPTCHA then sets an additional cookie in your browser and takes a snapshot of your browser window.
The following list of collected browser and user data does not claim to be complete. Rather, they are examples of data that, to our knowledge, are processed by Google.
• Referrer URL (the address of the page from which the visitor comes)
• IP address (e.g. 2220.127.116.11)
• Information about the operating system (the software that enables the operation of your computer. Known operating systems are Windows, Mac OS X or Linux)
• Cookies (small text files that save data in your browser)
• Mouse and keyboard behavior (every action you perform with the mouse or keyboard is saved)
• Date and language settings (which language or which date you have preset on your PC will be saved)
• Screen resolution (shows how many pixels the image consists of)
It is undisputed that Google uses and analyzes this data even before you click on the tick “I am not a robot”. With the Invisible reCAPTCHA version, there is even no ticking, and the entire recognition process runs in the background. How much and which data Google stores exactly cannot be found out from Google.
The following cookies are used by reCAPTCHA: Here we refer to the reCAPTCHA demo version from Google at https://www.google.com/recaptcha/api2/demo. All these cookies require a unique identifier for tracking purposes. Here is a list of cookies that Google reCAPTCHA has set on the demo version:
Purpose: This cookie is set by the DoubleClick company (also owned by Google) to register and report the actions of a user on the website when dealing with advertisements. In this way, the advertising can be measured effectively, and appropriate optimization measures can be taken. IDE is stored in browsers under the domain doubleclick.net.
Expiry date: after one year
Purpose: This cookie collects statistics on website usage and incorrect conversions. A conversion occurs, for example, when a user becomes a buyer. The cookie is also used to show relevant advertisements to users. The cookie can also be used to prevent a user from seeing the same ad more than once.
Expiry date: after one month
Expiry date: after 9 months
Value: YES + AT.de + 20150628-20-0
Purpose: The cookie stores the status of a user’s consent to the use of various Google services. CONSENT is also used for security to check users, prevent fraudulent login information and protect user data from unauthorized attacks.
Expiry date: after 19 years
Purpose: NID is used by Google to adapt advertisements to your Google search. With the help of the cookie, Google “remembers” your most frequently entered search queries or your previous interaction with advertisements so you always get customized advertisements. The cookie contains a unique ID in order to collect personal settings of the user for advertising purposes.
Expiry date: after 6 months
Purpose: As soon as you have ticked the “I am not a robot” tick, this cookie will be set. The cookie is used by Google Analytics for personalized advertising. DV collects information in an anonymous form and is also used to distinguish between users.
Expiry date: after 10 minutes
Note: This list cannot claim to be complete, as experience has shown that Google changes the choice of their cookies again and again.
How long and where will the data be stored?
By inserting reCAPTCHA, your data will be transferred to the Google server. Where exactly this data is stored, Google does not clearly state, even after repeated inquiries. Without having received a confirmation from Google, it can be assumed that data such as mouse interaction, time spent on the website or language settings on the European or American Google Servers. The IP address that your browser transmits to Google is generally not merged with other Google data from other Google services. However, if you are logged into your Google account while using the reCAPTCHA plug-in, the data will be merged. The different data protection regulations of Google apply for this.
How can I delete my data or prevent data storage?
If you do not want any data about you or your behavior to be transmitted to Google, you must completely log out of Google and delete all Google cookies before you visit our website or use the reCAPTCHA software. In principle, the data is automatically transmitted to Google as soon as you visit our website. To delete this data again, you must contact Google support at https://support.google.com/?hl=de&tid=111729276.
If you use our website, you agree that Google LLC and its representatives automatically collect, process and use data.
Please note that when you use this tool, your data can also be stored and processed outside of the EU. Most third countries (including the USA) are not considered secure under current European data protection law. Data to insecure third countries may not simply be transferred, stored and processed there unless there are suitable guarantees (such as EU standard contractual clauses) between us and the non-European service provider.
You can find out a more about reCAPTCHA on Google’s web developer page at https://developers.google.com/recaptcha/. Google goes into the technical development of the reCAPTCHA in more detail here, but you will look in vain for precise information about data storage and data protection issues. A good overview of the basic use of data by Google can be found in the in-house data protection declaration at https://www.google.com/intl/de/policies/privacy/.
All texts are copyrighted.
Source: Created with the data protection generator from AdSimple