FOR MEN
FOR WOMEN
FOR CHILDREN & BABIES
ACCESSORIES
DISCOVER DESIGNS

Privacy policy

General information

The following information is intended to give you an overview of how we process your personal data and of your data protection rights. It is generally possible to use our website without entering personal data. However, if you wish to make use of special services via our website or other options, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain your consent.

As the controller, we always try to ensure the most complete possible protection of the personal data processed via this website using the latest technical and organisational measures, just as we attach great importance to security and data protection friendliness in our other processing activities. Nevertheless, Internet-based data transmissions can generally have security gaps, so that absolute protection against unauthorised access by third parties cannot be guaranteed. For this reason, you are free to contact us by telephone or post, for example, and to transmit personal data to us in this way.

Responsible party and service provider

factonet e-commerce GmbH
Reuttier Street 40
89231 Neu-Ulm

E-Mail: [email protected]
Phone: +49 731 25084483

Questions about the data protection officer

If you have any questions about data processing or data protection at ShirtCity, you can contact our data protection officer at any time.

You can contact him by post at the above address (please note 'For the attention of the data protection officer' on the envelope) or by e-mail at [email protected]

Transmission of data to third parties

Your personal data will not be transmitted to third parties for purposes other than those listed below. We only share your personal data with third parties if:

  • You have given us your explicit consent in accordance with Art. 6(1)(a) GDPR.
  • The transmission is permissible under Art. 6(1)(f) GDPR to protect our legitimate interests and there is no reason to believe that you have a predominant legitimate interest in not having your data shared.
  • There is a legal obligation for the transmission in accordance with Art. 6(1)(c) GDPR.
  • It is legally permissible and necessary under Art. 6(1)(b) GDPR for the performance of contractual obligations with you.

As part of the processing operations described in this privacy statement, personal data may be transferred to the USA. The USA does not provide an adequate level of data protection (ECJ: Schrems II ruling). In particular, U.S. authorities may compel U.S. companies to disclose personal data without effective legal recourse for the affected individuals. Therefore, there is a fundamental possibility that your personal data could be processed by U.S. authorities. We have no influence over these processing activities. To protect your data, we have entered into processing agreements based on the European Commission’s Standard Contractual Clauses. If the Standard Contractual Clauses are not sufficient to ensure an adequate level of security, your consent under Art. 49(1)(a) GDPR may serve as the legal basis for transferring data to third countries. This does not apply to data transfers to third countries for which the European Commission has issued an adequacy decision under Art. 45 GDPR.

Technology

 SSL/TLS encryption

This site uses SSL or TLS encryption to ensure the security of data processing and to protect the transmission of confidential content, such as contact requests that you send to us as the operator. You can recognise an encrypted connection by the fact that the address line of the browser contains "https://" instead of "http://" and by the lock symbol in your browser line. We use this technology to protect your transmitted data.

Data collection when visiting the website

When using our website for informational purposes only, that is, if you do not register or otherwise provide information to us, we only collect data that your browser transmits to our server (so-called "server log files"). Each time you or an automated system accesses a page on our site, our website collects a series of general data and information. This general data and information is stored in the server log files.

The data collected may include:

  • Types and versions of the browsers used,
  • The operating system used by the accessing system,
  • The website from which an accessing system reaches our website (so-called referrer),
  • The subpages accessed on our website by an accessing system,
  • The date and time of access to the website,
  • An Internet Protocol (IP) address, and
  • The Internet Service Provider of the accessing system.

We do not draw any conclusions about your identity from this general data and information. Instead, this information is needed to:

  • Deliver the content of our website correctly,
  • Optimize the content of our website and the advertising for it,
  • Ensure the permanent functionality of our IT systems and the technology of our website, and
  • Provide law enforcement authorities with the necessary information in the event of a cyber attack.

Thus, the collected data and information are analyzed statistically and with the goal of improving data protection and data security in our company, ultimately ensuring an optimal level of protection for the personal data we process. The data from server log files are stored separately from any personal data provided by an individual.

The legal basis for data processing is Art. 6(1)(f) GDPR. Our legitimate interest follows from the purposes listed above for data collection.

Encrypted payment transactions

If, after concluding a paid contract, you are required to provide us with your payment information (e.g., bank account number when granting a direct debit authorization), this data is needed for processing payments. Payment transactions using common payment methods are carried out exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the change from "http://" to "https://" in the browser address bar and by the lock symbol in your browser’s address bar. We use this technology to protect your transmitted data.

AWS Cloudfront (Content Delivery Network)

Our website uses functions from Amazon CloudFront, a content delivery network (CDN) service designed for high performance, security, and developer convenience. The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg. This allows for dynamic delivery of web content via the specially developed and feature-rich global AWS network infrastructure. It helps to analyze traffic between users and our websites to detect and counteract attacks on our services.

We have entered into an agreement with Amazon CloudFront based on GDPR requirements and EU standard contractual clauses.

For more information about AWS CloudFront, visit: https://aws.amazon.com/de/cloudfront/?nc=sn&loc=0. Privacy notices: https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice__German_Translation1.pdf

We host our website with Amazon Web Services (AWS). The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg. When you visit our website, your personal data is processed on AWS servers. Personal data may also be transferred to AWS's parent company in the USA. Data transfer to the USA is based on EU standard contractual clauses. Details can be found at: https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/. The use of AWS is based on Art. 6(1)(f) GDPR. We have a legitimate interest in presenting our website as reliably as possible. We have signed a data processing agreement with AWS, which is a data protection contract ensuring that AWS processes personal data of our website visitors only according to our instructions and in compliance with GDPR. For more information about AWS privacy practices, visit: https://aws.amazon.com/de/privacy/?nc1=f_pr

Contents and contact options

Here we provide information for ShirtCity - i.e. all about the design and printing of shirts and other textiles as products of our company and inform about everything that has to do with selection, orders, designing your own T-shirt and qualities. Our website and other services also offer various options for designing and purchasing selected goods and for contacting us.

Contact via contact form

If you wish to contact us, you can use our contact form to do so. In particular, the data and information that you yourself enter in the form will be processed. These are visible in the contact form and are stored and used exclusively for the purpose of answering your enquiry or for contacting you and the associated technical administration. 

For reasons of data minimisation, only a valid e-mail address, your first name and surname and your request/message are required as mandatory fields (*) so that we can assign the request securely and limit misuse. You are welcome to provide a telephone number for queries, but this is not required.

The legal basis for processing the data is our legitimate interest in responding to your enquiry in accordance with Art. 6 para. 1 lit. f GDPR. If your contact is aimed at concluding or implementing a contract with us, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted after final processing of your enquiry. This is the case if it can be inferred from the circumstances that the matter in question has been conclusively clarified and the deletion does not conflict with any statutory retention obligations.

Contact by e-mail

If you contact us via an e-mail address provided by us, the personal data you provide will be processed exclusively for correspondence with you, for the purpose of processing your respective enquiry and for the possible initiation or execution of a contract with you in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR. The personal data collected will be automatically deleted after your enquiry has been dealt with; this is the case if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

Contact by phone

If you contact us by telephone, the personal data you provide will be used exclusively for correspondence with you, i.e. in particular for the purposes of processing your respective enquiry, support or similar. The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. f GDPR. If the contact is aimed at the conclusion of a contract, the additional legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR.

Cookies

General information about cookies

We use cookies on our website. These are data sets as information that your browser automatically creates and stores on your IT system or device (laptop, tablet, smartphone, etc.) when you visit our site.

The cookie stores information in a database that is specific to the device you are using. However, this does not mean that we gain direct knowledge of your identity.

The use of cookies is intended to make the use of our services more pleasant for you. For example, we use session cookies to recognize that you have already visited certain pages of our website. These cookies are automatically deleted after you leave our site.

In addition, we use temporary cookies to optimize user-friendliness, which are stored on your device for a specific period of time. When you visit our site again to use our services, it is automatically recognized that you have been with us before and which entries and settings you made, so you do not have to enter them again.

Furthermore, we use cookies to statistically analyze the use of our website and to evaluate our services for optimization purposes. These cookies allow us to automatically recognize that you have visited our site before during a subsequent visit. The cookies set in this way are automatically deleted after a defined period of time. The duration of cookie storage can be found in the settings of the consent tool used.

Legal basis for the use of cookies

The data processed by the cookies, which are required for the proper functioning of the website, are therefore necessary to safeguard our legitimate interests and those of third parties in accordance with Art. 6 para. 1 lit. f GDPR.

For all other cookies, you have given your consent to this via our opt-in cookie banner in accordance with Art. 6 para. 1 lit. a GDPR.

Notes on avoiding cookies in common browsers

You can delete cookies, allow only selected cookies or completely deactivate cookies at any time via the settings of the browser you are using. Further information can be found on the support pages of the respective providers:  

  • Chrome: https://support.google.com/chrome/answer/95647?tid=311178978.
  • Safari: https://support.apple.com/de-at/guide/safari/sfri11471/mac?tid=311178978.
  • Firefox: https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen?tid=311178978.
  • Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-l%C3%B6schen-63947406-40ac-c3b8-57b9-2a946a29ae09.

Consent with consent technologies from CookieYes

Our website uses consent technology to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document this in compliance with data protection regulations. The provider of this technology is: CookieYes Limited, 3 Warren Yard Warren Park, Wolverton Mill, Milton Keynes, MK12 5NW, United Kingdom. Email: [email protected].

When you enter our website, a connection is established to the ConsentManager servers in order to obtain your consent and other declarations regarding the use of cookies.The ConsentManager then stores a cookie in your browser in order to be able to assign the consents you have given or revoke them.The data collected in this way is stored until you ask us to delete it, delete the Consent Manager provider cookie yourself or the purpose for data storage no longer applies. Mandatory statutory retention obligations remain unaffected. 

This consent tool is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR. 

Contents of our website

Registration as a user

You have the option to register on our website by providing personal data. The specific personal data transmitted to us is determined by the input form used for registration. The personal data you provide is collected and stored solely for internal use by us and for our own purposes. We may transfer the data to one or more processors, such as a parcel delivery service, who will also use the personal data exclusively for internal purposes attributable to us. 

Registration on our website also results in the storage of the IP address assigned by your Internet Service Provider (ISP), along with the date and time of registration. The storage of this data is necessary to prevent misuse of our services and, if necessary, to assist in the investigation of criminal offenses. Thus, the storage of this data is required for our protection. Generally, this data is not shared with third parties, except where legally required or if it serves the purpose of criminal prosecution.

Your registration, with voluntary provision of personal data, also allows us to offer you content or services that can only be provided to registered users due to the nature of the service. Registered individuals have the option to amend or completely delete the personal data provided during registration from our database at any time.

We will provide you with information upon request about the personal data we have stored about you. Additionally, we will correct or delete personal data at your request, provided that there are no legal retention obligations to the contrary. A data protection officer named in this privacy statement and other employees are available to the affected person as contact points in this regard.

The processing of your data is carried out with the aim of providing a comfortable and easy use of our website. This constitutes a legitimate interest in accordance with Art. 6(1)(f) GDPR.

Data processing when opening a customer account and for contract processing

In accordance with Art. 6 para. 1 lit. b GDPR, personal data is collected and processed if you provide it to us for the fulfilment of a contract or when opening a customer account. (Customer account registration). All you need to provide is a valid e-mail address and a password. It is possible to delete your customer account at any time, for example by sending a message to the above address of the controller. We store and use the data provided by you for clear identification/assignment and for contract processing. Once the contract has been fully processed or your customer account has been deleted, your data will be blocked, taking into account retention periods under tax and commercial law, and deleted after these periods have expired, unless you have expressly consented to further use of your data or we have reserved the right to further use of your data as permitted by law, about which we will inform you accordingly below.

Data processing when using social logins via Facebook

Instead of logging in with an email and password or registering with us, you can also conveniently use your existing profile with the social network Facebook to authenticate/register/login.

To do this, you will find the corresponding icons of the providers on the login page—currently, this means the option to log in directly with your Facebook account. Before a connection to the providers is established, you must explicitly agree to the process and data transfer described below. By clicking on the respective icon, a new window will open where you need to log in with your social network credentials and confirm the action. You will be informed as follows: on Facebook: “If you proceed, Social Login Shirtcity will continuously have access to the information you share. Facebook records the time when Social Login Shirtcity accesses this information. More about this and the settings you can make.”

After a successful login, the social network will inform us which data (particularly name and email address) is transmitted to us for authentication during the registration or login process. If you have consented to this data transfer, the fields required for registration will be filled with the transmitted data. The information required for registration or login is your email address.

Only after your explicit consent to the use of the transmitted and required data will your data be stored by us and used for the purposes mentioned in this privacy statement. There is no linking of the account created with us to the chosen social network beyond the authentication process. If you do not want Facebook to directly associate the data collected through our website with your Facebook profile, you must log out of Facebook before visiting our website. You can also completely prevent the loading of Facebook plugins with browser add-ons, such as "Adblock Plus" (https://adblockplus.org/de/).

To carry out the authentication process for registration and login, your IP address will be transmitted to the social network providers. We have no influence over the purpose and extent of data collection and the further processing of the data by the social network providers (such as data transfer to the USA, merging with other profile data, etc.). For more information, please read the privacy notices of your provider/social media service.


The service providers for Social Login are currently:

- Meta Platforms Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland

Transfers to third countries are possible. Suitable safeguards have been established with so-called Standard Contractual Clauses according to Art. 46 GDPR. For third countries/companies with an adequacy decision, the adequacy decision also applies. More information is available here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu_de. Deletion is the responsibility of the primary service provider. Legal basis: Art. 6(1)(a) GDPR (consent).

Data processing for order processing

The personal data collected by us will be passed on to the transport company commissioned with the delivery as part of the contract processing, insofar as this is necessary for the delivery of the goods. We pass on your payment data to the commissioned credit institution within the scope of payment processing, insofar as this is necessary for payment processing. If payment service providers are used, we provide explicit information about this below. The legal basis for the transfer of data is Art. 6 para. 1 lit. b GDPR.

Conclusion of contracts in our online shop, dealers and dispatch of goods

We only transfer personal data to third parties if this is necessary in the context of contract processing, for example to the companies entrusted with the delivery of the goods or the credit institution commissioned with payment processing. Any further transmission of data will not take place or will only take place if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes. The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

Web analysis 

Facebook Pixel (Custom Audience)

This website uses the "Facebook pixel" of Meta Platforms, Inc, 1 Hacker Way, Menlo Park, CA 94025, USA ("Meta"). If explicit consent is given, this allows the behaviour of users to be tracked after they have seen or clicked on a Facebook ad. This process is used to evaluate the effectiveness of Facebook ads for statistical and market research purposes and can help to optimise future advertising measures.

The data collected is anonymous to us and therefore does not allow us to draw conclusions about the identity of users. However, the data is stored and processed by Meta so that a connection to the respective user profile is possible and Meta can use the data for its own advertising purposes in accordance with the Facebook Data Usage Policy (https://www.facebook.com/about/privacy/). This enables Meta and its partners to place adverts on and off Facebook. A cookie may also be stored on your computer for these purposes.

Legal basis: These processing operations are only carried out with your express consent in accordance with Art. 6 para. 1 lit. a GDPR.

Google Analytics Universal

On our websites, we use Google Analytics, a web analytics service provided by Google Ireland Limited (https://www.google.de/intl/de/about/), Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). In this context, pseudonymized usage profiles are created and cookies (see "Cookies" section) are used. The information generated by the cookie about your use of this website, such as:

  • Browser type/version,
  • Operating system used,
  • Referrer URL (the previously visited page),
  • Hostname of the accessing computer (IP address), and
  • Time of the server request,

is transmitted to a server of Google in the USA and stored there. The information is used to evaluate website usage, compile reports on website activities, and provide additional services related to website and internet usage for market research and the needs-based design of these websites. This information may also be shared with third parties if required by law or if third parties process these data on our behalf. In no case will your IP address be combined with other Google data. IP addresses are anonymized so that identification is not possible (IP masking).

You can prevent the installation of cookies by adjusting the settings in your browser software; however, we would like to point out that in this case, not all functions of this website may be fully utilized.

Legal basis: These processing activities are carried out exclusively with your explicit consent in accordance with Art. 6(1)(a) GDPR.

You can also prevent the collection of data generated by the cookie related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).

Privacy notices: https://support.google.com/analytics/answer/6004245?hl=de.

10.3 Google Analytics Remarketing

We have integrated Google Remarketing services on this website. The operator of the Google Remarketing services is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Remarketing is a feature of Google AdWords that allows a company to display ads to internet users who have previously visited the company's website. The integration of Google Remarketing enables a company to create user-specific ads and show interest-relevant advertisements to the internet user.

The purpose of Google Remarketing is to display interest-relevant advertising. Google Remarketing allows us to show ads via the Google advertising network or on other websites tailored to the individual needs and interests of internet users.

Google Remarketing sets a cookie on the affected person's IT system. By setting the cookie, Google is able to recognize the visitor to our website when they subsequently visit other websites that are also part of the Google advertising network. With each visit to a website where the Google Remarketing service is integrated, your browser automatically identifies itself to Google. As part of this technical process, Google becomes aware of personal data such as your IP address or browsing behavior, which Google uses, among other things, to display interest-relevant advertising.

The cookie stores personal information, such as the websites you have visited. Consequently, with each visit to our websites, personal data, including your IP address, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may disclose this personal data collected through the technical process to third parties.

These processing activities are carried out exclusively with your explicit consent in accordance with Art. 6(1)(a) GDPR.

Privacy policy: https://www.google.de/intl/de/policies/privacy/

Plugins and other services

Google Tag Manager

We use the Google Tag Manager service on this website. The operating company of Google Tag Manager is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is part of the Google group of companies headquartered at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

This tool allows "website tags" (i.e. keywords that are integrated into HTML elements) to be implemented and managed via an interface.By using Google Tag Manager, we can automatically track which button, link or personalised image you have actively clicked on and can then record which content on our website is of particular interest to you.

The tool also triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If you have opted out at domain or cookie level, this will remain in place for all tracking tags implemented with Google Tag Manager.

These processing operations are only carried out with your express consent in accordance with Art. 6 para. 1 lit. a GDPR.

Further information on Google Tag Manager and the privacy policy: https://www.google.com/intl/de/policies/privacy/.

Payment provider PayPal

We have integrated components from PayPal on this website. The European operating company of PayPal is PayPal (Europe) S.à r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg. PayPal is an online payment service provider. Payments are processed through so-called PayPal accounts, which represent virtual personal or business accounts. Additionally, PayPal allows for virtual payments via credit cards if a user does not have a PayPal account. A PayPal account is managed via an email address, so there is no traditional account number. PayPal enables online payments to third parties or the receipt of payments. PayPal also performs trustee functions and offers buyer protection services.

If you select "PayPal" as a payment option during the checkout process in our online shop, your data will be automatically transmitted to PayPal. By choosing this payment option, you consent to the transmission of the personal data required for payment processing.

The personal data transmitted to PayPal generally includes first and last names, address, email address, IP address, phone number, mobile phone number, or other data necessary for payment processing. Personal data related to the respective order is also necessary for the fulfillment of the purchase contract.

The purpose of data transmission is payment processing and fraud prevention. We will transmit personal data to PayPal particularly when there is a legitimate interest for the transmission. Personal data exchanged between PayPal and us may be transmitted by PayPal to credit agencies. This transmission aims at identity and credit checks.

PayPal may pass personal data to affiliated companies and service providers or subcontractors, insofar as this is necessary for fulfilling contractual obligations or if the data is to be processed on behalf of PayPal.

You have the option to withdraw your consent for the handling of personal data at any time with PayPal. Withdrawal does not affect personal data that must be processed, used, or transmitted for (contractual) payment processing.

The use of PayPal serves the purpose of proper and smooth payment processing. This represents a legitimate interest according to Art. 6(1)(f) GDPR. The transmission of your personal data occurs solely with your explicit consent in accordance with Art. 6(1)(a) GDPR.

Data transfer to the USA is based on the Standard Contractual Clauses of the EU Commission. Details can be found here: www.paypal.com/de. For more information, please refer to PayPal's privacy statement: www.paypal.com/de.

Payment provider Stripe

The provider for customers within the EU is Stripe Payments Europe, Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter referred to as "Stripe"). 

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: stripe.com/en and stripe.com/en/guides/ 

Details can be found in Stripe's privacy policy at the following link: stripe.com/en/privacy. 

Your rights as a data subject

Right to Confirmation - You have the right to request confirmation from us as to whether your personal data is being processed.

Right to Access (Art. 15 GDPR) - You have the right to receive, free of charge, information about the personal data stored about you and a copy of this data, as specified by the legal provisions.

Right to Rectification (Art. 16 GDPR) - You have the right to request the correction of inaccurate personal data concerning you. You also have the right to request the completion of incomplete personal data, considering the purposes of processing.

Right to Erasure (Art. 17 GDPR) - You have the right to request the immediate deletion of personal data concerning you, provided that one of the legally provided reasons applies and that processing or storage is not necessary.

Right to Restriction of Processing (Art. 18 GDPR) - You have the right to request the restriction of processing if one of the legal conditions is met.

Right to Data Portability (Art. 20 GDPR) - You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another controller without hindrance from us, the original data controller, if the processing is based on consent under Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR or a contract under Art. 6(1)(b) GDPR and the processing is carried out by automated means, unless processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

You also have the right, when exercising your right to data portability under Art. 20(1) GDPR, to request that the personal data be transmitted directly from one controller to another, where technically feasible and provided that this does not adversely affect the rights and freedoms of other persons.

Right to Object (Art. 21 GDPR) - You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you that is based on Art. 6(1)(e) (processing in the public interest) or (f) (processing based on a balancing of interests) GDPR. This also applies to profiling based on these provisions under Art. 4(4) GDPR. If you object, we will cease processing your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or if the processing is necessary for the establishment, exercise, or defense of legal claims.

In individual cases, we process personal data for direct marketing purposes. You can object at any time to the processing of personal data for such marketing purposes. This also applies to profiling related to such direct marketing. If you object to the processing of your data for direct marketing purposes, we will no longer process the personal data for those purposes.

Additionally, you have the right to object, on grounds relating to your particular situation, to the processing of personal data concerning you for scientific or historical research purposes or statistical purposes under Art. 89(1) GDPR, unless such processing is necessary for the performance of a task carried out in the public interest.

You are free to exercise your right to object in connection with the use of information society services, notwithstanding Directive 2002/58/EC, through automated procedures involving technical specifications.

Withdrawal of Consent - You have the right to withdraw consent to the processing of personal data at any time with effect for the future.

Complaint to a Supervisory Authority - You have the right to lodge a complaint with a supervisory authority responsible for data protection about our processing of personal data. Contact details for data protection officers and supervisory authorities in the federal states and for the non-public sector, as well as in other countries, can be found on the website of the Federal Commissioner for Data Protection and Freedom of Information (BfDI) under addresses and links.

Automated decision making; profiling

We do not use profiling within the meaning of Art. 22 GDPR when using our websites.

Data storage, deletion and blocking 

We process and store your personal data only for the period of time required to achieve the purpose of storage or if this is provided for by the legal regulations to which our company is subject.

If the storage purpose no longer applies or if a prescribed storage period expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.

Storage duration

The criterion for the duration of the storage of personal data is the respective statutory retention period. After this period has expired, the corresponding data is routinely deleted, provided that it is no longer required for contract fulfillment or contract initiation. These are in particular the statutory limitation periods, tax or commercial law retention periods.

Further data protection issues

If you have any further questions, comments or other requests regarding your personal data that are not answered here, please contact us at: [email protected]