Privacy Policy

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about how we handle your personal data when you use our website. Personal data means all data with which you can be personally identified.

1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is TecTake Ltd, Mappin House, 4 Winsley Street, London W1W 8HF, United Kingdom, Phone: +44 203 488 4565, E-Mail: mail@tectake.co.uk. The controller responsible for the processing of personal data is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

2.1 When you use our website purely for information purposes, i.e. if you do not register or otherwise transmit information to us, we only collect such data that your browser transmits to the server of the site (so-called “server log files”). When you access our website, we collect the following data, which are technically necessary for us to display the website to you:

• Our visited website
• Date and time at the moment of access
• Amount of data sent in bytes
• Source/reference from which you came to the page
• Browser used
• Operating system used
• IP address used (if applicable: in anonymised form)

Processing is carried out in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of unlawful use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or enquiries to the controller), this website uses SSL or TLS encryption. You can recognise an encrypted connection by the character string “https://” and the lock symbol in your browser bar.

To optimise our processes and improve your personalised visitor experience on our website, your personal data may be processed by technologies of artificial intelligence (AI). The AI is used in particular in order to:

• carry out data analyses,
• create forecasts,
• close security gaps,
• and make routine processes more efficient.

The AI used operates in accordance with the principles of the GDPR. Any decisions that have legal or similar effects on you are not made solely by the AI, but are supplemented by human intervention.

When you contact us by telephone, we may in individual cases ask you for permission to record the call. When recording customer calls, the following data are logged:

• The caller’s telephone number
• The caller’s voice and the content of the conversation during the call

The legal basis for the collection and processing of the data collected from you is the consent to the recording of the calls pursuant to Art. 6(1)(a) GDPR, which you can give via the keypad of your telephone following a corresponding recorded announcement referring to this data protection notice.

Withdrawal of consent You may withdraw your consent to the use of the data collected by recording the telephone call at any time with effect for the future. To do so, please contact our customer service at datenschutz@tectake.de. The withdrawal of your consent does not affect the lawfulness of processing carried out on the basis of the consent before its withdrawal. We use the personal data you provide for quality assurance and to improve our customer service.

Disclosure or other transmission of your personal data collected by the recording to third parties takes place exclusively to our technology partner Comdata Czech a.s., V Olšinách 2300/75, Prague 10, postal code 100 00, commissioned for the performance and recording of telephone customer calls. We have instructed and obligated Comdata as our processor, by way of a data processing agreement in accordance with Art. 28 GDPR, to comply with data protection requirements.

5.1 For the hosting of our website and the display of the page content, we use a provider who renders its services itself or through selected subcontractors exclusively on servers within the European Union. All data collected on our website are processed on these servers. We have concluded a data processing agreement with the provider which ensures the protection of the data of our site visitors and prohibits unauthorised disclosure to third parties.

5.2 Fastly
We use a content delivery network from the following provider: Fastly Inc., 475 Brannan St. #300, San Francisco, CA 94107, USA. This service enables us to deliver large media files such as graphics, page content or scripts more quickly via a network of regionally distributed servers. Processing is carried out for the purpose of safeguarding our legitimate interest in improving the stability and functionality of our website pursuant to Art. 6(1)(f) GDPR. We have concluded a data processing agreement with the provider which ensures the protection of the data of our site visitors and prohibits unauthorised disclosure to third parties. For data transfers to the USA, the provider is certified under the EU-US Data Privacy Framework, which, on the basis of an adequacy decision of the European Commission, ensures compliance with the European level of data protection.

5.3 Cloudflare
On our website we use a so-called content delivery network (“CDN”) as well as the web firewall for protection against DDoS attacks of the technology service provider Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA (“Cloudflare”). For this purpose, Cloudflare may process IP addresses, information regarding routing of data traffic as well as system configuration and other information on the traffic destined for or originating from websites. For the CDN, the information transfer between the browser and our server is technically routed via the Cloudflare network, so that we can optimise the loading speeds of our website. The web firewall is intended to prevent fraudulent transactions, unauthorised access to services and other illegal activities. Processing is carried out in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in secure and efficient provision as well as improvement of the stability and functionality of our website. We have concluded the standard contractual clauses (Data Processing Addendum) with Cloudflare. Further information can be found in Cloudflare’s privacy policy at: https://www.cloudflare.com/privacypolicy/

5.4 Amazon CloudFront
For the provision of our website we use the content delivery network Amazon CloudFront of the provider Amazon Web Services, Inc., P.O. Box 81226, Seattle, WA 98108-1226, USA. With the help of Amazon CloudFront, we can provide our visitors with our content with lower latency and high data transfer rates. For this purpose, data of our website are duplicated on various servers distributed around the world by Amazon and made available there. When you access our content, you are routed to the location with the lowest latency so that we can provide you with our content in the best possible way. Only if you visit the website from outside the EU will the website be provided by a nearby server outside the EU. By accessing an Amazon server, data about your use of our website (e.g. IP address, browser information, etc.) may be transmitted to Amazon. The use of the CDN is based on our legitimate interest pursuant to Art. 6(1)(f) GDPR, namely in the interest of higher availability of the website, increased protection against data loss and better loading speed of the website. We have concluded a data processing agreement and the standard contractual clauses (SCC) with Amazon Web Services. Further information on data protection when using Amazon CloudFront can be found at: https://docs.aws.amazon.com/de_de/AmazonCloudFront/latest/DeveloperGuide/data-protection-summary.html
You can view the privacy policy of Amazon Web Services here: https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice_German_2023.06.30.pdf

In order to make your visit to our website attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your end device. Some of these cookies are deleted automatically after you close your browser (so-called “session cookies”), while others remain on your end device for a longer period and enable the storage of page settings (so-called “persistent cookies”). You can find the storage duration in the overview of the cookie settings of your web browser. If personal data are also processed by individual cookies used by us, processing takes place either in accordance with Art. 6(1)(b) GDPR for the performance of a contract, in accordance with Art. 6(1)(a) GDPR in the case of consent given, or in accordance with Art. 6(1)(f) GDPR for the protection of our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the website visit. You can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude acceptance of cookies for specific cases or in general. Please note that if you do not accept cookies, the functionality of our website may be limited.

Cookie settings

7.1 Trustpilot
For review reminders we use the services of the following provider: Trustpilot A/S, Pilestræde 58, 1112 Copenhagen, Denmark. Exclusively on the basis of your express consent pursuant to Art. 6(1)(a) GDPR, we transmit your e-mail address and, if applicable, other customer data to the provider so that the provider can contact you by e-mail with a review reminder. You can withdraw your consent at any time with effect for the future vis-à-vis us or the provider. We have concluded a data processing agreement with the provider which ensures the protection of the data of our site visitors and prohibits unauthorised disclosure to third parties. For more information on data protection at Trustpilot, please visit: https://de.legal.trustpilot.com/for-reviewers/end-user-privacy-terms

7.2 Microsoft (e-mail ticketing system)
For handling customer enquiries, we use the e-mail ticketing system of the following provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. If you send contact enquiries via our website by e-mail, these are stored and organised in the ticket system in order to enable chronological processing and improve the service experience. You can view the current processing status of your request at any time via the individually assigned ticket number. For the organisation and processing of enquiries, personal data are collected to the extent you provide them, but in any case first name, last name and e-mail address, transmitted to the provider, stored there and read out. Further information on data protection in Microsoft Services can be found at: https://www.microsoft.com/de-de/privacy/privacystatement. The legal basis for the processing of these data is our legitimate interest in designing our customer service efficiently, in answering your request as quickly as possible and in optimising our service offering in accordance with Art. 6(1)(f) GDPR. We have concluded a data processing agreement with the provider which ensures the protection of the data of our site visitors and prohibits unauthorised disclosure to third parties. For the transfer of data to the USA, the provider relies on the standard contractual clauses of the European Commission, which are intended to ensure compliance with the European level of data protection.

7.3 General contact
When contacting us (e.g. via contact form or e-mail), personal data are processed – exclusively for the purpose of processing and answering your request and only to the extent necessary for this purpose. The legal basis for the processing of these data is our legitimate interest in answering your request pursuant to Art. 6(1)(f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6(1)(b) GDPR. Your data will be deleted if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

In accordance with Art. 6(1)(b) GDPR, personal data are further collected and processed to the extent necessary if you provide them to us when opening a customer account. You can see which data are required for opening an account from the input mask of the corresponding form on our website. You can delete your customer account at any time by sending a message to the above address of the controller. After deletion of your customer account, your data will be deleted, provided that all contracts concluded via it have been fully processed, no statutory retention periods conflict with this and we have no legitimate interest in further storage.

We provide a form on our website that you can use to apply to us. Your personal data from the application are processed in accordance with our data protection information for applicants. The use of this form is based on our legitimate interest in simple and secure transmission of your application documents, Art. 6(1)(f) GDPR. For this purpose, we use the service onlyfy one (by XING) of the provider New Work SE, Am Strandkai 1, 20457 Hamburg, Germany. We have concluded an agreement on joint controllership with this provider. You can view the data protection information on the processing of personal data by us in the course of the application process as well as by onlyfy one itself for providing the application tool at https://tectake.onlyfy.jobs/policy.

10.1 Subscription to our e-mail newsletter
If you subscribe to our e-mail newsletter, we will regularly send you information about our offers. The only mandatory information for sending the newsletter is your e-mail address. The provision of further data is voluntary and is used to address you personally. For sending the newsletter we use the so-called double opt-in procedure to ensure that you only receive newsletters once you have expressly confirmed your consent to receiving the newsletter by activating a verification link sent to the specified e-mail address. By activating the confirmation link, you give us your consent to use your personal data pursuant to Art. 6(1)(a) GDPR. In this context, we store the IP address entered by your internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data collected by us upon registration for the newsletter are used strictly for the intended purpose. You can unsubscribe from the newsletter at any time using the link provided for this purpose in the newsletter or by sending a corresponding message to the controller named at the beginning. After successful unsubscription, your e-mail address will be deleted from our newsletter distribution list immediately, unless you have expressly consented to further use of your data or we reserve the right to any data use beyond this that is permitted by law and about which we inform you in this statement.

10.2 Campaign.Plus
Our e-mail newsletters are sent via the following provider: Campaign.Plus GmbH, Schulgasse 5, 84359 Simbach am Inn, Germany. On the basis of our legitimate interest in effective and user-friendly newsletter marketing, we pass on the data you provide when registering for the newsletter to this provider in accordance with Art. 6(1)(f) GDPR so that the provider can manage the newsletter dispatch on our behalf. Subject to your express consent pursuant to Art. 6(1)(a) GDPR, the provider also carries out statistical success analyses of newsletter campaigns via web beacons or tracking pixels in the e-mails sent, which can measure opening rates and specific interactions with the content of the newsletter. In doing so, device information (e.g. time of retrieval, IP address, browser type and operating system) is also collected and evaluated, but not merged with other data sets. You can withdraw your consent to newsletter tracking at any time with effect for the future. We have concluded a data processing agreement with the provider which protects the data of our site visitors and prohibits disclosure to third parties.

10.3 Product availability notification by e-mail
For temporarily unavailable items, you can register to receive e-mail product availability notifications. In this case, we will send you a one-time e-mail notification regarding the availability of the respective item you have selected. The only mandatory information for sending this notification is your e-mail address. The provision of further data is voluntary and may be used to address you personally. For sending the e-mail we use the so-called double opt-in procedure to ensure that you only receive a notification once you have expressly confirmed your corresponding consent by activating a verification link sent to the specified e-mail address. By activating the confirmation link, you give us your consent to use your personal data pursuant to Art. 6(1)(a) GDPR. In this context, we store the IP address entered by your internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data collected by us when registering for our e-mail notification service on product availability are used strictly for the intended purpose. You can unsubscribe from the availability notifications at any time by sending a corresponding message to the controller named at the beginning. After successful unsubscription, your e-mail address will be deleted from the distribution list set up for this purpose immediately, unless you have expressly consented to further use of your data or we reserve the right to any data use beyond this that is permitted by law and about which we inform you in this statement.

10.4 Shopping cart reminders by e-mail
If you abandon your purchase with us before completing the order, you have the option of receiving a one-time reminder of the content of your virtual shopping cart by e-mail. The only mandatory information for sending this reminder is your e-mail address. The provision of further data is voluntary and may be used to address you personally. For sending the e-mail we use the so-called double opt-in procedure to ensure that you only receive a notification once you have expressly confirmed your corresponding consent by activating a verification link sent to the specified e-mail address. By activating the confirmation link, you give us your consent to use your personal data pursuant to Art. 6(1)(a) GDPR for sending a shopping cart reminder. In this context, we store the IP address entered by your internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data collected by us when registering for our e-mail notification service are used strictly for the intended purpose. You can unsubscribe from the shopping cart reminders at any time by sending a corresponding message to the controller named at the beginning. After successful unsubscription, your e-mail address will be deleted from the distribution list set up for this purpose immediately, unless you have expressly consented to further use of your data or we reserve the right to any data use beyond this that is permitted by law and about which we inform you in this statement.

11.1 Insofar as this is necessary for contract processing for delivery and payment purposes, the personal data collected by us will be passed on to the commissioned transport company and the commissioned credit institution in accordance with Art. 6(1)(b) GDPR. If, on the basis of a corresponding contract, we owe you updates for goods with digital elements or for digital products, we process the contact data you provided when placing the order in order to inform you personally within the scope of our statutory information obligations pursuant to Art. 6(1)(c) GDPR. Your contact data will be used strictly for communications about updates we owe and will be processed by us for this purpose only to the extent necessary for the respective information. For the processing of your order, we also cooperate with the following service provider(s) who support us in whole or in part in the execution of concluded contracts. Certain personal data are transmitted to these service providers in accordance with the following information.

11.2 Disclosure of personal data to shipping service providers

• GLS UK: GLS, Unit 1, Catalina Approach, Omega South, Warrington WA5 3UY, United Kingdom
• Royal Mail: Royal Mail Group Ltd, 185 Farringdon Road, London EC1A 1AA, United Kingdom
• Parcelforce Worldwide (HQ): Parcelforce Worldwide, Lytham House, Caldecotte Lake Drive, Milton Keynes MK7 8LE, United Kingdom
• UPS UK: UPS Ltd, 2 Lotus Park, The Causeway, Staines-upon-Thames TW18 3AG, United Kingdom

We pass your e-mail address and/or telephone number to the provider in accordance with Art. 6(1)(a) GDPR before delivery of the goods for the purpose of coordinating a delivery date or announcing delivery, provided that you have given your express consent to this in the ordering process. Otherwise, we only pass on the name of the recipient and the delivery address to the provider for the purpose of delivery in accordance with Art. 6(1)(b) GDPR. The data will only be passed on to the extent that this is necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the provider or delivery notification is not possible. Consent can be withdrawn at any time with effect for the future vis-à-vis the controller named above or vis-à-vis the provider.

11.3 Use of payment service providers (payment services)

Adyen
One or more online payment methods from the following provider are available on this website: Adyen, Simon Carmiggeltstraat 6–50, 1011 DJ Amsterdam, Netherlands. If you select a payment method from the provider where you pay in advance (e.g. credit card payment), the payment data you provide during the order process (including name, address, bank and card details, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6(1)(b) GDPR. Your data will be passed on in this case exclusively for the purpose of payment processing with the provider and only to the extent that it is necessary for this purpose.

Apple Pay
If you choose the “Apple Pay” payment method of Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, payment is processed via the “Apple Pay” function of your device running iOS, watchOS or macOS by debiting a payment card stored in “Apple Pay”. Apple Pay uses security functions integrated into the hardware and software of your device to protect your transactions. To authorise a payment, it is therefore necessary to enter a code defined by you beforehand as well as verification using the “Face ID” or “Touch ID” function of your device. For the purpose of payment processing, the information you provide during the order process, together with information about your order, will be transmitted in encrypted form to Apple. Apple then re-encrypts these data with a developer-specific key before transmitting the data for the execution of the payment to the payment service provider of the payment card stored in Apple Pay. Encryption ensures that only the website via which the purchase was made can access the payment data. After the payment has been made, Apple sends your device account number together with a transaction-specific, dynamic security code to the originating website as confirmation of successful payment. If personal data are processed during the described transmissions, processing takes place exclusively for the purpose of payment processing pursuant to Art. 6(1)(b) GDPR. Apple stores anonymised transaction data, including the approximate purchase amount, approximate date and time and an indication of whether the transaction was completed successfully. Due to anonymisation, a personal reference is completely excluded. Apple uses the anonymised data to improve “Apple Pay” and other Apple products and services. If you use Apple Pay on the iPhone or Apple Watch to complete a purchase that you have made via Safari on the Mac, the Mac and the authorisation device communicate via an encrypted channel on the Apple servers. Apple does not process or store any of this information in a format that can be used to identify you personally. You can deactivate the possibility of using Apple Pay on your Mac in the settings of your iPhone. Go to “Wallet & Apple Pay” and deactivate “Allow payments on Mac”. Further information on data protection with Apple Pay can be found at the following internet address: https://support.apple.com/de-de/HT203027

Google Pay
If you choose the “Google Pay” payment method of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), payment is processed via the “Google Pay” application on your mobile device running at least Android 4.4 (“KitKat”) and equipped with an NFC function by debiting a payment card stored in Google Pay or a payment system verified there (e.g. PayPal). For authorising a payment via Google Pay exceeding EUR 25, your mobile device must be unlocked beforehand using the verification measure set up in each case (e.g. facial recognition, password, fingerprint or pattern). For the purpose of payment processing, the information you provide during the order process, together with information about your order, is transmitted to Google. Google then transmits your payment information stored in Google Pay in the form of a unique transaction number to the originating website, which verifies a successful payment. This transaction number does not contain any information about the real payment data of your payment methods stored in Google Pay and is created and transmitted as a unique numeric token. In all transactions via Google Pay, Google acts merely as an intermediary for the processing of the payment process. The transaction is carried out exclusively between the user and the originating website by debiting the payment method stored in Google Pay. If personal data are processed during the described transmissions, processing takes place exclusively for the purpose of payment processing pursuant to Art. 6(1)(b) GDPR.

Google reserves the right to collect, store and evaluate certain transaction-specific information for each transaction made via Google Pay. This includes the date, time and amount of the transaction, merchant location and description, a description of the goods or services purchased provided by the merchant, photos you attach to a transaction, the name and e-mail address of the seller and buyer or sender and recipient, the payment method used, your description of the reason for the transaction and, where applicable, the offer associated with the transaction. According to Google, this processing takes place exclusively in accordance with Art. 6(1)(f) GDPR on the basis of Google’s legitimate interest in proper accounting, verifying transaction data and optimising and maintaining the functionality of the Google Pay service. Google also reserves the right to combine the processed transaction data with other information collected and stored by Google when using other Google services. The Google Pay terms of use can be found here: https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=googlepaytos&ldl=de
Further information on data protection with Google Pay can be found at the following internet address: https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de

Klarna
One or more online payment methods from the following provider are available on this website: Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden. If you select a payment method from the provider where you pay in advance (e.g. credit card payment), the payment data you provide during the order process (including name, address, bank and card details, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6(1)(b) GDPR. Your data will be passed on in this case exclusively for the purpose of payment processing with the provider and only to the extent that it is necessary for this purpose.

If you select a payment method for which the provider pays in advance (e.g. invoice or instalment purchase or direct debit), you will also be asked during the order process to provide certain personal data (first and last name, street, house number, postcode, town/city, date of birth, e-mail address, telephone number, if applicable data of an alternative means of payment). In order to safeguard our legitimate interest in determining the solvency of our customers, these data will be forwarded by us to the provider for the purpose of a credit check in accordance with Art. 6(1)(f) GDPR. On the basis of the personal data you provide as well as other data (such as shopping cart, invoice amount, order history, payment experience), the provider checks whether the payment option you have selected can be granted with regard to payment and/or default risks. For the decision within the framework of the application review, identity and credit information from the following credit agencies may also be included in accordance with Art. 6(1)(f) GDPR: https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de

The credit report may contain probability values (so-called score values). To the extent that score values are included in the result of the credit report, they are based on a scientifically recognised mathematical-statistical procedure. Among other things, but not exclusively, address data are included in the calculation of the score values. You can object to this processing of your data at any time by sending a message to us or the provider. However, the provider may still be entitled to process your personal data if this is necessary for contractual payment processing.

PayPal
One or more online payment methods from the following provider are available on this website: PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22–24 Boulevard Royal, L-2449 Luxembourg

If you select a payment method from the provider where you pay in advance, the payment data you provide during the order process (including name, address, bank and card details, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6(1)(b) GDPR. Your data will be passed on in this case exclusively for the purpose of payment processing with the provider and only to the extent that it is necessary for this purpose. If you select a payment method for which we pay in advance, you will also be asked during the order process to provide certain personal data (first and last name, street, house number, postcode, town/city, date of birth, e-mail address, telephone number, if applicable data of an alternative means of payment). In such cases, in order to safeguard our legitimate interest in determining your solvency, these data will be forwarded by us to the provider for the purpose of a credit check in accordance with Art. 6(1)(f) GDPR. On the basis of the personal data you provide as well as other data (such as shopping cart, invoice amount, order history, payment experience), the provider checks whether the payment option you have selected can be granted with regard to payment and/or default risks.

The credit report may contain probability values (so-called score values). To the extent that score values are included in the result of the credit report, they are based on a scientifically recognised mathematical-statistical procedure. Among other things, but not exclusively, address data are included in the calculation of the score values. You can object to this processing of your data at any time by sending a message to us or the provider. However, the provider may still be entitled to process your personal data if this is necessary for contractual payment processing.

PayPal Checkout
This website uses PayPal Checkout, an online payment system from PayPal that consists of PayPal’s own payment methods and local payment methods from third-party providers. In the case of payment via PayPal, credit card via PayPal, direct debit via PayPal or – if offered – “Pay later” via PayPal, we pass your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22–24 Boulevard Royal, L-2449 Luxembourg (“PayPal”) as part of the payment processing. The transfer takes place in accordance with Art. 6(1)(b) GDPR and only insofar as this is necessary for payment processing.

For the payment methods credit card via PayPal, direct debit via PayPal or – if offered – “Pay later” via PayPal, PayPal reserves the right to carry out a credit check. For this purpose, your payment data may be passed on to credit agencies by PayPal in accordance with Art. 6(1)(f) GDPR on the basis of PayPal’s legitimate interest in determining your solvency. PayPal uses the result of the credit check in relation to the statistical probability of default for the purpose of deciding on the provision of the respective payment method. The credit report may contain probability values (so-called score values). To the extent that score values are included in the result of the credit report, they are based on a scientifically recognised mathematical-statistical procedure. Among other things, but not exclusively, address data are included in the calculation of the score values. You can object to this processing of your data by PayPal at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for contractual payment processing.

If the PayPal payment method “purchase on account” is available and selected, your payment data will first be transmitted to PayPal for the purpose of preparing the payment in accordance with Art. 6(1)(b) GDPR, after which PayPal will transmit the data to Ratepay GmbH, Franklinstraße 28–29, 10587 Berlin (“Ratepay”) for the purpose of carrying out the payment. The legal basis is Art. 6(1)(b) GDPR in each case. In this case, Ratepay carries out an identity and credit check in its own name to determine solvency in accordance with the principle already mentioned above and passes on your payment data to credit agencies on the basis of the legitimate interest in determining solvency in accordance with Art. 6(1)(f) GDPR. A list of credit agencies that Ratepay may use can be found here: https://www.ratepay.com/legal-payment-creditagencies/

When using the payment method of a local third-party provider, your payment data will first be transmitted to PayPal in accordance with Art. 6(1)(b) GDPR for the purpose of preparing the payment. Depending on your selection of an available local payment method, PayPal will then transmit your payment data to the respective provider in accordance with Art. 6(1)(b) GDPR for the purpose of carrying out the payment:

• Apple Pay (Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland)
• Google Pay (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland)
• iDeal (Currence Holding BV, Beethovenstraat 300, Amsterdam, Netherlands)
• bancontact (Bancontact Payconiq Company, Rue d’Arlon 82, 1040 Brussels, Belgium)
• blik (Polski Standard Płatności sp. z o.o., ul. Czerniakowska 87A, 00-718 Warsaw, Poland)
• eps (PSA Payment Services Austria GmbH, Handelskai 92, Gate 2, 1200 Vienna, Austria)
• MyBank (PRETA S.A.S, 40 Rue de Courcelles, F-75008 Paris, France)
• Przelewy24 (PayPro SA, Kanclerska 15A, 60-326 Poznań, Poland)

Further information on data protection can be found in PayPal’s privacy policy: https://www.paypal.com/de/legalhub/paypal/privacy-full

Sofortüberweisung (Sofort bank transfer)
One or more online payment methods from the following provider are available on this website: Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden. If you select a payment method from the provider where you pay in advance (e.g. credit card payment), the payment data you provide during the order process (including name, address, bank and card details, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6(1)(b) GDPR. Your data will be passed on in this case exclusively for the purpose of payment processing with the provider and only to the extent that it is necessary for this purpose.

12.1 retailAds
For affiliate marketing purposes, we participate in the affiliate network retailAds, a service of retailAds GmbH & Co. KG, Kaiserstraße 23, 90403 Nuremberg (“retailAds”). If you access our websites via a retailAds partner website, cookies are set. These cookies contain a pseudonymised ID providing information about the partner website, advertising medium, time of contact as well as any previous contact points; this serves solely for the purpose of billing advertising success to the operator of the partner website. Should a corresponding advertising success (“transaction”) occur, we as website operator transmit a pseudonymised billing ID as well as, if applicable, other billing-relevant data without personal reference to retailAds. No further collection of personal data by retailAds takes place. The storage of cookies by retailAds is based on Art. 6(1)(b) and Art. 6(1)(f) GDPR. retailAds has a legitimate interest, as billing of advertising success is only possible by means of cookies as described. Further information about data processing by retailAds and the possibility to object to such processing can be found in the retailAds privacy policy at https://www.retailads.net/de-de/ueberuns/datenschutz/

12.2 Sovendus Sales
For our voucher offers we use the services of the following provider: Sovendus GmbH, Hermann-Veit-Str. 6, 76135 Karlsruhe, Germany. The provider operates a voucher network via which participating partner shops can place vouchers and distribute them to their customers. To this end, we transmit your data required for issuing your voucher in encrypted form to the provider. The data are only transmitted to the provider if you have completed your purchase and clicked on the voucher banner. The transfer of these data serves exclusively to pre-fill the fields for voucher issuance. The described data processing is carried out in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in addressing you with advertising from third parties, from which you can benefit by redeeming the vouchers.

12.3 Pop-up Maker
For the design and display of popups on our websites we use the tool “Popup Maker” from the provider Sygnoos, LLC d/b/a, 46 Garegin, Nzhdeh Yerevan 0026, Armenia (“Sygnoos”). Popup Maker records user data to prevent popups from being displayed again repeatedly on our websites. Via an internally used dashboard, evaluations on the usage level of popups displayed on our websites by visitors to our websites (clickthrough rates) are also available.

13.1 Google Analytics 4
This website uses Google Analytics 4, a web analysis service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), which enables analysis of your use of our website. By default, Google Analytics 4 sets cookies when you visit the website, which are stored as small text components on your end device and collect certain information. This information also includes your IP address, which is, however, shortened by Google by the last digits in order to exclude direct personal identification. The information is transmitted to Google servers and further processed there. Transfers to Google LLC servers in the USA are also possible. Google uses the information collected on our behalf to evaluate your use of the website, to compile reports on website activities for us and to provide further services related to website and internet use. The IP address transmitted by your browser as part of Google Analytics 4 and shortened will not be merged with other Google data. The data collected via Google Analytics 4 during your use of the website are stored for a period of two months and then deleted.

All processing operations described above, in particular the setting of cookies on the end device used, will only be carried out if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. Without your consent, Google Analytics 4 will not be used during your visit to the website. You can withdraw your consent at any time with effect for the future. To exercise your right of withdrawal, please deactivate this service via the “cookie consent tool” provided on the website. We have concluded a data processing agreement with Google which ensures the protection of the data of our site visitors and prohibits unauthorised disclosure to third parties.

Further legal information on Google Analytics 4 can be found at https://business.safety.google/intl/de/privacy/ , https://policies.google.com/privacy?hl=de&gl=de and https://policies.google.com/technologies/partner-sites

Demographic characteristics
Google Analytics 4 uses the special “demographic characteristics” function and can thereby create statistics that provide statements about the age, gender and interests of site visitors. This is done by analysing advertising and third-party information. This allows target groups for marketing activities to be identified. However, the collected data cannot be assigned to any specific person and are deleted after being stored for a period of two months.

Google Signals
As an extension to Google Analytics 4, Google Signals can be used on this website in order to create cross-device reports. If you have activated personalised ads and your devices are linked to your Google account, Google may analyse your usage behaviour across devices and create database models, including cross-device conversions, subject to your consent to the use of Google Analytics pursuant to Art. 6(1)(a) GDPR. We do not receive any personal data from Google, only statistics. If you wish to stop the cross-device analysis, you can deactivate the “personalised advertising” function in the settings of your Google account. To do so, follow the instructions on this page: https://support.google.com/My-Ad-Center-Help/answer/12155764?hl=de
Further information on Google Signals can be found under the following link: https://support.google.com/analytics/answer/7532985?hl=de

User IDs
As an extension to Google Analytics 4, the “User IDs” function can be used on this website. If you have consented to the use of Google Analytics 4 pursuant to Art. 6(1)(a) GDPR, created an account on this website and logged in using this account on different devices, your activities, including conversions, can be analysed across devices. For data transfers to the USA, the provider is certified under the EU-US Data Privacy Framework, which, on the basis of an adequacy decision of the European Commission, ensures compliance with the European level of data protection.

13.2 Google Tag Manager
This website uses “Google Tag Manager”, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Tag Manager provides a technical framework for bundling various web applications, including tracking and analysis services, and calibrating, controlling and linking them to conditions via a uniform user interface. Google Tag Manager itself does not store or read out any information on user end devices. The service also does not perform any independent data analyses. However, the Google Tag Manager transmits your IP address to Google when a page is called up and it may be stored there. Data transfers to Google LLC’s servers in the USA are also possible.

This processing will only be carried out if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. Without giving such consent, Google Tag Manager will not be used during your visit to the website. You can withdraw your consent at any time with effect for the future. To exercise your right of withdrawal, please deactivate this service in the “cookie consent tool” provided on the website. We have concluded a data processing agreement with the provider which ensures the protection of the data of our site visitors and prohibits unauthorised disclosure to third parties. For data transfers to the USA, the provider is certified under the EU-US Data Privacy Framework, which, on the basis of an adequacy decision of the European Commission, ensures compliance with the European level of data protection. Further legal information on Google Tag Manager can be found at https://business.safety.google/intl/de/privacy/ and https://policies.google.com/privacy?hl=de&gl=de

13.3 Microsoft Clarity
This website uses the web analysis service of the following provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. By means of cookies and/or comparable technologies (tracking pixels, web beacons, algorithms for reading out end device and browser information), the service collects and stores pseudonymised visitor data including information on the end device used, such as the IP address and browser information, in order to evaluate them for statistical analyses of usage behaviour on our website and to create pseudonymised usage profiles. This makes it possible, among other things, to evaluate movement patterns (so-called heatmaps) which show the duration of page visits and interactions with page content (e.g. text entries, scrolling, clicks and mouse-overs). Pseudonymisation excludes direct personal identification as a rule. There is no merging with other personal data collected in any other way.

All processing operations described above, in particular the reading out or storage of information on the end device used, will only be carried out if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future by deactivating this service in the “cookie consent tool” provided on the website. We have concluded a data processing agreement with the provider which ensures the protection of the data of our site visitors and prohibits unauthorised disclosure to third parties. For data transfers to the USA, the provider is certified under the EU-US Data Privacy Framework, which, on the basis of an adequacy decision of the European Commission, ensures compliance with the European level of data protection.

13.4 Varify Software GmbH
This website uses the web analysis service of the following provider: Varify Software GmbH, Südliche Münchner Straße 55, 82031 Grünwald, Germany. The service enables statistical evaluation of the use of new functions and content of the website by displaying test variants to certain user groups. This makes it possible to see which variants are preferred by users, in the interest of improving the attractiveness of our presence. For this purpose, the service uses cookies, i.e. small text files that are stored on your end device and allow you to analyse your use of a website. The information about your use of the website collected by the cookies is generally transferred to a server of the provider, stored there and processed further.

All processing operations described above, in particular the setting of cookies for storing and reading out information on the end device you use for the website, will only be carried out if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. Without your consent, this service will not be used during your use of the website. You can withdraw your consent at any time with effect for the future. To exercise your right of withdrawal, please deactivate this service via the “cookie consent tool” provided on the website. We have concluded a data processing agreement with the provider which ensures the protection of the data of our site visitors and prohibits unauthorised disclosure to third parties.

In order to ensure that our website is constantly further developed and adapted to your interests as required, we carry out so-called “A/B tests”. For this purpose, we store cookies in your browser in order to be able to evaluate and analyse these A/B tests. We have ensured that the cookies stored in your browser do not process any personal data concerning you and that no conclusions about you are possible. The cookies only record your interaction with the website by assigning you to a user group. The analysis and evaluation of the user group is carried out anonymously. For the placement of the cookie, your IP address is processed for a short period of time, but not stored.

Purpose of data processing and legal basis as well as any legitimate interests, storage period
Designation of the cookie: varify-experiment
Data category: IP address, browser-specific data for establishing the connection.
Purpose: Further development and needs-based optimisation of the website
Legal basis: Art. 6(1)(f) GDPR, Sec. 25(2) sentence 2 TDDDG
Legitimate interest: Our legitimate interest is in particular based on our interest in the provision, optimisation, design and ongoing updating and improvement of our online offerings.
Storage period: The processing of your personal data is primarily for the technical delivery of the A/B test. Personal data are generally deleted after completion of the A/B test.

13.5 Stape.io
We use the Stape.io service from Stape Europe OÜ, Sepapaja tn 6, 15551 Tallinn, Estonia, for server-side tag management and tracking on our website. Stape.io enables server-side transmission and processing of tracking data. This ensures anonymised or pseudonymised forwarding of tracking events on our website to third-party services. We use this tool for the technical implementation of web analysis and marketing functions and to improve our online offering. In this context, the tool processes personal data such as your IP address (possibly shortened), HTTP header data (e.g. user agent, referrer), online identifiers (e.g. cookies) and usage data (e.g. pages visited, interactions). This data processing is based on your consent pursuant to Art. 6(1)(a) GDPR. You can withdraw your consent at any time by changing the cookie settings. Processing remains lawful up to the time of withdrawal. We have concluded a data processing agreement with Stape.io. You can find more information in the Stape.io data protection notices: https://stape.io/eu-gdpr , https://stape.io/eu-privacy-notice , https://stape.io/eu-dpa

13.6 New Relic
We use New Relic on our websites, a web analysis service of New Relic, Inc., 88 Spear Street, Suite 1000, San Francisco, CA 94105 (“New Relic”). New Relic also uses cookies which enable analysis of the use and optimisation of our websites. The information generated in this way is generally transferred to a New Relic server and stored there. These are essentially the data listed in the “Usage data” section.

The legal basis for processing your data by New Relic is the consent obtained from you via our cookie management tool when accessing our websites pursuant to Sec. 25(1) sentence 1 TTDSG, Art. 6(1)(a) GDPR. You can withdraw your consent at any time via the “Cookie settings” of our cookie management tool. Data processing by New Relic is carried out on our behalf and is contractually secured by a data processing agreement (DPA) based on the EU standard contractual clauses pursuant to Art. 28, 46 GDPR. You can access New Relic’s DPA here: https://newrelic.com/sites/default/files/2022-03/New_Relic_GDPR_UK_GDPR_DPA_SCC03_22_NR_signed.pdf
Further information on data processing by New Relic can be found in New Relic’s privacy information, which is available at https://newrelic.com/termsandconditions/privacy. New Relic is headquartered in the USA, so data are processed in the USA. Please note our important information above in the section “Legal basis for the use of cookies” for this data transfer to a non-EU country.

14.1 Meta Pixel with extended data matching
Within our online offering, we use the “Meta Pixel” service with extended data matching mode from the following provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Meta”). If a user clicks on an advertisement placed by us on Facebook or Instagram, the URL of our linked page is extended by a parameter with the help of “Meta Pixel”. This URL parameter is then, after redirection, entered into the user’s browser by means of a cookie set by our linked page itself. This cookie then records specific customer data such as the e-mail address which we collect on our website linked to the Facebook or Instagram ad in processes such as purchases, account registrations or registrations (extended data matching). The cookie is then read and enables transmission of the data, including specific customer data, to Meta.

We use “Meta Pixel” with extended data matching in order to make our advertisements (“ads”) on Facebook and/or Instagram more effective and to ensure that they correspond to users’ interests or exhibit certain characteristics (e.g. interest in certain topics or products determined on the basis of visited websites) that we transmit to Meta (“Custom Audiences”). In addition, we analyse the effectiveness of our advertisements by tracking whether users are redirected to our website after clicking on an ad (conversion). Compared to the standard version of “Meta Pixel”, the function of extended data matching helps us to measure the effectiveness of our advertising campaigns more accurately by recording more attributed conversions. All data transmitted are stored and processed by Meta so that a connection to the respective user profile is possible and Meta can use the data for its own advertising purposes in accordance with Meta’s data usage guidelines (https://www.facebook.com/about/privacy/). The data may enable Meta and its partners to place ads on and off Facebook.

All processing operations described above, in particular the setting of cookies to read out information on the end device used, will only be carried out if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future by deactivating this service in the “cookie consent tool” provided on the website. We have concluded a data processing agreement with the provider which ensures the protection of the data of our site visitors and prohibits unauthorised disclosure to third parties. The information generated by Meta is generally transferred to a Meta server and stored there; in this context, transmission to servers of Meta Platforms Inc. in the USA may also take place. For data transfers to the USA, the provider is certified under the EU-US Data Privacy Framework, which, on the basis of an adequacy decision of the European Commission, ensures compliance with the European level of data protection.

14.2 Google Ads Remarketing
This website uses retargeting technology from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. For this purpose, Google sets a cookie in the browser of your end device which automatically enables interest-based advertising by means of a pseudonymous cookie ID and on the basis of the pages you have visited. Further data processing only takes place if you have agreed to Google linking your browser and app history to your Google account and using information from your Google account to personalise advertisements that you view on the web. If you are logged into Google while visiting our website in this case, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, your personal data are temporarily linked to Google Analytics data by Google in order to create target groups. In the context of using Google Ads Remarketing, personal data may also be transferred to servers of Google LLC in the USA.

All processing operations described above, in particular the setting of cookies to read out information on the end device used, will only be carried out if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. Without giving such consent, retargeting technology will not be used during your visit to the website. You can withdraw your consent at any time with effect for the future. To exercise your right of withdrawal, please deactivate this service in the “cookie consent tool” provided on the website. For data transfers to the USA, the provider is certified under the EU-US Data Privacy Framework, which, on the basis of an adequacy decision of the European Commission, ensures compliance with the European level of data protection. Details on the processing triggered by Google Ads Remarketing and Google’s handling of data from websites can be found here: https://policies.google.com/technologies/partner-sites
Further information on Google’s privacy policy can be found here: https://business.safety.google/intl/de/privacy/ and https://www.google.de/policies/privacy/

14.3 Google Ads Conversion Tracking
This website uses the “Google Ads” online advertising programme and, within the framework of Google Ads, conversion tracking of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). We use the offer of Google Ads to draw attention to our attractive offers on external websites with the help of advertising media (so-called Google Ads). We can determine the success of individual advertising measures in relation to the data of the advertising campaigns. In doing so, we pursue the interest of showing you advertising that is of interest to you, making our website more interesting for you and achieving a fair calculation of advertising costs incurred.

The conversion tracking cookie is set when a user clicks on an ad placed by Google. Cookies are small text files that are stored on your end device. These cookies usually lose their validity after 30 days and are not intended to identify you personally. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognise that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies can therefore not be tracked across the websites of Google Ads customers. The information collected with the help of the conversion cookie is used to create conversion statistics for Google Ads customers who have opted for conversion tracking. The customers learn the total number of users who clicked on their ad and were redirected to a page provided with a conversion tracking tag. However, they do not receive any information with which users can be personally identified. In the context of using Google Ads, personal data may also be transferred to servers of Google LLC in the USA. Details on the processing triggered by Google Ads Conversion Tracking and Google’s handling of data from websites can be found here: https://policies.google.com/technologies/partner-sites

All processing operations described above, in particular the setting of cookies to read out information on the end device used, will only be carried out if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future by deactivating this service in the “cookie consent tool” provided on the website. You can also permanently object to the setting of cookies for Google Ads conversion tracking by downloading and installing the browser plug-in from Google available under the following link: https://support.google.com/My-Ad-Center-Help/answer/12155656?hl=de

Please note that certain functions of this website may not be available or only to a limited extent if you have deactivated the use of cookies. Google’s privacy policy can be viewed here: https://business.safety.google/intl/de/privacy/ and https://www.google.de/policies/privacy/
For data transfers to the USA, the provider is certified under the EU-US Data Privacy Framework, which, on the basis of an adequacy decision of the European Commission, ensures compliance with the European level of data protection.

14.4 Bing Ads
We use the “Bing Ads” remarketing technology of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (“Microsoft”) on our websites. Microsoft stores a cookie (“conversion cookie”) on your computer if you have reached our websites via a Microsoft Bing ad. Microsoft and “Bing Ads” customers can thus recognise that the ad was clicked and a redirect to our websites occurred. In this way, you can be addressed again by targeted product recommendations and interest-based advertising on Microsoft’s pages and those of other “Bing Ads” customers.

The information collected with the help of the conversion cookie is also used to compile conversion statistics. We receive information on the total number of users who clicked on a Microsoft Bing ad and were thus redirected to our websites. In addition, further anonymous data (e.g. the number of page views and length of stay on the websites) are collected. We do not receive any information with which users can be personally identified. In addition to the settings provided in our cookie management tool, you can refuse to receive interest-based advertising from Microsoft by visiting Microsoft’s opt-out page: https://choice.microsoft.com/de-DE/opt-out

Cookie settings
You can also prevent the collection of data by Bing Ads by deactivating or restricting the transmission of cookies in your internet browser settings (see the general description of cookies above). Further information on data protection at Microsoft and on cookies used by Microsoft can be found in Microsoft’s privacy statement: https://privacy.microsoft.com/de-de/privacystatement. Microsoft Corporation is a company based in the USA, so the data collected by the Bing Ads service are also transmitted to the USA. Please note our important information above in the section “Legal basis for the use of cookies” for this data transfer to a non-EU country.

14.5 Pinterest tag conversion tracking
This website uses the conversion tracking technology of the following provider: Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland. If you have reached our website via an advertisement on the provider’s domain, the success of the advertisement can be tracked by means of cookies and/or comparable technologies (tracking pixels, web beacons, pings or HTTP requests). For this purpose, certain end device and browser information, including your IP address, may be read out via the tracking technology in order to record and evaluate user actions predefined by us (e.g. completed transactions, leads, search queries on the website, calls to product pages). This enables us to create statistics on usage behaviour on our website after redirection from an advertisement, which help us optimise our offering.

All processing operations described above, in particular the setting of cookies to read out information on the end device used, will only be carried out if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future by deactivating this service in the “cookie consent tool” provided on the website. We have concluded a data processing agreement with the provider which ensures the protection of the data of our site visitors and prohibits unauthorised disclosure to third parties.

14.6 TikTok Pixel
This website uses the conversion tracking technology of the following provider: TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland. If you have reached our website via an advertisement on the provider’s domain, the success of the advertisement can be tracked by means of cookies and/or comparable technologies (tracking pixels, web beacons, pings or HTTP requests). For this purpose, certain end device and browser information, including your IP address, may be read out via the tracking technology in order to record and evaluate user actions predefined by us (e.g. completed transactions, leads, search queries on the website, calls to product pages). This enables us to create statistics on usage behaviour on our website after redirection from an advertisement, which help us optimise our offering.

All processing operations described above, in particular the setting of cookies to read out information on the end device used, will only be carried out if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future by deactivating this service in the “cookie consent tool” provided on the website. We have concluded a data processing agreement with the provider which ensures the protection of the data of our site visitors and prohibits unauthorised disclosure to third parties.

15.1 YouTube
This website uses plugins for displaying and playing videos from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. Data may also be transmitted to: Google LLC, USA. When you access a page of our website that contains such a plugin, your browser establishes a direct connection to the provider’s servers at the latest when video playback starts in order to load the content. Certain information, including your IP address, is transmitted to the provider in this process. When playback of embedded videos is started via the plugin, the provider also uses cookies to collect information about user behaviour, to create playback statistics and to prevent abusive behaviour. If you are logged into a user account with the provider during your visit to the site, your data will be assigned directly to your account when you click on a video. If you do not wish data to be assigned to your account, you must log out before clicking the play button. All processing operations described above, in particular the setting of cookies to read out information on the end device used, will only be carried out if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future by deactivating this service in the “cookie consent tool” provided on the website. For data transfers to the USA, the provider is certified under the EU-US Data Privacy Framework, which, on the basis of an adequacy decision of the European Commission, ensures compliance with the European level of data protection.

15.2 EHI Seal of Approval widget
Graphic elements from the following provider are integrated on our website for displaying external customer reviews and/or a seal of approval awarded externally: EHI Retail Institute GmbH, Spichernstraße 55, 50672 Cologne, Germany. When you access a page of our website that contains such graphic elements, your browser establishes a direct connection to the provider’s servers in order to load the elements correctly. Certain browser information, including your IP address, is transmitted to the provider in this process. If personal data are processed in this context, processing takes place in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in the optimal marketing of our offer and an appealing design of our website.

15.3 idealo logo
Graphic elements from the following provider are integrated on our website for displaying external customer reviews and/or a seal of approval awarded externally: idealo internet GmbH, Zimmerstraße 50, 10888 Berlin, Germany. When you access a page of our website that contains such graphic elements, your browser establishes a direct connection to the provider’s servers in order to load the elements correctly. Certain browser information, including your IP address, is transmitted to the provider in this process. If personal data are processed in this context, processing takes place in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in the optimal marketing of our offer and an appealing design of our website.

15.4 Trustpilot
Graphic elements from the following provider are integrated on our website for displaying external customer reviews and/or a seal of approval awarded externally: Trustpilot A/S, Pilestræde 58, 1112 Copenhagen, Denmark. When you access a page of our website that contains such graphic elements, your browser establishes a direct connection to the provider’s servers in order to load the elements correctly. Certain browser information, including your IP address, is transmitted to the provider in this process. If personal data are processed in this context, processing takes place in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in the optimal marketing of our offer and an appealing design of our website.

15.5 Google Maps
This website uses the following online map service: Google Maps (API) of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google Maps is a web service for displaying interactive (land) maps for the visual representation of geographical information. The use of this service shows you our location and makes it easier for you to find us. When you access the subpages that include a Google Maps map, information about your use of our website (such as your IP address) is transmitted to Google’s servers and stored there; in this context, transmission to Google LLC’s servers in the USA may also take place. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged into Google, your data will be assigned directly to your account. If you do not wish data to be assigned to your profile with Google, you must log out before activating the button.

Google stores your data (even for users who are not logged in) as user profiles and evaluates them. Collection, storage and evaluation are carried out in accordance with Art. 6(1)(f) GDPR on the basis of Google’s legitimate interest in displaying personalised advertising, conducting market research and/or designing Google websites to meet user needs. You have the right to object to the creation of these user profiles, although you must contact Google to exercise this right. If you do not agree to the future transmission of your data to Google in the context of using Google Maps, it is also possible to completely deactivate the Google Maps web service by switching off JavaScript in your browser. Google Maps and therefore map displays on this website can then no longer be used. Where legally required, we have obtained your consent pursuant to Art. 6(1)(a) GDPR for the processing of your data described above. You can withdraw your consent at any time with effect for the future. To exercise your right of withdrawal, please follow the option described above for submitting an objection. For data transfers to the USA, the provider is certified under the EU-US Data Privacy Framework, which, on the basis of an adequacy decision of the European Commission, ensures compliance with the European level of data protection. Further information on Google’s privacy policy can be found here: https://business.safety.google/intl/de/privacy/

15.6 Adobe Fonts (Typekit)
This site uses so-called web fonts from the following provider for uniform display of fonts: Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA. When you access a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly and establishes a direct connection to the provider’s servers. Certain browser information, including your IP address, is transmitted to the provider in this process. The processing of personal data in the course of establishing the connection with the provider of the fonts is only carried out if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future by deactivating this service in the “cookie consent tool” provided on the website. If your browser does not support web fonts, a standard font of your computer will be used. For data transfers to the USA, the provider is certified under the EU-US Data Privacy Framework, which, on the basis of an adequacy decision of the European Commission, ensures compliance with the European level of data protection. Further information on data protection at Adobe and in relation to Adobe Fonts can be found at:
https://www.adobe.com/de/privacy/policies/adobe-fonts.html
https://www.adobe.com/de/privacy/policy.html

15.7 Google reCAPTCHA
On this website we use the CAPTCHA service of the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. Data may also be transmitted to: Google LLC, USA. For the visual design of the CAPTCHA window, “Google Fonts” from Google, i.e. fonts loaded from the internet, are used. This does not involve processing any further information beyond that already transmitted as part of the reCAPTCHA functionality to Google. The service checks whether an entry is made by a natural person or is misused by automated and mechanical processing and blocks spam, DDoS attacks and similar automated malicious accesses. In order to ensure that an action is performed by a human being and not by an automated bot, the provider collects the IP address of the end device used, identification data of the browser and operating system type used as well as the date and duration of the visit and transmits these to the provider’s servers for evaluation. Cookies may be used for this purpose, i.e. small text files stored in the browser of the end device.

Insofar as the processing operations described above are based on cookies, these are only set if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future by deactivating this service in the “cookie consent tool” provided on the website. If the processing operations described above are carried out without the use of cookies, the legal basis is our legitimate interest in establishing individual responsibility on the internet and preventing misuse and spam in accordance with Art. 6(1)(f) GDPR. We have concluded a data processing agreement with the provider which ensures the protection of the data of our site visitors and prohibits unauthorised disclosure to third parties. For data transfers to the USA, the provider is certified under the EU-US Data Privacy Framework, which, on the basis of an adequacy decision of the European Commission, ensures compliance with the European level of data protection. Further information on Google’s privacy policy can be found here: https://business.safety.google/intl/de/privacy/

15.8 Sentry
We continuously improve and develop our website in order to offer our users the best possible customer experience. However, not all disruptions, for example due to programming errors, can be reliably excluded from the outset. We therefore use Sentry, an error tracking tool from Functional Software Inc., 132 Hawthorne St, San Francisco, CA 94107, USA (“Sentry”). In order to improve the accessibility and technical stability of our website by monitoring system stability and identifying code errors, we can automatically send the following information to Sentry in the event of a software error: device information (operating system, browser version, browser type), the IP address of the device, e-mail, name, date and time of the error. The legal basis for the above data processing is Art. 6(1)(f) GDPR. No explicit analysis for advertising purposes takes place in this process. The information is collected anonymously, not used for personal purposes and then deleted. This analysis helps us to continuously improve our website and fix hidden code errors. Such processing is in our legitimate interest as the data are used exclusively to identify and analyse errors. Further information on data processing by Sentry and its functionality can be found in Sentry’s privacy policy: https://sentry.io/privacy/
We have concluded a data processing agreement with Sentry.

16.1 Cookie consent tool
This website uses a so-called “cookie consent tool” to obtain valid user consents for cookies and cookie-based applications requiring consent. The “cookie consent tool” is displayed to users in the form of an interactive user interface when they access the site, on which consents for certain cookies and/or cookie-based applications can be given by ticking a box. In this context, all cookies/services requiring consent are only loaded if the respective user grants the corresponding consent by ticking the box. This ensures that such cookies are only set on the respective user’s end device subject to consent. For this purpose, we use a tool from the service provider OneTrust LLC, 505 North Angier Avenue, Atlanta, Georgia, 30308 USA. The tool sets technically necessary cookies in order to store your cookie preferences. Personal user data are generally not processed in this context. In individual cases, if personal data are processed (such as the IP address) for the purpose of storing, assigning or logging cookie settings, such processing is carried out in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website. Another legal basis for processing is Art. 6(1)(c) GDPR. As controllers, we are legally obliged to make the use of non-essential cookies dependent on the respective user’s consent. Where required, we have concluded a data processing agreement with the provider which ensures the protection of the data of our site visitors and prohibits unauthorised disclosure to third parties. Further information about the operator and the settings options of the cookie consent tool can be found directly in the corresponding user interface on our website.

16.2 Elasticsearch
This website uses the search technology service of the following provider: ELASTIC, 800 West El Camino Real, Suite 350, Mountain View, California 94040, USA. For the provision of the search function for items via the search field and for navigation and filters, the provider collects and stores certain user information (such as the user or session ID) in anonymised form. If personal data are processed in this context, processing takes place in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in providing a fault-tolerant search for items and thus in the optimal marketing of our offer. For the transfer of data to the USA, the provider relies on the standard contractual clauses of the European Commission, which are intended to ensure compliance with the European level of data protection.

The social media plugins listed below are used on our website to increase awareness of our website via these. The legal basis for the use of social media plugins results from your consent pursuant to Art. 6(1)(a) GDPR. Responsibility for data protection-compliant operation is to be ensured by the respective provider.

Pinterest
We use the plugin of the social network Pinterest, which is operated by Pinterest Europe Ltd. (Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland), on our site. When you activate the plugin, your browser establishes a direct connection to Pinterest’s servers. The plugin transmits log data to the Pinterest server in the USA. These log data may contain your IP address, the address of the visited websites that also contain Pinterest functions, type and settings of the browser, date and time of the request, your use of Pinterest and cookies.

Further information on the purpose, scope and further processing and use of the data by Pinterest as well as your rights and options for protecting your privacy can be found in Pinterest’s privacy policy: https://policy.pinterest.com/de/privacy-policy.

Prize draws
Name and contact details of the controller as well as the company data protection officer. These data protection notices apply to data processing by:
Controller: TecTake Ltd, Mappin House, 4 Winsley Street, London W1W 8HF, United Kingdom
Phone: +44 203 488 4565

TecTake’s data protection officer can be contacted at datenschutz@tectake.de. Collection and storage of personal data as well as type and purpose of their use. For the implementation of our prize draws, we collect the following information:

• First name, last name
• Address (only for winners of a prize draw)
• Social media username
• Social media ID
• Social media profile picture

These data are collected:

• to enable you to participate in our prize draws (e.g. on social media such as Facebook, Instagram, LinkedIn)
• to determine the winners of our prize draws
• to correspond with prize draw participants (e.g. prize notification)
• for statistical evaluation of prize draws.

The storage of the above-mentioned data takes place upon your request and is required pursuant to Art. 6(1)(b) GDPR for the purposes mentioned, namely your participation in the prize draws, the determination of winners, the distribution of prizes and correspondence with participants. In addition, the social media username of the winner is published in a comment under the prize draw post. The legal basis for this is Art. 6(1)(b) GDPR in order to inform the winner of the respective prize draw that they have been drawn as a winner. Another legal basis for the publication of the social media name is Art. 6(1)(f) GDPR. The legitimate interest in this publication lies in documenting the drawing result of the prize draws and informing all prize draw participants of the result and the end of the prize draws.

Right to object
You have the right to object to the publication of your social media username at any time. Please use the contact details above for this purpose. The personal data collected by us will be stored until the purposes mentioned above no longer apply and then deleted, unless we are obliged to store them for a longer period pursuant to Art. 6(1)(c) GDPR due to tax and commercial law retention and documentation obligations (under the German Commercial Code, Criminal Code or Fiscal Code) or you have consented to storage beyond this pursuant to Art. 6(1)(a) GDPR.

Transfer of data to third parties
Your personal data will not be transferred to third parties for purposes other than those listed below. In order to determine the winner, TecTake uses evaluation services from various providers, including “Fanpage Karma Glücksfee” of uphill GmbH, Oranienstr. 188, 10999 Berlin, Germany, for prize draws on Facebook and “Comment Picker”. For this purpose, information on a prize draw post is, for example, imported into the evaluation tool via an existing API of the respective social media portal and then evaluated according to the specified criteria. As a result, TecTake is shown profiles of social media users who could have won a prize draw according to various possible criteria (the name, profile picture and a link to the profile are displayed). Duplicate entries (if a user comments several times) are also removed. The system then draws the winner at random, based on a Java function for random values. These data are only available to TecTake at the moment of the query and are not stored by the service provider. The legal basis for using this service is Art. 6(1)(b) GDPR in order to determine the winner of the respective prize draw. The data disclosed may only be used by our evaluation tool partners for the purposes mentioned.

18.1 Applicable data protection law grants you the following rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, with reference made to the legal basis for the respective exercise requirements:

• Right of access pursuant to Art. 15 GDPR;
• Right to rectification pursuant to Art. 16 GDPR;
• Right to erasure pursuant to Art. 17 GDPR;
• Right to restriction of processing pursuant to Art. 18 GDPR;
• Right to notification pursuant to Art. 19 GDPR;
• Right to data portability pursuant to Art. 20 GDPR;
• Right to withdraw consent given pursuant to Art. 7(3) GDPR;
• Right to lodge a complaint pursuant to Art. 77 GDPR.

18.2 RIGHT TO OBJECT
IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST IN THE CONTEXT OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION WITH EFFECT FOR THE FUTURE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE TO PROCESS THE DATA CONCERNED. HOWEVER, FURTHER PROCESSING REMAINS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS OR IF THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS.

IF YOUR PERSONAL DATA ARE PROCESSED BY US FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING. YOU MAY EXERCISE YOUR RIGHT TO OBJECT AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE TO PROCESS THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

The duration of storage of personal data is determined by the respective legal basis, the processing purpose and – if applicable – additionally by the respective statutory retention period (e.g. commercial and tax law retention periods). In the case of processing personal data on the basis of express consent pursuant to Art. 6(1)(a) GDPR, the data concerned will be stored until you withdraw your consent. If statutory retention periods exist for data processed in the context of legal or quasi-legal obligations on the basis of Art. 6(1)(b) GDPR, these data will be routinely deleted after expiry of the retention periods, provided that they are no longer required for contract performance or contract initiation and/or there is no legitimate interest on our part in further storage. In the case of processing personal data on the basis of Art. 6(1)(f) GDPR, these data will be stored until you exercise your right to object pursuant to Art. 21(1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defence of legal claims. In the case of processing personal data for direct marketing purposes on the basis of Art. 6(1)(f) GDPR, these data will be stored until you exercise your right to object pursuant to Art. 21(2) GDPR. Unless otherwise stated in the other information in this statement on specific processing situations, stored personal data will otherwise be deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.

We reserve the right to amend this privacy policy for a specific reason and without prior notice. Please therefore check this page regularly for any changes to this privacy policy.

Copyright notice: This privacy policy was drawn up by the specialist lawyers of IT-Recht Kanzlei and is protected by copyright (https://www.it-recht-kanzlei.de)

Status: 06.11.2025, 11:50:52