Privacy Policy
We appreciate your visit to our website and thank you for your interest in our company, our products and our web pages. Protecting your privacy when using our web pages is important to us. This privacy policy has been compiled to better serve those who are concerned with how their 'Personally Identifiable Information' (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Therefore, please take note of the following information.
1) Basic Information about handling personally identifiable information (PII)
1.1 Our privacy policy was last edited in November 2016.
1.2 You may visit our website without your having to release any PII. For each access to our website usage data will be transmitted by the respective internet browser and are stored in log files, the so called server log files such as date and time of the call, name of the accessed page, data volume transferred and the name of the inquiring provider. Those data cannot be attributed to a particular person and are exclusively intended to ensure a smooth operation of our website and to improve our offer.
1.3 PII is only collected if you voluntarily disclose such data to us for the purpose of concluding a contract or opening a customer account. It is evident from the respective input form which data are collected. Closing your customer account shall be possible at any time and may be effected through a message to the contact address described below. We store and use the data you disclose to us for the purpose of contract processing. Upon complete fulfilment of the contract or closing of your customer account, your data will be blocked with care for tax and commercial retention periods and will be deleted will be deleted after final processing of your inquiry, if you so desire, provided that legal retention periods will not be barred by a deletion.
1.4 We collect information from you when you register on our site, place an order, subscribe to a newsletter, respond to a survey, fill out a form, Use Live Chat, Open a Support Ticket or enter information on our site. Those data will be stored and processed exclusively for the purpose of responding to your order or your enquiry or of getting in contact with you and for the connected technical administration.
2) What personal information do we collect from the people that visit our blog, website or app?
2.1 When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, credit card information, social security number or other details to help you with your experience.
2.2 We collect information from you when you register on our site, place an order, subscribe to a newsletter, respond to a survey, fill out a form, Use Live Chat, Open a Support Ticket or enter information on our site.
3) How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
- To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested
- To improve our website in order to better serve you
- To allow us to better service you in responding to your customer service requests.
- To administer a contest, promotion, survey or other site feature.
- To quickly process your transactions
- To ask for ratings and reviews of services or products
- To follow up with them after correspondence (live chat, email or phone inquiries)
4) How do we protect your information?
4.1 Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. We use regular Malware Scanning.
4.2 Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL)technology. We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information. All transactions are processed through a gateway provider and are not stored or processed on our servers.
5) Cookies
Our website uses so-called "cookies” serving to make our Internet presence more user-friendly, effective and secure – for instance to accelerate navigation on our platform. Furthermore, cookies allow us to measure the frequency of website visits as well as general navigation. Cookies are small text files stored on your computer system. Please note that some of these cookies are transferred from our server to your computer system, mostly so-called "session cookies”. "Session cookies” are characterized by being automatically deleted from your hard drive upon the end of the browser session. Other cookies remain on your computer system and allow us to recognize your computer system during your next visit (so-called permanent cookies). You may certainly decline these cookies at any time provided your browser permits this. Please note that once your browser is set to decline cookies (from our website) certain features of this website may not be available or restricted. Look at your browser's Help Menu to learn the correct way to modify your cookies.
6) Third-party disclosure and transfer of data
6.1 We do not sell, trade, or otherwise transfer to outside parties your PII, unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property or safety.
6.2 For the purpose of contract fulfillment, PII collected by us are transferred to the transport company commissioned with the delivery, provided this is required for delivering the goods. For the processing of payments we pass on your payment data to the authorized banking institution.
6.3 However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
6.4 When choosing the payment method payment PayPal, we transmit your accounting data to PayPal 2211 North First Street, San Jose, California 95131 (hereinafter referred to as “PayPal”) within the framework of payment processing.
7) Third-party links
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
8) Remarketing with Google AdSense
We have implemented Remarketing with Google AdSense
Opting out:
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
9) Google Display Network Impression Reporting
We have implemented Remarketing with Google Display Network Impression Reporting
Opting out:
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
10) Google Analytics
We use Google Analytics and third-party cookies such as DoubleClick cookie.
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.
Opting out:
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
11) We comply with the California Online Privacy Protection Act (CalOPPA)
11.1 CalOPPA is the first state law (California) in the United States to require commercial websites and online services to post a privacy policy. According to CalOPPA, we agree to the following:
11.2 Users can visit our site anonymously. Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website. Our Privacy Policy link includes the word 'Privacy' and can easily be found on the page specified above.
11.3 You will be notified of any Privacy Policy changes on our privacy policy page. You can change your personal information by emailing us
11.4 However, We do not honor Do Not Track signals and Do Not Track, plant cookies when a Do Not Track (DNT) browser mechanism is in place.
11.5 It's also important to note that we allow third-party behavioral tracking
12) Fair Information Practices
12.1 In order to be in line with Fair Information Practices we will take the following responsive action: Should a data breach occur we will notify you via email within 7 business days
12.2 We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
13) We comply with the CAN SPAM Act
13.1 The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
13.2 We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or questions
- Process orders and to send information and updates pertaining to orders.
- Send you additional information related to your product and/or service
- Market to our mailing list or continue to send emails to our clients after the originaltransaction has occurred.
13.3 To be in accordance with CANSPAM, we agree to the following:
- Not use false or misleading subjects or email addresses.
- Identify the message as an advertisement in some reasonable way.
- Include the physical address of our business or site headquarters.
- Monitor third-party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly.
14) Childrens Online Privacy Protection Act Compliance
We are in compliance with the requirements of COPPA (Childrens Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old or older.
15) Information on Customer Rights and Contacts
You are entitled to obtain information on your saved data free of charge and on how to correct, block or delete this data where applicable. Please contact us with any further inquiries about the collection, processing or use of your personal data. The same shall apply for obtaining information, your requests to block, delete or correct your personal data as well as for withdrawals of granted consents. You can find our contact address in our legal notice.
16) novomind iChat
We use the novomind iCHAT to offer you a website chat service (according to Art. 6 para. 1 lit. a and lit.f EU Data Protection Regulation). In order to initiate this live chat, novomind iCHAT requires your full name and email address. novomind iCHAT uses cookies that enable an analysis of your use of our website. The information generated by cookies about your use of our website is transmitted to novomind’s iCHAT server and stored there. novomind iCHAT uses this information to evaluate your use of our website and to provide a chat window on our pages through which you can contact us directly. If you do not agree with reporting via cookies, we ask you to contact us only via our contact form(s) or by e-mail. Alternatively, you can deactivate the storage of cookies in your browser, though this may result in iCHAT not being usable. novomind iCHAT is a website chat service of novomind AG, Bramfelder Chaussee 45, 22177 Hamburg.
The applicable data protection regulations can be found at https://www.novomind.com/de/datenschutz/.
If you do not agree with the storage of chat content, we ask you to contact us only via our contact form(s) or by e-mail.
17) Contact via Telephone Hotline
When contacting us via our hotline, personal data may be collected and processed. The telephone number you use when calling may be recorded.
In addition, our hotline staff may request your name and e-mail address. If you have created a customer account with us under the e-mail address you provided, our hotline staff can associate your e-mail address to this customer account and access the data stored in the customer account. The stored data includes your full name, your address, your payment details, your orders, products saved by you as favorites, as well as notes on previous inquiries and previous correspondence.
The essential contents of the conversation concerning your request may be recorded by our hotline staff in the form of a written note for the further processing of your request, which we can access if we contact you again.
The data collected when contacting us via our hotline is collected and processed exclusively for the purpose of processing your request, including the associated further communication and technical administration/support.
The legal basis for processing the data is our legitimate interest in responding to your request pursuant to Art. 6 (1) lit. f DSGVO. If the purpose of your call is to enter into a contract with us or you have questions regarding an existing contract with us, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO.
Your data will be deleted upon completion of the processing of your request.
This is the case if it is clear from the circumstances that the matter in question has been conclusively resolved and provided that there are no conflicting statutory retention obligations.
18) Microsoft 365
The Microsoft 365 services are provided by Microsoft Corporation (https://www.microsoft.com/de-de/rechtliche-hinweise/impressum) on the basis of a data processing agreement. This means that Microsoft also has access to your data to the extent necessary. The data center is located within the EU. However, due to the use of Microsoft products, it cannot be ruled out that your personal data will also be processed in third countries outside the European Union (EU). For this purpose, we have concluded a standard EU data protection contract in accordance with Art. 46 GDPR, see https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA .
In addition to the EU standard contract, further guarantees are part of the contractual level of protection.
To the extent that Microsoft processes Personal Data outside of the Data Processing Relationship in connection with Microsoft's legitimate business operations, Microsoft is its own controller for such use and as such is responsible for compliance with all applicable laws and obligations of a controller.
Further information on the type and scope of data processing by Microsoft can be found at https://privacy.microsoft.com/de-de/privacystatement and https://learn.microsoft.com/de-de/compliance/regulatory/gdpr-dsr-Office365?toc=%2Fmicrosoft-365%2Fenterprise%2Ftoc.json.
Use of Microsoft Forms
We use MS Forms to carry out surveys, evaluations and competitions. MS Forms is a Microsoft Office application from Microsoft Corporation. When using it, your answers (quantitative and qualitative) are generally processed on an anonymous basis, unless you voluntarily provide your personal data, such as contact details. Your contact data would then be used as previously declared in the survey, for example to take part in a competition. It will not be used for purposes not previously declared.
Further information on the type and scope of data processing by Microsoft can be found at https://support.microsoft.com/de-de/office/sicherheit-und-datenschutz-in-microsoft-forms-7e57f9ba-4aeb-4b1b-9e21-b75318532cd9
Storage duration:
We process and store the data until the purpose of the processing has been fulfilled, e.g. the raw data for the survey, evaluation in anonymous form is no longer required or we have successfully carried out any competition after sending/transmitting the prizes.
Legal basis for data processing:
Your data is processed on the basis of Art. 6 para. 1 lit. f and Art.6 para.1 lit. b (fulfillment of contract) GDPR, as we have a legitimate interest in maintaining and improving the customer relationship. If the survey is conducted within Endor AG, the legal basis is §26 para. 1 BDSG.