Privacy Policy

Unless otherwise stated below, providing your personal data is neither legally nor contractually required, nor necessary for the conclusion of a contract. You are not obliged to provide the data. Non-provision has no consequences. This applies only to the processing operations described below where no other indication is given.
"Personal data" means all information relating to an identified or identifiable natural person.

Server Log Files

You can visit our websites without providing any personal information.
Whenever you access our website, usage data is transmitted to us or our web host/IT service provider by your internet browser and stored in log files (so-called server log files). These stored data include, for example, the name of the page accessed, date and time of access, IP address, amount of data transferred, and the requesting provider.
The processing is based on Art. 6(1)(f) GDPR, as it is in our legitimate interest to ensure the smooth operation of our website and to improve our offerings.

Your data may be transmitted to and processed in third countries outside the EU, in particular to Canada and the USA. An adequacy decision by the European Commission exists for Canada. For the USA, there is an adequacy decision, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under TADPF. This data transfer is based on contractual obligations comparable to the EU Standard Contractual Clauses.

Contact

Responsible party
You may contact us upon request. The responsible entity for data processing is:
Sessorium-Commerce GbR
Hauptstraße 36
74865 Neckarzimmern, Germany
support@engel-kette.de
+49 151 51751150

Initiated Contact via Email

If you contact us proactively via email, we collect your personal data (name, email address, message content) only to the extent provided by you. The data processing serves to handle and respond to your inquiry.
If the contact serves the execution of pre-contractual measures (e.g., consultation for purchase interest, offer creation) or relates to an existing contract, this data processing is based on Art. 6(1)(b) GDPR.
If the contact is for other reasons, processing is based on Art. 6(1)(f) GDPR, in our legitimate interest to handle and respond to your inquiry. In this case, you have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you based on Art. 6(1)(f) GDPR.
Your email address will only be used to handle your inquiry. Your data will then be deleted according to statutory retention periods unless you have consented to further processing and use.

Collection and Processing via Contact Form

When using the contact form, we collect your personal data (name, email address, message content) only to the extent you provide it. The data processing serves the purpose of contacting us.
If the contact serves pre-contractual measures (e.g., purchase consultation, offer creation) or relates to an existing contract, processing is based on Art. 6(1)(b) GDPR.
If the contact is for other reasons, processing is based on Art. 6(1)(f) GDPR, in our legitimate interest to handle and respond to your inquiry. In this case, you have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you based on Art. 6(1)(f) GDPR.
Your email address will only be used to handle your inquiry. Your data will then be deleted according to statutory retention periods unless you have consented to further processing and use.

Use of Google Maps API Address Validation

We use the address validation service provided by Google (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, "Google") on our website.
Data processing serves to check your inputs in our address forms for input and typing errors in real-time and, if necessary, to complete missing data. For incorrect entries, alternative suggestions for correcting the data are displayed. For this purpose, the address data you provide is transmitted to the provider, stored, and evaluated.
Information transmitted to Google may include: postal addresses (country, city, postal code, street, house number), email addresses, and phone numbers. Your data may also be transferred to the USA. An adequacy decision by the European Commission exists for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google is certified under TADPF and has committed to comply with European data protection principles.
The processing of your personal data is based on Art. 6(1)(f) GDPR, in our legitimate interest to ensure correct data for fulfilling our contractual obligations. You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you.
The data is processed separately by the provider and not merged with other data. Data will be deleted by the provider once the status of the entered data has been determined, but no later than 30 days.
Further information on Google's terms of use and privacy can be found at: https://cloud.google.com/maps-platform/terms and https://www.google.de/policies/privacy/.

Customer Account & Orders

Customer Account
When opening a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. Processing is based on Art. 6(1)(a) GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the lawfulness of processing carried out based on consent prior to revocation. Your customer account will then be deleted.

Collection, Processing, and Transfer of Personal Data for Orders
When you place an order, we collect and process your personal data only to the extent necessary to fulfill and process your order and to handle your inquiries. Providing the data is necessary for the conclusion of the contract. Failure to provide the data means that no contract can be concluded. Processing is based on Art. 6(1)(b) GDPR and is necessary for the performance of a contract with you.

Your data may be shared, for example, with the shipping companies and dropshipping providers you select, payment service providers, service providers for order processing, and IT service providers. In all cases, we strictly comply with legal requirements. The scope of data transfer is limited to the minimum necessary.

Your data may also be transferred to third countries outside the EU, in particular Canada and the USA, and processed there. An adequacy decision by the EU Commission exists for Canada. For the USA, an adequacy decision exists under the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to the EU Standard Contractual Clauses.

Marketing

Use of Email Address for Sending Newsletters
We use your email address exclusively for our own advertising purposes for newsletter distribution, provided you have given explicit consent. Processing is based on Art. 6(1)(a) GDPR with your consent. You may revoke your consent at any time without affecting the lawfulness of processing prior to revocation. You can unsubscribe from the newsletter at any time using the link in the newsletter or by notifying us. Your email address will then be removed from the distribution list.

Use of Klaviyo
For newsletter distribution, we use the service of Klaviyo Inc. (125 Summer St Floor 7, Boston, MA 02111, USA; “Klaviyo”) under a data processing agreement.
The information you provide when signing up for the newsletter (email address, and optionally first and last name) is shared with Klaviyo. Data processing serves the purpose of sending newsletters and analyzing them statistically.

To evaluate newsletter campaigns, the sent newsletters contain a 1x1 pixel image (tracking pixel) or a tracking link. This allows us to determine whether you opened the newsletter and whether you clicked any embedded links. In this context, we collect personal data such as IP address, browser type, device, and timestamp. Pseudonymous user profiles can be created from this data. The collected data is not used to personally identify you and is only used for statistical evaluation to improve newsletter campaigns.

Your data is usually transmitted to Klaviyo servers in the USA and stored there. For the USA, an adequacy decision by the EU Commission exists under the Trans-Atlantic Data Privacy Framework (TADPF). Klaviyo is certified under TADPF and thus obliged to comply with European data protection principles.

Processing of your personal data is based on Art. 6(1)(f) GDPR in our legitimate interest in a targeted, effective, and user-friendly newsletter system. You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you.

More information about privacy at Klaviyo can be found here: https://www.klaviyo.com/legal/privacy-notice and https://www.klaviyo.com/legal/data-processing-agreement.

Payment Service Providers & Credit Checks

Use of PayPal
On our website, we use the payment service PayPal from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal"). Data processing serves the purpose of offering you payment via the payment service. When selecting and using PayPal, the data required for payment processing is transmitted to PayPal to fulfill the contract with you using the chosen payment method. Processing is based on Art. 6(1)(b) GDPR.

All PayPal transactions are subject to the PayPal Privacy Policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

Use of PayPal Plus

On our website, we use the payment service PayPal Plus from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal"). Data processing serves the purpose of offering you payment via this service. When selecting and using PayPal, PayPal Credit Card, or PayPal Direct Debit, the data required for payment processing is transmitted to PayPal to fulfill the contract with you using the chosen payment method. Processing is based on Art. 6(1)(b) GDPR.

For certain payment methods, such as PayPal Credit Card or PayPal Direct Debit, PayPal reserves the right to obtain a credit check using mathematically-statistical procedures with the help of credit agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the information received on the statistical likelihood of default to make a balanced decision on establishing, performing, or terminating the contractual relationship. The credit check may include probability values (score values) calculated based on scientifically recognized statistical methods, including address data. Your legitimate interests are taken into account according to legal requirements. Data processing serves the purpose of credit assessment for contract initiation and is based on Art. 6(1)(f) GDPR in our legitimate interest in protection against payment default if PayPal advances payment.

You have the right, for reasons arising from your particular situation, to object at any time to this processing of personal data based on Art. 6(1)(f) GDPR by notifying PayPal. Providing this data is necessary for concluding the contract with the chosen payment method. Failure to provide the data means that the contract cannot be concluded with the chosen payment method.

Use of PayPal Express

On our website, we use the PayPal Express payment service from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal"). Data processing serves the purpose of offering you payment via PayPal Express.

To integrate this payment service, PayPal collects, stores, and analyzes data when the website is accessed (e.g., IP address, device type, operating system, browser type, device location). Cookies may also be used to enable browser recognition.

Processing of your personal data is based on Art. 6(1)(f) GDPR in our legitimate interest in offering a customer-oriented variety of payment methods. You have the right, for reasons arising from your particular situation, to object at any time to this processing of personal data.

When selecting and using PayPal Express, the data required for payment processing is transmitted to PayPal to fulfill the contract with you using the chosen payment method. This processing is based on Art. 6(1)(b) GDPR. More information on data processing for PayPal Express can be found in PayPal’s privacy policy: www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS.

Use of PayPal Check-Out

We use the PayPal Check-Out service on our website (PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal L-2449, Luxembourg). Data processing serves the purpose of offering you payment via this service. When selecting and using PayPal, PayPal Credit Card, PayPal Direct Debit, or Pay Later via PayPal, the data required for payment processing is transmitted to PayPal to fulfill the contract with you using the chosen payment method. Processing is based on Art. 6(1)(b) GDPR.

Cookies may be stored to allow browser recognition. This processing is based on Art. 6(1)(f) GDPR in our legitimate interest in offering a customer-oriented selection of payment methods. You have the right to object at any time, for reasons arising from your particular situation.

Credit Card via PayPal, Direct Debit via PayPal & Pay Later via PayPal
For certain payment methods such as Credit Card via PayPal, Direct Debit via PayPal, or Pay Later via PayPal, PayPal may obtain a credit check using mathematically-statistical procedures with credit agencies. Personal data required for a credit check is transmitted to a credit agency, which uses the information on the statistical likelihood of payment default to make a balanced decision on establishing, performing, or terminating the contractual relationship. Probability values (score values) may be included. Processing serves the purpose of credit assessment for contract initiation and is based on Art. 6(1)(f) GDPR in our legitimate interest in protection against payment default when PayPal advances payment.

You have the right, for reasons arising from your particular situation, to object at any time to this processing of personal data by notifying PayPal. Providing this data is necessary for concluding the contract with the chosen payment method. Failure to provide the data means that the contract cannot be concluded.

Third-Party Providers

When paying via a third-party payment method, the data required for payment processing is transmitted to PayPal. Processing is based on Art. 6(1)(b) GDPR. For execution of the payment method, the data may then be forwarded by PayPal to the respective provider, also based on Art. 6(1)(b) GDPR. Local third-party providers may include:

Sofort (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany)
giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main)

Invoice Purchase via PayPal
For payment via invoice, the data required for payment processing is first transmitted to PayPal. For execution, the data is then forwarded by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") to fulfill the contract using the chosen payment method. Processing is based on Art. 6(1)(b) GDPR. Ratepay may perform a credit check using mathematically-statistical procedures (score values) with credit agencies, as described above. Processing serves the purpose of credit assessment for contract initiation and is based on Art. 6(1)(f) GDPR in our legitimate interest in protection against payment default when Ratepay advances payment. More information about data protection and the credit agencies used by Ratepay can be found at: https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.

Further information on data processing when using PayPal can be found in the corresponding privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Use of Klarna Payment Options

On our website, we use the payment service of Klarna Bank AB (publ) (Sveavägen 46, 111 34 Stockholm, Sweden; "Klarna"). When selecting and using Klarna for payment, the data required for payment processing is transmitted to Klarna in order to fulfill the contract with you using the chosen payment method. This processing is based on Art. 6(1)(b) GDPR.

Cookies may be stored to allow browser recognition. This data processing is based on Art. 6(1)(f) GDPR in our legitimate interest in offering a customer-oriented variety of payment methods. You have the right, for reasons arising from your particular situation, to object at any time to this processing of personal data.

“Pay Later” (Invoice), “Pay Now” (Direct Debit), “Financing” (Installment Purchase)

For certain payment methods such as “Pay Later” (Invoice), “Pay Now” (Direct Debit), or “Financing” (Installments), Klarna reserves the right to obtain a credit check using mathematically-statistical procedures with the help of credit agencies.

For this purpose, Klarna transmits the personal data required for a credit check—such as first and last name, address, gender, email address, IP address, and order-related data—to a credit agency to verify identity and creditworthiness. The received information is used to assess the statistical likelihood of default in order to make a balanced decision regarding the establishment, execution, or termination of the contractual relationship. The credit check may include probability values (score values) calculated based on scientifically recognized statistical methods, which may include address data. Your legitimate interests are taken into account according to legal requirements.

Data processing serves the purpose of credit assessment for contract initiation and is based on Art. 6(1)(f) GDPR in our legitimate interest in protection against payment default if Klarna advances payment. You have the right, for reasons arising from your particular situation, to object at any time to this processing of personal data by notifying Klarna. Providing these data is necessary for concluding the contract with the chosen payment method. Failure to provide the data means that the contract cannot be concluded with the chosen payment method.

Further information, including which credit agencies Klarna shares personal data with, can be found for Germany here: https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies and for Austria here: https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/credit_rating_agencies.

General information about Klarna is available for Germany at https://www.klarna.com/de/ and for Austria at https://www.klarna.com/at/. Your personal data is handled by Klarna in accordance with applicable data protection laws and Klarna’s privacy policies for Germany (link) and Austria (link).

Use of SOFORT

For payment processing on our website, we use the payment service SOFORT GmbH (Theresienhöhe 12, 80339 Munich, Germany; “SOFORT”), which is a company of the Klarna Group (Klarna Bank AB, Sweden). Data processing serves the purpose of offering you various payment methods through SOFORT.

When you select this payment option, the data required for payment processing is transmitted to SOFORT. This processing is based on Art. 6(1)(b) GDPR. More information about data processing when using SOFORT can be found here: https://www.sofort.com/1.0/shared/content/legal/terms/de-DE/SOFORT/ and https://www.klarna.com/sofort/.

Use of Stripe

On our website, we use the payment service Stripe of Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland. Data processing serves the purpose of offering you payment via Stripe. When selecting and using Stripe, the data required for payment processing is transmitted to Stripe in order to fulfill the contract with you using the chosen payment method. Processing is based on Art. 6(1)(b) GDPR.

Stripe reserves the right to obtain a credit check using mathematically-statistical procedures with the help of credit agencies. For this purpose, Stripe transmits the personal data required for a credit check to a credit agency and uses the received information on the statistical likelihood of default to make a balanced decision regarding the establishment, execution, or termination of the contractual relationship. The credit check may include probability values (score values) calculated based on scientifically recognized statistical methods, which may include address data. Your legitimate interests are taken into account according to legal requirements.

Data processing serves the purpose of credit assessment for contract initiation and is based on Art. 6(1)(f) GDPR in our legitimate interest in protection against payment default if Stripe advances payment. You have the right, for reasons arising from your particular situation, to object at any time to this processing of personal data by notifying Stripe. Providing these data is necessary for concluding the contract with the chosen payment method. Failure to provide the data means that the contract cannot be concluded with the chosen payment method.

All Stripe transactions are subject to Stripe’s privacy policy: https://stripe.com/de/privacy.

Cookies

Our website uses cookies. Cookies are small text files that are stored by your web browser on your computer system. When a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a unique string of characters that allows the browser to be identified when visiting the website again.

Cookies are stored on your device, giving you full control over their use. You can configure your browser to notify you before cookies are set, decide individually whether to accept them, or prevent the storage and transmission of the contained data. Already stored cookies can be deleted at any time. However, please note that some functions of this website may not be fully usable if cookies are disabled.

You can find information on how to manage (or disable) cookies in the most common browsers via the following links:

Technically Necessary Cookies

Unless otherwise stated in this privacy policy, we only use technically necessary cookies to make our website more user-friendly, effective, and secure. Cookies allow our systems to recognize your browser even after navigating to another page and to provide services. Some features of our website cannot be offered without the use of cookies, as they require the browser to be recognized after page changes.

The use of cookies or comparable technologies is based on § 25(2) TDDDG. The processing of your personal data is based on Art. 6(1)(f) GDPR in our legitimate interest to ensure optimal website functionality and a user-friendly and effective design of our services. You have the right, for reasons arising from your particular situation, to object at any time to this processing of personal data.

Use of GDPR Legal Cookie

We use the consent management tool GDPR Legal Cookie from beeclever GmbH (Universitätsstraße 3, 56070 Koblenz, Germany; "beeclever"). This tool allows you to give consent to data processing on the website, especially the setting of cookies, and to exercise your right to withdraw consent already given.

Data processing serves the purpose of obtaining and documenting required consents for data processing to comply with legal obligations. Cookies may be used for this purpose. The following information may be collected and transmitted to beeclever: anonymized IP address, date and time of consent, URL from which consent was given, an anonymous, random, encrypted key, and consent status. These data are not shared with third parties.

Processing is carried out to fulfill a legal obligation based on Art. 6(1)(c) GDPR. More information about beeclever’s terms of use and privacy can be found at:

Use of Google Analytics 4

We use the web analytics service Google Analytics of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.

The purpose of data processing is to analyze this website and its visitors for marketing purposes. Google uses the collected information on behalf of the website operator to evaluate your use of the website, compile reports on website activities, and provide further services related to website and internet usage.

Information collected may include: IP address, date and time of page visit, click path, browser and device information, pages visited, referrer URL (the website from which you accessed our website), location data, and purchase activities. Google may combine these data with other data, such as your search history, personal accounts, usage data from other devices, and any other information Google has about you.

The IP address is truncated by Google within the EU member states or other countries of the European Economic Area.

Google uses technologies such as cookies, web storage in the browser, and tracking pixels, which enable an analysis of your website usage. The use of cookies or comparable technologies is based on your consent under § 25(1) sentence 1 TDDDG in conjunction with Art. 6(1)(a) GDPR.

Processing of your personal data is based on your consent under Art. 6(1)(a) GDPR. You can revoke your consent at any time without affecting the lawfulness of processing carried out based on your consent prior to revocation.

Advanced Consent Mode

We use the enhanced implementation of the consent mode (Advanced Consent Mode). Even without consent, certain user data (“pings”) are sent to Google. These pings may include: IP address (used only to derive the country), date and time of page visit, visited page URL, user-agent, referrer URL, or event information (e.g., conversion). Google uses this information to model user data to allow comprehensive analysis of usage even if consent is denied.

The resulting information about your use of this website is usually transmitted to a Google server in the USA and stored there. For the USA, an adequacy decision of the EU Commission applies, the Trans-Atlantic Data Privacy Framework (TADPF). Google is certified under the TADPF and has committed to comply with European data protection principles. Both Google and U.S. authorities have access to your data.

More information about terms of use and privacy:

Use of Hotjar

We use the analytics tool from Hotjar Ltd. (Level 2, St Julian’s Business Centre, 3 Elia Zammit Street, St Julians STJ1000, Malta; "Hotjar") on our website.

Data processing serves the purpose of customizing, optimizing, and analyzing our website. The tool records visitor behavior on the website on a sample basis. This includes logs of mouse movements, scrolling behavior, time spent on pages, and clicks on the website (so-called heatmaps).

For this purpose, Hotjar uses cookies. The following information may be collected: anonymized IP address, device information (screen size, device type, unique device identifier), browser information, location data (country only), preferred language, and operating system. Detailed information on the cookies used, their functions, and storage duration is available here: https://help.hotjar.com/hc/en-us/articles/115011789248-Hotjar-Cookies.

Pseudonymous user profiles are created from this data. The data is not used to personally identify website visitors and is not linked to personal data of the pseudonym holder. Hotjar is contractually prohibited from selling the collected data to third parties.

Your data may be transferred to the USA. For the USA, an adequacy decision of the European Commission exists (Trans-Atlantic Data Privacy Framework, TADPF). Hotjar is not certified under the TADPF. Data transfer is carried out on the basis of appropriate safeguards. More information about these measures is available from Hotjar upon request.

The use of cookies or similar technologies requires your consent under §25(1) sentence 1 TDDDG in conjunction with Art. 6(1)(a) GDPR. The processing of your personal data is based on your consent under Art. 6(1)(a) GDPR. You can revoke your consent at any time without affecting the lawfulness of processing carried out prior to revocation.

More information on Hotjar privacy can be found here: https://www.hotjar.com/legal/policies/privacy#enduserenglish.

Use of Shopify Analytics

We use the statistics and analytics features of Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") under a data processing agreement. Shopify is affiliated with Shopify Inc. (151 O’Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).

Data processing serves the purpose of analyzing this website and its visitors. Data is collected for marketing and optimization purposes and presented in reports, analyses, and statistics. The following device information may be collected: browser information, IP address, time zone, and certain cookies installed on your device. Additionally, information about pages or products visited, referrer URL, and interactions with the website is collected using cookies, web beacons, tags, and pixels.

Your data may be transferred to third countries outside the EU, in particular Canada and the USA. For Canada, an adequacy decision of the EU Commission exists. For the USA, an adequacy decision under the Trans-Atlantic Data Privacy Framework (TADPF) exists. Shopify is not certified under the TADPF. Data transfer is based on contractual obligations comparable to the EU standard contractual clauses.

More information about Shopify privacy: https://www.shopify.com/de/legal/datenschutz
Information on the Data Processing Agreement: https://www.shopify.com/de/legal/dpa
Information on cookies: https://www.shopify.com/de/legal/cookies

Use of Meta Pixel

We use the Meta Pixel from Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "Meta") on our website.

Meta and we are joint controllers for the collection and transfer of data to Meta. This is based on an agreement between us and Meta regarding joint data processing, which specifies the respective responsibilities. The agreement is available at: https://de-de.facebook.com/legal/terms/businesstools.

We are responsible for providing information under Articles 13 and 14 GDPR, implementing security measures under Article 32 GDPR, and fulfilling obligations under Articles 33 and 34 GDPR. Meta is responsible for enabling data subject rights (Articles 15–20 GDPR), maintaining service security (Article 32 GDPR), and complying with Articles 33 and 34 GDPR as related to Meta.

The Meta Pixel allows us to deliver interest-based advertising to visitors on Facebook and Instagram and to measure conversions. When visiting our website, the pixel establishes a direct connection to Meta servers and sends information about the pages you visited. Meta associates this information with your personal Facebook and/or Instagram account.

Data may be transferred to the USA, which has an adequacy decision under the TADPF. Meta is certified under TADPF and committed to EU data protection principles.

Processing of your personal data is based on your consent under Art. 6(1)(a) GDPR. You can revoke your consent at any time without affecting the lawfulness of prior processing.

You can deactivate the “Custom Audiences” remarketing function here: https://www.facebook.com/about/privacy/.

Use of Google Ads Conversion Tracking

We use the Google Ads online advertising program and conversion tracking (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; "Google").

When you click on a Google ad, a cookie for conversion tracking is placed on your device. These cookies have limited duration, do not contain personal data, and do not allow personal identification. If you visit certain pages of our website while the cookie is valid, Google and we can recognize that you clicked on the ad and were redirected. Each Google Ads customer receives a different cookie, preventing cross-site tracking.

The collected information is used to generate conversion statistics, showing the total number of users who clicked an ad and were redirected to a page with a conversion tracking tag. No personally identifiable information is obtained.

Data may be transferred to Google servers in the USA. Google is certified under TADPF.

The use of cookies or similar technologies requires your consent under §25(1) sentence 1 TDDDG in conjunction with Art. 6(1)(a) GDPR. You can revoke your consent at any time without affecting the lawfulness of prior processing.

More information and Google privacy: https://www.google.de/policies/privacy/

Use of TikTok Pixel

We use the TikTok Pixel from TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland; “TikTok Ireland”) and TikTok Information Technologies UK Limited (6th Floor, One London Wall, London, EC2Y 5EB, UK; “TikTok UK”). Both companies are joint controllers for data processing (“TikTok”).

Data processing serves to identify and analyze website access for better customer targeting and evaluation of TikTok advertising effectiveness. TikTok uses cookies and pixels to recognize your browser. The following information may be collected and sent to TikTok: date and time of visit, browser and device type, screen resolution, and IP address. Pseudonymous user profiles may be created; personal identification is not possible.

Data may be transferred to third countries, such as the USA. For the USA, an adequacy decision under TADPF exists. TikTok is not TADPF certified. Transfers are based on Standard Contractual Clauses approved by the EU Commission: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de.

The use of cookies or similar technologies requires your consent under §25(1) sentence 1 TDDDG in conjunction with Art. 6(1)(a) GDPR. You can revoke consent at any time without affecting the lawfulness of prior processing.

TikTok privacy information: https://www.tiktok.com/legal/page/eea/privacy-policy/de
Controller-to-controller information: https://ads.tiktok.com/i18n/official/policy/controller-to-controller

Use of Google Tag Manager

We use the Google Tag Manager from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.

This application manages JavaScript and HTML tags, which are mainly used to implement tracking and analytics tools. Data processing serves the purpose of customizing and optimizing our website.

The Google Tag Manager itself does not store cookies and does not process personal data. However, it allows the activation of other tags that may collect and process personal data.

More information on terms of use and privacy can be found here: Google Tag Manager.

Use of Google reCAPTCHA

We use the reCAPTCHA service from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.

This service helps distinguish between human and automated, machine input. Your input is transmitted to Google and processed there. Additionally, your IP address and other data required for the service may be transmitted to Google.

These data are processed by Google within the European Union and may also be transferred to Google LLC servers in the USA. For the USA, an adequacy decision by the European Commission exists under the Trans-Atlantic Data Privacy Framework (TADPF). Google is TADPF-certified and committed to EU data protection principles.

The use of cookies or similar technologies is based on your consent under §25(1) sentence 1 TDDDG in conjunction with Art. 6(1)(a) GDPR. You may revoke your consent at any time without affecting the lawfulness of processing carried out before revocation.

More information:
Google reCAPTCHA introduction
Google Privacy

Use of Google invisible reCAPTCHA

We use Google invisible reCAPTCHA from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google").

This service distinguishes human input from automated, machine input. In the background, Google collects and analyzes usage data to differentiate between regular users and bots. Your input and relevant data, including IP address, are transmitted to Google and processed there.

Data is processed in the EU and may be transferred to Google LLC servers in the USA. Google is TADPF-certified.

Consent for cookies or similar technologies is required under §25(1) sentence 1 TDDDG in conjunction with Art. 6(1)(a) GDPR. Consent can be revoked at any time.

More information:
Google reCAPTCHA introduction
Google Privacy

Use of Google Fonts

We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) to ensure uniform font display on our website.

When a page is loaded, a connection to Google servers is established. Cookies may be used, and information such as your IP address and browser type may be transmitted. This data is not linked to your Google account.

Data may be transferred to the USA. Google is TADPF-certified.

Consent for cookies or similar technologies is based on §25(1) sentence 1 TDDDG in conjunction with Art. 6(1)(a) GDPR. Consent can be revoked at any time.

More information:
Google Privacy
Google Fonts FAQ

Use of Klar

We use Klar services (Klar Insights GmbH, Marktstr. 18, 80802 Munich, Germany) on our website. Klar collects, processes, and stores data for reach measurement and statistical analysis on our behalf.

Data is collected based on user consent under Art. 6(1)(a) GDPR and §25(1) sentence 1 TTDSG. Different cookies are used for the various types of data collection.

Opt-out: To object to Klar tracking, please use this link. This sets a cookie named “do_not_track” on the domain “engel-kette.de”. Do not delete this cookie to ensure you are not tracked.

More information: Klar Data Protection

Data Retention and Data Subject Rights

Retention period:
After the completion of contractual obligations, data is initially stored for the warranty period, then in accordance with statutory retention periods (e.g., tax and commercial law) and deleted afterward unless further processing was consented to.

Rights of data subjects:
You have the following rights under Articles 15–20 GDPR: access, rectification, deletion, restriction of processing, and data portability. Under Art. 21(1) GDPR, you may object to processing based on Art. 6(1)(f) GDPR or for direct marketing purposes.

Right to complain to the supervisory authority:
Under Art. 77 GDPR, you may lodge a complaint with the supervisory authority if you believe your personal data is not lawfully processed.

Contact for the competent authority:
Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg
Königstrasse 10 a, 70173 Stuttgart
Tel.: +49 711 6155410
Fax: +49 711 61554115
Email: poststelle@lfdi.bwl.de

Right to object:
If processing is based on legitimate interests under Art. 6(1)(f) GDPR, you may object at any time for reasons related to your situation. Processing will stop unless compelling legitimate reasons override your interests, or processing is for legal claims.

Last update: 29.11.2023