Data protection declaration according to Art. 13 of the General Data Protection Regulation (GDPR)

General notes

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to identify you personally. You can find detailed information on the subject of data protection in our privacy policy, which you can find below this text.

Data collection on our website

Who is responsible for the data collection on this website?

The data processing on this website is carried out by the website operator. You can find his contact details in the imprint of this website.

How do we collect your data?

On the one hand, your data is collected when you provide it to us. This can be, for example, data that you enter in a contact form. Other data is automatically collected by our IT systems when you visit the website. This is mainly technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter our website.

What do we use your data for?

Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyse your user behaviour.

What rights do you have regarding your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to demand the correction, blocking or deletion of this data. You can contact us at any time at the address given in the imprint for this purpose and for any other questions on the subject of data protection. You also have the right to file a complaint with the competent supervisory authority.

Third-party analysis tools and tools

When you visit our website, your surfing behaviour can be statistically analysed. This is done primarily with cookies and so-called analysis programs. The analysis of your surfing behaviour is anonymous; the surfing behaviour cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You will find detailed information on this in the following data protection declaration. You can object to this analysis. We will inform you in this data protection declaration about the possibilities of objection.

General notes and mandatory information

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations and this data protection declaration. When you use this website, various personal data is collected. Personal data is data by which you can be personally identified. This Privacy Policy explains what information we collect and how we use it. It also explains how and for what purpose this is done. We would like to point out that data transmission on the internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

Note on the responsible body

The controller of the data processing on this website is: Christian Wolf, Königswintererstr. 123e, 53227 Bonn, mail -at- pretzels.dev The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

Revocation of consent to data processing

Many data processing operations are only possible with your express consent. You can revoke your consent at any time. An informal e-mail message to us is sufficient for this purpose. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to the collection of data in specific cases and to direct marketing (Art. 21 GDPR)

If the data processing is based on Art. 6 (1) lit. e or f DSGVO, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which the processing is based can be found in this privacy policy. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims (objection under Article 21(1) of the GDPR). If your personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of direct marketing; this also applies to profiling insofar as it is related to such direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (objection pursuant to Art. 21 (2) DSGVO).

Right of appeal to the competent supervisory authority

In the event of violations of data protection law, the person concerned has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the State Data Protection Commissioner of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in performance of a contract handed over to you or a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

SSL/TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, blocking and deletion

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of the data processing, as well as the right to correction, blocking or deletion of this data, if applicable. You can contact us at any time at the address given in the imprint with regard to this and other questions on the subject of personal data.

Right to restrict processing

You have the right to request the restriction of the processing of your personal data. To do so, you can contact us at any time at the address given in the imprint. The right to restriction of processing exists in the following cases:

If you dispute the accuracy of the personal data we hold about you, we will usually need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data. If the processing of your personal data was/is unlawful, you may request the restriction of data processing instead of erasure. If we no longer need your personal data, but you need it to exercise, defend or enforce legal claims, you have the right to request the restriction of the processing of your personal data instead of the erasure. If you have lodged an objection in accordance with Art. 21 (1) of the GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to demand the restriction of the processing of your personal data. If you have restricted the processing of your personal data, this data may - apart from being stored - only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.

Cookies

Some of the Internet pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are so-called "session cookies". They are automatically deleted after your visit. Other cookies remain stored on your terminal device until you delete them. These cookies enable us to recognise your browser on your next visit. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally and activate the automatic deletion of cookies when closing the browser. If cookies are disabled, the functionality of this website may be limited. Cookies that are required to carry out the electronic communication process or to provide certain functions requested by you (e.g. shopping cart function) are used on the basis of Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in storing cookies for the technically error-free and optimised provision of its services. Insofar as other cookies (e.g. cookies to analyse your surfing behaviour) are stored, these are dealt with separately in this data protection declaration.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are: This data includes: Browser type and browser version, operating system used, referrer URL, host name of the accessing computer, time of the server request, IP address,
This data is not merged with other data sources.

The basis for data processing is Art. 6 para. 1 lit. f DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

Contact or contact form

You have the option of contacting us by post, telephone or e-mail.

If you contact us by post, we may in particular process your address data (e.g. surname, first name, street, place of residence, postcode), date and time of receipt of the post and the data resulting from your letter itself. If you contact us, a secretarial service may also process your data and forward it to us after you have contacted us. Depending on the data you enter here, we will then contact you by phone or email and call you back or write to you, as appropriate.
If you contact us by telephone, your telephone number and, if applicable, your name, your e-mail address, the time of the call and details of your request during the conversation will be processed on request.

If you contact us by e-mail, your e-mail address, the time of the e-mail and the data resulting from the message text (including any attachments) will be processed.

The purpose of processing the above data is to process the contact request and to be able to contact the enquirer in order to respond to the request.

The legal basis for the processing of personal data described here is Art. 6 para. 1 lit. f) DSGVO. Our legitimate interest is to offer you the possibility to contact us at any time and to be able to answer your enquiries.

The personal data will only be processed as long as it is necessary for the processing of the contact enquiry.

The recipient of the data is our server hoster (Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, server location Germany), who works for us under a commissioned data agreement.

Right of objection

You have the right to object. You can send your objection to us at any time or inform us about it (e.g. by e-mail to info@pretzels.dev).

The provision of personal data is not required by law or contract and is not necessary for the conclusion of a contract. You are also not obliged to provide the personal data. However, failure to provide it may mean that you are unable to contact us.

Processing data (customer and contract data)

We collect, process and use personal data only insofar as they are necessary for the establishment, content or amendment of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures. We collect, process and use personal data about the use of our Internet pages (usage data) only insofar as this is necessary to enable the user to use the service or to bill the user. The collected customer data is deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected by this.

Data transmission upon conclusion of a contract for services and digital content

We only transmit personal data to third parties if this is necessary for the processing of the contract, for example to the credit institution entrusted with the processing of payments. No further transmission of data takes place or only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes. The basis for data processing is Art. 6 para. 1 lit. b DSGVO, which allows the processing of data for the fulfilment of a contract or pre-contractual measures.

Google Ads (formerly: AdWords)

This website uses Google Ads (formerly: AdWords) and, as part of Google AdWords, conversion tracking, an online advertising service provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

We use the online advertising programme "Google Ads" for search and display ads and in this context the conversion tracking (visit action evaluation). Google Conversion Tracking is an analysis service. When you click on an ad placed by Google, a cookie for conversion tracking is stored on your computer. These cookies lose their validity after 30 days, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages of ours and the stored cookie has not yet expired, Google and we can recognise that someone has clicked on the ad and thus been redirected to our website. Each AdWords customer receives a different cookie. Cookies can therefore be tracked via the websites of AdWords customers. The allocation takes place via a statistical evaluation of non-personal data.

Information on the standard contractual clauses and the transfer to the USA from us to Google, as well as other relevant data on data processing by Google in the context of the use of Google services, can be found in this data protection declaration under the section "6) Information on Google services".

More detailed information on the information processed can also be found at https://www.google.com/intl/en/policies/privacy/#infocollect under "Data we receive as a result of your use of our services" and at https://privacy.google.com/businesses/adsservices/.

The purpose of integrating Google AdSense is to provide you with interest-based advertising.

The legal basis for the processing of personal data described here is Art. 6 (1) a) DSGVO.

The legal basis for the processing of data processed in connection with obtaining consent is our legitimate interest pursuant to Art. 6 (1) lit. f) DSGVO. We have a legitimate interest in being able to prove that you have given your consent to the measurement procedure (Art. 7 (1) DSGVO).

In this context, the data will only be stored for as long as is necessary for the provision of the function.


Right of revocation

You can withdraw your consent at any time without giving reasons.

You can deactivate the settings for personalised advertising at https://support.google.com/ads/answer/2662922?hl=de.

For more detailed information, please see Google's privacy policy, which you can access here: www.google.com/policies/privacy/.

For information on Google's privacy settings, please see https://privacy.google.com/take-control.html?categories_activeEl=sign-in.

The provision of personal data is neither legally nor contractually required, nor is it necessary for the conclusion of a contract. You are also not obliged to provide the personal data. However, failure to provide it would possibly result in you not being able to use this function of our website or not being able to use it to its full extent.

Information on Google services

We use various services of Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland on our website.

For more information on the individual concrete services of Google that we use on this website, please refer to the further privacy policy.

By integrating Google services, Google may collect and process information (including personal data). It cannot be excluded that Google also transfers the information to a server in a third country.

The transfer to the USA depends on the function in which personal data is transferred. As a data controller, we ourselves may transfer data to Google in the US for further use.

There is currently no adequacy decision under Art. 45 of the GDPR.

However, the transfer may take place on the basis of standard contractual clauses. Google has undertaken to comply with the standard contractual clauses for the transfer of personal data to third countries in accordance with Directive 95/46/EC (standard contractual clauses - SCC).

You can find more information about the standard contractual clauses at https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractuals-clauses-scc_de and at https://policies.google.com/privacy/frameworks?hl=de.

We ourselves cannot influence what data Google actually collects and processes. However, Google states that, in principle, the following information (including personal data) may be processed, among others:

Log data (in particular the IP address)
Unique application numbers
Location-based information
Cookies and similar technologies
For information on the types of cookies used by Google, please visit https://policies.google.com/technologies/types.

If you are logged into your Google Account, Google may add the processed information to your account and treat it as personal data, depending on your account settings.

Google explains, among other things:

"If you are not logged into a Google Account, we store the information we collect with unique identifiers associated with the browser, app or device you use. For example, we can ensure that your language preferences are maintained across all browsing sessions.

If you are logged into a Google Account, we also collect data that we store in your Google Account, which we consider to be personal data." (https://privacy.google.com/take-control.html)

You can prevent this data from being added directly by logging out of your Google account or also by changing the relevant account settings in your Google account.

You can also change your cookie settings (e.g. delete cookies, block cookies, etc.).

For more detailed information, please see Google's privacy notice, which you can access here: https://www.google.com/policies/privacy/.

For information on Google's privacy settings, see https://privacy.google.com/take-control.html..

Google Maps

This site uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. In order to use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. Google Maps is used in the interest of an appealing presentation of our online offers and easy location of the places we indicate on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. You can find more information about the handling of user data in Google's privacy policy: https://www.google.de/intl/de/policies/privacy/..

Microsoft Clarity

We work with Microsoft Clarity and Microsoft Advertising to track how you use and interact with our website using behavioural metrics, heat maps and session replays to improve and market our products and services.

Website usage data is collected using first and third party cookies and other tracking technologies to determine the popularity of products/services and online activities. We also use this information to optimise the website, for fraud/security purposes and for advertising.

For more information about how Microsoft collects and uses your information, please see the Microsoft Privacy Statement.

In particular, we process usage data (e.g. internet presentations visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), location data (information on the geographical position of a device or a person), movement data (mouse movements, scrolling movements) in pseudonymised form. We have made the corresponding settings in such a way that the data collection to and by Microsoft alone is pseudonymised, in particular in the form of IP masking (pseudonymisation of the IP address).

All users of our website who have consented to the corresponding use via our cookie consent service are affected by this data processing. The data processing is thus carried out solely on the basis of your consent in accordance with Art. 6 para. 1 a) DSGVO. 

The purpose of the processing is tracking (e.g. interest/behavioural profiling, use of cookies), remarketing, conversion measurement (measurement of the effectiveness of marketing measures), interest-based and behavioural marketing, profiling (creation of user profiles), reach measurement (e.g. access statistics, recognition of returning users), cross-device tracking (processing of user data across devices for marketing purposes).

You will be informed of your rights of objection in accordance with this data protection declaration. In addition, you can set an opt-out with the respective provider;

• a) Europe: https://www.youronlinechoices.eu.

• b) Canada: https://www.youradchoices.ca/choices.

• c) USA: https://www.aboutads.info/choices.

• d) Cross-territory: https://optout.aboutads.info.

Microsoft Clarity: online marketing and web analytics; provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA; web presence: https://clarity.microsoft.com; privacy policy: https://privacy.microsoft.com/de-de/privacystatement; opt-out: https://choice.microsoft.com/de-DE/opt-out.

Please note that we have entered into an AV agreement with Microsoft to enable this activity, including the necessary standard contractual clauses. 

Newsletter

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the specified e-mail address and that you agree to receive the newsletter. Further data will not be collected or will only be collected on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.

The data entered in the newsletter registration form is processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the email address and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter or after the purpose has ceased to exist. We reserve the right to delete or block e-mail addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest pursuant to Art. 6 (1) lit. f DSGVO.

After you have unsubscribed from the newsletter distribution list, your email address will be stored by us or the newsletter service provider in a blacklist, if necessary, in order to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f DSGVO). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.