Liability for the Contents of this Website
We are constantly developing the content of this website and strive to provide correct and up-to- date information. Unfortunately, we cannot accept liability for the accuracy of any content on this website. This especially includes content provided by third parties. As a service provider, we are neither obliged to monitor any information you transmit or store, nor to investigate any circumstances that indicate illegal activity.
Due to court- or official orders under the general law, our obligations to remove information or to block the use of information remain unaffected, even if we are not responsible.
If you notice any problematic or illegal content, please contact us immediately so we can remove the illegal content. You will find our contact details in the imprint.
Liability for Links on this Website
Our website contains links to other websites for which we are not responsible. We are not liable for any linked websites, since we have had no knowledge of illegal activities. If we ever become aware of any illegal activity, we will remove any links in question immediately.
If you notice illegal links on our website, please contact us. You will find our contact details in the imprint.
All contents of this website (pictures, images, photos, texts, videos) are subject to copyright. Please ask us before distributing, reproducing or using the contents of this website – such as republishing them on other websites. If necessary, we will prosecute the unauthorised use of our website’s content.
If you find content on this website that violates copyright, please contact us.
The pictures, images and graphics on this website are protected by copyright.
The image rights are with: Danny Jungslund
All texts are copyrighted.
In short: We provide you with comprehensive information about any of your personal data we process.
So long as it aids transparency, technical terms are explained in a reader-friendly manner, links to further information are provided and graphics are used. We are thus informing in clear and simple language that we only process personal data in the context of our business activities if there is a legal basis for it. This is certainly not possible with brief, unclear and legal-technical statements, as is often standard on the internet when it comes to data protection. I hope you find the following explanations interesting and informative. Maybe you will also find some information that you have not been familiar with.
If you still have questions, we kindly ask you to contact the responsible body named below or in the imprint, follow the existing links and look at further information on third-party sites. You can of course also find our contact details in the imprint.
all online presences (websites, online shops) that we operate Social media presences and email communication
mobile apps for smartphones and other devices
Whenever EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016.
We only process your data if at least one of the following conditions applies:
1. Consent (Article 6 Paragraph 1 lit. a GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of data you entered into a contact form.
2. Contract (Article 6 Paragraph 1 lit. b GDPR): We process your data in order to fulfill a contract or pre-contractual obligations with you. For example, if we conclude a sales contract with you, we need personal information in advance.
3. Legal obligation (Article 6 Paragraph 1 lit. c GDPR): If we are subject to a legal obligation, we will process your data. For example, we are legally required to keep invoices for our bookkeeping. These usually contain personal data.
4. Legitimate interests (Article 6 Paragraph 1 lit. f GDPR): In the case of legitimate interests that do not restrict your basic rights, we reserve the right to process personal data. For example, we have to process certain data in order to be able to operate our website securely and economically. Therefore, the processing is a legitimate interest.
Other conditions such as making recordings in the interest of the public, the exercise of official authority as well as the protection of vital interests do not usually occur with us. Should such a legal basis be relevant, it will be disclosed in the appropriate place.
In addition to the EU regulation, national laws also apply:
In Austria this is the Austrian Data Protection Act (Datenschutzgesetz), in short DSG.
In Germany this is the Federal Data Protection Act (Bundesdatenschutzgesetz), in short BDSG.
Should other regional or national laws apply, we will inform you about them in the following sections.
Contact details of the data protection controller
If you have any questions about data protection, you will find the contact details of the responsible person or controller below:
It is a general criterion for us to store personal data only for as long as is absolutely necessary for the provision of our services and products. This means that we delete personal data as soon as any reason for the data processing no longer exists. In some cases, we are legally obliged to keep certain data stored even after the original purpose no longer exists, such as for accounting purposes.
If you want your data to be deleted or if you want to revoke your consent to data processing, the data will be deleted as soon as possible, provided there is no obligation to continue its storage.
We will inform you below about the specific duration of the respective data processing, provided we have further information.
Rights in accordance with the General Data Protection
In accordance with Articles 13, 14 of the GDPR, we inform you about the following rights you have to ensure fair and transparent processing of data:
According to Article 15 DSGVO, you have the right to information about whether we are processing data about you. If this is the case, you have the right to receive a copy of the data and to know the following information:
for what purpose we are processing;
the categories, i.e. the types of data that are processed;
who receives this data and if the data is transferred to third countries, how security can be guaranteed;
how long the data will be stored;
the existence of the right to rectification, erasure or restriction of processing and the right to object to processing;
that you can lodge a complaint with a supervisory authority (links to these authorities can be found below);
the origin of the data if we have not collected it from you;
Whether profiling is carried out, i.e. whether data is automatically evaluated to arrive at a personal profile of you.
You have a right to rectification of data according to Article 16 GDPR, which means that we must correct data if you find errors.
You have the right to erasure (“right to be forgotten”) according to Article 17 GDPR, which specifically means that you may request the deletion of your data.
According to Article 18 of the GDPR, you have the right to restriction of processing, which means that we may only store the data but not use it further.
According to Article 20 of the GDPR, you have the right to data portability, which means that we will provide you with your data in a standard format upon request.
According to Article 21 DSGVO, you have the right to object, which entails a change in processing after enforcement.
If the processing of your data is based on Article 6(1)(e) (public interest, exercise of official authority) or Article 6(1)(f) (legitimate interest), you may object to the processing. We will then check as soon as possible whether we can legally comply with this objection.
If data is used to conduct direct advertising, you may object to this type of data processing at any time. We may then no longer use your data for direct marketing.
If data is used to conduct profiling, you may object to this type of data processing at any time. We may no longer use your data for profiling thereafter.
According to Article 22 of the GDPR, you may have the right not to be subject to a decision based solely on automated processing (for example, profiling).
You have the right to lodge a complaint under Article 77 of the GDPR. This means that you can complain to the data protection authority at any time if you believe that the data processing of personal data violates the GDPR.
In short: you have rights – do not hesitate to contact the responsible party listed above with us!
If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any other way, you can complain to the supervisory authority. For Austria, this is the data protection authority, whose website can be found at https://www.dsb.gv.at/. In Germany, there is a data protection officer for each federal state. For more information, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI). The following local data protection authority is responsible for our company:
Berlin Data protection authority
State Commissioner for Data Protection: Maja Smoltczyk Address: Friedrichstraße 219, 10969 Berlin
Phone number: 030/138 89-0
E-mail address: firstname.lastname@example.org
Website: https://www.datenschutz-berlin.de/ Social Media
What is Social Media?
In addition to our website, we are also active on various social media platforms. For us to be able to target interested users via social networks, user data may be processed. Additionally, elements of social media platforms may be embedded directly in our website. This is e.g. the case if you click a so-called social button on our website and are forwarded directly to our social media presence. So- called social media are websites and apps on which registered members can produce and exchange content with other members, be it openly or in certain groups and networks.
Why do we use Social Media?
For years, social media platforms have been the place where people communicate and get into contact online. With our social media presence, we can familiarise interested people better with our products and services. The social media elements integrated on our website help you switch to our social media content quickly and hassle free.
The data that is retained and processed when you use a social media channel is primarily used to conduct web analyses. The aim of these analyses is to be able to develop more precise and
Affected parties: website visitors
Purpose: Service presentation and optimisation, staying in contact with visitors, interested parties, etc. as well as advertising
Processed data: data such as telephone numbers, email addresses, contact data, data on user behaviour, information about your device and your IP address.
You can find more details on this directly at the respective social media tool used.
Storage period: depending on the social media platforms used
Legal bases: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)
personal marketing and advertising strategies. The evaluated data on your behaviour on any social media platform can help to draw appropriate conclusions about your interests. Moreover, so-called user profiles can be created. Thus, the platforms may also to present you with customised advertisements. For this, cookies are usually placed in your browser, which store data on your user behaviour.
We generally assume that we will continue to be responsible under Data Protection Law, even when using the services of a social media platform. However, the European Court of Justice has ruled that, within the meaning of Art. 26 GDPR, in certain cases the operator of the social media platform can be jointly responsible with us. Should this be the case, we will point it out separately and work on the basis of a related agreement. You will then find the essence of the agreement for the concerned platform below.
Please note that when you use social media platforms or our built-in elements, your data may also be processed outside the European Union, as many social media channels, such as Facebook or Twitter, are American companies. As a result, you may no longer be able to easily claim or enforce your rights regarding your personal data.
Which data are processed?
Exactly which data are stored and processed depends on the respective provider of the social media platform. But usually it is data such as telephone numbers, email addresses, data you enter in contact forms, user data such as which buttons you click, what you like or who you follow, when you visited which pages, as well as information about your device and IP address. Most of this data is stored in cookies. Should you have a profile on the social media channel you are visiting and are logged in, data may be linked to your profile.
All data that are collected via social media platforms are also stored on the providers’ servers. This means that only the providers have access to the data and can provide you with appropriate information or make changes for you.
Duration of data processing
Provided we have any further information on this, we will inform you about the duration of the data processing below. The social media platform Facebook example stores data until they are no longer needed for the company’s own purposes. However, customer data that is synchronised with your own user data is erased within two days. Generally, we only process personal data for as long as is absolutely necessary for the provision of our services and products. This storage period can also be exceeded however, if it is required by law, such as e.g. in the case of accounting.
Right to object
in the following section you can find information on special social media platforms – provided this information is available.
What is Instagram?
We have integrated functions of Instagram to our website. Instagram is a social media platform of the company Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Since 2012, Instagram is a subsidiary company of Facebook Inc. and is a part of Facebook’s products. The inclusion of Instagram’s contents on our website is called embedding. With this, we can show you Instagram contents such as buttons, photos or videos directly on our website. If you open websites of our online presence, that have an integrated Instagram function, data gets transmitted to, as well as stored and processed by Instagram. Instagram uses the same systems and technologies as Facebook. Therefore, your data will be processed across all Facebook firms.
Affected parties: website visitors
Purpose: optimising our service
Processed data: includes data on user behaviour, information about your device and IP-address.
Storage period: until Instagram no longer needs the data for its purposes
Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)
In the following, we want to give you a more detailed insight on why Instagram collects data, what data these are and how you can control data processing. As Instagram belongs to Facebook Inc., we have, on the one hand received this information from the Instagram guidelines, and on the other hand from Facebook’s Data Policy.
Instagram is one of the most famous social media networks worldwide. Instagram combines the benefits of a blog with the benefits of audio-visual platforms such as YouTube or Vimeo. To “Insta“ (how the platform is casually called by many users) you can upload photos and short videos, edit them with different filters and also share them to other social networks. Also, if you do not want to be active on Instagram yourself, you can just follow other interesting users.
Why do we use Instagram on our website?
Instagram is a social media platform whose success has skyrocketed within recent years. Naturally, we have also reacted to this boom. We want you to feel as comfortable as possible on our website. Therefore, we attach great importance to diversified contents. With the embedded Instagram features we can enrich our content with helpful, funny or exciting Instagram contents. Since Instagram is a subsidiary company of Facebook, the collected data can also serve us for customised advertising on Facebook. Hence, only persons who are genuinely interested in our products or services can see our ads.
Instagram also uses the collected data for tracking and analysis purposes. We receive summarised statistics and therefore more insight to your wishes and interests. It is important to mention that these reports do not identify you personally.
What data is stored by Instagram?
Whenever you land on one of our sites, which have Instagram functions (i.e. Instagram photos or plugins) integrated to them, your browser automatically connects with Instagram’s servers. Thereby, data is sent to, as well as saved and processed by Instagram. This always happens, whether you have an Instagram account or not. Moreover, it includes information on our website, your computer, your purchases, the advertisements you see and on how you use our offer. The date and time of your interaction is also stored. If you have an Instagram account or are logged in, Instagram saves significantly more data on you.
Facebook distinguishes between customer data and event data. We assume this is also the case for Instagram. Customer data are for example names, addresses, phone numbers and IP addresses. These data are only transmitted to Instagram, if they have been “hashed” first. Thereby, a set of data is transformed into a string of characters, which encrypts any contact data. Moreover, the aforementioned “event data“ (data on your user behaviour) is transmitted as well. It is also possible, that contact data may get combined with event data. The collected data data is matched with any data Instagram already has on you.
Furthermore, the gathered data are transferred to Facebook via little text files (cookies) which usually get set in your browser. Depending on the Instagram function used, and whether you have an Instagram account yourself, the amount of data that gets stored varies.
We assume data processing on Instagram works the same way as on Facebook. Therefore, if you
have an account on Instagram or have visited www.instagram.com, Instagram has set at least one cookie. If this is the case, your browser uses the cookie to send information to Instagram, as soon as you come across an Instagram function. No later than 90 days (after matching) the data is deleted or anonymised. Even though we have studied Instagram’s data processing in-depth, we cannot tell for sure what exact data Instagram collects and retains.
How long and where are these data stored?
Instagram shares the information obtained within the Facebook businesses with external partners and persons you are globally connected with. Data processing is done according to Facebook’s internal data policy. Your data is distributed to Facebook’s servers across the world, partially for security reasons. Most of these servers are in the USA.
How can I erase my data or prevent data retention?
Thanks to the General Data Protection Regulation (GDPR), you have the right of information, rectification, transfer and deletion of your data. Furthermore, you can manage your data in Instagram’s settings. If you want to delete your data on Instagram completely, you will have to delete your Instagram account permanently.
And this is how an Instagram account can be deleted:
First, open the Instagram app. Then, navigate to your profile page, select the three bars in the top right, choose “Settings” and then click “Help”. Now, you will be redirected to the company’s website, where you must click on “Managing Your Account” and then “Delete Your Account”.
When you delete your account completely, Instagram deletes posts such as your photos and status updates. Any information other people shared about you are not a part of your account and do therefore not get deleted.
As mentioned before, Instagram primarily stores your data via cookies. You can manage, deactivate or delete these cookies in your browser. Depending on your browser, managing them varies a bit. We will show you the instructions of the most relevant browsers here.
Chrome: Clear, enable and manage cookies in Chrome
Safari: Manage cookies and website data in Safari
Firefox: Clear cookies and site data in Firefox
Internet Explorer: Delete and manage cookies
Microsoft Edge: Delete cookies in Microsoft Edge
Generally, you can set your browser to notify you whenever a cookie is about to be set. Then you can individually decide upon the permission of every cookie.
Instagram and Facebook also process data in the USA, among other countries. We would like to note, that according to the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks to the legality and security of data processing.
As a basis for data processing by recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway and especially in the USA) or data transfers there, Facebook uses standard contractual clauses approved by the EU Commission (= Art. 46, paragraphs 2 and 3 of the GDPR). These clauses oblige Facebook to comply with the EU’s level of data protection when processing relevant data outside the EU. These clauses are based on an implementing order by the EU Commission. You can find the order and the clauses here: https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847
We have tried to give you the most important information about data processing by Instagram. On
you can take a closer look at Instagram’s data guidelines. All texts are copyrighted.