Privacy Statement

We are pleased about your use of our website. The protection of your personal data is important to us and we want you to feel safe when using our website.

1. Information about the collection of personal data

a. The following shall inform you about the collection, processing and utilization of personal data on our website. Personal data means all data relating to a living individual who can be identified.

b. Controller as per the EU General Data Protection Regulation (“EU GDPR”) is:

Wilhelm-Leuschner-Street 78

60329 Frankfurt on the Main

Germany

You can reach our data security officer through the following details:

Emma Sleep GmbH

Datenschutzbeauftragter
Wilhelm-Leuschner-Street 78

60329 Frankfurt on the Main

Germany

c. If we use contracted service providers for individual functions to present our services to you or to your data for advertising purposes, we will inform you in detail about the respective processes below.

2. Your rights as a data subject

a. You have the following rights against us with respect to the personal data concerning you:

Right of access by the data subject (Article 15, EU GDPR):

You have the right to request information on the data we hold about you from us at any time. This information includes, but is not limited to, the categories of data we process, the purposes for which it is processed, the source of the data if not collected directly from you, and, if applicable, the recipients with whom we have shared your data. You can obtain a copy of your data from us free of charge. If you require additional copies, we reserve the right to charge you for these copies.

Right to rectification (Article 16, EU GDPR):

You have the right to request that we rectify inaccurate data relating to you. We will take appropriate steps to keep the data we store and process on an ongoing basis accurate, complete and current, based on the most up-to-date information available.

Right to erasure (Article 17, EU GDPR):

You have the right to demand the deletion of your personal data stored with us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.

Right to restriction of processing (Article 18, EU GDPR):

You have the right to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, if the processing is unlawful but you refuse to have it deleted and we no longer need the data, but you need it for the assertion, exercise or defense of legal claims or if you have lodged an objection to the processing pursuant to Art. 21 GDPR.

Right to data portability (Article 20, EU GDPR):

You have the right to request that we transfer your data – if technically possible – to another responsible party. However, you may only enforce this right if data processing is based on your consent or is necessary for the performance of a contract. Rather than receiving a copy of your data, you may also ask us to submit the data directly to another responsible party specified by you.

Right to object (Article 21, EU GDPR):

You have the right to object to the processing of your data at any time for reasons that arise from your particular situation, as long as data processing is based on your consent, on our legitimate interests or those of a third party. In this case, we will cease to process your data. This does not apply if we can show that there are compelling legitimate grounds for processing that outweigh your interests, or if we need your data for the establishment, exercise or defense of legal claims.

Right to withdraw consent (Article 7(3), EU GDPR):

You have the right to revoke your consent to us at any time. As a result, we are not allowed to continue the personal data processing that was based on this consent in the future.

b. If you have the feeling that we have not responded in an appropriate manner to your requests, or complaints, or you have further concerns, you additionally have the right to complain to a data protection authority. The responsible authority to us is the 

c. You can send your inquiries regarding your rights as a data subject to us by sending a data subject request to [email protected].

3. Collection of personal data when you visit our website

When visiting our website, i.e. without registering or agreeing to our further processing or utilization of the data, only the personal data, which your browser transmits to our server is automatically saved. In order to fulfil these technical requirements for you to view our website and provide for the necessary security, the following data is saved:

• IP Address,
• Date and time of your visit,
• Time zone difference to Greenwich Mean Time (GMT),
• Content of the query (specific site visited),
• Access status/HTTP status code,
• Amount of transferred data,
• Website from which the initial request emanates,
• Browser,
• Operating system, device, and its user interface
• Language and version of browser software

The personal data mentioned above gets processed for the following purposes and legitimate interests (Article 6 (1)(f), EU GDPR):

• To ensure a smooth connection of the website
• To guarantee a comfortable use of our website
• To evaluate system security and stability as well as for other administrative purposes.

These information are temporarily stored in so-called log files. When you visit this website, this information is automatically recorded without your intervention and stored until it is automatically deleted. If you don’t want the above personal data to be collected, you should not access our website as we will be unable to allow you access to our website without such personal data.

If you decide to participate in our Referral Program, we may collect and process certain personal data related to your referral (this may include your name, email address, and order number, subtotal and currency). This information will be used to identify your referral entry and detect fraud. In connection with this, we may receive personal data from your friends who referred you using “refer a friend” in our referral program registration.

4. Use of our webshop: orders and product returns

If you would like to order in our webshop, it is necessary for the conclusion of the contract that you provide your personal data, which we need to process your order and fulfill the contract of sale with you. The essential data for the conclusion of the contract is marked, further data is given on a voluntary basis. We use the personal data provided by you to process your order and returns. For charging purposes, we can pass on your payment data to our house bank or to the selected payment service provider. To manage the delivery of the goods to you, and due to the nature of the transaction, we will need to share your delivery address and contact details (email and phone number) with delivery companies. Only strictly necessary data will be shared for the purpose of coordination of delivery, protection against fraud and clarification of urgent issues. The legal basis for this is that this processing is objectively necessary for the performance of the contract of sale with you (Article 6 (1) (b) GDPR). This means that the sale of goods cannot, as a matter of fact, be fully performed if this specific processing of the personal data in question does not occur. Please note that failure to provide the mandatory personal data can lead to that that your order with us cannot be carried out.

If you want to do a product return, we will also need to share your personal data (delivery address and contact details) to the assigned non-governmental/charitable organization or delivery company for the pick-up and collection of the product. The legal basis is that the processing is necessary for the performance of a contract to which the data subject is party (Article 6 (1) (b) GDPR) and our legitimate interest in managing product returns.

5. Recipients of personal data

a. Within the scope of our activities and services, it may become necessary for us to disclose the personal data stored about you to natural persons, legal entities or public authorities. We conclude contracts with our service providers, which ensure that they may only process your personal data in a way that we have explicitly instructed them to do so. Furthermore, we ensure that they take the necessary technical and organizational measures to process your data securely and store your personal data only as long as necessary. External service providers who may receive personal data generally fall into the following categories of recipients:

Subsidiaries and affiliates

Credit institutions and providers of payment services for billing and payment processing (online payment providers)

Parcel Shipper

Non-Governmental/Charitable Organization that collects product returns

IT service provider to maintain our IT infrastructure

Cloud provider

Service provider for the optimization of the online offer

Collection service providers or lawyers to collect receivables and enforce claims in court. If, in the event of a collection case, personal data (customer and contact data, payment and consumption data and data on the claim) is transferred to a collection service provider, we will inform you in advance about the intended transfer.

b. If personal data is processed in countries outside of the European Union, we will ensure that your personal data is processed in accordance with EU GDPR’s data protection level. In the absence of an adequacy decision, we only transfer data to service providers from third countries that offer suitable guarantees in accordance with Art. 46, EU GDPR (usually Standard Contract Clauses).

6. Communications and contact form

When you contact us such as through e-mail or via the contact form, the information you provide will be processed for the purpose of processing your request and for the event that follow-up questions arise. If you are contacting us in relation to your purchase, our legal basis for the processing of your personal data is that it is needed to fulfill our contract of sale with you. If you are contacting us in relation to other matters, our legal basis for the processing of your personal data is our legitimate interest to address your concern and to enable you to contact us quickly and easily. The legal basis is Article 6(1)(f), EU GDPR. The personal data collected by us in this context will be deleted when the request associated with the contact has been completely clarified and it is also not to be expected that the specific contact will become relevant again in the future, unless legal storage obligations stand against this.

7. Newsletters and electronic notifications

a. We send newsletters, e-mails and other electronic notifications containing promotional information. Our newsletters contain information about our products, offers, promotions and our company. With the following notes we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedure and your right of objection.

For the subscription to our newsletter we use a logged Double-Opt-in procedure. This means that after subscription you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that nobody can register with foreign e-mail addresses. Newsletter subscriptions are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address. Changes to your data stored by the service provider are also logged. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data.

To subscribe to the newsletter, it is sufficient to enter your e-mail address. The provision of further data is voluntary and is used to address you personally. After your confirmation we will save your e-mail address for the purpose of sending the newsletter. The newsletter dispatch and the measurement of performance are based on your consent if you subscribed.

b. If you receive a newsletter, notification, and/or marketing without subscribing, we are doing so on the basis of our Article 6(1)(f), EU GDPR and our legitimate interest for marketing and to inform you about our products and services.

c. To stop receiving the newsletter, you may withdraw your consent to or object to receiving the same at any time by clicking on the unsubscribe link provided in every newsletter e-mail or by reaching out to us through [email protected].

8. Data retention

We keep your personal data for the period of the customer relationship with you or for the legally-required period after termination of such relationship or agreement in order to defend our legal claims, to protect and enforce our rights, or to comply with laws and regulations. In general, the legal retention period for documents important for taxation (such as accounting receipts) is ten (10) years while other documents that can be considered as commercial or business transaction documents is six (6) years.

9. Social-Media portals

a. We are represented in the social networks and employer evaluation portals mentioned below. These presences are operated exclusively by the respective provider. They serve to communicate directly with customers, interested parties and users. If you contact us via our social media channels, we process the personal data that you provide us with as well as the personal data that is necessary to process your request. Insofar as you have given your consent to the operators of the respective social media platforms (e.g. by means of a checkbox opt-in), the processing is carried out on the basis of your consent. You can revoke your consent at any time with the operator of the respective platform with effect for the future.

b. When you visit our social media pages, your user data is recorded and provided to us by the operator. The exact types of data differ from provider to provider, but generally include the following information:

Follower: number and stored profiles; information about growth and development over a defined time frame.

Reach: number of people who see a specific contribution; number of interactions with a contribution. From this, it can be deduced, for example, which content is better received by the community than others.

Ad performance: how many people were reached by a contribution or a paid ad and have interacted with it?

Demographics: average age of visitors, sex, location, language.

c. Since our social media channels are operated by the providers of the respective social network, there may be a supplementary use of your personal data by the respective operator, over which we have no influence. This often involves the recording of your IP address, the creation of static evaluations and the processing of further information stored in the form of cookies. We have no influence on the generation and presentation of this personal data and can neither turn off this function nor prevent the processing of the personal data.

d. The assertion of data subject rights and requests can most effectively be addressed directly to the platform providers, since only they have access to your personal data and can take immediate action and provide information. Should our cooperation be necessary for this, we will support you in enforcing your rights as a data subject.

e. More detailed information about the terms of use of the respective platform as well as a detailed description of further data processing and the respective possibilities of objection can be found on the pages of the providers.

10. Social-Media plug-ins

We have integrated plug-ins on our web services. These plug-ins are indicated by the respective button belonging to the service. With the help of the plug-ins, users can share or post links to the corresponding websites in social networks such as Facebook or Twitter or recommend the contents there. Through your active interaction with these plugins, (e.g., by clicking the respective button or leaving a comment) this information is transmitted directly to the respective service and stored there.

When you visit one of our web services that contain an activated plugin, your browser establishes a connection with the servers of the respective service, which in turn transmits the content of the plugin to your browser, which then integrates it into the displayed page. Thus, the information about the visit of our web services is forwarded to the respective service. We do not collect personal data ourselves by means of the social plugins or about their use and have no influence on which data an activated plugin collects and how these are used by the provider. It must be assumed that at least the IP address and device-related information is collected and used. It is also possible that the service provider will attempt to store cookies on the computer used. If you are logged in to the respective service at the same time as visiting our web services via your personal user account (e.g. via another browser session), the service provider can assign the visit to our web services to your account.

11. Facebook Insights - "Facebook Fanpages"

Upon a visit of our Facebook page collects Facebook among others your IP address as well as other information, which is saved on your device in form of cookies. This information will be used to provide us as the operator of the Facebook page with statistical information on Facebook usage. We can access these statistics through so-called Facebook “insights”. These statistics are collected and provided solely by Facebook. We as the operator of the page have no influence over their generation and presentation. We cannot either stop or prevent their generation and data processing. You can find further information about “Insights” provided by Facebook here: https://www.facebook.com/help/pages/insights. Following information will be provided to us by Facebook through “Insights”: Number of page views, “likes”, page activities, reach, impressions, video views, post clicks and reactions, post reach, comments, shared content, answers, gender ratio, regional distribution of the users (origin based on country and city), language, opens and clicks in the shop, clicks on the address and on the telephone number. The operation of this Facebook page and processing of personal data of the users arising out of it is based on Article 6(1)(f), EU GDPR and our legitimate interest to inform and interact with users and visitors of our Facebook page.

12. Cookies

a. In addition to the abovementioned data categories we use cookies to make the experience of visiting our website as user-friendly as possible and to allow you to make use of certain functions. Cookies are little text files that are saved on your browser’s delegated hard drive, through which certain information flows back to the person who sets the cookie (in this case us). Cookies are used to improve the user experience and effectiveness of our website.

b. This website uses the following types of cookies:

Transient Cookies

Persistent Cookies

c. Depending on the kind of cookie, we use cookies either on the basis of our legitimate interests (technically necessary cookies, Article 6(1(f), EU GDPR) or on the basis of your consent (optional cookies, Article 6(1(a), EU GDPR), according to your selection of the cookie banner displayed when you access the website. You can also configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. This may result in a functional limitation of our offers and our website.

d. Cookies used in the website may include the following:

Trustpilot

Description of Service

This is a review service. This service collects reviews to gain feedback.

Processing Company

Trustpilot A/S

Pilestraede 58, 5th floor, 1112 Copenhagen, Denmark

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Optimization
• Feedback
• Customer Support
• Analytics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Web beacons
• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• IP address
• Geographic location
• Browser information
• Device settings
• Time zone
• Data provided through forms on the website

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted after the account has been deleted.

Data Recipients

In the following the recipients of the data collected are listed.

• Trustpilot A/S

Click here to read the privacy policy of the data processor

Bing Ads Retargeting

Description of Service

This is a retargeting service, which helps websites reconnect with previous visitors.

Processing Company

Microsoft Corporation

One Microsoft Way, Redmond, WA 98052-6399, USA

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Retargeting

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Browser language
• Cookie information
• Digital signature
• IP address
• Microsoft Click ID
• Page title
• Referrer URL
• Screen resolution
• URL
• Version of UET
• Event information
• Page load time

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data is retained for 180 days.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• Worldwide

Data Recipients

In the following the recipients of the data collected are listed.

• Microsoft Corporation

Click here to read the privacy policy of the data processor

Click here to opt out from this processor across all domains

Storage Information

• Maximum age of cookie storage: 1 year, 25 days

Stored Information

• Name: _uetsid; This is a tracking cookie that is used for targeted advertising.
  
  ; Type: cookie; Duration: 30 minutes;
• Name: MUID; This is a user identifier tracking cookie to help count valid clicks for targeted advertising.
  
  ; Type: cookie; Duration: 1 year, 25 days;
• Name: MUIDB; This is a user identifier tracking cookie used by Microsoft Bing Ads, which is used for targeted advertising.
  
  ; Type: cookie; Duration: 1 year, 25 days;
• Name: _uetvid; This is used to track visitors across multiple websites in order to present relevant advertisements based on the visitor's preferences.; Type: cookie; Duration: 16 days;

Taboola

Description of Service

This is an advertising platform. With this service it is possible to increase user engagement.

Processing Company

Taboola Europe Limited

Aldgate House, 2nd Floor, 33 Aldgate High Street, London EC3N 1DL, UK

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Advertisement
• Analytics
• Personalisation
• Providing Service

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Crash data
• Date and time of visit
• Device information
• Device operating system
• Geographic location
• IP address
• Referrer URL
• Websites visited
• Event information

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

User information is kept for no longer than 18 months from the users last interaction with the service.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• China
• Israel
• United States of America

Data Recipients

In the following the recipients of the data collected are listed.

• Affiliates
• Service providers
• Customers

Click here to read the privacy policy of the data processor

Click here to read the cookie policy of the data processor

Click here to opt out from this processor across all domains

Storage Information

• Maximum age of cookie storage: 1 year

Stored Information

• Name: taboola_session_id; Creates a temporary session ID to avoid the display of duplicate recommendations on the page.; Type: cookie; Duration: Session; Domain: trc.taboola.com ;
• Name: taboola_select; Maintains a record of whether the user performed an action in the “Taboola Select” feature.; Type: cookie; Duration: 1 year; Domain: taboola.com;
• Name: taboola_fp_td_user_id ; Indicates that the user clicked on an item that was recommended by Taboola’s Services. This is used for reporting and analytics purposes. ; Type: cookie; Duration: 1 year; Domain: taboola.com;
• Name: t_gid; Assigns a unique User ID that allows Taboola to recommend specific advertisements and content to this user. ; Type: cookie; Duration: 1 year; Domain: taboola.com;
• Name: trc_cookie_storage; Assigns a unique User ID that is used for attribution and reporting purposes. ; Type: cookie; Duration: 1 year;
• Name: _tb_sess_r; Used on websites of taboola's publisher Customers that utilize the Taboola Newsroom services. It maintains a session reference about the user’s visit to this particular website. ; Type: cookie; Duration: 30 minutes;
• Name: _tb_t_ppg; Used on websites of our publisher Customers that utilize the Taboola Newsroom services. This cookie is used to identify the referring website (i.e. the website that the user visited prior to arriving at this publisher’s website). ; Type: cookie; Duration: Session;
• Name: abLdr; Supports routine technical and performance improvements for Taboola’s browser-based Services. ; Type: cookie; Duration: 3 hours; Domain: taboola.com;
• Name: abMbl; Supports routine technical and performance improvements for Taboola’s mobile SDK Services. ; Type: cookie; Duration: 3 hours; Domain: taboola.com;
• Name: tb_click_param; Used on websites of taboola's publisher Customers that utilize the Taboola Newsroom services. It measures performance of the publisher’s homepage articles that are clicked.; Type: cookie; Duration: 30 seconds;

Criteo

Description of Service

This is an advertising service.

Processing Company

Criteo SA

32 Rue Blanche, 75009 Paris, France

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Advertisement
• Marketing
• Personalisation
• Retargeting

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Browser information
• Click path
• Date and time of visit
• Device information
• Files viewed
• Location information
• IP address
• Mobile advertising IDs
• Number of page views
• Products viewed
• Search terms
• Technical IDs
• Usage data
• Number of ads served
• Referrer URL

Legal Basis

In the following, the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

Technical data is retained for up to 13 months. Cookies expire 13 months after they are last updated.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• Worldwide

Data Recipients

In the following the recipients of the data collected are listed.

• Subsidiaries, Affiliated companies

Click here to read the privacy policy of the data processor

Click here to read the cookie policy of the data processor

Click here to opt out from this processor across all domains

Storage Information

• Maximum age of cookie storage: 10 years

Stored Information

• Name: _csrf; Ensures visitor browsing-security by preventing cross-site request forgery. This cookie is essential for the security of the website and visitor.; Type: cookie; Duration: Session; Domain: criteo.com;
• Name: connect.sid; This cookie is necessary for secure log-in and the detection of any spam or abuse of the website.; Type: cookie; Duration: 1 year; Domain: criteo.com;
• Name: XSRF-TOKEN; Ensures visitor browsing-security by preventing cross-site request forgery. This cookie is essential for the security of the website and visitor.; Type: cookie; Duration: 1 year; Domain: criteo.com;
• Name: _gat; Used to throttle request rate.; Type: cookie; Duration: 1 day; Domain: criteo.com;
• Name: ajs_anonymous_id; This cookie is used to count how many times a website has been visited by different visitors - this is done by assigning the visitor an ID, so the visitor does not get registered twice.; Type: cookie; Duration: 1 year; Domain: criteo.com;
• Name: _hjAbsoluteSessionInProgress; This cookie is used to count how many times a website has been visited by different visitors - this is done by assigning the visitor an ID, so the visitor does not get registered twice.; Type: cookie; Duration: 1 day; Domain: criteo.com;
• Name: _hjid; Sets a unique ID for the session. This allows the website to obtain data on visitor behaviour for statistical purposes; Type: cookie; Duration: 1 year; Domain: criteo.com;
• Name: _hjIncludedInPageviewSample; Determines if the user's navigation should be registered in a certain statistical place holder.; Type: cookie; Duration: 1 day; Domain: criteo.com;
• Name: _hjTLDTest; Detects the SEO-ranking for the current website. This service is part of a third-party statistics and analysis service.; Type: cookie; Duration: Session; Domain: criteo.com;
• Name: amplitude_unsent_#; Used in context with the website’s pop-up questionnaires and messengering. The data is used for statistical or marketing purposes.; Type: cookie; Duration: Session; Domain: criteo.com;
• Name: amplitude_unsent_identify_#; Used in context with the website’s pop-up questionnaires and messengering. The data is used for statistical or marketing purposes.; Type: cookie; Duration: Session; Domain: criteo.com;
• Name: ki_r; Used to remember what questions the user has seen. This ensures that the same questions are not displayed to the user again.; Type: cookie; Duration: 5 years; Domain: criteo.com;
• Name: ki_t; Used to remember what questions the user has seen. This ensures that the same questions are not displayed to the user again.; Type: cookie; Duration: 5 years; Domain: criteo.com;
• Name: openam; Type: cookie; Duration: Session; Domain: criteo.com;
• Name: _hjFirstSeen; This cookie is used to determine if the visitor has visited the website before, or if it is a new visitor on the website.; Type: cookie; Duration: 1 day; Domain: criteo.com;
• Name: amplitude_cookie_test; Detects whether partner data synchronization is functioning and currently running - This function sends user data between third-party advertisement companies for the purpose of targeted advertisements.; Type: cookie; Duration: Session; Domain: criteo.com;
• Name: amplitude_id_b37a423901694056906133c8c13c895dcriteo.com; Unique self-generated ID for managing the anonymous rights of browsers and taxes, in order to be able to access related administration based on statistical data and navigation; Type: cookie; Duration: 10 years; Domain: criteo.com;
• Name: amplitude_idundefinedcriteo.com; Type: cookie; Duration: Session; Domain: criteo.com;
• Name: amplitude_testcriteo.com; Type: cookie; Duration: Session; Domain: Criteo.com;
• Name: pardot; Used to identify the visitor across visits and devices. This allows the website to present the visitor with relevant advertisement - The service is provided by third party advertisement hubs, which facilitate real-time bidding for advertisers.; Type: cookie; Duration: Session; Domain: criteo.com;
• Name: zdi; Collects anonymous data related to the user's visits to the website, such as the number of visits, average time spent on the website and what pages have been loaded, with the purpose of displaying targeted ads.; Type: cookie; Duration: 1 day; Domain: criteo.com;

Facebook Social Plugins

Description of Service

This is a social plug-in from Facebook, which allows the user to connect their website with the social network Facebook.

Processing Company

Meta Platforms Ireland Ltd.

4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Integration of Facebook functions
• Optimization
• Marketing

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Browser information
• Date and time of visit
• Facebook user ID
• Websites visited
• HTTP-header
• Interaction data
• Browser type
• IP address

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• United States of America
• Singapore

Data Recipients

In the following the recipients of the data collected are listed.

• Meta Platforms Ireland Ltd., Meta Platforms Inc.

Click here to read the privacy policy of the data processor

Click here to read the cookie policy of the data processor

Click here to opt out from this processor across all domains

Cloudflare

Description of Service

This is a service providing increased security and performance for websites. Cloudflare offers for example a content delivery network („CDN“) to improve the loading times of the website. The use of a CDN enables the user to make content available for retrieval more quickly with the help of regionally or internationally distributed servers.

Processing Company

Cloudflare Inc.

101 Townsend St., San Francisco, CA 94107, United States of America

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Optimization
• Website security
• Improvement of service
• Reducing bandwidth usage

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• IP address
• System configuration information
• Name of website
• Date and time of request
• Name and URL of the accessed file
• Amount of data transferred
• Status Information
• Device operating system
• Referrer URL
• Requesting provider
• Device type
• Time of the server request

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. f GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

United States of America,European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

Data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• United States of America
• Singapore
• Australia
• United Arab Emirates

Data Recipients

In the following the recipients of the data collected are listed.

• Cloudflare Group

Click here to read the privacy policy of the data processor

Click here to read the cookie policy of the data processor

Storage Information

• Maximum age of cookie storage: 1 month

Stored Information

• Name: _cf_bm; This cookie is set by Cloudflare. The cookie is used to support Cloudflare Bot Management.; Type: cookie; Duration: 30 minutes;
• Name: __cflb; This cookie is set for load balancing purposes. This cookie is set to route future requests to the same origin, optimizing network resource usage.; Type: cookie; Duration: Session; Domain: cloudflare.com;
• Name: cf_ob_info; This cookie provides information about failed requests to our website.; Type: cookie; Duration: 30 seconds;
• Name: cf_use_ob; This cookie informs Cloudflare to fetch the requested resource from the Always Online cache on the designated port.; Type: cookie; Duration: 30 seconds;
• Name: __cfruid; This cookie is required to manage incoming traffic and to have better visibility on the origin of a particular request.; Type: cookie; Duration: Session; Domain: cloudflare.com;
• Name: cf_clearance; This cookie is set by Cloudflare-protected websites displaying a Captcha or a managed challenge. This Cookie stores the proof that a challenge has been passed.; Type: cookie; Duration: 30 minutes;

Here

Description of Service

This is a mapping service.

Processing Company

HERE Global B.V

Kennedyplein 222-226, 5611 ZT Eindhoven, Netherlands

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Functionality
• Marketing

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies
• Web beacons

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• IP address
• Date and time of visit
• Browser type
• Browser language
• Geographic location
• Unique device identifier
• Referrer URL

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Click here to read the privacy policy of the data processor

Google Ads

Description of Service

This is an advertising service.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Advertisement
• Analytics
• Providing Service
• Statistics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Ads viewed
• Cookie ID
• Date and time of visit
• Device information
• Geographic location
• IP address
• Search terms
• Ads shown
• Client ID
• Impressions
• Online identifiers
• Browser information

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes. Log data is anonymized after 9 months and cookie information is anonymized after 18 months.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• Chile
• Singapore
• United States of America
• Taiwan

Data Recipients

In the following the recipients of the data collected are listed.

• Alphabet Inc., Google LLC, Google Ireland Limited

Click here to read the privacy policy of the data processor

Click here to read the cookie policy of the data processor

Click here to opt out from this processor across all domains

Storage Information

• Maximum age of cookie storage: 1 year

Stored Information

• Name: test_cookie; Set as a test to check whether the browser allows cookies to be set. Does not contain any identification features.; Type: cookie; Duration: 15 minutes; Domain: doubleclick.net;
• Name: IDE; Contains a randomly generated user ID. Using this ID, Google can recognize the user across different websites across domains and display personalized advertising.; Type: cookie; Duration: 1 year; Domain: doubleclick.net;

New Relic

Description of Service

This is a performance analytics service.

Processing Company

New Relic Inc.

188 Spear Street, Suite 1200, San Francisco, CA 94105, United States of America

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Marketing
• Digital Performance Monitoring
• Analytics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies
• Mobile SDKs
• APIs

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Browser information
• Date and time of visit
• Device information
• Device operating system
• Domain name
• Geographic location
• IP address
• Performance data
• Unique device identifier
• Usage data
• User ID
• Database queries

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

United States of America

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• Worldwide

Data Recipients

In the following the recipients of the data collected are listed.

• New Relic Inc.

Click here to read the privacy policy of the data processor

Click here to read the cookie policy of the data processor

Stored Information

• Name: JSESSIONID; This cookie is set by New Relic and is used to store a session identifier so that New Relic can monitor session counts for an application.; Type: cookie; Duration: Session;

Mouseflow

Description of Service

This is a web- analytics service.

Processing Company

Mouseflow Inc.

Flaesketorvet 68, 1711 Copenhagen V, Denmark

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Personalisation
• Analytics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies
• Scripts
• Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Click path
• Content viewed
• Geographic location
• Location information
• IP address
• Mouse movements
• Operating system information
• Pages visited
• Usage data
• Amount of time spent on a page
• Scrolling activity
• Browser information

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

Data will be deleted as soon as they are no longer needed for the processing purposes.

Data Recipients

In the following the recipients of the data collected are listed.

• Mouseflow Inc.

Click here to read the privacy policy of the data processor

Click here to read the cookie policy of the data processor

Click here to opt out from this processor across all domains

Storage Information

• Maximum age of cookie storage: 2 months, 29 days

Stored Information

• Name: mf_user; This cookie determines whether a user is visiting the website for the first time or returning. This is done by a yes/no switch - no further information about the user is stored.; Type: cookie; Duration: 2 months, 29 days; Domain: https://mouseflow.com/;
• Name: mf_###; The cookie contains information about the current visit to the website, but no information that can identify the visitor. The cookie is deleted when the session ends, i.e. when the user leaves the website.; Type: cookie; Duration: Session; Domain: https://mouseflow.com/;

Spoteffects

Description of Service

This is a web analytics service.

Processing Company

XAD Spoteffects GmbH

Saarstrasse 7, DE - 80797 Munich, Germany

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Analytics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Request (file name of the requested file)
• Browser type
• Pages visited
• Time and date of visit
• Anonymised IP address
• referrer URL
• Operating system
• Registrations
• Clicks
• Browser version
• Color depth
• Specific conversion tracking
• Browser language
• Browser type and browser version
• JavaScript activated: 'Yes' or 'No'
• Browser resolution
• Java: 'On' or 'Off'
• Screen resolution
• Purchases
• Time of the server request
• Host name of accessing computer
• Cookies: 'On' or 'Off'

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

Session cookies are automatically deleted after the user’s visit. Other cookies remain the device's memory until deleted.

Data Recipients

In the following the recipients of the data collected are listed.

• Google Analytics
• Google web fonts

Click here to read the privacy policy of the data processor

reCAPTCHA

Description of Service

This is a service that checks whether data is entered by a human or by an automated program.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Bot Protection
• Spam prevention
• Fraud detection

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Scripts

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Browser language
• Browser plug-ins
• Click path
• Date and time of visit
• IP address
• User behaviour
• Amount of time spent on a page
• User input
• Device information
• Mouse movements
• Geographic location
• Device operating system

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

Data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• United States of America
• Singapore
• Taiwan
• Chile

Data Recipients

In the following the recipients of the data collected are listed.

• Alphabet Inc.
• Google LLC
• Google Ireland Limited

Click here to read the privacy policy of the data processor

Click here to read the cookie policy of the data processor

Storage Information

• Maximum age of cookie storage: 5 months, 27 days

Stored Information

• Name: _GRECAPTCHA; This cookie is set so that Google can provide risk analyses about the activities observed by Google reCAPTCHA; Type: cookie; Duration: 5 months, 27 days; Domain: google.com;

Amazon Pay

Description of Service

This is a payment service.

Processing Company

Amazon Payments Europe S.C.A.

38 avenue J.F. Kennedy, L-1855 Luxemburg

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Payment

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Address
• Browser information
• Date of birth
• Device information
• E-mail address
• First name
• Geographic location
• IP address
• Last name
• Telephone number
• Time zone
• Usage data
• Bank details
• Clickstream data
• Purchase details

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. b GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• United States of America

Data Recipients

In the following the recipients of the data collected are listed.

• Amazon Payments Europe s.c.a.
• Amazon Payments, Inc.
• Amazon.com, Inc.

Click here to read the privacy policy of the data processor

Storage Information

• Maximum age of cookie storage: 1 year

Stored Information

• Name: amazon-pay-abtesting-apa-migration; Makes sure the correct Amazon Pay button is rendered for the sign-up technology used; Type: cookie; Duration: Session;
• Name: amazon-pay-abtesting-new-widgets; Makes sure the correct Amazon Pay widgets are rendered during checkout; Type: cookie; Duration: Session;
• Name: amazon-pay-connectedAuth; Makes sure the correct sign-in flow is used for buyer log-in; Type: cookie; Duration: Session;
• Name: apay-session-set ; Makes sure that the correct session is kept during check-out; Type: cookie; Duration: 1 year;
• Name: language ; Makes sure the Amazon Pay experience is presented in the correct language ; Type: cookie; Duration: 1 day;
• Name: amazon_Login_state_cache; Makes sure buyer log-in works properly ; Type: cookie; Duration: Session;
• Name: amazon_Login_accessToken; Makes sure buyer log-in works properly in redirect flow; Type: cookie; Duration: Session;
• Name: apayLoginState; Makes sure buyer sees the correct widgets for legacy flow ; Type: cookie; Duration: Session;
• Name: amazon-pay-cors-blocked-status ; Determines optimal traffic routing to avoid script blocking; Type: cookie; Duration: 1 hour;

Google Tag Manager

Description of Service

This is a tag management system. Via Google Tag Manager, tags can be integrated centrally via a user interface. Tags are small sections of code that can track activities. Script codes of other tools are integrated via the Google Tag Manager. The Tag Manager allows to control when a particular tag is triggered.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Tag Management

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Website tags

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Aggregated data about tag firing

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• United States of America
• Singapore
• Taiwan
• Chile

Data Recipients

In the following the recipients of the data collected are listed.

• Alphabet Inc., Google LLC, Google Ireland Limited

Click here to read the privacy policy of the data processor

Click here to read the cookie policy of the data processor

Google Optimize

Description of Service

This is a service for website optimization and analysis. It helps online marketers and webmasters increase visitor conversion rates and overall visitor satisfaction by testing different combinations of website content. With this the user can perform A/B Tests on their website. A/B tests allow to pit different design options of elements of a website against each other.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Optimization
• Improvement of service
• Testing

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Anonymised IP address
• User behaviour
• Browser type
• Browser version
• Device operating system
• Device type
• URL
• Visitors path on website
• Referrer URL
• Geographic location

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• United States of America
• Chile
• Singapore
• Taiwan

Data Recipients

In the following the recipients of the data collected are listed.

• Google LLC
• Google Ireland Limited
• Alphabet Inc

Click here to read the privacy policy of the data processor

Click here to read the cookie policy of the data processor

Click here to opt out from this processor across all domains

Storage Information

• Maximum age of cookie storage: 2 months, 29 days

Stored Information

• Name: _gaexp; This cookie is set to determine a user's inclusion in an experiment and the expiry of experiments a user has been included in.
  
  ; Type: cookie; Duration: 2 months, 29 days;
• Name: _opt_utmc; This cookie stores information about which marketing campaign a user last came to the website.; Type: cookie; Duration: 1 day;
• Name: _opt_awcid; Contains a randomly generated user ID. Based on this ID, Google can recognize the user across different websites and display personalized advertising.; Type: cookie; Duration: 1 day;
• Name: _opt_awmid; This cookie is set when a user reaches the website via a click on a Google ad. It contains information about whose customer account the clicked ad was placed from.; Type: cookie; Duration: 1 day;
• Name: _opt_awgid; This cookie is set when a user reaches the website via a click on a Google ad. It contains information about which advertising campaign the clicked ad belongs to.; Type: cookie; Duration: 1 day;
• Name: _opt_awkid; This cookie is set when a user reaches the website via a click on a Google ad. It contains information about the selection criteria used to place the ad, for example, which keyword was entered into Google.; Type: cookie; Duration: 1 day;
• Name: _opt_expid; This cookie is created when running a redirect experiment. It stores the experiment ID, the variant ID and the referrer to the page that's being redirected.; Type: cookie; Duration: 10 seconds;

Microsoft Clarity

Description of Service

This is an analytics tool which provides website usage statistics, session recording, and heatmaps.

Processing Company

Microsoft Ireland Operations Limited

One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Customer Behaviour Analytics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Tracking code

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Browser information
• Country
• Links clicked
• Mouse movements
• Operating system information
• Referrer URL
• User behaviour
• Clicks

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

United States of America

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be retained up to a period of 12 months from the time of recording.

Data Recipients

In the following the recipients of the data collected are listed.

• Microsoft Corporation

Click here to read the privacy policy of the data processor

Freshchat

Description of Service

This is a live chat software. It allows businesses to engage with their website visitors.

Processing Company

Freshworks Inc.

1250 Bayhill Drive, Suite 315, San Bruno, CA 94066, United States of America

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Customer Support
• Optimization

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Chat record
• IP Address
• E-Mail address
• Usage data

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

United States of America

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• United States of America

Data Recipients

In the following the recipients of the data collected are listed.

• Freshworks Inc.

Click here to read the privacy policy of the data processor

Click here to read the cookie policy of the data processor

AWIN

Description of Service

This is an affiliate network.

Processing Company

AWIN AG

Eichhornstraße 3, 10785 Berlin, Germany

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Affiliate marketing
• Tracking

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies
• Journey tags

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Ads viewed
• Browser information
• Clicked advertisements
• Device information
• Device operating system
• Referrer URL
• Time advertising is clicked
• Time advertising is viewed
• Touch point to advertising medium
• Usage data
• User agent
• Business transactions
• Order information
• Leads
• Newsletter information
• Success of referrals

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Data Recipients

In the following the recipients of the data collected are listed.

• AWIN AG

Click here to read the privacy policy of the data processor

Storage Information

• Maximum age of cookie storage: 1 year

Stored Information

• Name: zttpvc; Set when you see an advertisement. Stores an ID for the website that shows the advertisement and the time you saw the advertisement.; Type: cookie; Duration: Session; Domain: ad.zanox.com;
• Name: ztvc; Set when you see an advertisement. Stores an ID for the website that shows the advertisement and the time you saw the advertisement.; Type: cookie; Duration: Session; Domain: www.zanox-affiliate.de ;
• Name: zptpvc; Set when you see an advertisement. Stores an ID for the website that showed the advertisement and the time you saw the advertisement.; Type: cookie; Duration: 2 months, 29 days; Domain: www.zanox-affiliate.de ;
• Name: zpvc; Set when you see an advertisement. Stores an ID for the website that showed the advertisement and the time you saw the advertisement.; Type: cookie; Duration: 2 months, 29 days; Domain: www.zanox-affiliate.de ;
• Name: ztcc; Set when you click on one of AWIN's links. Stores IDs for referring website, advertisement on which you clicked, group of advertisements to which the advertisement belongs, time you clicked on it, ID for the type of advertisement and any reference the referring site adds to the click.; Type: cookie; Duration: Session; Domain: www.zanox-affiliate.de ;
• Name: zcc; Set when you click on one of AWIN's links. Stores IDs for referring website, advertisements on which you clicked, group of advertisements to which the advertisement belongs, time you clicked on it, ID for the type of advertisement and any reference the referring site adds to the click.; Type: cookie; Duration: 1 year; Domain: www.zanox-affiliate.de ;
• Name: bId; Sets a browser-specific ID to identify a new click on the same browser.; Type: cookie; Duration: 1 year; Domain: awin1.com ;
• Name: aw*****; Set when you click on one of AWIN's links. Stores IDs for referring website, advertisement on which you clicked, group of advertisements to which the advertisement belongs, time you clicked on it, ID for the type of advertisement, ID for the product and any reference the referring site adds to the click.; Type: cookie; Duration: 30 days; Domain: awin1.com ;
• Name: AWSESS; Set when you see an advertisement and used to help AWIN make sure they don't keep showing you the same advertisement.; Type: cookie; Duration: Session; Domain: awin1.com ;
• Name: awpv*****; Set when you see an advertisement. Stores an ID for the website that showed the advertisement and the time you saw the advertisement.; Type: cookie; Duration: 1 day; Domain: awin1.com ;
• Name: AW; Set when you click on one of AWIN's links. Stores IDs for referring website, advertisement on which you clicked, group of advertisements to which the advertisement belongs, time you clicked on it, ID for the type of advertisement, ID for the product and any reference the referring site adds to the click.; Type: cookie; Duration: 30 days; Domain: awin1.com ;
• Name: _aw_m_*****; Set when you click on one of AWIN's links. Stores IDs for referring website, advertisement on which you clicked, group of advertisement s to which the advertisement belongs, time you clicked on it, ID for the type of advertisement, ID for the product and any reference the referring site adds to the click.; Type: cookie; Duration: 30 days;

Kelkoo

Description of Service

This is a price- and product comparison service.

Processing Company

Kelkoo SAS

12, rue Godot de Mauroy, 75009, Paris, France

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Marketing
• Analytics
• Optimization

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Tracking Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Browser information
• IP address
• Time of request
• Geographic location
• HTTP-header
• Purchase activity

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Data Recipients

In the following the recipients of the data collected are listed.

• Kelkoo SAS

Click here to read the privacy policy of the data processor

Click here to read the cookie policy of the data processor

LiveChat

Description of Service

LiveChat provides online customer service software.

Processing Company

LiveChat, Inc.

One International Place, Suite 1400 Boston, MA 02110-2619, United States of America

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Customer Support

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• IP address
• Browser type
• Chat content
• Geographic location
• User ID
• Browser language
• Domain name
• Device operating system

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

United States of America

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• United States of America

Data Recipients

In the following the recipients of the data collected are listed.

• LiveChat, Inc.

Click here to read the privacy policy of the data processor

Stored Information

• Name: __lc_cid, __lc_cst; This cookie is necessary for the chatbox function.; Type: cookie; Duration: 3 years; Domain: livechatinc.com;
• Name: __lc2_cid, __lc2_cst; This cookie allows the website support to see previous issues and reconnect with the previous supporter.; Type: cookie; Duration: 3 years; Domain: livechatinc.com;
• Name: __oauth_redirect_detector; Allows to recognize the visitor in order to optimize the functionality of the chat box. ; Type: cookie; Duration: 1 day; Domain: livechatinc.com;
• Name: CASID; Allows to recognize the visitor in order to optimize the functionality of the chat box. ; Type: cookie; Duration: Session; Domain: livechatinc.com;
• Name: __livechat; This is used to hide the user's personal customisation of the LiveChat.; Type: cookie; Duration: 3 years; Domain: livechatinc.com;

Outbrain

Description of Service

This is an advertising service. This service provides recommendations upon user interests.

Processing Company

Outbrain Inc.

111 West 19th Street, New York, NY 10011, United States of America

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Advertisement
• Conversion Tracking

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies
• Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Anonymised IP address
• Browser type
• Date and time of visit
• Device information
• Device operating system
• Referrer URL
• Websites visited

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

United States of America

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

Data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• Worldwide

Data Recipients

In the following the recipients of the data collected are listed.

• Outbrain Inc.

Click here to read the privacy policy of the data processor

Click here to read the cookie policy of the data processor

Click here to opt out from this processor across all domains

Storage Information

• Maximum age of cookie storage: 5 minutes

Stored Information

• Name: outbrain_cid_fetch; This cookie determines how the user accessed the website. This is used to measure the efficiency of the marketing.; Type: cookie; Duration: 5 minutes; Domain: outbrain.com;

Google Analytics

Description of Service

This is a web analytics service. With this, the user can measure the advertising return on investment "ROI" as well as track user behavior with flash, video, websites and applications.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Marketing
• Analytics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies
• Pixel
• JavaScript
• Device fingerprinting

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Click path
• Date and time of visit
• Device information
• Location information
• IP address
• Pages visited
• Referrer URL
• Browser information
• Hostname
• Browser language
• Browser type
• Screen resolution
• Device operating system
• Interaction data
• User behaviour
• Visited URL

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The Retention Period depends on the type of the saved data. Each client can choose how long Google Analytics retains data before automatically deleting it.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• United States of America
• Singapore
• Chile
• Taiwan

Data Recipients

In the following the recipients of the data collected are listed.

• Google Ireland Limited, Alphabet Inc., Google LLC

Click here to read the privacy policy of the data processor

Click here to read the cookie policy of the data processor

Click here to opt out from this processor across all domains

Storage Information

• Maximum age of cookie storage: 2 years

Stored Information

• Name: _ga; This is used to distinguish users.; Type: cookie; Duration: 2 years;
• Name: _gid; This is used to distinguish users.; Type: cookie; Duration: 1 day;
• Name: _gat_gtag_xxx; This is used to distinguish users.; Type: cookie; Duration: 1 minute;
• Name: _gac_xx; This contains information about which ad was clicked.; Type: cookie; Duration: 2 months, 29 days;

Facebook Pixel

Description of Service

This is a Tracking technology offered by Facebook and used by other Facebook services. It is used to track interactions of visitors with websites ("Events") after they have clicked on an ad placed on Facebook or other services provided by Meta ("Conversion").

Processing Company

Meta Platforms Ireland Ltd.

4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Analytics
• Marketing
• Retargeting
• Advertisement
• Conversion Tracking
• Personalisation

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies
• Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Ads viewed
• Content viewed
• Device information
• Geographic location
• HTTP-header
• Interactions with advertisement, services, and products
• IP address
• Items clicked
• Marketing information
• Pages visited
• Pixel ID
• Referrer URL
• Usage data
• User behaviour
• Facebook cookie information
• Facebook user ID
• Usage/click behaviour
• Browser information
• Device operating system
• Device ID
• User agent
• Browser type

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

User’s interactions tracked on websites will not be stored longer than for two years. However, the data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• Singapore
• United States of America
• United Kingdom

Data Recipients

In the following the recipients of the data collected are listed.

• Meta Platforms Ireland Ltd., Meta Platforms Inc.

Click here to read the privacy policy of the data processor

Click here to read the cookie policy of the data processor

Storage Information

• Maximum age of cookie storage: 1 year

Stored Information

• Name: _fbp; Cookie from Facebook used for website analytics, ad targeting and ad measurement.; Type: cookie; Duration: 3 months; Domain: facebook.com;

Ometria

Description of Service

This website uses Ometria to have a single and unified view of each customer in order to increase sales through personalized content tailored to the respective segment.

Processing Company

Ometria Limited

3.01, The Tea Building, 56 Shoreditch High Street, London E1 6JJ

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Marketing
• Advertising

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Identity
• Contact
• Profile
• Marketing
• Communicaiton
• Purchase history
• Browse behavior
• Marketing interactions
• Returns
• In-store/offline activity
• Business Address
• Telephone Number
• Email
• Internet protocol (IP) address
• Login data
• Browser type and version
• Time zone setting and location
• Browser plug-in types and versions
• Operating system and platform and other technology on the devices you use to access
• Interests
• Preferences
• Feedback
• Survey Responses

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 (1)(a) of the GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

EU Data Centres

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• UK

Data Recipients

In the following the recipients of the data collected are listed.

• Ometria Limited

Click here to read the cookie policy of the data processor

Facebook Pixel - Hashing

Description of Service

This is an additional functionality for hashing of email addresses built into Facebook Pixel which is a Tracking technology offered by Facebook and used by other Facebook services such as Facebook Custom Audiences.

Processing Company

Facebook Ireland Limited

4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Marketing
• Advertising

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Hashing
• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Hashed email

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• Worldwide

Data Recipients

In the following the recipients of the data collected are listed.

• Facebook Ireland Limited

Click here to read the privacy policy of the data processor

Click here to read the cookie policy of the data processor

Click here to opt out from this processor across all domains

Usercentrics Consent Management Platform

Description of Service

This is a consent management service. Usercentrics GmbH is used on the website as a processor for the purpose of consent management.

Processing Company

Usercentrics GmbH

Sendlinger Str. 7, 80331 Munich, Germany

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Compliance with legal obligations
• Consent storage

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Local storage
• Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Opt-in and opt-out data
• Referrer URL
• User agent
• User settings
• Consent ID
• Time of consent
• Consent type
• Template version
• Banner language
• IP address

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. c GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The consent data (given consent and revocation of consent) are stored for one years. The data will then be deleted immediately.

Data Recipients

In the following the recipients of the data collected are listed.

• Usercentrics GmbH

Click here to read the privacy policy of the data processor

Insider

Description of Service

From bridging the gaps between web, mobile web, app, messaging, email and advertising channels to delivering tailored customer experiences, Insider’s AI-powered Growth Management Platform helps marketers drive growth from Acquisition to Activation, Retention, and Revenue. Leverage real-time customer intelligence while driving conversions and lifetime value.

Processing Company

Insider Benelux B.V.

Barbara Strozzilaan 101 - 201, Amsterdam, 1083HN

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Marketing

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Usage, viewing, technical, and device data when you visit the website, use tools, or open emails we send and other similar technologies
• Address, email address, phone number
• Name
• Cookie IDs, IP address, unique device identifier advertising IDs
• Correspondence

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

Netherlands

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• Worldwide

Data Recipients

In the following the recipients of the data collected are listed.

• Sosyo Plus Bilgi Bilişim Tekn. Dan. Hiz. Tic. A.Ş., along with affiliates and group companies

Click here to read the privacy policy of the data processor

Facebook Social Plugins

Description of Service

This is a social plug-in from Facebook, which allows the user to connect their website with the social network Facebook.

Processing Company

Meta Platforms Ireland Ltd.

4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Data Purposes

This list represents the purposes of the data collection and processing.

• Integration of Facebook functions
• Optimization
• Marketing

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Browser information
• Date and time of visit
• Facebook user ID
• Websites visited
• HTTP-header
• Interaction data
• Browser type
• IP address

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

• United States of America
• Singapore

Data Recipients

In the following the recipients of the data collected are listed.

• Meta Platforms Ireland Ltd., Meta Platforms Inc.

Click here to read the privacy policy of the data processor

Click here to read the cookie policy of the data processor

Click here to opt out from this processor across all domains