Privacy Statement

We are pleased about your use of our website. The protection of your personal data is important to us and we want you to feel safe when using our website. This privacy statement is issued in compliance with the Privacy Act of 2020 and other related law and regulations such as the Unsolicited Electronic Messages Act 2007 (“UEMA”).

1. Information concerning the collection of personal data



a. The following shall inform you about the collection, processing and utilization of personal data on our website. Personal data means all data relating to a living individual who can be identified.

b. Controller as per the Privacy Act of 2020 is:

Emma Sleep New Zealand Ltd.

Level 2, 142 Broadway,

Newmarket, Auckland 1043,

New Zealand

You can reach our data protection officer through the following details:

Emma Sleep GmbH
Datenschutzbeauftragter
Wilhelm-Leuschner-Street 78
60329 Frankfurt am Main
Germany
[email protected]

c. If we use contracted service providers for individual functions to present our services to you or to your data for advertising purposes, we will inform you in detail about the respective processes below.

2. Your rights as a data subject



a. You have the following rights against us with respect to the personal data concerning you:

Right of access by the data subject (Information Privacy Principle 6):

You have the right to request confirmation whether we hold any personal data about you and to access your personal data subject to the exception provided under Section 49 to Section 53 of the Privacy Act 2020 subject to advanced payment of charges per Section 66 of the Privacy Act 2020. If you are given access to your personal data, you may request the correction of the same under Information Privacy Principle 7.

Right to rectification (Information Privacy Principle 7):

You have the right to request that we rectify inaccurate personal data relating to you or to attach a statement of correction to the personal data if we do not make the correction sought. If a correction is made or a statement of correction is attached to your personal data, Emma will, as is reasonably practicable, inform other entities to whom we previously disclosed the erroneous personal data about the said action.

Right to object to direct marketing (Section 3, UEMA):

You have the right to object to the processing of your personal data for direct marketing purposes when it is without your consent or you wish to withdraw your consent previously given .

b. If you have the feeling that we have not responded in an appropriate manner to your requests, or complaints, or you have further concerns, you additionally have the right to complain to a data protection authority such as the . The responsible authority to us is the 

c. You can send your inquiries regarding your rights as a data subject to us by sending a data subject request to [email protected].

3. Collection of personal data when you visit our website



When visiting our website, i.e. without registering or agreeing to our further processing or utilization of the data, only the personal data, which your browser transmits to our server is automatically saved. In order to fulfil these technical requirements for you to view our website and provide for the necessary security, the following data is saved:

  • IP Address,
  • Date and time of your visit,
  • Time zone difference to Greenwich Mean Time (GMT),
  • Content of the query (specific site visited),
  • Access status/HTTP status code,
  • Amount of transferred data,
  • Website from which the initial request emanates,
  • Browser,
  • Operating system, device, and its user interface
  • Language and version of browser software.


The personal data mentioned above gets processed for the following purposes:

To ensure a smooth connection of the website

To guarantee a comfortable use of our website

To evaluate system security and stability as well as for other administrative purposes.

These information are temporarily stored in so-called log files. When you visit this website, this information is automatically recorded without your intervention and stored until it is automatically deleted. If you don’t want the above personal data to be collected, you should not access our website as we will be unable to allow you access to our website without such personal data.

4. Use of our webshop: orders and product returns



a.  If you would like to order in our webshop, it is necessary for the conclusion of the contract that you provide your personal data, which we need to process your order and fulfill the contract of sale with you. The essential data for the conclusion of the contract is marked, further data is given on a voluntary basis. We use the personal data provided by you to process your order and returns. For charging purposes, we can pass on your payment data to our house bank or to the selected payment service provider. To manage the delivery of the goods to you, and due to the nature of the transaction, we will need to share your delivery address and contact details (email and phone number) with delivery companies. Only strictly necessary data will be shared for the purpose of coordination of delivery, protection against fraud and clarification of urgent issues. The legal basis for this is that this processing is objectively necessary for the performance of the contract of sale with you. This means that the sale of goods cannot, as a matter of fact, be fully performed if this specific processing of the personal data in question does not occur. Please note that failure to provide the mandatory personal data can lead to that that your order with us cannot be carried out.

If you want to do a product return, we will also need to share your personal data (delivery address and contact details) to the assigned non-governmental/charitable organization or delivery company for the pick-up and collection of the product. The legal basis is that the processing is necessary for the performance of a contract to which the data subject is party and our legitimate interest in managing product returns.

Before submitting your order, you are required to tick a box to signify your consent to our terms & conditions, privacy statement, and cancellation policy after having read the same. If you do not agree with our terms & conditions, privacy statement, and cancellation policy, you should not tick the box but you will also be unable to continue checking out.

By ticking the box and proceeding to submit your order, you consent that we may collect and process inside or outside of New Zealand the following categories of personal data about you via the webshop for the following purposes:

Identity data (e.g., first name, last name, etc.) for purposes of identifying you in relation to your orders and interaction with us.

Contact details data (e.g., shipping address, telephone number, email address, etc.) for purposes of coordination and execution of the delivery and/or pick-up of your ordered and/or returned goods.

Order data (e.g., order number, item bought, order amount, etc.) for purposes of carrying-out your order.

Payment data (e.g., mode of payment, etc.) for purposes of documenting and processing the payment transaction for your order.

Preference data (e.g., consents given, etc.) for purposes of documenting your preferences and consents given.

Further, you consent that the above categories of personal data may also be used separately or jointly for marketing or advertising purposes.

b. Within the scope of our activities and services, it may become necessary for us to disclose the personal data stored about you to natural persons, legal entities or public authorities. We conclude data processing agreements with our private-entity data processors, which ensure that they may only process your personal data in a way that we have explicitly instructed them to do so and ensure that they take the necessary technical and organizational measures to process your data securely and store your personal data only for as long as necessary. With respect to private-entity data controllers, we have less control as to how they will use your personal data but we enter into data sharing agreements which mandate compliance of both parties with applicable laws. Finally, when sharing your personal data with public authorities, we will only do so when required and allowed by law.

Being an international business with a global footprint, we may process your personal data outside of New Zealand. By agreeing to the privacy statement through the method explained above, you consent that, in addition to us, the following categories of recipients from inside or outside of New Zealand may receive the following categories of personal data for the following purposes:

Subsidiaries and affiliates – may receive Identity data, Contact details data, Order data, Payment data, and Preference data for purposes of order management, customer management, and marketing.

Credit institutions and providers of payment services for billing and payment processing (online payment providers) – may receive Identity data, Order data, and Payment data in order to offer you their payment methods for your order during checkout. Our payment service providers are considered separate data controllers and process your personal data according to their respective privacy statements and such processing may include credit checks or other assessment methods to determine your qualification for the payment method. Before using a payment method, please read the payment service provider’s privacy statement available in its website such as:

o MasterCard - https://www.mastercard.com/global/en.html o Visa - https://www.visa.com.my/legal/global-privacy-notice.html o Zip – https://zip.co/nz/privacy-policy/

Parcel Shipper – may receive Identity data, Contact details data, and Order data in order to manage and facilitate the delivery of your order to the address you indicated including package tracking. Our parcel shippers are considered separate data controllers and process your personal data according to their respective privacy statements. Before proceeding with your order, please read the parcel shippers’ privacy statements available in their website such as:

o Store Right Logistics - https://www.store-rite.co.nz/

Supplier and Warehouse service provider – may receive Identity data, Contact details data, and Order data in order to manage and facilitate the delivery of your order to the address you indicated including package tracking.

Non-Governmental/Charitable Organization that collects product returns – may receive Identity data and Contact details data in order to manage and facilitate the pick-up and collection of the product to be returned by you in the address you indicated.

IT service provider to maintain our IT infrastructure – may receive Identity data, Contact details data, Order data, Payment data, and Preference data for data storage purposes.

Cloud and cloud-based solutions provider – may receive Identity data, Contact details data, Order data, Payment data, and Preference data for data storage and cloud-based solutions purposes such as solutions for webshop creation, webshop hosting, order management, customer management, email management, etc.

Service provider for the optimization of the online offer – may receive Identity data, Contact details data, and Order data for the optimization of the online offer.

Collection service providers or lawyers to collect receivables and enforce claims in court – may receive Identity data, Contact details data, Order data, and Payment data for purposes of litigation and protecting our legal rights and interest.

Marketing and advertising service provider – may receive Identity data, Contact details data, and Order data for marketing and advertising purposes.

Customer service provider – may receive Identity data, Contact details data, Order data, Payment data, and Preference data for purposes of addressing your queries and concerns.

Management service provider – may receive Identity data, Contact details data, Order data, Payment data, and Preference data for purposes of managing our platforms, websites, etc.

Government agencies – may receive Identity data, Contact details data, Order data, Payment data, and Preference data if allowed and required by law for purposes of achieving their legal mandate.

c. If personal data is processed in countries outside of New Zealand, we will ensure that your personal data is processed in accordance with Privacy Act of 2020’s data protection level by entering into legally binding agreements with the recipients.

5. Communications and contact form



When you contact us such as through e-mail or via the contact form, the information you provide will be processed for the purpose of processing your request and for the event that follow-up questions arise. If you are contacting us in relation to your purchase, our legal basis for the processing of your personal data is that it is needed to fulfill our contract of sale with you. If you are contacting us in relation to other matters, our legal basis for the processing of your personal data is your consent. The personal data collected by us in this context will be deleted when the request associated with the contact has been completely clarified and it is also not to be expected that the specific contact will become relevant again in the future, unless legal storage obligations stand against this.

6. Newsletters and electronic notifications



a. We send newsletters, e-mails and other electronic notifications containing promotional information. Our newsletters contain information about our products, offers, promotions and our company. With the following notes we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedure and your right of objection.

For the subscription to our newsletter we use a logged Double-Opt-in procedure. This means that after subscription you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that nobody can register with foreign e-mail addresses. Newsletter subscriptions are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address. Changes to your data stored by the service provider are also logged. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data.

To subscribe to the newsletter, it is sufficient to enter your e-mail address. The provision of further data is voluntary and is used to address you personally. After your confirmation we will save your e-mail address for the purpose of sending the newsletter. The newsletter dispatch and the measurement of performance are based on your consent if you subscribed.

b.  We may also send you a newsletter and/or notification through the e-mail address or other contact details you provided to us during checkout. If you receive a newsletter and/or notification, without subscribing, we are doing so on our legitimate interest to market and advertise our products, services, promotions, and events to you.

c. To stop receiving the newsletter, you may withdraw your consent to or object to receiving the same at any time by clicking on the unsubscribe link provided in every newsletter e-mail or by reaching out to us through [email protected].

d. After unsubscribing, we will delete your e-mail address or relevant contact details, unless you have consented to other use of your data, or the use of the same is permitted or required by law per another legal basis.

7. Data retention



We keep your personal data for the period of the customer relationship with you or for the legally-required period after termination of such relationship or agreement in order to defend our legal claims, to protect and enforce our rights, or to comply with laws and regulations. In general, the legal retention period for documents important for taxation (such as accounting receipts) is ten (10) years while other documents that can be considered as commercial or business transaction documents is six (6) years.

8. Social-Media portals



a. We are represented in the social networks and employer evaluation portals mentioned below. These presences are operated exclusively by the respective provider. They serve to communicate directly with customers, interested parties and users. If you contact us via our social media channels, we process the personal data that you provide us with as well as the personal data that is necessary to process your request. Insofar as you have given your consent to the operators of the respective social media platforms (e.g. by means of a checkbox opt-in), the processing is carried out on the basis of your consent. You can revoke your consent at any time with the operator of the respective platform with effect for the future.

b. When you visit our social media pages, your user data is recorded and provided to us by the operator. The exact types of data differ from provider to provider, but generally include the following information:

Follower: number and stored profiles; information about growth and development over a defined time frame.

Reach: number of people who see a specific contribution; number of interactions with a contribution. From this, it can be deduced, for example, which content is better received by the community than others.

Ad performance: how many people were reached by a contribution or a paid ad and have interacted with it?

Demographics: average age of visitors, sex, location, language.

c. Since our social media channels are operated by the providers of the respective social network, there may be a supplementary use of your personal data by the respective operator, over which we have no influence. This often involves the recording of your IP address, the creation of static evaluations and the processing of further information stored in the form of cookies. We have no influence on the generation and presentation of this personal data and can neither turn off this function nor prevent the processing of the personal data.

d. The assertion of data subject rights and requests can most effectively be addressed directly to the platform providers, since only they have access to your personal data and can take immediate action and provide information. Should our cooperation be necessary for this, we will support you in enforcing your rights as a data subject.

e. More detailed information about the terms of use of the respective platform as well as a detailed description of further data processing and the respective possibilities of objection can be found on the pages of the providers.

9. Social-Media plug-ins



We have integrated plug-ins on our web services. These plug-ins are indicated by the respective button belonging to the service. With the help of the plug-ins, users can share or post links to the corresponding websites in social networks such as Facebook or Twitter or recommend the contents there. Through your active interaction with these plugins, (e.g., by clicking the respective button or leaving a comment) this information is transmitted directly to the respective service and stored there.

When you visit one of our web services that contain an activated plugin, your browser establishes a connection with the servers of the respective service, which in turn transmits the content of the plugin to your browser, which then integrates it into the displayed page. Thus, the information about the visit of our web services is forwarded to the respective service. We do not collect personal data ourselves by means of the social plugins or about their use and have no influence on which data an activated plugin collects and how these are used by the provider. It must be assumed that at least the IP address and device-related information is collected and used. It is also possible that the service provider will attempt to store cookies on the computer used. If you are logged in to the respective service at the same time as visiting our web services via your personal user account (e.g. via another browser session), the service provider can assign the visit to our web services to your account.

10. Facebook Insights - "Facebook Fanpages"



Upon a visit of our Facebook page collects Facebook among others your IP address as well as other information, which is saved on your device in form of cookies. This information will be used to provide us as the operator of the Facebook page with statistical information on Facebook usage. We can access these statistics through so-called Facebook “insights”. These statistics are collected and provided solely by Facebook. We as the operator of the page have no influence over their generation and presentation. We cannot either stop or prevent their generation and data processing. You can find further information about “Insights” provided by Facebook here: https://www.facebook.com/help/pages/insights. Following information will be provided to us by Facebook through “Insights”: Number of page views, “likes”, page activities, reach, impressions, video views, post clicks and reactions, post reach, comments, shared content, answers, gender ratio, regional distribution of the users (origin based on country and city), language, opens and clicks in the shop, clicks on the address and on the telephone number.

11. Cookies



a. In addition to the abovementioned data categories we use cookies to make the experience of visiting our website as user-friendly as possible and to allow you to make use of certain functions. Cookies are little text files that are saved on your browser’s delegated hard drive, through which certain information flows back to the person who sets the cookie. Cookies are used to improve the user experience and effectiveness of our website.

b. This website uses the following types of cookies:

Transient Cookies - Transient cookies are automatically deleted when you close your browser. These are mostly session cookies, which save a so-called “session-ID”, which allows for the assigning of different queries within your browser during a particular session. This can be used to identify your device when one repeatedly visits a website during a session. These cookies are deleted once you log out or the browser window is closed.

Persistent Cookies - Persistent cookies enable the website to remember your information and settings on your next visit. This gives you faster and more convenient access to the website, as you do not have to change your language settings again, for example. How long the cookie remains on your device depends on the duration or expiration date of the respective cookie and your browser settings. These cookies are automatically deleted after a set period of time which can differ from cookie to cookie. Persistent cookies can be deleted via the security settings in your browser at any time.

c. Depending on the kind of cookie, we use cookies to enable you to access our website at your request to order products from our website or for marketing and advertising purposes. according to your selection of the cookie banner displayed when you access the website. You can also configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. This may result in a functional limitation of our offers and our website.

d. Cookies used in the website may include the ones indicated further below.

Trustpilot

Description of Service

This is a review service. This service collects reviews to gain feedback.

Processing Company

Trustpilot A/S

Pilestraede 58, 5th floor, 1112 Copenhagen, Denmark

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Data Purposes

This list represents the purposes of the data collection and processing.

  • Optimization
  • Feedback
  • Customer Support
  • Analytics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Web beacons
  • Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • IP address
  • Geographic location
  • Browser information
  • Device settings
  • Time zone
  • Data provided through forms on the website

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted after the account has been deleted.

Data Recipients

In the following the recipients of the data collected are listed.

  • Trustpilot A/S

Click here to read the privacy policy of the data processor

https://de.legal.trustpilot.com/for-businesses/business-privacy-policy

Bing Ads Retargeting

Description of Service

This is a retargeting service, which helps websites reconnect with previous visitors.

Processing Company

Microsoft Corporation

One Microsoft Way, Redmond, WA 98052-6399, USA

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://aka.ms/privacyresponse

Data Purposes

This list represents the purposes of the data collection and processing.

  • Retargeting

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Browser language
  • Cookie information
  • Digital signature
  • IP address
  • Microsoft Click ID
  • Page title
  • Referrer URL
  • Screen resolution
  • URL
  • Version of UET
  • Event information
  • Page load time

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data is retained for 180 days.

Data Recipients

In the following the recipients of the data collected are listed.

  • Microsoft Corporation

Click here to read the privacy policy of the data processor

https://privacy.microsoft.com/en-us/PrivacyStatement

Click here to opt out from this processor across all domains

https://account.microsoft.com/privacy/ad-settings/signedout?ru=https:%2F%2Faccount.microsoft.com%2Fprivacy%2Fad-settings

Storage Information

  • Maximum age of cookie storage: 1 year, 25 days

Stored Information

  • Name: _uetsid; This is a tracking cookie that is used for targeted advertising.

    ; Type: cookie; Duration: 30 minutes;
  • Name: MUID; This is a user identifier tracking cookie to help count valid clicks for targeted advertising.

    ; Type: cookie; Duration: 1 year, 25 days;
  • Name: MUIDB; This is a user identifier tracking cookie used by Microsoft Bing Ads, which is used for targeted advertising.

    ; Type: cookie; Duration: 1 year, 25 days;
  • Name: _uetvid; This is used to track visitors across multiple websites in order to present relevant advertisements based on the visitor's preferences.; Type: cookie; Duration: 16 days;

Taboola

Description of Service

This is an advertising platform. With this service it is possible to increase user engagement.

Processing Company

Taboola Europe Limited

Aldgate House, 2nd Floor, 33 Aldgate High Street, London EC3N 1DL, UK

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Data Purposes

This list represents the purposes of the data collection and processing.

  • Advertisement
  • Analytics
  • Personalisation
  • Providing Service

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Crash data
  • Date and time of visit
  • Device information
  • Device operating system
  • Geographic location
  • IP address
  • Referrer URL
  • Websites visited
  • Event information

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

User information is kept for no longer than 18 months from the users last interaction with the service.

Data Recipients

In the following the recipients of the data collected are listed.

  • Affiliates
  • Service providers
  • Customers

Click here to read the privacy policy of the data processor

https://www.taboola.com/privacy-policy

Click here to opt out from this processor across all domains

https://www.taboola.com/privacy-policy#user-choices-and-optout

Storage Information

  • Maximum age of cookie storage: 1 year

Stored Information

  • Name: taboola_session_id; Creates a temporary session ID to avoid the display of duplicate recommendations on the page.; Type: cookie; Duration: Session; Domain: trc.taboola.com ;
  • Name: taboola_select; Maintains a record of whether the user performed an action in the “Taboola Select” feature.; Type: cookie; Duration: 1 year; Domain: taboola.com;
  • Name: taboola_fp_td_user_id ; Indicates that the user clicked on an item that was recommended by Taboola’s Services. This is used for reporting and analytics purposes. ; Type: cookie; Duration: 1 year; Domain: taboola.com;
  • Name: t_gid; Assigns a unique User ID that allows Taboola to recommend specific advertisements and content to this user. ; Type: cookie; Duration: 1 year; Domain: taboola.com;
  • Name: trc_cookie_storage; Assigns a unique User ID that is used for attribution and reporting purposes. ; Type: cookie; Duration: 1 year;
  • Name: _tb_sess_r; Used on websites of taboola's publisher Customers that utilize the Taboola Newsroom services. It maintains a session reference about the user’s visit to this particular website. ; Type: cookie; Duration: 30 minutes;
  • Name: _tb_t_ppg; Used on websites of our publisher Customers that utilize the Taboola Newsroom services. This cookie is used to identify the referring website (i.e. the website that the user visited prior to arriving at this publisher’s website). ; Type: cookie; Duration: Session;
  • Name: abLdr; Supports routine technical and performance improvements for Taboola’s browser-based Services. ; Type: cookie; Duration: 3 hours; Domain: taboola.com;
  • Name: abMbl; Supports routine technical and performance improvements for Taboola’s mobile SDK Services. ; Type: cookie; Duration: 3 hours; Domain: taboola.com;
  • Name: tb_click_param; Used on websites of taboola's publisher Customers that utilize the Taboola Newsroom services. It measures performance of the publisher’s homepage articles that are clicked.; Type: cookie; Duration: 30 seconds;

Criteo

Description of Service

This is an advertising service.

Processing Company

Criteo SA

32 Rue Blanche, 75009 Paris, France

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Data Purposes

This list represents the purposes of the data collection and processing.

  • Advertisement
  • Marketing
  • Personalisation
  • Retargeting

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Browser information
  • Click path
  • Date and time of visit
  • Device information
  • Files viewed
  • Location information
  • IP address
  • Mobile advertising IDs
  • Number of page views
  • Products viewed
  • Referrer URL
  • Search terms
  • Technical IDs
  • Usage data
  • Number of ads served

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

Technical data is retained for up to 13 months. Cookies expire 13 months after they are last updated.

Data Recipients

In the following the recipients of the data collected are listed.

  • Subsidiaries
  • Affiliated companies

Click here to read the privacy policy of the data processor

https://www.criteo.com/privacy/

Click here to opt out from this processor across all domains

https://www.criteo.com/privacy/#user-choices

Storage Information

  • Maximum age of cookie storage: 10 years

Stored Information

  • Name: _csrf; Ensures visitor browsing-security by preventing cross-site request forgery. This cookie is essential for the security of the website and visitor.; Type: cookie; Duration: Session; Domain: criteo.com;
  • Name: connect.sid; This cookie is necessary for secure log-in and the detection of any spam or abuse of the website.; Type: cookie; Duration: 1 year; Domain: criteo.com;
  • Name: XSRF-TOKEN; Ensures visitor browsing-security by preventing cross-site request forgery. This cookie is essential for the security of the website and visitor.; Type: cookie; Duration: 1 year; Domain: criteo.com;
  • Name: _gat; Used to throttle request rate.; Type: cookie; Duration: 1 day; Domain: criteo.com;
  • Name: ajs_anonymous_id; This cookie is used to count how many times a website has been visited by different visitors - this is done by assigning the visitor an ID, so the visitor does not get registered twice.; Type: cookie; Duration: 1 year; Domain: criteo.com;
  • Name: _hjAbsoluteSessionInProgress; This cookie is used to count how many times a website has been visited by different visitors - this is done by assigning the visitor an ID, so the visitor does not get registered twice.; Type: cookie; Duration: 1 day; Domain: criteo.com;
  • Name: _hjid; Sets a unique ID for the session. This allows the website to obtain data on visitor behaviour for statistical purposes; Type: cookie; Duration: 1 year; Domain: criteo.com;
  • Name: _hjIncludedInPageviewSample; Determines if the user's navigation should be registered in a certain statistical place holder.; Type: cookie; Duration: 1 day; Domain: criteo.com;
  • Name: _hjTLDTest; Detects the SEO-ranking for the current website. This service is part of a third-party statistics and analysis service.; Type: cookie; Duration: Session; Domain: criteo.com;
  • Name: amplitude_unsent_#; Used in context with the website’s pop-up questionnaires and messengering. The data is used for statistical or marketing purposes.; Type: cookie; Duration: Session; Domain: criteo.com;
  • Name: amplitude_unsent_identify_#; Used in context with the website’s pop-up questionnaires and messengering. The data is used for statistical or marketing purposes.; Type: cookie; Duration: Session; Domain: criteo.com;
  • Name: ki_r; Used to remember what questions the user has seen. This ensures that the same questions are not displayed to the user again.; Type: cookie; Duration: 5 years; Domain: criteo.com;
  • Name: ki_t; Used to remember what questions the user has seen. This ensures that the same questions are not displayed to the user again.; Type: cookie; Duration: 5 years; Domain: criteo.com;
  • Name: openam; Type: cookie; Duration: Session; Domain: criteo.com;
  • Name: _hjFirstSeen; This cookie is used to determine if the visitor has visited the website before, or if it is a new visitor on the website.; Type: cookie; Duration: 1 day; Domain: criteo.com;
  • Name: amplitude_cookie_test; Detects whether partner data synchronization is functioning and currently running - This function sends user data between third-party advertisement companies for the purpose of targeted advertisements.; Type: cookie; Duration: Session; Domain: criteo.com;
  • Name: amplitude_id_b37a423901694056906133c8c13c895dcriteo.com; Unique self-generated ID for managing the anonymous rights of browsers and taxes, in order to be able to access related administration based on statistical data and navigation; Type: cookie; Duration: 10 years; Domain: criteo.com;
  • Name: amplitude_idundefinedcriteo.com; Type: cookie; Duration: Session; Domain: criteo.com;
  • Name: amplitude_testcriteo.com; Type: cookie; Duration: Session; Domain: Criteo.com;
  • Name: pardot; Used to identify the visitor across visits and devices. This allows the website to present the visitor with relevant advertisement - The service is provided by third party advertisement hubs, which facilitate real-time bidding for advertisers.; Type: cookie; Duration: Session; Domain: criteo.com;
  • Name: zdi; Collects anonymous data related to the user's visits to the website, such as the number of visits, average time spent on the website and what pages have been loaded, with the purpose of displaying targeted ads.; Type: cookie; Duration: 1 day; Domain: criteo.com;

Facebook Social Plugins

Description of Service

This is a social plug-in from Facebook, which enables integration of Facebook content on third-party websites.

Processing Company

Facebook Ireland Limited

4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://www.facebook.com/help/contact/540977946302970

Data Purposes

This list represents the purposes of the data collection and processing.

  • Integration of Facebook functions
  • Advertisement
  • Personalization
  • Optimization

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Usage data
  • Browser information
  • Date and time of visit
  • Facebook user ID
  • HTTP-Header
  • Websites visited

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Data Recipients

In the following the recipients of the data collected are listed.

  • Facebook Inc.
  • Facebook Ireland Limited

Click here to read the privacy policy of the data processor

https://www.facebook.com/privacy/explanation

Click here to opt out from this processor across all domains

https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

Google Webfonts

Description of Service

This is a collection of fonts for commercial and personal use.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Purposes

This list represents the purposes of the data collection and processing.

  • Providing fonts
  • Analytics

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • CSS requests
  • IP address
  • Font file requests
  • Aggregated usage numbers
  • Referrer URL

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Data Recipients

In the following the recipients of the data collected are listed.

  • Alphabet Inc.
  • Google LLC
  • Google Ireland Limited

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy?hl=en

Click here to opt out from this processor across all domains

https://safety.google/privacy/privacy-controls/

Cloudflare

Description of Service

This is a service providing increased security and performance for web sites.

Processing Company

Cloudflare Inc.

101 Townsend St., San Francisco, CA 94107, United States of America

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Data Purposes

This list represents the purposes of the data collection and processing.

  • Optimization
  • Website security

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • IP address
  • Log file data
  • System configuration information

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

United States of America, European Economic Area

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

Data will be deleted as soon as they are no longer needed for the processing purposes.

Data Recipients

In the following the recipients of the data collected are listed.

  • Service Providers
  • Cloudflare Group

Click here to read the privacy policy of the data processor

https://www.cloudflare.com/privacypolicy/

Storage Information

  • Maximum age of cookie storage: 1 month

Stored Information

  • Name: __cfduid; The cookie is used by cdn services like CloudFare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information.; Type: cookie; Duration: 1 month;
  • Name: _cf_bm; This cookie is set by CloudFare. The cookie is used to support Cloudfare Bot Management.; Type: cookie; Duration: 29 minutes;

Here

Description of Service

This is a mapping service.

Processing Company

HERE Global B.V

Kennedyplein 222-226, 5611 ZT Eindhoven, Netherlands

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Data Purposes

This list represents the purposes of the data collection and processing.

  • Functionality
  • Marketing

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
  • Web beacons

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • IP address
  • Date and time of visit
  • referrer url
  • Browser type
  • Browser language
  • Geographic location
  • Unique device identifier

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Click here to read the privacy policy of the data processor

https://legal.here.com/en-gb/privacy

Google Ads

Description of Service

This is an advertising service.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data Purposes

This list represents the purposes of the data collection and processing.

  • Advertisement
  • Analytics
  • Providing Service
  • Statistics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Ads viewed
  • Cookie ID
  • Date and time of visit
  • Device information
  • Geographic location
  • IP address
  • Search terms
  • Ads shown
  • Client ID
  • Impressions
  • Online identifiers
  • Browser information

Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes. Log data is anonymized after 9 months and cookie information is anonymized after 18 months.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

  • Chile
  • Singapore
  • United States of America
  • Taiwan

Data Recipients

In the following the recipients of the data collected are listed.

  • Alphabet Inc., Google LLC, Google Ireland Limited

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy?hl=en

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

Click here to opt out from this processor across all domains

https://safety.google/privacy/privacy-controls/

Storage Information

  • Maximum age of cookie storage: 1 year

Stored Information

  • Name: CONSENT; Type: cookie; Duration: - ;
  • Name: rc::b; Type: web;
  • Name: rc::c; Type: web;
  • Name: pid; Type: cookie; Duration: - ;
  • Name: rc::a; Type: web;
  • Name: test_cookie; Type: cookie; Duration: - ;
  • Name: IDE; Type: cookie; Duration: - ;

New Relic

Description of Service

This is a performance analytics service.

Processing Company

New Relic Inc.

188 Spear Street, Suite 1200, San Francisco, CA 94105, United States of America

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Data Purposes

This list represents the purposes of the data collection and processing.

  • Marketing
  • Digital Performance Monitoring
  • Analytics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
  • Mobile SDKs
  • APIs

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Browser information
  • Date and time of visit
  • Device information
  • Device operating system
  • Domain name
  • Geographic location
  • IP address
  • Performance data
  • Unique device identifier
  • Usage data
  • User ID
  • Database queries

Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

United States of America

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

  • Worldwide

Data Recipients

In the following the recipients of the data collected are listed.

  • New Relic Inc.

Click here to read the privacy policy of the data processor

https://newrelic.com/termsandconditions/services-notices

Click here to read the cookie policy of the data processor

https://newrelic.com/termsandconditions/cookie-policy

Stored Information

  • Name: JSESSIONID; This cookie is set by New Relic and is used to store a session identifier so that New Relic can monitor session counts for an application.; Type: cookie; Duration: Session;

Mouseflow

Description of Service

This is a web- analytics service.

Processing Company

Mouseflow Inc.

Flaesketorvet 68, 1711 Copenhagen V, Denmark

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Data Purposes

This list represents the purposes of the data collection and processing.

  • Personalisation
  • Analytics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
  • Scripts
  • Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Click path
  • Content viewed
  • Geographic location
  • Location information
  • IP address
  • Mouse movements
  • Operating system information
  • Pages visited
  • Usage data
  • Amount of time spent on a page
  • Scrolling activity
  • Browser information

Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

Data will be deleted as soon as they are no longer needed for the processing purposes.

Data Recipients

In the following the recipients of the data collected are listed.

  • Mouseflow Inc.

Click here to read the privacy policy of the data processor

https://mouseflow.com/privacy/

Click here to read the cookie policy of the data processor

https://support.mouseflow.com/support/solutions/articles/44001550895-what-is-your-cookie-policy-

Click here to opt out from this processor across all domains

https://mouseflow.com/opt-out/

Storage Information

  • Maximum age of cookie storage: 2 months, 29 days

Stored Information

  • Name: mf_user; This cookie determines whether a user is visiting the website for the first time or returning. This is done by a yes/no switch - no further information about the user is stored.; Type: cookie; Duration: 2 months, 29 days; Domain: https://mouseflow.com/;
  • Name: mf_###; The cookie contains information about the current visit to the website, but no information that can identify the visitor. The cookie is deleted when the session ends, i.e. when the user leaves the website.; Type: cookie; Duration: Session; Domain: https://mouseflow.com/;

Spoteffects

Description of Service

This is a web analytics service.

Processing Company

XAD Spoteffects GmbH

Saarstrasse 7, DE - 80797 Munich, Germany

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Data Purposes

This list represents the purposes of the data collection and processing.

  • Analytics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Request (file name of the requested file)
  • Browser type
  • Pages visited
  • Time and date of visit
  • Anonymised IP address
  • referrer URL
  • Operating system
  • Registrations
  • Clicks
  • Browser version
  • Color depth
  • Specific conversion tracking
  • Browser language
  • Browser type and browser version
  • JavaScript activated: 'Yes' or 'No'
  • Browser resolution
  • Java: 'On' or 'Off'
  • Screen resolution
  • Purchases
  • Time of the server request
  • Host name of accessing computer
  • Cookies: 'On' or 'Off'

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

Session cookies are automatically deleted after the user’s visit. Other cookies remain the device's memory until deleted.

Data Recipients

In the following the recipients of the data collected are listed.

  • Google Analytics
  • Google web fonts

Click here to read the privacy policy of the data processor

https://www.spoteffects.com/footer/imprint/#c920

reCAPTCHA

Description of Service

This is a service that checks whether data is entered by a human or by an automated program.

Processing Company

Google ​Ireland​ Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data Purposes

This list represents the purposes of the data collection and processing.

  • Bot Protection
  • Spam prevention
  • Fraud detection

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Scripts

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Browser language
  • Browser plug-ins
  • Click path
  • Date and time of visit
  • IP address
  • User behaviour
  • Amount of time spent on a page
  • User input
  • Device information
  • Mouse movements
  • Geographic location
  • Device operating system

Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

Data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

  • United States of America
  • Singapore
  • Taiwan
  • Chile

Data Recipients

In the following the recipients of the data collected are listed.

  • Alphabet Inc.
  • Google LLC
  • Google Ireland Limited

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy?hl=en

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

Storage Information

  • Maximum age of cookie storage: 5 months, 27 days

Stored Information

  • Name: _GRECAPTCHA; This cookie is set so that Google can provide risk analyses about the activities observed by Google reCAPTCHA; Type: cookie; Duration: 5 months, 27 days; Domain: google.com;

Amazon Pay

Description of Service

This is a payment service.

Processing Company

Amazon Payments Europe S.C.A.

38 avenue J.F. Kennedy, L-1855 Luxemburg

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Data Purposes

This list represents the purposes of the data collection and processing.

  • Payment

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Address
  • Browser information
  • Date of birth
  • Device information
  • E-mail address
  • First name
  • Geographic location
  • IP address
  • Last name
  • Telephone number
  • Time zone
  • Usage data
  • Bank details
  • Clickstream data
  • Purchase details

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Data Recipients

In the following the recipients of the data collected are listed.

  • Amazon Payments Europe s.c.a.
  • Amazon Payments, Inc.
  • Amazon.com, Inc.

Click here to read the privacy policy of the data processor

https://pay.amazon.de/help/201751600

Storage Information

  • Maximum age of cookie storage: 1 year

Stored Information

  • Name: amazon-pay-abtesting-apa-migration; Makes sure the correct Amazon Pay button is rendered for the sign-up technology used; Type: cookie; Duration: Session;
  • Name: amazon-pay-abtesting-new-widgets; Makes sure the correct Amazon Pay widgets are rendered during checkout; Type: cookie; Duration: Session;
  • Name: amazon-pay-connectedAuth; Makes sure the correct sign-in flow is used for buyer log-in; Type: cookie; Duration: Session;
  • Name: apay-session-set ; Makes sure that the correct session is kept during check-out; Type: cookie; Duration: 1 year;
  • Name: language ; Makes sure the Amazon Pay experience is presented in the correct language ; Type: cookie; Duration: 1 day;
  • Name: amazon_Login_state_cache; Makes sure buyer log-in works properly ; Type: cookie; Duration: Session;
  • Name: amazon_Login_accessToken; Makes sure buyer log-in works properly in redirect flow; Type: cookie; Duration: Session;
  • Name: apayLoginState; Makes sure buyer sees the correct widgets for legacy flow ; Type: cookie; Duration: Session;
  • Name: amazon-pay-cors-blocked-status ; Determines optimal traffic routing to avoid script blocking; Type: cookie; Duration: 1 hour;

Google Tag Manager

Description of Service

This is a tag management system. Via Google Tag Manager, tags can be integrated centrally via a user interface. Tags are small sections of code that can track activities. Script codes of other tools are integrated via the Google Tag Manager. The Tag Manager allows to control when a particular tag is triggered.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data Purposes

This list represents the purposes of the data collection and processing.

  • Tag Management

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Website tags

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Aggregated data about tag firing

Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

  • Singapore
  • Taiwan
  • Chile
  • United States of America

Data Recipients

In the following the recipients of the data collected are listed.

  • Alphabet Inc., Google LLC, Google Ireland Limited

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy?hl=en

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

Google Optimize

Description of Service

This is a service for website optimization and analysis. It helps online marketers and webmasters increase visitor conversion rates and overall visitor satisfaction by testing different combinations of website content. With this the user can perform A/B Tests on their website. A/B tests allow to pit different design options of elements of a website against each other.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/troubleshooter/7575787?hl=en

Data Purposes

This list represents the purposes of the data collection and processing.

  • Optimization
  • Improvement of service
  • Testing

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Anonymised IP address
  • User behaviour
  • Browser type
  • Browser version
  • Device operating system
  • Device type
  • URL
  • Visitors path on website
  • Referrer URL
  • Geographic location

Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

  • United States of America
  • Chile
  • Singapore
  • Taiwan

Data Recipients

In the following the recipients of the data collected are listed.

  • Google LLC
  • Google Ireland Limited
  • Alphabet Inc

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy?hl=en

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

Click here to opt out from this processor across all domains

https://tools.google.com/dlpage/gaoptout

Storage Information

  • Maximum age of cookie storage: 2 months, 29 days

Stored Information

  • Name: _gaexp; This cookie is set to determine a user's inclusion in an experiment and the expiry of experiments a user has been included in.

    ; Type: cookie; Duration: 2 months, 29 days;
  • Name: _opt_utmc; This cookie stores information about which marketing campaign a user last came to the website.; Type: cookie; Duration: 1 day;
  • Name: _opt_awcid; Contains a randomly generated user ID. Based on this ID, Google can recognize the user across different websites and display personalized advertising.; Type: cookie; Duration: 1 day;
  • Name: _opt_awmid; This cookie is set when a user reaches the website via a click on a Google ad. It contains information about whose customer account the clicked ad was placed from.; Type: cookie; Duration: 1 day;
  • Name: _opt_awgid; This cookie is set when a user reaches the website via a click on a Google ad. It contains information about which advertising campaign the clicked ad belongs to.; Type: cookie; Duration: 1 day;
  • Name: _opt_awkid; This cookie is set when a user reaches the website via a click on a Google ad. It contains information about the selection criteria used to place the ad, for example, which keyword was entered into Google.; Type: cookie; Duration: 1 day;
  • Name: _opt_expid; This cookie is created when running a redirect experiment. It stores the experiment ID, the variant ID and the referrer to the page that's being redirected.; Type: cookie; Duration: 10 seconds;

Microsoft Clarity

Description of Service

This is an analytics tool which provides website usage statistics, session recording, and heatmaps.

Processing Company

Microsoft Ireland Operations Limited

One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://www.microsoft.com/en-GB/concern/privacy

Data Purposes

This list represents the purposes of the data collection and processing.

  • Customer Behaviour Analytics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Tracking code

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Browser information
  • Country
  • Links clicked
  • Mouse movements
  • Operating system information
  • Referrer URL
  • User behaviour
  • Clicks

Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

United States of America

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be retained up to a period of 12 months from the time of recording.

Data Recipients

In the following the recipients of the data collected are listed.

  • Microsoft Corporation

Click here to read the privacy policy of the data processor

https://docs.microsoft.com/en-us/clarity/faq#privacy

Freshchat

Description of Service

This is a live chat software. It allows businesses to engage with their website visitors.

Processing Company

Freshworks Inc.

1250 Bayhill Drive, Suite 315, San Bruno, CA 94066, United States of America

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Data Purposes

This list represents the purposes of the data collection and processing.

  • Customer Support
  • Optimization

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Chat record
  • IP Address
  • E-Mail address
  • Usage data

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

United States of America

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Data Recipients

In the following the recipients of the data collected are listed.

  • Freshworks Inc.

Click here to read the privacy policy of the data processor

https://www.freshworks.com/privacy/

AWIN

Description of Service

This is an affiliate network.

Processing Company

AWIN AG

Eichhornstrasse 3, 10785 Berlin, Germany

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Data Purposes

This list represents the purposes of the data collection and processing.

  • Affiliate marketing
  • Tracking

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
  • Journey tags

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Ads viewed
  • Browser information
  • Clicked advertisements
  • Device information
  • Device operating system
  • Referrer URL
  • Time advertising is clicked
  • Time advertising is viewed
  • Touch point to advertising medium
  • Usage data
  • User agent
  • Business transactions
  • Order information
  • Leads
  • Newsletter information
  • Success of referrals

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Data Recipients

In the following the recipients of the data collected are listed.

  • AWIN AG

Click here to read the privacy policy of the data processor

https://www.awin.com/us/legal/privacy-policy

Storage Information

  • Maximum age of cookie storage: 1 year

Stored Information

  • Name: zttpvc; Set when you see an advertisement. Stores an ID for the website that shows the advertisement and the time you saw the advertisement.; Type: cookie; Duration: Session; Domain: ad.zanox.com;
  • Name: ztvc; Set when you see an advertisement. Stores an ID for the website that shows the advertisement and the time you saw the advertisement.; Type: cookie; Duration: Session; Domain: www.zanox-affiliate.de ;
  • Name: zptpvc; Set when you see an advertisement. Stores an ID for the website that showed the advertisement and the time you saw the advertisement.; Type: cookie; Duration: 2 months, 29 days; Domain: www.zanox-affiliate.de ;
  • Name: zpvc; Set when you see an advertisement. Stores an ID for the website that showed the advertisement and the time you saw the advertisement.; Type: cookie; Duration: 2 months, 29 days; Domain: www.zanox-affiliate.de ;
  • Name: ztcc; Set when you click on one of AWIN's links. Stores IDs for referring website, advertisement on which you clicked, group of advertisements to which the advertisement belongs, time you clicked on it, ID for the type of advertisement and any reference the referring site adds to the click.; Type: cookie; Duration: Session; Domain: www.zanox-affiliate.de ;
  • Name: zcc; Set when you click on one of AWIN's links. Stores IDs for referring website, advertisements on which you clicked, group of advertisements to which the advertisement belongs, time you clicked on it, ID for the type of advertisement and any reference the referring site adds to the click.; Type: cookie; Duration: 1 year; Domain: www.zanox-affiliate.de ;
  • Name: bId; Sets a browser-specific ID to identify a new click on the same browser.; Type: cookie; Duration: 1 year; Domain: awin1.com ;
  • Name: aw*****; Set when you click on one of AWIN's links. Stores IDs for referring website, advertisement on which you clicked, group of advertisements to which the advertisement belongs, time you clicked on it, ID for the type of advertisement, ID for the product and any reference the referring site adds to the click.; Type: cookie; Duration: 30 days; Domain: awin1.com ;
  • Name: AWSESS; Set when you see an advertisement and used to help AWIN make sure they don't keep showing you the same advertisement.; Type: cookie; Duration: Session; Domain: awin1.com ;
  • Name: awpv*****; Set when you see an advertisement. Stores an ID for the website that showed the advertisement and the time you saw the advertisement.; Type: cookie; Duration: 1 day; Domain: awin1.com ;
  • Name: AW; Set when you click on one of AWIN's links. Stores IDs for referring website, advertisement on which you clicked, group of advertisements to which the advertisement belongs, time you clicked on it, ID for the type of advertisement, ID for the product and any reference the referring site adds to the click.; Type: cookie; Duration: 30 days; Domain: awin1.com ;
  • Name: _aw_m_*****; Set when you click on one of AWIN's links. Stores IDs for referring website, advertisement on which you clicked, group of advertisement s to which the advertisement belongs, time you clicked on it, ID for the type of advertisement, ID for the product and any reference the referring site adds to the click.; Type: cookie; Duration: 30 days;

Kelkoo

Description of Service

This is a price- and product comparison service.

Processing Company

Kelkoo SAS

12, rue Godot de Mauroy, 75009, Paris, France

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Data Purposes

This list represents the purposes of the data collection and processing.

  • Marketing
  • Analytics
  • Optimization

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Tracking Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Browser information
  • IP address
  • Time of request
  • Geographic location
  • HTTP-header
  • Purchase activity

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Data Recipients

In the following the recipients of the data collected are listed.

  • Kelkoo SAS

Click here to read the privacy policy of the data processor

https://www.kelkoogroup.com/privacy-policy/

Matomo

Description of Service

This is an open source web analytics service.

Processing Company

InnoCraft

150 Willis St, 6011 Wellington, New Zealand

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Data Purposes

This list represents the purposes of the data collection and processing.

  • Analytics
  • Optimization

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Anonymised IP address
  • Browser information
  • Date and time of visit
  • Device information
  • Files clicked or downloaded
  • Geographic location
  • Links to outside domain clicked
  • Number of visits
  • Page title
  • Referrer URL
  • Screen resolution
  • Time of users first visit
  • Time of users previous visit
  • Time zone
  • Usage data
  • User agent
  • User ID
  • Page URL

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Data Recipients

In the following the recipients of the data collected are listed.

  • InnoCraft

Click here to read the privacy policy of the data processor

https://matomo.org/privacy-policy/

Click here to opt out from this processor across all domains

https://matomo.org/privacy-policy/#optout

Storage Information

  • Maximum age of cookie storage: 30 years

Stored Information

  • Name: _pk_id; This is used to store a few details about the user such as the unique visitor ID; Type: cookie; Duration: 1 year, 1 month;
  • Name: _pk_ref; This is used to store the attribution information, the referrer initially used to visit the website; Type: cookie; Duration: 6 months;
  • Name: _pk_ses; This is used to temporarily store data for the visit; Type: cookie; Duration: 30 minutes;
  • Name: _pk_cvar; This is used to temporarily store data for the visit; Type: cookie; Duration: 30 minutes;
  • Name: _pk_hsr; This is used to temporarily store data for the visit; Type: cookie; Duration: 30 minutes;
  • Name: _pk_testcookie; This is used to check whether the visitor’s browser supports cookies; Type: cookie; Duration: Session;
  • Name: mtm_consent; This is used to remember that consent was given (or removed) by the user. ; Type: cookie; Duration: 30 years;
  • Name: mtm_cookie_consent; This is used to remember that consent for storing and using cookies was given by the user.; Type: cookie; Duration: 30 years;

LiveChat

Description of Service

LiveChat provides online customer service software.

Processing Company

LiveChat, Inc.

One International Place, Suite 1400 Boston, MA 02110-2619, United States of America

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Data Purposes

This list represents the purposes of the data collection and processing.

  • Providing customer service

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • IP address
  • Browser type
  • Domain
  • Device Operating System

  • Chat content
  • Geographic location

  • User ID
  • Browser language

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

United States of America

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Data Recipients

In the following the recipients of the data collected are listed.

  • LiveChat, Inc.

Click here to read the privacy policy of the data processor

https://www.livechatinc.com/legal/privacy-policy/

Outbrain

Description of Service

This is an advertising service. This service provides recommendations upon user interests.

Processing Company

Outbrain Inc.

39 West 13th Street, 3rd floor, New York, NY 1001, United States of America

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Data Purposes

This list represents the purposes of the data collection and processing.

  • Advertisement
  • Conversion Tracking

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
  • Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Anonymised IP address
  • Browser type
  • Date and time of visit
  • Device information
  • Device operating system
  • Referrer URL
  • Websites visited

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

United States of America

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

Data will be deleted as soon as they are no longer needed for the processing purposes.

Data Recipients

In the following the recipients of the data collected are listed.

  • Outbrain Inc.

Click here to read the privacy policy of the data processor

https://www.outbrain.com/legal/privacy

Click here to opt out from this processor across all domains

https://www.outbrain.com/legal/privacy#privacy-policy

Storage Information

  • Maximum age of cookie storage: 5 minutes

Stored Information

  • Name: outbrain_cid_fetch; This cookie determines how the user accessed the website. This is used to measure the efficiency of the marketing.; Type: cookie; Duration: 5 minutes; Domain: outbrain.com;

Google Analytics

Description of Service

This is a web analytics service. With this, the user can measure the advertising return on investment "ROI" as well as track user behavior with flash, video, websites and applications.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data Purposes

This list represents the purposes of the data collection and processing.

  • Marketing
  • Analytics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
  • Pixel
  • JavaScript
  • Device fingerprinting

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Click path
  • Date and time of visit
  • Device information
  • Location information
  • IP address
  • Pages visited
  • Referrer URL
  • Browser information
  • Hostname
  • Browser language
  • Browser type
  • Screen resolution
  • Device operating system
  • Interaction data
  • User behaviour
  • Visited URL

Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The Retention Period depends on the type of the saved data. Each client can choose how long Google Analytics retains data before automatically deleting it.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

  • United States of America
  • Singapore
  • Chile
  • Taiwan

Data Recipients

In the following the recipients of the data collected are listed.

  • Google Ireland Limited, Alphabet Inc., Google LLC

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy?hl=en

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

Click here to opt out from this processor across all domains

https://tools.google.com/dlpage/gaoptout?hl=de

Storage Information

  • Maximum age of cookie storage: 2 years

Stored Information

  • Name: __utmb; Type: cookie; Duration: - ;
  • Name: _ga; Type: cookie; Duration: - ;
  • Name: _gid; Type: cookie; Duration: - ;
  • Name: user; Type: cookie; Duration: - ;
  • Name: __utma; Type: cookie; Duration: - ;
  • Name: __utmz; Type: cookie; Duration: - ;
  • Name: internal/collect; Type: cookie; Duration: - ;
  • Name: __utm.gif; Type: cookie; Duration: - ;
  • Name: IDE; Type: cookie; Duration: - ;
  • Name: CONSENT; Type: cookie; Duration: - ;
  • Name: __utmt; Type: cookie; Duration: - ;
  • Name: test_cookie; Type: cookie; Duration: - ;
  • Name: _gat; Type: cookie; Duration: - ;
  • Name: __utmc; Type: cookie; Duration: - ;

Facebook Pixel

Description of Service

This is a Tracking technology offered by Facebook and used by other Facebook services. It is used to track interactions of visitors with websites ("Events") after they have clicked on an ad placed on Facebook or other services provided by Meta ("Conversion").

Processing Company

Meta Platforms Ireland Ltd.

4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://www.facebook.com/help/contact/1650115808681298

Data Purposes

This list represents the purposes of the data collection and processing.

  • Analytics
  • Marketing
  • Retargeting
  • Advertisement
  • Conversion Tracking
  • Personalisation

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
  • Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Ads viewed
  • Content viewed
  • Device information
  • Geographic location
  • HTTP-header
  • Interactions with advertisement, services, and products
  • IP address
  • Items clicked
  • Marketing information
  • Pages visited
  • Pixel ID
  • Referrer URL
  • Usage data
  • User behaviour
  • Facebook cookie information
  • Facebook user ID
  • Usage/click behaviour
  • Browser information
  • Device operating system
  • Device ID
  • User agent
  • Browser type

Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

User’s interactions tracked on websites will not be stored longer than for two years. However, the data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

  • Singapore
  • United States of America
  • United Kingdom

Data Recipients

In the following the recipients of the data collected are listed.

  • Meta Platforms Ireland Ltd., Meta Platforms Inc.

Click here to read the privacy policy of the data processor

https://www.facebook.com/privacy/explanation

Click here to read the cookie policy of the data processor

https://www.facebook.com/policies/cookies

Storage Information

  • Maximum age of cookie storage: 1 year

Stored Information

  • Name: messaging_plugin_#; Type: cookie; Duration: - ;
  • Name: fr; Type: cookie; Duration: - ;
  • Name: _fbp; Type: cookie; Duration: - ;
  • Name: pxcelBcnLcy; Type: cookie; Duration: - ;
  • Name: _fbp; Type: web;

Ometria

Description of Service

This website uses Ometria to have a single and unified view of each customer in order to increase sales through personalized content tailored to the respective segment.

Processing Company

Ometria Limited

3.01, The Tea Building, 56 Shoreditch High Street, London E1 6JJ

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Data Purposes

This list represents the purposes of the data collection and processing.

  • Marketing
  • Advertising

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Identity, contact, profile, marketing, communication, purchase history, browser behavior, marketing interactions, returns, in-store/offline activity, business address, telephone number, email, internet protocol (IP) address, login data, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access, interests, preferences, feedback, survey responses

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

EU Data Centres

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

  • UK

Data Recipients

In the following the recipients of the data collected are listed.

  • Ometria, Ltd.

Click here to read the privacy policy of the data processor

https://ometria.com/privacy-policy

Click here to read the cookie policy of the data processor

https://ometria.com/cookie-policy

Google Analytics - Hashing

Description of Service

This is an additional functionality for hashing of email addresses built into Google Analytics, which is a web analytics service.

Processing Company

Google Ireland Limited

Gordon House, Barrow Street, Dublin 4, Dublin, D04e5w5, Ireland

Data Purposes

This list represents the purposes of the data collection and processing.

  • Marketing
  • Advertising

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
  • Hashing

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Hashed email

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

  • Worldwide

Data Recipients

In the following the recipients of the data collected are listed.

  • Google Ireland Limited

Click here to read the privacy policy of the data processor

https://support.google.com/policies/contact/general_privacy_form

Click here to opt out from this processor across all domains

https://tools.google.com/dlpage/gaoptout?hl=de

Facebook Pixel - Hashing

Description of Service

This is an additional functionality for hashing of email addresses built into Facebook Pixel which is a Tracking technology offered by Facebook and used by other Facebook services such as Facebook Custom Audiences.

Processing Company

Facebook Ireland Limited

4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://www.facebook.com/help/contact/540977946302970

Data Purposes

This list represents the purposes of the data collection and processing.

  • Marketing
  • Advertising

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Hashing
  • Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Hashed email

Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

  • Worldwide

Data Recipients

In the following the recipients of the data collected are listed.

  • Facebook Ireland Limited

Click here to read the privacy policy of the data processor

https://www.facebook.com/privacy/explanation

Click here to read the cookie policy of the data processor

https://www.facebook.com/policies/cookies

Click here to opt out from this processor across all domains

https://www.facebook.com/ads/preferences/

Usercentrics Consent Management Platform

Description of Service

This is a consent management service. Usercentrics GmbH is used on the website as a processor for the purpose of consent management.

Processing Company

Usercentrics GmbH

Sendlinger Str. 7, 80331 Munich, Germany

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Data Purposes

This list represents the purposes of the data collection and processing.

  • Compliance with legal obligations
  • Consent storage

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Local storage

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Opt-in and opt-out data
  • Referrer URL
  • User agent
  • User settings
  • Consent ID
  • Time of consent
  • Consent type
  • Template version
  • Banner language

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The consent data (given consent and revocation of consent) are stored for three years. The data will then be deleted immediately.

Data Recipients

In the following the recipients of the data collected are listed.

  • Usercentrics GmbH

Click here to read the privacy policy of the data processor

https://usercentrics.com/privacy-policy/

Google AJAX

Description of Service

This is a content delivery network from Google.

Processing Company

Google Ireland Limited

1600 Amphitheatre Parkway, Mountain View, CA 94043, United States of America

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/troubleshooter/7575787?hl=en

Data Purposes

This list represents the purposes of the data collection and processing.

  • Content delivery network (CDN)

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • JavaScript

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • IP address
  • Browser information
  • Geographic location
  • Websites visited

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

United States of America

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Data Recipients

In the following the recipients of the data collected are listed.

  • Google LLC
  • Google Ireland Limited
  • Alphabet Inc

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy?hl=en

Click here to opt out from this processor across all domains

https://safety.google/privacy/privacy-controls/