DATA PROTECTION

privacy

We have written this data protection declaration (version 01.08.2020-311199516) to explain to you in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 what information we collect, how we use data and what options you have as a visitor to this website .

Unfortunately, it is in the nature of things that these explanations sound very technical, but we have tried to describe the most important things as simply and clearly as possible.

Automatic data storage

When you visit websites these days, certain information is automatically created and stored, including on this website.

If you visit our website as you are now, our web server (computer on which this website is stored) automatically saves data such as

  • the address (URL) of the accessed website

  • Browser and browser version

  • the operating system used

  • the address (URL) of the previously visited page (referrer URL)

  • the host name and the IP address of the device from which access is made

  • Date and Time

in files (web server log files).

As a rule, web server log files are stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out that this data will be viewed in the event of illegal behavior.

Cookies

Our website uses HTTP cookies to save user-specific data.
In the following we explain what cookies are and why they are used so that you can better understand the following data protection declaration.

What exactly are cookies?

Whenever you surf the Internet, you are using a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites save small text files in your browser. These files are called cookies.

One thing cannot be dismissed out of hand: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are also other cookies for other areas of application. HTTP cookies are small files that our website stores on your computer. These cookie files are automatically placed in the cookie folder, which is the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data about you, such as language or personal page settings. When you visit our site again, your browser sends the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you your usual standard settings. In some browsers each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly from our side, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other "pests". Cookies cannot access information on your PC either.

For example, cookie data can look like this:

  • Name: _ga

  • Expiry time: 2 years

  • Use: Differentiation of website visitors

  • Exemplary value: GA1.2.1326744211.152311199516

A browser should support the following minimum sizes:

  • A cookie should be able to contain at least 4096 bytes

  • At least 50 cookies should be able to be stored per domain

  • A total of at least 3000 cookies should be able to be stored

What types of cookies are there?

The question of which cookies we specifically use depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies.

There are 4 types of cookies:

Absolutely necessary cookies
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues surfing on other pages and only goes to checkout later. These cookies do not delete the shopping cart, even if the user closes his browser window.

Functional cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are used to measure the loading time and the behavior of the website in different browsers.

Goal-oriented cookies
These cookies ensure better user-friendliness. For example, entered locations, font sizes or form data are saved.

Advertising cookies
These cookies are also called targeting cookies. They serve to deliver customized advertising to the user. That can be very practical, but also very annoying.

When you visit a website for the first time, you will usually be asked which of these types of cookies you would like to allow. And of course this decision is also saved in a cookie.

How can I delete cookies?

You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies originate from, you always have the option of deleting cookies, only partially allowing them or deactivating them. For example, you can block third-party cookies but allow all other cookies.

If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, activate and manage cookies in Chrome

Safari: manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. In this way you can decide for each individual cookie whether or not to allow the cookie. The procedure is different depending on the browser. It is best to search for the instructions in Google using the search term “delete cookies Chrome” or “deactivate cookies Chrome” in the case of a Chrome browser or replace the word “Chrome” with the name of your browser, e.g. Edge, Firefox, Safari.

What about my data protection?

The so-called "cookie guidelines" have existed since 2009. It states that the saving of cookies requires your consent. Within the EU countries, however, there are still very different reactions to these guidelines. In Germany, the cookie guidelines have not been implemented as national law. Instead, this guideline was largely implemented in Section 15 (3) of the Telemedia Act (TMG).

If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265 , the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.

Storage of personal data

Personal data that you transmit to us electronically on this website, such as name, e-mail address, address or other personal information in the context of submitting a form or comments in the blog, are stored by us together with the time and the IP Address is only used for the specified purpose, stored securely and not passed on to third parties.

We therefore only use your personal data for communication with those visitors who expressly request contact and for processing the services and products offered on this website. We do not pass on your personal data without your consent, but we cannot rule out that this data will be viewed in the event of illegal behavior.

If you send us personal data by email - outside of this website - we cannot guarantee the secure transmission and protection of your data. We recommend that you never send confidential data unencrypted by e-mail.

According to Article 6 Paragraph 1 a GDPR (lawfulness of processing), the legal basis is that you give us your consent to process the data you have entered. You can revoke this consent at any time - an informal e-mail is sufficient, you will find our contact details in the imprint.

Rights according to the General Data Protection Regulation

According to the provisions of the GDPR, you have the following rights:

  • Right to rectification (Article 16 GDPR)

  • Right to cancellation ("right to be forgotten") (Article 17 GDPR)

  • Right to restriction of processing (Article 18 GDPR)

  • Right to notification - obligation to notify in connection with the correction or deletion of personal data or the restriction of processing (Article 19 GDPR)

  • Right to data portability (Article 20 GDPR)

  • Right to object (Article 21 GDPR)

  • Right not to be subject to a decision based solely on automated processing - including profiling (Article 22 GDPR)

If you believe that the processing of your data violates data protection law or that your data protection claims have been violated in any other way, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI) .

Evaluation of visitor behavior

In the following data protection declaration, we inform you whether and how we evaluate data from your visit to this website. The data collected is usually evaluated anonymously and we cannot identify you personally from your behavior on this website.

You can find out more about how to object to this analysis of the visit data in the following data protection declaration.

TLS encryption with https

We use https to transfer data securely on the Internet (data protection through technology design, Article 25 (1) GDPR ). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this protection of data transmission by the small lock symbol in the top left of the browser and the use of the https (instead of http) scheme as part of our Internet address.

Embedded social media elements data protection declaration

We integrate elements of social media services on our website in order to display images, videos and texts.
When you visit pages that display these elements, data is transferred from your browser to the respective social media service and stored there. We have no access to this data.
The following links take you to the pages of the respective social media services where it is explained how they handle your data:

Instagram privacy policy

We have built in Instagram functions on our website. Instagram is a social media platform operated by Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Instagram has been a subsidiary of Facebook Inc. since 2012 and is a Facebook product. Embedding Instagram content on our website is called embedding. This enables us to show you content such as buttons, photos or videos from Instagram directly on our website. When you visit our website that has an Instagram function integrated, data is transmitted to Instagram, stored and processed. Instagram uses the same systems and technologies as Facebook. Your data will thus be processed across all Facebook companies.

In the following we would like to give you a more detailed insight into why Instagram collects data, what data it is and how you can largely control the data processing. Since Instagram belongs to Facebook Inc., we obtain our information from the Instagram guidelines on the one hand, but also from the Facebook data guidelines themselves on the other.

What is Instagram

Instagram is one of the most famous social media networks worldwide. Instagram combines the advantages of a blog with the advantages of audiovisual platforms such as YouTube or Vimeo. You can upload photos and short videos to “Insta” (as many of the users casually call the platform), edit them with various filters and also distribute them on other social networks. And if you don't want to be active yourself, you can just follow other interesting users.

Why do we use Instagram on our website?

Instagram is the social media platform that has really gone through the roof in recent years. And of course we have reacted to this boom too. We want you to feel as comfortable as possible on our website. That is why a varied preparation of our content is a matter of course for us. Thanks to the embedded Instagram functions, we can enrich our content with helpful, funny or exciting content from the Instagram world. Since Instagram is a subsidiary of Facebook, the data collected can also be used for personalized advertising on Facebook. Our advertisements are only given to people who are really interested in our products or services.

Instagram also uses the collected data for measurement and analysis purposes. We get summarized statistics and thus more insight into your wishes and interests. It is important to note that these reports do not personally identify you.

What data is stored by Instagram?

If you come across one of our pages that has Instagram functions (such as Instagram images or plug-ins) installed, your browser automatically connects to Instagram's servers. In doing so, data is sent to Instagram, stored and processed. Regardless of whether you have an Instagram account or not. This includes information about our website, about your computer, about purchases made, about advertisements that you see and how you use our offer. The date and time of your interaction with Instagram are also saved. If you have an Instagram account or are logged in, Instagram saves significantly more data about you.

Facebook differentiates between customer data and event data. We assume this is exactly the case with Instagram. Customer data are, for example, name, address, telephone number and IP address. It is important to mention that this customer data is only transmitted to Instagram after it has been "hashed" beforehand. Hashing means that a data record is converted into a character string. This allows you to encrypt the contact details. In addition, the "event data" mentioned above are also transmitted. Facebook - and consequently Instagram - understands “event data” to mean data about your user behavior. It can also happen that contact data is combined with event data. The contact details collected are compared with the data that Instagram already has about you.

The collected data is transmitted to Facebook via small text files (cookies), which are usually set in your browser. Depending on the Instagram functions used and whether you have an Instagram account yourself, different amounts of data are stored.

We assume that data processing on Instagram works the same as on Facebook. This means: if you have an Instagram account or have visited www.instagram.com , Instagram has set at least one cookie. If this is the case, your browser sends information to Instagram via the cookie as soon as you come into contact with an Instagram function. This data will be deleted or anonymized after 90 days at the latest (after comparison). Although we have dealt intensively with data processing by Instagram, we cannot say exactly what data Instagram collects and stores.

In the following we show you cookies that are set in your browser at least when you click on an Instagram function (such as a button or an Insta picture). Our test assumes that you do not have an Instagram account. If you are logged in to Instagram, significantly more cookies will of course be set in your browser.

These cookies were used in our test:

Name: csrftoken
Value: ""
Purpose: This cookie is very likely to be set for security reasons in order to prevent falsification of inquiries. However, we could not find out more precisely.
Expiry date: after one year

Name: mid
Value: ""
Purpose: Instagram sets this cookie to optimize its own services and offers in and outside of Instagram. The cookie defines a unique user ID.
Expiration date: after the session ends

Name: fbsr_311199516124024
Value: no information
Purpose: This cookie stores the log-in request for users of the Instagram app.
Expiration date: after the session ends

Name: rur
Value: ATN
Purpose: This is an Instagram cookie that guarantees functionality on Instagram.
Expiration date: after the session ends

Name: urlgen
Value: “{\” 194.96.75.33 \ ”: 1901}: 1iEtYv: Y833k2_UjKvXgYe311199516”
Purpose: This cookie is used by Instagram for marketing purposes.
Expiration date: after the session ends

Note: We cannot claim to be complete here. Which cookies are set in the individual case depends on the embedded functions and your use of Instagram.

How long and where is the data stored?

Instagram shares the information received between the Facebook companies with external partners and with people you connect with worldwide. The data processing takes place in compliance with our own data guidelines. For security reasons, among other things, your data is distributed on Facebook servers around the world. Most of these servers are in the USA.

How can I delete my data or prevent data storage?

Thanks to the General Data Protection Regulation, you have the right to information, portability, correction and deletion of your data. You can manage your data in the Instagram settings. If you want to completely erase your data on Instagram, you have to permanently delete your Instagram account.

And this is how the deletion of the Instagram account works:

First, open the Instagram app. On your profile page, go down and click on "Help Center". You are now on the company's website. On the website, click on "Manage Your Account" and then on "Delete Your Account".

If you delete your account entirely, Instagram will delete posts such as your photos and status updates. Information that other people have shared about you does not belong to your account and therefore will not be deleted.

As already mentioned above, Instagram stores your data primarily via cookies. You can manage, deactivate or delete these cookies in your browser. Management always works a little differently depending on your browser. Here we show you the instructions for the most important browsers.

Chrome: Delete, activate and manage cookies in Chrome

Safari: manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

You can also set up your browser so that you are always informed when a cookie is to be set. Then you can always decide individually whether you want to allow the cookie or not.

Instagram is a subsidiary of Facebook Inc. and Facebook is an active participant in the EU-US Privacy Shield Framework. This framework ensures correct data transfer between the USA and the European Union. You can find out more about this at https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC . We have tried to give you the most important information about data processing by Instagram. On https://help.instagram.com/519522125107875
you can take a closer look at Instagram's data guidelines.

Source: Created with the data protection generator from AdSimple in cooperation with fashiongott.de

© 2020 Paula Fischer & Daniel Wagner