The security of your personal information and the protection of your sphere of privacy is our top priority.
We therefore wish to draw to your attention to the following information concerning the collection, processing and use of personal data. If you have any further questions about data protection with regard to the use of our website, you can contact us directly at any time.
1. DATA PROCESSING CONTROLLER
1.1 Data Processing Controller as defined in Article 4.7 of the EU General Data Protection Regulation (GDPR)
Lässig GmbH
Im Riemen 32
64832 Babenhausen
Germany
Tel: +49 (0)6073 - 74489-0
Fax: +49 (0)6073 - 74489-29
E-mail: info@laessig-gmbh.de
Managing Directors: Dr. Torge Doser, Ingo Röller
(Hereinafter referred to as “LÄSSIG”, “we” or “us”)
1.2 Data protection officer
The data protection officer of Lässig GmbH is
ceterion AG
Frankfurter Straße 63-69
65760 Eschborn
E-mail: datenschutz@laessig-gmbh.de
2. USER RIGHTS
You have the right (partly limited by certain conditions) at any time
• to request information about the processing of your data,
• to correct your data,
• to have your data deleted or blocked
• to receive your data in a transferable format and to transmit it to a third party
• to revoke your consent to the processing of your data for the future. You can revoke your consent at any time by notifying us. However, any such revocation will not affect the lawfulness of processing done by us with your consent prior to revocation. Your personal data will then be deleted. Likewise, further processing of this data for other lawful reasons, such as for the fulfillment of legal obligations, remains unaffected.
Right to object You have the right to object at any time, on grounds relating to your particular circumstances, to the processing of personal data concerning you that is carried out on the basis of Article 6.1(e) of the GDPR (Data processing in the public interest) or Article 6.1(f) of the GDPR (Data processing on the basis of a balance of interests). If you object, we will only continue to process your personal data insofar as we can demonstrate compelling legitimate grounds for doing so that override your interests, rights and freedoms, or insofar as the processing serves the assertion, exercise or defense of legal claims. |
If you wish to register an objection, please get in touch with us using the contact details provided in Section 1 above.
In addition, you have the right to lodge a complaint with a supervisory authority pursuant to Article 77 of the GDPR. The supervisory authority responsible for LÄSSIG is:
The Hessian Commissioner for Data Protection and Freedom of Information
PO Box 3163
65021 Wiesbaden
Tel: +49 611 1408 - 0
Fax: +49 611 1408 - 611
3. STORAGE PERIOD/DELETION
Your IP address and the name of your Internet service provider (which we only store for security reasons) are deleted after seven days.
Otherwise, your personal data will be deleted as soon as they are no longer required for the above-mentioned purposes. In this context, personal data may be stored for the time during which claims can be asserted against us (statutory limitation period of three to thirty years). In addition, personal data will be stored to the extent and for as long as we are required to do so by law. Legal obligations to provide proof and to retain data arise from the German Commercial Code, the German Fiscal Code and the German Money Laundering Act and similar. The storage periods in such cases are up to ten years.
4. CATEGORIES OF RECIPIENTS OF THE DATA
In order to process your data, we avail ourselves of services provided by external “processors”. A processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the data controller.
Processing operations carried out by such processors include, for example, hosting, maintenance and support of IT systems, marketing activities and the destruction of files and data media. Processors do not use the data for their own purposes, but carry out data processing exclusively on behalf of the controller and are contractually obligated to ensure appropriate technical and organizational measures for data protection.
In addition, we may transfer your personal data to bodies such as postal and delivery services, payment and information services, our bank, tax advisor/auditor or the tax authorities. Further recipients may result as indicated in the section below.
5. DATA TRANSFER TO THIRD COUNTRIES
Visiting our website may involve the transfer of certain personal data to third countries, i.e. countries where the GDPR is not applicable law. Such a transfer is permissible if the European Commission has determined that an adequate level of data protection is guaranteed in such third country. If no such decision by the European Commission has been made, a transfer of personal data to a third country will only take place if appropriate safeguards are in place in accordance with Article 46 of the GDPR or if one of the conditions of Article 49 of the GDPR is met.
Unless otherwise stated in this Data Protection Declaration, we use the EU standard contractual clauses for the transfer of personal data to processors in third countries as appropriate safeguards.
If you consent to the transfer of personal data to third countries, the transfer will take place on the legal basis of Article 49.1(a) of the GDPR.
6. SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as site operator.
You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.
Data sent in the context of the ordering process in the webshop are transmitted in encrypted form (SSL encryption) to prevent their misuse by third parties.
7. SCOPE, PURPOSE AND LEGAL BASIS OF THE PROCESSING OF PERSONAL DATA
7.1 Basic information on data processing
We treat your personal data confidentially and in accordance with the applicable data protection regulations, as well as taking into account the principles of data economy and data avoidance.
We take organizational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of the relevant data protection regulations are complied with and thus to protect the data processed by us against accidental or intentional manipulation, against loss or destruction and against access by unauthorized persons.
We point out that data transmission over the Internet (e.g. communication by e-mail) may be vulnerable to security breaches. Complete protection of data against access by third parties is not possible. For this reason, you may prefer to transmit personal data to us by alternative means, for example by post or by telephone.
7.2 Data processing in the context of using our website
7.2.1 Log files
Every time you access our website, usage data is transmitted by your Internet browser and stored in the form of log data (server log files). This data includes:
• IP address
• Time stamp (date and time of the visit)
• Nature of the visit
• Client information (type of client, client version)
• User’s operating system (device, OS version of the device)
The legal basis for the processing is Article 6.1.1(f) of the GDPR, namely our legitimate interest in ensuring trouble-free operation, stability of our systems and IT security. Assignment of such data to a specific person is not possible. The data collected is deleted after 7 days at the latest.
7.2.2 Cookies
Our website uses cookies. Cookies are small text files that are stored in the internet browser or by the internet browser on your computer system. When you visit a website, a cookie may be stored on your operating system. This cookie contains a specific string of characters that makes it possible to uniquely identify the browser when the website is called up again.
We use cookies for the purpose of making our website more user-friendly, effective and secure. Furthermore, cookies enable our systems to recognize your browser, even after you have called up a different page, so that we can continue to offer you services. Some functions of our websites cannot be offered without the use of cookies. We wish to point out that the use of the shopping cart function and ordering is only possible with the use of cookies. Details on the cookies we use can be found in our cookie policy.
We also use cookies on our website for the purpose of analyzing the surfing behavior of our site visitors. Furthermore, we use cookies for the purpose of subsequently addressing site visitors on other websites with targeted advertising relevant to their preferences and for the creation of visitor statistics.
Insofar as cookies are not technically mandatory, the legal basis for the processing in this case is Article 6.1.1(f) of the GDPR. We use them only with your previously declared consent, which you can also revoke at any time; the legal basis for the processing in this case is Article 6.1.1(a) of the GDPR.
Cookies are stored on your computer. Therefore, you have full control over the use of cookies. By selecting the appropriate technical settings in your browser, you can prevent the storage of cookies and transmission of the data they contain. Cookies that have previously been stored can be deleted at any time. We wish to point out that you may then be unable to use all functions of this website to their full extent.
Under the following links you can find information on how to manage cookies in the most popular browsers (including how to deactivate them):
• Google Chrome: https://support.google.com/accounts/answer/61416?hl=de
• Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
• Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
• Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac
• Opera: help.opera.com/Windows/10.20/de/cookies.html
7.2.3 Shopware: Software package used in the operation of the LÄSSIG Shop
In operating our LÄSSIG Shop, we use the Shopware eCommerce software solution supplied to us by shopware AG, Ebbinghoff 10, 48624 Schöppingen (imprint of shopware AG | Shopware). This is not a Cloud solution; the hosting is done instead on a dedicated server.
Shopware uses cookies to enable and ensure the basic functions of the store, e.g. the shopping cart content, the login status and also Cross-Site Request Forgery Prevention (CSRF). In addition, cookies are used to make the individual areas of the LÄSSIG Shop usable or to recognize you when you return to our online store.
Use of Shopware (and thus also of the LÄSSIG store) is not entirely possible without cookies.
Further details on the use/processing of your data by Shopware can be found here: https://www.shopware.com/de/datenschutz/
The use of Shopware takes place on the basis of Article 6.1(f) of the GDPR. We have a legitimate interest in optimizing the reliable presentation and operation of our website. For this purpose, we have concluded an order processing agreement with Shopware in accordance with Article 6.1.1(c) of the GDPR in conjunction with Article 28.3 of the same.
Insofar as the customer’s consent has been requested, the processing is carried out exclusively on the basis of Article 6.1(a) of the GDPR. That consent can be revoked at any time.
7.2.4 Customer account
Permanent customer account
Customers wishing to order from our online store can create a password-protected customer account. In this case, your personal data will be stored for as long as your account with us remains open, so that no new data entry is required for a new order. In addition, you have the option to view and change the data stored in your customer account at any time. We process the following data:
• First and last name
• Salutation
• Postal address
• E-mail address
• Date of birth (optional)
• Customer reference number
• Password
• If an order is placed: billing and payment data (credit card numbers, bank data) and transaction IDs related to the order
• If an order is placed: order data and payment risk assessment data (account balance, turnover, reminder level, blocks on delivery)
The creation of a customer account is entirely voluntary. If you create a customer account, the data we collect from you will be processed on the legal basis of Article 6.1.1(b) of the GDPR.
In addition to supplying the data requested when placing an order, you must enter a password of your choice to set up a customer account. Used in conjunction with your e-mail address, this serves to give you access to your customer account. Please keep your personal access data secret and do not make them accessible to unauthorized third parties. You must also actively log out before you leave our website, otherwise you will automatically remain logged in.
You can delete your customer account at any time. If you do not delete your customer account yourself, it will be deleted automatically three years after you placed your last order. This three-year period commences on the last day of the calendar year in which you placed your last order.
Please note, however, that a deletion of the customer account does not automatically lead to the deletion of the order data stored in the customer account at the time when you placed the order. In this case, the data deletion is governed by Section 3 of this document.
Guest account
If you do not want to create a permanent customer account, you have the option to order from us as a guest user. In that case, you should set a check mark in the field “Do not create a customer account” under the heading “I am a new customer” when placing your order. This will ensure that no permanent customer account will be created and that your data will be stored only for the purpose of carrying out this one specific order and then deleted. We process the following data:
• First and last name
• Salutation
• Postal address
• E-mail address
• Date of birth (optional)
• If an order is placed: billing and payment data (credit card numbers, bank data) and transaction IDs related to the order
• If an order is placed: order data and payment risk assessment data (account balance, turnover, reminder level, blocks on delivery)
Please note, however, that a deletion of your customer data does not automatically lead to the deletion of order data arising from any purchases you may have made. In this case, the deletion of data is governed by Section 3 of this document.
The data we collect from you will be processed on the legal basis of Article 6.1.1(b) of the GDPR.
7.2.5 Collection and processing of data when logged in as a B2B customer
On our website, under the heading “B2B”, you will find the option of contacting us and registering as a commercial customer. For this purpose, the following data is collected in the B2B master data sheet, which is integrated on the website:
• Source
• Company name
• Company owner: First and last name
• Contact person (if different from the owner): last name, first name, department, e-mail (optional).
• Billing address: street + number, postal code, city, country, comment (optional)
• Contact information: phone number, fax and mobile number (optional), e-mail; homepage/ internet shop.
• Information about terms of payment: e‑mail address, VAT ID No. EORI No. (optional information), bank details (optional information)
• Information on any existing association membership incl. membership number
• Social media accounts (optional information)
• Sales channels (optional information)
The data collected will not be disclosed to third parties in the course of your contact with us. We use the data to respond to your request as promptly as possible and to establish contact with you. For this purpose, we use either the stated e‑mail address or your telephone number. IP addresses are collected to protect against misuse of the contact form and are anonymized.
By sending your message, you consent to the processing of the transmitted data. The processing takes place on the legal basis of Article 6.1.1(a) of the GDPR and of having obtained your consent. You can revoke your consent at any time by notifying us. However, any such revocation will not affect the lawfulness of processing done by us with your consent prior to revocation. Your personal data will then be deleted.
Upon receiving your completed contact form, we will collect personal data only to the extent provided by you. We will only use your e-mail address to process your request. Your data will then be deleted, unless you have consented to further processing and use.
7.2.6 Collection and processing when registering under “Midwife”
On our website, under the heading “Partners/Midwives”, you will find the option of contacting us and registering. The following data is collected for this purpose:
• First and last name
• Address: street, house number, city, postal code, country
• E-mail address
• Midwife certificate
• Proof of name change, if any (optional)
• Telephone number (optional)
• Information on professional practice (optional)
• Information on courses: pre/post-natal care, breastfeeding counseling, babywearing counseling, etc. (optional)
The data collected will not be disclosed to third parties in the course of your contact with us. We use the data to respond to your request as promptly as possible and to establish contact with you. For this purpose, we use either the stated e mail address or your telephone number. IP addresses are collected to protect against misuse of the contact form and are anonymized.
Upon receiving your completed contact form, we will collect personal data only to the extent provided by you.
By sending your message, you consent to the processing of the transmitted data. The processing takes place on the legal basis of Article 6.1.1(a) of the GDPR and of having obtained your consent. You can revoke your consent at any time by notifying us. However, any such revocation will not affect the lawfulness of processing done by us with your consent prior to revocation. Your personal data will then be deleted.
7.2.7 Payment
PayPal
We offer a convenient method of payment for our products via PayPal. The payment service provider is PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; “PayPal”).
The transfer of your payment data takes place in accordance with Article 6.1.1(b) of the GDPR and only insofar as this is necessary for the processing of your payment. PayPal reserves the right to conduct a credit check for the following payment methods: credit card via PayPal; direct debit via PayPal; or (if offered) “purchase on account” or “installment payment” via PayPal. For this purpose, your payment data may be passed on to credit agencies in accordance with Article 6.1.1(f) of the GDPR in line with the legitimate interest of PayPal in determining your creditworthiness.
PayPal uses the result of the credit check with regard to the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method. The creditworthiness information may contain probability values (so-called “score values”). Insofar as score values are included in the result of the credit report, these are founded on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. Further information on data protection, including information on the credit agencies used, can be found at the following link: https://www.paypal.com/de/webapps/mpp/ua/creditref
You can object to the processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual processing of payments.
All PayPal transactions are subject to the PayPal privacy policy. You can find it at https://www.paypal.com/webapps/mpp/ua/privacy-full
Credit card, Apple Pay, EPS
In order to maximize the number of different ways to pay for your purchase, we use the payment service provider Mollie B.V., Keizersgracht 126, 1015 CW Amsterdam, Netherlands. The legal basis for data processing is Article 6.1.1(b) of the GDPR. We use the service provider Mollie B.V. to process credit card payments, payments via Apple PAY and EPS.
The following data is processed and handled by Mollie B.V.:
• First and last name
• Salutation
• Date of birth
• Telephone number
• E-mail address
• IP address
• Billing and shipping address
• Country
• Order info
• Order date
• Browser and device
• Amount paid
• Credit card number (truncated)
• Credit card type
• Credit card holder
• Credit card issuer
• Card expiration date
Prepayment
You have the option to purchase from us by prepayment. The legal basis for data processing when purchasing by prepayment is Article 6.1.1(b) of the GDPR.
When you purchase by prepayment, we process the following data:
• First and last name
• E-mail address
• Order date
• Invoice amount
• Country
• IBAN (or account number with bank code) and BIC
7.2.8 Newsletter
Apart from order/contract processing, we also use your email address exclusively for our own advertising purposes to send you newsletters, providing that you have expressly consented to this. This processing takes place on the legal basis of Article 6.1.1(a) of the GDPR and of having obtained your consent. You can revoke your consent at any time by notifying us. However, any such revocation will not affect the lawfulness of processing done by us with your consent prior to revocation. You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your e-mail address will then be removed from the distribution list.
Your data will be passed on to a dispatch service provider for e-mail marketing within the scope of order processing. Your data will not be passed on to any other third parties. With the revocation of your consent to data processing, your consent to the dispatch of the newsletter by the dispatch service provider expires at the same time. It is unfortunately not possible to revoke dispatch by contacting the dispatch service provider directly; in this case the entire newsletter subscription must be cancelled.
The newsletter is sent by means of the rapidmail and Brevo dispatch service providers. You can view their privacy policy here:
Klaviyo: https://www.klaviyo.com/de/legal/privacy/privacy-notice
Brevo: https://www.brevo.com/de/legal/privacypolicy/
The e-mail addresses of our newsletter recipients, as well as their other data described in this notice, are stored on the servers of the dispatch service provider who then uses this information to dispatch and evaluate the newsletters on our behalf. For example, we can see whether a newsletter e-mail has been opened and which links, if any, have been clicked. In this way, we have information on which links have attracted the most clicks.
Furthermore, according to information given by the dispatch service provider, they may use this data to optimize or improve their own services, e.g. for technical optimization of dispatch and for statistical purposes. However, the dispatch service provider does not use the data of our newsletter recipients to communicate with recipients directly or pass their data on to third parties.
Statistical collection and analyses: The newsletters contain a so-called “web beacon”, i.e. a pixel-sized file that is retrieved from the server of the dispatch service provider when the newsletter is opened. In the course of this retrieval, technical information, such as information about your browser, your system, your IP address and the time of the retrieval are collected. This information is used for technical improvement of the services based on technical data or target groups and their reading behavior which can be ascertained from their retrieval locations (determined with the help of the IP address) or from the access times. The statistical surveys also include the determination of whether the newsletters are opened, the time at which they are opened and which links are clicked.
For technical reasons, this information can be assigned to individual newsletter recipients. However, it is not our intention to keep tabs on individual users. The evaluations serve rather for recognizing the reading habits of our users and adapting our content to them or for sending different content that reflects the interests of our users.
Klaviyo
We use Klaviyo on this website. The provider is Klaviyo Inc., 125 Summer Street, Floor 6, Boston, MA 02110, USA (hereinafter “Klaviyo”).
Klaviyo is a marketing automation tool used for sending emails, SMS messages, push notifications, and collecting customer reviews for eCommerce merchants.
For this purpose, Klaviyo stores consent for email marketing. In particular, the following data may be processed: name, telephone number, email address, address data, IP address, device identifiers, usage data (such as interactions between a user and Klaviyo’s online system, website, or email), browser used, operating system used, and referrer URL.
The use of Klaviyo is based on Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TTDSG. Consent may be revoked at any time.
Further details can be found in the provider’s privacy policy at: https://www.klaviyo.com/de/legal/privacy/privacy-notice
The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the United States intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to complying with these data protection standards. Further information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt00000012uf9AAA&status=Active
The provider uses standard contractual clauses for the transfer of personal data to third countries. Details can be found here: https://www.klaviyo.com/de/legal/data-processing-agreement.
7.2.9 How to contact us
Contact form
On our website under the heading “Contact” you have the opportunity to communicate with us. For this purpose, the following personal data is collected in the contact form, which is integrated on the website:
• Name
• E-mail address
• Customer reference number (optional)
• Street (optional)
• Postcode/ city/ country
• Comment (content of the enquiry)
• Date and time of enquiry
In addition, the IP address of the calling computer is collected.
The data collected will not be passed on to third parties in the course of responding to your enquiry. We use the data to respond to your enquiry as promptly as possible and to contact you. IP addresses are collected to protect against misuse of the contact form. The IP addresses we collect are anonymized.
In sending your message, you consent to the processing of the transmitted data. Processing takes place on the legal basis of Article 6.1.1(a) of the GDPR and of having obtained your consent. You can revoke your consent at any time by notifying us, without affecting the lawfulness of the processing carried out on the basis of consent prior to revocation. Your personal data will then be deleted. Should you wish to exercise your right of revocation, please communicate with us using the contact details provided in Section 1 above.
When you use the contact form, we collect personal data only to the extent provided by you. We only use your e-mail address to process your request. Your data will then be deleted, unless you have agreed to further processing and use.
Requests for spare parts
You have the opportunity to contact us via the heading “Spare parts request” on our website. For this purpose, the following personal data is collected by the contact form which is located under this heading and is integrated on the website:
• Product domain
• First name
• Last name
• Street, postal code/city
• E-mail address
• Customer reference number (optional)
• Comment (content of the request)
• Date and time of the request
In addition, the IP address of the calling computer is collected.
The data collected will not be passed on to third parties in the course of responding to your enquiry. We use the data to respond to your enquiry as promptly as possible and to contact you. IP addresses are collected to protect against misuse of the contact form. The IP addresses we collect are anonymized.
In sending your message, you consent to the processing of the transmitted data. Processing takes place on the legal basis of Article 6.1.1(a) of the GDPR and of having obtained your consent. You can revoke your consent at any time by notifying us, without affecting the lawfulness of the processing carried out on the basis of consent prior to revocation. Your personal data will then be deleted. Should you wish to exercise your right of revocation, please communicate with us using the contact details provided in Section 1 above.
When using the contact form, we collect personal data only to the extent provided by you. We only use your e-mail address to process your request. Your data will then be deleted, unless you have agreed to further processing and use.
Notification by e-mail of product availability
For selected items in the LÄSSIG Shop that are temporarily unavailable, we offer the option of notification by e-mail when the item is back in stock. To avail yourself of this option, you must register for our e-mail notification service for product availability. When you sign up, we will send you a one-time email notification of the availability of the item you have selected. The only mandatory information we require from you in this instance is your e-mail address. Processing takes place on the legal basis of Article 6.1.1(a) of the GDPR and of having obtained your consent.
When you register for the above notification service, we store the date and time of registration entered by the Internet service provider (ISP) in order to be able to trace a possible misuse of your e‑mail address at a later date.
The data collected by us when you register for our product availability e-mail notification service is used exclusively for the purpose of informing you about the availability of a particular item in our LÄSSIG Online Shop. You can unsubscribe or delete the article availability e-mail notification service at any time by sending a message to shop@laessig-fashion.de or info@laessig-gmbh.de. After you have unsubscribed, your e-mail address will be deleted immediately from the mailing list we have set up for this purpose, unless you have expressly consented to further use of your data. However, we reserve the right to use your data for any other purpose that is permitted by law and about which we inform you in this declaration.
7.2.10 Comment function
As a customer, you are able to leave comments on our website. In this case, we process the personal data that you voluntarily enter as a user posting a comment. You are free to post your comment on our website under a pseudonym and/or your real name.
We need your e-mail address in order to get in touch with you, if there is any follow-up to your comment.
The legal basis for data processing is Article 6.1.1(a) of the GDPR and the fact that we have obtained your consent. You can revoke your consent at any time by notifying us. However, any such revocation will not affect the lawfulness of processing done by us with your consent prior to revocation. Your personal data will then be deleted. Should you wish to exercise your right of revocation, please contact us using the contact details provided in Section 1 above.
7.2.11 Google Tag Manager
We use Google Tag Manager on our website, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Tag Manager is used to manage website tags via an interface, and it allows us to manage the accurate integration of services on our website. This enables us to flexibly integrate additional services for the evaluation of user access to our website. Evaluation by the Google Tag Manager of the data collected does not take place.
The use of Google Tag Manager has its legal basis in our legitimate interests, i.e. optimizing our services in accordance with Article 6.1.1(f) of the GDPR.
The specific storage period of the data processed cannot be influenced by us, but is determined by Google. You can find further information in Google’s privacy policy statement at: https://policies.google.com/privacy.
7.2.12 Google Analytics
We use Google Analytics on our website, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
Google uses cookies. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. Please also read our information above under Section 5.
Google will use this information on our behalf for the purpose of evaluating your use of our website, compiling reports on activities within this website and providing other services relating to website activity and internet usage.
We only use Google Analytics with IP anonymization activated. This means that your IP address will be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that, if you do this, you may not be able to use the full functionality of this website. In addition, you can prevent the collection of data generated by the cookie and related to your use of the online offer to Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de
The specific storage period of the processed data cannot be influenced by us, but is determined by Google. Further information can be found in the Google privacy policy statement at: https://policies.google.com/privacy.
The use of the Google service takes place on the legal basis of Article 6.1(a) of the GDPR and the fact that we have obtained your consent.
More information on terms of use and data protection can be found at https://www.google.com/analytics/terms/de.html or at https://www.google.de/intl/de/policies/.
7.2.13 Google Analytics advertising functions
In addition to the standard functions on our website, we also use the advanced functions of Google Analytics (provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter “Google”).
The Google Analytics advertising features implemented on this website include:
• Google Display Network Impressions Reports;
• Google Analytics reports on performance rated by demographics and interests;
• The creation of remarketing audience lists based on behavioral, demographic and interest data; the sharing of these lists with Google Ads;
• Integrated services, for which data is collected in Google Analytics for advertising purposes, including collection of data via cookies for ad preferences and anonymous identifiers
For this purpose, the data collected by the Google Analytics analysis tool is supplemented by further data collected via Google cookies for ad specifications and anonymous identifiers on accesses. We use this information to improve our web offers.
The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. Please also read the information given above under Section 5.
You can permanently disable the use of cookies by Google by following the link below and downloading and installing the plug-in provided there:
https://support.google.com/ads/answer/7395996?hl=de
Alternatively, you can deactivate the setting of cookies by third-party providers by visiting the deactivation page of the Network Advertising Initiative at https://www.networkadvertising.org/choices/ and by acting on the further opt-out information given there.
The specific storage period of the processed data cannot be influenced by us, but is determined by Google. You can find further information in Google’s privacy policy at: https://policies.google.com/privacy.
Our use of this Google service takes place on the legal basis of Article 6.1.1(a) of the GDPR and the fact that we have obtained your consent.
7.2.14 Google Ads
We use the online advertising programme ‘Google Ads’ on our website and, within this framework, conversion tracking (visit action evaluation), remarketing and enhanced conversions. These are services provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Conversion tracking
If you access our website via a Google ad, Google Ads will store a cookie on your device.
These cookies have a limited validity. If you visit certain pages on our website and the cookie has not yet expired, Google and we can recognise that you clicked on the ad and were redirected to this page. Each Google Ads customer receives a different cookie. This means that cookies cannot be tracked across the websites of Ads customers.
The information collected using the conversion cookie is used to generate conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page tagged with a conversion tracking tag. However, we do not receive any information that can be used to personally identify users.
Enhanced Conversion
We also use Enhanced Conversions.
Enhanced Conversions is a feature that improves the accuracy of conversion tracking, allows advertising campaigns to be measured more precisely, and enables target groups to be addressed more specifically.
User privacy is protected by supplementing existing conversion tags with hashed first-party conversion data from the website. Hashing the first-party data before sending it to Google Ads ensures data protection, as personal information such as (in this case: email address) is converted into a hashed/pseudonymised (SHA256) string.
Remarketing
The remarketing function allows us to present users of our website with advertisements based on their interests on other websites within the Google advertising network. To do this, your interaction on our website is analysed, e.g. which offers you were interested in, so that we can show you targeted advertising on other sites even after you have visited our website. To do this, Google stores cookies on your device that visit certain Google services or websites in the Google Display Network. These cookies are used to track your visits. The cookies are used to uniquely identify a web browser on a specific device and not to identify a person.
If you wish to object to tracking by Google Ads remarketing services, you can use the settings and opt-out options provided by Google: http://www.google.com/ads/preferences
Further information:
The information generated by cookies about your use of the online offer is usually transferred to a Google server in the USA and stored there. Please also read our notes above under section 5.
We have no influence on the specific storage period of the processed data; this is determined by Google. Further information can be found in Google's privacy policy at: https://policies.google.com/privacy.
You can prevent the storage of cookies by selecting the appropriate technical settings in your browser software. However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent.
Furthermore, you can deactivate personalised advertising for yourself in the advertising settings at Google.
Instructions for doing so can be found at:
https://support.google.com/ads/answer/2662922?hl=de
In addition, you can deactivate the use of cookies by third-party providers by visiting the deactivation page of the Network Advertising Initiative at
https://www.networkadvertising.org/choices/
and implementing the further information on opting out provided there.
Further information and Google's privacy policy can be found at:
https://www.google.de/policies/privacy/
The use of these Google services is based on your consent in accordance with Art. 6 (1) (a) GDPR.
7.2.15 OpenStreetMap
We use the open-source mapping service ‘OpenStreetMap’ (‘OSM’) on our website to display geographical data. The service is provided by the OpenStreetMap Foundation (St John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS United Kingdom).
OSM is used to provide an interactive map on our website that shows you, for example, where our stores are located.
The following data is processed when using OpenStreetMap:
• User’s IP address
• Browser type and version
• Operating system
• Referrer URL (previously visited page)
• Date and time of access
• Pages accessed on the OpenStreetMap website
• Approximate location of the user (based on IP address)
The map data is loaded from an external server.
The use of OSM is in the interest of presenting our online offering in an appealing manner and ensuring that the locations we specify on the website are easy to find; this constitutes a legitimate interest within the meaning of Article 6(1)(f) of the GDPR. You can find information on the processing of data by OpenStreetMap in the privacy policy at https://wiki.osmfoundation.org/wiki/Privacy_Policy
7.2.16 Google reCAPTCHA
On our website, we use Google reCAPTCHA (hereinafter referred to as reCAPTCHA), a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (‘Google’).
The purpose of reCAPTCHA is to check whether the data input on this website (e.g. in a contact form) is made by a human or by an automated programme. For this purpose, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. To analyse this, reCAPTCHA evaluates various information (e.g. time spent on the website, IP address, referrer, mouse movement, visit time, etc.). You can find more information on this at
https://policies.google.com/privacy?hl=de and https://www.google.com/recaptcha/about/
The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place. The data is stored and analysed on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR. Lässig has a legitimate interest in protecting its website from abusive automated spying and SPAM.
If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device within the meaning of the TDDDG. Consent can be revoked at any time.
7.2.17 AWIN Partner Program
We use components supplied by the AWIN Global Affiliate Marketing Network based in Germany. AWIN serves as an interface between merchants and affiliates.
Members of this network are advertisers and website operators who provide an advertising platform for the products or services they offer. Website operators place advertisements on their platform (websites, apps or other technologies) and receive a corresponding commission when a click or sale is made.
The company address of AWIN is AWIN AG, Landsberger Allee 104 BC, 10249 Berlin.
AWIN places a cookie in the browser of your computer, but the AWIN tracking cookie does not store any personal data. The only data stored by AWIN are the identification number of the affiliate (i.e. that of the partner referring the potential customer), the order number of the visitor to a website and the advertising material clicked on, as well as information about the end device and the browser used.
The purpose of storing this data is the processing of commission payments between merchant and affiliate. The transaction is handled by the affiliate network, i.e. AWIN.
You can prevent the setting of cookies by adjusting your browser settings accordingly and thus permanently object to the setting of cookies. Such a setting would also prevent AWIN from placing a cookie in the browser of your computer. In addition, cookies already set by AWIN can be deleted at any time by means of your internet browser or other software programs.
The applicable data protection provisions of AWIN can be found at https://www.awin.com/de/rechtliches/privacy-policy.
Our use of this service takes place on the legal basis of Article 6.1.1(a) of the GDPR and the fact that we have obtained your consent.
7.2.18 CRITEO
We use the remarketing function of the international company CRITEO (CRITEO SA, 32 rue blanche, 75009 Paris, France) on our website.
We use the CRITEO remarketing function to reach users who have already visited our website. This allows us to target customers who have already shown interest in our company and to place targeted advertisements. For this purpose, CRITEO stores cookies on your terminal device. These cookies are used to record your visits to our website. The cookies serve to identify the web browser you are using and to collect information about your browsing activities, but not to identify any individual.
For more information about CRITEO’s privacy policy, please see CRITEO’s data protection declaration at http://www.criteo.com/privacy/.
The information generated by the cookie about your use of the website may be transmitted to and stored by CRITEO on servers in the United States.
Our use of CRITEO takes place on the legal basis of Article 6.1.1(a) of the GDPR and the fact that we have obtained your consent.
7.2.19 Meta Pixel, Meta Remarketing and Conversion API
On our website, we use the so-called ‘Meta Pixel (formerly: Facebook Pixel)’ of the social network Facebook, which is operated by Meta Platforms Ireland Ltd. 4 Grand Canal Square Grand Canal Harbour Dublin 2 Ireland.
With the help of the Meta Pixel, Meta is able to identify visitors to our online offering as a target group for the display of advertisements, known as ‘Meta Ads’. We use the Meta Pixel to display the Meta Ads we place to Facebook users who have shown an interest in our internet offering. The Meta pixel is integrated directly by Meta when you visit our websites and can store a so-called cookie, i.e. a small file, on your device. If you then log in to Facebook or visit Facebook while logged in, your visit to our website will be noted in your profile.
The data collected about you is anonymous to us, so it does not allow us to draw any conclusions about the identity of users. However, the data is stored and processed by Meta, so that a connection to the respective user profile is possible.
In addition, we use Meta's ‘Conversions API’. The Conversions API is an interface that sends event data from our servers directly to Meta. The functionality and processing of data within the Conversions API is similar to the functionality and processing within the Meta Pixel. This allows us to analyse page usage and the success of advertisements even better. If you do not yet have a Facebook account, your website visit will not be linked to a Facebook account.
We also use advanced matching as part of our use of Meta functions. This function enables us to send hashed information such as email address, name, gender, etc. to Meta/Facebook as additional information, provided you have made this data available to us. This use enables us to tailor advertising campaigns on Facebook even more precisely to those interested in our products.
The information generated by the cookie about your use of our online offering and the data transmitted via the Conversions API may be or will be transferred to a META server in the USA and stored there.
The data collected as part of the extended comparison for the purpose of forming target groups (hashed information) will be deleted after the comparison has been completed.
The use of the Meta functions listed above and the transmission of your personal data will only take place with your consent in accordance with Art. 6 (1) (a) GDPR.
7.2.20 Pinterest
On our website, we use the “Pin it” button plugin from Pinterest, which allows you to “pin” and share interesting website content and images. In addition, we use the Pinterest tag for analysis, for optimization of our online offers and for the demand-oriented organization of our Pinterest campaigns. These are services of Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.
When you visit our website, a direct connection between your browser and the Pinterest server is established via the Pinterest plugin. Pinterest thereby receives the information that you have visited our website with your IP address. If you click the “Pin it” button while you are logged in to Pinterest with your Pinterest user account, you can share content on this website to the Pinterest network. This allows Pinterest to associate the visit to our pages with your user account. The data is usually transferred to a Pinterest server in the USA and stored there.
In the case of the Pinterest tag, when a Pinterest user clicks on the ad, further actions and target groups are formed that have shown interest; this is tracked. By means of the Pinterest tag, we can ensure that the Pinterest ads are only displayed to Pinterest users who have already shown an interest in our offer, as well as consistent with the user’s potential interest. The data helps us to measure the conversion rate of the respective campaign and to optimize our campaigns
We would like to point out that we, as the website provider, have no knowledge of the content of the data transmitted or of its use by Pinterest.
You can find information on data protection at Pinterest at https://policy.pinterest.com/de/privacy-policy.
The use of the Pinterest plugin and of the Pinterest tag takes place on the legal basis of Article 6.1.1(a) of the GDPR and the fact that we have obtained your consent.
7.2.21 Microsoft Advertising
On our website, we use Microsoft Advertising, a service of Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland.
Microsoft Advertising is an online marketing service that uses the Universal Event Tracking (UET) tool to help us deliver targeted ads via the Microsoft Bing search engine. Microsoft Advertising uses cookies for this purpose. Personal data in the form of online identifiers (including cookie identifiers), IP addresses, device identifiers, and information about device and browser settings are processed.
Microsoft Advertising collects data through the UET tool that allows us to track audiences by means of remarketing lists. For this purpose, a cookie is stored on your end device when you visit our website. Microsoft Advertising can thus recognize that our website has been visited and display an ad when you later use Microsoft Bing or Yahoo. The information is also used to create conversion statistics, i.e. to record how many users have reached our website after clicking on an ad. In this way, we ascertain the total number of users who clicked on our ad and were redirected to our website. However, we do not receive any information that allows us to identify users personally.
In the case of Microsoft services, the transmission of data to Microsoft Corp. in the USA cannot be ruled out.
Processing takes place on the legal basis of Article 6.1.1(a) of the GDPR and the fact that we have obtained your consent.
You can deactivate personalized advertising at Microsoft by visiting https://about.ads.microsoft.com/de-de/ressourcen/richtlinien/personalisierte-anzeigen.
For more information on data protection at Microsoft, please refer to the Microsoft privacy policy at https://privacy.microsoft.com/de-de/privacystatement and https://about.ads.microsoft.com/de-de/policies/legal-privacy-and-security#privacy-and-data-protection-policies.
7.2.22 Hotjar
This website uses Hotjar. The provider is Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com).
Hotjar is a tool for analysing your user behaviour on this website. Hotjar allows us to record your mouse and scroll movements and clicks, among other things. Hotjar can also determine how long you remain with the mouse pointer in a certain place. Hotjar uses this information to create so-called heat maps, which can be used to determine which website areas are favoured by website visitors.
We can also determine how long you stayed on a page and when you left it. We can also determine at which point you cancelled your entries in a contact form (so-called conversion funnels).
In addition, Hotjar can be used to obtain direct feedback from website visitors. This function serves to improve the website operator's web offerings.
Hotjar uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e.g. cookies or the use of device fingerprinting).
If consent has been obtained, the aforementioned service is used exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 TTDSG. Consent can be revoked at any time. If consent has not been obtained, this service is used on the basis of Art. 6 para. 1 lit. f GDPR; the website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising.
Deactivating Hotjar
If you wish to deactivate data collection by Hotjar, click on the following link and follow the instructions there: https://www.hotjar.com/policies/do-not-track/
Please note that Hotjar must be deactivated separately for each browser or end device.
For more information about Hotjar and the data collected, please refer to Hotjar's privacy policy at the following link: https://www.hotjar.com/privacy
7.2.23 Reviews.io
On our website, you have the option to write reviews, which are also displayed via REVIEWS.io badges and widgets. For this purpose, we use ‘Review.io’, a service provided by REVIEWS.io 2020 GMBH, Stralauer Allee 6, 10245 Berlin, Germany. Review.io allows us to collect customer reviews and publish them on our website. If you have subscribed to our newsletter, we will send you an email a few days after your order has been shipped, asking you to rate your experience with LÄSSIG. The review email contains a link that takes you to our review form at reviews.io. When you click on this link, your browser will send your email address, customer name, order ID and the IDs of the products you ordered to reviews.io.
In order for you to write a review, Review.io requires your name or a pseudonym and your email address (which will not be published). As soon as you write a review via Review.io, the service will automatically create an account for you.
Processing is based on your consent (Art. 6 (1) (a) GDPR). You can revoke your consent at any time. To do so, simply send us an informal email. The legality of the data processing operations already carried out remains unaffected by the revocation. In the event of revocation of your consent, we will delete or anonymise the review.
Reviews can be submitted in such a way that other website users cannot identify you. It is up to you to decide whether you wish to provide information about yourself beyond the mandatory details. Please note that even when choosing your pseudonym, within the free text fields and when uploading photos, it is possible to provide information that could identify you. We recommend that you write your review text without providing any personal data and design your photos accordingly. We reserve the right not to publish reviews that contain personal data or to anonymise them (in part).
Furthermore, Review.io carries out the following processing for us within the scope of the review:
- Identification as a reviewer when you register on our website and visit the website again
- Verification of the authenticity of your reviews Answering your questions and providing appropriate customer service
- Forwarding our messages when we have responded to your review
We have concluded a data processing agreement with Review.io in accordance with the requirements of Art. 28 GDPR, in which we oblige them to protect our customers' data and not to pass it on to third parties.
Further information about the type of data collected by Review.io can be found in Review.io's terms of use and privacy policy: https://www.reviews.io/front/data-protection.
7.2.24 Klar! Insights - Core
We use the services of Klar Insights GmbH, Marktstr. 18, 80802 Munich, Germany, a SaaS provider of business intelligence solutions for e-commerce companies, to support our business accounting and analyse the profitability of our marketing measures.
In this context and on the basis of our legitimate interest pursuant to Art. 6 (1) (f) GDPR, we transfer the following personal data to Klar Insights GmbH in accordance with our internal structure:
Customer number
Order number, order ID
The processing of this data enables us to evaluate the effectiveness of our marketing activities and optimise our business processes accordingly. The data is used exclusively for internal analysis purposes and is neither used for advertising purposes nor passed on to third parties without authorisation.
Information on data protection and data use by Klar can be found on the following website: https://app.getklar.com/legal/data-protection
You have the right to object to this processing at any time for reasons arising from your particular situation. Further information on your rights as a data subject can be found in this privacy policy.
7.2.25 Klar! Insights - Attribution
We use the services of Klar Insights GmbH, Marktstr. 18, 80802 Munich, Germany, a SaaS provider of business intelligence solutions for e-commerce companies. Klar Insights GmbH collects, processes and stores data (user and session IDs, email addresses, IP addresses, online identifiers (cookie ID, device ID)) on this website and its subpages for reach measurement and statistical analysis on our behalf. We have concluded a data processing agreement with Klar Insights GmbH for this purpose.
The collection of personal data is based on the legal basis of consent in accordance with Art. 6(1)(a) GDPR.
If consent is given by the user, the data to be processed is collected on a user-specific basis in accordance with Section 25(1) sentence 1 TDDDG.
The following cookies are used for the aforementioned different types of collection in order to ensure the respective type of collection.
september_id
september_has_consent
september_do_not_track (in case of objection)
Cookie - Objection
To object to the use of Klar! Insights in principle, please use this link. This will set a cookie named ‘september_do_not_track’ from the domain ‘https://www.laessig-fashion.com/’. Please do not delete this, as otherwise we cannot guarantee that you will not be tracked by Klar.
Information on data protection and data use by Klar can be found on the following website: https://app.getklar.com/legal/data-protection
7.2.26 Social networks and other providers
Our online offer also includes content from third-party providers. These include, for example, so-called “social plugins” of the social network Facebook. Such plugins are important for the dissemination of content. LÄSSIG also integrates functionalities and content from other networks (e.g. Instagram and YouTube), and uses these services of the other providers to offer you content in optimal format.
When availing yourself of the online offers of LÄSSIG, your IP address and other technically related device information such as screen resolution, type of browser and operating system used are registered on servers. The provider of the plugin or code also receives this data. The provider cannot draw any conclusions about your person from this data, but it does know, for example, your geographical location. In addition, the provider can set so-called cookies on your device, with which it can log your surfing behavior and recognize the device you use when surfing. If you are logged into a social network while accessing an online offer from LÄSSIG, the provider can also assign your surfing behavior to your profile stored there. LÄSSIG itself does not receive any information on how you use the social plugins and which content you share or comment on. In this case, the data exchange takes place solely between you and the social networks or the providers.
Details about individual providers:
Under the following links, you can find out about the respective privacy notices of the providers, how they collect your data and how they handle it.
Meta
For the privacy policy of the Meta service, please click here.
An overview of the Meta plugins can be found here: http://developers.facebook.com/docs/plugins/.
If you do not want Meta to be able to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.
For the privacy policy of the Instagram service, please click here.
Further information on Pinterest can be found above in the privacy policy under Section 7.2.21 of this declaration.
YOUTUBE
For the privacy policy of the YouTube service, please click here.
In addition, we would like to point out that you can independently adjust your advertising settings in your user account. To do so, please click on the following link and log in: https://adssettings.google.com/authenticated
For details on how LinkedIn handles your personal data, please click here.
In addition, LinkedIn uses advertising cookies. If you would like to deactivate the LinkedIn advertising cookies, please click here.
For details on how XING handles your personal data, please click here.
8. JOB APPLICATIONS
When you apply for a job with us, we process your application data exclusively for purposes related to your interest in current or future employment with us and the processing of your application. By submitting your application on our LÄSSIG Jobs page, you are providing us with personal data in this specific context, which we use and store exclusively for the purpose of your application. In particular, the following data is collected:
• Name (first and last name)
• E-mail address
• Your phone number
• LinkedIn profile (optional)
• Channel (i.e. how you became aware of us)
You also have the option of uploading relevant documents such as a cover letter, your résumé/CV and references. These may contain further personal data such as date of birth, address, etc.
The data you submit will be transmitted via TLS encryption and stored in a database for which our company is responsible and which is operated by Personio GmbH (www.personio.de/). We have concluded an agreement on commissioned data processing with Personio GmbH, a third-party company which offers personnel administration and applicant management software, in accordance with Article 28 of the GDPR.
Authorized staff members of LÄSSIG can access the aforementioned database in order to fill vacant positions with suitable candidates.
The only persons at our company having knowledge of your application will be the staff handling it. All employees entrusted with data processing are obliged to maintain the confidentiality of your data. If we are unable to offer you employment, we will retain the data you have provided for up to six months after any rejection for the purpose of answering questions relating to your application and rejection.
This does not, however, apply if legal provisions prevent deletion, if further storage is necessary for the purpose of providing evidence, or if you have expressly consented to extended storage. The legal basis for data processing is Section 26 of the German Federal Data Protection Act (BDSG), Article 6.1.1(b) of the GDPR and – if you have given your consent – Article 6.1.1(a) of the GDPR. If we retain your applicant data for longer than six months and you have expressly consented to this, we wish to point out that this consent can be freely revoked at any time. However, any such revocation will not affect the lawfulness of processing done by us with your consent prior to revocation. If you receive an offer of employment with us in the course of the application process and accept it, we will store personal data collected as part of the application process at least for the duration of the employment relationship.
9. PRIVACY POLICY OF OUR SOCIAL MEDIA PROFILES
9.1 General: Data processing by social media platforms.
We operate publicly accessible profiles on social networks/platforms. The individual social media platforms we use are listed below.
Social media platforms such as Instagram, Facebook, Pinterest, etc. have the general ability to comprehensively analyze your user behavior when you visit their website or a website with integrated social media content (e.g. “Like” buttons, advertising banners). Visiting our social media sites triggers numerous processing operations relevant to data protection, details of which follow:
If you are logged into your social media profile and visit our social media presence, the operator of the social media platform can assign this visit to your user account. However, your personal data may also be collected under certain circumstances even if you are not logged in or do not have an account with the respective social media platform. In this case, this data collection takes place, for example, by means of cookies that are stored on your end device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media platforms can create user profiles in which your preferences and interests are stored. In this way, you can be shown interest-based advertising inside and outside the respective social media platform. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are or were logged in.
Please also note that we cannot track all processing on the various social media platforms. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media platforms. For details, please refer to the terms of use and privacy policies of the respective social media platforms.
9.2 Legal basis
The operation of our social media profiles, including the processing of users’ personal data, has its legal basis in our legitimate interest in a timely and supportive information and interaction opportunity for and with our users and visitors pursuant to Article 6.1.1(f) of the GDPR. The analysis processes initiated by the social networks may take place on the basis of different legal systems, which are to be indicated by the operators of the social networks, e.g. consent within the meaning of Article 6.1.1(a) of the GDPR.
9.3 Responsible party and assertion of rights
If you visit one of our social media profiles (e.g. Instagram), we are jointly responsible with the operator of the social media platform for the data processing operations initiated during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both against us (see also Section 2 above) and against the operator of the respective social media platform (e.g. Instagram).
Please note that, despite our joint responsibility with the operators of the social media platforms, we do not have full control over the data processing operations of the social media platform. Only the operator of the respective social media platform has full access to and overview of user data.
9.4 Data storage period
The data collected directly by us via the social media site will be deleted from our systems as soon as a) the purpose for storing it no longer applies; b) you request us to delete it; c) you revoke your consent to store it or d) the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until you delete them. Statutory provisions / retention periods remain unaffected (See also Section 3 above).
We have no influence on the retention period of your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. by consulting their privacy policy, see above).
9.5 Social media platforms in detail
The following social media platforms are used by us:
We use the services of Facebook. The provider is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
You can independently adjust your Facebook privacy settings in your user account. To do so, click on the following link and log in: https://www.facebook.com/settings?tab=privacy
We use the services of Instagram. The provider is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
You can independently adjust your Instagram privacy settings in your user account. To do so, click on the following link and log in: https://www.instagram.com/accounts/privacy_and_security/
Details can be found in the Instagram privacy policy: https://help.instagram.com/519522125107875
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies. You can opt out of these at https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Details on data processing can be found in the LinkedIn privacy policy: https://www.linkedin.com/legal/privacy-policy
We have a profile on XING. The provider is New Work SE, Am Strandkai 1, 20457 Hamburg, Germany. Details on how XING handles your personal data can be found in the XING privacy policy: https://privacy.xing.com/de/datenschutzerklaerung
We have a profile on Pinterest. The provider is Pinterest Inc, 651 Brannan Street, San Francisco, CA 94107, USA. The registered office responsible for data processing in the EEA is at Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.
Details on how Pinterest handles your personal data can be found in Pinterest’s privacy policy: https://policy.pinterest.com/de/privacy-policy
YouTube
We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on how YouTube handles your personal data can be found in YouTube’s privacy policy: https://policies.google.com/privacy?hl=de
10. UNSOLICITED ADVERTISING
We publish our contact data within the framework of our imprint obligation. Any use by third parties of this contact data for the purpose of sending unsolicited advertising and information material is hereby expressly prohibited. The operator of the site expressly reserves the right to take legal action in the event of unsolicited receipt of advertising information, for example by means of spam e‑mails.
STATUS OF THE LÄSSIG DATA PROTECTION DECLARATION
This version valid as of 23/03/2023