Mäurer & Wirtz

Data privacy statement

Thank you for visiting our website. In the following you will find our data privacy statement including legally required information. In addition, you will find data protection information for applicants here:

General data protection information (as at December 2023)

Part 1: Information on data protection regarding our processing under Articles 13, 14 and 21 General Data Protection Regulation (GDPR)

We take data protection seriously and hereby inform you on how we process your data and what claims and rights you are entitled to under data protection rules. Applicable as of 25 May 2018.


1.    Office responsible for data processing and contact data

responsible office within the meaning of data protection law:
DALLI-WERKE GmbH & Co. KG 
or MÄURER & WIRTZ GmbH & Co. KG
or NICCO-Werke GmbH
(responsible office in each case is the company whose website you are 
visiting according to the imprint or who you addressed with your request)

Zweifaller Str. 120
52224 Stolberg 
Telephone: +49[0]2402 89-0 
E-Mail-address: 
kontakt@dalli-group.com 
or info@m-w.de 

Contact data of our data protection officer:

DALLI-WERKE GmbH & Co. KG
or MÄURER & WIRTZ 
GmbH & Co. KG
Data protection officer
Zweifaller Str. 120
52224 Stolberg 

E-Mail-address: datenschutz@dalli-group.com
or datenschutz@m-w.de


2.    Purposes and legal basis on which we process your data 
We process personal data in accordance with the stipulations of the General Data Protection Regulation (GDPR) and national data protection laws as well as other applicable data protection provisions (details are provided in the following). The details of which data are processed and how they are used mostly depend on the services requested or agreed in each case. Further details or additions for the purposes of data processing can be found in the respective contract documents, forms, a declaration of consent and/or other information provided to you (e. g. in the context of the use of our website or our terms and conditions). In addition, this data protection information may be updated from time to time, as you may find out from our websites www.dalli-group.com/ www.dalli-group.de/ www.mydalli.de/ www.m-w.de.

 

2.1    Purposes to perform a contract or pre-contractual measures (Art. 6 para. 1 sentence 1 lit. b GDPR)

The processing of personal data is carried out in order to perform our contracts with you and to execute your orders as well as to carry out measures and activities in the framework of pre-contractual  relations, e. g. with interested parties. In particular, the processing thus serves to provide services according to your orders and wishes and includes the necessary services, measures and activities. This essentially includes contractrelated communication with you, the corresponding billing and associated payment transactions, credit checks, the verifiability of transactions, orders and other agreements as well as quality control by means of corresponding documentation, goodwill procedures, measures to control and optimize business processes as well as the fulfilment of general duties of care, control and supervision by affiliated companies (e. g. parent company), statistical evaluations for corporate management, cost recording and controlling, reporting, internal and external communication, emergency management, accounting and tax assessment of operational services, risk management, assertion of legal claims and defense in the event of legal disputes, ensuring IT security (inter alia system and plausibility tests) and general security, including building and plant security, securing and exercising domestic authority (e. g. by means of access controls), guaranteeing the integrity, authenticity and availability of data, prevention and investigation of criminal offences, control by supervisory bodies or supervisory authorities (e. g. auditing). 

 

2.2    Purposes within the framework of a legitimate interest on our part or of third parties (Art. 6 para. 1 sentence 1 lit. f GDPR)
In addition to the purpose to fulfil the (pre-)contract, we might process your data when necessary to protect legitimate interests of our own or of third parties, in particular for the following purposes:

  • advertising or market and opinion research, as far as you have not objected to the use of your data;
  • obtaining information from and exchanging data with operators/ agencies where this goes beyond our economic risk;
  • the examination and optimization of processes for needs analysis;
  • the further development of services and products as well as of existing systems and processes
  • the disclosure of personal data in the framework of due diligence in the course of company sale negotiations;
  • for comparison with European and international anti-terrorist lists, insofar as this goes beyond the legal obligations;
  • the enrichment of our data, e. g. by using or researching publicly accessible data;
  • statistical evaluations or market analysis;
  • benchmarking;
  • the assertion of legal claims and defense in legal disputes which are not directly attributable to the contractual relationship;
  • the limited storage of data, if a deletion is not possible or only possible with disproportionate efforts due to the special type of storage; 
  • the development of scoring systems or automated decision-making processes;
  • the prevention and investigation of criminal offences, if this is not exclusively to fulfil legal requirements;
  • the anonymization of personal data
  • building and plant security (e. g. by means of access control and video surveillance), insofar as this goes beyond the general duties of care;
  • internal and external investigations, safety reviews;
  • internal fraud or abuse prevention in connection with the fulfillment of a contract and pre-contractual measures, unless exclusively to fulfill legal requirements
  • any monitoring or recording of telephone conversations for quality control and training purposes;
  • preservation and maintenance of certifications of private-law or official nature;
  • the securing and exercise of our domestic authority by means of appropriate measures as well as by video surveillance for the protection of our customers and employees as well as for securing evidence in the framework of criminal offences and their prevention.

 

2.3    Purposes within the framework of your consent (Art. 6 para. 1 sentence 1 lit. a GDPR)
Your personal data can also be processed for certain purposes (e.g. use of your e-mail-address for marketing purposes) on the basis of your consent. As a rule, you can revoke this consent at any time. This also applies to the revocation of consent that was given to us before the GDPR came into effect, i.e. prior to 25 May 2018. You shall be separately informed about the purposes and about the consequences of revocation or refusal to give consent in the respective text of the consent.    
Generally, revocation of consent only has effect for the future. Processing that has taken place prior to revocation is not affected by such and remains lawful.

 

2.4    Purposes relating to compliance with a legal obligation (Art. 6 para. 1 sentence 1 lit. c GDPR) or in the public interest 
(Art. 6 para. 1 sentence 1 lit. e GDPR)

Just like anyone who takes part in business life, we are subject to a large number of legal obligations. These are primarily statutory requirements (e.g. commercial and tax laws), but possibly also supervisory law or other official requirements. The purposes of processing may include identity and age checks, prevention of fraud and money laundering, the prevention, combating and education regarding terrorism financing and crime with a risk for property, comparisons with European and international anti-terror lists, compliance with control and notification obligations under tax law as well as the archiving of data for the purposes of data protection and data security and of audits by tax/fiscal and other authorities. In addition, it may be necessary to disclose personal data in the framework of official government/court measures for the purposes of collecting evidence, law enforcement and criminal prosecution or the enforcement of civil law claims.


3.    The categories of data that we process insofar as we do not receive data directly from you, and its origin
If necessary for the performance of our services, we may process data that we have lawfully received from other companies or other third parties (e.g. information offices). In addition, we process personal data that we have lawfully collected, received or acquired from publicly accessible sources (e.g. telephone registers, commercial and association registers, civil registers, the press, the internet and other media) and that we are allowed to process.

Relevant personal data categories may in particular be:

  • personal data (name, date of birth, place of birth, nationality, marital status, occupation/trade and comparable data)
  • contact data (address, e-mail address, telephone number and similar data)
  • Address data (population register data and comparable data)
  • payment confirmation/confirmation of cover for bank and credit cards
  • information about your financial situation (credit-worthiness data including scoring, i.e. data for assessing the economic risk)
  • customer history
  • data about your use of the telemedia offered by us (e. g. time of access to our websites, apps or newsletters, clicked pages/links or entries and comparable data)
  • Video data.

 
4.    Recipients or categories of recipients of your data
Within our company, your data is received by those internal offices or organizational units that need such to fulfil our contractual and statutory obligations or to process and implementing our legitimate interests. Your data is disclosed/passed on to external offices and persons exclusively
•    in connection with the execution of the contract;
•    to fulfil legal obligations that require us to provide information, give notice or forward data or where the forwarding of data is in the public interest (see section 2.4); 
•    to the extent that external service-providers process data on behalf of us as contract processors or providers of certain functions (e.g. external data centers, support and maintenance of DP/IT applications, archiving, document processing, call center services, compliance services, controlling, data screening for anti-money laundering purposes, data validation and plausibility check, data destruction, purchasing/procurement, customer administration, lettershops, marketing, media technology, research, risk controlling, billing, telephony, website management, auditing services, credit institutions, printing companies or companies for data disposal, courier services, logistics);
•    on the basis of our legitimate interest or the legitimate interest of the third party within the purposes cited in section 2.2 (e.g. to authorities, credit agencies, collection agencies, attorneys, courts of law, appraisers, companies affiliated to company groups as well as bodies and control instances);
•    if you have given us consent to transmit data to third parties.

Beyond this, we shall refrain from transmitting your data to third parties. Insofar as we commission service providers within the framework of processing an order, your data will be subject to the same security standards that we have stipulated. In all other cases, recipients may only use the data for purposes for which the data has been sent to them.


5.    Period of time your data is stored for 

We process and store your data for the duration of our business relationship. This also includes the initiation of a contract (pre-contractual legal relationship) and the phaseout.

In addition, we are subject to various retention and documentation obligations that emanate inter alia from commercial and tax laws. The periods and deadlines for retention and/or documentation stipulated therein range between six, seven and ten years from the end of the contractual relationship or the pre-contractual relationship, and in exceptional cases even 50 years – depending on the applicable national law.

Further, special statutory provisions may require longer retention such as for example the preservation of evidence in connection with statutory time-barring provisions.

If the data is no longer required to meet contractual or statutory obligations and rights, it is regularly deleted unless its further processing - for a limited period - is necessary to fulfil the purposes listed in section 2.2 due to an overriding legitimate interest. Such overriding legitimate interest is deemed to exist, for example, if it is not possible, or only possible with a disproportionate effort, to delete the data as a result of the special type of storage and provided that the processing for other purposes is excluded by appropriate technical and organizational measures.

 

6.    Processing of your data in a third country or by an international organization 

Data is transmitted to offices in countries outside the European Union (EU) or the European Economic Area (EEA) (so-called third countries) if necessary to fulfil your order or the contract with you, if required by law (e.g. notification obligations under tax law), if it is in the legitimate interest of us or of a third party or if you have given us your respective consent.
For that matter, your data may be processed in a third country, possibly also with the involvement of service providers in the framework of processing of the order. Insofar as no decision has been issued by the EU Commission regarding the existence of a reasonable level of data protection for the respective country or for specific sectors in a third country, appropriate contracts (such as EU standard contracts) and additional measures can be used as a basis for the transfer. 
You can request information on the suitable or reasonable guarantees and the possibility to receive a copy of these from the company data protection officer.
 

 

7.    Your data protection rights – you can assert your data protection rights against us under certain conditions and under consideration of possible specific national rules
•    You have the right pursuant to Art. 15 GDPR to receive information from us on the data concerning your person that we store.
•    If you so request, we shall correct stored data on you in accordance with Art. 16 GDPR if such data is incorrect or flawed.
•    If you so desire, we shall delete your data in accordance with the principles of Art. 17 GDPR if such is not prevented by other statutory provisions or an overriding interest on our part (e.g. to defend our rights and claims). 
•    Under the conditions laid down in Art. 18 GDPR, you can demand that we restrict the processing of your data.
•    Further, you can file an objection to the processing of your data in accordance with Art. 21 GDPR, as a result of which we have to stop processing your data. This right of objection only applies, however, in the event of extraordinary circumstances in your personal situation, whereas the rights of our company may run counter to your right of objection. 
•    You also have the right to receive your data in accordance with the conditions of Art. 20 GDPR in a structured, commonplace and machine-readable format or transmit such data to a third party. 
•    You further have the right to revoke your consent to process personal data that has been issued to us at any time with effect for the future (see section 2.3). 
•    In addition you are entitled to file a complaint with a data protection supervisory authority (Art. 77 GDPR). We recommend, however, to always send a complaint to our data protection officer before.
 
If possible, your applications concerning the exercise of your rights should be sent in writing to the address stated above or be addressed directly to our data protection officer. 

 

8.    Scope of your obligations to provide us your data

You only need to provide data that is necessary for the commencement and performance of the business relationship or for a pre-contractual relationship with us or the collection of which we are required by law. Without this data, we will regularly not be able to conclude or fulfil the agreement. This may also relate to data required at a later stage within the business relation. If we request data from you above and beyond this, you shall be informed about the voluntary nature of the information separately


9.    Presence of an automated decision-making in individual cases (including profiling)

We do not use any purely automated decision-making procedures as set out in Article 22 GDPR. However, should we institute such a procedure in individual cases in the future, we shall inform you pursuant hereto separately if this is required by law.

Under certain circumstances, we may process your data partly with the aim of evaluating certain personal aspects (profiling). 
In order to provide you with targeted information and advice on products, we may use evaluation tools. These enable a needs-oriented product design, communication and advertising including market and opinion research.

Such procedures can also be used to assess your solvency and credit-worthiness as well as to combat money laundering and fraud. "Score values" can be used to assess your solvency and credit-worthiness. In the case of scoring, the probability with which a customer will meet his payment obligations in accordance with the contract is calculated using mathematical methods. Such score values thus support us, for example, in assessing the credit-worthiness, in our decision-making in the context of product deals and are incorporated into our risk management. The calculation is based on mathematically and statistically acknowledged and proven methods and is based on your data, in particular income, expenditure, existing liabilities, profession, employer, length of service, experience from the previous business relationship, repayment of previous loans in accordance with the contract and information from credit agencies.

Information on nationality and special categories of personal data according to Art. 9 GDPR is not processed.

Information on your right of objection under Art. 21 GDPR

1.    You have the right to file an objection at any time against processing of your data which is performed on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR (data-processing on the basis of a weighing out of interests) or Art. 6 para. 1 sentence 1 lit. e GDPR (data-processing in the public interest), provided that there are reasons for your objection emanating from your special personal situation. This also applies to profiling based on this provision in the meaning of Art. 4, no. 4 GDPR.

If you file an objection, we shall no longer process your personal data unless we can demonstrate compelling reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.

2.    We may also use your personal data in order to perform direct advertising. If you do not want to receive any advertising, you have the right to file an objection to such at any time. This also applies to the profiling to the extent that it is connected with such direct advertising. We shall respect this objection with effect for the future. 

We shall no longer process your data for the purpose of direct advertising if you object to processing for this purpose.

The objection can be filed without to any form requirements and should, if possible, be sent to:

DALLI-WERKE GmbH & Co. KG
or MÄURER & WIRTZ GmbH & Co. KG
or NICCO-Werk GmbH

Zweifaller Str. 120
52224 Stolberg 

E-Mail-address: kontakt@dalli-group.com 
or info@m-w.de

 

Part 2: Additional data protection information regarding the website

Thank you for visiting our website. In the following we set out which data we collect during your visit on our website and how exactly this data is used. This data privacy statement applies to all websites accounted for by DALLI-WERKE GmbH & Co. KG or affiliated companies, or by Mäurer & Wirtz GmbH & Co. KG or affiliated companies, respectively.

1.    Data collection and processing 
When you visit our website, our webservers temporarily save every access in a log file. The following data will be collected and stored until automatically deleted:

• Date and time of access
• Name and URL of the retrieved file
• Transferred data volume
• Notification on whether the call was successful
• Identification specification data of the used browser- and operating system
• IP address of the calling processor
• Website from which access is made
• Name of your internet access provider.

Processing of this data takes place in order to enable the use of the website (connection establishment), for system security and for technical administration of the network infrastructure.
The IP address will only be analyzed in the event of attacks on our network infrastructure or for other data security reasons.

 

2.    Use of personal data
The personal data you provide us via our website (e.g. your name and address or your e-mail-address) is processed for correspondence with you as well as for the purpose for which you have provided us with the data (e.g. in the framework of a request, an order of dosing aids or a promotional competition).
If you order services or products from us, without your separate consent your personal data will only be used insofar as it is necessary for the provision of the service or for the performance of the contract.
This includes, in particular, the forwarding of your data to transport companies, credit companies or other service providers used for the provision of the service or for the fulfillment of the contract. 
Beyond this, a use of this data for occasional offers to you via post or e-mail in order to inform you about new products or other services that might be of interest to you or about sales promotions of our company, only occurs insofar as legally permissible or where you have given us prior consent. Any use of your personal data shall be only in accordance with the before-mentioned purposes and only to the extent necessary to achieve these objects.
You can object to the receipt of advertisement from DALLI-WERKE GmbH & Co. KG or affiliated companies, or from Mäurer & Wirtz GmbH & Co. KG or affiliated companies, respectively, at any time by informing us correspondingly under the below-mentioned contact or e-mail-address. Consent given can also be revoked at any time by information to the below-mentioned contact or e-mail-address.

 

3.    Newsletters

Newsletter data
If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Other data is not collected or is only collected on a voluntary basis.

Legal basis
The processing of the data entered in the newsletter registration form is carried out exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to the storage of the data and the e-mail address as well as to their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The lawfulness of the data processing operations that have already taken place remains unaffected by the revocation.

Storage period
The data you have deposited with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you have unsubscribed from the newsletter or after the purpose has ceased to exist. We reserve the right to delete or block e-mail addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. Data that has been stored by us for other purposes remains unaffected by this.
After you have unsubscribed from the newsletter distribution list, your e-mail address may be stored in a blacklist by us or the newsletter service provider, if this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

Rapidmail
On some of our websites, we use Rapidmail to send newsletters. The provider is rapidmail GmbH, Augustinerplatz 2, 79098 Freiburg i.Br., Germany.
Rapidmail is a service that can be used to organize and analyze the sending of newsletters, among other things. The data you enter for the purpose of subscribing to the newsletter will be stored on Rapidmail's servers in Germany.

Data analysis through Rapidmail
For the purpose of analysis, the emails sent with Rapidmail contain a so-called "tracking pixel" that connects to Rapidmail's servers when the email is opened. In this way, it can be determined whether a newsletter message has been opened.
Furthermore, we can use Rapidmail to determine whether and which links in the newsletter message are clicked. All of the links in the email are tracking links that can be used to count your clicks. If you do not want analysis by Rapidmail, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in each newsletter message.
For more information on the analysis functions of Rapidmail, please refer to the following link: de.rapidmail.wiki/kategorien/statistiken/.

For more information on the storage period, please refer to Rapidmail's data security instructions at: www.rapidmail.de/datensicherheit.

Data processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law that ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Klaviyo
We have integrated Klaviyo on some of our websites. The provider is Klaviyo Inc., 125 Summer Street, Floor 6, Boston, MA, 02110, USA (hereinafter referred to as Klaviyo). Klaviyo is a marketing automation tool for sending emails, SMS, push notifications, and capturing customer reviews for eCommerce merchants.
If you give us your consent, we will also evaluate in the newsletters whether you have opened the newsletter as well as the scrolling and clicking behavior in the newsletter. This is done for the purpose of optimally tailoring our newsletter to your interests and improving the content of our newsletter. 
For this purpose, Klaviyo stores consent to email marketing. In particular, the following data may be processed: name, telephone number, e-mail address, address data, IP address, device identifiers, usage data (such as interactions between a user and Klaviyo's online system, website or e-mail, browser used, operating system used, referrer URL).
The use of Klaviyo is based on Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. The consent can be revoked at any time. Further details can be found in the provider's privacy policy under www.klaviyo.com/legal/privacy.

The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified according to the DPF is committed to complying with these data protection standards. Further information on this can be obtained from the provider under the following link: www.dataprivacyframework.gov/participant/6149.
The provider applies standard contractual clauses for the transfer of personal data to third countries. Details can be found here: www.klaviyo.com/legal/data-processing-agreement.

Data processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law that ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Typeform
We have integrated Typeform on some of our websites / social media channels. The provider is TYPEFORM S.L., Carrer Bac de Roda, 163, 08018 Barcelona, Spain (hereinafter referred to as Typeform).
Typeform allows us to create online forms and embed them on our websites/social media channels. In particular, we use Typeform to manage customer surveys after your purchase from us, insofar as you have given us consent in this regard. In doing so, we process your e-mail address, which you provided at the time of purchase and which products you have ordered from us. The data you enter into our Typeform forms is stored on Typeform's servers.

Typeform is used on the basis of Art. 6 para. 1 lit.f GDPR. We have a legitimate interest in functioning online forms. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit.a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TDDDG. The consent can be revoked at any time.

Data processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law that ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
 

 

4.    Transfer of personal data
The transfer of personal data to state offices or authorities only occurs in accordance with legal provisions or when the transfer is necessary for claiming our rights or for law enforcement in the event of attacks on our network infrastructure. Service-providers possibly involved in the framework of the execution only receive the data necessary to fulfil their tasks and they are equally subject to confidentiality obligations as our own staff members are. A transfer to other third parties only occurs insofar as legally permissible. Beyond this, your data will not be transferred to third parties.

 

5.    Security
DALLI-WERKE GmbH & Co. KG and Mäurer & Wirtz GmbH & Co. KG use appropriate technical and organizational security measures to protect your personal data administered by us from accidental or deliberate manipulation, loss, destruction and unauthorized access. Our security measures are continually improved according to technological development. 

 

6.    Cookies 

Our websites use so-called "cookies". Cookies are small data packets and do not cause any damage to your device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or until your web browser automatically deletes them.
Cookies can come from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain third-party services within websites (e.g. cookies for processing payment services).
Cookies have different functions. Many cookies are technically necessary because certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies may be used to evaluate user behavior or for advertising purposes.
Cookies that are necessary to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG); consent can be revoked at any time.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when you close the browser. If you disable cookies, the functionality of this website may be limited.
You can find out which cookies and services are used on this website in this privacy policy.

GDPR Legal Cookie by Shopify
On some of our websites, we use GDPR Legal Cookie by Shopify to obtain your consent to the storage of certain cookies on your device or to the use of certain technologies and to document them in compliance with data protection regulations. The provider of this technology is beeclever GmbH, Friedrich-Mohr-Straße 1, 56070 Koblenz (hereinafter referred to as "beeclever").
When you enter our website, a connection to the servers of the provider beeclever is established. In this way, the provider beeclever receives personal data, such as the browser used, the IP address and a time stamp. A cookie is then stored in your browser in order to be able to assign the consents given or their revocation to you. The data collected in this way will be stored until you ask us to delete it, delete the cookie yourself or the purpose for which the data is stored no longer applies. Mandatory statutory retention obligations remain unaffected. For details, see: apps.shopify.com/gdpr-legal-cookie.
GDPR Legal Cookie by Shopify is used to obtain the legally required consents for the use of cookies. The legal basis for this is Art. 6 para.1 lit.c GDPR.

Data processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law that ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
 

 

7.    Use of Google Analytics 

On some of our websites we use functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyze the behavior of website visitors. The website operator receives various usage data, such as: E.g. page views, length of stay, operating systems used and origin of the user. This data is summarized in a user ID and assigned to the website visitor's respective device.
Furthermore, we can use Google Analytics, among other things. Record your mouse and scroll movements and clicks. Furthermore, Google Analytics uses various modeling approaches to complement the data sets collected and uses machine learning technologies in data analysis.
Google Analytics uses technologies that enable user recognition for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.
The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. TDDDG. Consent can be revoked at any time.
Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: privacy.google.com/businesses/controllerterms/mccs/.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link:  https://www.dataprivacyframework.gov/participant/5780.

IP anonymization
We have activated the IP anonymization function on this website. This means that your IP address will be shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area before it is transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser plugin
You can prevent Google from collecting and processing your data by downloading and installing the browser plug-in available at the following link: tools.google.com/dlpage/gaoptout.
You can find more information about how Google Analytics handles user data in Google's privacy policy: support.google.com/analytics/answer/6004245.
The personal or pseudonymous data will be deleted or anonymized after 14 months.

Google signals
We also use Google signals on some of our websites. When you visit our website, Google Analytics collects, among other things: Your location, search history and YouTube history as well as demographic data (visitor data). This data can be used for personalized advertising with the help of Google Signal. If you have a Google account, Google Signal's visitor data will be linked to your Google account and used for personalized advertising messages. The data is also used to create anonymized statistics on the user behavior of our users.

Demographic characteristics in Google Analytics
Some of our websites also use the “demographic characteristics” function of Google Analytics to show website visitors appropriate advertisements within the Google advertising network. This allows reports to be created that contain information about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the section “Objection to data collection”.

Order processing
We have concluded an data processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Google Analytics eCommerce measurement
Some of our websites also use the “E-Commerce Measurement” function of Google Analytics. With the help of e-commerce measurement, the website operator can analyze the purchasing behavior of website visitors to improve their online marketing campaigns. Information such as orders placed, average order values, shipping costs and the time from viewing a product to purchasing it are recorded. This data can be summarized by Google under a transaction ID that is assigned to the respective user or their device.

 

Data processing
We have concluded a data processing agreement (DPA) with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
 

 

8.    Use of YouTube Videos with Advanced Privacy

On some of our websites we embed videos from the YouTube website. The website is operated by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
We use YouTube in extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the extended data protection mode does not necessarily exclude the passing on of data to YouTube partners. This way, regardless of whether you watch a video, YouTube establishes a connection to the Google Marketing Network.
As soon as you start a YouTube video on this website, a connection to YouTube's servers is established. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, after starting a video, YouTube can store various cookies on your device or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can receive information about visitors to this website. This information is, among other things, used to collect video statistics, improve user experience and prevent fraud attempts.
Possibly, further data processing operations may be triggered after starting a YouTube video, over which we have no influence.
YouTube is used in the interest of an appealing presentation of our online offerings. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TDDDG. The consent can be revoked at any time.
For more information about privacy at YouTube, please see their privacy policy at: policies.google.com/privacy     

 

The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: www.dataprivacyframework.gov/participant/5780.
 

 

9.    Google reCAPTCHAOn some of our websites, we use the Google "reCAPTCHA" service. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
With reCAPTCHA, we check whether the data entry on our respective websites (e.g. in a contact form) is carried out by a human or by a bot or an automated program. For this purpose, the behavior of the website visitor is analyzed by reCAPTCHA on the basis of various characteristics. The analysis takes place as soon as the user accesses our respective website and is fully automated in the background. As part of the analysis, reCAPTCHA evaluates various information (e.g. the IP address, the length of time the user spends on the website or mouse movements made by the user). The data collected as part of the analysis is forwarded to Google. 
The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.
The storage and analysis of the data is carried out on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its websites from abusive automated spying and spam. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TDDDG. The consent can be revoked at any time.
For more information about Google reCAPTCHA, please refer to the Google Privacy Policy and the Google Terms of Service at the following links: policies.google.com/privacy and policies.google.com/terms.
The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified according to the DPF is committed to complying with these data protection standards. Further information on this can be obtained from the provider under the following link: www.dataprivacyframework.gov/participant/5780.
 

 

10.    Use of Google MapsOn some of our websites we use Google Maps of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google Maps is a web service for the display of interactive maps to visually depict geographic information. The use of this service makes it possible to show you our location and to facilitate a possible approach.
As soon as the sub-sides that are integrated into the map of Google Maps are called up, information of your use of our website (such as your IP address and location data) is transferred to servers of Google and saved there. This may also lead to a transfer to the servers of the parent company Google LLC. in the USA. This happens irrespective of whether Google provides a user account over which you are logged in or whether a user account even exists. If you are logged in at Google your data will be directly allocated to your account. If you do not wish for an allocation with your profile you have to log off before activating the button. Google saves your data as user profiles (even for users that are not logged in) and evaluates them. The collection, storage and evaluation are based on the legitimate interests of Google in the pursuant to Art. 6 para. 1 lit. f GDPR in showing personalized advertisement, the market research and/or the tailored design of Google websites. You have the right of objection against the formation of such user profiles for the exercise of which you have to address Google.
If Google Maps is enabled, Google may use Google Fonts for the purpose of displaying fonts consistently. When you call up Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
If you do not agree to the future transmission of your data to Google in the context of the use of Google Maps, it is also possible to completely deactivate the Google Maps web service by deactivating JavaScript in your browser. Google Maps and thus also the map display on this website cannot be used. Detailed information on data protection in connection with the use of Google Maps can be found on the Google website: www.google.de/intl/de/policies/privacy/. 
The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we indicate on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1lit.f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para.1 lit.a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TDDDG. The consent can be revoked at any time.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: privacy.google.com/businesses/gdprcontrollerterms/ and privacy.google.com/businesses/gdprcontrollerterms/sccs/. 
More information on the handling of user data can be found in Google's privacy policy: policies.google.com/privacy.
The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified according to the DPF is committed to complying with these data protection standards. Further information on this can be obtained from the provider under the following link: www.dataprivacyframework.gov/participant/5780.
 

 

11.    Use of Webfonts by MyFonts.com or Adobe 

We use MyFonts on some of our websites. These are fonts that are loaded into your browser when you access our website in order to ensure a uniform typeface when displaying the website. The provider is Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, Massachusetts 01801, USA.
In order to check compliance with the license terms and the number of monthly page views, MyFonts transfers your IP address together with the URL of our website and our contract data to its servers in the USA. According to Monotype, your IP address will be anonymized immediately after transmission so that no personal reference can be made (anonymization).
Details can be found in Monotype's privacy policy at www.monotype.com/de/rechtspflichten/datenpolitik/datenpolitik-zum-tracking-von-webschriften 
The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified according to the DPF is committed to complying with these data protection standards. For more information, please contact the provider at the following link: www.dataprivacyframework.gov/s/participant-search/participant-detail.

On some of our websites, webfonts from Adobe are used to uniformly display certain fonts. The provider is Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (Adobe).
When you access this website, your browser loads the required fonts directly from Adobe in order to display them correctly on your device. Your browser establishes a connection to Adobe’s servers in the USA. This gives Adobe knowledge that this website was accessed via your IP address. According to Adobe, no cookies are stored when the fonts are provided.
The storage and analysis of the data is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the uniform presentation of the typeface on his website. 
If appropriate consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1lit.a GDPR and § 25 para. 1  TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TDDDG. The consent can be revoked at any time.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: www.adobe.com/de/privacy/eudatatransfers.html.
Further information about Adobe Fonts can be found at: www.adobe.com/de/privacy/policies/adobe-fonts.html. 
Adobe's privacy policy can be found at: www.adobe.com/de/privacy/policy.html.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: www.dataprivacyframework.gov/s/participant-search/participant-detail

 

12.    Additional Privacy Notice for our Facebook Fan Pages
Within the scope of the Facebook fan pages operated by DALLI-WERKE GmbH & Co. KG or its affiliates or by Mäurer & Wirtz GmbH & Co. KG or its dependent companies, you also have the opportunity to find out about our services or to contact and interact with us. Our Facebook fan pages are provided on the basis of the agreement reached with Meta (Meta Platforms  Ireland Limited (formerly Facebook Ireland Limited), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) on the joint processing of personal data pursuant to Art. 26 GDPR ("Page Insights Controller Addendum”). According to this, we ourselves cannot make and implement any decisions regarding the processing of insights data. Meta assumes primary responsibility pursuant to the GDPR for the processing of insights data and the fulfilment of all obligations under the GDPR with respect to the processing of insights data.
Please be informed that when you visit Facebook fan pages, data may be processed regarding you as a user in territories outside the EEA. Meta uses the EU Standard Contractual Clauses in order to ensure that in such cases your data receives a level of protection equivalent to the EU’s.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: www.dataprivacyframework.gov/s/participant-search/participant-detail;
Your data can be processed for market research and advertising purposes, for example by creating usage profiles and using them for advertising purposes based on the interests arising from your usage behaviour. For this purpose, cookies are usually stored on your computer.
Using the "Page Insights" feature, we can access statistical data from Meta in various categories related to the use of Facebook fan pages, such as the total number of page views, likes, page activities, post interactions, video views, post coverage, comments, shared content, responses, proportion of men and women, country and city of origin, language, views and clicks in the shop, clicks on route planners, and clicks on phone numbers. We use this information to be able to make our pages more attractive and more responsive to needs (e.g. by finding the right time to publish content).
Within the scope of the Facebook fan pages, personal data of the users is processed in order to safeguard our legitimate interests in tailoring our information offerings and communications with the users to needs and target groups (legal basis: Art. 6 para. 1 sentence 1 lit. f GDPR). If Meta, as provider of the platform, asks you for consent to a certain data processing, the processing is carried out in this respect on the legal basis of Art. 6 para. 1 sentence 1 lit. a GDPR.
With regard to the exercise of data subject rights and requests for information, please note that you can most effectively assert these directly with Meta (see https://www.facebook.com/legal/terms/information_about_page_insights_data). 
For more information about the processing and use of data, as well as the rights and settings options in this respect to protect your privacy, including opt-out, please refer to Meta's privacy policy at https://www.facebook.com/about/privacy/ as well as to "Information about Page Insights Data" at https://www.facebook.com/legal/terms/information_about_page_insights_data
Opt-out: www.facebook.com/settings or www.youronlinechoices.com.

 

13.    Use of Meta Pixel (formerly Facebook Pixel)

On some of our websites, the visitor action pixel from Facebook/Meta is used to measure conversions. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected will also be transferred to the USA and other third countries.
This allows the behavior of site visitors to be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of Facebook advertisements to be evaluated for statistical and market research purposes and future advertising measures to be optimized.
The data collected is anonymous for us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook uses the data for its own advertising purposes in accordance with the Facebook data usage guidelines (https://de-de.facebook.com/about/privacy/). can. This allows Facebook to enable the placement of advertisements on Facebook pages as well as outside of Facebook. As the site operator, we cannot influence this use of data.
The use of this service is based on your consent in accordance with Article 6 Paragraph 1 Letter a GDPR and Section 25 Paragraph 1 TTDSG. Consent can be revoked at any time.
To the extent that personal data is collected on our website using the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Article 26 GDPR). The joint responsibility is limited exclusively to collecting the data and passing it on to Facebook. The processing carried out by Facebook after the forwarding is not part of the shared responsibility. Our joint obligations have been set out in a joint processing agreement. The text of the agreement can be found at: www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Facebook tool and for the data protection-safe implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook directly on Facebook. If you assert your data subject rights with us, we are obliged to forward these to Facebook.

Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: www.facebook.com/legal/EU_data_transfer_addendum and de-de.facebook.com/help/566994660333381.
You can find further information on protecting your privacy in Facebook's data protection information: de-de.facebook.com/about/privacy/.
You can also deactivate the “Custom Audiences” remarketing function in the ad settings area at www.facebook.com/ads/preferences/. To do this you must be logged in to Facebook.
If you do not have a Facebook account, you can deactivate Facebook usage-based advertising on the European Interactive Digital Advertising Alliance website: www.youronlinechoices.com/de/praferenzmanagement/.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: www.dataprivacyframework.gov/s/participant-search/participant-detail
 

 

14.    Facebook Custom Audiences 

We use Facebook Custom Audiences. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
When you visit or use our websites and apps, use our free or paid offers, transmit data to us or interact with our company's Facebook content, we collect your personal data. If you give us your consent to use Facebook Custom Audiences, we will transmit this data to Facebook, which Facebook can use to show you appropriate advertising. Furthermore, target groups can be defined with your data (lookalike audiences).
Facebook processes this data as our processor. Details can be found in the Facebook user agreement: www.facebook.com/legal/terms/customaudience.
The use of this service is based on your consent in accordance with Article 6 Paragraph 1 Letter a GDPR and Section 25 Paragraph 1 TTDSG. Consent can be revoked at any time.
Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: www.facebook.com/legal/terms/customaudience and www.facebook.com/legal/terms/dataprocessing.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: www.dataprivacyframework.gov/s/participant-search/participant-detail
You can also deactivate the “Custom Audiences” remarketing function in the ad settings area at www.facebook.com/ads/preferences/. To do this, you must be logged in to Facebook."
 

 

15.    Use of WhatsApp
On some of our websites we provide – possibly via a designated share link/ button and a corresponding logo - links to WhatsApp (WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland), an instant messaging service that is part of Meta Platforms Inc. (formerly Facebook Inc.) We advise you that you use the thereby callable, externally linked services and its functions on your own authority. WhatsApp stores data of its users and might also use those for business purposes. If you do not wish this, please do not click on the respective links or share links/ buttons. Further information on WhatsApps data processing are available at https://www.whatsapp.com/legal/updates/privacy-policy.

 

16.    Use of Instagram

On some of our websites we provide – possibly via a designated share link/ button and a corresponding logo - links to Instagram. We advise you that you use the callable, linked Instagram service and its functions on your own authority. The Instagram service is one of the Meta products provided by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Irland. For the provision of Meta products information about the users is processed. Meta and Instagram share infrastructure, systems and technology with other Meta companies and might process information about the users beyond the Meta companies. The data collected about you during such use are processed by Meta. If you do not wish this, please do not click on the respective links or share links/ buttons. Further information on the data processing by Meta and on the Instagram settings are available on the internet pages of Instagram (i.a. www.instagram.com or help.instagram.com/519522125107875).
The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. The consent can be revoked at any time.
Insofar as personal data is collected on our website and forwarded to Facebook with the help of the tool described here, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). Joint responsibility is limited exclusively to the collection of data and its disclosure to Facebook. The processing by Facebook after the transfer is not part of the joint responsibility. Our joint obligations have been set out in a joint processing agreement. The text of the agreement can be found at: www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for the provision of data protection information when using the Facebook tool and for the implementation of the tool on our website in a manner that is secure under data protection law. Facebook is responsible for the data security of Facebook products. You can assert the rights of data subjects (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert your rights as a data subject with us, we are obliged to forward them to Facebook.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: www.facebook.com/legal/EU_data_transfer_addendum, de-de.facebook.com/help/566994660333381 and www.facebook.com/policy.php.
The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified according to the DPF is committed to complying with these data protection standards. Further information on this can be obtained from the provider under the following link: www.dataprivacyframework.gov/s/participant-search/participant-detail.
 

 

17.    Use of X (formerly Twitter)

On some of our websites we provide – possibly via a designated share link/ button and a corresponding logo - links to the platform or the services of X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA . The data controller of individuals living outside the United States is Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.
We advise you that you use the offered Twitter short message service and its functions on your own authority. Twitter might collect data of the users of its service. If you do not wish this, please do not click on the respective links or share links/ buttons. You can find information on which data is processed by Twitter and for what purposes it is used in Twitter’s privacy statement and under help.twitter.com/en/forms/privacy .

 

18.    Use of Pinterest
On some of our websites we provide – possibly via a designated share link/ button and a corresponding logo - links to the platform or services of Pinterest (Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland). We advise you that you use the linked services and its functions on your own authority. Pinterest stores data of its users (e.g. personal information, IP address etc.) and might also use those for business purposes. If you do not wish this, please do not click on the respective links or share links/ buttons. You can find further information on Pinterest’s data processing in Pinterest’s privacy policy under https://policy.pinterest.com/en-gb/privacy-policy.


19.    Use of von Google Tag Manager

On some of our websites we use Google Tag Manager. This is a tag management system that allows various tools or tags to be managed through one user interface. The other tags and tools integrated into Google Tag Manager may collect data from you. Google Tag Manager itself does not access this data. If a deactivation has been made at the domain or cookie level, it will remain in place for all tracking tags implemented with this tool.
The use of Google Tag Manager is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and management of various tools on its website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TDDDG. The consent can be revoked at any time.
Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: privacy.google.com/businesses/controllerterms/mccs/.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link:  https://www.dataprivacyframework.gov/participant/5780. 
Further information on the purpose and scope of data collection and processing as well as further information on your rights in this regard and setting options for the protection of your privacy can be obtained from: Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; Data protection conditions: support.google.com/tagmanager/answer/7207086 ; privacy policy: policies.google.com/privacy .


20.    Use of Floodlight Tags Google Ad Tags

On some of our websites we use Google Floodlight from service provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland.. Google stores and processes information about your user behaviour on our website and uses, among other things, floodlight tags (code snippets) and cookies, i.e. small text files that are stored locally in the web browser on your device and enable an analysis of your use of our website.
In this context, Google processes, among other things, your IP address, as well as pseudonymized cookie or advertising IDs. In addition, contact or location data such as your e-mail address or GPS coordinates may also be processed.
We use Google Floodlight for marketing and optimization purposes and to find out how you came to our website and what content you use there. This is to help us highlight content that is relevant to you on our website and improve your user experience.
The legal basis for the use of Floodlight Tags Google Ad Tags is your explicit and voluntary consent in accordance with Art. 6 para. 1 lit. a GDPR in the processing of your personal data for marketing purposes and § 25 para. 1 TDDDG in the setting of the cookies and the tags. The consent can be revoked at any time.
Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: privacy.google.com/businesses/controllerterms/mccs/.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link:  https://www.dataprivacyframework.gov/participant/5780
Further information on the purpose and scope of data collection and processing as well as further information on your rights in this regard and setting options for the protection of your privacy can be obtained from Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland, data protection conditions policies.google.com/privacy

 

21.    Use of Hotjar  

We use Hotjar on some of our websites. The provider is Hotjar Ltd., Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (Website: www.hotjar.com).
Hotjar is a tool for analyzing your user behavior on this website. With Hotjar, we can, among other things: Record your mouse and scroll movements and clicks. Hotjar can also determine how long you have stayed on a certain spot with the mouse pointer. From this information, Hotjar creates so-called heat maps, which can be used to determine which website areas are preferred by the website visitor.
We can also determine how long you stayed on a page and when you left it. We can also determine at which point you have abandoned your entries in a contact form (so-called conversion funnels).
In addition, Hotjar can be used to collect direct feedback from website visitors. This function serves to improve the website operator's web offerings.
Hotjar uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or the use of device fingerprinting).
If consent has been obtained, the assignment will be carried out in this way. g. service exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 
§ 25 TDDDG. The consent can be revoked at any time. If no consent has been obtained, the use of this service is based on Art. 6 para. 1 lit.f  GDPR; the website operator has a legitimate interest in the analysis of user behavior in order to optimize both its website and its advertising.

Disabling Hotjar
If you want to opt out of Hotjar's data collection, click on the following link and follow the instructions there: www.hotjar.com/policies/do-not-track/
Please note that the deactivation of Hotjar must be done separately for each browser or device.
For more information about Hotjar and the data collected, please refer to Hotjar's privacy policy at the following link: www.hotjar.com/privacy

Data processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law that ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
 

22.    Cooperation with ADITION technologies AG
We have integrated the campaign tracking of the service provider ADITION technologies AG on this website via our advertising service provider Mediascale GmbH & Co KG.

Campaign Tracking
Our advertising service provider Mediascale GmbH & Co. KG is responsible for the data collection for online advertising. The tracking system of the following service provider is used:

ADITION technologies AG
Oststraße 55
D-40211 Düsseldorf

Insofar as consent has been obtained, the use of the above-mentioned service is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 TTDSGTDDDG. The consent can be revoked at any time. If no consent has been obtained, the use of this service is based on Art. 6 para. 1 lit. f GDPR; the website operator has a legitimate interest in the most effective marketing measures possible. The system is used on our websites for the following purposes.

Campaign impact tracking on our websites
With the help of tracking, we can evaluate when users are shown one of our advertising banners on another website (visual contacts) and have also clicked on it. After clicking on the corresponding advertising banner, users are redirected to our webshop. With the help of this tracking tool, we can track how many users were led to our shop via the corresponding advertising medium and how they then behaved (click, bounce, purchase, etc.). This data is then linked together. The data collected is statistically evaluated in order to optimize the performance of the media campaigns. All collected usage data is stored using a pseudonym.  The data collected is not used to personally identify visitors to our website and is not combined with personal data about the bearer of the pseudonym.

Control of user-based online advertising (so-called retargeting)
The service provider collects and processes your usage behaviour on websites operated by us in a pseudonymous manner. This data is used to address users again after visiting our websites with targeted advertising according to their usage behaviour. These advertisements take place outside of our websites.

The following third-party cookie is used for data collection:
Cookie-Domain: adfarm3.adition.com
Cookiename: UserID1
Cookie duration: 180 days after contact

You have the option of preventing the recording of usage data by the system at any time by setting an opt-out cookie here. If you delete the cookies in your browser, opt-out cookies will also be deleted. You will then have to opt-out again.
Further information on data protection at Adition: www.adition.com/kontakt/datenschutz/.  

Data processing
We have concluded a contract for order processing (DPA). This is a contract required by data protection law that ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

23.    Use of Trusted Shops
In some of our online shops, we use the services of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany ("Trusted Shops") for buyer protection and the rating system. This is to protect your purchases as well as to improve our customer service. Personal data is processed in the process.
The processing of the data is carried out for the following purposes:
•    Buyer Protection: To secure your orders and to process any warranty claims. The legal basis for this is Art. 6 para. 1 lit. b GDPR, as the processing is necessary for the performance of the purchase contract.
•    Rating system: After completing your purchase, you will be given the opportunity to rate it. For this purpose, Trusted Shops will send you a review invitation by e-mail. The legal basis for this processing is your prior consent in accordance with Art. 6 para. 1 lit. a GDPR, provided that you have given this consent during the ordering process.

When using the Trusted Shops services, the following personal data is transmitted: order details (e.g. order number, product name, purchase price), your contact details (e.g. name, e-mail address) and transaction information (e.g. time of purchase). The recipient of the data is Trusted Shops GmbH, which partly acts as an independent controller.

The data transmitted by us to Trusted Shops will be stored there for as long as it is necessary to fulfil the contractual purposes or until you revoke your consent. After the expiry of the legally prescribed retention periods, the data will be deleted.

You have the right to obtain information about the processing of your personal data at any time (Art. 15 GDPR) as well as other rights, such as the right to rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR), data portability (Art. 20 GDPR) and objection (Art. 21 GDPR). If you wish to exercise these rights in relation to Trusted Shops, please contact Trusted Shops directly using the contact information provided in their privacy policy.

The cooperation with Trusted Shops is based on joint responsibility in accordance with Art. 26 GDPR, as both we and Trusted Shops jointly determine the purposes and means of the processing of your personal data. 
If your data is transferred to countries outside the EU or the EEA, this will only take place under the condition of appropriate safeguards, such as the use of EU standard contractual clauses.
Further information on data processing by Trusted Shops can be found in the data protection declaration of TrustedShops www.trustedshops.de/impressum-datenschutz/. 

24.    Shopify 
We host the content of our webshops with the following provider:
Shopify.
The provider is Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (hereinafter referred to as "Shopify").
Shopify is a tool for creating and hosting websites. When you visit our website, Shopify collects your IP address, as well as information about the device and browser you are using. Shopify is also used to analyze visitor numbers, visitor sources, and customer behavior, as well as create user statistics. When you make a purchase on our website, Shopify also collects your name, email address, shipping and billing addresses, payment information, and other information related to the purchase (e.g., phone number, amount of sales made, etc.). For analytics, Shopify stores cookies in your browser.
For details, please refer to Shopify's privacy policy: www.shopify.de/legal/datenschutz.

The use of Shopify is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our website as reliably as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para.1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TDDDG. The consent can be revoked at any time.

Data processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law that ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.


25.    Amendment of the data protection rules
The further development of our website or the implementation of new technologies and other things might require an amendment of this data privacy statement. We therefore reserve the right to amend our data privacy statement at any time with effect for the future. We therefore recommend you to read the current data privacy statement from time to time. 

The information on data protection about our data processing according to Articles 13, 14 and 21 GDPR and the additional data protection information regarding the website, respectively, may change from time to time. All changes will be published on this page. We provide older versions in an archive to be viewed.
 

Part 3: Additional data protection information for the online shops of Mäurer & Wirtz GmbH & Co. KG (“Mäurer & Wirtz”)

As part of the online shop pages designed and operated by Mäurer & Wirtz, you have the opportunity to find out about products from the Mäurer & Wirtz environment and to purchase them from our partner aixtema GmbH, Philipsstraße 8, 52068 Aachen (“aixtema”).

Mäurer & Wirtz and aixtema have agreed on joint responsibility for this in accordance with Article 26 GDPR. Mäurer & Wirtz and aixtema have concluded a separate agreement for details about the cooperation as jointly responsible parties, in which they also make provisions for the parties to fulfill their obligations under the GDPR with regard to the operation of the online shops.

The joint responsibility essentially extends to the technical collection of personal data from customers of the online shop pages and their transfer to aixtema via a jointly set up interface.

Aixtema is solely responsible under data protection law for the processing of customers' personal data in the context of order processing, delivery, customer contact and customer service. Regarding the contractual relationship, it is made clear that when you place an order on our online shop pages, you as a customer only enter into a purchase contract with aixtema, but not with Mäurer & Wirtz itself.

Mäurer & Wirtz is responsible for the content, product descriptions and design of the online shops. Mäurer & Wirtz is the sole controller under data protection law for the processing of any other personal data that may be collected that is not relevant to the order.

Affected persons can assert the rights to which they are entitled under Articles 15 to 22 GDPR either against Mäurer & Wirtz or aixtema. You will generally receive the relevant information or feedback from the party to which you made the request. However, if you have any data protection questions regarding the ordering process, we ask you to contact aixtema: aixtema GmbH, Philipsstraße 8, 52068 Aachen, telephone: +49 241 70515-0, email: info@aixtema.de. If you have any questions about data processing on our platform (e.g. regarding sending newsletters), please contact Mäurer & Wirtz. The contact details of the respective contact persons can also be found in Part 1 of this Mäurer & Wirtz data protection declaration or in the aixtema data protection declaration linked below.

Further detailed information on data protection at Mäurer & Wirtz, including contact details of the person responsible for data protection and the data protection officer as well as explanations on the purposes and legal basis of data processing, your personal data protection rights, the technologies used by Mäurer & Wirtz and the adjustment/revocation of consent can be found in Parts 1 and 2 of the data protection declaration of Mäurer & Wirtz (https://www.m-w.de/datenschutz/).

You can find further detailed information on data protection at aixtema, including contact details of the data protection officer responsible for data processing, in aixtema's data protection declaration at: www.aixtema.de/de/datenschutz.