Privacy Policy

Welcome to the SUPRAINFINIT (hereinafter, “SUPRAINFINIT,” “Suprainfinit,” “us,” “our,” or “we”)  Privacy Policy (the “Policy”).

With this privacy policy, we would like to inform you about the nature, scope and purpose of the processing of personal data (hereinafter also referred to as "data"). Personal data are all data that have a personal reference to you, e.g. name, address, e-mail address or your user behavior. The data protection declaration applies to all data processing operations carried out by us both within the scope of our core activities and for the online media provided by us.

1. General Information

1.1 Information about the responsible party (referred to as the “controller” in the GDPR)

The data on this website is processed by the operator of the website (referred to as the “controller” in the GDPR):

SC SUPRAINFINIT SRL

Suzana Vasilescu

suprainfinitgallery@gmail.com

Address upon request

The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g., names, e-mail addresses, etc.).

Contact details of our data protection officer

You can contact our data protection officer by e-mail at suprainfinitgallery+dataprivacy@gmail.com or at our postal address with the addition "to the data protection officer".

1.2 Data protection

The operators of this website and its pages take the protection of your personal data very seriously. Hence, we handle your personal data as confidential information and in compliance with the statutory data protection regulations and this Data Protection Declaration.

Whenever you use this website, a variety of personal information will be collected. Personal data comprises data that can be used to personally identify you. This Data Protection Declaration explains which data we collect as well as the purposes we use this data for. It also explains how, and for which purpose the information is collected.

We herewith advise you that the transmission of data via the Internet (i.e., through e-mail communications) may be prone to security gaps. It is not possible to completely protect data against third-party access.

1.3 How do we record your data?

We collect your data as a result of your sharing of your data with us. This may, for instance be information you enter into our contact form. Other data shall be recorded by our IT systems automatically or after you consent to its recording during your website visit. This data comprises primarily technical information (e.g., web browser, operating system, or time the site was accessed). This information is recorded automatically when you access this website.

1.4 Processing of your data within the scope of the core activity of our company

If you are our customer or business partner or are interested in our services, the type, scope and purpose of the processing of your data depends on the contractual or pre-contractual relationship existing between us. In this sense, the data processed by us includes all those data that are or were provided by you for the purpose of using the contractual or pre-contractual services and that are required to process your inquiry or the contract concluded between us. Unless otherwise stated in the further notes to this data protection declaration, the processing of your data and its transfer to third parties is limited to those data that are necessary and expedient to answer your inquiries and/or to fulfill the contract concluded between you and us, to protect our rights and to fulfill legal obligations. We will inform you which data is required for this before or in the course of data collection. Insofar as we use third-party providers to provide our services, the data protection notices of the respective third-party providers apply.

1.5 What are the purposes we use your data for?

Processing of contractual services, communication as well as answering contact requests, office and organization procedures. A portion of the information is generated to guarantee the error free provision of the website. Other data may be used to analyze your user patterns.

Data concerned:

  • Inventory data (e.g. names, addresses)
  • Payment data (e.g. bank details, invoices)
  • Contact data (e.g. e-mail address, telephone number, postal address)
  • Contract data (e.g. subject matter of contract, duration of contract)

Affected persons:

Website visitors, Interested parties, business- and contractual partners

1.6 Analysis tools and tools provided by third parties

There is a possibility that your browsing patterns will be statistically analyzed when your visit this website. Such analyses are performed primarily with what we refer to as analysis programs. For detailed information about these analysis programs please consult our Data Protection Declaration below.

2. Your rights under the GDPR

You have the right to receive information about the source, recipients, and purposes of your archived personal data at any time without having to pay a fee for such disclosures. You also have the right to demand that your data are rectified or eradicated. If you have consented to data processing, you have the option to revoke this consent at any time, which shall affect all future data processing. Moreover, you have the right to demand that the processing of your data be restricted under certain circumstances. Furthermore, you have the right to log a complaint with the competent supervising agency.

Please do not hesitate to contact us at any time if you have questions about this or any other data protection related issues using the email indicated under “Contact details of our data protection officer”.

2.1 What rights do you have as far as your information is concerned?

According to the GDPR, you are entitled to the rights listed below, which you can exercise at any time by contacting the data controller named in section 1. of this privacy statement:

  • Right to information: you have the right to request information from us about whether and what data we process from you.
  • Right to rectification: you have the right to request the rectification of incorrect or completion of incomplete data.
  • Right to erasure: You have the right to request the erasure of your data.
  • Right to restriction: in certain cases, you have the right to request that we only process your data in a restricted manner.
  • Right to data portability: You have the right to request that we transfer your data to you or another responsible party in a structured, common and machine-readable format.
  • Right to complain: You have the right to complain to a supervisory authority. The supervisory authority of your usual place of residence, your workplace or our company headquarters is responsible.

Information about, rectification and eradication of data

Within the scope of the applicable statutory provisions, you have the right to at any time demand information about your archived personal data, their source and recipients as well as the purpose of the processing of your data. You may also have a right to have your data rectified or eradicated. If you have questions about this subject matter or any other questions about personal data, please do not hesitate to contact us at any time.

Right to demand processing restrictions

You have the right to demand the imposition of restrictions as far as the processing of your personal data is concerned. To do so, you may contact us at any time. The right to demand restriction of processing applies in the following cases:

  • In the event that you should dispute the correctness of your data archived by us, we will usually need some time to verify this claim. During the time that this investigation is ongoing, you have the right to demand that we restrict the processing of your personal data.
  • If the processing of your personal data was/is conducted in an unlawful manner, you have the option to demand the restriction of the processing of your data in lieu of demanding the eradication of this data.
  • If we do not need your personal data any longer and you need it to exercise, defend or claim legal entitlements, you have the right to demand the restriction of the processing of your personal data instead of its eradication.
  • If you have raised an objection pursuant to Art. 21(1) GDPR, your rights and our rights will have to be weighed against each other. As long as it has not been determined whose interests prevail, you have the right to demand a restriction of the processing of your personal data.

If you have restricted the processing of your personal data, these data – with the exception of their archiving – may be processed only subject to your consent or to claim, exercise or defend legal entitlements or to protect the rights of other natural persons or legal entities or for important public interest reasons cited by the European Union or a member state of the EU.

Right to data portability

You have the right to demand that we hand over any data we automatically process on the basis of your consent or in order to fulfil a contract be handed over to you or a third party in a commonly used, machine readable format. If you should demand the direct transfer of the data to another controller, this will be done only if it is technically feasible.

Right to log a complaint with the competent supervisory agency

In the event of violations of the GDPR, data subjects are entitled to log a complaint with a supervisory agency, in particular in the member state where they usually maintain their domicile, place of work or at the place where the alleged violation occurred. The right to log a complaint is in effect regardless of any other administrative or court proceedings available as legal recourses.

Revocation of your consent to the processing of data

A wide range of data processing transactions are possible only subject to your express consent. You can also revoke at any time any consent you have already given us. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your revocation.

Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)

IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS, ON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING, EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION PURSUANT TO ART. 21(1) GDPR).

IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).

3. Data Processing

3.1 Information on data transfer to the USA and other non-EU countries

Among other things, we use tools of companies domiciled in the United States or other from a data protection perspective non-secure non-EU countries. If these tools are active, your personal data may potentially be transferred to these non-EU countries and may be processed there. We must point out that in these countries, a data protection level that is comparable to that in the EU cannot be guaranteed. For instance, U.S. enterprises are under a mandate to release personal data to the security agencies and you as the data subject do not have any litigation options to defend yourself in court. Hence, it cannot be ruled out that U.S. agencies (e.g., the Secret Service) may process, analyze, and permanently archive your personal data for surveillance purposes. We have no control over these processing activities.

3.2 External Hosting

This website is hosted by an external service provider (host). Personal data collected on this website are stored on the servers of the host. These may include, but are not limited to, IP addresses, contact requests, metadata and communications, contract information, contact information, names, web page access, and other data generated through a web site.

The host is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of secure, fast, and efficient provision of our online services by a professional provider (Art. 6(1)(f) GDPR).

Our host will only process your data to the extent necessary to fulfill its performance obligations and to follow our instructions with respect to such data.

We are using the following host:

Webflow, Inc.

398 11th Street,

2nd Floor,San Francisco, CA 94103

USA

About Webflow

Webflow is a tool for creating and hosting websites. Webflow stores cookies or other recognition technologies that are necessary for the presentation of the page, to provide certain website functions and to ensure security (necessary cookies).For details, see Webflow’s privacy policy: https://webflow.com/legal/privacy.

Data processing Agreement

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://webflow.com/legal/eu-privacy-policy

We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

See an overview of the Data Processing Addendum here: https://webflow.com/legal/dpa

3.3 Content Delivery Networks (CDN)

We use a content delivery network (CDN) to serve our web pages. A CDN is a network of regionally distributed servers connected via the Internet. The CDN provides scaling storage and delivery capacities. This optimizes the loading times of our Internet pages and ensures optimal data throughput even during large load peaks. User requests on our Internet pages are routed via servers of the CDN. Statistics are created from these data streams. On the one hand, this serves to detect potential threats to our Internet pages from malware at an early stage and, on the other hand, to continuously improve our offer and make our Internet pages more user-friendly for you as a user.

We would like to point out that, depending on the country of domicile of the service provider mentioned below, the data collected via the service may be transmitted and processed outside the area of the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR may not be complied with and that the enforcement of your rights may not be possible or may be difficult.

Data Concerned:

  • Content data (e.g. posts, photos, videos)
  • Usage data (e.g. access times, web pages clicked on)
  • Communication data (e.g. information about the device used, IP address)
  • Purpose of processing: technical optimization of the Internet presence, analysis of errors and user behavior

Legal basis:

Legitimate interest, Art. 6 (1)(f) GDPR

We are using the following CDN providers:

Amazon CloudFront

Service provider: Amazon Web Services, Inc., 410 Terry Avenue North, Seattle WA 98109, USA

Website: https://aws.amazon.com/de/

Privacy & Policy: [https://aws.amazon.com/de/privacy/?nc1=f_pr.](https://aws.amazon.com/de/privacy/?nc1=f_pr.)

Cloudflare

Service provider: Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA

Website: https://www.cloudflare.com/

Privacy & Policy: https://www.cloudflare.com/privacypolicy/

Scope of data collection: https://blog.cloudflare.com/what-cloudflare-logs/

JS Deliver

Service provider: JS Deliver / Prospect One, Ul. Karmelicka 5 5, Krakow; Malopolskie; Postal Code: 31-133

Website: https://www.jsdelivr.com/

Privacy & Policy: https://www.jsdelivr.com

3.4 SSL and/or TLS encryption

For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption program. You can recognize an encrypted connection by checking whether the address line of the browser switches from “http://” to “https://” and also by the appearance of the lock icon in the browser line.

If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.

3.5 When do we delete your data?

We delete your data when we no longer need it or when you instruct us to do so. This means that - unless otherwise stated in the individual data protection notices of this privacy policy

  • we will delete your data, when the purpose of the data processing has ceased to exist and therefore the respective legal basis stated in the individual data protection notices no longer exists, e.g.
  • after termination of the contractual or membership relationship existing between us (Art. 6 (1)(a) GDPR) or
  • after our legitimate interest in the further processing or storage of your data ceases to exist (Art. 6 (1)(f) GDPR),
  • if you exercise your right of withdrawal and no other legal basis for processing within the meaning of Art. 6 (1) (b-f) GDPR applies,
  • if you make use of your right to object and there are no compelling reasons worthy of protection against the deletion.

If, however, we still need to retain (certain parts of) your data for other purposes, for example because tax retention periods (usually 6 years for business correspondence or 10 years for accounting records) or the assertion, exercise or defense of legal claims arising from contractual relationships (up to four years) make this necessary or the data is needed to protect the rights of another natural or legal person, we will delete (the part of) your data only after these periods have expired. However, until the expiration of these periods, we limit the processing of this data to these purposes (fulfillment of retention obligations).

4. Recording of data on this website

4.1 Cookies

Our websites and pages use what the industry refers to as “cookies.” Cookies are small text files that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently archived on your device (permanent cookies). Session cookies are automatically deleted once you terminate your visit. Permanent cookies remain archived on your device until you actively delete them, or they are automatically eradicated by your web browser.

In some cases, it is possible that third-party cookies are stored on your device once you enter our site (third-party cookies). These cookies enable you or us to take advantage of certain services offered by the third party (e.g., cookies for the processing of payment services).

Cookies have a variety of functions. Many cookies are technically essential since certain website functions would not work in the absence of the cookies (e.g., the shopping cart function or the display of videos). The purpose of other cookies may be the analysis of user patterns or the display of promotional messages.

Two types of cookies are used when you visit our websites:

  • Temporary cookies (session cookies): These store a so-called session ID, which can be used to assign various requests from your browser to the joint session. Session cookies are deleted when you log out or close your browser.
  • Permanent cookies: Permanent cookies remain stored even after you close your browser. This allows our website to recognize your computer again when you return to our website. For example, information on language settings or log-in information is stored in these cookies. In addition, these cookies can be used to document and store your surfing behavior. This data can be used for statistical, marketing and personalization purposes.

In addition to the above classification, cookies can also be distinguished in terms of their purpose:

  • Necessary cookies: these are cookies that are absolutely necessary for the operation of our website, to store logins or shopping carts for the duration of your session, or cookies that are set for security reasons.
  • Statistical, marketing and personalization cookies: these are cookies that are used for analysis purposes or reach measurement. In particular, information on search terms entered or the frequency of page views may be stored via such "tracking" cookies. In addition, the surfing behavior of an individual user (e.g. viewing of certain content, use of functions, etc.) can also be stored in a user profile. Such profiles are used to display content to users that matches their potential interests. Insofar as we use services that store cookies on your terminal device for statistical, marketing and personalization purposes, we will inform you separately in the following sections of our data protection statement or in the context of obtaining your consent.

Data concerned:

  • Usage data (e.g. access times, web pages clicked on).
  • Communication data (e.g. information about the device used, IP address).

Data subjects:

Users of our online offers

Purpose of processing:

Playing out our Internet pages, ensuring the operation of our Internet pages, improving our Internet offering, communication and marketing.

Legal basis:

Legitimate interest, Art. 6 (1) (f) GDPR

If we do not obtain your consent to the setting of cookies, we base the processing of your data on our legitimate interest in improving the quality and user-friendliness of our website, in particular the content and functions. You have via the security settings of your browser to object to the use of cookies set by us in the context of our legitimate interest. There you have the option of specifying whether you do not accept cookies from the outset or only on request, or whether you specify that cookies are deleted each time you close your browser. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.

Consent, Art. 6 (1) (a) GDPR

If we ask you before your visit to our website to be allowed to set certain cookies on your terminal device and you consent to this, the legal basis is to be seen in the consent you have given. As part of the consent, we will inform you about which cookies we set in detail. If you do not give this consent, we will only set the so-called technically necessary cookies that are required for the proper operation of our website and its display in your browser. If you have consented to the setting of cookies, you have the option to revoke your consent at any time.

How to handle Cookie Consents

You have the option to set up your browser in such a manner that you will be notified any time cookies are placed and to permit the acceptance of cookies only in specific cases. You may also exclude the acceptance of cookies in certain cases or in general or activate the delete function for the automatic eradication of cookies when the browser closes. If cookies are deactivated, the functions of this website may be limited.

In the event that third-party cookies are used or if cookies are used for analytical purposes, we will separately notify you in conjunction with this Data Protection Policy and, if applicable, ask for your consent.

You can manage your cookie preferences for this website by clicking "manage cookie preferences" in the footer of every page of this website.

4.2 Analysis tools and advertising

In order to record and statistically evaluate the flow of visitors to our Internet presence, we use web analysis services. Such services collect, among other things, data about the website from which you have accessed our website (so-called referrers), which pages of our website you have accessed, how long you have visited our pages and which interactions you have carried out there. In addition, data on the browser you use, computer system and type of device are collected. In addition, demographic information such as age or gender can be collected as pseudonymous values via such a service. If you have consented to the collection of your location data, this may also be processed, depending on the provider.

In order to collect and store this data, the web analysis service we use usually sets a cookie on the terminal device you use, which also collects the IP address assigned to you. However, this is shortened via a so-called IP masking procedure, so that the IP address can no longer be assigned to your visit to our website. In addition, no clear data such as names or e-mail addresses are stored. Neither we nor the service we use know the identity of visitors to our website.

We would like to point out that, depending on the country of domicile of the service provider mentioned below, the data collected via the service may be transmitted and processed outside the area of the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR may not be complied with and that the enforcement of your rights may not be possible or may be difficult.

Data concerned:

  • Usage data (e.g. access times, web pages clicked on).
  • Communication data (e.g. information about the device used, IP address).

Data subjects:

Users of our online offers

Purpose of processing:

Playing out our Internet pages, ensuring the operation of our Internet pages, improving our Internet offering, communication and marketing.

Legal basis:

If we have asked you for your consent before using the respective service, this is the legal basis, Art. 6 (1)(a) GDPR. In addition, we use the respective service on the basis of our legitimate interest to analyze the flow of visitors to our website in order to continuously improve the functions, offers and user experience, Art. 6 (1)(f) GDPR.

We use the following web analytics services:

Google Analytics

Service provider: Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA Headquarters within the EU: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland

Website: https://marketingplatform.google.com

Privacy policy: https://policies.google.com/privacy?hl=de

Opt-out option: If you do not want your data to be used by Google Analytics. you can set a so-called opt-out plugin, which will prevent data from you being collected on our website in the future. You can obtain this plugin here: https://tools.google.com/dlpage/gaoptout?hl=de

4.3 Request by e-mail, telephone, or fax

If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.

These data are processed on the basis of Art. 6(1)(b) GDPR if your inquiry is related to the fulfillment of a contract or is required for the performance of pre-contractual measures. In all other cases, the data are processed on the basis of our legitimate interest in the effective handling of inquiries submitted to us (Art. 6(1)(f) GDPR) or on the basis of your consent (Art. 6(1)(a) GDPR) if it has been obtained.

The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

Data concerned:

  • Inventory data (e.g. names, addresses)
  • Payment data (e.g. bank details, invoices)
  • Contact data (e.g. e-mail address, telephone number, postal address)
  • Contract data (e.g. subject matter of contract, duration of contract)

Data subjects:

Interested parties, customers, business and contractual partners

Purpose of processing:

Communication as well as responding to contact requests, office and organizational procedures.

Legal Basis:

Contract fulfillment and pre-contractual inquiries, Art. 6 (1)(b) GDPR, legitimate interest, Art. 6 (1) (f) GDPR

4.4 Newsletter

We send out a newsletter at regular intervals to inform our customers and business partners and interested parties about our offers and related news. You have the option of registering for our newsletter on our website and agreeing to receive the newsletter as part of the registration process. If you register for our newsletter, it is obligatory to provide your e-mail address. We store the e-mail address in order to be able to send you the newsletter. As soon as a registration to our newsletter is made, you will receive a confirmation e-mail to the e-mail address provided during registration in the so-called double opt-in procedure. This e-mail contains a link. When you click on this link, you confirm that you would like to receive the newsletter. In this way, we ensure that your e-mail address has not been misused by a third party during registration. For the same reason, we store the date and time of registration as well as the IP address assigned to you during registration. We do not pass on the aforementioned data to third parties. For the handling of the newsletter, we use newsletter service providers, which are described below.

As our newsletter provider we use:

Mailchimp

Service Provider: "Mailchimp" - Rocket Science Group LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA

Website: https://mailchimp.com

Privacy Policy: https://mailchimp.com/legal/privacy/

Among other things, MailChimp is a service that can be deployed to organize the sending of newsletters. Whenever you enter data for the purpose of subscribing to a newsletter (e.g. your e-mail address), the information is stored on MailChimp servers in the United States.

If you do not want MailChimp to receive your data, you must unsubscribe from the newsletter. We provide a link for you to do this in every newsletter message.

The data is processed based on your consent (Art. 6(1)(a) GDPR). You may revoke any consent you have given at any time by unsubscribing from the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place prior to your revocation.

The data deposited with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter or the newsletter service provider and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored for other purposes with us remain unaffected.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://mailchimp.com/eu-us-data-transfer-statement/ and https://mailchimp.com/legal/data-processing-addendum/#Annex_C_-_Standard_Contractual_Clauses.

After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist, if such action is necessary to prevent future mailings. The data from the blacklist is used only for this purpose and not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6(1)(f) GDPR). The storage in the blacklist is indefinite. You may object to the storage if your interests outweigh our legitimate interest.

For more details, please consult the Data Privacy Policies of MailChimp at: https://mailchimp.com/legal/terms/.

Data processing

The DPA is directly incorporated into Mailchimp’s standard terms of use and therefore does not require a signature. By using Mailchimp or signing up for an account, you agree to these terms. In accordance with Mailchimp's Standard Terms of Use and Data Processing Addendum, each User* agrees to comply with all applicable laws.

Website: https://mailchimp.com/en/legal/data-processing-addendum/

Mailchimp Success Measurement

If you have consented to this, we evaluate your user behavior when sending the newsletter. For this purpose, our newsletter contains tracking pixels and tracking links. This allows us to recognize whether and when you have opened the newsletter and whether and which links you have clicked on in the newsletter.

4.5 Our online presence on social networks

We operate online presences within the social networks listed below. If you visit one of these presences, the data listed in more detail below will be collected and processed by the respective provider. As a rule, this data is collected for advertising and market research purposes and usage profiles are created with it. In the usage profiles, data can be stored regardless of the device you use. This is particularly the case if you are a member of the respective platform and logged in to it. The usage profiles can be used by the providers to play interest-based advertising to you. You have a right of revocation against the creation of user profiles. To exercise this right, you must contact the respective provider.

If you have an account with one of the providers listed below and are logged in there when you visit our website, the respective provider may collect data about your usage behavior on our website. To prevent such linking of your data, you can log out of the provider's service before visiting our site.

For what purpose and to what extent data is collected by the provider, you can see the respective, in the following communicated, privacy statements of the providers.

We would like to point out that, depending on the country of domicile of the provider named below, the data collected via its platform may be transmitted and processed outside the area of the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR will not be complied with and that the enforcement of your rights will not be possible or will be difficult.

Data concerned:

  • Inventory and contact data (e.g. name, address, telephone number, e-mail address).
  • Content data (e.g. posts, photos, videos)
  • Usage data (e.g. access times, web pages clicked on).
  • Communication data (e.g. information about the device used, IP address).

Purpose of processing:

Communication and marketing, tracking and analysis of user behavior

Legal basis:

Consent, Art. 6 p(1)(a) GDPR, legitimate interests Art. 6 (1)(f) GDPR

Opt-out options:

For information on the respective opt-out options, please refer to the information provided by the providers linked below.

We maintain online presences on the following social networks:

Facebook

Service provider: Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA

Headquarters in the EU: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

Website: https://www.facebook.com/

Privacy policy: https://www.facebook.com/about/privacy/

Privacy policy for Facebook pages: https://www.facebook.com/legal

Instagram

Service Provider: Instagram Inc, 1601 Willow Road, Menlo Park CA 94025, USA

Parent company: Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA

Headquarters in the EU: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland

Website: https://www.instagram.com/

Privacy Policy: http://instagram.com/about/legal/privacy

4.6 Content services

Our website might embed videos of the following providers:

Youtube

Service provider: YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA

Website: https://www.youtube.com/

Privacy policy: https://policies.google.com/privacy

Opt-out option: https://tools.google.com/dlpage/gaoptout?hl=de

We embed YouTube videos only in privacy-enhanced mode. According to YouTube, this mode ensures that YouTube does not store any information about visitors to this website before they watch the video. Nevertheless, this does not necessarily mean that the sharing of data with YouTube partners can be ruled out as a result of the expanded data protection mode. For instance, regardless of whether you are watching a video, YouTube will always establish a connection with the Google DoubleClick network.

As soon as you start to play a YouTube video on this website, a connection to YouTube’s servers will be established. As a result, the YouTube server will be notified, which of our pages you have visited. If you are logged into your YouTube account while you visit our site, you enable YouTube to directly allocate your browsing patterns to your personal profile. You have the option to prevent this by logging out of your YouTube account.

Furthermore, after you have started to play a video, YouTube will be able to place various cookies on your device or comparable technologies for recognition (e.g. device fingerprinting). In this way YouTube will be able to obtain information about this website’s visitors. Among other things, this information will be used to generate video statistics with the aim of improving the user friendliness of the site and to prevent attempts to commit fraud.

Under certain circumstances, additional data processing transactions may be triggered after you have started to play a YouTube video, which are beyond our control.

The use of YouTube is based on our interest in presenting our online content in an appealing manner. Pursuant to Art. 6(1)(f) GDPR, this is a legitimate interest. If a corresponding agreement has been requested, the processing takes place exclusively on the basis of Art. 6(1)(a) GDPR; the agreement can be revoked at any time.

For more information on how YouTube handles user data, please consult the YouTube Data Privacy Policy under: https://policies.google.com/privacy?hl=en.

5. Actuality and change of this privacy policy

This privacy policy is currently valid and has the status November 2022. Due to changes in legal or regulatory requirements, it may become necessary to adapt this privacy policy.

This website is currently being updated. We are sorry for any inconvenience the updating process might cause. We will be back with a fully updated version soon!