Privacy Policy
At LE O’ BU, we take the careful handling of our customers’ and visitors’ data seriously. We comply with the provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor is it necessary for entering into a contract. You are not obligated to provide this data, and failure to do so will have no consequences unless otherwise specified in the processing activities detailed below.
“Personal data” refers to any information relating to an identified or identifiable natural person.
Server Log Files
You can visit our website without providing personal information. Each time you access our website, your browser transmits certain usage data to us or our web host/IT service provider, which is stored in log files (so-called server log files). These stored data may include:
• The name of the accessed page
• Date and time of access
• IP address
• Transferred data volume
• Requesting provider
This data processing is carried out in accordance with Article 6(1)(f) GDPR, based on our legitimate interest in ensuring the smooth operation of our website and optimizing our services.
Your data may be transferred to third countries outside the EU, particularly to Canada and the United States.
The European Commission has issued an adequacy decision for Canada. For the United States, data transfers are covered by the Trans-Atlantic Data Privacy Framework (TADPF), which is recognized by the European Commission as providing an adequate level of data protection.
Contact
Feel free to contact us. The controller responsible for data processing is:
Sabrina Zimmermann // LE O’ BU
Tal 44, 80331 Munich, Germany
+49 151 42808439
datenschutz@leobu.com
Initiating Contact by the Customer via Email
If you initiate contact with us via email, we will collect your personal data (name, email address, message content) only to the extent that you provide it. The data processing serves the purpose of handling and responding to your inquiry. If the contact is related to pre-contractual measures (e.g., consultation in case of purchase interest, providing an offer), or concerns an existing contract between you and us, this data processing is carried out based on Article 6(1)(b) GDPR. If the contact is made for other reasons, the data processing is based on Article 6(1)(f) GDPR, which reflects our legitimate interest in processing and responding to your inquiry. In this case, you have the right to object to this data processing at any time, for reasons arising from your particular situation, with respect to the personal data that concerns you, based on Article 6(1)(f) GDPR.
We will only use your email address to process your inquiry. Your data will be deleted afterwards, considering statutory retention periods, unless you have consented to further processing and use.
Collection and Processing When Using the Contact Form
When using the contact form, we collect your personal data (name, email address, message content) only to the extent that you provide it. The data processing serves the purpose of initiating contact. If the contact serves to carry out pre-contractual measures (e.g., consultation in case of purchase interest, providing an offer) or concerns an existing contract between you and us, this data processing is carried out based on Article 6(1)(b) GDPR.
If the contact is made for other reasons, the data processing is based on Article 6(1)(f) GDPR, reflecting our legitimate interest in processing and responding to your inquiry. In this case, you have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data based on Article 6(1)(f) GDPR.
We will use your email address only to process your inquiry. Your data will be deleted afterwards, considering statutory retention periods, unless you have consented to further processing and use.
WhatsApp Business
If you contact us via WhatsApp for business purposes, we use the WhatsApp Business version provided by WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “WhatsApp”). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA). The data processing serves the purpose of handling and responding to your contact request. For this purpose, we collect and process your mobile number registered with WhatsApp, and, if provided, your name and any other data you have made available to us.
We use a mobile device for the service, and the address book of this device only stores data of users who have contacted us via WhatsApp. Personal data will not be shared with WhatsApp unless you have already consented to this via WhatsApp.
Your data will be transmitted by WhatsApp to servers of Meta Platforms Inc. in the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. has certified itself under the TADPF and has committed to complying with European data protection principles. If the contact is related to the execution of pre-contractual measures (e.g., consultation regarding purchase interest, offer creation) or concerns an existing contract between you and us, this data processing is based on Article 6(1)(b) GDPR.
If the contact is for other reasons, the data processing is based on Article 6(1)(f) GDPR, reflecting our legitimate interest in providing a quick and easy means of contact and responding to your inquiry. In this case, you have the right to object to this data processing at any time, for reasons arising from your particular situation, based on Article 6(1)(f) GDPR.
We will use your personal data only to process your inquiry. Your data will be deleted afterward, considering statutory retention periods, unless you have consented to further processing and use.
For more information on the terms of use and privacy when using WhatsApp, please visit:
https://www.whatsapp.com/legal/#terms-of-service und https://www.whatsapp.com/legal/#privacy-policy.
Customer Account Orders
Customer Account
When you open a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying the order processing. The processing is based on Article 6(1)(a) GDPR with your consent. You may withdraw your consent at any time by notifying us, without affecting the lawfulness of the processing that occurred based on the consent until the withdrawal. Your customer account will then be deleted.
Collection, Processing, and Disclosure of Personal Data during Orders
When placing an order, we collect and process your personal data only to the extent necessary to fulfill and process your order as well as to handle your inquiries. Providing the data is required to conclude the contract. If you do not provide the data, no contract can be concluded. The processing is based on Article 6(1)(b) GDPR and is necessary for the performance of a contract with you.
Your data may be transmitted to third countries outside the EU, particularly to Canada and the USA, and processed there. The EU Commission has issued an adequacy decision for Canada. For the USA, there is an adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF).
Advertising
Use of Email Address for Sending Newsletters
We use your email address exclusively for our own advertising purposes to send newsletters, regardless of the contract processing, provided you have explicitly consented to this. The processing is based on Article 6(1)(a) GDPR with your consent. You may withdraw your consent at any time, without affecting the lawfulness of the processing based on the consent until the withdrawal. You can unsubscribe from the newsletter at any time using the corresponding link in the newsletter or by notifying us, free of charge. Your email address will then be removed from the distribution list.
Inventory Management
Use of an External Inventory Management System
We use an inventory management system for contract processing as part of order fulfillment. To do this, your personal data collected during the order process will be transmitted to Shopify, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland.
The processing of your personal data serves the purpose of fulfilling the contract with you and is based on Article 6(1)(b) GDPR.
Payment Service Providers
We process your payment data for payment processing when you place an order via our website. Depending on the payment method you choose, we share this information with third parties (e.g., the credit card provider when paying by credit card). Various payment options are available to you:
Use of PayPal Express
We use the PayPal Express payment service on our website, provided by PayPal (Europe) S.à r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; “PayPal”). The data processing serves the purpose of offering you the ability to pay via the PayPal Express payment service. To integrate this payment service, it is necessary for PayPal to collect, store, and analyze data (e.g., IP address, device type, operating system, browser type, location of your device) when you visit the website. This may also involve the use of cookies. Cookies allow for the recognition of your browser.
The processing of your personal data is based on Article 6(1)(f) GDPR from our legitimate interest in offering a customer-oriented selection of payment methods. You have the right to object to this processing of your personal data for reasons related to your particular situation at any time. By selecting and using PayPal Express, the necessary data for payment processing is transmitted to PayPal to fulfill the contract with you using the chosen payment method. This processing is based on Article 6(1)(b) GDPR. For more information on data processing when using PayPal Express, please refer to the relevant privacy statement available at: https://www.paypal.com/de/legalhub/paypal/privacy-full
Use of PayPal Checkout
We use the PayPal Checkout payment service on our website, provided by PayPal (Europe) S.à r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; “PayPal”). The data processing serves the purpose of offering you the ability to pay via the PayPal Checkout payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal, or “Pay Later” via PayPal, the necessary data for payment processing is transmitted to PayPal to fulfill the contract with you using the chosen payment method. This processing is based on Article 6(1)(b) GDPR.
Cookies may be stored to allow for the recognition of your browser. The data processing that occurs in this regard is based on Article 6(1)(f) GDPR from our legitimate interest in providing a customer-oriented selection of various payment methods. You have the right to object to the processing of your personal data for reasons related to your particular situation at any time.
Credit Card via PayPal, Direct Debit via PayPal & Pay Later via PayPal
For certain payment methods, such as credit card via PayPal, direct debit via PayPal, or “Pay Later” via PayPal, PayPal reserves the right to obtain a credit report based on mathematical and statistical methods using credit agencies. To do this, PayPal transmits the necessary personal data for a credit check to a credit agency and uses the received information about the statistical likelihood of payment default to make an informed decision regarding the initiation, execution, or termination of the contractual relationship. The credit report may include probability values (score values) calculated using scientifically recognized mathematical and statistical methods, in which, among other things, address data is factored into the calculation. Your legitimate interests will be considered in accordance with the legal provisions.
The data processing serves the purpose of conducting a credit check for contract initiation. The processing is based on Article 6(1)(f) GDPR due to our overriding legitimate interest in protecting against payment default when PayPal is advancing the payment. You have the right, for reasons related to your particular situation, to object at any time to this processing of your personal data based on Article 6(1)(f) GDPR by notifying PayPal. The provision of this data is necessary for concluding the contract with the payment method of your choice. If the data is not provided, the contract cannot be concluded using your chosen payment method.
Third-party Providers
When paying via a third-party payment method, the necessary data for payment processing will be transmitted to PayPal. This processing is based on Article 6(1)(b) GDPR. To complete this payment method, PayPal may then transmit the data to the respective provider. This processing is based on Article 6(1)(b) GDPR.
Examples of third-party providers may include:
• Sofort (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany)
• giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main)
Invoice Purchase via PayPal
When paying via the invoice method, the necessary data for payment processing is initially transmitted to PayPal. To complete this payment method, PayPal will then transmit the data to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; “Ratepay”) to fulfill the contract with you using your chosen payment method. This processing is based on Article 6(1)(b) GDPR.
Ratepay may conduct a credit check based on mathematical and statistical methods (probability or score values) using credit agencies as described above. The data processing serves the purpose of conducting a credit check for contract initiation. This processing is based on Article 6(1)(f) GDPR due to our overriding legitimate interest in protecting against payment defaults when Ratepay advances the payment.
Further information on data protection and the credit agencies Ratepay uses can be found at:
https://www.ratepay.com/legal-payment-dataprivacy/ (https://www.ratepay.com/legal-payment-dataprivacy/)
https://www.ratepay.com/legal-payment-creditagencies/ (https://www.ratepay.com/legal-payment-creditagencies/)
More information on data processing when using PayPal can be found in the associated privacy policy at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full (https://www.paypal.com/de/webapps/mpp/ua/privacy-full)
Shopify Payments
When selecting payment via credit card, Shop Pay, Apple Pay, or Google Pay, we use the Shopify Payments service. We also offer payment methods such as Bancontact (for customers in Belgium), eps transfer (for customers in Austria), Ideal (for customers in the Netherlands), and Klarna through Shopify Payments. This service is provided by Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland.
Your payment data / credit card details are collected and processed directly by Shopify Payments and are not stored by us. The transfer of your payment data only occurs to the extent necessary for payment processing. This data processing is required for contract fulfillment (Art. 6(1)(b) GDPR). For more information on data protection, please visit: https://www.shopify.com/de/legal/terms-payments/de
Cookies
Our website uses cookies. Cookies are small text files that are stored in the internet browser or by the internet browser on the user’s computer system. When a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a unique string of characters that allows the identification of the browser when the website is revisited.
Cookies are stored on your computer. Therefore, you have full control over the use of cookies. By selecting the appropriate technical settings in your internet browser, you can be notified before cookies are set, decide individually whether to accept them, and prevent the storage of cookies and the transmission of the data they contain. Already stored cookies can be deleted at any time. However, please note that in such cases, you may not be able to fully utilize all the functions of this website.
You can find information on how to manage (including disable) cookies in the most common browsers through the following links:
• Chrome: https://support.google.com/accounts/answer/61416?hl=en
• Microsoft Edge: https://support.microsoft.com/en-us/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09
• Mozilla Firefox: https://support.mozilla.org/en-US/kb/cookies-allow-and-block
• Safari: https://support.apple.com/en-us/guide/safari/manage-cookies-and-website-data-sfri11471/mac
Technically Necessary Cookies
Unless otherwise specified in this privacy policy, we use only these technically necessary cookies to make our service more user-friendly, effective, and secure. Furthermore, cookies enable our systems to recognize your browser even after a page change, allowing us to offer services. Some functions of our website cannot be provided without cookies. For these, it is necessary that the browser be recognized after a page change.
The use of cookies or similar technologies is based on § 25 (2) TTDSG. The processing of your personal data is based on Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in ensuring the optimal functionality of the website as well as a user-friendly and effective design of our offer. You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data concerning this processing.
Use of Cookiebot
We use the consent management tool Cookiebot by Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark; “Cookiebot” on our website. The tool enables you to grant consent for data processing on the website, especially for setting cookies, and to exercise your right to withdraw consent for previously granted consents. The data processing serves the purpose of obtaining and documenting the necessary consents for data processing and complying with legal obligations. Cookies may be used for this purpose. Among other things, the following information may be collected and transmitted to Cookiebot: anonymized IP address, date and time of consent, URL from which the consent was sent, anonymous, random, encrypted key, and consent status. This data will not be shared with third parties.
The data processing is carried out to fulfill a legal obligation based on Art. 6 (1) lit. c GDPR. For more information on data protection with Cookiebot, please visit: https://www.cookiebot.com/en/privacy-policy/
Use of Google Analytics 4
We use the web analytics service Google Analytics, provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”), on our website. The data processing serves the purpose of analyzing this website and its visitors, as well as for marketing and advertising purposes. Google, on behalf of the website operator, will use the collected information to evaluate your use of the website, compile reports on website activity, and provide other services related to website and internet usage. The following information may be collected: IP address, date and time of page access, click path, browser and device information, visited pages, referrer URL (the website from which you accessed our website), location data, and purchase activity. Google may link your data with other information, such as your search history, personal accounts, usage data from other devices, and any other data Google holds about you.
Your IP address is shortened by Google within member states of the European Union or other contracting states of the Agreement on the European Economic Area before being processed.
Google uses technologies such as cookies, browser storage, and tracking pixels to analyze website usage. The use of cookies or similar technologies is based on your consent in accordance with § 25 (1) sentence 1 TTDSG in conjunction with Art. 6 (1) lit. a GDPR.
The processing of your personal data takes place based on your consent in accordance with Art. 6 (1) lit. a GDPR. You may revoke your consent at any time without affecting the lawfulness of the processing carried out before the revocation.
In this context, we also use Google Signals. Google Signals enables cross-device tracking, meaning your data can be analyzed across different devices if you have enabled “personalized advertising” in your account settings and linked your devices to your Google account. This allows tracking of searches conducted on one device and purchases completed later on another device, such as a tablet.
The cross-device reports generated in this context contain only aggregated data. We receive only statistics created based on Google Signals. To prevent data collection and storage by Google Signals across devices, you can disable the “personalized ads” function in your Google account settings. Further information is available at Google Ads Support (https://support.google.com/ads/answer/2662922?hl=en). More details on data processing and privacy regarding Google Signals can be found at Google Analytics Support (https://support.google.com/analytics/answer/7532985?hl=en).
We use the advanced implementation of the Consent Mode (Advanced Consent Mode). Even if consent is not given, user data is transmitted to Google in the form of “pings.” These pings may include the following information: IP address (used to derive the country, but not logged), date and time of page access, URL of visited pages, user agent, referrer URL (the website from which our website was accessed), and information about triggered website events such as conversions. Based on this information, Google models user data to enable comprehensive usage analysis, even when consent is denied.
The information generated about your use of this website is generally transmitted to and stored on a Google server in the United States. The European Commission has issued an adequacy decision for the U.S., known as the Trans-Atlantic Data Privacy Framework (TADPF). Google is certified under the TADPF and has committed to complying with European data protection principles. Both Google and U.S. government agencies may have access to your dat
a. Further information on terms of use and privacy can be found at Google Partner Sites (https://policies.google.com/technologies/partner-sites) and Google Privacy Policy (https://policies.google.com/privacy?hl=en&gl=en).
Use of Shopify Statistics
We use the statistical and analytical functions provided by Shopify International Limited (2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; “Shopify”) as part of a data processing agreement. Shopify is affiliated with Shopify Inc. (151 O’Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada). The data processing serves the purpose of analyzing this website and its visitors. Data is stored for marketing and optimization purposes and is used to generate reports, analyses, and statistics.
The following device information is collected and processed: details about the web browser, IP address, time zone, and certain cookies installed on your device. Additionally, as you navigate through the website, information about visited pages or products, the referrer URL (the website from which you accessed our website), and how you interact with the website is recorded. Technologies such as cookies, web beacons, tags, and pixels (electronic files used to track website navigation) are utilized for this purpose.
The use of cookies or similar technologies is based on your consent in accordance with § 25 (1) sentence 1 TTDSG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data takes place based on your consent under Art. 6 (1) lit. a GDPR. You may withdraw your consent at any time without affecting the lawfulness of the processing carried out before the withdrawal.
For more information on Shopify’s privacy policy, please visit:
• Privacy Policy: https://www.shopify.com/legal/privacy (https://www.shopify.com/legal/privacy)
• Data Processing Agreement: https://www.shopify.com/legal/dpa (https://www.shopify.com/legal/dpa)
• Cookie Policy: https://www.shopify.com/legal/cookies (https://www.shopify.com/legal/cookies)
Use of the Meta Pixel
We use the Meta Pixel provided by Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “Meta”) on our website. Meta and we are joint controllers for the collection of your data and its transmission to Meta when using this service. This is based on an agreement on the joint processing of personal data between us and Meta, which defines the respective responsibilities. The agreement can be accessed at: https://de-de.facebook.com/legal/terms/businesstools (https://de-de.facebook.com/legal/terms/businesstools).
Under this agreement:
• We are responsible for fulfilling the information obligations pursuant to Articles 13 and 14 GDPR, for complying with security requirements under Article 32 GDPR regarding the proper technical implementation and configuration of the service, and for meeting obligations under Articles 33 and 34 GDPR if a data breach affects our responsibilities under the joint processing agreement.
• Meta is responsible for enabling data subject rights under Articles 15–20 GDPR, ensuring the security of the service in accordance with Article 32 GDPR, and meeting obligations under Articles 33 and 34 GDPR if a data breach falls under Meta’s responsibilities in the agreement.
Purpose of Use
The Meta Pixel enables us to target visitors of our website with interest-based advertising on Facebook and Instagram. For this purpose, a remarketing tag from Meta has been implemented on our website. When you visit our website, a direct connection is established with Meta’s servers, and information about the pages you visited is transmitted to Meta. This information is linked to your personal Facebook and/or Instagram account, ensuring that when you visit Facebook or Instagram, you receive personalized, interest-based ads.
Additionally, the Meta Pixel helps us generate conversion statistics. This allows us to measure how many users clicked on our ads and were redirected to a conversion-tracking page, as well as what actions they took on our website after being redirected. However, we do not receive any information that personally identifies users.
Data Transfers & Legal Basis
Your data may be transferred to the United States. The EU Commission has issued an adequacy decision for the Trans-Atlantic Data Privacy Framework (TADPF). Meta is TADPF-certified and has committed to complying with European data protection principles.
The processing of your personal data is based on your consent in accordance with Article 6 (1) lit. a GDPR. You may withdraw your consent at any time without affecting the lawfulness of processing conducted before the withdrawal.
You can disable the “Custom Audiences” remarketing function here (#).
For more details on how Meta collects and uses your data, your rights, and privacy settings, please refer to Met
a’s privacy policy: https://www.facebook.com/about/privacy/ (https://www.facebook.com/about/privacy/)
Use of Google Ads Conversion Tracking
We use the online advertising program Google Ads on our website, including conversion tracking (visitor action analysis). Google Conversion Tracking is an analytics service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”).
When you click on a Google advertisement, a conversion tracking cookie is stored on your device. These cookies have a limited validity, do not contain personal data, and do not serve to personally identify users. If you visit specific pages on our website before the cookie expires, Google and we can recognize that you clicked on the ad and were redirected to our website.
Each Google Ads customer receives a unique cookie, meaning that cookies cannot be tracked across different Ads customers’ websites. The conversion cookie information is used to generate conversion statistics. This helps us determine the total number of users who clicked on our ads and were redirected to a page tagged for conversion tracking. However, we do not receive any information that personally identifies users.
Data Transfers & Legal Basis
Your data may be transferred to Google LLC servers in the United States. The EU Commission has issued an adequacy decision under the Trans-Atlantic Data Privacy Framework (TADPF). Google is TADPF-certified and has committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent in accordance with § 25 (1) sentence 1 TTDSG in conjunction with Article 6 (1) lit. a GDPR. The processing of your personal data is also based on your consent under Article 6 (1) lit. a GDPR.
You may withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
For more information and Google’s privacy policy, please visit:
https://www.google.de/policies/privacy/ (https://www.google.de/policies/privacy/)
Use of Google Tag Manager
We use Google Tag Manager, a service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”), on our website. This tool is used to manage JavaScript and HTML tags, which are primarily implemented for tracking and analytics tools.
The purpose of data processing is to tailor and optimize our website according to user needs. Google Tag Manager itself does not store cookies nor does it process personal data. However, it enables the activation of other tags that may collect and process personal data.
For more information about the terms of use and data privacy, please visit:
Google Tag Manager Policies (https://support.google.com/tagmanager/answer/9323295?hl=en)
Use of Pinterest Tag
We use the Pinterest Tag, a service provided by Pinterest Europe Limited (Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland; “Pinterest”), on our website. This tool allows us to target visitors with interest-based advertising on the Pinterest social network.
To achieve this, we have implemented the Pinterest Conversion Tag on our website. When a user visits our site, a direct connection to Pinterest’s servers is established. This allows Pinterest to track which pages on our website you visit and link this information to your personal Pinterest account, provided you are logged into the social network. When you visit Pinterest, you will be shown personalized, interest-based Pinterest Ads.
If you access our website via a Pinterest Pin, a conversion-tracking cookie is placed on your device. These cookies have limited validity, do not contain personal data, and do not allow for personal identification. If you visit specific pages on our website before the cookie expires, both Pinterest and we can recognize that you clicked on the Pin and were redirected to our website.
Data Collected for Conversion Tracking
The data collected using the conversion cookie is used to generate conversion statistics and to optimize our website. This may include:
• The total number of users who clicked on a Pin and were redirected to our website
• Subpages visited on our website (e.g., category or product pages)
• Search queries performed on our website
• Shopping cart contents
• Completed transactions
Data Transfers & Legal Basis
Your data may be transferred to the United States. The EU Commission has issued an adequacy decision under the Trans-Atlantic Data Privacy Framework (TADPF). However, Pinterest is not TADPF-certified. Data transfers are therefore based on Standard Contractual Clauses (SCCs), which serve as appropriate safeguards for personal data protection. The SCCs can be reviewed here:
EU Standard Contractual Clauses (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de)
The use of cookies or similar technologies is based on your consent in accordance with § 25 (1) sentence 1 TTDSG in conjunction with Article 6 (1) lit. a GDPR. The processing of your personal data is also based on your consent under Article 6 (1) lit. a GDPR.
You may withdraw your consent at any time, without affecting the lawfulness of processing based on consent befor
e its withdrawal.
For more information on data collection and usage by Pinterest, as well as your rights and privacy protection options, please visit: https://policy.pinterest.com/en/privacy-policy (https://policy.pinterest.com/en/privacy-policy)
Plug-ins and Other Services
Use of the “Instafeed” App by Mintt Studio
We would like to inform you about the use of social plug-ins and the Instafeed app by Mintt Studio (Rua Parque da República, 116, Vila Nova de Gaia - 4430-163, Portugal), which is integrated into our website.
The Instafeed app allows us to display our Instagram posts (in the form of images) in our feed. Clicking on an image will open our Instagram page, which is operated by Instagram LLC (1601 Willow Road, Menlo Park, CA 94025, USA).
When social plug-ins are integrated, a connection is established between your device and the servers of the respective social network providers. The plug-in is displayed on the page only after your explicit consent. We use the so-called “two-click solution”, which means that no personal data is transmitted to social networks simply by visiting our website.
Only when you activate the plug-in (thus granting consent under Article 6 (1) lit. a GDPR), does your browser establish a direct connection to the provider’s servers. Regardless of whether you are logged into a user account, certain information about your device (such as your IP address), your browser, and your browsing history may be transmitted to the provider and potentially processed further.
We do not have control over the data collected, nor are we fully aware of the scope of data collection, processing purposes, or storage durations. Additionally, we do not have information about the deletion of collected data by Instagram. However, the Instafeed app by Mintt Studio, which enables the integration, does not store any data from visitors to our website.
The use of cookies or similar technologies is based on your consent in accordance with § 25 (1) sentence 1 TTDSG in conjunction with Article 6 (1) lit. a GDPR. The processing of your personal data also occurs with your consent under Article 6 (1) lit. a GDPR.
You may withdraw your consent at any time, without affecting the lawfulness of processing carried out before withdrawal.
The following social network is integrated into our website via a social plug-in. For more details on data collection, usage, and privacy rights, please refer to the linked privacy policies of the provider:
Instagram (Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland)
https://help.instagram.com/155833707900388 (https://help.instagram.com/155833707900388)
Your data may be transferred to the United States. The EU Commission has issued an adequacy decision under the Trans-Atlantic Data Privacy Framework (TADPF). Meta is TADPF-certified and is therefore obligated to comply with European data protection principles.
Use of Google reCAPTCHA
We use Google reCAPTCHA, a service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”), on our website. This tool is used to distinguish between human input and automated, machine-generated processing.
To achieve this, your input is transmitted to Google, where it is further processed. Additionally, your IP address and other data required by Google for the reCAPTCHA service may be transmitted to Google. These data are processed within the European Union and may also be transferred to Google LLC servers in the USA.
The EU Commission has issued an adequacy decision for the USA under the Trans-Atlantic Data Privacy Framework (TADPF). Google is TADPF-certified and is therefore obligated to comply with European data protection principles.
The use of cookies or similar technologies is based on your consent in accordance with § 25 (1) sentence 1 TTDSG in conjunction with Article 6 (1) lit. a GDPR. The processing of your personal data also occurs with your consent under Article 6 (1) lit. a GDPR.
You may withdraw your consent at any time, without affecting the lawfulness of processing carried out before withdrawal.
For more details on Google reCAPTCHA and Google’s privacy policy, please visit:
• https://www.google.com/recaptcha/about/(https://www.google.com/recaptcha/about/)
• https://www.google.com/privacy (https://www.google.com/privacy)
Use of Google Fonts
We use Google Fonts, a service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”), on our website. This service ensures a uniform display of fonts across our website.
To load the fonts, a connection is established to Google’s servers when you access our website. Cookies may be used in this process. During this connection, data such as your IP address and information about your browser may be processed and transmitted to Google. However, these data are not linked to your Google account.
Your data may be transferred to the United States. The EU Commission has issued an adequacy decision under the Trans-Atlantic Data Privacy Framework (TADPF). Google is TADPF-certified and is therefore obligated to comply with European data protection principles.
The use of cookies or similar technologies is based on your consent in accordance with § 25 (1) sentence 1 TTDSG in conjunction with Article 6 (1) lit. a GDPR. The processing of your personal data also occurs with your consent under Article 6 (1) lit. a GDPR.
You may withdraw your consent at any time, without affecting the lawfulness of processing carried out before withdrawal.
For more details on data pro
cessing and privacy, please visit:
• https://www.google.de/intl/en/policies/
• https://developers.google.com/fonts/faq
Data Subject Rights and Data Retention