Data protection statement of FALKE KGaA

We are legally obliged to inform you about the processing of your personal data (hereafter ‘data’) when using our website. We take your personal data protection very seriously. This data protection information provides you with details about the processing of your data and about your legal rights in connection to this. The legal definitions in art. 4 GDPR are decisive for terms such as ‘personal data’ or ‘processing’. We reserve the right to adapt the data protection declaration with future effect, in particular in the event of website development, the use of technology or other changes to the legal basis or according to the jurisdiction. We recommend that you read the data privacy policy from time to time and keep a print out or copy with your documents.

Scope

The data privacy policy applies to all pages on https://www.falke.com/en_en/. It does not extend to any linked websites or internet presence of other providers.

Responsible providers

The body responsible for processing your personal data in the scope of this data privacy policy is:

FALKE KGaA

Oststr. 5

57392 Schmallenberg

Tel.: 0800 – 22 099 022

E-mail: online@FALKE.com

Questions about data protection

If you have any questions about data protection in regard to our company or our website, please contact our data protection officer:

SPIRIT LEGAL Fuhrmann Hense Partnerschaft von Rechtsanwälten

Rechtsanwalt und Datenschutzbeauftragter (Lawyers and Data Protection Officers)

Peter Hense

Postal address:

Data protection officer

c/o FALKE KGaA

Oststr. 5

57392 Schmallenberg

E-mail: datenschutz@FALKE.com

Contact via the encoded online form:

Contact the data protection officer

You have the following rights which you may enforce with us in regard to the personal data which concerns you:

·        Right to information: You can request information according to the stipulations in art. 15 GDPR regarding your personal data which we process.

·        Right to amendment: Should the information which pertains to you no (longer) be applicable, you can request an amendment according to art. 16 GDPR. If your data is incomplete you may request its completion.

·        Right to deletion: You can request the deletion of your personal data according to the stipulations from art. 17 GDPR.

·        Right to processing restriction: You have the right to request the restriction of your personal data according to the stipulations of art. 18 GDPR.

·        Right to object to processing:   You have the right to submit an objection to the processing of your personal data at any time for reasons resulting from your personal situation which result from art. 6 para. 1 p. 1 lit. e) or lit. f) GDPR, according to art. 21 para. 1 GDPR. In this event, we will not continue to process your data, unless we can prove compelling legitimate reasons for the processing which predominate your interests, rights and freedoms and in addition, if the processing serves for the enforcement and exercising of or defence against legal claims (art. 21 para. 1 GDPR). Moreover, according to art. 21 para. 2 GDPR, you also have the right to submit an objection at any time against the processing of personal data which concerns you for the purpose of direct advertising; this also applies for any profiling, insofar as this is in connection with such direct advertising. We will notify you of the right to object in this data privacy policy in connection with the respective processing.

·        Right to revocation of your consent: If you have issued your consent for processing, you have a revocation right according to art. 7 para. 3 GDPR.

·        Right to data portability: You have the right to receive the personal data pertaining to you which you have provided us with in a structured, accessible and machine-readable format (‘Data portability’) as well as the right to transfer this data to another responsible party if the prerequisite according to art. 20 para. 1 lit. a,b GDPR is present (art. 20 GDPR).

You can enforce your right by sending notification to the contact data stated in the section ‘Responsible providers’ or to our designated data protection officer.

 If you are of the opinion that the processing of your personal data violates data protection law, you have the right to complain to a data protection authority of your choice according to art. 77 GDPR.. This also includes the relevant data protection authority for responsible parties: Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, PO box 200444, 40102 Düsseldorf, 0211/38424-0, poststelle@ldi.nrw.de.

You can use our website for purely informational purposes without disclosing your identity. When visiting individual website pages in this sense, access data is only provided to our webspace provider in order for us to display our website to you. The following data is processed in connection with this:

·        Browser type / browser version,

·        Operating system used,

·        Browser software language and version,

·        Time and data of access,

·        Host name of the accessing end device,

·        IP address,

·        Request contents (actual website),

·        Access status/HTTP status code,

·        Websites which can be visited from our website,

·        Referrer URL (of the website previously visited),

·        Report as to whether the call-up was successful and

·        Amount of data transferred.

It is necessary to temporarily process this data in order to technically enable the website visit and the provision of the website to your end device. The access data is not used to identify individual users and is not compiled with other data sources. There is further storage of protocol files (log files) in order to guarantee the functionality of the website and the security of IT systems. The legal basis for this processing is art. 6 para. 1 p. 1 lit. f) GDPR. Our authorised interests lie in the assurance of the functionality of the website and the integrity of the website security. Storing access data in log files, in particular the IP address, for a long period of time enables us to be able to recognise and defend against misuse. This includes protecting the service against excessive queries or any bot usage. The access data is deleted as soon as it is no longer required in order to achieve the purpose of its processing. Data is recorded for provision on the website if you end your visit to the website. The protocol data is generally stored with direct and sole access for administrators and deleted after seven days. Afterwards it is only available indirectly via the reconstruction of security tapes (backups) and is finally deleted after a maximum of four weeks.

You may submit an objection against the processing. Your right to object consists of reasons which result from your specific situation. You can send us your objection via the contact data stated in the section ‘Responsible providers’.

In addition to the previously mentioned access data, when you use the website, cookies are saved in the internet browser of the end device you use. This concerns small text files with a sequence of numbers which are stored locally in the cache of the utilised browser. Cookies are not a component of the PC system and cannot execute programs. Their purpose is to make our website more user-friendly. The use of cookies may be technically necessary or they may be used for other purposes (for example, analysis / evaluation of website usage).

Technically necessary cookies

Some elements of our internet site require that the call-up browser can also be identified after changing sites. The following data is processed in cookies to this end:

• Language settings,
• Items in the shopping basket and
• Log-in information.

The user data collected by technically necessary cookies is not processed to create user profiles. We also use what are referred to as ‘session cookies’, which store a session ID with which different queries from your browser can be assigned to the same session. ‘Session cookies’ are necessary in order to use the website. In particular, we can recognise the end device again if you return to the website. We use this cookie in order to recognise you again during subsequent visits to the website if you have an account with us; otherwise you have to log-in again during every visit. The legal basis for this processing is art. 6 para. 1 p. 1 lit. f)GDPR. Our authorised interests in the processing lie in providing the specific functionality of the website mentioned, thereby making the website more attractive and effective to use. The ‘session cookies’ are deleted as soon as you log out or, depending on which browser you use and which browser settings you have made, if you close your browser.

You may submit an objection against the processing. Your right to object consists of reasons which result from your specific situation. You can object to the processing of cookies by changing the settings in your internet browser, by deactivating or restricting cookies. Cookies which are already stored in the browser settings can be deleted at any time. You can prevent the use of cookies by opening the browser in ‘private mode’.

Functional cookies

We also use cookies on the website in order to provide certain website functionalities. For example, the following data is stored and processed in the cookies:

• The search term entered,
• Frequency of site visits,
• Error-free use of core website functions.

The legal basis for this processing is Art. 6 Para. 1 P. 1 lit. f) GDPR. Our legitimate interests lie in the provision of key website functionalities and in the efficient design of our website. The functional cookies are automatically deleted after a prescribed period of time, which can differ depending on the cookie. As far as we integrate third-party cookies into our web offer, we will point this out separately in the following.

You may submit an objection against the processing. Your right to object consists of reasons which result from your specific situation. You can object to the processing of cookies by changing the settings in your internet browser, by deactivating or restricting cookies. Cookies which are already stored in the browser settings can be deleted at any time. You can prevent the use of cookies by opening the browser in ‘private mode’.

When contacting our company, for example by e-mail or using the contact form on the website, we process the personal data you provide us with in order to answer your query. It is mandatory to enter your name or a pseudonym and a valid e-mail address in order to process requests via the contact form on the website. Furthermore, when you send a message to us, your IP address and the date and time of the registration are also processed. The legal basis for this processing is art. 6 para. 1 p. 1 lit. f) GDPR and art. 6 para. 1 p. 1 lit. b) GDPR, if you are making contact with the intention of concluding a contract. Insofar as the intention of the query is to conclude a contract, your data is required and mandatory for the conclusion of a contract. If you do not provide this data it is not possible to conclude or execute a contract via a contact request or to process the request. The personal data from the entry form is only processed for the contact request. In the even of contact via e-mail, the required authorised interests in the processing of the data are also based on this. Other data processed during the delivery process is used in order to prevent the misuse of the contact form and to ensure the safety of our IT systems. There is no respective dissemination of data to a third party in connection with this. We delete the data in connection with this after processing is no longer required - generally two years after the end of communication - or we restrict the processing, if necessary, in order to comply with the existing mandatory legal retention obligations.

You may submit an objection against the processing. Your right to object consists of reasons which result from your specific situation. You can send us your objection via the contact data stated in the section ‘Responsible providers’.

We process your personal data if and insofar as it is required for the initiation, justification, implementation and/or termination of legal business with our company. The legal basis for this results from art. 6 para. 1 p. 1 lit. b) GDPR. The provision of your data is required in order to conclude a contract and you are contractually obliged to make your data available. If you do not provide your data it is not possible to conclude and/or implement a contract. After the purpose has been achieved (i.e. contract processing), your personal data is blocked or deleted from further processing, insofar as we are not authorised to continue processing your data based on consent issued by you (i.e. consent in processing the e-mail address to send electronic advertising mail), a contractual agreement, a legal authorisation (i.e. authorisation to send direct advertising) or due to authorised interests (i.e. retention for the implementation of claims).

 

·        Your personal data is transmitted to third parties insofar as it is required for the justification, implementation or termination of legal business with our company (i.e. when transmitting data to a payment service provider / dispatch company to process a contract with you), (art. 6 para. 1 p. 1 lit. b) GDPR), or

·        if a sub-contractor or agent who we have deployed solely in the context of the provision of the offer or service requested by you requires this data (such agents are, provided nothing else has been expressly notified, only authorised to process the data insofar as this is necessary for the provision of the offer or services), or

·        there is an enforceable official order (art. 6 para. 1 p. 1 lit. c) GDPR), or

·        there is an enforceable legal order (art. 6 para. 1 p. 1 lit. c) GDPR), or

·        we are legally obliged to this (art. 6 para. 1 p. 1 lit. c) GDPR), or

·        processing is necessary in order to protect vital interests of the affected person or another natural person (art. 6 para. 1 p. 1 lit. d) GDPR), or

·        it is required for the realisation of a task which is in the public interests or occurs in the execution of official authority (art. 6 para. 1 p. 1 lit. e) GDPR), or

·        we can appoint ourselves for our predominantly authorised interests or that of a third party for transmission (art. 6 para. 1 p. 1 lit. f) GDPR).

There is no transmission of your personal data to another person, company or office beyond this, unless you have effectively consented to such a transmission. The legal basis for this processing is art. 6 para. 1 p. 1 lit. a) GDPR. We draw your attention in the scope of this data protection information to the respective recipient in regard to the respective procedures. 

If you have created an account and would like to use our website you must register with the following information:

·        First name and surname,

·        User name,

·        E-mail address and

·        a user-defined password.

There is no naming protocol, you are free to choose a pseudonym. Furthermore, at the time you register, your IP address and the date and time of the registration are also processed. We use the double opt-in process for registration. After you have transmitted the required data for registration, you will receive an e-mail with an activation link. You must click and successfully activate the link in order to create the access to your customer account and successfully complete the registration. When you log in later, you must enter the access data (user name and password) selected when you first registered. If you do not confirm the transmitted link within 24 hours we will block the data you have transmitted to us and automatically delete this after one month at the latest. Furthermore, your data is deleted as soon as it is no longer required in order to achieve the purpose of its processing. This is the case for the data collected during the registration process if the registration was cancelled or changed on the website.

The following functions are available in the log-in area:

·        Edit your profile data,

·        View orders/bookings,

·        Manage, change or terminate your newsletter subscription.

If you use the login area of the website, for example in order to edit your profile data or view your orders and bookings, we also process your personal data which is required to initiate and complete the contract, in particular address data and payment method details. The legal basis for this processing is art. 6para. 1 p. 1 lit. b) GDPR. It is necessary and mandatory to provide your data for the conclusion and implementation of the contract. If you do not provide your data you can neither register nor use the login area, i.e. it is not possible to conclude and/or implement a contract. The data is deleted as soon as it is no longer required in order to achieve the purpose of its processing or, if there are legal retention obligations, the processing is restricted. Due to mandatory commercial and fiscal legal regulations, we are obligated to store your address, payment and order data for a period of up to ten years. We undertake a restriction of the processing two years after the end of the contract and reduce the processing in compliance with the existing legal obligations.

You may submit an objection against the processing. Your right to object consists of reasons which result from your specific situation. You can send us your objection via the contact data stated in the section ‘Responsible providers’.

If you would like to take part in a competition you must enter the following data in the entry form:

·        First and surname,

·        Address and

·        E-mail address.

We process your data in the scope of competitions solely for the purpose of designing, implementing and processing the competition. The legal basis for this processing is art. 6 para. 1 p. 1 lit. b) GDPR. This processing is required and mandatory for the conclusion of the contract. In the event that this data is not provided, it is not possible to take part in or carry out a competition. Your data is not transferred to third parties. If it is necessary to send prizes, we will forward your particular data to a delivery service provider. We delete the data obtained in connection with this after it is no longer required for processing - generally after the competition prized draw - or restrict the processing if there are legal retention obligations.

We are also participants in the ‘sovendus’ partner programme (the provider is Sovendus GmbH, Moltkestr. 11, 76133 Karlsruhe, Web: https://www.sovendus.com/de/; hereafter: ‘sovendus’). After completing the order process, a thank you banner will appear, click the banner and you will be taken to a voucher selection page where you can select a voucher from various partner shops. We transfer the hash value of your e-mail address and IP address to ‘sovendus’ in a pseudonymised and encoded form for the selection of an individual voucher offer. For invoicing purposes we also transmit a pseudonymised order number, order value with currency, session ID, coupon code and time stamp. By clicking the voucher banner displayed, your title, name, PO box and e-mail address are also transmitted to ‘sovendus’ in an encoded form in order to prepare your voucher. The legal basis is art. 6 para. 1 p. 1 lit. f) GDPR. With this programme, we follow an authorised interest to show you vouchers which are of interest to you and make our website more attractive for users. The data is stored by Sovendus for 3 months. You can find out more information about the retention period at ‘sovendus’ in the privacy policy at https://www.sovendus.com/en/privacy_policy/.

You may submit an objection against the processing. Your right to object consists of reasons which result from your specific situation. You can send us your objection via the contact data stated in the section ‘Responsible providers’.

We are delighted that you are interested in our company and would like to apply or have already applied for a position with us. We therefore provide the following information regarding the processing of your personal data in conjunction with the application on our website.

Our website offers the ability to call up information regarding vacant positions within our company and to apply for a position within our company via email or using our online form. Your personal data will be processed within the scope of the application process, for the purposes of the execution of the application process and in order to reach a decision regarding the commencement of an employment relationship.

We hereby process the following personal data, which is necessary and mandatory for the application process:

• Personal master data (e.g. title, first and last name, name affixes, gender, nationality, marital status and, if applicable, pay category)
• Contact details (e.g. private address, email address, (mobile) telephone number)
• Qualification details (e.g. career history, professional activities, performance reviews, references, certifications, qualifications, advanced and further training),
• Information regarding your education (e.g. your school or educational institution, your main subject, your key field or specialisation, your final qualification, your grades and your date of graduation),
• The application photo, if applicable,
• If applicable, special data categories as defined in Art. 9 Para. 1 GDPR (e.g. trade union membership, biometric data, health data (e.g. degree of disability) and
• Further details that you have submitted to us in conjunction with your application.

The legal basis for the processing of your personal data within the context of the application process, for the purpose of general communication and, in particular, to respond to any queries, for the purpose of checking references and in order to assess suitability for the vacant position, is Art. 88 Para. 1, 6 Para. 1 lit. b) GDPR in conjunction with § 26 Para. 1 BDSG. The processing of your data is necessary and mandatory in order to prepare for and execute the application process. If you do not provide the respective information, we may not be able to process your application, or it may only be possible to an insufficient extent.

For the processing of special categories of personal data, pursuant to Art. 9 Para. 1 GDPR, the following purposes and legal bases apply:

• For the purpose of the exercise of rights or for the fulfilment of legal obligations pursuant to employment law, we process your personal data, provided that there is no reason to assume that your legitimate interest in the exclusion of the data processing should take precedence. The legal basis for the processing of this data is Art. 9 Para. 2 lit. b) GDPR in conjunction with § 26 Para. 3 P. 1 BDSG.
• For the purpose of the assessment of your physical fitness for work, we process your health data, subject to employment resulting from the application process. The legal basis for the processing of this data is Art. 9 Para. 2 lit. h) GDPR in conjunction with § 22 Para. 1 No. 1 lit. b) BDSG.

For the purpose of the fulfilment of a legal obligation or for the fulfilment of requirements imposed by governments or authorities, we process your personal data provided that this is necessary for the stated purposes. The legal basis for the processing of your data is Art. 6 Para. 1 lit. c) GDPR in conjunction with the respective legal obligation pursuant to EU or national law. If, on a case-by-case basis, special categories of data should also be affected, we shall only process these subject to the fulfilment of one of the conditions of Art. 9 Para. 2 GDPR, if applicable in conjunction with an explicit provision under EU or national law.

Should your data be required following the completion of the application process, if applicable in order to pursue legal claims or for the purposes of defence in legal disputes, processing may take place in order to safeguard legitimate interested in accordance with Art. 6 Para. 1 P. 1 lit. f) GDPR. A legitimate interest then exists in the assertion or defence against claims. In the event that health data should be processed, the legal basis is Art. 9 Para. 2 lit. f) GDPR.

You can object to the described processing provided you have justified reason arising from your unique situation. You can exercise your right of objection be sending notification to us using the contact details provided under "responsible authority".

Your applicant information will be inspected by the HR Department following receipt of your application. Suitable application will then be forwarded internally to the heads of department responsible for the respective vacant position within the company, who will reach agreement regarding how to proceed. As a rule, only persons within the company who require it for the proper processing of our application procedure will have access to your data.

As a general rule, we store your personal data for the duration of the application process and in the case of a rejection we delete it within a period of no more than six months. Should an employment relationship be initiated during the course of the online application process, we will transfer your applicant information to our HR administration system and store your personal data for the duration of the employment relationship, in accordance with the legally-required storage periods.

In the course of the application via our website you may also use the data you have saved with ‘LinkedIn’ (LinkedIn Corporation, 2029 Stierlin Court, Mountain View CA 94043) or ‘Xing’ (XING SE, Dammtorstraße 29-32, 20354 Hamburg, Germany, e-mail: info@xing.com). If you select this function, ‘LinkedIn’ or ‘Xing’ receive the information which you are accessing on ‘LinkedIn’ or ‘Xing’ from our website. In addition, your data stored with ‘LinkedIn’ or ‘Xing’ (such as names, photos, profile slogans and your current position as well as the e-mail address you have linked to ‘LinkedIn’) is transferred to us. The data transfer to us from ‘LinkedIn’ or ‘Xing’ occurs on the basis of your consent in the course of the transfer and therefore on the legal basis from art. 6 para. 1 p.1 lit. a) GDPR. The transfer of your IP address to ‘LinkedIn’ or ‘Xing’ occurs on the basis of art. 6 para. 1 p. 1 lit. f) GDPR. The purpose of this processing is to enable the inclusion of ‘LinkedIn’ and ‘Xing’ on our website. Our authorised interests in the processing lie in the improvement of our service offer as well as a more attractive and user-friendly design for our web presence. ‘LinkedIn’ also processes data outside the European Union, however, it is subject to the EU-US Privacy Shield and therefore obliged to comply with the European data protection standards (https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active). Xing stores your data for a period of 90 days. You can find more information about data protection and storage periods with ‘LinkedIn’ and ‘Xing’ at https://www.linkedin.com/legal/privacy-policyand https://privacy.xing.com/en/privacy-policy.

You can revoke your consent to the processing of your data on ‘LinkedIn’ and ‘Xing’ at any time by sending us a message (cf. the contact data in the section ‘Responsible providers’). The revocation does not affect the legality of processing based on consent given up to revocation. In addition, you are entitled to the right to object to the processing of your additional data, provided the processing is founded on the legal basis according to art. 6 para. 1 p. 1 lit. f) GDPR. Your right to object consists of reasons which result from your specific situation. You can send us your objection via the contact data stated in the section ‘Responsible providers’.ge: https://www.hotjar.com/opt-out

PayPal

We offer you the option of payment via ‘PayPal’ on our website. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereafter: ‘PayPal’). If you select payment via ‘PayPal’, the payment data you enter is transmitted to ‘PayPal’ in order to process the payment. Your data is processed by ‘PayPal’ on the basis of art. 6 para. 1 p. 1 lit. b) GDPR. It is necessary and mandatory to provide your payment data for the conclusion and implementation of the contract. It is not possible to conclude and/or implement the contract using the ‘PayPal’ payment method without the provision of your payment data. The data required in order to process the payment is transmitted securely via ‘SSL’ and only processed to make the payment. We delete the data obtained in connection with this when its retention is no longer required, or restrict the processing if there are legal retention obligations. Due to mandatory commercial and fiscal legal regulations, we are obligated to store your address, payment and order data for a period of up to ten years. We undertake a restriction of the processing two years after the end of the contract and reduce the processing in compliance with the existing legal obligations. You can find further information regarding data protection and the storage period with ‘PayPal’ at https://www.paypal.com/uk/webapps/mpp/ua/privacy-full.

Credit card payment

We transmit the necessary data to the credit institute or, if necessary to the payment and invoicing service provider commissioned by us in order to process the payment by credit card. Processing is carried out on the basis of art. 6 para. 1 p. 1 lit. b) GDPR. It is necessary and mandatory to provide your payment data for the conclusion and implementation of the contract. It is not possible to conclude and/or implement the contract using a credit card payment without the provision of your payment data. The data required in order to process the payment is transmitted securely via ‘SSL’ and only processed in order to make the payment. We delete the data obtained in connection with this when its retention is no longer required, or restrict the processing if there are legal retention obligations. Due to mandatory commercial and fiscal legal regulations, we are obligated to store your address, payment and order data for a period of up to ten years. We undertake a restriction of the processing two years after the end of the contract and reduce the processing in compliance with the existing legal obligations.

Purchase on account

In the event of ‘purchase on account’ we reserve the right to transmit your data which you provide to us when making the order to an external company, for the purpose of carrying our a credit check (for example, Verband der Vereine Creditreform e.V., Hellersbergstraße 12, D-41460 Neuss). The legal basis for this processing is art. 6 para. 1 p. 1 lit. f) GDPR. Our authorised interests lie in fraud prevention and the avoidance of default risks because we make the payment in advance for ‘purchase on account’.

We process the data transferred to us by your credit institute in the scope of the payment process for ‘purchase on account’ for credit check purposes. The legal basis for this processing is art. 6 para. 1 p. 1 lit. b) GDPR. It is necessary and mandatory to provide your payment data for the conclusion and implementation of the contract. It is not possible to conclude and/or implement the contract using a ‘purchase on account’ without the provision of your payment data. We delete the data obtained in connection with this when its retention is no longer required, or restrict the processing if there are legal retention obligations. Due to mandatory commercial and fiscal legal regulations, we are obligated to store your address, payment and order data for a period of up to ten years. We undertake a restriction of the processing two years after the end of the contract and reduce the processing in compliance with the existing legal obligations.

You can submit an objection against the processing as well as processing on the legal basis from art. 6 para. 1 p. 1 lit. f) GDPR. Your right to object consists of reasons which result from your specific situation. You can send us your objection via the contact data stated in the section ‘Responsible providers’.

SOFORT by Klarna

If you select the ‘SOFORT’ payment method when making your booking, we will forward the data you share for the purposes of processing the payment to Sofort GmbH (Theresienhöhe 12, 80339 Munich, Germany; hereafter ‘SOFORT’). ‘SOFORT’ is a direct transfer process which already fills out a transfer during the order process and can be made in real-time. To this end, you will be forwarded to the website of the ‘SOFORT’ payment provider. The legal basis for this processing is art. 6 para. 1 p. 1 lit. b) GDPR. It is necessary and mandatory to provide your payment data for the conclusion and implementation of the contract. It is not possible to conclude and/or implement the contract using the ‘SOFORT’ payment method without the provision of your payment data. The data required in order to process the payment is transmitted securely via ‘SSL’ and only processed in order to make the payment. We delete the data obtained in connection with this when its retention is no longer required, or restrict the processing if there are legal retention obligations. Due to mandatory commercial and fiscal legal regulations, we are obligated to store your address, payment and order data for a period of up to ten years. We undertake a restriction of the processing two years after the end of the contract and reduce the processing in compliance with the existing legal obligations. You can find more information about processing your data with ‘SOFORT’ at https://www.klarna.com/pay-now/privacy-statement/.

Amazon Payments

We offer you the option of payment via ‘Amazon Payments’ on our website. When selecting this payment method, the payment is processed via the payment provider Amazon Payments UK Limited, 1 Principal Place, Worship Street, London EC2A 2FA (hereafter: ‘Amazon Payments’); we transmit the payment data provided in addition to the information about your booking to Amazon Payments for the purpose of the payment processing in the scope of the booking process. Processing is carried out on the basis of art. 6 para. 1 p. 1 lit. b) GDPR. It is necessary and mandatory to provide the payment data for the conclusion and implementation of the contract. It is not possible to conclude and/or implement the contract using the ‘Amazon Payments’ payment method without the provision of your payment data.

‘Amazon Payments’ creates a transaction confirmation on the basis of the data transmitted and if necessary, processes your data for the purpose of an identity and credit check. The legal basis for this processing is art. 6 para. 1 p. 1 lit. f) GDPR. The aim here is to pursue the authorised interests of preventing fraud and misuse of data as well as minimising the risk of insolvency. Mathematical-statistical processes are used in the credit check in order to calculate a rating in regard to the probability of payment default (a calculation referred to as a ‘scoring’ value). ‘Amazon Payments’ uses the calculated ‘scoring’ value as the basis for its decision regarding the provision of the respective payment methods. The ‘scoring’ value is calculated according to recognised scientific processes. We delete the data obtained in connection with this when its retention is no longer required, or restrict the processing if there are legal retention obligations. Due to mandatory commercial and fiscal legal regulations, we are obligated to store your address, payment and order data for a period of up to ten years. We undertake a restriction of the processing two years after the end of the contract and reduce the processing in compliance with the existing legal obligations. You can find further information regarding the processing of your data by ‘Amazon Payments’ under https://pay.amazon.de/help/201751600.

You can submit an objection against the processing as well as processing on the legal basis from art. 6 para. 1 p. 1 lit. f) GDPR. Your right to object consists of reasons which result from your specific situation. You can exercise your right to object by notifying us via the contact data mentioned above.

Legal implementation / address determination / debt collection

In the event of non-payment, we reserve the right to pass on data provided to us during the order to a lawyer and/or external companies (for example, Verband der Vereine Creditreform e.V., Hellersbergstraße 12, D-41460 Neuss), for the purposes of determining the address and/or law enforcement. The legal basis for this processing is art. 6 para. 1 p. 1 lit. f) GDPR. Our authorised interests here lie in the prevention of fraud and avoiding default risks. Furthermore, we also forward your data, if necessary, in order to realise our rights as well as to ensure the rights of companies associated with us, our cooperation partners, our employees and/or our website users and for processing insofar as it is required. We will never sell or lease your data to third parties. The legal basis for this processing is art. 6 para. 1 p. 1 lit. f)GDPR. We have an authorised interest in the processing for law enforcement. We delete the data obtained when its retention is no longer required, or restrict the processing if there are legal retention obligations.

You may submit an objection against the processing. Your right to object consists of reasons which result from your specific situation. You can send us your objection via the contact data stated in the section ‘Responsible providers’.

Hosting

We use external hosting services from the provider Host Europe GmbH (Hansestraße 111, 51149 Cologne, Germany), in order to provide the following services: Infrastructure and platform services, computing capacity, storage resources and database services, safety and technical maintenance services. For these purposes, all data - including access data listed under the point ‘Use of our website’ - is processed which required for the operation and use of our website. The legal basis for this processing is art. 6 para. 1 p. 1 lit. f) GDPR. With use external hosting services in order to pursue an efficient and secure provision of our web offer.

You may submit an objection against the processing. Your right to object consists of reasons which result from your specific situation. You can send us your objection via the contact data stated in the section ‘Responsible providers’.

Cloudflare

We also use the services of the Content Delivery Network (hereafter ‘CDN’) Cloudflare Inc. (101 Townsend St., San Francisco, CA 94107, United States; hereafter ‘Cloudflare’) on our website in order to make our online offer faster. When you visit our website, a ‘CDN’ library is stored in the cache on your end device, in order to prevent content being reloaded. As part of this, your IP address is transmitted to providers in the USA. ‘Cloudflare’ is subject to the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework) and therefore obliged to comply with the European data protection standards: https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0&status=Active. The legal basis for this processing is art. 6 para. 1 p. 1 lit. f) GDPR. With the use of ‘Cloudflare’ we pursue the authorised interest of faster availability and a more effective and improved presentation of our online offer. Cloudflare stores data for 24 hours. You can find further information about data protection and the storage period at ‘Cloudflare’ at: https://www.cloudflare.com/privacypolicy/.

You may submit an objection against the processing. Your right to object consists of reasons which result from your specific situation. You can send us your objection via the contact data stated in the section ‘Responsible providers’.

Third party content, such as videos, card material or graphics from other websites are included on the website. This integration requires that the providers of this content (‘third party providers’) can realise the IP addresses of users. Because if they do not have the IP addresses, they cannot send content to the browsers of the respective user. Therefore, the IP address is required for the presentation of this content. Below, we provide information about the services from external providers currently used on our website and about the respective processing in individual cases and your existing objection options.

Google Web Fonts

We use Web Fonts provided by ‘Google’ (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001) in order to display fonts. When you visit a website,’Google’ loads the required Web Fonts in your browser cache in order to display texts and fonts correctly and more quickly. For this purpose, your browser transmits your IP address to ‘Google’ in order to create the connection to the ‘Google’ servers. In this process, ‘Google’ receives the information that you have visited our website. The legal basis for this processing is art. 6 para. 1 p. 1 lit. f) GDPR. With the use of ‘Google Web Fonts’, we pursue the authorised interests of a standardised and appealing presentation of our online offer. ‘Google’ also processes your data in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. You can see the ‘Google’ certification at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. The ‘Google’ storage period is up to twenty-four months. You can find further information about the purpose and extent of processing by ‘Google’ and the storage period with ‘Google Web Fonts’ at https://developers.google.com/fonts/faq and the ‘Google’ Privacy Policy can be found here: https://policies.google.com/privacy.

You may submit an objection against the processing. Your right to object consists of reasons which result from your specific situation. You can send us your objection via the contact data stated in the section ‘Responsible providers’.

Google Maps

This website uses the service ‘Google Maps’ from ‘Google’ (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001) in order to display maps and map sections, making the use of the map function on the website more user-friendly. When you visit the website, ‘Google’ receives information that you have visited the corresponding sub-pages on our website. In addition, the data mentioned in the sections ‘Access data’ and ‘Cookies’ is also partially transmitted to ‘Google’. This happens regardless of whether ‘Google’ provides a user account which you have used to log in, or if there is no user account. If you are logged in with ‘Google’, your data is directly assigned to your account. If you no longer wish to be assigned a profile with ‘Google’, you must log out before activating the button. ‘Google’ stores your data as a user profile and processes it regardless of whether or not you have a user account with ‘Google’ for advertising and market research purposes and/or the appropriate layout of its website. The legal basis for this processing is art. 6 para. 1 p. 1 lit. f)GDPR. With the use of ‘Google Maps’, we pursue the authorised interest of making our web offer more attractive and offering you additional services. ‘Google’ also processes your data in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. You can see the ‘Google’ certification at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. The ‘Google’ storage period is up to twenty-four months. You can find further information about the purpose and scope of the processing using the plug-in provider and the storage period at ‘Google Maps’ at https://policies.google.com/privacy?hl=en.

You may submit an objection against the processing. Your right to object consists of reasons which result from your specific situation. You can object to the processing of cookies by changing the settings in your internet browser, by deactivating or restricting cookies. Cookies which are already stored in the browser settings can be deleted at any time. You can prevent the use of cookies by opening the browser in ‘private mode’.

Google reCAPTCHA

We use ‘Google reCAPTCHA’ (hereafter: ‘reCAPTCHA’) on our website. The provider of this service is ‘Google’ (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001). ‘reCAPTCHA’ is intended to check whether the data entry on the website (for example, in a contact form) is made by a person or an automated program. To this end, ‘reCAPTCHA’ analyses the behaviour of the website visitor based on different features. The analysis begins automatically as soon as the user accesses the website. ‘reCAPTCHA’ evaluates different information for the purpose of the analysis (for example, IP address, dwell time of the website visitor on the website or the mouse movements made by the user). The data recorded during the analysis is forwarded to ‘Google’. ‘Google’ also processes your personal data in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. You can see the ‘Google’ certification at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. Processing is carried out on the basis of art. 6 para. 1 p. 1 lit. f) GDPR. We have an authorised interest in protecting our web offer against improper, automated spying and unwanted e-mail advertising (SPAM). The ‘Google’ storage period is up to twenty-four months. You can find further information about ‘reCAPTCHA’ and the storage period of data in the ‘Google’ Privacy Policy https://policies.google.com/privacy.

You may submit an objection against the processing. Your right to object consists of reasons which result from your specific situation. You can send us your objection via the contact data stated in the section ‘Responsible providers’.

Google user-defined search

We use ‘Google user-defined search’ from ‘Google’ (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001) as a central search service. The embedded search service enables a full-text search according to the contents of our internet offer. When the search function is used within the search result site, data is also simultaneously transferred from you to ‘Google’. This includes, for example, search terms you have entered and the IP address of your end device. The processing is intended to simplify the use of our website. If your are logged in to ‘Google’ at the same time, the ‘Google’ service is in a position to directly assign the information to your user profile. If you no longer wish to be assigned a profile with ‘Google’, you must log out first. The legal basis for this processing is art. 6 para. 1 p. 1 lit. f) GDPR. With this processing, we pursue the authorised interest of making our web offer more attractive and offering you an additional service. The ‘Google’ storage period is up to twenty-four months. You can find more information about data protection and the storage period at ‘Google’ at https://policies.google.com/privacy.

You may submit an objection against the processing. Your right to object consists of reasons which result from your specific situation. You can send us your objection via the contact data stated in the section ‘Responsible providers’.

Google Tag Manager

We use ‘Google Tag Manager’ from ‘Google’ on our website (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001). ‘Google Tag Manager’ is a solution which can be used to manage tags via an interface. The Tag Manager tool itself (which implements the tags) is a cookie-free domain and does not record any personal data. The tool ensures other tags are triggered which record data on their part under circumstances; we explain this to you separately in the scope of this privacy policy. ‘Google Tag Manager’ does not access this data. If a deactivation is implemented at a domain or cookie level, this remains in force for all tracking tags which are implemented with ‘Google Tag Manager’.

Vimeo

We use plugins from ‘Vimeo’ in order to embed videos on our website. ‘Vimeo’ is operated by Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA. By processing the data with plugins, we are pursuing the purpose of embedding visual content (‘videos’) which have been published on https://www.vimeo.com on our website as well. If you visit one of our websites with the ‘Vimeo’ plugin, a connection is created to the ‘Vimeo’ servers. In this process, information is transferred to ‘Vimeo’ about which website you have visited. In addition, the data mentioned in the sections ‘Access data’ is also partially transmitted. This happens regardless of whether you are logged into your ‘Vimeo’ user account or if there is no user account. If you are logged in as a ‘Vimeo’ member, ‘Vimeo’ assigns this information to your personal user account. When using this plugin, for example to play a video using the active play button, this information is also assigned to your user account. ‘Vimeo’ stores your data as a user profile and processes it regardless of whether or not you have a user account with ‘Vimeo’ for advertising and market research purposes and/or the appropriate layout of websites. The legal basis for this processing is art. 6 para. 1 p. 1 lit. f)GDPR. With this processing, we pursue the authorised interest of making our web offer more attractive and offering you additional services. ‘Vimeo’ also processes your data on servers in the USA. ‘Vimeo’ also processes your data in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. you can see the ‘Vimeo’ certification at https://www.privacyshield.gov/participant?id=a2zt00000008V77AAE&status=Active. ‘Vimeo’ stores data for one month. You can find further information about the privacy policy and the storage period at ‘Vimeo’ at https://vimeo.com/privacy.

You may submit an objection against the processing. Your right to object consists of reasons which result from your specific situation. You can object to the processing in different ways: by deactivating the button for processing unnecessary cookies at: https://vimeo.com/cookie_policy at the end of the website; by deactivating cookies in the settings of your browser software or by opening the used browser in ‘private mode’ in order to prevent the use of cookies.

YouTube videos

We use plugins from the video platform ‘YouTube.de’ and ‘YouTube.com’ on the website, this is a service by YouTube LLC (headquarters 901 Cherry Avenue, San Bruno, CA 94066, USA; hereafter ‘YouTube’), which is responsible for ‘Google’ (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001) in the sense of data protection law. By processing the data with plugins, we are pursuing the purpose of embedding visual content (‘videos’) which we have published on ‘YouTube.de’ and’YouTube.com’ on our website as well. The videos are all embedded in ‘extended data protection mode’, meaning that no data about the user is transferred to ‘YouTube’ if you do not play the videos. When you play videos on our website, ‘YouTube’ receives information that you have visited the corresponding sub-pages on our website. In addition, the data mentioned in the sections ‘Access data’ is also partially transmitted to ‘Google’. This happens regardless of whether ‘YouTube’ provides a user account which you have used to log in, or if there is no user account. If you are logged in with ‘Google’, your data is directly assigned to your account. If you no longer wish to be assigned a profile with ‘YouTube’, you must log out before activating the button. ‘YouTube’ stores your data as a user profile and processes it regardless of whether or not you have a user account with ‘Google’ for advertising and market research purposes and/or the appropriate layout of its website. The legal basis for this processing is art. 6 para. 1 p. 1 lit. f)GDPR. With this processing, we pursue the authorised interest of making our web offer more attractive and offering you an additional service. ‘Google’ also processes your personal data in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. You can see the ‘Google’ certification at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. The data is stored for a period of 9 months. You can find further information about the purpose and scope of the processing by ‘YouTube’ and the storage period at ‘YouTube’ in the privacy policy at https://policies.google.com/privacy.

You may submit an objection against the processing. Your right to object consists of reasons which result from your specific situation. You can object to the processing in different ways: by deactivating cookies in the settings of your browser software or by opening the browser used in ‘private mode’ in order to prevent the use of cookies.

Pinterest

Detailed information about the processing and use of data by the provider on their pages, and also contact details and your relevant rights and settings to protect your privacy (particularly opt-out options) can be found in the provider's linked privacy policy. Processing and use of data: Pinterest: https://about.pinterest.com/de/privacy-policy Opt-out: Pinterest: https://www.pinterest.de/settings If you still need help in this regard, please contact us.

TikTok Ads

Tracking technologies from TikTok Information Technologies UK Limited, Wework, 125 Kingsway, London, WC2B 6NH, UK (henceforth "TikTok") are embedded in the site. "TikTok" uses technologies such as "tracking pixels" ("TikTok pixels"), "cookies" and "device fingerprinting" to gather information on usage behaviour on our website. In this way interest-based adverts can be blended into the content for users of the website and users of "TikTok", while they are visiting the "TikTok" social network. With the help of "TikTok pixels" (small graphics which are, at the same time, embedded in our website, can be loaded automatically when our website is accessed, and can track user behaviour) the user browser automatically establishes a direct connection with the "TikTok" server. Embedding "TikTok pixels" allows "TikTok", with the help of information generated by cookies on usage of our website by the user's end device, to process, for example, the fact that a given website was accessed, and to process access data, in particular the IP address, browser information, the website previously visited, and the date and time of the server request - with a view to delivering customised adverts across multiple devices. In respect of the advertising campaign data, we can work out how successful individual advertising activities are. For this purpose we use cookies, which use certain parameters, such as advertising material blended into the content, view time or user clicks, to produce reach metrics. As long as users are registered with a service from "TikTok", "TikTok" is also able to assign the information gathered to the user's relevant "TikTok Account". The legal basis for handling your data is your consent as per Art. 6 section 1 page 1 letter a) of the GDPR. "TikTok" shares your data with TikTok Technology Limited, 10 Earlsfort Terrace Dublin, D02 T380, Ireland, and also processes your data in the USA (TikTok Inc., 10100 Venice Boulevard, Culver City, California, USA). There has been no adequacy decision regarding the transfer of data to the USA: the legal basis for transferring data to the USA is your consent as per Article 49 section 1 page 1 letter a) of the GDPR. Further information on data protection and the retention period at "TikTok" can be found at: https://www.tiktok.com/legal/privacy-policy?lang=en.

You can, at any time, revoke your consent to your data being processed, and transferred to third countries - by adjusting the relevant slider in the consent tools settings https://www.falke.com/de_de/informationen/faq/?cmpscreen

This does not affect the legality of your data having been processed, based on your consent, up to the point at which you revoked your consent.

TikTok Custom File

We also use the "Custom File" online marketing tool from "TikTok". The service provider is TikTok Information Technologies UK Limited, Wework, 125 Kingsway, London, WC2B 6NH, UK (henceforth "TikTok"). In this way, we can display customised advertising to those customers who have a TikTok account, while they are using the social network. To this end we send pseudonymised customer data sets to TikTok in encrypted form, without directly identifying a specific person, for the purposes of data enhancement and in order to form segments (target groups) for placing advertising material. In addition, target groups are identified through interaction with our ads. The legal basis for handling your data is your consent as per Art. 6 section 1 page 1 letter a) of the GDPR. "TikTok" shares your data with TikTok Technology Limited, 10 Earlsfort Terrace Dublin, D02 T380, Ireland, and also processes your data in the USA (TikTok Inc., 10100 Venice Boulevard, Culver City, California, USA). No adequacy decision has been made on the transfer of data to the USA. The legal basis for transferring data to the USA is your consent as per Article 49 section 1 page 1 letter a) of the GDPR. Further information on data protection and the retention period at "TikTok" can be found at: https://www.tiktok.com/legal/privacy-policy?lang=en.

You can, at any time, revoke your consent to your data being processed, and transferred to third countries - by adjusting the relevant slider in the consent tools settings https://www.falke.com/de_de/informationen/faq/?cmpscreen

This does not affect the legality of your data having been processed, based on your consent, up to the point at which you revoked your consent.

Prudsys

To personalise products, we use the online tool “prudsys” by the company prudsys AG (GK Software Group, Zwickauer Strasse 16, 09112 Chemnitz, Germany, e-mail: info@prudsys.de). With the aid of "prudsys", we can tailor our website to individual user habits and enable personalised content and product recommendations. The “prudsys” tool uses so-called cookies (see the “Cookies” section above) to record data about the interests and behaviour patterns of people who visit our website and our online shop. With the aid of cookies, “prudsys” collects data in real time, in particular about the visitor's surfing behaviour, about products or categories viewed, about the shopping basket and orders placed. Based on machine learning models, “prudsys” is able to recognise patterns and user interests. This makes it possible to identify individual preferences, to make appropriate offers and to display products with individual relevance for the particular visitor. Legal basis for the processing is Art. 6 (1) sentence 1a) GDPR. The storage period of the data collected via “prudsys” is 24 months. For further information about data protection and the storage period, please visit https://summit.prudsys.de/datenschutz/.

You may revoke your consent to the processing of the respective provider at any time by pushing back the slider in the “Settings” [https://www.falke.com/?show_consent=1] of the Consent Tool. Until such revocation is made, the lawfulness of the processing shall remain unaffected.

We utilise the services of third-party providers for statistics compilation, analysis and marketing purposes. This makes it possible for us to enable the user-friendly, optimised use of the website . In order to control their services, the third-party providers use cookies (cf. the "Cookies" section above). Below you will find information regarding the services from third-party providers currently in use on our website, as well as information concerning the respective processing on a case-by-case basis, and your existing rights of objection and withdrawal.

Google Analytics

In order to be able to optimally adjust our website for user interests, we use ‘Google Analytics’, a web service from ‘Google’ (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001). ‘Google Analytics’ uses ‘cookies’ (cf. the previous section ‘Cookies’), which are stored on your end device. ‘Google’ uses cookies to process the information created about the use of our website by your end device - for example, that you have visited a certain website - and processes the data mentioned in the section ‘Access data’, among other things, in particular your IP address, browser information, the previously visited website, the ‘Facebook ID and the data and time of your server query in order to statistically analyse the website use. This website uses ‘Google Analytics’ with the extension ‘anonymizeIp()’. In this process, your IP address is further processed in an abbreviated form, in order to make it significantly more difficult to link it to an individual. Your IP address is abbreviated prior to this within member states of the European Union, according to information from ‘Google’. Your full IP address is only transmitted to ‘Google’ servers in the USA and then abbreviated in exceptional circumstances. ‘Google’ processes this information on our behalf in order to evaluate the use of the website, compile reports for us about website activities and - provided we have indicated this separately - in order to provide us with further services connected to the website use. The IP address transmitted in the scope of this purpose is not compiled with other data from ‘Google’. The legal basis for the processing of your data is your consent in accordance with Art. 6 Para. 1 P. 1 lit. a) GDPR. Your data in conjunction with "Google Analytics" will be deleted after no more than fourteen months. In the exceptional case whereby your data were to be transferred to the USA, "Google" has subscribed to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. You can view the "Google" certification here: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. Further information regarding data protection at "Google" can be found here: http://www.google.de/intl/de/policies/privacy.

You can withdraw your consent to the processing of your data at any time by moving back the slider in the "Extended Settings" of the Consent Tool [https://www.falke.com/?show_consent=1]. This withdrawal will not affect the legality of processing performed prior to the withdrawal of consent.

Hotjar

We also use the analysis service ‘Hotjar’ in order to improve our website and make it more user-friendly. The provider of this service is Hotjar Ltd (Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe, +1 (855) 464-6788, david@hotjar.com; hereafter: ‘Hotjar’). We record activity on our website into Heatmaps with the help of ‘Hotjar’ and process data for analytical purposes. All data is processed in such a way that we cannot assign it to a certain user. We can only track how you move your mouse, where clicks are made and how far you scroll. In order to analyse your user behaviour, ‘Hotjar’ uses what are known as ‘cookies’ (cf. the previous section ‘Cookies’), which are saved on your computer and processes your IP address and information about the use of our website on your end device. According to its own information, ‘Hotjar’ abbreviates your IP address before it is further processed. If personal data is shown on a website, this is automatically hidden by ‘Hotjar’ so that we cannot trace it. The legal basis for the processing of this data is your consent in accordance with Art. 6 Para. 1 P. 1 lit. a) GDPR. Our authorised interest in the processing lies in the statistical analysis of the website use, the reach measurement and the optimisation and improvement of our web offer. Your data in connection with ‘Hotjar’ is deleted after twelve months at the latest; you can find an overview of the storage period with ‘Hotjar’ at: https://www.hotjar.com/legal/policies/cookie-information. You can find further information about data protection at ‘Hotjar’ at: https://www.hotjar.com/legal/policies/privacy.

You can withdraw your consent to the processing of your data at any time by moving back the slider in the "Extended Settings" of the Consent Tool [https://www.falke.com/?show_consent=1]. This withdrawal will not affect the legality of processing performed prior to the withdrawal of consent.

Facebook Custom Audiences

The website also uses the function ‘Website Custom Audiences’ from ‘Facebook’. The provider is Facebook Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland, e-mail: impressum-support@support.facebook.com; hereafter: ‘Facebook’). Information about your usage behaviour on our website is recorded using Web Beacons, such as the ‘Facebook Pixel’, which are processed by ‘Facebook’. This enable us to show website and ‘Facebook’ users who belong to comparable target groups interest-related advertisements (‘Facebook Ads’) in the scope of the visit to the social network ‘Facebook’. With the help of ‘Facebook Pixel’ (small graphics which are simultaneously incorporated on our website and automatically loaded when visiting our website and enable user behaviour to be traced), your browser automatically creates a direct connection to the ‘Facebook’ server. By incorporating ‘Facebook Pixel’, ‘Facebook’ processes the information created with the help of cookies about the use of our website by your end device - for example, that you have visited a certain website - and processes the data mentioned in the section ‘Access data’, among other things, in particular your IP address, browser information, the previously visited website, the ‘Facebook ID’ and the date and time of your server query in order to play personalised advertisements. If you are registered for a service from ‘Facebook’, ‘Facebook’ can assign the recorded information to your account. Even if you are not registered on ‘Facebook’ or not logged in, there is the possibility that the provider can find out and process your IP address and other identification features. The legal basis for the processing of this data is your consent in accordance with Art. 6 Para. 1 P. 1 lit. a) GDPR. We pursue the authorised interests of users to recognise our website again on ‘Facebook’, show you advertisements which are of interest to you and make our website more interesting for our users. If ‘Facebook’ processes the data in the USA, it is subject to the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework) and provides a guarantee through this to comply with European Data Protection Law. You can see the ‘Facebook’ certification at https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active. The storage period for information in Facebook cookies is three months. You can find further information about data protection and the storage period at ‘Facebook’ at: https://www.facebook.com/privacy/explanation and https://www.facebook.com/policies/cookies/.

You can withdraw your consent to the processing of your data at any time by moving back the slider in the "Extended Settings" of the Consent Tool [https://www.falke.com/?show_consent=1]. This withdrawal will not affect the legality of processing performed prior to the withdrawal of consent.

Facebook Analytics

We use the tool ‘Facebook Analytics’ from ‘Facebook’. The provider is Facebook Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland, e-mail: impressum-support@support.facebook.com; hereafter: ‘Facebook’). In order to use ‘Facebook Analytics’ we use ‘Facebook Pixel’ in order to analyse the use of our website and internet presence, i.e. in the social networks ‘Facebook’ and ‘Instagram’, the interaction undertaken by the users on our website and internet presence as well as the reach measurement of our advertisements. With the help of ‘Facebook Pixel’ (small graphics which are simultaneously incorporated on our website, automatically loaded when visiting our website and enable user behaviour to be traced), your browser automatically creates a direct connection to the ‘Facebook’ server. By incorporating ‘Facebook Pixel’, ‘Facebook’ processes the information created with the help of cookies about the use of our website by your end device - for example, that you have visited a certain website - and processes the data mentioned in the section ‘Access data’, among other things, in particular your IP address, browser information, the previously visited website, the ‘Facebook ID’ and the date and time of your server query in order to analyse our website and internet presence, analyse the user interaction and reach measurement of our advertisements. We use the information obtained with ‘Facebook Pixels’ solely for statistical purposes. The information is transmitted to us from ‘Facebook’ anonymously as a statistic and does not provide any information about the user. If you are registered for a service from ‘Facebook’, ‘Facebook’ can assign the recorded information to your account. Even if a user is not registered on ‘Facebook’ or not logged in, there is the possibility that ‘Facebook’ can find out and process your IP address and other identification features. The legal basis for the processing of this data is your consent in accordance with Art. 6 Para. 1 P. 1 lit. a) GDPR. Our authorised interest in the processing lies in the statistical analysis of the website use, the reach measurement of advertisements and the optimisation and improvement of our web offer. If ‘Facebook’ processes the data in the USA, it is subject to the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework) and provides a guarantee through this to comply with European Data Protection Law. You can see the ‘Facebook’ certification at https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active. The storage period for information in Facebook cookies is three months. You can find further information about data protection and the storage period at ‘Facebook’ at: https://www.facebook.com/privacy/explanation and by visiting https://www.facebook.com/policies/cookies/.

You can withdraw your consent to the processing of your data at any time by moving back the slider in the "Extended Settings" of the Consent Tool [https://www.falke.com/?show_consent=1]. This withdrawal will not affect the legality of processing performed prior to the withdrawal of consent.

Google Ads (Conversion)

We use the service from ‘Google Ads’ from ‘Google’ (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001) in order to draw attention to our attractive offers on external websites using advertising agents (previously ‘Google AdWords’). We can determine how successful individual advertising measures are in relation to the data of the advertising campaigns. These advertising agents are supplied by ‘Google’ via an ‘Ad Server’. To this end, we use ‘Ad Server’ cookies, which can be used to measure reach using the specified parameters, such as showing adverts or clicks by the users. If you reach our website via a ‘Google’ avert, a cookies from ‘Google Ads’ is saved on your end device. ‘Google’ processes the information regarding interactions with our advertising materials created by your end device with the help of cookies (visits to a certain internet site or click on advertising material), the data mentioned in the section ‘Access data’, in particular your IP address, browser information, the website previously visited and the data and time of your server query, for the purpose of analysing and visualising the reach measurement of our advertisements. Your browser automatically creates a direct connection with the ‘Google’ server based on the marketing tools used. If you are registered for a ‘Google’ service then the visit can be assigned to your account. Even if you are not registered with ‘Google’ or not logged in, there is the possibility that the provider can find out and process your IP address. We only receive statistics from ‘Google’ in order to measure the success of our advertising material. ‘Google’ processes the data in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. You can see the ‘Google’ certification at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. The legal basis for the processing of this data is your consent in accordance with Art. 6 Para. 1 P. 1 lit. a) GDPR.  Our authorised interest in the processing lies in the statistical analysis of the website use, reach measurement and optimisation of advertisements as well as the traceability and improvement of our advertising cost expenses. The ‘Google’ storage period is up to twenty-four months. The ‘Google’ storage period is up to twenty-four months. You can find more information about data protection and the storage period at ‘Google’ at https://policies.google.com/privacy.

You can withdraw your consent to the processing of your data at any time by moving back the slider in the "Extended Settings" of the Consent Tool [https://www.falke.com/?show_consent=1]. This withdrawal will not affect the legality of processing performed prior to the withdrawal of consent.

Google Ads (Dynamic Remarketing)

We use the tool ‘Google Ads’ with the function ‘Dynamic Remarketing’ from ‘Google’ (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001). This concerns a process we would like to draw your attention to once more. Using the function ‘Dynamic Remarketing’, we can recognise users from our website on other websites within the ‘Google’ advertising network (in the ‘Google’ search or on ‘YouTube’, ‘Google Adverts’ or on other websites) again and present them with tailored advertisements which are in their interests. Advertisements may be related to products and services which you have already seen on our website. To this end, we analyse interaction by the user with our website, for example, offers which have interested the user, in order to the be able to show the user targeted adverts even after they have visited our website. If you visit our website, ‘Google Ads’ will save a cookie on your end device. ‘Google’ uses cookies to process the information created by your end device about the use of our website and interactions with our website as well as the data mentioned in the section ‘Access data’, in particular your IP address, browser information, the previously visited website and the data and time of your server query in order to play personalised advertisements. There is no compilation of data collected in the scope of ‘Google Ads’ with data from other ‘Google’ products. The legal basis for the processing of this data is your consent in accordance with Art. 6 Para. 1 P. 1 lit. a) GDPR. We pursue the authorised interests of users to recognise our website again on other websites, show you advertisements which are of interest to you and make our website more interesting for our users. ‘Google’ processes the data in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. You can see the ‘Google’ certification at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. The ‘Google’ storage period is up to twenty-four months. You can find more information about data protection and the storage period at ‘Google’ at https://policies.google.com/privacy.

You can withdraw your consent to the processing of your data at any time by moving back the slider in the "Extended Settings" of the Consent Tool [https://www.falke.com/?show_consent=1]. This withdrawal will not affect the legality of processing performed prior to the withdrawal of consent.

Google DoubleClick

We also use the online marketing tool ‘DoubleClick’ from ‘Google’ on the website (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001). ‘DoubleClick’ uses cookies in order to apply adverts which are relevant to the user which improve the campaign service reports or prevent the user from seeing the same advert several times. ‘Google’ uses cookies (cf. the previous section ‘Cookies’) in order to record which adverts are applied in which browser and in this way can prevent these being shown several times. ‘Google’ uses cookies to process the information created by your end device about the use of our website and interactions with our website as well as the data mentioned in the section ‘Access data’, in particular your IP address, browser information, the previously visited website and the data and time of your server query in order to play personalised advertisements. This enables ‘Google’ and its partner sites to apply adverts based on the previous visit to the website. Moreover, ‘DoubleClick’ can record conversions which relate to advert queries with the help of cookies. Thus, for example, if a user sees a DoubleClick advert and later visits the website of the advert operator and buys something there using the same browser. By incorporating ‘DoubleClick’, ‘Google’ receives information that you have visited the corresponding section of our internet presence or clicked one of our adverts. If you are registered for a ‘Google’ service, ‘Google’ can assign the visit to your account. Even if you are not registered with ‘Google’ or not logged in, there is the possibility that the provider can find out and save your IP address. The legal basis for the processing of this data is your consent in accordance with Art. 6 Para. 1 P. 1 lit. a) GDPR. We pursue the authorised interests of users to recognise our website again on other websites, show you advertisements which are of interest to you and make our website more interesting for our users. We also have an authorised interest in the reach measurement and optimisation of advertisements as well as the traceability and improvement of advertising expenses. ‘Google’ processes the data in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.. You can see the ‘Google’ certification at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. Insofar, the storage period at ‘Google’ is thirteen months. You can find more information about data protection and the storage period at ‘Google’ at https://policies.google.com/privacy.

You can withdraw your consent to the processing of your data at any time by moving back the slider in the "Extended Settings" of the Consent Tool [https://www.falke.com/?show_consent=1]. This withdrawal will not affect the legality of processing performed prior to the withdrawal of consent.

AWIN (previously Digital Window)

This website uses the tracking functions from the affiliate network AWIN AG (Eichhornstraße 3, 10785 Berlin; previously ‘Digital Window’, hereafter ‘AWIN’). To this end, count pixels are used for the reach measurement of our advertisements and assignment of the success of advertising material. We can determine how successful individual advertising measures are in relation to the data of the advertising campaigns in the scope of the respective partner programme. A cookie is placed for re-recognition on the end device of the user using Web Beacons (count pixel). ‘AWIN’ processes the information regarding interactions with our advertising materials created by your end device with the help of cookies (for example, visits to a certain internet site or click on advertising material) and the data mentioned in the section ‘Access data’ for the purpose of analysing the reach and success measurement of our advertisements. The legal basis for the processing of this data is your consent in accordance with Art. 6 Para. 1 P. 1 lit. a) GDPR. Our authorised interest in the processing lies in the statistical analysis of the website use, reach measurement and optimisation of advertisements as well as the traceability and improvement of our advertising cost expenses. The storage period of processing in the scope of ‘AWIN’ is a maximum of one year. You can find further information about data protection and the storage period at: https://www.awin.com/gb/legal. 

You can withdraw your consent to the processing of your data at any time by moving back the slider in the "Extended Settings" of the Consent Tool [https://www.falke.com/?show_consent=1]. This withdrawal will not affect the legality of processing performed prior to the withdrawal of consent.

Bing Ads

We use the tracking functions from ‘Bing Ads’ by Microsoft Corporation (One Microsoft Way, Redmond, WA 98052-6399, hereafter ‘Microsoft’) on our website. To this end, ‘Microsoft’ saves a cookie on the user’s end device in order to measure the reach of our advertisements and enable the assignment of the success of advertising material. If you reach our website via a ‘Microsoft Bing Ads’ advert, a cookie from ‘Microsoft’ is saved on your end device. ‘Microsoft’ processes the information regarding interactions with our advertising materials created by your end device with the help of cookies (visits to a certain internet site or click on advertising material) as well as some of the data mentioned in the section ‘Access data’ for the purpose of analysing the reach and success measurement of our advertisements. ‘Microsoft’ processes the data in the USA, it is subject to the EU-US Privacy Shield ( (https://www.privacyshield.gov/EU-US-Framework) and provides a guarantee through this to comply with European Data Protection Law. you can see the ‘Microsoft’ certification at https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active. The legal basis for the processing of this data is your consent in accordance with Art. 6 Para. 1 P. 1 lit. a) GDPR. Our authorised interest in the processing lies in the statistical analysis of the website use, reach measurement and optimisation of advertisements as well as the traceability and improvement of our advertising cost expenses. The storage period of processing in the scope of ‘Bing Ads’ is a maximum of thirteen months. You can find further information about data protection at ‘Microsoft’ and the storage period under: https://privacy.microsoft.com/en-us/privacystatement and https://about.ads.microsoft.com/en-gb/resources/policies/privacy-and-data-protection-policies.

You can withdraw your consent to the processing of your data at any time by moving back the slider in the "Extended Settings" of the Consent Tool [https://www.falke.com/?show_consent=1]. This withdrawal will not affect the legality of processing performed prior to the withdrawal of consent.

Criteo (Dynamic Retargeting)

The website uses the function ‘Dynamic Retargeting’ from the online advertising service ‘Criteo’ (Criteo SA in 32 Rue Blanche, 75009 Paris). Using the ‘Dynamic Remarketing’ function, we can recognise our website users on other websites within the ‘Criteo’ advertising network and present them with advertisements tailored to their interests. Advertisements may be related to products and services which you have already seen on our website. To this end, we analyse interaction by the user with our website, for example, offers which have interested the user, in order to the be able to show the user targeted adverts on other websites, even after they have visited our website. If you visit our website, ‘Criteo’ will save a cookie on your end device. ‘Criteo’ uses cookies to process the information created by your end device about the use of our website and interactions with our website as well as the data mentioned in the section ‘Use of our website’, in particular your IP address, browser information, the previously visited website and the data and time of your server query in order to play personalised advertisements. The legal basis for the processing of this data is your consent in accordance with Art. 6 Para. 1 P. 1 lit. a) GDPR. We pursue the authorised interests of users to recognise our website again on other websites, show you advertisements which are of interest to you and make our website more interesting for our users. The storage period at ‘Criteo’ is thirteen months. You can find further information about data protection and the storage period at ‘Criteo’ at: https://www.criteo.com/de/privacy/.

You can withdraw your consent to the processing of your data at any time by moving back the slider in the "Extended Settings" of the Consent Tool [https://www.falke.com/?show_consent=1]. This withdrawal will not affect the legality of processing performed prior to the withdrawal of consent.

Usemax

This website also uses ‘SaleCycle’ to play user-based online advertisements (Alexander House, Durham, DH4 5RA, UK, Web: https://www.salecycle.com; hereafter: ‘SaleCycle’). Using ‘SaleCycle’ we can recognise our website users on other websites within the ‘SaleCycle’ advertising network and present them with advertisements tailored to their interests. Advertisements may be related to products and services which you have already seen on our website. ‘SaleCycle’ also enables us to play personalised advertising offers on our website. To this end, we analyse user interactions with our website, for example, offers which have interested the user, in order to the be able to show the user targeted adverts on other websites, even after they have visited our website. The information about the use of the website is also used by ‘SaleCycle’ in order to determine users with similar usage behaviour and appeal to them with tailored advertisements. If you visit our website, ‘SaleCycle’ will save a cookie on your end device. ‘SaleCycle’ uses cookies to process the information created by your end device about the use of our website and interactions with our website as well as the data mentioned in the section ‘Access data’, in particular your IP address, browser information, the previously visited website and the data and time of your server query in order to play personalised advertisements. The legal basis for the processing of this data is your consent in accordance with Art. 6 Para. 1 P. 1 lit. a) GDPR. We pursue the authorised interests of users to recognise our website again on other websites, acquire new customers,show you advertisements which are of interest to you and make our website more interesting for our users. The storage period at ‘SaleCycle’ is six months. You can find more information about data protection and the storage period at ‘SaleCycle’ at https://www.salecycle.com/gdpr/.

You can withdraw your consent to the processing of your data at any time by moving back the slider in the "Extended Settings" of the Consent Tool [https://www.falke.com/?show_consent=1]. This withdrawal will not affect the legality of processing performed prior to the withdrawal of consent.

Tealium

We have integrated the "Tealium" consent management tool (www.tealium.com, Tealium Inc., Tealium, c/o Mindspace, Viktualienmarkt 8, 80331 Munich) into our website in order to request consent for data processing and/or the use of cookies or similar functions.  Using "Tealium" you have the option of giving or withholding your consent for particular functionalities on our website, for example, for the purposes of integrating external elements, integrating streaming content, statistical analysis, reach metrics and customised advertising.  Using "Tealium" you can give or withhold your consent for all functions, or else give your consent for particular purposes or functions.  Later on you can also amend the settings you have configured.  The purpose of integrating "Tealium" is to give the users of our website the power to make decisions on the matters above, and, as they continue to use our website, to offer them the option of amending settings already configured.  Using "Tealium" involves processing personal data, and also information about the end device being used, such as the IP address.

The legal basis for this data processing is Art. 6 section 1 clause 1 letter c) in conjunction with Art. 6 section 3 clause 1 letter a) in conjunction with Art. 7 section 1 of GDPR or, alternatively, letter f).  We offer customers (data processors as per GDPR) assistance with data processing in terms of fulfilment of legal obligations (e.g. proof of consent).  Our legitimate data processing interest is the storage of user settings and preferences in respect of the use of cookies and other functionalities.  "Tealium" stores your data for as long as the user settings are active.  Two years after the user settings were configured, the user is once again requested to provide their consent.  The user settings configured can then be stored for the same time period again. 

You can file an objection to data processing.  You have the right to object to data processing on the grounds of your particular circumstances.  In order to file your objection, please email privacy@tealium.com

Exactag

Exactag GmbH (Wanheimer Straße 68, 40468 Düsseldorf) collects and stores data for marketing and optimisation purposes on this website and its subpages. This data can be used to compile pseudonymous user profiles. To this end, cookies and a technology known as Fingerprint can be used. Cookies are small text files that are stored locally in the cache of the visitor's Internet browser. Fingerprint technology stores environment variables of the Internet browser in a database, without storing unique user-related data such as an IP address. The cookies and/or Fingerprint enable the recognition of the web browser. Exactag also evaluates the user behaviour and access data from other sources such as apps, social media channels (public contributions and generally accessible information) or newsletters (e.g. whether and when newsletters are opened and which links are clicked on by readers, with a view to measuring reading habits, opening and click rates), in order to support the personalised targeting of advertisements on websites, social media platforms, in apps and in our newsletters. For this purpose, Exactag uses cookies, pixel tags, browser fingerprints and similar technologies, which store or read information in users' end devices when they call up our websites, apps, social media channels or newsletters. As a result of the use of these technologies, users' data can be sent to Salesforce and used as the basis for statistical analysis and for audience measurement. This allows us to test usage-based advertising campaigns and utilise usage-based advertising materials. The legal basis for the processing of this data is your consent in accordance with Art. 6 Para. 1 P. 1 lit. a) GDPR. Further information regarding data protection and the storage period practiced by Exactag can be found here https://www.exactag.com/datenschutz.

You can withdraw your consent to the processing of your data at any time by moving back the slider in the "Extended Settings" of the Consent Tool [https://www.falke.com/?show_consent=1]. This withdrawal will not affect the legality of processing performed prior to the withdrawal of consent.

Copyright Ó by Spirit Legal LLP