Provision of the online offer and web hosting
Description: This website is hosted by a website hosting provider that uses cloud-based servers within the EU to provide a stable and secure hosting platform. Our website is distributed via a content delivery network with servers around the world to ensure that our website is delivered quickly and securely to our website visitors.
Types of data processed:
Usage data: e.g. websites visited, access times, all entries within our online offer or websites
Communication data: e.g. browser type, operating system, or IP addresses
Data protection subjects: users (website visitors).
Purpose of processing: Rapid provision of a stable and secure online offer.
Legal basis: Technically necessary (Section 25 (2) No. 2 TTDSG) and legitimate interest (Article 6 (1) sentence 1 lit. f. GDPR).
Recipients or categories of recipients: Website hosting providers, SSL certificate providers, content delivery network providers
Data transfer to third countries: We transfer your personal data to processors in the USA for this purpose. Information on the transfer of personal data to third countries can be found in the Transfer to third countries section.
Collection of log files:
Description: We store log files to analyze and maintain the technical operation of the servers as well as to support anti-abuse measures and to protect the security of the hosting platform.
Types of data processed:
Usage data: e.g. websites visited, access times.
Communication data: e.g. browser type, operating system, or IP addresses.
Affected persons: Users (website visitors).
Purpose of processing: Improving the stability and functionality of our website. Legal basis: Legitimate interests (Art. 6 Para. 1 Clause 1 lit. f. GDPR). Our legitimate interest is to ensure the stability and functionality of the website.
Recipients or categories of recipients: Website hosting providers, website analysis providers
Data transfer to third countries: Your personal data will be processed within the EU.
Retention periods or criteria used to determine retention periods:
The log files are stored for 7 days and then deleted.
Contact form:
Description: We offer a contact form function on our website that gives you the opportunity to contact us by entering your contact details and your request and clicking "Send".
Types of data processed:
Usage data: Name, email address and content of the message, websites visited, access times
Communication data: e.g. IP addresses, browser type, operating system, or IP addresses
Affected persons: Users (website visitors).
Purpose of processing: Processing contact and pre-contractual inquiries via our website.
Legal basis: Legitimate interest (Art. 6 Para. 1 Clause 1 lit. f. GDPR), contract fulfillment and/or pre-contractual inquiries (Art. 6 Para. 1 Clause 1 lit. b. GDPR). Our legitimate interest is to answer your inquiry.
Recipients or categories of recipients: website hosting providers, providers of transactional emails
Data transfer to third countries: We transfer your personal data to processors in the USA for this purpose.
Lead capture function "Smart Forms":
Description: We offer Smart Forms on our website with which you can contact us and provide additional information that we need to answer your inquiry.
Types of data processed:
Usage data: log files, access times
Communication data: e.g. B. Content of the message, name, telephone number, timestamp (e.g. time of sending the form), IP address, browser type, operating system
Affected persons: Users (website visitors).
Purpose of processing: Processing of contact and pre-contractual inquiries via our website.
Legal basis: Legitimate interest (Art. 6 Para. 1 Clause 1 lit. f. GDPR), contract fulfillment and/or pre-contractual inquiries (Art. 6 Para. 1 Clause 1 lit. b. GDPR). Our legitimate interest is to answer your inquiry.
Recipients or categories of recipients: Website hosting providers, transactional email providers, our email service provider
Data transfer to third countries: We transfer your personal data to processors in the USA for this purpose.
Captcha:
Description: We have implemented a third-party captcha tool in the contact form to check whether the entries come from human visitors to this website or from machines or automated programs (also called "bots").
Types of data processed:
Usage data: e.g. website accessed and date and time of access
Communication
Contact data: e.g. IP addresses, browser type, operating system, IP addresses
Affected persons: Users (e.g. website visitors, users of online services).
Purpose of processing: Securing the contact form with spam protection
Legal basis: Legitimate interest (Art. 6 Para. 1 Clause 1 lit. f. GDPR). Our legitimate interest is to prevent misuse of our contact form.
Recipients or categories of recipients: Website hosting providers, Captcha providers
Data transfer to third countries: Your personal data is processed within the EU.
Online shop order confirmations:
Description: When you order products in our shop on our website, you will receive an order confirmation. We use a transactional email provider to deliver these order confirmations to ensure fast and secure delivery.
Types of data processed:
Usage data: name, address, email address, shopping cart, invoice amount, currency, and transaction number.
Communication data: e.g. browser type, operating system, or IP addresses.
Affected persons: users (website visitors).
Purpose of processing: sending order confirmations to online shop users (customers).
Legal basis: contract fulfillment and pre-contractual inquiries (Art. 6 Para. 1 Clause 1 lit. b. GDPR).
Recipients or categories of recipients: website hosting providers, transaction email providers
Data transfer to third countries: We transfer your personal data to processors in the USA for this purpose
Online shop payment service provider:
Description: We use external payment providers for the online shop on this website in order to offer our customers various payment options. The processed data is passed on exclusively for the purpose of processing payments with the payment service provider and only to the extent necessary for this purpose. We do not store any credit card data ourselves.
Types of data processed:
Usage data: name, address, account number, bank code, credit card number (if applicable), invoice amount, currency, and transaction number.
Communication data: e.g. IP addresses, browser type, operating system.
Affected persons: users (website visitors).
Purpose of processing: Offer of external payment providers for the online shop on this website to offer customers various payment options.
Legal basis: Contract fulfillment and pre-contractual inquiries (Art. 6 Para. 1 Clause 1 lit. b. GDPR).
Recipients or categories of recipients:
Optional: Paypal, PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg, https://stripe.com/de/privacy
Optional: Stripe, Stripe Payments Europe Ltd, Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland, https://stripe.com/de/privacy
Website hosting provider, transactional email provider
Data transfer to third countries: Your personal data is processed within the EU.
Analysis of website visitors:
Description: When you visit our website, we collect information about your use of our website using a web analysis function developed by our website hosting provider and store it pseudonymously. This tool collects your IP address and user agent, merges them, and shortens and stores this data using a so-called hash function. In this way, we generate a visitor identifier that is encrypted with a random value, the so-called SALT, which changes every 24 hours. This ensures that your IP address cannot be recovered from the visitor ID stored by us and that you cannot be personally identified. In addition, we do not combine this data with other data and only store it on the server of the website hosting provider. We also process web analytics, HTTP data, and web analytics profile data. The web analytics function we use creates and stores the web analytics profile. This contains information about the use of our website, in particular page views, frequency of visits, and length of stay on pages accessed, as well as the client user agent of your device.
Types of data processed:
Usage data: e.g. websites visited, access times
Communication data: e.g. browser type, operating system, or IP addresses
Affected persons: Users (website visitors).
Purpose of processing: Analysis of user behavior in aggregate form in order to improve our website including presentation and content.
Legal basis: Legitimate interest (Art. 6 para. 1 lit. (f) GDPR). Our legitimate interest is to carry out web measurements to improve our products and our website.
Recipients or categories of recipients: Website hosting providers
Data transfer to third countries: Your personal data will be transferred within the EU processed.
Contact list:
Description: We use a service to create contact lists from our website provider to optimally use and manage our customers' data.
Types of data processed:
Usage data: name, email address, transaction email data, newsletter registration
Communication data: e.g. browser type, operating system, or IP addresses.
Affected persons: users (e.g. website visitors, users of online services).
Purpose of processing: management of customer data, newsletter registration.
Legal basis: contract fulfillment and/or pre-contractual inquiries (Art. 6 Para. 1 Clause 1 lit. b. GDPR).
Recipients or categories of recipients: website hosting providers, transaction email providers
Data transfer to third countries: Your personal data will be processed within the EU.
Google Ads:
Description: We use Google Ads to display advertising on Google and via the Google advertising network based on our campaigns.
Types of data processed:
Usage data: e.g. websites visited, access times
Communication data: e.g. browser type, operating system, IP addresses
Affected persons: users (website visitors).
Purpose of processing: delivery of personalized content to users based on their interests and increase website visits and traffic.
Legal basis: Consent (Section 25 Para. 1 TTDSG, Art. 6 Para. 1 Sentence 1 lit. a. GDPR)
Recipient or categories of recipients: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, https://policies.google.com/privacy
Data transfer to third countries: Your personal data will be processed within the EU.
External services via Jimdo Smart Apps:
Jimdo offers its users the option of integrating third-party services on your website using a third-party tool. We call this integration Jimdo Smart Apps. Only after website visitors have given their consent is a connection established to the third-party provider's servers. The legal basis for this is consent (Art. 6 Para. 1 Clause 1 lit. a. GDPR). After website visitors have given their consent, the integration app stores cookies on website visitors' devices that store data so that you can implement certain third-party apps/services on your website.
Social media (Instagram, Facebook, Pinterest, TikTok, Tumblr, Twitter, Dribble)
Description: We use elements of third-party social media services on this website to present you with our social media profiles and posts.
Types of data processed:
Usage data: e.g. websites visited, access times.
Communication data: e.g. B. Browser type, operating system or IP addresses
Affected persons: users (website visitors).
Purpose of processing: Attractive presentation of our online offers
Legal basis: Consent (Art. 6 Para. 1 Clause 1 lit. a. GDPR)
Recipients or categories of recipients:
Optional: Dribbble Holdings (US) Ltd., 524 Yates St, Victoria, Canada, https://dribbble.com/privacy
Optional: Facebook by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, https://www.facebook.com/about/privacy/
Optional: Instagram by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, https://help.instagram.com/519522125107875
Optional: Pinterest Inc, 505 Brannan Street San Francisco, CA 94107, USA, https://policy.pinterest.com/en/privacy-policy
Optional: TikTok Inc, 5800 Bristol Pkwy, Los Angeles, CA 90034, United States, https://www.tiktok.com/legal/privacy-policy-eea
Optional: Tumblr, Inc., 35 E. 21st St., 9th Floor New York, NY 10010, USA, https://www.tumblr.com/privacy/en_eu
Optional: Twitter, Inc., 1355 Market St #900, San Francisco, CA 94103, USA, https://twitter.com/en/privacy
Data transfer to third countries:
Optional: Twitter, Tumblr, TikTok, Pinterest: Your personal data will be transferred to the above-mentioned processors in the USA for this purpose. Information on the transfer of personal data to third countries can be found in the section.
Optional: Dribble: Your personal data will be transferred to a country for which an adequacy decision has been made by the EU.
Optional: Facebook, Instagram: Your personal data will be processed within the EU. Optional
Surveys (Typeform):
Description: We use plugins from survey providers that enable us to integrate online questionnaires on our website.
Types of data processed:
Usage data: e.g. websites visited, access times
Communication data: e.g. browser type, operating system, or IP addresses
Affected persons: Users (website visitors).
Purpose of processing: Attractive presentation of our online offers
Legal basis: Consent (Art. 6 Para. 1 Clause 1 lit. a. GDPR)
Recipients or categories of recipients: Typeform S.L., Carrer Bac de Roda 163, 08018 Barcelona, Spain, https://admin.typeform.com/to/dwk6gt
Data transfer to third countries: Your personal data will be processed within the EU.
Google integrations (Google Calendar, Google Sheet, Google Docs, Google Drive, Google Forms):
Description: We use plugins from the Google Ireland Limited on our website that allow us to embed documents, files, or calendars on our website.
Types of data processed:
Usage data: e.g. websites visited, access times
Communication data: e.g. browser type, operating system or IP addresses
Affected persons: Users (website visitors).
Purpose of processing: Attractive presentation of our online offers
Legal basis: Consent (Art. 6 Para. 1 Clause 1 lit. a. GDPR)
Recipients or categories of recipients: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, https://policies.google.com/privacy
Data transfer to third countries: Your personal data is processed within the EU.
Retention periods:
In general, we process and store your personal data for the period for which the respective purpose of use requires corresponding storage. This may also include the periods of contract initiation (pre-contractual legal relationship) and contract execution. On this basis, personal data is regularly deleted as part of the fulfillment of our contractual and/or legal obligations, unless its temporary further processing is necessary for the following purposes:
• Fulfillment of statutory retention obligations (commercial or tax law)
• Storage of evidence taking into account the limitation periods
• Assertion, exercise, or defense of legal claims or to protect the rights of another natural or legal person.
Transfer to third countries:
We ensure that your data is processed in the EU or the European Economic Area. If this is no longer possible and the data has to be transferred to a third country, Jimdo will ensure, after prior examination, that an appropriate level of data protection is maintained in the country to which the data is transferred, which meets the requirements of the Court of Justice of the European Union and the EU Commission.
In these cases, the data is transferred on the basis of an adequacy decision of the European Commission or the standard contractual clauses for the transfer of personal data to third countries in their currently valid version.
The rights of visitors and users (data subject rights)
• Access to information
You can request access to information about your personal data processed by us.
• Rectification
If your data is not (or no longer) correct, you can request that your data be rectified. If your data is incomplete, you can request that it be completed.
• Deletion
You have the right to request that your data be deleted in accordance with applicable data protection laws. Please note that a request for deletion may depend on whether there is a legitimate reason and whether there is no legal reason that requires us to keep your data.
• Restriction of processing
You have the right to request that the processing of your data be restricted. Please note that a request for restriction of processing depends on the existence of a legitimate reason.
• Objection
You have the right to object to the processing of your data for reasons related to your particular situation. In the event of a legitimate objection, we will no longer process your data.
• Objection to the processing of your data for direct marketing purposes
You have the right to object to the processing of your data for direct marketing purposes at any time. This also applies to profiling in connection with direct advertising. You can send your objection to us informally, preferably to the contact details above, stating the keyword "Objection to the processing of my personal data for advertising purposes".
• Data portability
You have the right to receive personal data that you have provided to us in an electronic format.
• Withdrawal of your consent
You have the right to withdraw the consent you have given us at any time. The easiest way to withdraw your consent is to send an email to the contact details above. The withdrawal of consent does not affect the legality of the processing based on the consent before its withdrawal.