Privacy Policy

We have written this data protection declaration (version 01/16/2021-311251196) in order to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 , what information we collect, how we use data and what decision-making options you have as a visitor to this website .

Unfortunately, it is in the nature of things that these explanations sound very technical, but when creating them we tried to describe the most important things as simply and clearly as possible.

When you visit websites these days, certain information is created and stored automatically, including this website.

When you visit our website as you are now, our web server (computer on which this website is stored) automatically saves data such as

• the address (URL) of the website accessed
• Browser and browser version
• the operating system used
• the address (URL) of the previously visited page (referrer URL)
• the hostname and IP address of the device from which it is accessed
• Date and Time

in files (web server log files).

As a rule, web server log files are stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out that this data will be viewed if illegal behavior occurs.

Our website uses HTTP cookies to store user-specific data.
Below we explain what cookies are and why they are used so that you can better understand the following privacy policy.

Whenever you surf the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing cannot be denied: Cookies are really useful little helpers. Almost all websites use cookies. To be more precise, they are HTTP cookies, as there are also other cookies for other areas of application. HTTP cookies are small files that our website stores on your computer. These cookie files are automatically stored in the cookie folder, the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data about you, such as language or personal page settings. When you visit our site again, your browser sends the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you your usual default settings. In some browsers each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually because each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “malicious” things. Cookies also cannot access information on your PC.

For example, cookie data might look like this:

• Name: _ga
• Expiry time: 2 years
• Use: Differentiation of website visitors
• Example value: GA1.2.1326744211.152311251196

A browser should support the following minimum sizes:

• A cookie should contain at least 4096 bytes
• At least 50 cookies should be able to be stored per domain
• A total of at least 3000 cookies should be able to be stored

The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies.

There are 4 types of cookies:

Strictly necessary cookies
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues surfing on other pages and only later checks out. These cookies do not delete the shopping cart, even if the user closes their browser window.

Functional cookies
These cookies collect information about user behavior and whether the user receives any error messages. These cookies are also used to measure the loading time and behavior of the website on different browsers.

Target-oriented cookies
These cookies ensure better user experience. For example, entered locations, font sizes or form data are saved.

Advertising cookies
These cookies are also called targeting cookies. They serve to provide the user with individually tailored advertising. This can be very practical, but also very annoying.

Typically, when you first visit a website, you will be asked which of these types of cookies you would like to allow. And of course this decision is also saved in a cookie.

You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option of deleting cookies, only partially allowing them or deactivating them. For example, you can block third-party cookies but allow all other cookies.

If you would like to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can do this in your browser settings:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Manage cookies and site data with Safari

Firefox: Delete cookies to remove data that websites have placed on your computer

Internet Explorer: Deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

If you generally do not want cookies, you can set your browser so that it always informs you when a cookie is to be set. This means you can decide for each individual cookie whether you allow the cookie or not. The procedure varies depending on the browser. It is best to search for the instructions in Google with the search term “delete cookies Chrome” or “deactivate cookies Chrome” in the case of a Chrome browser or replace the word “Chrome” with the name of your browser, e.g. Edge, Firefox, Safari.

The so-called “Cookie Guidelines” have existed since 2009. This states that storing cookies requires your consent. However, there are still very different reactions to these guidelines within the EU countries. In Germany, the cookie guidelines have not been implemented as national law. Instead, this directive was largely implemented in Section 15 Paragraph 3 of the Telemedia Act (TMG).

If you want to know more about cookies and are not afraid of technical documentation, we recommend  https://tools.ietf.org/html/rfc6265 , the Request for Comments from the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.

Personal data that you submit to us electronically on this website, such as name, email address, address or other personal information when submitting a form or comments in the blog, will be processed by us together with the time and IP address. Address will only be used for the specified purpose, stored securely and not passed on to third parties.

We therefore only use your personal data to communicate with those visitors who expressly request contact and to process the services and products offered on this website. We will not pass on your personal data without your consent, but we cannot rule out that this data will be viewed in the event of unlawful behavior.

If you send us personal data by email - away from this website - we cannot guarantee the secure transmission or protection of your data. We recommend that you never send confidential data unencrypted via email.

According to Article 6 Paragraph 1 a of the GDPR (lawfulness of processing), the legal basis is that you give us your consent to process the data you have entered. You can revoke this consent at any time - an informal email is sufficient; you will find our contact details in the legal notice.

According to the provisions of the GDPR, you are generally entitled to the following rights:

• Right to rectification (Article 16 GDPR)
• Right to erasure (“right to be forgotten”) (Article 17 GDPR)
• Right to restriction of processing (Article 18 GDPR)
• Right to notification – obligation to notify in connection with the correction or deletion of personal data or the restriction of processing (Article 19 GDPR)
• Right to data portability (Article 20 GDPR)
• Right to object (Article 21 GDPR)
• Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 GDPR)

If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any other way, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI) .

In the following data protection declaration we inform you whether and how we evaluate data from your visit to this website. The data collected is usually evaluated anonymously and we cannot identify you personally from your behavior on this website.

You can find out more about the options for objecting to this evaluation of visit data in the following data protection declaration.

We use https to transmit data securely on the Internet (data protection through technical design Article 25 paragraph 1 GDPR ). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission over the Internet, we can ensure the protection of confidential data. You can recognize the use of this data transfer protection by the small lock symbol at the top left of the browser and the use of the https scheme (instead of http) as part of our internet address.

We use Google Fonts on our website. These are the “Google Fonts” from Google Inc. For the European region, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.

You do not need to register or provide a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts/fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, requests for CSS and fonts are completely separate from all other Google services. If you have a Google Account, you do not need to worry that your Google Account information will be transmitted to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We will take a closer look at what data storage looks like.

Google Fonts (formerly Google Web Fonts) is a directory with over 800 fonts that  Google  makes available to its users free of charge.

Many of these fonts are released under the SIL Open Font License, while others are released under the Apache License. Both are free software licenses.

With Google Fonts we can use fonts on our own website, but we don't have to upload them to our own server. Google Fonts is an important component in keeping the quality of our website high. All Google fonts are automatically optimized for the web and this saves data volume and is a big advantage, especially for use with mobile devices. When you visit our site, the low file size ensures a fast loading time. Furthermore, Google Fonts are secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can visually distort some texts or entire websites. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all major browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). We use Google Fonts so that we can display our entire online service as beautifully and consistently as possible.

When you visit our website, the fonts are downloaded via a Google server. Through this external call, data is transmitted to the Google servers. This is how Google also recognizes that you or your IP address visit our website. The Google Fonts API is designed to reduce the use, storage, and collection of end-user data to what is necessary for proper font delivery. By the way, API stands for “Application Programming Interface” and serves, among other things, as a data transmitter in the software sector.

Google Fonts stores CSS and font requests securely on Google and is therefore protected. By collecting usage figures, Google can determine how well the individual fonts are received. Google publishes the results on internal analysis sites, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the Google Fonts BigQuery database. Entrepreneurs and developers use the Google web service BigQuery to examine and move large amounts of data.

However, it should also be remembered that with every Google Font request, information such as language settings, IP address, browser version, browser screen resolution and browser name are automatically transmitted to the Google servers. Whether this data is also stored cannot be clearly determined or is not clearly communicated by Google.

Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This allows us to use the fonts using a Google stylesheet. A style sheet is a format template that you can use to quickly and easily change the design or font of a website, for example.

The font files are stored by Google for one year. Google's goal is to fundamentally improve the loading time of websites. When millions of websites reference the same fonts, they are cached after the first visit and immediately appear on all other websites visited later. Sometimes Google updates font files to reduce file size, increase language coverage, and improve design.

The data that Google stores for a day or a year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. In order to delete this data early, you must contact Google Support at https://support.google.com/?hl=de&tid=311251196 . In this case, you can only prevent data storage if you do not visit our site.

Unlike other web fonts, Google allows us unlimited access to all fonts. So we have unlimited access to a sea of fonts and get the best for our website. You can find out more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=311251196 . Although Google addresses data protection-related matters there, it does not contain any really detailed information about data storage. It is relatively difficult to get really precise information about stored data from Google.

You can also find out which data is generally collected by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/ .

On our website we use Google Fonts from Google Inc. The company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for Europe. We have integrated the Google fonts locally, i.e. on our web server - not on Google's servers. This means there is no connection to Google servers and therefore no data transfer or storage.

Google Fonts used to be called Google Web Fonts. This is an interactive directory with over 800 fonts that Google  provides for free. With Google Fonts you could use fonts without uploading them to your own server. However, in order to prevent any information transfer to Google servers, we have downloaded the fonts to our server. In this way, we act in accordance with data protection regulations and do not send any data to Google Fonts.

Unlike other web fonts, Google allows us unlimited access to all fonts. So we have unlimited access to a sea of fonts and get the best for our website. You can find out more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=311251196 .

We have integrated YouTube videos on our website. This means we can present you interesting videos directly on our site. YouTube is a video portal that has been a subsidiary of Google since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you access a page on our website that has an embedded YouTube video, your browser automatically connects to the YouTube or Google servers. Various data is transferred (depending on the settings). Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all data processing in Europe.

Below we would like to explain to you in more detail what data is processed, why we have integrated YouTube videos and how you can manage or delete your data.

On YouTube, users can watch, rate, comment and upload videos for free. Over the last few years, YouTube has become one of the most important social media channels worldwide. So that we can display videos on our website, YouTube provides a code snippet that we have integrated into our site.

YouTube is the video platform with the most visitors and the best content. We strive to offer you the best possible user experience on our website. And of course interesting videos shouldn't be missing. With the help of our embedded videos, we provide you with other helpful content in addition to our texts and images. In addition, our website is easier to find on the Google search engine thanks to the embedded videos. Even if we place advertisements via Google Ads, thanks to the data collected, Google can only show these advertisements to people who are interested in our offers.

As soon as you visit one of our pages that has a YouTube video installed, YouTube sets at least one cookie that stores your IP address and our URL. If you are logged in to your YouTube account, YouTube can usually assign your interactions on our website to your profile using cookies. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution or your internet provider. Other data may include contact details, any reviews, sharing content on social media or adding it to your favorites on YouTube.

If you are not signed in to a Google account or a YouTube account, Google stores data with a unique identifier associated with your device, browser or app. For example, your preferred language setting is retained. But much interaction data cannot be stored because fewer cookies are set.

In the following list we show cookies that were set in the browser in a test. On the one hand, we show cookies that are set without a logged in YouTube account. On the other hand, we show cookies that are set when the account is logged in. The list cannot claim to be complete because user data always depends on interactions on YouTube.

Name: YSC
Value: b9-CV6ojI5Y311251196-1
Purpose: This cookie registers a unique ID to store statistics of the video viewed.
Expiry date: after the end of the session

Name: PREF
Value: f1=50000000
Purpose: This cookie also registers your unique ID. Google receives statistics about how you use YouTube videos on our website via PREF.
Expiry date: after 8 months

Name: GPS
Value: 1
Purpose: This cookie registers your unique ID on mobile devices to track GPS location.
Expiry date:  after 30 minutes

Name: VISITOR_INFO1_LIVE
Value: 95Chz8bagyU
Purpose: This cookie tries to estimate the user's bandwidth on our websites (with built-in YouTube video).
Expiry date:  after 8 months

Other cookies that are set when you are logged in to your YouTube account:

Name: APISID
Value: zILlvClZSkqGsSwI/AU1aZI6HY7311251196-
Purpose: This cookie is used to create a profile about your interests. The data is used for personalized advertisements.
Expiry date: after 2 years

Name: CONSENT
Value: YES+AT.de+20150628-20-0
Purpose: The cookie stores the status of a user's consent to the use of various Google services. CONSENT also serves security purposes to check users and protect user data from unauthorized attacks.
Expiry date: after 19 years

Name: HSID
Value: AcRwpgUik9Dveht0I
Purpose: This cookie is used to create a profile about your interests. This data helps to display personalized advertising.
Expiry date:  after 2 years

Name: LOGIN_INFO
Value: AFmmF2swRQIhALl6aL…
Purpose: This cookie stores information about your login data.
Expiry date:  after 2 years

Name: SAPISID
Value: 7oaPxoG-pZsJuuF5/AnUdDUIsJ9iJz2vdM
Purpose: This cookie works by uniquely identifying your browser and device. It is used to create a profile about your interests.
Expiry date:  after 2 years

Name: SID
Value: oQfNKjAsI311251196-
Purpose: This cookie stores your Google account ID and your last login time in a digitally signed and encrypted form.
Expiry date:  after 2 years

Name: SIDCC
Value: AN0-TYuqub2JOcDTyL
Purpose: This cookie stores information about how you use the website and what advertising you may have seen before visiting our site.
Expiry date:  after 3 months

The data that YouTube receives and processes from you is stored on Google servers. Most of these servers are located in America. At https://www.google.com/about/datacenters/inside/locations/?hl=de  you can see exactly where the Google data centers are located. Your data is distributed across the servers. This means that the data can be accessed more quickly and is better protected against manipulation.

Google stores the data collected for different lengths of time. You can delete some data at any time, others are automatically deleted after a limited period of time, and others are stored by Google for a longer period of time. Some data (such as My Activity items, photos or documents, products) stored in your Google Account remains stored until you delete it. Even if you're not signed in to a Google Account, you can delete some data associated with your device, browser, or app.

In principle, you can delete data in your Google account manually. With the automatic deletion function of location and activity data introduced in 2019, information is stored for either 3 or 18 months and then deleted, depending on your decision.

Regardless of whether you have a Google account or not, you can configure your browser to delete or deactivate Google cookies. Depending on which browser you use, this works in different ways. The following instructions show how to manage cookies in your browser:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Manage cookies and site data with Safari

Firefox: Delete cookies to remove data that websites have placed on your computer

Internet Explorer: Deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

If you generally do not want cookies, you can set your browser so that it always informs you when a cookie is to be set. This means you can decide for each individual cookie whether you allow it or not. Since YouTube is a subsidiary of Google, there is a common data protection declaration. If you would like to find out more about how your data is handled, we recommend the data protection declaration at https://policies.google.com/privacy?hl=de.

We have installed the YouTube subscribe button on our website. You can usually recognize the button by the classic YouTube logo. The logo shows the words “Subscribe” or “YouTube” in white letters against a red background and the white “Play symbol” to the left of it. The button can also be shown in a different design.

Our YouTube channel always offers you funny, interesting or exciting videos. With the built-in “Subscribe button” you can subscribe to our channel directly from our website and do not have to go to the YouTube website specifically. We want to make access to our comprehensive content as easy as possible for you. Please note that this allows YouTube to store and process your data.

If you see a built-in subscription button on our site, YouTube - according to Google - sets at least one cookie. This cookie stores your IP address and our URL. YouTube can also find out information about your browser, your approximate location and your default language. In our test, the following four cookies were set without being logged in to YouTube:

Name: YSC
Value: b9-CV6ojI5311251196Y
Purpose: This cookie registers a unique ID to store statistics of the video viewed.
Expiry date: after the end of the session

Name: PREF
Value: f1=50000000
Purpose: This cookie also registers your unique ID. Google receives statistics about how you use YouTube videos on our website via PREF.
Expiry date:  after 8 months

Name: GPS
Value: 1
Purpose: This cookie registers your unique ID on mobile devices to track GPS location.
Expiry date:  after 30 minutes

Name: VISITOR_INFO1_LIVE
Value: 31125119695Chz8bagyU
Purpose: This cookie tries to estimate the user's bandwidth on our websites (with built-in YouTube video).
Expiry date:  after 8 months

Note: These cookies were set after a test and cannot claim to be complete.

If you are logged into your YouTube account, YouTube can store many of your actions/interactions on our website using cookies and assign them to your YouTube account. For example, YouTube receives information about how long you surf our site, what browser type you use, what screen resolution you prefer or what actions you take.

YouTube uses this data on the one hand to improve its own services and offers and on the other hand to provide analyzes and statistics for advertisers (who use Google Ads).

In order to deliver our website or all of our individual subpages (websites) to you quickly and easily on different devices, we use jQuery CDN services from the company jQuery Foundation. jQuery is distributed via the Content Delivery Network (CDN) of the American software company StackPath (LCC 2012 McKinney Ave. Suite 1100, Dallas, TX 75201, USA). This service stores, manages and processes your personal data.

A content delivery network (CDN) is a network of regionally distributed servers connected to each other via the Internet. This network allows content, especially very large files, to be delivered quickly, even during large peak loads.

jQuery uses JavaScript libraries to deliver our website content quickly. A CDN server loads the necessary files. As soon as a connection to the CDN server is established, your IP address is recorded and stored. This only happens if this data is not already stored in your browser from a previous website visit.

StackPath's privacy policy explicitly mentions that StackPath uses aggregated and anonymized data from various services (such as jQuery) to expand security and for its own services. However, this data cannot identify you as a person.

If you do not want this data transfer to occur, you always have the option of installing Java script blockers such as ghostery.com or noscript.net . You can also simply deactivate the execution of JavaScript codes in your browser. If you decide to deactivate JavaScript codes, the usual functions will also change. For example, a website no longer loads as quickly.

StackPath is an active participant in the EU-US Privacy Shield Framework, which regulates the correct and secure transfer of personal data. More information can be found at https://www.privacyshield.gov/participant?id=a2zt0000000CbahAAC&status=Active .
You can find more information about data protection at StackPath at https://www.stackpath.com/legal/privacy-statement/ and about jQuery at https://openjsf.org/wp-content/uploads/sites/84/2019/11 /OpenJS-Foundation-Privacy-Policy-2019-11-15.pdf .

Source: Created with the  data protection generator from AdSimple in cooperation with hashtagbeauty.de

Hint: All text is Google translated.