Data protection

Unless stated otherwise below, the provision of your personal data is neither legally nor contractually obligatory, nor required for conclusion of a contract. You are not obliged to provide your data. Not providing it will have no consequences. This only applies as long as the processing procedures below do not state otherwise.
“Personal data” is any information relating to an identified or identifiable natural person.

Server log files

You can use our websites without submitting personal data.

Every time our website is accessed, user data is transferred to us or our web hosts/IT service providers by your internet browser and stored in server log files. This stored data includes for example the name of the site called up, date and time of the request, the IP address, amount of data transferred and the provider making the request. The processing is carried out on the basis of Article 6(1) f) GDPR due to our legitimate interests in ensuring the smooth operation of our website as well as improving our services.

Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. The EU Commission has issued an adequacy decision for Canada. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.

Contact

Responsible person

Contact us at any time. The person responsible for data processing is: buah GmbH, Seeholzenstrasse 2, 82166 Gräfelfing Deutschland, +49 (0)30 330 966 86, info@buoh.shop

Proactive contact of the customer by e-mail

If you make contact with us proactively via email, we shall collect your personal data (name, email address, message text) only to the extent provided by you. The purpose of the data processing is to handle and respond to your contact request.

If the initial contact serves to implement pre-contractual measures (e.g. consultation in the case of purchase interest, order creation) or concerns an agreement already concluded between you and us, this data processing takes place on the basis of Article 6(1)(b) GDPR.

If the initial contact occurs for other reasons, this data processing takes place on the basis of Article 6(1)(f) GDPR for the purposes of our overriding, legitimate interest in handling and responding to your request. In this case, on grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you and carried out on the basis of Article 6(1)(f) GDPR.

We will only use your email address to process your request. Your data will subsequently be deleted in compliance with statutory retention periods, unless you have agreed to further processing and use.

Collection and processing when using the contact form

When you use the contact form we will only collect your personal data (name, email address, message text) in the scope provided by you. The data processing is for the purpose of making contact.

Collection and processing when using the cancellation button

If you have entered into a contract via our website, we provide you with a cancellation function (cancellation button) through which you can submit your notice of cancellation immediately.

When you use the cancellation function, we collect your personal data (name, email address, details identifying the contract or part of the contract you wish to withdraw from, and the time (date and time) of sending the notice of withdrawal) only to the extent that you have provided them. The purpose of this data processing is to provide you with the legally prescribed option to withdraw from your contract and to ensure the proper processing of your withdrawal.

If the contact relates to a contract already concluded between you and us, this data processing is carried out on the basis of Article 6(1)(b) of the GDPR. Otherwise, data processing is carried out on the basis of Article 6(1)(c) of the GDPR, as we are legally obliged to provide you with a cancellation function on our website.

We use your email address solely for the purpose of processing your notice of withdrawal. Your data will subsequently be deleted in accordance with statutory retention periods, provided you have not consented to further processing and use.

Sharing with third-party providers (use of plugins)

For the technical provision and management of the opt-out function on our website, we use a software solution provided by a third-party provider under a data processing agreement EU Widerruf Pro App für den Widerrufbutton
When you use the cancellation function, your personal data will be transmitted to the servers of the third-party providers listed above.
The processing of your personal data serves the purpose of complying with the legal requirements for the design of the withdrawal function in a legally compliant manner and is carried out on the basis of Article 6(1)(c) of the GDPR. This data processing is also carried out on the basis of Article 6(1)(f) of the GDPR, based on our overriding legitimate interest in being able to provide you with a user-friendly withdrawal option. In this case, you have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data based on Article 6(1)(f) of the GDPR.

Collection and processing when using the application form

When using the application form, we collect your personal data only to the extent provided by you. This includes your contact details (e.g., name, e-mail address, telephone number), details of your professional qualifications and training, details of further professional training and performance-specific evidence.
The purpose of this data processing is to contact you and to decide on the establishment of an employment relationship with you. The provision of the data is necessary to carry out the application procedure. The processing of your personal data takes place on the basis of Art. 6 para. 1(b) GDPR in conjunction with Art. 26 para. 1 Federal Data Protection Act (BDSG) for the implementation of pre-contractual measures (undergoing the application procedure as an initiation of the employment contract).
If you have given us permission to process personal data for inclusion in our pool of applicants, e.g., by checking a checkbox, the processing takes place on the basis of Art. 6 para. 1(a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.

If specific categories of personal data within the meaning of Art. 9 para. 1 of the GDPR are requested from the applicants, such as information on the degree of severe disability, this is carried out on the basis of Art. 9 para. 2(b) GDPR, so that we can exercise the rights arising from labor law and the social security and social protection legislation and fulfill our obligations in this regard.

We will store your personal data as long as this is necessary for the decision about your application. Your data will then be deleted after six months at the latest, provided that you have not consented to further processing and use. If an employment relationship is established following the application procedure, the data provided will be further processed and then transferred to the personnel file for the purposes of implementing the employment relationship pursuant to Art. 6 para. 1 (b) GDPR in conjunction with Art. 26 Para. 1 of the Federal Data Protection Act (BDSG).

WhatsApp Business

If you communicate with us via WhatsApp, we use the WhatsApp Business version of WhatsApp Ireland Limited for this (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “WhatsApp”). If you have your residence outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).

The purpose of the data processing is to handle and respond to your contact request. For this purpose we collect and process your mobile phone number registered with WhatsApp and, if provided, your name and additional data to the extent provided by you. We use a mobile device for the service, the address book of which stores exclusively the data of users who have contacted us via WhatsApp. Disclosure of personal data to WhatsApp shall not take place unless you have already consented to this with respect to WhatsApp.

Your data are transmitted by WhatsApp to servers of Meta Platforms Inc. in the USA.

Your data may be transferred to third countries such as the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.

If the initial contact occurs for other reasons, this data processing takes place on the basis of Article 6(1)(f) GDPR for the purposes of our overriding, legitimate interest in providing quick and easy communication as well as responding to your request. In this case, on grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you and carried out on the basis of Article 6(1)(f) GDPR.

We will only use your personal data to process your request. Your data will subsequently be deleted in compliance with statutory retention periods, unless you have agreed to further processing and use.

For more information on terms of service and privacy when using WhatsApp, please visit https://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy.

Customer account orders

Customer account

When you open a customer account, we will collect your personal data in the scope given there. The data processing is for the purpose of improving your shopping experience and simplifying order processing. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. Your customer account will then be deleted.

Collection, processing, and transfer of personal data in orders

When you submit an order we only collect and use your personal data insofar as this is necessary for the fulfilment and handling of your order as well as processing of your queries. The provision of data is necessary for conclusion of a contract. Failure to provide it will prevent the conclusion of any contract. The processing will occur on the basis of Article 6(1) b) GDPR and is required for the fulfilment of a contract with you.

Your data will be shared, for example, with shipping companies, dropshipping or fulfillment providers, payment service providers, service providers for order processing, and IT service providers. We will comply strictly with legal requirements in every case. The scope of data transmission is restricted to a minimum.

Evaluations Advertising

Data collection when you post a comment or a review

When you comment on/review an article or post, we collect your personal data (name, email address, comment text) only in the scope provided by you. The processing serves to allow you to comment/review and to display comments/reviews.

We also collect the following data for the purpose of verifying your review/comment: order number, , , .

By submitting the comment/review, you agree to the processing of the transmitted data. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. Your personal data will then be deleted.

When your comment/review is published only the name you have entered will be published.

Customer reviews via Reviews.io

On our website, you have the opportunity to write reviews. For this purpose, we use "Reviews.io", a service provided by REVIEWS.io 2020 GMBH, Stralauer Allee 6, 10245 Berlin, Germany. Reviews.io allows us to collect customer reviews and publish them on our website.
For you to be able to write a review, Reviews.io requires your name or a pseudonym and your e-mail address (which will not be published). As soon as you write a review via Reviews.io, the service automatically creates an account for you.
The processing is based on your consent (Art. 6 (1) (a) GDPR). You can revoke any consent you have given at any time. An informal notification by e-mail to us is sufficient for this purpose. The legality of the data processing operations already carried out remains unaffected by the revocation. In the event of the revocation of your consent, we will delete or anonymize the review.
Reviews can be submitted in such a way that it is not possible for other website users to identify you. It is entirely up to you whether you wish to provide personal details beyond the mandatory information. Please note that when choosing your pseudonym, as well as within the free text fields and when uploading photos, it is possible to provide information that could identify you. We recommend that you write your review text without providing personal data and design photos accordingly. We reserve the right not to publish reviews containing personal data or to (partially) anonymize them.
Furthermore, Reviews.io carries out the following processing for us within the scope of the review:

Identification as a reviewer when you log in to our website and visit the website again
Verification of the authenticity of your reviews
Answering your questions and providing appropriate customer service
Forwarding our messages when we have replied to your review
We have concluded a data processing agreement with Reviews.io in accordance with the requirements of Art. 28 GDPR, in which we oblige them to protect our customers' data and not to pass it on to third parties.
Further information on the type of data collected by Reviews.io can be found in the Terms of Use and the Privacy Policy of Reviews.io: https://www.reviews.io/front/data-protection.

Use of your personal data for the sending of postal advertising

We will use your personal data (name, address) that we have received in the process of the sale of goods or services to send you postal advertising, unless you have objected to this use. The provision of these data is necessary for conclusion of an agreement. Failure to provide it will prevent the conclusion of any agreement.

The processing will be carried out on the basis of Article 6(1)(f) GDPR for the purposes of our legitimate interest in direct advertising. You can object to this use of your address information at any time by contacting us. You will find the contact details for exercising your right to object in our imprint.

Use of the email address for sending newsletters

We use your e-mail address to send you information and offers by newsletter, provided you have expressly consented to this. The data processing serves the sole purpose of advertising. For this purpose, we process your e-mail address and any other data that you have voluntarily provided when registering for our newsletter.
The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by sending us a message. Your e-mail address will then be removed from the mailing list. Despite removal from the mailing list, we may continue to store your email address in a blacklist to prevent you from receiving future newsletter emails from us. This storage takes place on the basis of Art. 6 para. 1 lit. f GDPR out of our and your legitimate interest in preventing the reuse of your e-mail address for sending our newsletter. You have the right to object to this processing of your personal data at any time on grounds relating to your particular situation.

Use of your email address for mailing of direct marketing

We use your email address, which we obtained in the course of selling a good or service, for the electronic transmission of marketing for our own goods or services which are similar to those you have already purchased from us, unless you have objected to this use. You must provide your email address in order to conclude a contract. Failure to provide it will prevent the conclusion of any contract. The processing will be carried out on the basis of art. 6 (1) lit. f GDPR due to our justified interest in direct marketing. You can object to this use of your email address at any time by contacting us. You will find the contact details for exercising your right to object in our imprint. You can also use the link provided in the marketing email. This will not involve any costs other than transmission costs at basic tariffs.

Use of Klaviyo

We use the service of Klaviyo Inc. (125 Summer St Floor 7, Boston, MA 02111, USA; "Klaviyo") for newsletter dispatch as part of order processing.
We pass on the information provided by you during the newsletter registration (e-mail address, first and last name if applicable) to Klaviyo. The data processing serves the purpose of sending the newsletter and its statistical evaluation.
In order to evaluate newsletter campaigns, the newsletters sent contain a 1x1 pixel graphic (tracking pixel) or a tracking link. This enables us to determine whether you have opened the newsletter and whether you have clicked any integrated links. Within this context, we collect your personal data such as IP address, browser type and device as well as the time. A usage profile can be generated from this data under a pseudonym. The data collected will not be used to identify you personally. The collected data is only used for statistical analysis to improve newsletter campaigns.
Your data is usually transmitted to Klaviyo servers in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Klaviyo has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in a targeted, effective advertising and user-friendly newsletter system. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you.
You can find more information on data protection at Klaviyo at https://www.klaviyo.com/legal/privacy-notice and at https://www.klaviyo.com/legal/data-processing-agreement.

Use of shipping tracking service providers and marketing campaigns

To provide shipping information/tracking data and to promote marketing campaigns, we use the following provider: GoKarla GmbH, Gormannstrasse 19a, 10119 Berlin, Germany.
For the purpose of communicating shipping updates and providing an overview of the recipient's order, we share the recipient's name, delivery address, and the contents of the shopping cart with the provider in accordance with Art. 6 (1) (b) GDPR. The disclosure only takes place insofar as this is necessary to communicate the shipping updates to the recipient.
In addition, we use the tracking pages to promote marketing campaigns, where we show you relevant product suggestions based on your previous purchases and interests. For the purpose of conducting these marketing campaigns, we process personal data in accordance with Art. 6 (1) (f) GDPR. Our legitimate interest is direct marketing.
If you wish to object to the use of your data for this purpose, you can do so at any time. Your objection can be declared at any time to the data controller mentioned above. We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

Use of a mobile phone number for sending text message advertisements

We use your mobile phone number exclusively for our own advertising purposes for sending text message advertisements, irrespective of any contract processing, provided that you have expressly consented to this. The processing is carried out on the basis of Article 6 Para. 1 Letter a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. Your mobile phone number will then be removed from the distribution list.

Your mobile phone number will be passed on to a service provider for text message dispatch within the framework of order processing.

Use of the e-mail address for availability notifications

We offer an availability notification service on our website. If an item is temporarily unavailable, you have the option of entering your e-mail address on the item in question and being informed by e-mail when it becomes available, provided you have given your consent. You will receive a one-time e-mail notification about the availability of the respective item when the goods are available. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. You can unsubscribe from the availability notification at any time by notifying us. Your e-mail address will then be removed from the mailing list.

Sending WhatsApp newsletters

To carry out customer communication, send current information and offers, and for customer support, we use the WhatsApp solution from chatarmin.com, provided you give us your consent in accordance with Art. 6 (1) (a) GDPR. Consent is given via the chat by selecting the button "START", "JA" or "Her damit!". This consent can be revoked at any time by typing "STOP" into the chat.
In this context, we process the following personal data: phone number, WhatsApp profile name, and the communication and click behavior in the chat.
Chatarmin.com is a communication tool provided by the company chatarmin.com GmbH based in Vienna, based on the WhatsApp API. An API is an interface. A data processing agreement exists with chatarmin.com GmbH in accordance with Art. 28 GDPR. In this context, your phone number is also transmitted to WhatsApp Ireland Limited and other companies affiliated with WhatsApp in third countries. These are currently primarily located in the USA. For the USA, a new adequacy decision has been in place since July 2023, the so-called Data Privacy Framework.
We store your data until revoked. After the revocation of your consent, your data will no longer be used for sending information via WhatsApp and will be anonymized.

Shipping companies Merchandise management

Forwarding of your email address to shipping companies for information on shipping status

We forward your email address to the shipping company in the course of contractual processing, if you have explicitly agreed to this in the order process. The forwarding is for the purpose of informing you by email on the shipping status of your order. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us or the transport company without affecting the legality of the processing carried out with your consent up to the withdrawal.

Use of an external merchandise management system

We use a merchandise management system in the course of order processing for the purposes of contractual processing. For this purpose your personal data as collected in the course of the order will be sent to

Xentral ERP Software GmbH, Fuggerstraße 11, 86150 Augsburg

Payment service provider credit report

Use of PayPal

On our website we use the PayPal payment service of PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal"). The data processing serves the purpose of offering you payment via the payment service. By selecting and using payment via PayPal, the data required for processing the payment will be transmitted to PayPal in order to enable us to fulfil the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. All PayPal transactions are subject to PayPal Privacy Policy. You can find these at https://www.paypal.com/de/webapps/mpp/ua/privacy-full

Use of PayPal Express

Use of PayPal Express Our website uses the payment service PayPal Express from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal, L-2449 Luxembourg; "PayPal").

The processing of data enables us to offer you the option of paying via the PayPal Express payment service. To integrate this payment service it is essential that PayPal collects, stores, and analyses data when you access the website (e.g. IP address, device type, operating system, browser type, device location). Cookies may be used for this purpose. Cookies allow your internet browser to be recognised.

The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR out of our overriding legitimate interest in a customer-oriented offer of different payment methods. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you.

By selecting and using "PayPal Express", the data required for payment processing will be submitted to PayPal to execute the agreement with you using the selected payment method. The data is processed on the basis of Article 6(1)(b) GDPR. Further information on data processing when using the Paypal Express payment service can be found here in the associated data privacy policy.

Use of Klarna payment options

On our website we use the payment service of Klarna Bank AB (publ) (Sveavägen 46, 111 34 Stockholm, Sweden; "Klarna"). By selecting and using payment via Klarna, the data required for payment processing is transmitted to Klarna in order to be able to fulfil the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.

Cookies may be stored that enable your browser to be recognised. The resulting data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our legitimate interest in a customer-oriented range of varying payment methods. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you.

‘Pay Later’ (invoice), ‘Pay Now’ (payment by direct debit, credit card, instant bank transfer), ‘Financing’ (instalment purchase). For individual payment methods such as ‘Pay Later’ (invoice), ‘Pay Now’ (payment by direct debit, credit card, instant bank transfer), ‘Financing’ (instalment purchase), Klarna reserves the right to obtain credit information based on mathematical-statistical procedures using credit agencies.

For this purpose, Klarna transmits the personal data required for a credit assessment, such as first and last name, address, gender, email address, IP address and data related to the order to a credit agency for the purpose of checking the identity and creditworthiness and uses the obtained information on the statistical probability of a payment default in order to reach a well-considered decision on the establishment, performance or termination of the contractual relationship. The credit report may contain probability values (score values) which are calculated on the basis of scientifically recognised mathematical-statistical methods and include, among other things, address data. Your legitimate interests will be taken into account in accordance with the legal requirements. The data processing serves the purpose of a credit asessment for contract initiation. The processing is carried out on the basis of art. 6 Par. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default if Klarna pays in advance. For reasons that arise from your particular situation, you have the right to object to the processing of your personal data carried out on the basis of Art. 6 para. 1 lit. f GDPR by notifying Klarna. The provision of the data is necessary for the conclusion of the contract by means of the payment method of your choice. Failure to provide such data shall mean that the contract cannot be concluded with the payment method of your choice.

Further information, in particular to which credit agencies Klarna passes on your personal data, can be found for Germany at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies and for Austria at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/credit_rating_agencies. General information about Klarna can be found for Germany at: https://www.klarna.com/de/ and for Austria at https://www.klarna.com/at/. Your personal data will be treated by Klarna in accordance with the applicable data protection regulations and as specified in Klarna's data protection policy for Germany at: https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy and for Austria at: https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy.

Cookies

Our website uses cookies. Cookies are small text files which are saved in a user’s internet browser or by the user’s internet browser on their computer system. When a user calls up a website, a cookie may be saved on the user’s operating system. This cookie contains a characteristic character string which allows the browser to be clearly identified when the website is called up again.

Cookies will be stored on your computer. You therefore have full control over the use of cookies. By choosing corresponding technical settings in your internet browser, you can be notified before the setting of cookies and you can decide whether to accept this setting in each individual case as well as prevent the storage of cookies and transmission of the data they contain. Cookies which have already been saved may be deleted at any time. We would, however, like to point out that this may prevent you from making full use of all the functions of this website.
Using the links below, you can find out how to manage cookies (or deactivate them, among other things) in major browsers:
Chrome Browser: https://support.google.com/accounts/answer/61416?hl=en
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09
Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac

Technically necessary cookies

Insofar as no other information is given in the data protection declaration below we use only these technically necessary cookies cookies to make our offering more user-friendly, effective and secure. Cookies also allow our systems to recognise your browser after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. These services require the browser to be recognised again after a page change.

The use of cookies or comparable technologies is carried out on the basis of Art. 25 para. 2 TDDDG. Processing is carried out on the basis of art. 6 (1) lit. f GDPR due to our largely justified interest in ensuring the optimal functionality of the website as well as a user-friendly and effective design of our range of services.
You have the right to veto this processing of your personal data according to art. 6 (1) lit. f GDPR, for reasons relating to your personal situation.

Use of GDPR Legal Cookies

We use the consent management tool GDPR Legal Cookie from beeclever GmbH (Universitätsstraße 3, 56070 Koblenz a. Rh.; “beeclever”) on our website. The tool enables you to grant consent to data processing via the website, in particular the setting of cookies, and to make use of your right to revoke consent that has already been given.
The data processing serves the purpose of obtaining and documenting the necessary consent for data processing and thus complying with legal obligations. Cookies can be used. The following information, among others, can be collected and transmitted to beeclever: anonymized IP address, date and time of consent, URL from which the consent was sent, anonymous, random, encrypted key, consent status. This data will not be passed on to other third parties.
Data processing is carried out to fulfill a legal obligation based on Article 6 Paragraph 1 Letter c GDPR.
Further information on terms of use and data protection at beeclever can be found at: https://gdpr-legal-cookie.com/pages/terms-conditions and at https://gdpr-legal-cookie.com/pages/datenschutzerklarung.

Analysis Advertising tracking and AI tools

Use of Google Analytics 4

We use the Google Analytics web analytics service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.

The data processing serves the purpose of analyzing this website and its visitors as well as for marketing and advertising purposes. To this end, Google will use the information obtained on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.

In this context, the following information may be collected, among others: IP address, date and time of page view, click path, information about the browser you are using and the device you are using (device), pages visited, referrer URL (website from which you accessed our website), location data, purchase activity. Your data may be linked by Google to other data, such as your search history, your personal accounts, your usage data from other devices, and any other data Google may have about you.

Your IP address will first be truncated by us on our own servers. Google thus only receives pseudonymised data.

Google uses technologies such as cookies, web storage in the browser and tracking pixels that enable an analysis of your use of the website. The use of cookies or similar technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TDDDG in conjunction with. Art. 6 para. 1 lit. a DSGVO.

The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a DSGVO. You may revoke your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation.

We also use the Google Signals service in this context. Google Signals enables cross-device tracking. Hence, your data can be analysed across devices if you have enabeled "personalised advertising" in your account settings and your end devices are linked to your Google account. This makes it possible to identify which device is searching for products and then return to complete purchases on another device, such as a tablet.The cross-device reports created in this context contain only aggregated data. We therefore only receive statistics generated on the basis of Google Signals. To prevent Google Signals from collecting and storing data across devices, you can deactivate the "personalised advertising" function in your Google Account settings. For more information, please visit https://support.google.com/ads/answer/2662922?hl=de. For more information on data processing and data protection for Google Signals, please visit https://support.google.com/analytics/answer/7532985?hl=en.

We use the extended implementation of the consent mode (Advanced Consent Mode). In this case, user data is transmitted to Google in the form of "pings" even if consent has not been granted. These pings may contain the following information, among others: IP address to derive the IP country (the IP address is not logged), date and time of the page view, URL of the pages visited, user agent, referrer URL (website from which you accessed our website) or information about the triggering of website events such as a conversion. On the basis of this information, Google models user data in order to be able to carry out a comprehensive usage analysis despite the refusal of consent.

The information generated by this about your use of this website is usually transferred to a Google server in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
Both Google and US government agencies have access to your data.

For more information on terms of use and data protection, please visit https://policies.google.com/technologies/partner-sites and https://policies.google.com/privacy?hl=de&gl=de and https://business.safety.google/privacy/.

Using Hotjar

We use the analysis tool from Hotjar Ldt on our website. (Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julians STJ1000, Malta; “Hotjar”).
The data processing serves the purpose of needs-based design, optimization and analysis of our website.
The tool is used to randomly record the movements of site visitors on the website. This creates a log of mouse movements, scrolling behavior, length of stay and clicks on the website (so-called heatmap).
For this purpose, Hotjar uses cookies, among other things. The following information may be collected, among other things: IP address (in anonymized form), information about the device you use (screen size, devices, unique device identifier), information about the browser you use, location data (exclusively about the country), preferred language Operating system used to display the website. Detailed information about the cookies used, their function and storage period can be found here: https://help.hotjar.com/hc/en-us/articles/115011789248-Hotjar-Cookies.
User profiles are created from this data under a pseudonym. The data is not used to personally identify the visitor to the website and is not combined with personal data of the bearer of the pseudonym. Hotjar is contractually prohibited from selling the data collected to other third parties.
Your data may be transferred to the USA. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Hotjar is not TADPF certified. The data transfer takes place, among other things, on the basis of appropriate protective measures. Hotjar will provide you with further information on the measures taken upon request.
Your personal data is processed on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in the needs-based and targeted design of the website. You have the right to object to this processing of personal data concerning you at any time for reasons relating to your particular situation.
To prevent Hotjar from collecting and storing data, you can set an opt-out cookie here: https://www.hotjar.com/legal/compliance/opt-out. Opt-out cookies prevent your data from being collected in the future when you visit this website. You must implement the opt-out cookie on all systems and devices used for this to work across devices. If you delete the opt-out cookie, data will be transmitted to Hotjar again.
Further information on data protection when using Hotjar can be found here: https://www.hotjar.com/legal/policies/privacy#enduserenglish.

Use of Microsoft Clarity

We use the "Microsoft Clarity" analytics tool from Microsoft Ireland Operations Limited (One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland; "Microsoft") on our website. Microsoft is a company affiliated with Microsoft Corporation (One Microsoft Way, Redmond, Washington 98052, USA).
The purpose of data processing is the needs-based design, optimisation and analysis of our website. The tool is used to record the movements of randomly chosen page visitors on the website. This creates a log of mouse movements, scrolling behaviour, length of stay and clicks on the website (so-called heat map).
Cookies or comparable technologies are used for this purpose. The following information, among others, may be collected: IP address, time of access, click path, information about the device you are using (device type, screen size and resolution, unique device identifier, operating system), information about the browser you are using (browser type and browser version), location data, preferred language for displaying the website, subpages visited, length of visit, content viewed, website or file requested.
User profiles are created from this data under a pseudonym. The data is not used to personally identify the visitor to the website and is not merged with personal data of the bearer of the pseudonym. Microsoft is contractually prohibited from selling the collected data to other third parties.
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Microsoft has certified itself in accordance with the TADPF and has therefore undertaken to comply with European data protection principles.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 sentence 1 TDDDG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Detailed information on the cookies used and their function can be found at https://learn.microsoft.com/en-us/clarity/setup-and-installation/cookie-list. Information on the storage duration of the information collected can be found at https://learn.microsoft.com/en-us/clarity/setup-and-installation/data-retention. Further information on data protection when using Microsoft Clarity can be found at https://learn.microsoft.com/en-us/clarity/faq#privacy, https://learn.microsoft.com/en-us/clarity/setup-and-installation/clarity-data and https://clarity.microsoft.com/terms. General information on data protection at Microsoft can be found at https://privacy.microsoft.com/de-de/privacystatement.

Use of Meta Pixel

We use Meta Pixel from Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "Meta") on our website.
Meta and we are jointly responsible for the collection of your data and the transfer of this data to Meta when the service is integrated. The basis for this is an agreement between us and Meta on the joint processing of personal data, in which the respective responsibilities are defined. The agreement is available at https://de-de.facebook.com/legal/terms/businesstools. According to this agreement, we are responsible in particular for the fulfilment of the information obligations in accordance with Arts 13 and 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for compliance with the obligations in accordance with Arts 33 and 34 GDPR, insofar as a violation of the protection of personal data affects our obligations under the agreement on joint processing. Meta is responsible for enabling the rights of the data subject in accordance with Arts 15-20 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the security of the service, and for complying with the obligations of Arts 33 and 34 GDPR, insofar as a breach of personal data protection concerns Meta's obligations under the joint processing agreement.
The application serves to address the visitor to the website with interest-related advertising on the social networks Facebook and Instagram. We have implemented Meta’s remarketing tag on our website for this purpose. This tag sets up a direct connection to Meta’s servers when you visit our website. This informs the Meta server which of our web pages you have visited. Meta assigns this information to your personal Facebook and/or Instagram user account. When you visit the social networks Facebook or Instagram, you will then be shown personalised, interest-related ads.
The application also serves the purpose of creating conversion statistics. This allows us to find out the total number of users who have clicked our adverts and were forwarded to a page equipped with a conversion tracking tag as well as what actions are taken after being redirected to this website. However, they do not receive any information which could be used to personally identify users.
Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
For this purpose, you can deactivate the remarketing function “Custom Audiences”. You can find more detailed information on Meta’s collection and use of data and your associated rights and options for protecting your privacy in Meta’s privacy policy: https://www.facebook.com/about/privacy/.

Use of Google Ads conversion tracking

Our website uses the online marketing program "Google Ads", including conversion tracking (evaluation of user actions). Google conversion tracking is a service operated by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google").
If you click on adverts placed by Google, a cookie is placed on your computer for conversion tracking. These cookies have limited validity, do not contain any personal data and thus cannot be used for personal identification. If you visit certain pages on our website and the cookie has not yet expired, we and Google can recognise that you have clicked on the advert and were forwarded to this page. Every Google Ads customer receives a different cookie. It is therefore not possible to track cookies relating to the websites of Ads customers.
The information collected using the conversion cookie serves the purpose of producing conversion statistics. This allows us to find out the total number of users who have clicked on our adverts and were forwarded to a page equipped with a conversion tracking tag. However, they do not receive any information with which could be used to personally identify users. We use the extended implementation of the consent mode (Advanced Consent Mode). In this case, user data is transmitted to Google in the form of "pings" even if consent has not been granted. These pings may contain the following information, among others: IP address to derive the IP country (the IP address is not logged), date and time of the page view, URL of the pages visited, user agent, referrer URL (website from which you accessed our website) or information about the triggering of website events such as a conversion. On the basis of this information, Google models user data in order to be able to carry out a comprehensive usage analysis despite the refusal of consent.
Your data may be transmitted to Google LLC servers in the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You will find more information as well as Google’s data privacy policy at: https://www.google.com/policies/privacy/ and https://business.safety.google/privacy/

Use of Google AdSense

Our website uses the AdSense function by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google").
The data processing serves the purpose of renting out advertising space on the website and using these to address visitors to the website with targeted, interest-related advertising.
This function displays personalised, interest-related adverts from the Google display network to visitors to the website. Google Analytics uses cookies, which make it possible to analyse your use of the website.
The information generated by the cookie regarding your use of this website is usually transferred to a Google server in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
Google may also transmit this data to third parties if this is required by law or the third party is processing the data on behalf of Google. On no account will Google associate your IP address with other Google data.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You will find more information as well as Google’s data privacy policy at: https://www.google.com/policies/technologies/ads/ and https://www.google.de/policies/privacy/ and https://business.safety.google/privacy/

Use of the remarketing or “similar target groups” function of Google Inc.

Our website uses the remarketing or "similar target groups" function by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google").
This application serves to analyse visitor behaviour and visitor interests.
Google uses cookies to analyse website use, forming the basis for producing interest-related adverts. Cookies allow for the recording of website visits as well as anonymised data on the use of the website. The personal data of website visitors is not saved. If you then visit another website in the Google display network you will then be shown adverts which are more likely to take previous areas of product and information interest into account.
Your data may be transmitted to Google LLC servers in the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more detailed information on Google remarketing as well as the associated data privacy policy at: https://www.google.com/privacy/ads/ and https://business.safety.google/privacy/

Using the Pinterest tag

We use the Pinterest tag of Pinterest Europe Limited (Palmerston House, 2nd, Fenian Street, Floor, Dublin 2, Ireland "Pinterest") on our website.
The application serves to address the visitor to the website with interest-related advertising on the social network Pinterest. We have implemented Pinterest’s conversion tag on our website for this purpose. This tag sets up a direct connection to Pinterest’s servers when you visit our website. This informs the Pinterest server which of our web pages you have visited. Pinterest associates this information with your personal Pinterest user account if you are logged into the social network. When you visit Pinterest, you will then be shown personalised, interest-related Pinterest ads. If you reach our website via a Pin on the Pinterest social network, a cookie for conversion tracking is placed on your computer. These cookies have limited validity, do not contain any personal data and thus cannot be used for personal identification. If you visit certain pages on our site and the cookie has not expired, we and Pinterest may recognise that you have clicked the Pin and been directed to that page. The information collected using the conversion cookie serves the purpose of producing conversion statistics and thereby optimising our website. These can involve the processing of, among other things, the following information: Total number of users who clicked one of our Pins and were redirected to our website, subpages visited on our website (e.g. category or product pages), search queries on our website, your shopping cart contents, completed transactions.
Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified under the TAPF. The data transfer takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more detailed information on Pinterest’s collection and use of data and your associated rights and options for protecting your privacy in Pinterest’s privacy policy: https://policy.pinterest.com/de/privacy-policy.

Using Criteo
We use the technology of the provider Criteo SA (32 Rue Blanche, 75009 Paris, France; ""Criteo"") on our website. The application serves the purpose of targeting visitors to the website with interest-based advertising, as personalized banner ads on other websites (so-called publishers). For this purpose, Criteo uses technologies such as cookies, which enable recognition of your browser. In the process, the following information, among others, may be collected and transmitted to Criteo: Referrer URL, pages visited on our website, date and time of the visit, advertising ID of your smartphone, information about the browser and device you use, shopping cart content. From the data collected in this way, usage profiles can be created using pseudonyms. However, a personal identification of users is not possible as a result.

The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal. For more information on data processing and data protection, please visit https://www.criteo.com/de/privacy and https://www.criteo.com/de/privacy/how-we-use-your-data/.

Use of Criteo

We use the technology of the provider Criteo SA (32 Rue Blanche, 75009 Paris, France; ""Criteo"") on our website. The application serves the purpose of targeting visitors to the website with interest-based advertising, as personalized banner ads on other websites (so-called publishers). For this purpose, Criteo uses technologies such as cookies, which enable recognition of your browser.

In the process, the following information, among others, may be collected and transmitted to Criteo: Referrer URL, pages visited on our website, date and time of the visit, advertising ID of your smartphone, information about the browser and device you use, shopping cart content. From the data collected in this way, usage profiles can be created using pseudonyms. However, a personal identification of users is not possible as a result.

For more information on data processing and data protection, please visit https://www.criteo.com/de/privacy and https://www.criteo.com/de/privacy/how-we-use-your-data/.

Use of Loyalty Lion

To operate our loyalty program, we use the loyalty tool from LoyaltyLion Ltd., HubHub - LoyaltyLion, 20 Farringdon Street, London, EC4A 4EN, United Kingdom. The data transmitted as part of your participation in the program is processed and stored by LoyaltyLion. This includes, in particular, your name, address, e-mail address, possibly your phone number, possibly your date of birth, and all purchase-related data.
The legal basis for the processing of mandatory personal data collected is Art. 6 (1) (b) GDPR. For the initiation and execution of the contract to be concluded with you regarding participation in the loyalty program, the processing of this personal data is necessary in order to assign your loyalty points and your point account.
The processing of voluntarily provided personal data by the loyalty tool is based on our legitimate interest, Art. 6 (1) (f) GDPR. The data serves to improve our offer and provide interest-based advertising. You can object to this processing of your data at any time or, alternatively, simply remove this data from your account.

Use of Linkster

On this site, we use the tracking technology of Linkster GmbH, Colonnaden 5, 20354 Hamburg, Germany, to measure and visualize insights into partnerships and advertising channels. This is a function for measuring the efficiency of the respective advertising measures. Furthermore, the information enables us to assign advertising successes for billing purposes with the respective advertising partners. When you click on an ad integration, cookies are set in your browser, which are read in the event of a transaction. At each touchpoint, your browser sends an HTTP request to the Linkster server, transmitting certain information. This information includes the URL of the website on which the advertising material is placed (referrer URL), the browser identifier (user agent) of your device (including information about the device type and operating system), the IP address of the device (this IP address is anonymized and hashed by us before storage), HTTP headers (data packets automatically transmitted by your browser containing various technical information), the time of the request and, if previously stored on the device, the cookie with its content.
A cookie is a small data packet exchanged between your browser and the server. Information relevant to the web application can be stored and transmitted in this data packet, e.g., the contents of a virtual shopping cart.
The tracking technology stores cookies on your device to document actions. A 24-character anonymous ID is stored in the cookie. Linked to this ID, the data is stored encrypted in our database on the server.
This contains information about the last touchpoints (i.e., when a specific advertising medium was displayed or clicked by a device). The stored touchpoints can, if necessary, be assembled into a sequence chain (user journey).
In the event of an action request, the order number and the shopping cart value of your order are usually also transmitted and stored by us. In addition, the following values can be transmitted and stored: your customer number, new customer attribute, your age and gender, as well as the information you provided in a customer survey.
The cookies stored by Linkster GmbH are deleted after 30 days at the latest. The information transmitted to us and the cookies serve exclusively for the purpose of correctly attributing the success of an advertising medium and the corresponding billing, and are justified by our legitimate interests pursuant to Art. 6 (1) sentence 1 lit. f GDPR.
If you do not want cookies to be stored in your browser, you can achieve this by configuring your browser settings accordingly. You can disable the saving of cookies in your respective browser under Extras/Internet Options, restrict them to certain websites, or set your browser to notify you as soon as a cookie is sent. Please note, however, that in this case, you must expect a limited presentation of the online offers and restricted user navigation. You can also delete cookies at any time. In this case, the information stored in them will be removed from your device.
The collection and processing of tracking data can also be deactivated by clicking on this tracking opt-out link: https://trck.linkster.co/privacy-optout.do
Access your data: https://trck.linkster.co/privacy-mydata.do
You can find details on which specific cookies are used by our tracking technology in the following overview:

TRS: Unique, 24-character identifier (ID) for tracking partnerships. This cookie is stored in the client browser and identifies database records containing the touchpoint data.
TRSCJ: Fallback cookie with rudimentary touchpoint data for tracking partnerships. This cookie contains encrypted all touchpoint data on the client browser.
trs_db_optout: Clicking the tracking opt-out link writes a special cookie that disables tracking in the device's current web browser. Tracking is reactivated as soon as you delete the tracking opt-out cookie.

Use of Decify

We use the web analysis service Decify on our website or on parts of our website to collect so-called zero-party data, i.e., information explicitly and voluntarily provided by our website visitors.
Decify is a web analysis service of Decify GmbH in Munich, Germany. Decify GmbH acts as a data processor for us on the basis of a data processing agreement in accordance with Art. 28 GDPR. Decify enables an analysis of the perception and use of the website by its visitors, as well as their preferences, intentions, and more. Decify collects data from surveys or questionnaires of the users and additionally user interactions, such as starting and submitting a survey, as well as browser and device information, such as the visitor's IP address, device type, screen resolution, user agent string configuration, and language setting. In addition, e-mail addresses and order numbers are transmitted. The collected data is used to evaluate and optimize the website and advertising/marketing measures.
Furthermore, website visitors are assigned a "Universally unique identifier" (UUID), through which Decify can track returning users of our website – without linking to their personal data. The UUID is used, for example, to avoid showing the same website visitor a survey multiple times.
In this context, personal data may be transferred to third countries that do not offer an adequate level of data protection. In this case, it is ensured that appropriate safeguards are provided for such a transfer in order to ensure an adequate level of data protection. We will provide proof of these appropriate safeguards upon request.
The legal basis for the use of Decify is our legitimate interest pursuant to Art. 6 (1) (f) GDPR in the needs-based design of the website and in the evaluation and optimization of our marketing measures.

Use of Mable

Within our online offering, a tool provided by Mable GmbH, Kaiserstraße 88, 76133 Karlsruhe (hereinafter "Mable") is used. Mable enables us, in the interest of the users and in our own interest, to better control our data flows and to decide and control which data is passed on to third parties. It also allows us an independent evaluation of this data according to our own criteria. When we work with certain partners, e.g., for the purpose of online marketing, this often requires the integration of code components that cause a direct server connection and the collection of personal data of our website users by the partner. In this case, we often have no influence on the exact data collected or the data flows. Mable allows us to use partner programs without integrating their code into our website. In this case, a direct server connection to the website users by the third party is not required. Instead of the direct server connection, the partner receives the aggregated data, if any, from us.
For the aforementioned purpose of processing and disclosure, we process the following data of the website users: a pseudonymous user identifier; visitor behavior on websites (visitor behavior includes, among other things, data on where visitors come from, which areas of a website are visited, and how often and how long which subpages and categories are viewed). This data can be added to the information stored in your user account or collected during the ordering process, regardless of whether the purchase was completed.
The data processing takes place on the basis of your consent pursuant to Art. 6 (1) (a) GDPR.

Use of ABlyft

Name of the service: ABlyft. ABlyft is a service of Conversion Expert GmbH, Zeppelinring 52c, 24146 Kiel, Germany https://ablyft.com. ABlyft collects information on user behavior in order to improve the usability of the website. No personally identifiable data is stored in the platform. Data is only stored in aggregated form. User data (IDs, etc.) is not stored. You can object to the use of ABlyft at any time by clicking on the following link: buoh.shop?ablyft_opt_out=true. Data transfer to a third country does not take place.

Use of "Shopify Network Intelligence"

We use the security and analysis function "Shopify Network Intelligence" provided by Shopify Inc., Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland in our online shop. Shopify Network Intelligence is an automated system based on artificial intelligence. This system is used for network security, fraud detection, and optimizing shop performance.

For this purpose, Shopify Network Intelligence monitors network access and user behavior to detect and avert fraudulent activities (e.g., credit card fraud, bot attacks) at an early stage. In addition, data is used for technical stability and performance analysis.

In accordance with Art. 52 of the AI Act, we would like to point out that you are interacting with an AI system. The responses generated by Shopify Network Intelligence may contain errors or be incomplete. Please review the content critically and do not rely solely on the chatbot outputs for legally binding matters.

Shopify Network Intelligence serves us to ensure IT security and fraud prevention, the availability of the online shop, and the analysis and optimization of shop performance.

Cookies are used for this purpose. The cookies enable the recognition of the Internet browser. Your data may be transferred to Canada. An adequacy decision of the EU Commission is in place for Canada, which covers data processing by companies subject to the Personal Information Protection and Electronic Documents Act (PIPEDA). Shopify, headquartered in Canada, is subject to PIPEDA and is obliged to comply with the data protection principles under PIPEDA.

The use of cookies or comparable technologies is based on your consent pursuant to Section 25 (1) sentence 1 of the TTDSG (German Telecommunications and Telemedia Data Protection Act) in conjunction with Art. 6 (1) (a) GDPR. The processing of your personal data is based on your consent pursuant to Art. 6 (1) (a) GDPR. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on the consent prior to the revocation.

Further information on data processing can be found in Shopify's privacy policy at: https://www.shopify.com/de/legal/datenschutz.

Plug-ins

Using Google Tag Manager

Our website uses the Google Tag Manager from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google"). This application manages JavaScript tags and HTML tags which are used in particular to implement tracking and analysis tools. The data processing serves to facilitate the needs-based design and optimisation of our website. The Google Tag Manager itself neither stores cookies nor processes personal data. It does, however, enable the triggering of further tags which may collect and process personal data. You can find more detailed information on the terms and conditions of use and data protection at https://www.google.com/intl/de/tagmanager/use-policy.html

Use of Google reCAPTCHA

We use the reCAPTCHA service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website under a data processing agreement. The purpose of this check is to distinguish between input by a human and automated, machine-based processing. To this end, your input is transmitted to Google and processed there. In addition, the IP address and, where applicable, other data required by Google for the reCAPTCHA service are transmitted to Google. This data is processed by Google within the European Union and, where applicable, also transmitted to servers of Google LLC in the USA. An adequacy decision by the European Commission is in place for the USA, namely the Trans-Atlantic Data Privacy Framework (TADPF). Google has obtained certification under the TADPF and is therefore committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25(1) sentence 1 of the TDDDG in conjunction with Article 6(1)(a) of the GDPR. The processing of your personal data takes place with your consent on the basis of Article 6(1)(a) of the GDPR. You may withdraw your consent at any time without this affecting the lawfulness of the processing carried out on the basis of your consent prior to its withdrawal.

Use of Cloudfront

Our website uses the Cloudfront CDN content delivery network provided by Amazon Web Services EMEA SARL (38 avenue John F. Kennedy, L-1855, Luxembourg; ""Cloudfront"").

This is a supra-regional network of servers in various data centers to which our web server connects and through which certain content on our website is delivered.

The data processing serves the purpose of optimizing the loading times of our website and thus making our offer more user-friendly.

The following information, among others, may be collected: IP address, system configuration information, information about traffic to and from customer websites (so-called server log files).

Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Cloudfront has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
Processing is carried out on the basis of Article 6(1)(f) GDPR for the purposes of our legitimate interest in needs-based and targeted design of the website. On grounds relating to your particular situation, you have the right to object at any time to this processing of your personal data and carried out on the basis of Article 6(1)(f) GDPR.

For more information on data protection when using Cloudfront, please visit https://docs.aws.amazon.com/de_de/AmazonCloudFront/latest/DeveloperGuide/data-protection-summary.html and https://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf.

Use of Google Maps
We use the function for embedding GoogleMaps maps from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The function enables the visual representation of geographical information and interactive maps. Google also collects, processes and uses data from visitors to the websites when they access the pages in which Google Maps maps are integrated.
Your data may also be transmitted to the USA. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google is not certified according to the TADPF. The data is transferred based, among other things, on standard contractual clauses as appropriate guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks.
Your personal data is processed on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in the needs-based and targeted design of the website. You have the right to object to this processing of personal data concerning you at any time for reasons relating to your particular situation.
Further information on how Google collects and uses data can be found in Google's data protection information at https://www.google.com/privacypolicy.html. There you also have the opportunity to change your settings in the data protection center so that you can manage and protect your data processed by Google.
Use of YouTube
We use the function for embedding YouTube videos from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube") on our website. YouTube is a partnership with Google LLC (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; “Google”) affiliated company.
The function displays videos stored on YouTube in an iFrame on the website. The “Extended data protection mode” option is activated. This means that YouTube does not store any information about website visitors. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transferred to the USA. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube is not certified according to the TADPF. The data is transferred based, among other things, on standard contractual clauses as appropriate guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks.
Your personal data is processed on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in the needs-based and targeted design of the website. You have the right to object to this processing of personal data concerning you at any time for reasons relating to your particular situation.
Further information on the collection and use of data by YouTube and Google, your rights in this regard and options for protecting your privacy can be found in YouTube's data protection information at https://www.youtube.com/t/privacy.

Use of YouTube

Our website uses the function for embedding YouTube videos by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube"). YouTube is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google").
This feature shows YouTube videos in an iFrame on the website. The option "advanced privacy mode" is enabled here. This prevents YouTube from storing information on visitors to the website. It is only if you watch a video that information is transmitted to and stored by YouTube. Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
Further information on the data collected and used by YouTube and Google and your associated rights and options for protecting your privacy can be found in YouTube’s privacy policy (https://www.youtube.com/t/privacy).

Rights of persons affected and storage duration

Duration of storage

After contractual processing has been completed, the data is initially stored for the duration of the warranty period, then in accordance with the retention periods prescribed by law, especially tax and commercial law, and then deleted after the period has elapsed, unless you have agreed to further processing and use.

Rights of the affected person

If the legal requirements are fulfilled, you have the following rights according to art. 15 to 20 GDPR: Right to information, correction, deletion, restriction of processing, data portability. You also have a right of objection against processing based on art. 6 (1) GDPR, and to processing for the purposes of direct marketing, according to art. 21 (1) GDPR.

Right to complain to the regulatory authority

You have the right to complain to the regulatory authority according to art. 77 GDPR if you believe that your data is not being processed legally.

You can lodge a complaint with, among others, the supervisory authority responsible for us, which you may reach at the following contact details:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach
Tel.: +49 981 1800930
Fax: +49 981 180093800
E-Mail: poststelle@lda.bayern.de

Right to object

If the data processing outlined here is based on our legitimate interests in accordance with Article 6(1)f) GDPR, you have the right for reasons arising from your particular situation to object at any time to the processing of your data with future effect.

If the objection is successful, we will no longer process the personal data, unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests or rights and freedoms, or the processing is intended for the assertion, exercise or defence of legal claims.

If personal data is being processed for the purposes of direct advertising, you can object to this at any time by notifying us. If the objection is successful, we will no longer process the personal data for the purposes of direct advertising.

last update: 19.06.2026