CONTACT DETAILS OF THE DATA CONTROLLER
1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about the handling of your personal data when using our website. Personal data is any data that can be used to personally identify you.

1.2 The data controller for this website within the meaning of the General Data Protection Regulation (GDPR) is [Shop Name]. The data controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the data controller). You can recognize an encrypted connection by the string “https://” and the padlock symbol in your browser bar.

When you use our website for purely informational purposes, i.e., if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:
The website you visited

Date and time of access
Amount of data sent in bytes
Source/referrer from which you accessed the page
Browser used
Operating system used
IP address used (possibly anonymized)
Processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our
legitimate interest in improving the stability and functionality of our
website. The data will not be shared or used for any other purpose.

However, we reserve the right to subsequently review the server log files should there be
concrete indications of unlawful use.

To make your visit to our website more attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of your browser session, i.e., after you close your browser (session cookies). Other cookies remain on your device and allow us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies). When cookies are set, they collect and process certain user information, such as browser and location data, as well as IP addresses, to varying degrees. Persistent cookies are automatically deleted after a specified period, which can vary depending on the cookie. In some cases, the cookies are used to simplify the ordering process by saving settings (e.g., remembering the contents of a virtual shopping cart for a later visit to the website). If any of the cookies we implement also process personal data, this processing is carried out
in accordance with Art. 6 para. 1 lit. b GDPR either for the performance of the contract or
in accordance with Art. 6 para. 1 lit. f GDPR to protect our legitimate interests in the
best possible functionality of the website and a user-friendly and effective
design of the website visit.

We may work with advertising partners who help us to make our
website more interesting for you. For this purpose, cookies from partner companies will also be stored on your
hard drive when you visit our website (third-party cookies). If we work with the aforementioned
advertising partners, you will be informed individually and separately about the use of such cookies and the scope of the information collected in each case within the paragraphs below.

Please note that you can configure your browser to notify you when cookies are set and to decide individually whether to accept them, or to exclude the acceptance of cookies in certain cases or entirely.

Each browser manages cookie settings differently.

This is described in the help menu of each browser, which explains how
you can change your cookie settings. You can find instructions for each browser at the following links:

Internet Explorer:

https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manag
cookies

Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en

Safari: https://support.apple.com/kb/ph21411?locale=de_DE

Opera: https://help.opera.com/en/latest/web-preferences/#cookies
Please note that if you do not accept cookies, the functionality of our website may be limited.

When you contact us (e.g., via contact form or email), personal data is collected. The specific data collected via a contact form is indicated on the form itself. This data is stored and used exclusively for the purpose of responding to your inquiry, contacting you, and for the associated technical administration. The legal basis for processing this data is our legitimate interest in responding to your inquiry, pursuant to Article 6(1)(f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Article 6(1)(b) GDPR. Your data will be deleted after your inquiry has been fully processed. This is the case when it is clear from the circumstances that the matter has been resolved and provided that no statutory retention obligations apply.

In accordance with Article 6 Paragraph 1 Letter b GDPR, personal data will continue to be collected
and processed if you provide it to us for the performance of a contract or when
opening a customer account. The specific data collected is evident from the
respective input forms. You can delete your customer account at any time by sending a message to the above-mentioned address of the
controller. We store and use the data you provide for contract processing. After complete contract processing or deletion of your customer account, your data will be blocked in accordance with tax and commercial law retention periods and deleted after these periods have expired, unless you have expressly consented to further use of your data or we have reserved the right to further use your data as permitted by law, about which we will inform you accordingly below.

6.1 Subscription to our email newsletter

When you subscribe to our email newsletter, we will send you
regular information about our offers. The only mandatory information required for sending
the newsletter is your email address. Providing any other data is
voluntary and is used to personalize our communications with you. We use the so-called double opt-in procedure for sending
the newsletter. This means that we will only send you an email newsletter after you have expressly confirmed that you consent to receiving
newsletters. We will then send you a confirmation email asking you to
click on a corresponding link to confirm that you wish to receive future
newsletters.

By activating the confirmation link, you give us your consent to the
use of your personal data in accordance with Art. 6 para. 1 lit. a GDPR. When you subscribe to our newsletter, we store your IP address, which is registered by your Internet Service Provider (ISP), as well as the date and time of your subscription, in order to be able to trace any potential misuse of your email address at a later date. The data we collect when you subscribe to the newsletter is used exclusively for sending you promotional material via the newsletter.

You can unsubscribe from the newsletter at any time via the unsubscribe link provided in the newsletter or by sending a corresponding message to the data controller named above. After you unsubscribe, your email address will be immediately deleted from our newsletter mailing list, unless you have expressly consented to further use of your data or we reserve the right to use your data for other purposes permitted by law, about which we inform you in this statement.
... 6.2 Sending email newsletters to existing customers

If you provided us with your email address when purchasing goods or services, we reserve the right to regularly send you offers for similar goods or services from our product range via email. We do not need to obtain separate consent from you for this. Data processing in this respect is based solely on our legitimate interest in personalized direct marketing pursuant to Art. 6 para. 1 lit. f GDPR. If you initially objected to the use of your email address for this purpose, we will not send you any emails. You are entitled to object to the use of your email address for the aforementioned advertising purpose at any time with effect for the future by notifying the data controller named at the beginning of this document. You will only incur transmission costs according to the basic rates for this. Upon receipt of your objection, the use of your email address for advertising purposes will be stopped immediately.

We transfer personal data we collect from you to the shipping company commissioned with delivery to the extent necessary to fulfill the contract. We transfer payment data to the respective bank or payment service provider as necessary for payment processing.

Use of Payment Service Providers

PayPal
When paying via PayPal (including credit card, direct debit, invoice, or installment), your payment data is transmitted to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22–24 Boulevard Royal, L-2449 Luxembourg, pursuant to Art. 6(1)(b) GDPR.

PayPal may perform a credit check based on its legitimate interest under Art. 6(1)(f) GDPR and may transmit payment data to credit agencies for this purpose. Credit reports may contain score values calculated using recognized statistical methods, which may include address data.

Details can be found in PayPal’s Privacy Policy: https://www.paypal.com/webapps/mpp/ua/privacy-full

You may object to this processing at any time. PayPal may, however, remain entitled to process your data if necessary for contractual payment processing.

SOFORT (Klarna Group)
If you choose SOFORT, processing is carried out by SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany (part of Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden). Your data is transferred solely for payment processing pursuant to Art. 6(1)(b) GDPR. More information:https://rosanewyork.com/pages/privacy-policy

Note: Additional customs duties and/or import taxes are not included in the price and are the customer’s responsibility.

7.1 The personal data we collect will be passed on to the transport company commissioned with the delivery as part of the
contract processing, insofar as this is necessary for the delivery of the goods. We will pass on your payment data to the commissioned credit institution as part of the payment processing, insofar as this is necessary for the payment processing. If payment service providers are used, we will inform you explicitly below. The legal basis for the transfer of data is Art. 6 para. 1 lit. b GDPR.

7.2 Use of Payment Service Providers

- PayPal
When paying via PayPal, credit card via PayPal, direct debit via PayPal or – if offered – "purchase on account" or "installment payment" via PayPal, we will pass on your payment data to PayPal (Europe) S.a.r.l. et
Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") as part of the payment processing.

The transfer of data takes place in accordance with Art. 6 para. 1 lit. b GDPR and only to the extent necessary for
payment processing.

PayPal reserves the right to conduct a credit check for the payment methods credit card via PayPal, direct debit via PayPal, or – if offered – "purchase on account" or "installment payment" via PayPal. For this purpose, your payment data may be forwarded to credit agencies in accordance with Art. 6 para. 1 lit. f GDPR based on PayPal's legitimate interest in determining your creditworthiness.

PayPal uses the result of the credit check regarding the statistical probability of payment default to decide whether to offer the respective payment method. The credit check may contain probability values ​​(so-called score values). If score values ​​are included in the result of the credit check, they are based on a scientifically recognized mathematical-statistical procedure. Address data is among the data used to calculate the score values, but is not the only factor.

For further information on data protection, including details about the credit reference agencies used, please see PayPal's Privacy Statement:

https://www.paypal.com/de/webapps/mpp/ua/privacy-full
You can object to this processing of your data at any time by contacting PayPal.

However, PayPal may still be entitled to process your personal data if this is necessary for the contractual processing of payments.

SOFORT
When selecting the payment method "SOFORT," payment processing is handled by the payment service provider SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter "SOFORT"), to whom we transfer the information you provided during the order process, along with information about your order, in accordance with Article 6 Paragraph 1 Letter b GDPR. SOFORT GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). Your data is transferred exclusively for the purpose of payment processing with the payment service provider SOFORT and only to the extent necessary for this purpose.

You can find further information about SOFORT's privacy policy at the following web address: https://www.klarna.com/sofort/datenschutz

Our own review reminder (not sent via a customer review system)

We use your email address to send you a one-time reminder to submit a review of your order for our review system, provided you have given us your explicit consent to do so during or after your order in accordance with Article 6(1)(a) GDPR.

You can withdraw your consent at any time by contacting the data controller.

9.1 Facebook Plugins with Shariff Solution
Special additional customs clearance costs and/or import duties are not included in the price and are the responsibility of the customer.

Our website uses so-called social plugins ("plugins") from the social network Facebook, operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA ("Facebook").

To enhance the protection of your data when visiting our website, these buttons are not fully integrated as plugins, but rather embedded in the page using an HTML link. This method ensures that no connection to Facebook's servers is established when you access a page on our website containing such buttons. When you click the button, a new browser window opens and takes you to the Facebook page, where you can interact with the plugins there (after entering your login details, if necessary).

Facebook Inc., based in the USA, is certified under the EU-US Privacy Shield Framework, which ensures compliance with the level of data protection applicable in the EU.

For information on the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your related rights and privacy settings, please refer to Facebook's Privacy Policy: https://www.facebook.com/policy.php

9.2 Google+ Plugins as a Shariff Solution
Our website uses social plugins ("plugins") from the Google+ social network, operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

To enhance the protection of your data when visiting our website, these buttons are not fully integrated as plugins, but rather embedded using an HTML link. This type of integration ensures that when you access a page on our website containing such buttons, no connection is established with Google+'s servers. When you click the button, a new browser window opens and takes you to the Google+ page, where you can interact with the plugins there (after entering your login details, if necessary).

Google LLC, based in the USA, is certified under the EU-US Privacy Shield Framework, which guarantees compliance with the data protection standards applicable in the EU.

For information on the purpose and scope of data collection and the further processing and use of data by Google, as well as your related rights and settings options for protecting your privacy, please refer to Google's privacy policy: https://www.google.com/intl/de/policies/privacy/

9.3 Instagram Plugin as a Shariff Solution

Our website uses social plugins (“plugins”) from the online service
Instagram, operated by Instagram LLC., 1601 Willow Rd, Menlo Park, CA
94025, USA (“Instagram”).

To enhance the protection of your data when visiting our website, these buttons are not fully integrated as plugins, but rather embedded using an HTML link. This method ensures that no connection to Instagram's servers is established when you access a page on our website containing such buttons. When you click the button, a new browser window opens and takes you to the Instagram page, where you can interact with the plugins there (after entering your login details, if necessary).

Instagram LLC, based in the USA, is certified under the EU-US Privacy Shield Framework, which guarantees compliance with the level of data protection applicable in the EU.


Instagram LLC., headquartered in the USA, is certified under the EU-US Privacy Shield Framework, which ensures compliance with the level of data protection applicable in the EU.



Instagram is not a fully integrated plugins, but rather a standard of data protection. For information on the purpose and scope of data collection and the further processing and use of data by Instagram, as well as your related rights and privacy settings, please refer to Instagram's privacy policy: https://help.instagram.com/155833707900388/

10.1 DoubleClick by Google

This website uses the online marketing tool DoubleClick by Google, operated by
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("DoubleClick").

DoubleClick uses cookies to display relevant ads to users, to improve campaign performance reports, or to prevent users from seeing the same ads multiple times. Google uses a cookie ID to record which ads are displayed in which browser and can thus prevent them from being displayed multiple times. This processing is based on our legitimate interest in the optimal marketing of our website pursuant to Art. 6 para. 1 lit. f GDPR.

In addition, DoubleClick can use cookie IDs to record conversions related to ad requests. This is the case, for example, when a user sees a
DoubleClick ad and later visits the advertiser's website using the same browser and makes a purchase. According to Google,
DoubleClick cookies do not contain any personally identifiable information.

Due to the marketing tools used, your browser automatically establishes a direct connection to Google's server. We have no control over the scope and further use of the data collected by Google through the use of this tool and therefore inform you to the best of our knowledge: By integrating DoubleClick, Google receives the information that you have accessed the corresponding part of our website or clicked on one of our ads. If you are registered with a Google service, Google can associate the visit with your account. Even if you are not registered with Google or are not logged in, it is possible that the provider will learn and store your IP address.

If you wish to object to participation in this tracking process, you can
disable cookies for conversion tracking by configuring your browser to block cookies from the domain www.googleadservices.com,
https://www.google.de/settings/ads. This setting will be deleted if you delete your cookies. Alternatively, you can learn about the use of cookies and adjust your settings at the Digital Advertising Alliance website: www.aboutads.info. Finally, you can configure your browser to notify you when cookies are being set and decide individually whether to accept them, or to block cookies in certain cases or entirely. If you do not accept cookies, the functionality of our website may be limited.

Google LLC, based in the USA, is certified under the EU-US Privacy Shield Framework, which ensures compliance with the level of data protection applicable in the EU.


Google LLC, based in the USA, is certified under the EU-US Privacy Shield Framework, which guarantees compliance with the level of data protection applicable in the EU.
... You can find further information about the
DoubleClick by Google privacy policy at the following web address:

https://www.google.de/policies/privacy/

10.2 Use of Google AdWords Conversion Tracking
This website uses the online advertising program "Google AdWords" and, within the framework of Google AdWords, the conversion tracking service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). We use the Google AdWords service to draw attention to our attractive offers on external websites using advertising materials (so-called Google AdWords). We can determine the success of individual advertising measures in relation to the data from the advertising campaigns. Our aim is to show you advertising that is of interest to you, to make our website more interesting for you, and to achieve a fair calculation of advertising costs.

The conversion tracking cookie is set when a user clicks on an AdWords ad served by Google. Cookies are small text files that are stored on your computer system. These cookies typically expire after 30 days and are not used for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. Each Google AdWords customer receives a different cookie. Therefore, cookies cannot be tracked across the websites of different AdWords customers. The information obtained using the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, you will not receive
any personally identifiable information. If you do not wish to participate in tracking, you can block this by disabling the Google Conversion Tracking cookie in your internet browser's user settings. You will then not be included in the conversion tracking statistics. We use Google AdWords based on our legitimate interest in targeted advertising pursuant to Art. 6 para. 1 lit. f GDPR.

Google LLC, based in the USA, is certified under the EU-US Privacy Shield Framework, which ensures compliance with the level of data protection applicable in the EU.


[The following appears to be unrelated and possibly a separate document fragment:

Google LLC, based in the USA, is certified under the EU-US Privacy Shield Framework, which guarantees compliance with the level of data protection applicable in the EU.

[The following appears to be unrelated and possibly a separate document fragment:

] You can find further information about Google's privacy policy at the following web address:
https://www.google.de/policies/privacy/

You can permanently disable cookies for ad preferences by
preventing them through a corresponding setting in your browser software or by downloading and installing the browser plug-in available at the following link:
https://www.google.com/settings/ads/plugin?hl=de

Please note that certain functions of this website may not be available or may be limited if you have
disabled the use of cookies.

Google (Universal) Analytics

This website uses Google Analytics, a web analytics service provided by Google LLC,

1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses "cookies," which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your truncated IP address) will generally be transmitted to and stored by Google on servers in the United States.

This website uses Google Analytics exclusively with the extension "_anonymizeIp()", which ensures anonymization of the IP address by truncation and prevents direct identification of individuals. With this extension, your IP address is truncated by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area before being transmitted. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. In these exceptional cases, this processing is carried out in accordance with Article 6(1)(f) GDPR on the basis of our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes.

On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide us with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You can prevent the storage of cookies by adjusting your browser settings; however, please note that in this case you may not be able to fully utilize all the functions of this website. You can also prevent Google from collecting and processing data generated by the cookie and related to your use of the website (including your IP address) by downloading and installing the browser plugin available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=de
Alternatively, or for browsers on mobile devices, please click the following link to set an opt-out cookie that will prevent Google Analytics from collecting data on this website in the future (this opt-out cookie only works in this browser and only for this domain; if you delete your cookies in this browser, you will need to click this link again): Disable Google Analytics
Google LLC, based in the USA, is certified under the EU-US Privacy Shield Framework, which ensures compliance with the level of data protection applicable in the EU.

This website also uses Google Analytics for cross-device analysis
of visitor traffic, which is carried out using a user ID. When a user first visits a page, they are assigned a unique, persistent, and anonymized ID
that is set across all devices. This makes it possible to attribute interaction data from different devices and sessions to a single user. The user ID does not contain any personal data and does not transmit any such data to Google.

You can object to the collection and storage of data via the user ID at any time with effect for the future. To do this, you must deactivate Google Analytics on all systems you use, for example, in a different browser or on your mobile device.

You can deactivate it using a browser plugin from Google (https://tools.google.com/dlpage/gaoptout?hl=de). As an alternative to the browser plugin, or when using browsers on mobile devices, please click on the following link to set an opt-out cookie that will prevent Google Analytics from collecting data on this website in the future (this opt-out cookie only works in this browser and only for this domain; if you delete your cookies in this browser, you will need to click this link again): Disable Google Analytics

Further information about Universal Analytics can be found here:

https://support.google.com/analytics/answer/2838718?hl=de&ref_topic=6010376

Facebook Custom Audience via the Pixel Method

This website uses the “Facebook Pixel” from Facebook Inc., 1 Hacker Way,
Menlo Park, CA 94025, USA (“Facebook”). With your explicit consent, this allows us to track user behavior after they have seen or clicked on a Facebook ad. This method is used to evaluate the effectiveness of Facebook ads for statistical and market research purposes and can help optimize future advertising campaigns.

The data collected is anonymous to us and therefore does not allow us to identify individual users. However, the data is stored and processed by Facebook, making it possible to link it to the respective user profile and allowing Facebook to use the data for its own advertising purposes in accordance with the Facebook Data Policy (https://www.facebook.com/about/privacy/).


Facebook uses the Facebook Pixel to track user behavior after they have seen or clicked on a Facebook ad. You can allow Facebook and its partners to display advertisements on and
off Facebook. A cookie may also be stored on your computer for these purposes. This processing takes place
exclusively with your explicit consent in accordance with Article 6(1)(a) GDPR.

Consent to the use of the Facebook pixel may only be given by users who are older than
13 years of age. If you are younger, please ask your parent or guardian for permission.

Facebook Inc., based in the USA, is certified under the EU-US Privacy Shield Framework, which ensures compliance with the level of data protection applicable in
the EU.

To disable the use of cookies on your computer, you can configure your internet browser to prevent cookies from being stored on your computer in the future or to delete cookies that have already been stored. However, disabling all cookies may prevent some functions on our websites from working properly. You can also deactivate the use of cookies by third-party providers such as Facebook on the following website of the Digital Advertising Alliance: https://www.aboutads.info/choices/
Google AdWords Remarketing
Our website uses the functions of Google AdWords Remarketing. We use this to advertise this website in Google search results and on third-party websites.

The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043,
USA (“Google”). For this purpose, Google places a cookie in the browser of your device,
which automatically enables interest-based advertising using a pseudonymous cookie ID and based on the pages you have visited. The processing is based on our legitimate interest in the optimal marketing of our website pursuant to Art. 6 Para. 1 lit. f GDPR.

Further data processing only takes place if you have consented to Google linking your internet and app browsing history to your Google account and using information from your Google account to personalize ads you see on the web. If you are logged into Google during your visit to our website, Google uses your data together with Google Analytics data to create and define target audience lists for cross-device remarketing. For this purpose, your personal data is temporarily linked by Google with Google Analytics data to create target audiences. You can permanently disable the setting of cookies for ad preferences by downloading and installing the browser plug-in available at the following link: https://www.google.com/settings/ads/onweb/
Alternatively, you can learn about the setting of cookies and adjust your settings at the Digital Advertising Alliance website: www.aboutads.info Finally, you can configure your browser to notify you when cookies are being set and allow you to decide whether to accept them individually, or to block cookies in certain cases or entirely. If you do not accept cookies, the functionality of our website may be limited.

Google LLC, based in the USA, is certified under the EU-US Privacy Shield Framework, which ensures compliance with the data protection standards applicable in the EU.

Further information and the privacy policy regarding advertising and Google can be found here:

https://www.google.com/policies/technologies/ads/

13.1 The applicable data protection law grants you comprehensive data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, which we inform you about below:
Right of access pursuant to Art. 15 GDPR: In particular, you have the right to information about your personal data processed by us, the purposes of the processing, the categories of personal data processed, the recipients or categories of recipients to whom your data have been or will be disclosed, the planned storage period or the criteria for determining the storage period, the existence of a right to rectification, erasure, restriction of processing, objection to processing, lodging a complaint with a supervisory authority, the origin of your data if they were not collected from you by us, the existence of automated decision-making, including profiling, and, where applicable, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you, and your right to be informed of the safeguards pursuant to Art. 46
GDPR when your data is transferred to third countries;

Right to rectification pursuant to Article 16 GDPR: You have the right to the immediate
rectification of inaccurate data concerning you and/or completion of your incomplete data stored with us;

Right to erasure pursuant to Article 17 GDPR: You have the right to request the erasure of your personal data if the conditions of Article 17(1) GDPR are met. However, this right does not exist, in particular, if the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;

Right to restriction of processing pursuant to Article 18 GDPR: You have the
right to request the restriction of processing of your personal data
while the accuracy of your data, which you have contested, is being verified; if you object to the erasure of your data due to unlawful data processing and request the restriction of processing of your data instead; if you require your data for the establishment, exercise, or defense of legal claims
after we no longer need this data for the purposes for which it was collected; or if you have objected to processing on grounds relating to your particular situation, pending the verification of whether our legitimate grounds override yours;
Right to be informed pursuant to Article 19 GDPR: If you have asserted your right to rectification, erasure, or restriction of processing against the controller, the controller is obliged to communicate this rectification or erasure of the data or restriction of processing to all recipients to whom the personal data concerning you have been disclosed, unless this proves impossible or involves disproportionate effort. You have
the right to be informed about these recipients.

Right to data portability pursuant to Article 20 GDPR: You have the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format, or to request its transmission to another controller, insofar as this is technically feasible;

Right to withdraw consent pursuant to Article 7(3) GDPR: You have the right to withdraw your consent to the processing of data at any time with effect for the future. In the event of withdrawal, we will delete the data concerned immediately, unless further processing can be based on a legal basis that does not require consent. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal;

Right to lodge a complaint pursuant to Article 77 GDPR: If you believe that the processing of your personal data infringes the GDPR, you have the right – without prejudice to any other administrative or judicial remedy – to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work, or the place of the alleged infringement.

13.2 Right to object

If we process your personal data based on our overriding legitimate interest as part of a balancing of interests, you have the right to object to this processing at any time, on grounds relating to your particular situation, with effect for the future.

If you exercise your right to object, we will cease processing the data in question. Further processing
remains reserved, however, if we can demonstrate compelling legitimate grounds for the processing which override your interests, fundamental rights and freedoms, or if the processing serves the establishment, exercise or defense of legal claims.

If your personal data is processed by us for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing. You can exercise your right to object as described above.

If you exercise your right to object, we will cease processing the data in question for direct marketing purposes.

The duration of the storage of personal data is determined by the
respective statutory retention period (e.g., commercial and tax law retention periods). After the expiry of this period, the corresponding data is
routinely deleted, unless it is still required for the performance of a contract or
contract initiation and/or we have a legitimate interest
in its continued storage.