computeruniverse Privacy policy

Below we inform you according to the legal requirements – in particular the EU General Data Protection Regulation (GDRP, which can be downloaded here) – regarding the processing of personal data through our company.

Table of Contents:

  1. General information
    1. Important terms
    2. Scope
    3. Responsible party
    4. Data protection officer
  2. Data processing in detail
    1. General information regarding data processing
    2. Accessing our services
    3. Creating a user account
    4. Bonus points program
    5. Newsletter subscription
    6. Newsletter based on direct marketing - § 7 para. 3 UWG
    7. Sweepstakes and promotions
    8. Online shopping and e-commerce
    9. Product insurance
    10. Customer feedback or getting in touch with the customer service
    11. Product assessments and comments
    12. Data processing on our Facebook fan page
    13. Data processing on our Twitter fan page
    14. Data processing on our Instagram fan page
    15. Administration of B2B customer data
    16. Data processing by the service reCaptcha
    17. Applications
    18. Online shopping on marketplaces
    19. Tracking
      a. Tracking technologies used
    20. Direct Marketing
    21. Surveys to improve the user experience
  3. Rights of the persons affected
    1. Right of objection
    2. Right of access
    3. Right of rectification
    4. Right of deletion (“Right to be forgotten”)
    5. Right to restriction of processing
    6. Right to data portablility
    7. Right to revoke a consent
    8. Right to appeal

I. General information

In this section of the privacy policy you will find information on the scope, the person responsible for the data processing, the data protection officer and data security. We also explain in advance the meaning of important terms used in the privacy policy.

1. Important terms

Browser: Computer program for displaying web pages (e.g. Chrome, Firefox, Safari)

Cookies: Text files that the called web server places on the user's computer by means of the browser used. The stored cookie information may contain both an identifier (cookie ID) that serves to recognize, as well as content such as registration status or information about visited websites. The browser sends the cookie information back to the web server with each new request on later, new visits to this page. Most browser accept cookies automatically. You can manage cookies with the help of browser functions (mostly under “Options” or “Settings”). This may disable the storage of cookies, be made dependent on your approval in individual cases or otherwise restricted. You can also delete cookies at any time.

Third countries: Countries outside the European Union (EU)

GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of individuals with regard to the processingof personal data, on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), available here.

Personal data: Any information relating to an identified or identifiable natural person. A natural person is considered as identifiable, who can be identified directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features, the expression of the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.

Profiling: Any type of automated processing of personal data, which consists in using that personal data to evaluate certain personal aspects relating to a natural person, in particular aspects relating to work performance, economic situation, health, personal preferences, interests to analyze or predict the reliability, behavior, location or change of location of this natural person.

Services: Our offers to which this privacy policy applies (see Scope).

Tracking: The collection of data and their evaluation regarding the behavior of visitors relating to our services.

Tracking technologies:Tracking can be done either via the activity logs (log files) stored on our web servers or by collecting data from your device via pixel, cookies and similar tracking technologies.

Processing: Any process or series of operations related to personal information, such as collection, recording, organization, ordering, storage, adaptation or modification, reading, querying, use, disclosure, performed with or without the aid of automated procedures through transmission, dissemination or any other form of provision, settlement or linking, restriction, erasure or destruction.

Pixel:Pixel also called counting pixels, tracking pixels, web beacons or web bugs. These are small, invisible graphics in HTML emails or on web pages. When a document is opened, this small image is downloaded from a server on the Internet, where the download is registered there. This allows the operator of the server to see if and when an email has been opened or a website has been visited. This function is usually realized by calling a small program (JavaScript). This will allow certain types of information to be detected and shared on your computer system, such as the content of cookies, the time and date of the page view, and a description of the page on which the pixel is located.

2. Scope

This Privacy Policy applies to the following offers:

  • our online offer "computeruniverse" (online shop), available in particular under www.computeruniverse.net,
  • Whenever one of our offers (such as websites, subdomains, mobile applications, web services, or third-party affiliations) refers to this Privacy Policy, regardless of the way you access or use it.

All these offers are collectively referred to as "services".

3. Responsible party

The responsible party for the processing of data - that is, the one who decides on the purpose and means of processing personal data - in connection with the services is:

Cyberport SE
Justus-von-Liebig-Str. 1
61352 Bad Homburg
Phone: +49 6172 3917-0
Email: computeruniverse@dataschutzanfrage.de

4. Data protection officer

You can contact our data protection officer via the contact data, mentioned under 3., to the attention of Data Privacy Department, or via computeruniverse@dataschutzanfrage.de.

II. Data processing in detail

In this section of the privacy policy, we will inform you in detail about the processing of personal data as part of our services. For better clarity, we divide this information according to certain functionalities of our services. During the normal use of the services, different functionalities and thus also different processing operations can be used successively or simultaneously.

1. General information regarding data processing

The following applies to all processing operations described below, unless otherwise stated:

a) No obligation to provide & follow non-provisioning

The provision of personal information is not required by law or contract and you are under no obligation to provide any data. We will inform you as part of the submission process when the provision of personal information for the relevant service is required (for example, by the designation as "mandatory field"). In the case of required data, non-provisioning means that the service in question cannot be provided. Otherwise, the non-provision may result in our being unable to provide our services in the same form and quality.

b) Consent

In some cases, you may also give us your consent to further processing in connection with the processing described below (possibly for some of the data). In this case, we will inform you separately in connection with the submission of the respective declaration of consent of all modalities and the scope of the consent and the purpose, which we pursue with these processing operations. The processing based on your consent is, therefore, not listed here again (Art. 13 (4) GDPR).

c) Transfer of personal data to third countries

When we send data to third countries, i.e. countries outside the European Union, then the transfer takes place only in compliance with the legal requirements.

If the transmission of the data to a third country does not serve to fulfill our contract with you, if we do not have your consent, if the transfer is not necessary for the assertion, exercise or defense of legal claims, and if no other exception according to Art. 49 GDPR applies, we will only transfer your data to a third country, if an adequacy decision according to Art. 45 GDPR or suitable guarantees according to Art. 46 GDPR are given.

By concluding the EU standard data protection clauses issued by the European Commission with the receiving body, we meet the requirements for verification with regard to suitable guarantees in accordance with  Art. 46 (2) c) GDPR as well as with regard to an adequate level of data protection in the third country. Copies of the EU standard data protection clauses are available on the website of the European Commission, available here.

d) Hosting with external service providers

Our data processing takes place to a large extent with the involvement of so-called hosting service providers, who provide us with storage space and processing capacities in their data centers and, according to our instructions, also process personal data on our behalf. For all the functionalities listed below, personal data may be transmitted to hosting service providers. These service providers process data either exclusively in the EU or we have guaranteed an appropriate level of data protection using the EU standard data protection clauses (see c.).

e) Transmission to state authorities

We provide personal information to governmental agencies (including law enforcement agencies) when required to fulfill a legal obligation to which we are subject (legal basis: Art. 6 (1) c) GDPR) or it is required to assert, exercise or defend legal claims (legal basis Art. 6 (1) f) GDPR).

f) Storage period

In the section "Storage period" it is indicated in each case, how long we use the data for the respective processing purpose. At the end of this period, the data will no longer be processed by us but will be deleted at regular intervals, unless continuing processing and storage is required by law (in particular because it is necessary to fulfill a legal obligation or to assert, exercise or defend legal claims ) or you give us an additional consent.

g) Data category labels

The following sections use the following summary category labels for specific types of data:

  • Account data: Login/user ID and password
  • People master data: Title, salutation/gender, first name, last name, date of birth
  • Address data: Street, house number, if necessary, addresses, zip code, city, country
  • Contact data: Telephone number(s), fax number(s), email address(es)
  • Registration data: Information about the service you have signed up for; dates and technical information on registration, confirmation and deregistration; at the registration of you specified data
  • Order data: Ordered products, prices, payment and delivery information
  • Payment data: Account information, credit card details, other payment services like PayPal
  • Usage data distribution list: Accreditation topic, accreditation date, approval of usage restriction/consent, downloads of press materials.
  • User profile data newsletter: Opening the newsletter (date and time), contents, selected links, as well as the following information of the accessing computer system: used Internet Protocol address (IP address), browser type and version, device type, operating system and similar technical information.
  • Access data: Date and time of visit of our service; the page from which the accessing system came to our site; pages accessed during use; session identification data; and the following information about accessing the computer system: Internet Protocol address (IP address) used, browser type and version, device type, operating system and similar technical information.

2. Accessing our services

Here's how we describe how your personal information is processed when you access our services (such as loading and viewing the website, opening and navigating within the mobile app). In particular, we point out that the transmission of access data to external content providers (see under b.) is inevitable due to the technical functioning of information transmission on the Internet. The third-party providers are responsible for the privacy-compliant operation of the IT systems they use. The decision on the storage period of the data is up to the service providers.

a) Intended purpose of the data processing and legal basis as well as possibly justified interests, storage period

Data category:
Access data
Intended purpose:
Connection setup; representation of the contents of the service; discovery of attacks on our site based on unusual activity; fault diagnosis
Legal basis:
Art. 6 (1) letter f) GDPR
Legitimate interest:
Proper function of the services; security of data and business processes; prevention of abuse; prevention of damage through interference with information systems
Storage period:
4 days

b) Recipients of personal data

Category or recipient:
External content providers who provide content (such as images, videos, embedded social networking postings, banner ads, fonts, update information, shortened links) required to view the service
Affected data:
Access data
Legal basis:
Art. 6 (1) letter f) GDPR
Legitimate interest:
Proper function of the services; (accelerated) presentation of the contents
Category of recipient:
IT security service
Affected data:
Access data
Legal basis:
Art. 6 (1) letter f) GDPR
Legitimate interest:
Preventing attacks by exploiting security breaches/vulnerabilities

3. Creating a user account

Below we describe how we process your personal data when you create an account on our website (https://computeruniverse.net).

Intended purpose of the data processing and legal basis as well as possibly justified interests, storage period

Data categrory:
People master data; account data; address data; contact data
Intended purpose:
Creating a user account
Legal basis:
Art. 6 (1) letter b) GDPR
Storage period:
Duration of the registration

4. Bonus-points program

Below we describe how your personal data is processed in connection with the bonus point program

Intended purpose of the data processing and legal basis as well as possibly justified interests, storage period

Data categrory:
People master data; account data; contact data
Intended purpose:
Carrying out a bonus-points program
Legal basis:
Art. 6 (1) letter b) GDPR
Storage period:
Duration of the registration

5. Newsletter subscription

Below we describe how your personal information is processed when you subscribe to a newsletter:

a) Intended purpose of the data processing and legal basis as well as possibly justified interests, storage period

Data category:
Email address
Intended purpose:
Verification of registration (double opt-in procedure); newsletter subscription
Legal basis:
Art. 6 (1) letter b) GDPR
Storage period:
Duration of the newsletter subscription + 4 years
Data category:
People master data
Intended purpose:
Personalisierung des Newsletters
Legal basis:
Art. 6 (1) letter b) GDPR
Storage period:
Duration of the newsletter subscription
Data category:
Registration data
Intended purpose:
Traceability of completed newsletter registration/confirmation/deregistration
Legal basis:
Art. 6 (1) letter b) and f) GDPR
Legitimate interest:
Proof of successful newsletter registration/confirmation/deregistration
Storage period:
Duration of the newsletter subscription + 4 years
Data category:
user profile data newsletter
Intended purpose:
Interest-based design of the newsletter
Legal basis:
Art. 6 (1) letter f GDPR
Legitimate interest:
Improving our service; advertising purposes
Storage period:
Duration of the newsletter subscription

b) Recipients of personal data

Category of recipient:
Service provider for newsletter distribution
Affected data:
All the data mentioned under a) of this section
Legal basis:
Order processing (Art. 28 GDPR)

6. Newsletter based on direct marketing - § 7 para. 3 UWG

In the event that you have provided us with your email address in connection with the sale of a good and/or service, we will use your email address, in addition to processing the contract, to inform you by email about our own similar goods and/or services.

We would like to point out that your interactions with the advertising mail or the newsletter are measured ("opening and click behaviour"). For this measurement, the e-mails sent contain tracking pixels or corresponding links which can measure the opening and click rates within the advertising e-mail for the purpose of optimising our future newsletters.

a) Intended purpose of the data processing and legal basis as well as possibly justified interests, storage period

Data Category:
People master data; Registration data; Newsletter user profile data; Access data; contact data; in particular your e-mail address
Intended purpose:
Sending of interest-oriented information and offers on own similar goods and/or services as well as interest-oriented design and optimisation of the newsletter product
Legal basis:
The legal basis for the processing of your e-mail address in the context of any direct marketing measures is the statutory permissible provision of Section 7 (3) of the German Unfair Competition Act (UWG) in conjunction with Section 7 (3) of the German Unfair Competition Act (UWG) Art. 6 para. 1 sentence 1 lit. f DSGVO
Legitimate interest pursued by us:
Effectuating the dispatch and design of our newsletters by means of supplementary success measurements; organisation, implementation and handling of direct marketing mailings
Storage period:
Your personal data will be deleted as soon as their further processing is no longer necessary for the respective purpose and legal retention periods do not prevent their deletion. This is regularly the case upon receipt of your objection.

b) Recipients of personal data

Category of recipient:
Service providers for newsletter dispatch; companies within the group of companies, insofar as this is necessary for the purpose of sending the newsletter.
Affected data:
all data referred to in point a) of this section
Legal basis:
Art. 6 para. 1 lit. f) DSGVO and Art. 28 DSGVO  
Legitimate interest pursued by us:
Internal administrative purposes, in particular in the context of the proper sending of the direct marketing mailing

7. Sweepstakes and promotions

Below we describe how your personal information is processed when you access our sweepstakes or promotions (e.g., events, voting, contests).

a) Intended purpose of the data processing and legal basis as well as possibly justified interests, storage period

Data category:
People master data
Intended purpose:
Identification; age verification
Legal basis:
Art. 6 (1) letter b) GDPR
Storage period:
Duration of the sweepstakes/promotion
Data category:
Address data
Intended purpose:
Contact
Legal basis:
Art. 6 (1) letter b) GDPR
Storage period:
Duration of the sweepstakes/promotion
Data category:
Contact data
Intended purpose:
Contact
Legal basis:
Art. 6 (1) letter b) GDPR
Storage period:
Duration of the sweepstakes/promotion
Data category:
Responding to competition questions; giving application information; voting information

If applicable (in accordance with the respective conditions of participation)

Intended purpose:
Execution of the respective sweepstakes/the respective promotion; winner/participant selection
Legal basis:
Art. 6 (1) letter b) GDPR
Storage period:
Duration of the sweepstakes/promotion

b) Recipients of personal data

Category of recipient:
Service provider for sweepstakes or promotion implementation
Affected data:
All the data mentioned under a) of this section
Legal basis:
Order processing (Art. 28 GDPR)
Category of recipient:
Shipping service
Affected data:
Address data; name
Legal basis:
Art. 6 (1) letter b) GDPR

8. Online shopping and e-commerce

Below we describe how your personal data is processed in connection with an existing relationship between you and us in our online shop.

a) Intended purpose der Datenverarbeitung und Legal basis sowie ggf. berechtigte Interessen, Storage period

Data category:
People master data; address data; contact data
Intended purpose:
Identification; contact; registration as a customer; age verification; provision of information appropriate to the interests; transmission of advertising for own and third party offers
Legal basis:
Art. 6 (1) letters b) and f) GDPR
Berechtigtes Interesse:
Advertising purposes; care of the customer relationship; marketing ourservices
Storage period:
10 years after completion of the last order
Data category:
Order data
Intended purpose:
Order processing; interest-based offers
Legal basis:
Art. 6 (1) letters b) and f) GDPR
Berechtigtes Interesse:
Advertising purposes; care of the customer relationship; marketing our services
Storage period:
10 years after completion of the last order
Data category:
Payment data
Intended purpose:
Handling payments for the service
Legal basis:
Art. 6 (1) letter b) GDPR
Storage period:
Duration of contract relationship

b) Recipients of personal data

Category of recipient:
Payment service
Affected data:
People master data; address data; payment data
Legal basis:
Art. 6 (1) letter b) GDPR
Category of recipient::
Payment service Klarna
Affected data:
People master data; address data; contact data; payment data
Legal basis:
Art. 6 (1) letter a) GDPR
„We offer KLARNA, a service of Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden, as a payment option. By selecting the payment option "KLARNA", you consent to an identity and credit check by KLARNA for the purpose of processing the payment for your purchase, and that we may transmit the above-mentioned personal data to KLARNA for this purpose. You will be redirected to a page of KLARNA after you have given your consent. All KLARNA transactions are subject to the KLARNA Privacy Policy. KLARNA and we act independently in terms of data protection law.“
Category of recipient:
Shipping service
Affected data:
Address data; contact data; name
Legal basis:
Art. 6 (1) letter b) GDPR
Category of recipient:
Postal service
Affected data:
People master data; address data
Legal basis:
Art. 6 (1) letters b) and f) GDPR
Legitimate interest:
Verification of your address (check of deliverability)
Category of recipient:
Marketing service
Affected data:
People master data; address data; contact data
Legal basis:
Art. 6 Abs. 1 Buchst. f) DSGVO
Legitimate interest:
Care of the customer relationship; advertising and marketing purposes
Category of recipient:
Collection service
Affected data:
People master data; address data; payment data
Legal basis:
Art. 6 Abs. (1) letter b) GDPR

9. Product insurance

Below we describe how your personal data will be processed in connection with an additional product insurance you have taken out:

Intended purpose of the data processing and legal basis as well as possibly justified, Storage period

Data category:
Address data; contact data
Intended purpose:
Identifizierung; Contact
Legal basis:
Art. 6 (1) letters b) and f) GDPR
Storage period:
10 years after completion of the last order
Data category:
Order data
Intended purpose:
Order processing
Legal basis:
Art. 6 (1) letters b) and f) GDPR
Storage period:

10 years after completion of the last order

10. Customer feedback or getting in touch with the customer service

Below, we describe how your personal data are processed when you get in touch with us with inquiries.

a) Intended purpose of the data processing and legal basis as well as possibly justified interests, storage period

Data category:
People master data; contact data; contents of the inquiries/complaints
Intended purpose:
Processing customer requests and user complaints
Legal basis:
Art. 6 (1) letters b) and f) GDPR
Legitimate interest:
Improvement of our service; customer retention
Storage period:
Processing the request

b) Recipients of personal data

Category of recipient:
Feedback service provider
Affected data:
Contact data; content of the request
Legal basis:
Order processing (Art. 28 GDPR)

11. Product assessments and comments

Below, we describe how your personal data are processed when you enter product assessments and comments on our services which are then published on computeruniverse.net.

a) Purpose of the data processing and legal basis and, if applicable, legitimate interests, duration of storage

Data category:
Access data; if applicable, e-mail address; nickname/alias or plain name
Purpose:
Identification; making comments or assessments; if applicable, getting in touch
Legal basis:
Art. 6 subparagraph 1 lit. b) and f) GDPR

Legitimate interest pursued by us:

Ensuring compliance with the conditions of use; prevention of falsified product assessments

Duration of storage:
Duration of availability of the assessment
Data category:
Contents of comments; product assessment
Purpose:
Publication on our Services
Legal basis:
Art. 6 subparagraph 1 lit. b) GDPR
Duration of storage:

Duration of availability of the assessment

b) Recipients of the personal data

In order to ensure a comprehensive and transparent presentation of the ratings for the products we sell, pseudonymised comment content and product ratings are transmitted to a search engine operator. This transmission makes it possible to display ratings across websites and in bundled form, thus providing a wide range of ratings.
Category of recipient:
Search engine operators
Affected data:
Comment content; product evaluation
Only data that is not directly identifiable is transmitted
Legal basis:
Art. 6 para. 1 lit. f) DSGVO
Legitimate interest pursued by us:
Presentation of an evaluation spectrum that is as comprehensive, complete and transparent as possible

12. Data processing on our Facebook fan page

To ensure that our online offer is up-to-date, informative and appealing, we also make use of social media platforms. In this context, we particularly use the option of a separate Facebook fan page (hereinafter "fan page"). For this purpose, we use the technical platform and the services of the company Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter "Meta").
 
We would like to point out that you use this fan page and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). Alternatively, you can also access the information offered via the fan page via our regular offer within this website.

a) Data processing by Meta when visiting our fanpage

When you visit our fan page, Meta collects, among other things, your IP address and other information that is stored in the form of cookies on your end device. This information is used to provide us, as the operator of the fan page, with statistical information about the use of the fan page. Meta provides more detailed information on this under the following link:
Link
 
The data collected about you in this context is processed by Meta and may be transferred to countries outside the European Union. Meta describes in general terms what information it receives and how it is processed in its data usage guidelines. There you will also find information on how to contact Meta and on the setting options for advertisements. The data usage guidelines are available under the following link:
Link
 
In what way Meta uses the data from a visit to the fan page for its own purposes, to what extent activities on the fan page are assigned to individual users, how long Meta stores this data and whether data from a visit to the fan page is transmitted to third parties, is not conclusively and clearly stated by Meta and is therefore not comprehensively known to us.
 
When you access our fan page, the IP address assigned to your end device is transmitted to Meta. According to Meta, this IP address is anonymised. Meta also stores information about the end devices of its users (for example, as part of the "registration notification" function). This may enable Meta to assign IP addresses to individual users.
 
If you are currently logged in to Facebook as a user, a cookie with your Facebook ID is stored on your end device. This enables Meta to track that you have visited this page and how you have used it. This also applies to all other Meta pages. Via Facebook buttons embedded in websites, it is possible for Meta to record your visits to these websites and assign them to your Facebook profile. This data can be used to offer content or advertising tailored to you.
 
If you wish to avoid this, you should log out of Facebook or deactivate the "stay logged in" function, delete the cookies on your end device and close and restart your browser . In this way, Facebook information that can be used to directly identify you will be deleted. This allows you to use our fan page without revealing your Facebook identification. When you access interactive features of the website ("Like", comment, share, message, etc.), a Facebook login page will appear. After any login, you will again be recognisable to Meta as a specific user.
 
Information on how to manage or delete information about them on Meta can be found on the following Meta support pages:
Link
 

b) Data processing under joint responsibility ("Page Insights")

In the following, we describe how we process your personal data jointly with Meta when operating the fan page:
 
The subject of the joint responsibility is the processing of personal data in the context of a so-called site insights event (hereinafter "Insights"). Insights are aggregate statistics that are generated based on specific events. These events are logged by meta servers if people interact with pages and the content associated with them. We do not have access to the personal data processed as part of the events, only to the aggregated insights provided to us by Meta. Events used to create insights do not store IP addresses, cookie IDs or any other identifiers associated with individuals or their devices other than a Facebook user ID for individuals logged into Facebook.
 
The processing is carried out in particular for the purpose of ensuring an attractive, appealing and user-friendly design of our fan page.
 
As part of an agreement on joint responsibility within the meaning of Article 26 (1) sentence 2 of the GDPR, it was agreed with Meta that Meta would assume primary responsibility for the fulfilment of the rights and obligations under data protection law with regard to the processing of Insights data. Further information on the type and scope of processing within the scope of joint responsibility can be found here:
Link
 

c) Purpose of the data processing and legal basis and, if applicable, legitimate interests, duration of storage

Data category:
Usage data; technical data; profile information; user content; further contact data and contact information; location data; analysis data
Insofar as you are logged in within your Facebook account when you call up the content, this data can also be assigned to your member account.
Purpose:
Structuring the offer in a way that is in line with interests
The operation of the fan page and the associated processing of your personal data serves the purpose of designing our offers in a demand-oriented, attractive, current and up-to-date manner.
Legal basis:
Art. 6 para. 1 sentence 1 letter a) DSGVO
Insofar as you communicate with us within the scope of the fan page in question, for example through the comment or messaging function, the associated processing of your personal data takes place on the basis of your voluntary decision.
Art. 6 para. 1 sentence 1 letter f) DSGVO
Our legitimate interest is based on the provision of a modern and up-to-date information platform as well as the creation of additional possibilities for contacting our users.
Duration of storage:

Personal data is deleted as soon as its further processing is no longer necessary for the respective purpose and legal retention periods do not prevent deletion. This is regularly the case upon receipt of your revocation or objection. Additional information on the processing of your personal data by Twitter can be found here:
Link

d) Participating companies of joint responsibility

Participating companies:
the company indicated under I.3; Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Affected data:
Usage data; technical data; profile information; user content; further contact data and contact information; location data; analysis data
Insofar as you are logged in within your Facebook account when you call up the content, this data can also be assigned to your member account.
Legal basis:
Art. 6 Abs. 1 Buchst. a) und f) DSGVO

e) Recipients of personal data

Category of recipient:
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Affected data:
Usage data; technical data; profile information; user content; further contact data and contact information; location data; analysis data
Insofar as you are logged in within your Facebook account when you call up the content, this data can also be assigned to your member account.
Legal basis:
Art. 6 Abs. 1 Buchst. f) DSGVO
Our legitimate interest is based on the provision of a modern and up-to-date information platform as well as the creation of additional possibilities for contacting our users.

13. Data processing on our Twitter fan page

To ensure that our online offering is up-to-date, informative and appealing, we also make use of social media platforms. In this context, we use the short message service Twitter in particular. The short message service Twitter is operated by the provider Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland (hereinafter "Twitter").
 
We would like to point out that you use Twitter and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). Alternatively, you can also access the information offered via Twitter via our regular offer within this website.

a) Data processing by Twitter

In general, you can inform yourself about the data processing by Twitter within the privacy policy of the service provider. The privacy policy is available under the following link:
Link
 
We have no influence on the type and scope of the data processed by Twitter, the type of processing and use or the transmission of this data to third parties. We also have no effective control options in this respect.
 
When using the Twitter service, your personal data will be processed by Twitter and transferred to or processed in the United States, Ireland and any other country in which Twitter does business, regardless of your place of residence. On the one hand, Twitter processes your voluntarily entered data such as name and user name, email address, telephone number or the contacts in your address book, if you upload or synchronise this. On the other hand, Twitter also evaluates the content you share to determine what topics you are interested in, processes confidential messages that you send directly to other users and can determine your location using GPS data, information on wireless networks or your IP address in order to send you advertising or other content. As part of the evaluation, Twitter also uses analysis tools, such as Twitter or also Google Analytics. We have no influence on the use of such tools by Twitter. The analysis data obtained in this way is not made available to us by Twitter. We only receive non-personal information about tweet activities, such as the number of profile or link clicks through a particular tweet.
 
You can restrict processing by Twitter via the general settings within your Twitter account under the item "Data protection and data security". Furthermore, when using mobile devices, you can restrict Twitter's access to contact and calendar data, photos, location data, etc. within the settings options.
 
You can access further information on Twitter's restriction of data processing here:
https://support.twitter.com/articles/105576
https://help.twitter.com/de/forms/fragments/privacy-helpful-articles
 
By clicking on the following link, you will receive further information on how you can view your data on Twitter:
Link
 

b) Data processing by us

The use of the Twitter service does not result in any direct data collection by us. We only process your personal data, such as the content published by you including your account details, if we interact with your tweet ("like", "share", "comment"). This results in the inclusion of their personal data in our offer, whereby their details are published to our "followers".
 

c) Purpose of the data processing and legal basis and, if applicable, legitimate interests, duration of storage

Data category:
Personal master data; usage data; technical data; user content ("tweets")
Purpose:
Interest-oriented design of the offer
The use of the short message service Twitter and the associated processing of your personal data serves the purpose of designing our offers in a demand-oriented, attractive, current and up-to-date manner.
Legal basis:
Art. 6 para. 1 sentence 1 letter a) DSGVO
Insofar as you communicate with us within the framework of the Twitter service, for example by using the comment or "retweet" function, the associated processing of your personal data is based on your voluntary decision.
Art. 6 para. 1 sentence 1 letter f) DSGVO
Our legitimate interest is based on the provision of a modern and up-to-date information platform as well as the creation of additional possibilities for contacting our users.
Duration of storage:

Personal data is deleted as soon as its further processing is no longer necessary for the respective purpose and legal retention periods do not prevent deletion. This is regularly the case upon receipt of your revocation or objection. Additional information on the processing of your personal data by Twitter can be found here:
Link

d) Recipients of personal data

Category of recipient:
Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland

14. Data processing on our Instagram fan page

We operate this fan page on the platform "Instagram.com" of Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland ("Facebook") (Instagram data policy). Every call and every interaction on our fan page leads to data processing, regardless of whether or not you have an account with Instagram or Facebook. In the case of a logged-in account, the operators of Instagram and/or their affiliated companies may combine the information about the call to the fan page with your account information and may use this to create profiles. If you do not wish to be profiled in this way, log out before accessing our fan page.
 
By means of "Instagram Insights", we process statistical data of our fan page such as gender, age range, location, page views, interactions and information on paid activities, reach, accounts reached, impressions and impressions per day. This is done on the basis of our legitimate interest Art. 6 (1) (f) DSGVO to make posts on the page more attractive or to find the right time to publish them.
 
You have the right of access, deletion and correction of your data, restriction of processing, objection to processing, data portability and complaint to the supervisory authority. You can assert these rights both against Facebook Ireland Ltd [contact form] and against us computeruniverse@datenschutzanfrage.de, whereby we will forward your requests there in accordance with our agreement with Facebook.
 
As we are jointly responsible for processing your data, we have a Page Controller Addendum ​with Facebook.
 

15. Administration of B2B customer data

Below, we describe how your personal data are processed in connection with a (potential) customer relationship existing between you and us::

a) Purpose of the data processing and legal basis and, if applicable, legitimate interests, duration of storage

Data category:
Personal data records; address data; contact data
Purpose:
Identification; getting in touch; registration as customer; providing information matching interests; transmission of advertising for own and outside offers; handling of inquiries; transmission to manufacturers or distributors for the preparation of quotations
Legal basis:
Art. 6 subparagraph 1 lit. b) and f) GDPR
Legitimate interest pursued by us
Care of the customer relationship; marketing of our services; own and outside advertising purposeske
Duration of storage:

unlimited

Data category:
Order data
Purpose:
Order handling; offers matching interests
Legal basis:
Art. 6 subparagraph 1 lit. b) and f) GDPR
Legitimate interest pursued by us:
Advertising purposes; care of the customer relationship; marketing of our services
Duration of storage:

unlimited

Data category:
Payment data
Purpose:
Handling of payments for the service
Legal basis:
Art. 6 subparagraph 1 lit. b) GDPR
Duration of storage:

unlimited

b) Recipients of personal data

Category of recipient:
Payment service provider
Data affected:
Personal data records; address data; contact data
Legal basis:
Art. 6 subparagraph 1 lit. b) GDPR
Category of recipient:
Service provider for creditworthiness examination
Data affected:
Personal data records; address data
Legal basis:
Art. 6 subparagraph 1 lit. b) and f) GDPR
Legitimate interest pursued by us:
Verification of your address (examination of possibility of delivery); avoidance of loss of payments
Category of recipient:
Collection service providers
Data affected:
Personal data records; address data; payment data
Legal basis:
Art. 6 subparagraph 1 lit. b) GDPR

16. Data processing by the service reCaptcha

Below we describe how your personal data is processed by the service:

We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on our website. ReCAPTCHA is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. With the help of Google reCAPTCHA, it is checked whether an entry has been made by a human being or whether an entry has been improperly made by automated, mechanical processing.

a) the purpose of the data processing and the legal basis and, where applicable, legitimate interests, duration of storage

Data category:
Technical data: IP address (truncated), URL, date and duration of the visit, browser type, terminal operating system; Google account if you are logged in to Google
Purpose:
Differentiation as to whether an input is made by a natural person for the purpose of automated access recognition (e.g. by robots)
Legal basis:
Art. 6 para. 1 letters b) and f) GDPR
Legitimate interest pursued by us:
Avoidance of misuse
Storage duration:
Data stored between 9-18 months and then either anonymised or deleted

b) Recipient of the personal data

Recipient category:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Affected data:
Technical data (described above)
Legal basis:
Art. 6 para. 1 letter b) GDPR

17. Applications

In the following, we describe how your personal data is processed in connection with an application process existing between you and us for a job at computeruniverse:

a) the purpose of the data processing and the legal basis and, where applicable, legitimate interests, duration of storage

Data category:
Address data; contact data
Purpose:
Identification; contacting; communication for contract initiation. 
Legal basis:
Art. 6 para. 1 letter b) GDPR
Storage duration:
6 Months
Data category:
Personal master data
Purpose:
Identification; contacting; age verification.
Legal basis:
Art. 6 para. 1 letter b) GDPR
Storage duration:
6 Months
Data category:
Images uploaded by you; details of profession/hobbies. 
Purpose:
Applicant selection  
Legal basis:
Art. 6 para. 1 letter b) GDPR
Storage duration:
6 Months

b) Recipient of the personal data

Recipient category:
Service providers for the handling of the application process
Affected data:
Personal master data; indication of application information; address data, contact data, pictures, videos uploaded by you. 
Legal basis:
Art. 6 para. 1 letter b) GDPR

18. Online shopping on marketplaces

We distribute our products on the following third-party marketplaces:

Amazon Marketplace
Amazon Services Europe S.à r.l., 38 avenue John F. Kennedy, L-1855 Luxemburg
Privacy policy of this marketplace operator: Link
eBay
eBay GmbH, Albert-Einstein-Ring 2-6, 14532 Kleinmachnow
Privacy policy of this marketplace operator: Link
Otto
Werner-Otto-Str. 1-7, 22179 Hamburg
Privacy policy of this marketplace operator: Link
Check24
Erika-Mann-Str. 62-66, 80636 München
Privacy policy of this marketplace operator: Link
Synaxon
Falkenstraße 31, 33758 Schloß Holte-Stukenbrock
Privacy policy of this marketplace operator: Link
Mercateo
Postfach 1460, 06354 Köthen
Privacy policy of this marketplace operator: Link
ITScope
Durlacher Allee 73, 76131 Karlsruhe
Privacy policy of this marketplace operator: Link

To place an order, you must register once with the respective marketplace operator. We only receive personal data from you through the marketplace operator if you have purchased one of our products on the respective marketplace so that we can process the purchase. Information about the data processing by the marketplace operators themselves can be found under the data protection declarations linked above.

The source of your data is the respective marketplace operator on whose marketplace environment you have ordered.

Below we describe how your personal data is processed by us when you place an order via one of these marketplaces:

a) Intended purpose of the data processing and legal basis as well as possibly justified interests, storage period

Data category:
People master data; Address data; Contact data
Intended purpose:
Identification; contacting; communication to initiate a contract  
Legal basis:
Art. 6 (1) letters b) and f) GDPR
Legitimate interest:
Advertising purposes; cultivating customer relationships; marketing our services
Storage period:
10 years after processing of the last order
Data category:
Order data
Intended purpose:
Order processing; interest-based offers
Legal basis:
Art. 6 (1) letters b) and f) GDPR
Legitimate interest:
Advertising purposes; cultivating customer relationships; marketing our services
Storage period:
10 years after processing of the last order

b) Recipient of the personal data

Category or recipient:
Shipping service provider
Affected data:
Address data; Name
Legal basis:
Art. 6 (1) letter d) GDPR
Category or recipient:
Marketing service provider
Affected data:
People master data; Address data; Contact data
Legal basis:
Art. 6 (1) letter f) GDPR
Legitimate interest:
Customer relationship management, advertising and marketing purposes
Category or recipient:
Marketplace operator
Affected data:
Order data
Legal basis:
Art. 6 (1) letter b) GDPR

19. Tracking

Below we describe in which cases and how your personal data is processed using tracking technologies when using our services.

What data is processed by tracking?

The tracking procedures presented here process personal data only in pseudonymous form. No association is made with a concrete, identified natural person, i.e. there is no aggregation of the data with information about the bearer of the pseudonym.

Directly transmitted pseudonymous information such as the cookie ID or (possibly shortened) IP address is assigned additional information during tracking. Typically, this is technical information about the terminal used, information about usage behaviour on the Internet, interests and, if applicable, location data.

How can you disagree to have the tracking?

The description of the tracking procedures also includes information on how to prevent data processing. Please note that this "opt-out", i.e. the refusal of processing, is partly stored via cookies. If you use our services via a new terminal device or in another browser or if you have deleted the cookies set by your browser, you may have to explain the refusal of processing again.

By clicking on the following link, you can revoke your consent for comfort cookies at any time:

Link

You can withdraw your consent to benefit cookies at any time by clicking on the following link:

Link

 

On what legal basis is the tracking carried out?

The use of tracking technologies can be based on various legal bases, which we describe below. We describe in the list below for which concrete purpose and on which legal basis we perform tracking by using a specific service.

 

    1. Legal basis Agreement, Art. 6(1)(b) GDPR

      In order to provide services which are provided in connection with a contract, tracking and the associated analysis of user behaviour is carried out on the basis of the legal basis of Art. 6 Para. 1 b) GDPR.

      The information obtained through this tracking is necessary to provide optimised services according to the contractual purpose and to ensure the greatest possible benefit.

    2. Legal basis Legitimate interest, Art. 6(1)(f) GDPR

      In order to provide attractive services as efficiently as possible, we pursue the legitimate interest of analysing information about user behaviour on our services obtained through tracking.

      Tracking on the basis of the legal basis Art. 6 para. 1 f) GDPR helps us:

      • to review the effectiveness of our services, to optimise and adapt them to the needs of users and to correct errors,
      • To statistically determine key data on the use of our services (reach, intensity of use, surfing behaviour of users) on the basis of uniform standard procedures, thus obtaining values that are comparable throughout the market,
      • to measure the success of advertising campaigns, optimise our ads for the future and enable marketers and advertisers to optimise their ads accordingly
      • and to enable correct commission accounting for transactions.

      However, we do not pursue any purposes on this basis for which the behaviour of data subjects on the Internet must be made comprehensible or for which user profiles must be created.

    3. Legal basis Consent, Article 6(1)(a) GDPR

      In order to be able to display advertising and content that is optimised and tailored as closely as possible to your interests, we carry out tracking on the basis of your consent (Art. 6 para. 1 a) GDPR).

      Using certain advanced methods for analysing user behaviour, we aim to optimise our services and adapt them to the needs of users. For this purpose, in many cases - albeit in pseudonymised form, i.e. without identifying a specific person - the behaviour of affected persons on the Internet must be made comprehensible or user profiles must be created.

      Consent is voluntary. It is granted, for example, by clicking on the "OK" button on our services after a corresponding message is displayed. You can revoke this consent at any time, for example by using the opt-out options offered in the list below for the individual services.

a) Tracking technologies used

Name of service:
Google Analytics
Provider:
Google Analytics is a service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Purpose of tracking:
With Google Analytics, we collect user behavior information to improve the usability of the website.
Processing of personal data:

The IP address is processed.

We use Google Analytics including the features of Universal Analytics. Universal Analytics allows us to analyze activity on our services across devices (for example, when accessing via laptop and later via a tablet). This is made possible by the pseudonymous assignment of a user ID.

Storage period:
The transferred data will be deleted after 26 months. The deletion of data, whose retention period has been reached, is carried out automatically once a month.
Legal basis:
Consent  (Art. 6 Sec. 1 a) of GDPR)
Possibility to stop the processing (Opt-out):

Link

Name of service:
Google Tag Manager
Provider:
Google Tag Manager is a service provided by Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043
Purpose of tracking:
The Google Tag Manager allows easier integration of various scripts for web analysis and remarketing into the own website. It is not a tracking service in the true sense.
Processing of personal data:

The Google Tag Manager just passes on data and does not process it itself.

Storage period:
No personal data is stored.
Legal basis:
Legitimate interest  (Art. 6 Sec. 1 f) of GDPR)
Name of service:
Google Ads
Provider:
Google AdWords is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. 
Purpose of tracking:
This service collects information on user behaviour for the measurement of success and handling of advertising campaigns and the handling of personalised ads.
Processing of personal data:

We process cookie IDs and IP addresses.

Storage period or duration of the cookies:
Up to 540 days.
Legal basis:
Consent  (Art. 6 Sec. 1 a) of GDPR)
Option to stop processing (Opt-out):

Link

Name of service:
RTB House S.A.
Provider:
The Digital Marketing (Retargeting) Service is a service provided by RTB House SA, 61/101 Zota Street, 00-819 Warsaw, Poland
Purpose of tracking:
RTB House collects information on user behavior to measure the success and control of advertising campaigns and the control of personalized advertising.
Processing of personal data:

Unique online identifiers including cookie IDs and mobile advertising IDs are processed.

Storage period or duration of the cookies:
The data is stored for 30 days.
Legal basis:
Consent  (Art. 6 Sec. 1 a) of GDPR)
Option to stop processing (Opt-out):

Link

Name of service:
WebTrekk
Provider:
Webtrekk is a service of Webtrekk GmbH, Hannoversche Straße 19, 10115 Berlin
Purpose of tracking:
Webtrekk collects information to improve the user experience of the website.
Processing of personal data:
No personal data is processed, IP addresses are not stored.
Storage period:
No personal data is stored.
Legal basis:
Legitimate interest  (Art. 6 Sec. 1 f) of GDPR)
Possibility to stop the processing (Opt-out):

Link

Name of service:
Feed Dynamix
Provider:
Feed Dynamix is a service of econda GmbH, Zimmerstr. 6, 76137 Karlsruhe
Purpose of tracking:
Feed Dynamix collects user behavior information to improve the user experience of the website.
Processing of personal data:
Cookie IDs are processed, IP addresses are truncated.
Storage period:
Cookie-IDs are stored for 30 days.
Legal basis:
Consent  (Art. 6 Sec. 1 a) of GDPR)
Possibility to stop the processing (Opt-out):

Link

Name of the service:
billiger.de - Sales-Tracking
Provider:
billiger.de - Sales-Tracking is a service of solute gmbh, Zeppelinstr. 15, 76185 Karlsruhe
Purpose of tracking:
Via links, the service produces mediation to partner offers, on the basis of which commissions are determined.
Processing of personal data:
  • Browser type and version
  • Operating system
  • Referrer-URL
  • Cookie ID
Duration of storage:
1 year
Legal basis:
Consent  (Art. 6 Sec. 1 a) of GDPR)
Name of service:
Criteo Dynamic Retargeting
Provider:
Criteo Dynamic Retargeting is a service of Criteo SA, 32 Rue Blanche, 75009 Paris, France
Purpose of tracking:
Criteo gathers information about user behavior for measuring the success and control of advertising campaigns as well as the control of personalized advertising
Processing of personal data:
User ID, Cookie ID and hashed email addresses are processed. Criteo shares data with other partners, which you can see here [https://www.criteo.com/privacy/criteo-works-with-the-following-platforms/].
Storage period:
Criteo retains the data for up to 13 months from the date of collection. These expire 13 months after the last update. The data will be deleted automatically.
Legal basis:
Consent  (Art. 6 Sec. 1 a) of GDPR)
Possibility to stop the processing (opt-out):

Link

Data transfer to a third country?
The data collected by Criteo in the EU is stored in the EU. If data are transmitted to countries outside the EU, this is done in compliance with the conditions set out in Article 5 of the GDPR.
Name of service:
CCriteo Retail Media
Provider:
Criteo Dynamic Retargeting is a service of Criteo SA, 32 Rue Blanche, 75009 Paris, France
Purpose of tracking:
Criteo gathers information about user behavior for measuring the success and control of advertising campaigns as well as the control of personalized advertising
Processing of personal data:
User ID, Cookie ID and hashed email addresses are processed. Criteo shares data with other partners, which you can see here [https://www.criteo.com/privacy/criteo-works-with-the-following-platforms/].
Storage period:
Criteo retains the data for up to 13 months from the date of collection. These expire 13 months after the last update. The data will be deleted automatically.
Legal basis:
Consent  (Art. 6 Sec. 1 a) of GDPR)
Possibility to stop the processing (opt-out):

Link

Data transfer to a third country?
The data collected by Criteo in the EU is stored in the EU. If data are transmitted to countries outside the EU, this is done in compliance with the conditions set out in Article 5 of the GDPR.
Name of service:
Facebook Custom Audiences
Provider:
Facebook Custom Audience is a service of Facebook Inc., 1601 S. California Avenue, Palo Alto, CA, 94304 and affiliated companies
Purpose of tracking:

Viewing behavior analysis, use of personalized advertising, measurement of advertising success, billing of advertising.

Note: We use only the pixel method, a comparison using customer lists does not take place with us.

Processing of personal data:
IP address, as well as localization information, cookie device ID
Storage period:
Facebook accesses the data collected by pixel for 180 days. After that we cannot access them anymore
Legal basis:
Consent  (Art. 6 Sec. 1 a) of GDPR)
Possibility to stop the processing (opt-out):
You may object to the processing of your personal data through Facebook Custom Audiences by clicking on this link.
Name of service:
AWIN
Provider:
Awin is a service provided by AWIN AG, Eichhornstraße 3, 10785 Berlin
Purpose of tracking:
Awin uses consumer data to track a consumer’s journey through particular websites after the consumer has viewed or clicked on an ad in order to allocate a publisher’s sales and marketing costs to a particular transaction and to pay for it on a performance-related basis. For this purpose, Awin maintains the platforms Awin, zanox and affilinet.
.
Processing of personal data:

The data collected by Awin through tracking is pseudonymised and largely technical. A tracking domain cookie collects data including: cookie date, cookie expiry date, truncated IP address, IP hash, GeoIP, advertiser ID, publisher ID, ad ID, group ID, product ID, click/network reference, referrer, overwritten publisher ID, membership, platform, checksum. A journey tag (confirmation pages) collects data including transaction date, advertiser ID, publisher ID, order reference, total amount, currency, voucher code, cookies, IP address, referrer, URL, checksum, IPUA hash, country, channel. A journey tag (shopping cart and checkout pages) collects data including product name, category, price, commission group, quantity, SKU.

Storage period:
Unless otherwise required by law, personal user data is deleted after 36 months.
Legal basis:
Legitimate interests (Article 6 paragraph 1. f) GDPR)
Processing opt-out):
Link
Transfer of data to third countries?
Some of the companies involved in processing are based outside the EU in the USA (third country) (country of registration specified when the company is mentioned). As far as data is transmitted to these companies, so-called EU standard contractual clauses have been concluded or so-called binding corporate rules apply, which legitimize the transfer to third countries.
Name of service:
Commerce Connector
Provider:
Commerce Connector is a service by Commerce Connector GmbH, Deckerstraße 41, 70372 Stuttgart
Purpose of tracking:
The service enables allocation to products sold after being forwarded by Commerce Connector.
Processing personal data:
The IP address (hashed or abbreviated) and the Cookie ID are processed.
Storage period:
The runtime of the cookies cookie is 7 days.
Legal basis:
Consent  (Art. 6 Sec. 1 a) of GDPR)
Possibility to stop the processing (opt-out)

Link

Transfer of data to third countries?
Some of the companies involved in processing are based outside the EU in the USA (third country) (country of registration specified when the company is mentioned). As far as data is transmitted to these companies, so-called EU standard contractual clauses have been concluded or so-called binding corporate rules apply, which legitimize the transfer to third countries.
Designation of the service:
Dynamic Yield
Provider:
Dynamic Yield is a service of Dynamic Yield GmbH, Unter den Linden 26-30, 10117 Berlin
Purpose of tracking:
Tracking makes it possible to analyze a website visitor's affinity for products and to provide custom recommendations, such as the most viewed or most frequently sold products. Tracking is carried out anonymously until the website visitor logs in to the page. Then tracking for this session is carried out pseudonymously. Pseudonymized data are linked to a single visitor, but cannot be directly linked to any contact in the Dynamic Yield database or used to determine the identity of a natural person.
Processing of personal data:
  • IP addresses are processed, but not saved
  • E-mail address
  • GeographischeGeographic data
  • Target audience segments
  • Online identifiers
  • Device ID
  • Usage data
Storage term:
24 months, unless the account is deleted before this time.
Legal basis:
If you are logged in to our website as a user, we carry out tracking to provide our service (customization of the website); the fulfillment of the contract is the legal basis for this tracking (Art. 6 para. 1 b GDPR). If you are not logged in, we carry out anonymous tracking based on our legitimate interest (Art. 6 para. 1 f) GDPR).
Mechanism for preventing processing (opt-out):
If you are not logged into our website, then Dynamic Yield carries out anonymous tracking. If you are logged into our website, then tracking is carried out as part of providing our services.

Link
Name of service:
SalesViewer
Provider:
SalesViewer® GmbH, Huestr. 30, 44787 Bochum, Germany
Purpose of tracking:
This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes.
Processing personal data:
In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally.
Storage period:
The data stored by Salesviewer will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them.
Legal basis:
Consent (Art. 6 Sec. 1 f) of  GDPR)
Possibility to stop the processing (opt-out)

Link

Name of Service:
Microsoft Ads
Provider:
Microsoft Ads, is a service of Microsoft Corporation, One Microsoft Way, Redmond, WA, 98052 and its affiliates.
Purpose of tracking:
Viewing time analysis, serving personalised advertising, measuring advertising success, billing for advertising.
Processing of personal data:
Bing Ads processes the IP address, as well as the search history and the click path.
Storage period or functional duration of the cookie:
The information collected is transferred to Microsoft servers in the USA and stored there for a maximum of 180 days.
Legal basis:
Consent (Art. 6 para. 1 a) GDPR)
Possibility to stop the processing (Opt-out):

Link

Data transfer to third countries?
Yes, USA.
Possibly: Australia, Austria, Brazil, Canada, Chile, Finland, France, Germany, Hong Kong (PR China), India, Ireland, Japan, South Korea, Luxembourg, Malaysia, Netherlands, Singapore, South Africa, United Kingdom, as well as other countries.
Appropriate safeguards (Art. 46 GDPR)
For countries without an adequate level of data protection by law, Microsoft works with contractual arrangements to ensure an adequate level of data protection.

20. Direct Marketing

The processing of your e-mail address within the scope of direct marketing measures is carried out for the purpose of providing information about our products and services.

Purpose of data processing and legal basis as well as legitimate interests, if applicable, storage period

Data categrory:
e-mail address
Intended purpose:
Transmission of advertising for own similar goods and services; direct advertising
Legal basis:
The legal basis for the processing of your e-mail address in the context of any direct marketing measures is either the legal permissibility of Section 7 (3) UWG or your consent pursuant to Art. 6 (1) a) DSGVO
Storage period:
We process your personal data as long as they are required for the respective purpose. Subsequently, the deletion takes place regularly upon receipt of your revocation or objection.

21. Surveys to improve the user experience

From time to time, you have the opportunity to participate in surveys on our services that serve to improve the user experience and statistical analysis. We receive the voting tools from service providers who also process the corresponding data. Below we describe how your personal data is processed when you participate in such surveys.

a) Purpose of data processing and legal basis as well as legitimate interests, if applicable, storage period

Data categrory:
As part of the survey to improve the user experience, we process your IP address and other usage data by default. In addition, we may process your name and, if applicable, your email address if you provide them as part of the survey.
Intended purpose:
Improving the user experience; Statistical analysis; Conducting the survey. We process your IP address in connection with the survey solely for the purpose of technically executing the survey and playing out the survey form. Furthermore, the processing serves the purpose of preventing multiple participations in the survey.
Legal basis:
Art. 6 para. 1 letter a) DSGVO
Storage period:
Your personal data is processed primarily for the technical execution of the survey. Personal data is usually deleted after the survey has been completed.
Data categrory:
Survey responses and opinions
Intended purpose:
Presentation of the contents of the service; Improvement of the user experience; Statistical evaluation; Conducting the survey. We conduct the survey solely for the purpose of determining whether our offers meet the expectations of our users and, if necessary, to statistically evaluate and improve them on the basis of the results of the survey. Your personal data will not be linked with the survey results or within the framework of the statistical evaluation.
Legal basis:
Art. 6 para. 1 letter a) DSGVO
Storage period:
We process personal data in connection with the execution of the survey exclusively for the technical execution of the survey itself and for the duration of the execution of the survey. No further personal data will be stored in connection with the survey results.

b) Recipient of the personal data

Recipient category:
Service provider for survey tool
Affected data:
IP address
Legal basis:
Art. 28 DSGVO

III. Rights of the persons affected

1. Right of objection

If we process your personal data in order to operate direct mail, you have the right at any time, with future effect, to object to the processing of personal data relating to the Purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct mail.

For reasons arising out of your particular situation, you also have the right to object at any time, with future effect, to the personal data relating to processing, which occurs in accordance with Art. 6 (1) letters e) or f) GDPR; based on these provisions, this also applies to profiling.

The right to object can be exercised free of charge. To work on your request faster, please use our form preferably under the following link:
For a data-privacy request

Alternatively, you can reach us inter alia via the contact data mentioned under I.3 or use the following approaches:
By email to: computeruniverse@dataschutzanfrage.de
By phone: +49 6172 3917-0
By fax: +49 6172 3917-200

2. Right of access

You have the right to request confirmation from us as to whether personal data relating to you are being processed and, if applicable, for information about this personal data and the other information listed in Art. 15 GDPR.

3. Right of rectification

You have the right to demand immediate correction of incorrect personal data concerning you (Art. 16 GDPR). Taking into account the purpose of processing you have the right to demand the completion of incomplete personal data, including by means of a supplementary statement.

4. Right of deletion ("Right to be forgotten")

You have the right to demand that personal data relating to you be deleted without delay if one of the reasons stated in Art. 17 (1) GDPR applies and the processing is not required for one of the purposes set out in Art. 17 (3) GDPR.

5. Right to restriction of processing

You are entitled to request a restriction on the processing of your personal data, if one of the requirements set forth in Art. 18 (1) letters a) - d) GDPR.

6. Right to data portability

You have the right, under the conditions specified in Art. 20 (1) GDPR to obtain the personal data that you have provided us in a structured, common and machine-readable format, and the right to transfer that data to another person without Obstruction by us. In exercising the right to data transferability, you have the right to obtain that your personal data is transmitted directly by us to another responsible party, as far as technically feasible.

7. Right to revoke a consent

Insofar as processing is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent until the revocation is not affected.

8. Right of appeal

You have the right of appeal to the supervisory authority responsible for our company. The supervisory authority responsible for our company is:
Der Sächsische Dataschutzbeauftragte [The Saxon Data Protection Officer], Devrientstraße 5, 01067 Dresden,
https://www.datenschutz.sachsen.de/


As of: 29th September 2023