Privacy Policy
Data Protection
We have written this data protection declaration (version 09.02.2021-311260153) to explain to you in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 what information we collect, how we use data and what options you have as a visitor to this website .
Privacy statements usually sound very technical. However, this version should describe the most important things to you as simply and clearly as possible. As far as possible, technical terms are explained in a reader-friendly manner. We would also like to convey that we only collect and use information with this website if there is a corresponding legal basis. This is certainly not possible if you give the briefest possible technical explanations, as they are often standard on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative and maybe there is one or the other piece of information that you did not know yet.
If you still have questions, we would like to ask you to follow the existing links and see further information on third-party websites, or simply write us an email. You will find our contact information in the imprint.
Automatic data storage
When you visit websites these days, certain information is automatically created and saved, including on this website. This collected data should be collected as sparingly as possible and only with justification. By website we mean the entirety of all websites on your domain, i.e. everything from the start page (homepage) to the very last subpage (like this one). By domain we mean example.de or musterbeispiel.com.
Even while you are currently visiting our website, our web server – this is the computer on which this website is stored – usually automatically saves data such as for reasons of operational security, to generate access statistics, etc.
- the complete Internet address (URL) of the website called up (e.g. https://www.beispielwebsite.de/beispielunterseite.html/)
- Browser and browser version (e.g. Chrome 87)
- the operating system used (e.g. Windows 10)
- the address (URL) of the previously visited page (referrer URL) (e.g. https://www.beispielquellsite.de/vondabinichgekommen.html/)
- the host name and the IP address of the device from which access is made (e.g. COMPUTERNAME and 194.23.43.121)
- Date and Time
- in files, the so-called web server log files.
As a rule, these files are stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out that this data will be viewed by the authorities in the event of illegal behavior.
In short: your visit is logged by our provider (company that runs our website on special computers (servers)), but we do not pass on your data!
Cookies
Our website uses HTTP cookies to save user-specific data.
In the following we explain what cookies are and why they are used so that you can better understand the following data protection declaration.
What are Cookies?
Whenever you surf the Internet, you are using a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites save small text files in your browser. These files are called cookies.
One thing cannot be dismissed out of hand: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are also other cookies for other areas of application. HTTP cookies are small files that our website stores on your computer. These cookie files are automatically placed in the cookie folder, which is the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.
Cookies store certain user data about you, such as language or personal page settings. When you visit our site again, your browser sends the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you your usual standard settings. In some browsers each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.
There are both first-party cookies and third-party cookies. First-party cookies are created directly from our side, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “pests”. Cookies cannot access information on your PC either.
For example, cookie data can look like this:
- Name: _ga
- Expiry time: 2 years
- Use: Differentiation of website visitors
- Exemplary value: GA1.2.1326744211.152311260153
A browser should support the following minimum sizes:
- A cookie should be able to contain at least 4096 bytes
- At least 50 cookies should be able to be stored per domain
- A total of at least 3000 cookies should be able to be stored
What types of cookies are there?
The question of which cookies we specifically use depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies.
There are 4 types of cookies:
Absolutely necessary Cookies
These cookies are necessary to ensure the basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues surfing on other pages and only goes to checkout later. These cookies do not delete the shopping cart, even if the user closes his browser window.
Functional Cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are used to measure the loading time and the behavior of the website with different browsers.
Goal-oriented cookies
These cookies ensure better user-friendliness. For example, entered locations, font sizes or form data are saved.
Advertising cookies
These cookies are also called targeting cookies. They serve to deliver customized advertising to the user. That can be very practical, but also very annoying.
When you visit a website for the first time, you will usually be asked which of these types of Cookies you would like to allow. And of course this decision is also saved in a Cookie.
How can I delete Cookies?
You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies originate from, you always have the option to delete cookies, only partially allow them or deactivate them. For example, you can block third-party cookies but allow all other cookies.
If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:
Chrome: Delete, activate and manage cookies in Chrome
Safari: manage cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer
Internet Explorer: deleting and managing cookies
Microsoft Edge: Deleting and managing cookies
If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. For each individual cookie, you can decide whether or not to allow the cookie. The procedure is different depending on the browser. It is best to search for the instructions in Google using the search term “delete cookies Chrome” or “deactivate cookies Chrome” in the case of a Chrome browser or replace the word “Chrome” with the name of your browser, e.g. Edge, Firefox, Safari.
What about my data protection?
The so-called “cookie guidelines” have existed since 2009. It states that the saving of cookies requires your consent. Within the EU countries, however, there are still very different reactions to these guidelines. In Germany, the cookie guidelines have not been implemented as national law. Instead, this guideline was largely implemented in Section 15 (3) of the Telemedia Act (TMG).
If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.
Storage of personal data
Personal data that you transmit to us electronically on this website, such as name, e-mail address, address or other personal information in the context of submitting a form or comments in the blog, are saved by us together with the time and the IP Address is only used for the specified purpose, stored securely and not passed on to third parties.
We therefore only use your personal data for communication with those visitors who expressly request contact and for processing the services and products offered on this website. We do not pass on your personal data without your consent, but we cannot rule out that this data will be viewed in the event of illegal behavior.
If you send us personal data by email – outside of this website – we cannot guarantee the secure transmission and protection of your data. We recommend that you never send confidential data unencrypted by e-mail.
According to Article 6 Paragraph 1 a GDPR (lawfulness of processing), the legal basis is that you give us your consent to process the data you have entered. You can revoke this consent at any time – an informal e-mail is sufficient, you will find our contact details in the imprint.
Rights according to the General Data Protection Regulation
According to the provisions of the GDPR, you have the following rights:
- Right to rectification (Article 16 GDPR)
- Right to cancellation (“right to be forgotten”) (Article 17 GDPR)
- Right to restriction of processing (Article 18 GDPR)
- Right to notification – obligation to notify in connection with the correction or deletion of personal data or the restriction of processing (Article 19 GDPR)
- Right to data portability (Article 20 GDPR)
- Right to object (Article 21 GDPR)
- Right not to be subject to a decision based solely on automated processing – including profiling (Article 22 GDPR)
If you believe that the processing of your data violates data protection law or your data protection claims have been violated in any other way, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
Evaluation of visitor behavior
In the following data protection declaration, we inform you whether and how we evaluate data from your visit to this website. The data collected is usually evaluated anonymously and we cannot infer your person from your behavior on this website.
You can find out more about how to object to this analysis of the visit data in the following data protection declaration.
TLS encryption with https
TLS, encryption and https sound and are very technical. We use HTTPS (the Hypertext Transfer Protocol Secure stands for “secure hypertext transfer protocol”) to transfer data securely on the Internet.
This means that the complete transmission of all data from your browser to our web server is secured – nobody can “overhear”.
We have thus introduced an additional security layer and comply with data protection through technology design (Article 25 (1) GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data.
You can recognize the use of this protection of data transmission by the small lock symbol in the top left of the browser to the left of the Internet address (e.g. examplepage.de) and the use of the https scheme (instead of http) as part of our Internet address.
If you want to know more about encryption, we recommend doing a Google search for “Hypertext Transfer Protocol Secure wiki” for good links to further information.
Google Analytics privacy policy
We use the Google Analytics (GA) analysis tracking tool from the American company Google Inc. on our website. Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services in Europe. Google Analytics collects data about your actions on our website. For example, if you click on a link, this action is saved in a cookie and sent to Google Analytics. With the help of the reports we receive from Google Analytics, we can better tailor our website and our service to your needs. In the following, we will go into more detail about the tracking tool and, above all, inform you about which data is stored and how you can prevent this.
What is Google Analytics
Google Analytics is a tracking tool that is used to analyze our website’s traffic. In order for Google Analytics to work, a tracking code is built into the code of our website. When you visit our website, this code records various actions that you carry out on our website. As soon as you leave our website, this data is sent to the Google Analytics server and stored there.
Google processes the data and we receive reports on your user behavior. These reports can include the following:
- Target group reports: With target group reports, we get to know our users better and know more precisely who is interested in our service.
- Ad reports: Ad reports make it easier for us to analyze and improve our online advertising.
- Acquisition reports: Acquisition reports give us helpful information on how we can get more people excited about our service.
- Behavioral Reports: This is where we learn how you interact with our website. We can understand which route you take on our site and which links you click.
- Conversion reports: Conversion is a process in which you carry out a desired action based on a marketing message. For example, when you go from being a pure website visitor to being a buyer or newsletter subscriber. With the help of these reports, we can find out more about how you are receiving our marketing measures. This is how we want to increase our conversion rate.
- Real-time reports: Here we always find out immediately what is happening on our website. For example, we can see how many users are reading this text.
Why do we use Google Analytics on our website?
Our goal with this website is clear: We want to offer you the best possible service. The statistics and data from Google Analytics help us to achieve this goal.
The statistically evaluated data show us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimize our site so that interested people can find it more easily on Google. On the other hand, the data helps us to better understand you as a visitor. We therefore know very well what we need to improve on our website in order to offer you the best possible service. The data also help us to carry out our advertising and marketing measures more individually and cost-effectively. After all, it only makes sense to show our products and services to people who are interested in them.
Which data is saved by Google Analytics?
Google Analytics uses a tracking code to create a random, unique ID that is linked to your browser cookie. This is how Google Analytics recognizes you as a new user. The next time you visit our site, you will be recognized as a “returning” user. All collected data is saved together with this user ID. This is the only way to evaluate pseudonymous user profiles.
Tags such as cookies and app instance IDs measure your interactions on our website. Interactions are all types of actions that you carry out on our website. If you also use other Google systems (such as a Google account), data generated by Google Analytics can be linked to third-party cookies. Google does not pass on any Google Analytics data unless we, as the website operator, approve it. Exceptions may be made if required by law.
The following Cookies are used by Google Analytics:
Name: _ga
Value: 2.1326744211.152311260153-5
Purpose: By default, analytics.js uses the _ga cookie to save the user ID. Basically, it is used to differentiate between website visitors.
Expiry date: after 2 years
Name: _gid
Value: 2.1687193234.152311260153-1
Purpose: The cookie is also used to differentiate between website visitors.
Expiry date: after 24 hours
Name: _gat_gtag_UA_ <property-id>
Value: 1
Purpose: Used to lower the request rate. If Google Analytics is provided via the Google Tag Manager, this cookie is given the name _dc_gtm_ <property-id>.
Expiry date: after 1 minute
Name: AMP_TOKEN
Value: no information
Purpose: The cookie has a token with which a user ID can be retrieved from the AMP client ID service. Other possible values indicate a logout, a request, or an error.
Expiry date: after 30 seconds up to a year
Name: __utma
Value: 1564498958.1564498958.1564498958.1
Purpose: This cookie can be used to track your behavior on the website and measure performance. The cookie is updated every time information is sent to Google Analytics.
Expiry date: after 2 years
Name: __utmt
Value: 1
Purpose: The cookie is used like _gat_gtag_UA_ <property-id> to throttle the request rate.
Expiry date: after 10 minutes
Name: __utmb
Value: 3.10.1564498958
Purpose: This cookie is used to determine new sessions. It is updated every time new data or information is sent to Google Analytics.
Expiry date: after 30 minutes
Name: __utmc
Value: 167421564
Purpose: This cookie is used to set new sessions for returning visitors. This is a session cookie and it is only saved until you close the browser again.
Expiration date: after closing the browser
Name: __utmz
Value: m | utmccn = (referral) | utmcmd = referral | utmcct = /
Purpose: The cookie is used to identify the source of the traffic on our website. This means that the cookie saves where you came to our website from. That could have been another page or an advertisement.
Expiry date: after 6 months
Name: __utmv
Value: not specified
Purpose: The cookie is used to save custom user data. It is always updated when information is sent to Google Analytics.
Expiry date: after 2 years
Note: This list cannot claim to be complete, as Google keeps changing the selection of its cookies.
Here we show you an overview of the most important data that is collected with Google Analytics:
Heatmaps: Google creates so-called heatmaps. Heatmaps show exactly those areas that you click on. This way we get information about where you are on our site.
Session duration: Google defines the session duration as the time that you spend on our site without leaving the site. If you have been inactive for 20 minutes, the session ends automatically.
Bounce rate: We speak of a bounce if you only view one page on our website and then exit our website again.
Account creation: When you create an account or place an order on our website, Google Analytics collects this data.
IP address: The IP address is only shown in abbreviated form so that no clear assignment is possible.
Location: The country and your approximate location can be determined via the IP address. This process is also known as IP location determination.
Technical information: The technical information includes, among other things, your browser type, your Internet provider or your screen resolution.
Source of origin: Google Analytics or us, of course also interested in which website or which advertising you came to our site.
Further data are contact details, any ratings, the playing of media (e.g. when you play a video on our site), the sharing of content via social media or adding to your favorites. The list does not claim to be complete and only serves as a general guide to data storage by Google Analytics.
How long and where is the data stored?
Google has distributed your servers all over the world. Most of the servers are located in America and consequently your data is mostly stored on American servers. Here you can read exactly where the Google data centers are located:
https://www.google.com/about/datacenters/inside/locations/?hl=de
Your data is distributed on various physical data carriers. This has the advantage that the data can be accessed more quickly and is better protected against manipulation. Every Google data center has appropriate emergency programs for your data. If, for example, the hardware at Google fails or natural disasters paralyze servers, the risk of a service interruption at Google remains low.
A standard retention period for your user data of 26 months is set for Google Analytics. Then your user data will be deleted. However, we have the option of choosing the retention period for user data ourselves. We have five options for this:
- Deletion after 14 months
- Deletion after 26 months
- Deletion after 38 months
- Deletion after 50 months
- No automatic deletion
When the specified period has expired, the data is deleted once a month. This retention period applies to your data that is linked to cookies, user identification and advertising IDs (e.g. cookies from the DoubleClick domain). Report results are based on aggregated data and are stored independently of user data. Aggregated data is a merging of individual data into a larger unit.
How can I delete my data or prevent data storage?
According to the data protection law of the European Union, you have the right to receive information about your data, to update it, to delete it or to restrict it. With the help of the browser add-on to deactivate Google Analytics JavaScript (ga.js, analytics.js, dc.js), you can prevent Google Analytics from using your data. You can download and install the browser add-on at https://tools.google.com/dlpage/gaoptout?hl=de. Please note that this add-on only deactivates data collection by Google Analytics.
If you generally want to deactivate, delete or manage cookies (independent of Google Analytics), there are separate instructions for each browser.
Google Analytics is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. You can find more information on this at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=311260153. We hope we were able to provide you with the most important information about data processing by Google Analytics. If you want to learn more about the tracking service, we recommend these two links: http://www.google.com/analytics/terms/de.html and https://support.google.com/analytics/answer/6004245?hl=de.
Embedded social media elements data protection declaration
We integrate elements of social media services on our website in order to display images, videos and texts.
When you visit pages that display these elements, data is transferred from your browser to the respective social media service and stored there. We have no access to this data.
The following links take you to the pages of the respective social media services where it is explained how they handle your data:
- Instagram privacy policy: https://help.instagram.com/519522125107875
- The Google data protection declaration applies to YouTube: https://policies.google.com/privacy?hl=de
- Facebook data policy: https://www.facebook.com/about/privacy
- Twitter privacy policy: https://twitter.com/de/privacy
Facebook privacy policy
We use selected Facebook tools on our website. Facebook is a social media network operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2 Ireland. With the help of these tools we can offer you and people who are interested in our products and services the best possible offer. In the following we provide an overview of the various Facebook tools, which data is sent to Facebook and how you can delete this data.
What are Facebook tools?
In addition to many other products, Facebook also offers the so-called “Facebook Business Tools”. This is the official name of Facebook. But since the term is hardly known, we decided to call them just Facebook tools. These include:
- Facebook pixel
- social plug-ins (such as the “Like” or “Share” button)
- Facebook login
- Account Kit
- APIs (programming interface)
- SDKs (collection of programming tools)
- Platform integrations
- Plugins
- Codes
- Specifications
- Documentation
- Technologies and services
These tools enable Facebook to expand its services and to receive information about user activities outside of Facebook.
Why do we use Facebook tools on our website?
We only want to show our services and products to people who are really interested in them. With the help of advertisements (Facebook ads) we can reach exactly these people. However, in order to be able to show users appropriate advertising, Facebook needs information about people’s wishes and needs. Information about user behavior (and contact details) is made available to the company on our website. As a result, Facebook collects better user data and can show interested people the right advertising about our products or services. The tools thus enable customized advertising campaigns on Facebook.
Facebook calls data about your behavior on our website “event data”. These are also used for measurement and analysis services. In this way, Facebook can create “campaign reports” on our behalf about the impact of our advertising campaigns. Furthermore, analyzes give us a better insight into how you use our services, website or products. This enables us to optimize your user experience on our website with some of these tools. For example, you can use the social plug-ins to share content on our site directly on Facebook.
Which data are saved by Facebook tools?
By using individual Facebook tools, personal data (customer data) can be sent to Facebook. Depending on the tools used, customer data such as name, address, telephone number and IP address can be sent.
Facebook uses this information to compare the data with the data it has about you (if you are a Facebook member). So-called “hashing” takes place before customer data is transmitted to Facebook. This means that any large data set is transformed into a character string. This is also used to encrypt data.
In addition to the contact details, “event data” are also transmitted. “Event data” means the information that we receive about you on our website. For example, which subpages you visit or which products you buy from us. Facebook does not share the information it receives with third parties (such as advertisers) unless the company has explicit permission or is legally obliged to do so. “Event data” can also be linked to contact details. This enables Facebook to offer better personalized advertising. After the above-mentioned comparison process, Facebook will delete the contact details again.
In order to be able to deliver advertisements in an optimized way, Facebook only uses the event data if this has been combined with other data (which were recorded by Facebook in another way). Facebook also uses this event data for security, protection, development and research purposes. Much of this data is transferred to Facebook via cookies. Cookies are small text files that are used to store data or information in browsers. Depending on the tools used and whether you are a Facebook member, a different number of cookies are created in your browser. In the descriptions of the individual Facebook tools, we go into more detail on individual Facebook cookies. You can also find general information about the use of Facebook cookies at https://www.facebook.com/policies/cookies.
How long and where is the data stored?
In principle, Facebook stores data until it is no longer required for its own services and Facebook products. Facebook has servers all over the world where your data is stored. However, after it has been compared with your own user data, customer data is deleted within 48 hours.
How can I delete my data or prevent data storage?
According to the General Data Protection Regulation, you have the right to information, correction, portability and deletion of your data.
The data will only be completely deleted if you completely delete your Facebook account. And this is how deleting your Facebook account works:
1) On the right side of Facebook, click Settings.
2) Then click on “Your Facebook information” in the left column.
3) Now click “Deactivation and Deletion”.
4) Now select “Delete account” and then click on “Next and delete account”
5) Now enter your password, click on “Next” and then on “Delete account”
The storage of the data that Facebook receives via our site takes place, among other things, via cookies (e.g. with social plugins). You can deactivate, delete or manage individual or all cookies in your browser. Depending on the browser you are using, this works in different ways. The following instructions show how to manage cookies in your browser:
Chrome: Delete, activate and manage cookies in Chrome
Safari: manage cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer
Internet Explorer: deleting and managing cookies
Microsoft Edge: Deleting and managing cookies
If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. You can decide for each individual cookie whether or not to allow it.
Facebook is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. You can find more information on this at https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC. We hope we have brought you the most important information about the use and data processing by the Facebook tools. If you want to learn more about how Facebook uses your data, we recommend the data guidelines at https://www.facebook.com/about/privacy/update.
Facebook social plug-ins privacy policy
So-called social plug-ins from Facebook Inc. are installed on our website. You can recognize these buttons by the classic Facebook logo, such as the “Like” button (the hand with a raised thumb) or by a clear “Facebook plug-in” label. A social plug-in is a small part of Facebook that is integrated into our page. Each plug-in has its own function. The most used functions are the familiar “Like” and “Share” buttons.
The following social plug-ins are offered by Facebook:
- “Save” button
- “Like” button, share, send and quote
- Page plug-in
- Comments
- Messenger plug-in
- Embedded posts and video players
- Group plug-in
At https://developers.facebook.com/docs/plugins you can find more information on how the individual plug-ins are used. We use the social plug-ins on the one hand to offer you a better user experience on our site, on the other hand because Facebook can optimize our advertisements.
If you have a Facebook account or have visited facebook.com before, Facebook has already set at least one cookie in your browser. In this case, your browser sends information to Facebook via this cookie as soon as you visit our site or interact with social plug-ins (e.g. the “Like” button).
The information received will be deleted or anonymized within 90 days. According to Facebook, this data includes your IP address, which website you visited, the date, time and other information relating to your browser.
In order to prevent Facebook from collecting a lot of data during your visit to our website and connecting it to the Facebook data, you must log out of Facebook while visiting the website.
If you are not logged in to Facebook or do not have a Facebook account, your browser sends less information to Facebook because you have fewer Facebook cookies. Nevertheless, data such as your IP address or which website you visit can be transmitted to Facebook. We would like to expressly point out that we do not know the exact content of the data. However, we try to inform you as much as possible about data processing based on our current state of knowledge. You can also read how Facebook uses the data in the company’s data policy at https://www.facebook.com/about/privacy/update.
The following cookies are set in your browser at least when you visit a website with social plug-ins from Facebook:
Name: dpr
Value: not specified
Purpose: This cookie is used so that the social plug-ins work on our website.
Expiration date: after the session ends
Name: fr
Value: 0jieyh4311260153c2GnlufEJ9..Bde09j… 1.0.Bde09j
Purpose: The cookie is also necessary for the plug-ins to function properly.
Expiry date: after 3 months
Note: These cookies were set after a test, even if you are not a Facebook member.
If you are logged in to Facebook, you can change your settings for advertisements yourself at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. If you are not a Facebook user, you can basically manage your usage-based online advertising at http://www.youronlinechoices.com/de/praferenzmanagement/. There you have the option of deactivating or activating providers.
If you want to find out more about Facebook’s data protection, we recommend the company’s own data guidelines at https://www.facebook.com/policy.php.
Instagram privacy policy
We have built in Instagram functions on our website. Instagram is a social media platform operated by Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Instagram has been a subsidiary of Facebook Inc. since 2012 and is a Facebook product. Embedding Instagram content on our website is called embedding. This enables us to show you content such as buttons, photos or videos from Instagram directly on our website. When you visit our website that has an Instagram function integrated, data is transmitted to Instagram, stored and processed. Instagram uses the same systems and technologies as Facebook. Your data will thus be processed across all Facebook companies.
In the following, we want to give you a more detailed insight into why Instagram collects data, what data it is and how you can largely control the data processing. Since Instagram belongs to Facebook Inc., we obtain our information from the Instagram guidelines on the one hand, but also from the Facebook data guidelines themselves on the other.
What is Instagram?
Instagram is one of the most famous social media networks worldwide. Instagram combines the advantages of a blog with the advantages of audiovisual platforms such as YouTube or Vimeo. You can upload photos and short videos to “Insta” (as many of the users casually call the platform), edit them with various filters and also distribute them on other social networks. And if you don’t want to be active yourself, you can just follow other interesting users.
Why do we use Instagram on our website?
Instagram is the social media platform that has really gone through the roof in recent years. And of course we have reacted to this boom too. We want you to feel as comfortable as possible on our website. That is why a varied preparation of our content is a matter of course for us. Thanks to the embedded Instagram functions, we can enrich our content with helpful, funny or exciting content from the Instagram world. Since Instagram is a subsidiary of Facebook, the data collected can also be used for personalized advertising on Facebook. Our advertisements only get to people who are really interested in our products or services.
Instagram also uses the collected data for measurement and analysis purposes. We get summarized statistics and thus more insight into your wishes and interests. It is important to note that these reports do not personally identify you.
What data does Instagram store?
If you come across one of our pages that has Instagram functions (such as Instagram images or plug-ins) installed, your browser automatically connects to Instagram’s servers. In doing so, data is sent to Instagram, stored and processed. Regardless of whether you have an Instagram account or not. This includes information about our website, about your computer, about purchases made, about advertisements that you see and how you use our offer. The date and time of your interaction with Instagram are also saved. If you have an Instagram account or are logged in, Instagram saves significantly more data about you.
Facebook differentiates between customer data and event data. We assume this is exactly the case with Instagram. Customer data are, for example, name, address, telephone number and IP address. It is important to mention that this customer data is only transmitted to Instagram after it has been “hashed” beforehand. Hashing means that a data record is converted into a character string. This allows you to encrypt the contact details. In addition, the “event data” mentioned above are also transmitted. Facebook – and consequently Instagram – understands “event data” to mean data about your user behavior. It can also happen that contact data is combined with event data. The contact details collected are compared with the data that Instagram already has about you.
The collected data is transmitted to Facebook via small text files (cookies), which are usually set in your browser. Depending on the Instagram functions used and whether you have an Instagram account yourself, different amounts of data are stored.
We assume that data processing on Instagram works the same as on Facebook. This means: if you have an Instagram account or have visited www.instagram.com, Instagram has set at least one cookie. If this is the case, your browser sends information to Instagram via the cookie as soon as you come into contact with an Instagram function. This data will be deleted or anonymized after 90 days at the latest (after comparison). Although we have dealt intensively with data processing by Instagram, we cannot say exactly which data Instagram collects and stores.
In the following we show you cookies that are set in your browser at least when you click on an Instagram function (such as a button or an Insta picture). Our test assumes that you do not have an Instagram account. If you are logged in to Instagram, significantly more cookies will of course be set in your browser.
These cookies were used in our test:
Name: csrftoken
Value: “”
Purpose: This cookie is very likely to be set for security reasons in order to prevent falsification of inquiries. However, we could not find out more precisely.
Expiry date: after one year
Name: mid
Value: “”
Purpose: Instagram sets this cookie to optimize its own services and offers in and outside of Instagram. The cookie defines a unique user ID.
Expiration date: after the session ends
Name: fbsr_311260153124024
Value: no information
Purpose: This cookie stores the log-in request for users of the Instagram app.
Expiration date: after the session ends
Name: rur
Value: ATN
Purpose: This is an Instagram cookie that guarantees functionality on Instagram.
Expiration date: after the session ends
Name: urlgen
Value: “{\” 194.96.75.33 \ ”: 1901}: 1iEtYv: Y833k2_UjKvXgYe311260153”
Purpose: This cookie is used by Instagram for marketing purposes.
Expiration date: after the session ends
Note: We cannot claim to be complete here. Which cookies are set in the individual case depends on the embedded functions and your use of Instagram.
How long and where is the data stored?
Instagram shares the information received between the Facebook companies with external partners and with people with whom you connect worldwide. The data processing takes place in compliance with our own data guidelines. For security reasons, among other things, your data is distributed on Facebook servers around the world. Most of these servers are in the USA.
How can I delete my data or prevent data storage?
Thanks to the General Data Protection Regulation, you have the right to information, portability, correction and deletion of your data. You can manage your data in the Instagram settings. If you want to completely erase your data on Instagram, you have to delete your Instagram account permanently.
And this is how the deletion of the Instagram account works:
First, open the Instagram app. On your profile page, go down and click on “Help Center”. You are now on the company’s website. On the website, click on “Manage Your Account” and then on “Delete Your Account”.
If you delete your account entirely, Instagram will delete posts such as your photos and status updates. Information that other people have shared about you does not belong to your account and therefore will not be deleted.
As already mentioned above, Instagram stores your data primarily via cookies. You can manage, deactivate or delete these cookies in your browser. Management always works a little differently depending on your browser. Here we show you the instructions for the most important browsers.
Chrome: Delete, activate and manage cookies in Chrome
Safari: manage cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer
Internet Explorer: deleting and managing cookies
Microsoft Edge: Deleting and managing cookies
You can also set up your browser so that you are always informed when a cookie is to be set. Then you can always decide individually whether you want to allow the cookie or not.
Instagram is a subsidiary of Facebook Inc. and Facebook is an active participant in the EU-U.S. Privacy Shield Framework. This framework ensures correct data transfer between the USA and the European Union. You can find out more about this at https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC. We have tried to give you the most important information about data processing by Instagram. On https://help.instagram.com/519522125107875
you can take a closer look at Instagram’s data guidelines.
YouTube privacy policy
We have installed YouTube videos on our website. So we can present you interesting videos directly on our website. YouTube is a video portal that has been a subsidiary of Google since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you call up a page on our website that has embedded a YouTube video, your browser automatically connects to the YouTube or Google servers. Different data are transmitted (depending on the settings). Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all data processing in Europe.
In the following we want to explain in more detail which data is processed, why we have integrated YouTube videos and how you can manage or delete your data.
What is YouTube?
On YouTube, users can watch, rate, comment and upload videos for free. Over the past few years, YouTube has become one of the most important social media channels in the world. So that we can display videos on our website, YouTube provides a code excerpt that we have incorporated on our site.
Why do we use YouTube videos on our website?
YouTube is the video platform with the most visitors and the best content. We strive to offer you the best possible user experience on our website. And of course interesting videos shouldn’t be missing. With the help of our embedded videos, we provide you with other helpful content in addition to our texts and images. In addition, our website is more easily found on the Google search engine thanks to the embedded videos. Even if we place advertisements via Google Ads, thanks to the data collected, Google can really only show these advertisements to people who are interested in our offers.
Which data is saved by YouTube?
As soon as you visit one of our pages that has a YouTube video integrated, YouTube sets at least one cookie that saves your IP address and our URL. If you are logged into your YouTube account, YouTube can usually assign your interactions on our website to your profile using cookies. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution or your Internet provider. Further data can be contact details, any ratings, sharing content via social media or adding to your favorites on YouTube.
If you are not signed in to a Google account or a YouTube account, Google stores data with a unique identifier that is linked to your device, browser or app. For example, your preferred language setting is retained. But a lot of interaction data cannot be saved because fewer cookies are set.
In the following list we show cookies that were set in a test in the browser. On the one hand, we show cookies that are set without a registered YouTube account. On the other hand, we show cookies that are set with a registered account. The list cannot claim to be complete because the user data always depends on the interactions on YouTube.
Name: YSC
Value: b9-CV6ojI5Y311260153-1
Purpose: This cookie registers a unique ID in order to save statistics of the videos seen.
Expiration date: after the session ends
Name: PREF
Value: f1 = 50000000
Purpose: This cookie also registers your unique ID. Via PREF, Google receives statistics on how you use YouTube videos on our website.
Expiry date: after 8 months
Name: GPS
Value: 1
Purpose: This cookie registers your unique ID on mobile devices in order to track the GPS location.
Expiry date: after 30 minutes
Name: VISITOR_INFO1_LIVE
Value: 95Chz8bagyU
Purpose: This cookie tries to estimate the bandwidth of the user on our website (with built-in YouTube video).
Expiry date: after 8 months
Other cookies that are set when you are logged in to your YouTube account:
Name: APISID
Value: zILlvClZSkqGsSwI / AU1aZI6HY7311260153-
Purpose: This cookie is used to create a profile about your interests. The data is used for personalized advertisements.
Expiry date: after 2 years
Name: CONSENT
Value: YES + AT.de + 20150628-20-0
Purpose: The cookie stores the status of a user’s consent to the use of various Google services. CONSENT is also used for security in order to check users and to protect user data from unauthorized attacks.
Expiry date: after 19 years
Name: HSID
Value: AcRwpgUik9Dveht0I
Purpose: This cookie is used to create a profile about your interests. These data help to display personalized advertising.
Expiry date: after 2 years
Name: LOGIN_INFO
Value: AFmmF2swRQIhALl6aL…
Purpose: This cookie stores information about your login data.
Expiry date: after 2 years
Name: SAPISID
Value: 7oaPxoG-pZsJuuF5 / AnUdDUIsJ9iJz2vdM
Purpose: This cookie works by uniquely identifying your browser and your device. It is used to create a profile about your interests.
Expiry date: after 2 years
Name: SID
Value: oQfNKjAsI311260153-
Purpose: This cookie stores your Google Account ID and your last login time in a digitally signed and encrypted form.
Expiry date: after 2 years
Name: SIDCC
Value: AN0-TYuqub2JOcDTyL
Purpose: This cookie stores information on how you use the website and which advertisements you may have seen before visiting our site.
Expiry date: after 3 months
How long and where is the data stored?
The data that YouTube receives and processes from you is stored on Google’s servers. Most of these servers are in America. At https://www.google.com/about/datacenters/inside/locations/?hl=de you can see exactly where the Google data centers are located. Your data is distributed on the servers. In this way, the data can be accessed more quickly and is better protected against manipulation.
Google stores the collected data for different lengths of time. You can delete some data at any time, others are automatically deleted after a limited time and others are stored by Google for a longer period of time. Some data (such as items from “My Activity”, photos or documents, products) stored in your Google Account will be stored until you delete them. Even if you are not signed in to a Google Account, you can delete some data associated with your device, browser or app.
How can I delete my data or prevent data storage?
Basically, you can delete data in the Google account manually. With the automatic deletion function of location and activity data introduced in 2019, information is stored depending on your decision – either 3 or 18 months and then deleted.
Regardless of whether you have a Google account or not, you can configure your browser so that Google deletes or deactivates cookies. Depending on the browser you are using, this works in different ways. The following instructions show how to manage cookies in your browser:
Chrome: Delete, activate and manage cookies in Chrome
Safari: manage cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer
Internet Explorer: deleting and managing cookies
Microsoft Edge: Deleting and managing cookies
If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. You can decide for each individual cookie whether or not to allow it. Since YouTube is a subsidiary of Google, there is a common privacy policy. If you want to find out more about the handling of your data, we recommend the data protection declaration at https://policies.google.com/privacy?hl=de.
Google reCAPTCHA Privacy Policy
Our primary goal is to secure and protect our website for you and for us in the best possible way. To ensure this, we use Google reCAPTCHA from Google Inc. For the European region, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. With reCAPTCHA we can determine whether you are really a flesh and blood human and not a robot or other spam software. We understand spam as any unsolicited information that comes to us electronically. With the classic CAPTCHAS, you mostly had to solve text or picture puzzles to check. With reCAPTCHA from Google, we usually don’t have to bother you with such puzzles. In most cases, it is sufficient to simply tick the box and confirm that you are not a bot. With the new Invisible reCAPTCHA version you don’t even have to check the box anymore. You will find out exactly how this works and, above all, which data is used for it in the course of this data protection declaration.
What is reCAPTCHA?
reCAPTCHA is a free captcha service from Google that protects websites from spam software and misuse by non-human visitors. The most common use of this service is when filling out forms on the Internet. A captcha service is a type of automatic Turing test that is designed to ensure that an action on the Internet is carried out by a human and not a bot. In the classic Turing test (named after the computer scientist Alan Turing), a person determines the difference between bot and human. With captchas, this is also done by the computer or a software program. Classic captchas work with small tasks that are easy for humans to solve, but are very difficult for machines. With reCAPTCHA, you no longer have to actively solve puzzles. The tool uses modern risk techniques to distinguish people from bots. Here you only have to tick the text field “I am not a robot” or with Invisible reCAPTCHA even this is no longer necessary. With reCAPTCHA, a JavaScript element is integrated into the source text and then the tool runs in the background and analyzes your user behavior. The software calculates a so-called captcha score from these user actions. Google uses this score to calculate the probability that you are human before entering the captcha. reCAPTCHA or captchas in general are always used when bots could manipulate or abuse certain actions (such as registrations, surveys, etc.).
Why do we use reCAPTCHA on our website?
We only want to welcome people of flesh and blood on our side. Bots or spam software of all kinds can safely stay at home. That is why we do all we can to protect ourselves and offer you the best possible user-friendliness. For this reason we use Google reCAPTCHA from Google. So we can be pretty sure that we will remain a “bot-free” website. By using reCAPTCHA, data is transmitted to Google in order to determine whether you are really human. reCAPTCHA thus serves the security of our website and consequently also your security. For example, without reCAPTCHA, it could happen that a bot registers as many e-mail addresses as possible during registration in order to “spam” on forums or blogs with unwanted advertising content. With reCAPTCHA we can avoid such bot attacks.
What data is stored by reCAPTCHA?
reCAPTCHA collects personal data from users in order to determine whether the actions on our website really come from people. The IP address and other data that Google needs for the reCAPTCHA service can therefore be sent to Google. IP addresses are almost always shortened beforehand within the member states of the EU or other contracting states of the Agreement on the European Economic Area before the data ends up on a server in the USA. The IP address will not be combined with other Google data unless you are logged in to your Google account while using reCAPTCHA. First, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube, Gmail, etc.) have already been placed on your browser. ReCAPTCHA then sets an additional cookie in your browser and takes a snapshot of your browser window.
The following list of collected browser and user data does not claim to be complete. Rather, they are examples of data that, to our knowledge, are processed by Google.
- Referrer URL (the address of the page from which the visitor comes)
- IP address (e.g. 256.123.123.1)
- Information about the operating system (the software that enables your computer to operate. Known operating systems are Windows, Mac OS X or Linux)
- Cookies (small text files that save data in your browser)
- Mouse and keyboard behavior (every action you perform with the mouse or keyboard is saved)
- Date and language settings (which language or which date you have preset on your PC is saved)
- All Javascript objects (JavaScript is a programming language that enables websites to adapt to the user. JavaScript objects can collect all possible data under one name)
- Screen resolution (shows how many pixels the picture consists of)
It is undisputed that Google uses and analyzes this data even before you click the “I am not a robot” tick. With the Invisible reCAPTCHA version, there is even no ticking and the entire recognition process runs in the background. How much and which data Google stores exactly cannot be learned from Google in detail.
The following cookies are used by reCAPTCHA: Here we refer to the reCAPTCHA demo version from Google at https://www.google.com/recaptcha/api2/demo. All of these cookies require a unique identifier for tracking purposes. Here is a list of cookies that Google reCAPTCHA has set on the demo version:
Name: IDE
Value: WqTUmlnmv_qXyi_DGNPLESKnRNrpgXoy1K-pAZtAkMbHI-311260153-8
Purpose: This cookie is set by the DoubleClick company (also owned by Google) to register and report the actions of a user on the website when dealing with advertisements. In this way, advertising effectiveness can be measured and appropriate optimization measures can be taken. IDE is stored in browsers under the domain doubleclick.net.
Expiry date: after one year
Name: 1P_JAR
Value: 2019-5-14-12
Purpose: This cookie collects statistics on website usage and measures conversions. A conversion occurs, for example, when a user becomes a buyer. The cookie is also used to show relevant advertisements to users. The cookie can also be used to prevent a user from seeing the same ad more than once.
Expiry date: after one month
Name: ANID
Value: U7j1v3dZa3112601530xgZFmiqWppRWKOr
Purpose: We could not find out much information about this cookie. In Google’s data protection declaration, the cookie is used in connection with “advertising cookies” such as. B. “DSID”, “FLC”, “AID”, “TAID” mentioned. ANID is stored under the domain google.com.
Expiry date: after 9 months
Name: CONSENT
Value: YES + AT.de + 20150628-20-0
Purpose: The cookie stores the status of a user’s consent to the use of various Google services. CONSENT is also used for security in order to check users, prevent fraud of login information and protect user data from unauthorized attacks.
Expiry date: after 19 years
Name: NID
Value: 0WmuWqy311260153zILzqV_nmt3sDXwPeM5Q
Purpose: NID is used by Google to adapt advertisements to your Google search. With the help of the cookie, Google “remembers” your most frequently entered search queries or your previous interaction with ads. This way you always get customized advertisements. The cookie contains a unique ID to collect personal settings of the user for advertising purposes.
Expiry date: after 6 months
Name: DV
Value: gEAABBCjJMXcI0dSAAAANbqc311260153-4
Purpose: As soon as you have checked the “I am not a robot” checkbox, this cookie will be set. The cookie is used by Google Analytics for personalized advertising. DV collects information in anonymized form and is also used to distinguish between users.
Expiry date: after 10 minutes
Note: This list cannot claim to be complete, as experience has shown that Google changes the choice of cookies again and again.
How long and where is the data stored?
By inserting reCAPTCHA, your data will be transferred to the Google server. Where exactly this data is stored, Google does not clearly state, even after repeated inquiries. Without having received a confirmation from Google, it can be assumed that data such as mouse interaction, time spent on the website or language settings on the European or American Google Servers. The IP address that your browser transmits to Google is generally not merged with other Google data from other Google services. However, if you are logged into your Google account while using the reCAPTCHA plug-in, the data will be merged. The different data protection provisions of Google apply for this.
How can I delete my data or prevent data storage?
If you do not want any data about you or your behavior to be transmitted to Google, you must completely log out of Google and delete all Google cookies before you visit our website or use the reCAPTCHA software. In principle, the data is automatically transmitted to Google as soon as you visit our website. In order to delete this data again, you must contact Google support at https://support.google.com/?hl=de&tid=311260153.
So, if you use our website, you agree that Google LLC and its representatives automatically collect, process and use data.
You can learn a little more about reCAPTCHA on Google’s web developer page at https://developers.google.com/recaptcha/. Google goes into the technical development of the reCAPTCHA in more detail here, but you will look in vain for precise information about data storage and data protection issues. A good overview of the basic use of data by Google can be found in the in-house data protection declaration at https://www.google.com/intl/de/policies/privacy/.
Source: Created with the data protection generator from AdSimple in cooperation with slashtechnik.de