All data sent by you personally, including your payment details, are transferred using the generally accepted and secure SSL (Secure Socket Layer) standard. SSL is a reliable and proven standard which is used e.g. in online banking.

A secure SSL connection can be identified by the “s” suffixed to the http (i.e. https://...) in the address bar of your browser or by the lock icon in the lower pane of your browser.

We also take suitable technical and organizational security measures to protect your retained personal data against destruction, loss, alteration or unauthorized disclosure or access. Our security measures are continuously improved in line with technological development.

We do not use automated processing methods for decision-making – including profiling.

If you believe that the processing of your personal data infringes on data protection law, in accordance with Article 77 (1) GDPR you have the right to lodge a complaint with a data protection supervisory authority of your choice. This also includes the data protection supervisory authority responsible for the controller: Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg mit Sitz in Stuttgart. You can use the following email address for email communication with the supervisory authority: poststelle@lfdi.bwl.de.

In general, we erase or render anonymous your personal data as soon as they are no longer necessary in relation to the purposes for which we have collected or otherwise processed them in accordance with the foregoing clauses, unless continued storage of your personal data is required to fulfill a legal obligation. Further information about the corresponding deletion periods can be found in the description of the individual data processing operations.

The personal data that we collect and retain shall never be used by us for sale, trade or loan. We will only pass on your data to third parties if we are legally obliged or to assert a claim, in the exercise or defense of legal claims, to investigate unlawful use of our Website or products, or for prosecution of a claim (insofar as there are reasonable grounds to suspect unlawful or unfair conduct). Data may also be disclosed for the enforcement of Terms and Conditions of Use or other agreements. We are also obliged to grant access to certain public bodies on request. These include law enforcement authorities, authorities which prosecute administrative offenses, and tax authorities. These data are disclosed on the basis of our legitimate interest in combating misuse, the prosecution of offenses, and the securing, assertion and enforcement of claims. The legal basis is point (f) of Article 6 (1) GDPR.

We rely on contractually bound third-party companies and external service providers (“processors”) to supply our range of products and services. In such cases, personal data are disclosed to these processors to enable further processing thereof. These processors are carefully selected and regularly checked to ensure that your privacy remains protected. The processors may only use the data for the specified purposes, and are also contractually obliged to handle your data in compliance with this data protection statement and the German data protection laws.

In addition to the aforementioned service providers, we also use the following processors:

Zeppelin GmbH, Graf-Zeppelin-Platz 1, 85748 Garching b. München as host of the website.

You can contact us through our data protection officer as follows with regard to access to your personal data, to have inaccurate data corrected, blocked or erased, or if you have further questions regarding the use of your personal data.

Zeppelin GmbH

Data Protection Officer

Graf-Zeppelin-Platz 1

85748 Garching near Munich

Tel: +49 89 32 000-0

Fax: +49 89 32 000-482

E-Mail: dataprivacy@zeppelin.com

Please note that access can only granted if you give us, in full: your first name and surname, your current and, if necessary, previous address, your date of birth, and your email address. This information is used exclusively for alignment purposes, which in turn ensures that no unauthorized third party can obtain your personal data. Any product, operation, and/or contract numbers which we have sent to you are also useful and helpful, but not necessary, in enabling us to identify the relevant data quicker.

As of: February 2021