Privacy policy

Privacy Policy

I. Scope

The following privacy policy (hereinafter: the “Privacy Policy”) means to inform users of the website https://pale-berlin.com and its subpages including the online store (hereinafter: the "Website") about the nature, scope and purpose of the collection and use of personal data by the Website operator

Schütze&Ziel GbR, Edith Schütze und Michael Ziel, 
Plauener Straße 163-165,
13053 Berlin, Germany

(hereinafter: „We“, „Us“, „Our“).

We take your privacy very seriously and treat your personal data confidentially and in accordance with the statutory provisions. Since new technologies and the constant further development of this Website may result in changes to this Privacy Policy, We recommend that you read through the Privacy Policy again at regular intervals.

Definitions of the terms used (e.g. "personal data" or "processing") can be found in Art. 4 of the EU General Data Protection Regulation (hereinafter: „GDPR“).

II. Data Controller

The controller in the sense of the GDPR and national data protection laws is:

Schütze&Ziel GbR, Edith Schütze und Michael Ziel, 
Plauener Straße 163-165,
13053 Berlin, Germany
E-Mail: info@pale-berlin.com. 

III. General information concerning service providers

1. Shopify

We would like to point out that the infrastructure of Our Website is provided and operated by Shopify International Limited, 2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (hereinafter: the "Infrastructure Service Provider"). The Infrastructure Service Provider is located within a country of the European Union.

We have concluded an agreement on order processing with the Infrastructure Service Provider. This is an agreement required by data protection law, which ensures that the provider only processes the personal data of Our Website visitors in accordance with Our instructions and in compliance with the GDPR.

Within the scope of processing on Our behalf, the Infrastructure Service Provider provides Us with the services for hosting and displaying the Website. All data collected in the course of using this Website or in blanks provided for this purpose in the online store as described below, are processed on servers of the Infrastructure Service Provider, its subsidiaries or its service providers. Please note, that these subsidiaries and/or these service providers may not be seated in the European Union (hereinafter: “EU”) or the European Economic Area (hereinafter: “EEA”) and therefore your personal data might be transferred to and processed in non-EU/non-EEA countries (see IX.). 

Personal data that is collected within the EEA is received and initially processed by the Infrastructure Service Provider. This personal data is exported from the EEA to the Infrastructure Service Provider’s Canadian parent entity, Shopify Inc., 150 Elgin Street 8th Floor, Ottawa, ON K2P 1L4, Canada (hereinafter: “Shopify Inc.”). This export takes place within the Infrastructure Service Provider’s corporate structure. Data within Shopify Inc. is protected under PIPEDA, Canada’s private sector privacy legislation. Shopify Inc. uses a combination of data centers and cloud service providers to store this personal data in the United States and Canada. When personal data is transferred to the United States, it is done through contractual data protection addenda (DPAs) with third-party service providers.

For further information on how the Infrastructure Service Provider processes your data please visit https://www.shopify.com/legal/privacy/customers. For further information on the Infrastructure Service Provider’s subprocessors please visit https://help.shopify.com/en/manual/your-account/privacy/GDPR/subprocessors.

2. Other service providers

The processing of your data on other servers and/or by third parties only takes place within the scope set out in this Privacy Policy. For example, the selection of a certain payment or shipping method in Our online store on the Website may result in the processing of your data by the respective payment or shipping service provider or their respective subsidiaries and/or their service providers.

Please note, that these service providers or their subsidiaries and/or their service providers may not be seated in the EU/EEA and therefore your personal data might be transferred to and processed in non-EU/non-EEA countries (see IX.).

For the sake of clarity, We will therefore occasionally link to the privacy policy of the respective service provider where you will find more detailed information on the respective collection and use of personal data when using Our Website.

IV. When do We or Our service providers collect personal data?

1. Access to Our Website

Our Infrastructure Service Provider collects data about accesses to Our Website and stores them as log files, so-called "server log files", on the Website servers.

The following data is logged in such way:

  • IP address of the requesting computer
  • Date and time of access/retrieval
  • Name and URL of the retrieved data
  • Operating system of your computer and the browser you are using
  • Country from which Our Website is accessed
  • Name of your Internet access provider
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • amount of data transferred
  • last visited website
  • browser settings
  • language and version of browser software
  • activated browser plugins

Regarding the temporary storage of this personal data and these server log files, the Infrastructure Service Provider and We have a prevailing legitimate interest within the meaning of Art. 6 para. 1 sent. 1 lit. f) GDPR in order to

  • deliver the content of Our Website correctly, to ensure its security as well as to optimize the advertising for it
  • provide law enforcement authorities with the information necessary for prosecution in the event of criminal activities
  • further improve Our offer and Our Internet presence
  • collect statistical data.

On grounds relating to your particular situation, you have the right to object at any time to this processing of your personal data by contacting Us via the below mentioned contact information (see VII.).

We retain information about your visit to Our Website only for as long as it is necessary for the stated purposes. Typically, Our Infrastructure Provider deletes the server log files every 14 days. If data must be retained for evidence purposes, it is exempt from deletion until the matter has been finally resolved.

2. Contact of the customer by letter, email or telephone

If you contact Us proactively via letter, email or telephone We will collect your personal data (e.g. name, address, email address, telephone number, message text) only to the extent provided by you. The purpose of the data processing is to handle and respond to your contact request.

If the initial contact serves to implement pre-contractual measures (e.g. consultation in the case of purchase interest, order creation) or concerns an agreement already concluded between you and Us, this data processing takes place on the basis of Art. 6 para. 1 sent. 1 lit. b) GDPR.

If the initial contact occurs for other reasons, this data processing takes place on the basis of Art. 6 para. 1 sent. 1 lit. f) GDPR for the purposes of Our prevailing legitimate interest in handling and responding to your request. In this case, on grounds relating to your particular situation, you have the right to object at any time to this processing of your personal data by contacting Us via the below mentioned contact information (see VII.). 

We will only use this personal data to process your request. Your data will subsequently be deleted in compliance with statutory retention periods, unless you have agreed to further processing and use.

3. Processing your orders

When you submit an order We only collect and use your personal data insofar as this is necessary for the fulfillment and handling of your order as well as processing of your queries. 

Therefore, while ordering Our products, We will process the following information:

  • Full name
  • Shipping address/billing address
  • E-Mail address
  • Phone number
  • Ordered products
  • Purchase Price/Shipping Costs

The provision of this data and its processing is necessary for the conclusion of a contract and the shipment of your order. Failure to provide it will prevent the conclusion of any contract.

The processing will occur on the basis of Art. 6 para. 1 sent. 1 lit. b) GDPR and is required for the fulfillment of a contract with you.

While or after processing your order, your data might be transferred to different service providers (e.g. to the shipping companies and dropshipping providers, payment service providers, service providers for handling the order and IT service providers that you have selected (more information hereto in the following)). We will comply strictly with legal requirements in every case. The scope of data transmission is restricted to a minimum.

4. Newsletters

We use your name and your email address outside of contractual processing exclusively to send you a newsletter for Our own marketing purposes, if you have explicitly agreed to this. 

The processing will be carried out on the basis of Art. 6 para. 1 sent.1 lit. a) GDPR with your consent given while subscribing to Our newsletter. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal by unsubscribing from the newsletter at any time using the relevant link in the newsletter or by contacting Us via the below mentioned contact information (see VII.). Your email address will then be removed from the distributor.

5. Shipping companies

We will forward your name, your shipping address, your e-mail address and your phone number to the respective shipping company in the course of contractual processing as far as it is necessary for the shipment and delivery of the ordered goods.

The processing will occur on the basis of Art. 6 para. 1 sent. 1 lit. b) GDPR and is required for the fulfillment of a contract with you.

6. Payment service providers/Credit check/Debt collection

Depending on which payment service provider you select in the ordering process, We will forward the payment data collected for this purpose to the credit institution commissioned with the payment and, if applicable, to payment service providers commissioned by Us or to the selected payment service. In some cases, the selected payment service providers also collect this data themselves, insofar as you create or have created an account there. In this case, you must register with the payment service provider with your access data during the ordering process. In this respect, the privacy policy of the respective payment service provider applies.

a. Use of PayPal and PayPal Express

The use of the payment methods “PayPal” and “PayPal Express” of PayPal (Europe) S.à.r.l. et Cie, S.C.A. 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter: "PayPal") may require a PayPal-account.

If you choose one of these payment methods We will forward your payment data to PayPal in the course of the payment processing.

Only the data required for payment processing will be submitted to PayPal to execute the contract with you using the selected payment method. The data is processed on the basis of Art. 6 para. 1 sent. 1 lit. b) GDPR and Sect. 25 para. 2 no. 2 of the German Telecommunication Telemedia Data Protection Law (TTDSG).

PayPal reserves the right to conduct a credit check for the payment methods “credit card” via PayPal, “direct debit” via PayPal or - if offered - "purchase on account" or "installment payment" via PayPal. For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 para. 1 sent 1 lit. f) GDPR on the basis of PayPal's prevailing legitimate interest in determining your solvency. PayPal uses the result of the credit check in terms of the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method. The creditworthiness information may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. 

On grounds relating to your particular situation, you have the right to object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual processing of payments.

In addition to the regular PayPal payment method, where you will be forwarded to a PayPal website to advise your payment to Us, Our Website uses the payment service “PayPal Express”, which is embedded in Our Website.

To integrate this payment service, it is essential that PayPal collects, stores, and analyses data when you access the Website (e.g. IP address, device type, operating system, browser type, device location). Cookies may be used for this purpose. Cookies allow your internet browser to be recognized (see IV. 7.).

The use of cookies is based on Sect. 25 para. 2 no. 2 TTDSG. The processing of your personal data is based on Art. 6 para. 1 sent. 1 lit. f) GDPR out of Our prevailing legitimate interest in a customer-oriented offer of different payment methods. On grounds relating to your particular situation, you have the right to object at any time to this processing of your personal data by contacting Us via the below mentioned contact information (see VII.).

For further information on PayPal’s data protection, including information on the credit agencies used, please refer to the PayPal Data Privacy Statement which can be viewed at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=en.

Please note, that not all of PayPal’s subsidiaries and/or service providers may be seated in the EU/EEA and therefore your personal data might be transferred to and processed in non-EU/non-EEA countries (see IX.).

b. Use of other payment methods offered on Our Website

Other payment methods than “PayPal” and “PayPal Express” (e.g. Credit card (VISA, Mastercard, Maestro), Bancontact, eps-transfer, Ideal, Klarna, Apple Pay, Google Pay) are provided by Our Service Infrastructure Provider and the payment processor Stripe Payments Europe, Limited,  C/O A&L Goodbody, Ifsc, North Wall Quay, Dublin 1., Dublin 1, Dublin (hereinafter: the “Payment Processor”).

We have concluded an agreement on order processing with the Infrastructure Service Provider and the Payment Processor. This is an agreement required by data protection law, which ensures that the Infrastructure Service Provider and the Payment Processor only process the personal data of Our Website visitors in accordance with Our instructions and in compliance with the GDPR.

For the purpose of payment processing, the information you provide during the ordering process, together with information about your order, will be passed on to Our Service Infrastructure Provider and/or Our Payment Processor. The following information will be passed on in such way:

  • Full name, 
  • email, billing and/or shipping address, 
  • payment method information (such as credit or debit card number, bank account information or payment card image), 
  • merchant and location, 
  • purchase amount, 
  • date of purchase, and
  • in some cases, information about what you have purchased, phone number and tax-related ID.

Insofar as this personal data is processed during the described transfers, the processing is carried out for the purpose of payment processing to execute the contract with you using the selected payment method in accordance with Art. 6 para. 1 sent. 1 lit. b) GDPR.

The Service Infrastructure Provider and the Payment Processor reserve the right to process the above-mentioned information. According to the Service Infrastructure Provider and the Payment Processor, this processing is carried out exclusively in accordance with Art. 6 para.1 sent. 1 lit. f) GDPR on the basis of their prevailing legitimate interest in providing Us with their services, improving their service, ensuring the adequate performance of their contract with Us and/or in detecting, monitoring and preventing fraud and unauthorized payment transactions.

The Payment Processor reserves the right to conduct a credit check for some of the proposed payment methods. For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 para. 1 sent 1 lit. f) GDPR on the basis of the Payment Processor’s prevailing legitimate interest in determining your solvency.

For further information on how the Infrastructure Service Provider processes your data please visit https://www.shopify.com/legal/privacy/customers. For further information on how the Payment Processor processes your data please visit https://stripe.com/en-de/privacy and https://stripe.com/en-de/privacy-center/legal#stripe-legal-bases-tables. 

When using certain payment methods, Our Service Infrastructure Provider, Our Payment Processor or the respective payment service provider (e.g. Apple Pay, Google Pay, Klarna, etc.) might place or read cookies on your device (see IV. 7.) during the payment process in order to process your payment via the selected payment method. Insofar as personal data is processed in the context of using these cookies, the processing is carried out exclusively for the purpose of payment processing to execute the contract with you in accordance with Art. 6 para. 1 sent. 1 lit. b) GDPR and Sect. 25 para. 2 no. 2 TTDSG. For further information on the cookies used by the Service Infrastructure Provider please visit https://www.shopify.com/legal/cookies. For further information on the cookies used by the Payment Processor, please visit https://stripe.com/cookies-policy/legal. For further information on the cookies used by the respective payment service provider please view the cookie policy of the selected payment service provider.

Please note, that the Service Infrastructure Provider and the Payment Processor do not always process personal data themselves, but might employ their subsidiaries and/or sub processors. Not all of the Service Infrastructure Provider’s and the Payment Processor’s subsidiaries and/or sub processors may be seated in the EU/EEA and therefore your personal data might be transferred to and processed in non-EU/non-EEA countries (see IX.). For more information on the Service Infrastructure Provider’s subsidiaries and sub processors please visit https://help.shopify.com/en/manual/your-account/privacy/GDPR/subprocessors. For more information on the Payment Processor’s subsidiaries and sub processors please visit https://stripe.com/de/service-providers/legal and https://stripe.com/en-de/privacy-center/legal#how-we-collect-disclose-and-use-personal-data.

7. Cookies

a. General information

Our Website uses cookies. Cookies are small text files which are saved in a user’s internet browser or by the user’s internet browser on their computer system. When a user accesses a website, a cookie may be saved on the user’s operating system. This cookie contains a characteristic character string which may contain personal data and which allows the browser to be clearly identified when the website is called up again.

Cookies will be stored on your computer. You therefore have full control over the use of cookies. By choosing corresponding technical settings in your internet browser, you can be notified before the setting of cookies and you can decide whether to accept this setting in each individual case as well as prevent the storage of cookies and transmission of the data they contain. Cookies which have already been saved may be deleted at any time. Please keep in mind that deleting or blocking cookies can negatively impact your user experience and parts of Our Website may no longer be fully accessible or fully functional.

The length of time that a cookie remains on your computer or mobile device depends on whether it is a persistent” or session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies We use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.

Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for the respective browsers under the following links:

Internet Explorer™: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete manage-cookies 
Safari™: https://support.apple.com/de-de/guide/safari/sfri11471/15.1/mac/12.0
Chrome™: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en 
Firefox™: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen 
Opera™: https://help.opera.com/de/latest/web-preferences/#cookies 

Please note that because there is no consistent industry understanding of how to respond to Do Not Track” signals, We do not alter Our data collection and usage practices when We detect such a signal from your browser.

b. Consent Management

We use a consent management platform on which you can make your settings for tracking and storing cookies and where you can obtain detailed information (e.g. provider, retention period, purpose) on the cookies used on Our Website, which you can view at https://pale-berlin.com/pages/cookie-policy. 

For this purpose, We have divided the cookies into four categories: 

  • Essential Cookies
  • Functional Cookies 
  • Analytic and Statistic Cookies
  • Marketing Cookies

Essential Cookies are cookies necessary for the functioning of the Website (e.g. shopping cart, checkout, remembering your cookie consent decision). Due to their necessity for the functioning of the Website it is not possible to disable these cookies.

The use of Essential Cookies is based on Sect. 25 para. 2 No. 2 TTDSG. The processing of personal data in the context of Essential Cookies is carried out on the basis of Art. 6 para. 1 sent. 1 lit. f) GDPR due to Our prevailing legitimate interest in the functioning of the Website. On grounds relating to your particular situation, you have the right to object at any time to this processing of your personal data by contacting Us via the below mentioned contact information (see VII.).

For further information about the Essential Cookies used on Our Website please view the information provided on Our consent management page at https://pale-berlin.com/pages/cookie-policy, the cookie policy of Our Infrastructure Service Provider at https://www.shopify.com/legal/cookies and Our consent management service provider Pandectes OÜ (Harju maakond, Kuusalu vald, Pudisoo küla, Männimäe/1, 74626, Estonia) at https://www.pandectes.io/privacy-policy/.

Functional Cookies are cookies that enable our website to offer additional functions and personal settings. They can be set by us or by third-party service providers that we have placed on our pages. These cookies are disabled by default on Our Website. If you do not allow these cookies, these or some of these services may not work properly.

For further information about the Functional Cookies used on Our Website please view the cookie policy of Our Infrastructure Service Provider at https://www.shopify.com/legal/cookies.

Analytic and Statistic Cookies are cookies that enable us to monitor and improve the performance of Our website. For example, they allow Us to count visits, identify traffic sources and see which parts of the Website are most popular. These cookies are disabled by default on Our Website. In order to help Us to match Our offer to your preferences you can declare your consent to the use of these cookies. 

For further information about the Analytic and Statistic Cookies used on Our Website please view the cookie policy of Our Infrastructure Service Provider at https://www.shopify.com/legal/cookies.

Marketing Cookies are cookies that may be set through Our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. These cookies are disabled by default on Our Website. If you do not allow these cookies, you will experience less targeted advertising.

For further information about the Marketing Cookies used on Our Website please view the cookie policy of Our Infrastructure Service Provider at https://www.shopify.com/legal/cookies.

If consent to the use of Analytic Cookies and/or Marketing Cookies has been declared, the use of these cookies and the processing of the personal data contained herein is based exclusively on this consent within the meaning of Art. 6 para. 1 sent. 1 lit. a) GDPR and Sect. 25 para. 1 TTDSG. Your consent can be revoked at any time without affecting the legality of the processing carried out with your consent up to the withdrawal by contacting Us via the below mentioned contact information (see VII.).

8. Plugins

On Our Website, a so-called social plugin of the social networks “Instagram” and „Facebook“ is incorporated (hereinafter: "Facebook-Plugin"). This service is offered by the company Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter: "Meta").

This Facebook-Plugin is deactivated by default when you visit Our Website. By using our consent management platform, you can declare your consent to the use of the Facebook-Plugin by enabling Marketing Cookies, which will activate this Plugin.

When the Facebook-Plugin is activated and you call up a page of Our Website that contains such a Plugin, your browser establishes a direct connection to the servers of Meta. Meta receives the information that your browser has called up the corresponding page of Our Website, even if you do not have a profile on Instagram/Facebook or are not currently logged in. This information (including your IP address) is transmitted from your browser directly to a server of Meta or its affiliated companies and stored there.

If you are logged in to one of Meta’s services, Meta can directly assign your visit to Our Website to your profile on Instagram or other Meta services.

If you interact with the Plugins, for example by clicking the Instagram button, the corresponding information is also transmitted directly to server of Meta or its affiliated companies and stored there. The information is also published on your Instagram/Facebook account and displayed there to your contacts.

If consent to the use of the Facebook-Plugin has been declared, the use of the Facebook-Plugin and the processing of the personal data related hereto is based exclusively on this consent within the meaning of Art. 6 para. 1 lit. a) GDPR and Sect. 25 para. 1 TTDSG. Your consent can be revoked at any time without affecting the legality of the processing carried out with your consent up to the withdrawal via the consent management platform or by contacting Us via the below mentioned contact information (see VII.).

For the scope of the data collection and the further processing and use of the data by the providers, as well as your rights in this regard and setting options for protecting your privacy, please refer to the privacy policy of Meta, which you can view at https://help.instagram.com/519522125107875/?maybe_redirect_pol=0.

If you do not want Meta to directly assign the data collected via Our Website to your profile, you must log out of Instagram/Facebook before visiting Our Website.

Please note, that Meta’s subsidiaries and service providers may not be seated in the EU/EEA and therefore your personal data might be transferred to and processed in non-EU/non-EEA countries (see IX.).

V. Storage duration

Unless otherwise stated in this Privacy Policy, the following applies to the storage of your data: After the contractual processing has been completed, the data is initially stored for the duration of the warranty period, then in accordance with the retention periods prescribed by law, especially tax and commercial law, and then deleted after the period has elapsed, unless you have agreed to further processing and use.

VI. Your rights as a data subject

As far as you have given your consent to the data collection and processing according to Art. 6 para. 1 sent. 1 lit. a) GDPR, you can revoke this consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal by contacting Us via the below mentioned contact information (see VII.). 

As far as We collected and processed your data based on a prevailing legitimate interest according to Art. 6 para. 1 sent. 1 lit. f) you have the right to object at any time to this processing of your personal data on grounds relating to your particular situation by contacting Us via the below mentioned contact information (see VII.).

If your revocation or objection is successful, We will no longer process the personal data, unless We can demonstrate compelling legitimate grounds for the processing that outweigh your interests or rights and freedoms, or the processing is intended for the assertion, exercise or defense of legal claims.

Additionally, you have the following rights:

  • Right to access: You can request access to the personal data concerning you that We process. Information on the extent of your right to access can be found in Art. 15 GDPR and Sect. 34 of the German Federal Data Protection Act (BDSG).
  • Right to rectification: You can request that We rectify inaccurate and complete incomplete personal data. Information on the extent of your right to rectification can be found in Art. 16 GDPR.
  • Right to erasure: Provided that certain conditions are met, you have the right to request that We erase your personal data. Information on the extent of your right to erasure can be found in Art. 17 GDPR.
  • Right to the restriction of processing: Provided that certain conditions are met, you have the right to request that We restrict the processing of your personal data. Information on the extent of your right to the restriction of processing can be found in Art. 18 GDPR.
  • Right to data portability: Provided that certain conditions are met, you have the right to request that We transmit the personal data that you have provided to Us to you or to another controller in a commonly used and machine-readable format. Information on the extent of your right to data portability can be found in Art. 20 GDPR.
  • Right to lodge a complaint with a supervisory authority: If you have a complaint, you also have the right to lodge it with a supervisory authority. Information on your right to lodge a complaint with a supervisory authority can be found in Art. 77 GDPR (see also VII.).

VII. How to contact Us or the competent data protection supervisory authority

Please direct any complaint or comments relating to how We processed your personal information to: 

Schütze&Ziel GbR, Edith Schütze und Michael Ziel,
Plauener Straße 163-165,
13053 Berlin, Germany
E-Mail: info@pale-berlin.com

We hope that We can resolve any query or concern you raise about Our processing of your personal information.

Nevertheless, the EU General Data Protection Regulation and certain other applicable data protection laws give you the right to lodge a complaint with a data protection supervisory authority (hereinafter: “DPA”), usually in the country or state where you work or normally live, where any alleged infringement of data protection laws has occurred or where We are seated (Berlin, Germany). Details of EU Member State DPAs and EEA DPAs can be found at https://edpb.europa.eu/about-edpb/about-edpb/members_en. Further DPAs can be found at https://globalprivacyassembly.org/participation-in-the-assembly/members-online/. 

The competent DPA for Berlin, Germany is:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstr. 219
10969 Berlin, Germany
Tel.: +49 (0)30 13889-0
Fax: +49 (0)30 2155050
E-Mail: mailbox@datenschutz-berlin.de

VIII. Data security

In order to protect it from access by third parties, the personal data We ask you to share with Us on Our Website is transferred to Us using a secure SSL connection (Secure Sockets Layer) signed with the issuers 2048-bit RSA key and a SHA-256 hash over the certificate. 

IX. Data transfer to the USA and other non-EU/non-EEA countries

We use, among others, tools and services from companies based in the USA or other non-EU/non-EEA countries that might not be secure under data protection law. If these tools are active or you use these services, your personal data may be transferred to these countries and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against it. Therefore, it cannot be ruled out that U.S. authorities (e.g. intelligence agencies) may process, evaluate and permanently store your data located on U.S. servers for monitoring purposes. We have no influence on these processing activities.

X. Links to third party websites

Our Website may contain links to websites of other providers to which this data protection declaration does not extend. After clicking on a link or being redirected to another website, We no longer have any influence on the processing of any data transmitted to the third party when the link is clicked (such as the IP address or the URL on which the link is located), as the behavior of third parties is naturally beyond Our control. Therefore, We cannot assume any responsibility for the processing of your data by these third parties. Insofar as the processing of personal data is associated with the use of the websites of other providers, please observe the data protection information of the respective providers. By activating and using these tools and services, you expressly agree to such data transmission.

XI. Changes to this Privacy Policy

We reserve the right to change this Privacy Policy at any time. Please check it regularly. The current status is as of 17.10.2024.