TomorrowJoin usThis button will redirect you to our web registration, where you can sign up for a Tomorrow account.
Join usThis button will redirect you to our web registration, where you can sign up for a Tomorrow account.

Privacy Policy

Tomorrow GmbH

I. Introduction

With the following information we would like to give you as a "data subject" an overview of the processing of your personal data by us as well as your rights from the data protection laws. Your personal data will always be processed in accordance with the Generell Data Protection Regulation (GDPR) and all applicable country-specific data protection regulations. We have implemented numerous technical and organizational measures to ensure the highest possible protection when processing your personal data.

II. Scope

The following data protection regulations apply to the following websites: www.tomorrow.one and all our other online presences (e.g. our social media pages).

III. Controller

Controller within the GDPR is:

Tomorrow GmbH Karolinenstr. 9 20357 Hamburg Germany

Email: support@tomorrow.one Website: www.tomorrow.one

IV. Data Protection Officer

If you have any questions or suggestions regarding data protection issues, you can contact our data protection officer at any time:

Niklas Hanitsch Franz-Mayer-Straße 1 93053 Regensburg Germany

Phone: 0941 569 55020 Email: dsb@secjur.com

V. Technology

1. SSL/ TLS encryption

To ensure the security of data processing and to protect the transmission of confidential content, we use SSL or TLS encryption. You can recognize the existence of an encrypted connection by the fact that the address line of your browser displays "https://" instead of "http://" and by the lock symbol in your browser line.

2. Data collection when visiting the website / storage of log files

When using our website for purely informational purposes, we only collect personal data that your browser sends to our server (server log files). Every time you access our website, a number of general data and information are collected, which we store in the server log files.

Purpose of the processing

  • Correct delivery of the contents of our website

  • Optimization of the contents of our website

  • Guarantee of a permanent operability of our IT systems and the technology of our website

  • Static evaluation to improve the level of data protection and data security

  • Provision of information to law enforcement agencies in the event of a cyber attack

Processed data

  • Usage and metadata (e.g. browser types and versions used, the operating system used by the accessing system, the website from which an accessing system accesses our website (so-called referrer), the sub-websites which are accessed via an accessing system on our website, the date and time of an access to the website, an abbreviated internet protocol address (anonymised IP address), the internet service provider of the accessing system)

Security measures

  • The server log files are anonymous data that are stored separately from all other of your personal data.

Legal basis

  • Legitimate interest (Art. 6 Para. 1 Cl. 1 letter f GDPR). Our legitimate interest corresponds to the above-mentioned purposes.

VI. Cookies

We use cookies on our website. These are files that your browser automatically creates and that are stored on your IT system when you visit our site. Information is stored in the cookie, which in each case arises in connection with the specifically used terminal device. This does not mean, however, that we obtain direct knowledge of your identity.

1. Technically necessary cookies

We use technically necessary cookies. These are cookies that are necessary for the operation and functions of our website.

Purpose of the processing

  • Offering our services

  • Enabling the use of our website functions

Legal basis

  • Legitimate interest (Art. 6 Para. 1 Cl. 1 letter f GDPR). Our legitimate interest corresponds to the above-mentioned purposes.

2. Technically not necessary cookies

We use technically not necessary cookies. These are cookies that are not technically essential for the operation of the website or the provision of specific page functions. As a rule, these are third-party cookies that can be used to analyze and trace the surfing behavior of users.

Purpose of the processing

  • Range measurement and tracking

  • Evaluation of visitor behavior and profiling

  • Optimization of our offer

Legal basis

  • Consent (Art. 6 Para. 1 Cl. 1 letter f GDPR).

Right of withdrawal

  • You can revoke your consent to the use of cookies at any time.

VII. transmission and disclosure of personal data

Within the scope of our activities, we transmit personal data to external parties (e.g. persons, companies or legally independent organizational units). You can find details on this below under "Services used" with the respective service providers.

VIII. Data processing in third countries

We process personal data in a third country. These are countries outside the European Union (EU) and the European Economic Area (EEA).

We only process data in third countries where an adequate level of data protection exists in accordance with Art. 44-49 GDPR. Details of the specific level of data protection in the respective third country can be found below under "Services used" with the respective service providers.

IX. Registration

1. Registration

Before you can open an account via our Tomorrow app, you need to register on our website. Afterwards you create a user profile.

Processed data

  • Your first and last name

  • Your e-mail address

  • Your nationality

  • The country in which you have your permanent residence

  • Employment status

  • Your date of birth

  • Your birthplace

  • Your gender

  • The country in which you are taxable

  • Whether you are taxable in the USA

  • Your tax identification number (optional)

  • Your invitation code

  • Your password

In addition, we process the following personal data during the registration process:

  • Browser types and versions used

  • the operating system used by the accessing system,

  • the website from which an accessing system reaches our website (so-called referrer),

  • the sub-websites, which are accessed via an accessing system on our website,

  • the date and time of access to the website,

  • an IP address,

  • the Internet service provider of the accessing system.

Legal basis

  • Performance of a contract or implementation of pre-contractual measures (Art. 6 Para. 1 Cl. 1 letterb. GDPR)

  • Consent (Art. 6 Para. 1 Cl. 1 letter a GDPR).

2. Confirmation e-mail

Description of the processing If you register to open an account in the Tomorrow app with your email address, we will send you an email to the address you provide with a confirmation link (double opt-in procedure). By opening this link you confirm that you are the owner of the email address you provided and that no unauthorized person is misusing your email address.

Processed data

  • The time of sending our confirmation e-mail

  • The time of opening the confirmation link

  • Your IP address.

Legal basis

  • Performance of a contract or implementation of pre-contractual measures (Art. 6 Para. 1 Cl. 1 letter b. GDPR)

3. Sendgrid

We use SendGrid to send you the confirmation e-mail.

Provider SendGrid Inc., 1801 California Street, 1801 California St, Denver (USA).

Data protection outside the EU/ EEA We have concluded standard data protection clauses with Sendgrid.

Privacy policy

X. Tomorrow Community-Forum

1. Registration as user

Description of the processing

You have the possibility to register on our website in the Tomorrow Community Forum by providing personal data. The Tomorrow Community is a forum on our website, usually open to the public, where one or more people can post articles or thoughts in so-called forum posts. The contributions can usually be commented by third parties.

Processed data

  • Email address

  • Username

  • Password

  • First and last name (optional)

By registering in the Tomorrow Community Forum, the IP address assigned by your Internet Service Provider (ISP), the date and time of registration will also be saved. This data is stored to prevent misuse of our services and, if necessary, to enable us to solve criminal offences. In this respect, the storage of this data is necessary for our security. As a matter of principle, this data will not be passed on to third parties, unless there is a legal obligation to do so or the passing on of the data serves criminal prosecution.

Legal basis

  • Consent (Art. 6 Para. 1 Cl. 1 letter f GDPR).

2. Comment function

Description of the processing In the Tomorrow Community we offer you the opportunity to leave individual comments on individual blog posts.

Processed data

  • Content data (e.g. the content of the comment)

  • Usage data (e.g. websites visited, time of access)

  • Meta and communication data (e.g. IP address).

Purpose of the processing

  • Traceability, if submitted comments violate third party rights or illegal content has been posted

Legal basis

  • Legitimate interest (Art. 6 Para. 1 Cl. 1 letter f GDPR). Our legitimate interest corresponds to the above-mentioned purposes.

XI. Tomorrow Merch Shop

We offer you the possibility to buy sustainable products in our Tomorrow Merch Shop. When you use our store or place an order, we process personal data about you.

1. Usage of Shopify

We use the Shopify store system to host and visually display our merch store. If we collect personal data from you during the ordering process, this data may be transferred to Shopify in individual cases. Additionally, we use Shopify Order Printer for accounting and logistical organization of orders. This enables us to automatically create invoices, receipts, shipping labels and other business documents.

Provider Shopify International Limited, Victoria Buildings, 2. Etage, 1-2 Haddington Road, Dublin 4, D04 XN32, Irland, parent company: Shopify Inc, 150 Elgin Street, Suite 800, Ottawa, ON, K2P 1L4, Kanada (Shopify).

Data protection outside the EU and the EEA The European Commission has issued an adequacy decision for Canada.

Legal basis

  • Performance of a contract or implementation of pre-contractual measures (Art. 6 Para. 1 Cl. 1 letter b. GDPR)

Privacy policy For more information on data processing, please see Shopify's privacy policy.

2. Payment Service Provider

When shopping in our merch store, you can use various payment options. It is possible that the respective payment service provider used by us transmits your personal data to credit agencies in order to perform an identity and credit check. Please also note the terms and conditions and privacy policy of the respective payment service provider.

Purpose of processing

  • Offering contractual performance and service

  • Enabling payment

a) Google Pay

We offer you the possibility to pay with Google Pay.

Provider Google Pay ist die Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Processed data

  • Card, authentication and transaction data (e.g. date, time, amount of transaction).

  • Payment transaction security data.

Legal basis

  • Performance of a contract or implementation of pre-contractual measures (Art. 6 Para. 1 Cl. 1 letter b. GDPR)

Privacy policy of Google For more information on data processing, please see Google´s privacy policy and here

b) Shopify Payments

We use the payment service provider Shopify Payments. If you choose a payment method that is offered by the payment service provider Shopify Payments, the payment processing is carried out by the technical service provider Stripe.

Provider Shopify International Limited, Victoria Buildings, 2. Etage, 1-2 Haddington Road, Dublin 4, D04 XN32, Irland, parent company: Shopify Inc, 150 Elgin Street, Suite 800, Ottawa, ON, K2P 1L4, Kanada (Shopify).

Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Irland (Stripe).

Processed data

  • Information from the specific order process as well as information about your order (name, address, account number, bank code, credit card number, invoice amount, currency and the transaction number)

Legal basis

  • Performance of a contract or implementation of pre-contractual measures (Art. 6 Para. 1 Cl. 1 letter b. GDPR)

Privacy policy von Shopify und Stripe For more information on data processing, please see Shopify's privacy policy and Stripe's privacy policy.

3. shipment of the ordered goods

As fulfillment service provider, Eindruck24 is responsible for shipping our merchandise. In order for the merchandise to be shipped, we forward personal information. As part of the organization of orders, Eindruck works with the MeisterTask software tool from MeisterLabs. The delivery itself is carried out by DHL.

Provider Christian Werner, Juliusstraße 18, 22769 Hamburg (Eindruck24). DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn (DHL).

Processed data

  • Name

  • Adress

  • E-Mail-Adress

Legal basis

  • Performance of a contract or implementation of pre-contractual measures (Art. 6 Para. 1 Cl. 1 letter b. GDPR)

  • Legitimate interest (Art. 6 Para. 1 Cl. 1 letter f GDPR)

Privacy policy You can find more information about data protection in the privacy policy of DHL and Eindruck24.

XII. Contact

1. General Information

We offer you different ways to contact us (e.g. by e-mail, chat or telephone).

Processed data

  • inventory data (e.g. first and last name, address)

  • Contact information (e.g. e-mail address, phone number)

  • Meta and communication data (e.g. IP address)

  • Content data (e.g. entered text content, photographs, videos)

Purpose of the processing

  • Answering contact requests

  • Communication

Legal basis

  • Performance of a contract or implementation of pre-contractual measures (Art. 6 Para. 1 Cl. 1 letter b. GDPR) if your request is based on pre-contractual measures or on an existing contract with us.

  • Legitimate interest (Art. 6 Para. 1 Cl. 1 letter f GDPR) If your inquiry is independent of contractual or pre-contractual measures, our legitimate interests constitute the legal basis. The legitimate interest corresponds to the above-mentioned purposes.

2. Google

For sending and receiving e-mails we use e-mail accounts located on Google servers.

Provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, Mutterunternehmen: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google).

Description of the processing For sending and receiving emails we use e-mail accounts located on Google servers. Data protection outside the EU/ EEA We have concluded standard data protection clauses with Google.

Privacy Policy

3. Freshchat

Freshchat serves the purpose of live chat communication between you and Tomorrow.

Provider Freshworks Inc., 2950 S. Delaware Street, Suite 201, San Mateo CA 94403, USA (Freshworks).

Purpose of the processing

  • Checking and answering your requests

  • Providing direct and effective customer communication

  • Designing our website according to your needs.

Data protection outside the EU/ EEA We have concluded standard data protection clauses with Freshworks

Privacy Policy

4. Ulitmate.ai

Provider We use a chat bot to communicate with you. A chat bot is a software that answers your questions and informs you about news. The chat bot tries to find answers to your questions.

Provider ultimate.ai GmbH, Ritterstraße 12-14, 10969 Berlin

Privacy policy For more information, please see Ultimate.ai's privacy policy.

XIII. Application

1. General Information

We offer you the opportunity to apply for jobs and send us your application online or by post.

Processed data

  • inventory data (e.g. first and last name, address)

  • Contact information (e.g. e-mail address, phone number)

  • Application data (e.g. cover letter, curriculum vitae, certificates and other evidence)

  • Special categories of personal data (e.g. health data, severely disabled persons, data on racial and ethnic origin).

Purpose of the processing

  • Implementation of the application procedure and finding suitable applicants.

Legal basis

  • Performance of a contract or implementation of pre-contractual measures (Art. 6 Para. 1 Cl. 1 letter b. GDPR, Art. 88 Para. 1 GDPR and Sec. 26 Para. 1 BDSG).

  • Consent (Art. 6 Para. 1 Sen.1 letter a DS-GV). If we obtain your consent (e.g. for inclusion in our applicant pool), this constitutes the legal basis for data processing.

If special categories of personal data are processed, the processing is based on the following principles:

  • Consent (Art. 9 Para. 2 letter a GDPR)

  • Health care or occupational medicine, assessment of the employee's ability to work, medical diagnosis, care or treatment in the health or social sector or management of systems and services in the health or social sector (Art. 9 Para. 2 letter h GDPR)

  • Exercise of the rights deriving from labor law and social security and social protection law and fulfilment of the obligations relating thereto by the person responsible or the person concerned (Art. 9 Para. 2 letter c GDPR)

Duration of storage

If an employment relationship is established after completion of the application process, the personal data provided may be processed further. Otherwise, we generally retain the data for six months. Afterwards, the data will be deleted or disposed of in accordance with data protection regulations. Longer storage is possible if we include you in our pool of applicants after obtaining your consent.

2. Personio

We use Personio to effectively run our application process.

Provider Personio GmbH, Rundfunkplatz 4, 80335 München, Deutschland (Personio)

Privacy Policy

XIV. Newsletter

1. General information

We offer you the opportunity to subscribe to our company's newsletter. With our newsletter we inform customers and business partners about our offers at regular intervals. Basically we only need your email address to register for our newsletter. In addition, it is possible that we may ask you to enter your name or other information during the registration process in order to personalize the newsletter.

Double-Opt-In Procedure After registering for the newsletter, we will send a confirmation e-mail using the double opt-in procedure to the email address you first entered for the newsletter dispatch. This confirmation mail is used to check whether you as the owner of the e-mail address have authorized the receipt of the newsletter. The registration for the newsletter will be logged so that we can meet our legal obligations to provide evidence.

Newsletter dispatch to existing customers If you have provided us with your email address when purchasing goods or services, we also reserve the right to send you regular offers on similar goods or services from our product range by e-mail. In accordance with § 7 Para. 3 UWG, we do not need to obtain your separate consent for this. The legal basis for sending the newsletter is our legitimate interest.

Newslettertracking Our newsletters contain so-called tracking pixels. This is a miniature graphic that is embedded in emails. In this way, we can, for example, track whether and when an email was opened by you and which links in the email were called up by you. This enables us to statistically evaluate the success or failure of online marketing campaigns. The personal data collected by the tracking pixels is stored and evaluated by us in order to optimize the newsletter dispatch and to adapt the content of future newsletters even better to your interests. Such evaluation is based on our legitimate interests.

Processed data

  • inventory data (e.g. first and last name, address, gender)

  • Contact data (e.g. e-mail address); usage data (e.g. visits to websites, interests, access times)

  • Metadata (e.g. device information, IP address, date and time of login)

Purpose of the processing

  • direct marketing

As far as newsletter tracking takes place additionally:

  • Insertion of personalized advertising

  • Market research

  • Performance measurement of online marketing

Legal basis

  • Consent (Art. 6 Para. 1 Cl. 1 letter f GDPR)

  • Legitimate interest (Art. 6 Para. 1 Cl. 1 letter f GDPR). Our legitimate interest corresponds to the above-mentioned purposes.

Right of revocation and objection

  • You can cancel your subscription to our newsletter at any time and revoke your consent to data processing for the purposes of sending the newsletter at any time. If the data processing is based on our legitimate interest, you have the possibility to object at any time. There is therefore a corresponding opt-out link in every newsletter. In addition, it is also possible to unsubscribe from the newsletter at any time on our website or to inform us of this in another way. A cancellation of the receipt of the newsletter is automatically interpreted as a revocation or objection.

Used services

We use the following services:

2. Freshsales

Provider Freshworks Inc., 2950 S. Delaware Street, Suite 201, San Mateo CA 94403, USA (Freshworks).

Data protection outside the EU/ EEA We have concluded standard data protection clauses with Freshworks

Privacy Policy

3. Google

For sending and receiving e-mails we use e-mail accounts located on Google servers.

Provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, Mutterunternehmen: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google).

Data protection outside the EU/ EEA We have concluded standard data protection clauses with Google.

Privacy Policy

XV. Social Media

1. General information

We maintain presences in social networks to communicate with you and inform you about our services. If you visit one of our social media pages, we are joint controllers with the provider of the respective social media platform for the processing of personal data triggered by this in accordance with Art. 26 GDPR.

We point out that your data may be processed outside the EU or the EEA Area. This may result in risks such as a more difficult enforcement of user rights. User data is often processed in social networks for advertising purposes or for the analysis of user behavior by the providers, without us being able to influence this. In addition, the providers often create user profiles, on the basis of which user-based advertising can then be placed inside and outside the social network. For this purpose, cookies are often used or the user behavior is directly assigned to your own member profile of the social networks (if you are logged in here). Since we do not have access to the data stocks of the respective providers, we would like to point out that it is best to apply your rights directly to the respective provider.

However, if you need help, please feel free to contact us. Further information on the processing of your data in social networks and the possibility to make use of your right of objection or revocation (opt-out) is listed below.

Processed data

  • inventory data (e.g. first and last name, address, age, gender)

  • Content data (e.g. texts, photos, videos)

  • Usage data (e.g. visit of websites, interests)

  • Metadata (e.g. device information, IP address)

Purpose of the processing

  • Modern way of user communication

  • Provision of information about own services

  • tracking, remarketing, affiliate tracking

Legal basis

  • Legitimate interest (Art. 6 Para. 1 Cl. 1 letter f GDPR). Our legitimate interest corresponds to the above-mentioned purposes.

  • Consent (Art. 6 Para. 1 Cl. 1 lettera GDPR). If you, as a user of the respective social media, have to agree to the data processing, the legal basis is your consent.

2. Facebook Fanpage

Provider Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland, Mutterunternehmen: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA (Facebook).

Opt-Out and advertising settings

Joint Controller Facebook provides us with so-called "Facebook Insights". These are various statistics that give us information about how our Facebook fan page is used. In order to create these statistics, data provided by you (including personal data) is processed by Facebook and us as joint responsible parties within the meaning of Art. 26 Para. 1 GDPR. Together with Facebook, we have concluded an agreement in accordance with Art. 26 GDPR, the content of which you can read here.

Data protection outside the EU/ EEA We have concluded standard data protection clauses with Facebook

Legal basis and purposes of Facebook's processing https://www.facebook.com/about/privacy/legal_bases and https://de-de.facebook.com/policy.php.

Privacy Policy

3. Instagram

Provider Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland, Mutterunternehmen: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA (Facebook).

Privacy Policy and advertising settings

4. LinkedIn

Provider LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland (LinkedIn).

Privacy Policy

Cookie-Policy

5. Twitter

Provider musical.ly Inc., 10351 Santa Monica Blvd #310, Los Angeles, CA 90025 USA (Twitter).

Data protection outside the EU/ EEA We have concluded standard data protection clauses with Twitter

Privacy Policy

Possibility of objection (Opt-Out)

XVI. Vimeo video

We integrate elements of the Vimeo video portal into our online offer.

Provider Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA (Vimeo).

Processed data

  • Usage data (e.g. websites visited, time of access)

  • Meta and communication data (e.g. IP address)

Purpose of the processing

  • Optimization of our online offer

Legal basis

  • Consent (Art. 6 Para. 1 Cl. 1 lit a GDPR)

Data protection outside the EU/ EEA We have concluded standard data protection clauses with Vimeo

Privacy policy

Use of Google Analytics For videos from Vimeo that are integrated on our site, the tracking tool Google Analytics is automatically integrated. This is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Google). You will find information on this in the Google privacy policy as well as an opt-out option for Google Analytics. Furthermore, you can stop the use of data for marketing purposes by Google.

XVII. Web Analysis and Optimization Services

1. General information

We carry out web analyses to evaluate the visit of our online presences. In doing so, we are able to process your interests, certain types of behaviour or demographic data. This enables us to analyze how you use our online offer and its contents and functions. User profiles can be created as part of the web analysis. Cookies are often used for this purpose.

Processed data

  • Usage data (e.g. websites visited, interest in content, time of access)

  • Meta and communication data (e.g. IP address).

  • Location data

Purpose of the processing

  • Range measurement and tracking

  • Evaluation of visitor behavior and profiling

  • Improving our offer and offering customer-friendly services

Legal basis

  • Consent (Art. 6 Para. 1 Cl. 1 lettera DSGVO)

  • Legitimate interest (Art. 6 Para. 1 Cl. 1 letterf GDPR). Our legitimate interest corresponds to the above-mentioned purposes.

2. Google Analytics

Google Analytics is a tracking tool that allows us, among other things, to examine the origin of visitors and the time they spend on our website. This enables us to optimize our online offer and improve advertising campaigns.

Provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, Mutterunternehmen: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google).

Opt-Out-Cookie You can prevent the collection of your personal data by Google Analytics by disabling performance cookies via the cookie layer. You can access the cookie layer via the "Cookie Settings" link in the footer. This will set an opt-out cookie that prevents future collection of your data when you visit our website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again. In addition, you have the option of preventing the collection of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading and installing a browser add-on.

Furthermore, you may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

Legal basis

  • Consent (Art. 6 Para. 1 Cl. 1 letter a GDPR)

Data protection outside the EU and the EEA We have concluded standard data protection clauses with Google.

Security measure We have made your IP address anonymous.

Privacy Policy Further information on data protection

3. Google Tag Manager

The Google Tag Manager gives us the possibility to manage website tags and integrate services into our online offer. The Google Tag Manager itself does not enable the creation of user profiles.

Provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, Mutterunternehmen: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google).

Purpose of processing

  • Installation and updating of web page tags

Processed data

  • IP-adress

Legal basis

  • Legitimate interest (Art. 6 Para. 1 Cl. 1 letterf GDPR). Our legitimate interest corresponds to the above-mentioned purposes.

Data protection outside the EU and the EEA We have concluded standard data protection clauses with Google.

Privacy Policy

4. Google Ads

Google Ads enables us to place ads in Google's advertising network in order to present them to users who have a potential interest in the ads. The ads are based primarily on the search results when using Google services. In addition, the conversion of the ads is measured. We only learn the total number of users who clicked on the ad and were redirected to a web page that is tagged with a "conversion tracking tag". We do not receive any information that allows us to identify users.

Provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Mutterkonzern: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google).

Purpose of processing

  • Promotion of our website by displaying interest-relevant advertising on third-party sites

Processed data

  • Usage data (e.g. web pages visited, time of access)

  • Meta and communication data (e.g. IP address)

Legal basis

  • Consent (Art. 6 Para. 1 Cl. 1 letter a GDPR)

Data protection outside the EU and the EEA We have concluded standard data protection clauses with Google.

Google advertising settings You have the option to object to interest-based advertising by Google at any time.

Privacy Policy

5. Facebook Pixel

The Facebook pixel is an analytics tool that helps us measure the effectiveness of our advertising efforts by analyzing the actions of website visitors. The pixel is always triggered when a certain action is performed (so-called event) and subsequently records this action.

We use the Facebook pixel in the standard version. Only the usage behavior of the respective web addressee is evaluated and only related usage data is processed.

Provider Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland, Mutterunternehmen: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA (Facebook).

Purpose of processing

  • Evaluation of the effectiveness of Facebook ads

  • Delivery of ads to the right person

Processed data

  • Usage data (e.g. web pages visited, time of access)

  • Meta and communication data (e.g. IP address)

Legal basis

  • Consent (Art. 6 Para. 1 Cl. 1 letter a GDPR)

Data protection outside the EU and the EEA We have concluded standard data protection clauses with Facebook.

Privacy Policy Revocation option (Opt-Out)

6. Tik Tok Pixel

We use the Tik Tok Pixel. The Tik Tok Pixel is an analytics tool that helps us measure the effectiveness of our advertising efforts by analyzing the actions of website visitors. The pixel is always triggered when a certain action is performed (so-called event) and subsequently records this action.

Provider musical.ly Inc., 10351 Santa Monica Blvd #310, Los Angeles, CA 90025 USA (TikTok).

Purpose of processing

  • Tik-Tok ad optimization

Processed data

  • Usage data (e.g. web pages visited, time of access)

  • Meta and communication data (e.g. IP address)

Legal basis

  • Consent (Art. 6 Para. 1 Cl. 1 letter a GDPR)

Data protection outside the EU and the EEA We have concluded standard data protection clauses with Tik Tok.

Privacy policy

7. Pinterest-Tag

We use the Pinterest tag. This is an analytics tool that allows us to track visitors to our website and their actions after seeing one of our Pinterest ads. This enables us to measure the effectiveness of our Pinterest ads.

Provider Pinterest Inc, 635 High Street, Palo Alto, CA, 94301, USA (Pinterest).

Processed data

  • Usage data (e.g. web pages visited, time of access)

  • Meta and communication data (e.g. IP address)

Legal basis

  • Consent (Art. 6 Para. 1 Cl. 1 letter a GDPR)

Privacy policy of Pinterest You can find more information on data processing in Pinterest's privacy policy.

Possibility to object (Opt-Out)

8. Adjust

We use the web SDK from Adjust. By using Adjust, we are able to track installs, sessions, and events that occur on our website. This allows us to track campaign from the first ad call through a landing page to specific events. In combination with Adjust's Mobile SDK, cross-device tracking is also possible.

Provider Adjust GmbH, Saarbrücker Str. 37A, 10405 Berlin, Germany (Adjust).

Processed data

  • Usage data (e.g. web pages visited, time of access)

  • Meta and communication data (e.g. IP address)

  • [...]

Legal basis

  • Consent (Art. 6 para. 1 p. 1 lit. a DS-GVO).

Privacy policy of Adjust For more information, please see Adjust's privacy policy.

XVIII. Affiliate service provider

1. General information

Our online offer includes affiliate links or other references that refer to services and offers of third-party providers. If you follow affiliate links or make use of related offers, we usually receive a commission or other benefits from the respective third-party provider. In order to find out whether you have followed our affiliate links, it is necessary for the respective third-party providers to become aware of this.

Processed data

  • Contract data (e.g., subject matter of contract, term of contract)

  • Usage data (e.g. websites visited, interest in content, time of access)

  • Meta and communication data (e.g. IP address)

Purpose of processing

  • Affiliate tracking

  • Offering user-friendly services

  • Optimization of our services

Legal basis

  • Consent (Art. 6 Para. 1 Cl. 1 letter a GDPR)

  • Legitimate interest (Art. 6 Para. 1 Cl. 1 letterf GDPR). Our legitimate interest corresponds to the above-mentioned purposes.

2. Financeads

financeAds is an affiliate service provider. As part of its cooperation with us, financeAds stores cookies on the end devices of users who visit our online sites. This serves us to be able to pay out a lead or sale commission to advertising network partners when a successful registration or deal is brokered. Only users who have been referred to our website by an affiliate partner from the FinanceAds network are recorded.

Provider financeAds GmbH & Co. KG, Karlstraße 9, 90403 Nürnberg, Germany (financeAds).

Purpose of processing

  • Allocation of the success of an advertising medium in order to carry out the associated billing within the affiliate network

Privacy policy

XIX. Music services und Podcasts

1. General information

We use service providers to provide audio content for you to listen to or download.

Processed data

  • Usage data (e.g. websites visited, interest in content, time of access)

  • Meta and communication data (e.g. IP address)

Purpose of the processing

  • Provision of audio content

  • Range measurement and visitor evaluation

  • Profiling

Legal basis

  • Consent (Art. 6 Para. 1 Cl. 1 letter a GDPR). Provided that we obtain your consent, this constitutes our legal basis for data processing.

  • Legitimate interests (Art. 6 Para. 1 Cl. 1 letter f. GDPR). Insofar as data processing is not based on consent or for the purpose of fulfilling a contract or carrying out pre-contractual measures, our legitimate interest constitutes the legal basis for data processing. The legitimate interest corresponds to the above-mentioned purposes.

2. Podigee

Podigee processes your personal data to enable podcast downloads and playback and to determine statistical data, such as the number of downloads. This data is anonymized or pseudonymized before it is stored in Podigee's database, unless you are required to provide the podcasts.

Provider Podigee GmbH, Schlesische Straße 20, 10997 Berlin, Deutschland (Podigee).

Privacy Policy

XX. Cloud Service Provider

1. General information

We use cloud services accessible via the Internet and executed on the servers of the respective providers. In this context, a back-up of your registration data is stored on servers.

Processed data

  • All registration data (IX. Registration / Creating a user profile / inventory data)

Purpose of processing

  • Keep a backup of your data to prevent data loss

Legal basis

  • Legitimate interests (Art. 6 Para. 1 Cl. 1 letter f. GDPR).

2. Hetzner Cloud

We use the cloud from Hetzner to create the back-up.

Provider Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany (Hetzner).

Privacy policy

XXI. Content Delivery Network (CDN)

1. General information

Our website uses a CDN. This is a network of powerful servers that cache content in different locations around the world. A CDN enables us to provide content in the shortest possible time and to relieve the web host by distributing the data traffic. Static content that all website visitors receive in the same form, such as video content from streaming services or code frameworks. Dynamic content is first adapted to the user and only created at the moment of the request. This includes content that is personalized and delivered via web applications, e-mail or online stores. To use the latter, information about the website visitor must first be transmitted to the CDN.

Processed data

  • Usage data (e.g. websites visited, time of access)

  • Meta and communication data (e.g. IP address)

  • Content data (e.g. entered text content, photos, videos)

Purpose of the processing

  • Provision of content within the shortest possible time

  • Relief of the web host by distributing the data traffic

Legal basis

  • Legitimate interest (Art. 6 Para. 1 Cl. 1 letterf GDPR). The justified interest results from our need for a technically perfect and fast presentation of our website and the relief of our IT infrastructure.

2. Amazon Web Services (AWS)

Provider Amazon Web Services Inc., 410 Terry Avenue North, Seattle, WA 98109-5210, USA (Amazon).

Data protection outside the EU/ EEA We have concluded standard data protection clauses with Amazon:

Privacy Policy

Further information on data processing

XXII. Rights of the data subject

1. Confirmation

You have the right to ask us to confirm whether personal data concerning you is being processed

2. Right of access by the data subject (Art. 15 GDPR)

You have the right to receive from us at any time and free of charge information about the personal data stored about you as well as a copy of this data in accordance with the statutory provisions.

3. Right to retrification (Art. 16 GDPR)

You have the right to request the correction of incorrect personal data concerning you. You also have the right to request the completion of incomplete personal data, taking into account the purposes of the processing.

4. Right to erase (Art. 17 GDPR)

You have the right to demand from us that personal data concerning you be deleted immediately if one of the reasons provided by law applies and if the processing or storage is not necessary.

5. Right to restriction of processing (Art. 18 GDPR)

You have the right to demand that we restrict processing if one of the legal requirements is met.

6. Right to data portability (Art. 20 GDPR)

You have the right to receive the personal data concerning you that you have provided us in a structured, common and machine-readable format. Furthermore, you have the right to have this data communicated to another person in charge, without hindrance from us, to whom the personal data has been made available, provided that the processing is based on the consent pursuant to Art. 6 Para. 1 letter a GDPR or Art. 9 Para. 2 letter a GDPR or on a contract pursuant to Art. 6 Para. 1 letter b GDPR, and provided that the processing is carried out with the aid of automated procedures, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority delegated to us. In addition, when exercising your right to data transfer in accordance with Art. 20 Para. 1 GDPR, you have the right to request that personal data be transferred directly from one responsible party to another, insofar as this is technically feasible and provided that this does not affect the rights and freedoms of other persons.

7. Right to object (Art. 21 GDPR)

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you that is carried out on the basis of Article 6 para. 1 letter e (data processing in the public interest) or f (data processing based on a balancing of interests) of the DPA. This also applies to profiling based on these provisions within the meaning of Art. 4 No. 4 GDPR.

If you lodge an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate reasons for processing which outweigh your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims. In individual cases we process personal data for the purpose of direct marketing. You may at any time object to the processing of personal data for the purpose of such advertising. This also applies to profiling, insofar as it is connected with such direct advertising. If you object to us processing your personal data for the purposes of direct marketing, we will no longer process the personal data for these purposes.

In addition, you have the right to object, for reasons arising from your particular situation, to the processing of personal data relating to you which is carried out by us for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 para. 1 of the GDPR, unless such processing is necessary for the performance of a task carried out in the public interest. You are free to exercise your right of objection in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures involving the use of technical specifications.

You have the right to withdraw your consent to the processing of personal data at any time with effect for the future.

9. complaint to a supervisory authority

You have the right to complain to a supervisory authority responsible for data protection about our processing of personal data.

XXIII. Storage period of personal data

We process and store your personal data only as long as the purpose of storage requires it or as long as it is required by law. If the purpose of storage ceases to apply or if a prescribed storage period expires, the personal data is routinely blocked or deleted in accordance with legal requirements. The criterion for the duration of storage of personal data is the respective legal retention period. After the period has expired, the corresponding data is routinely deleted if it is no longer required for the fulfilment or initiation of a contract.

XXIV. Actuality and changes of the privacy policy

This data protection declaration is currently valid and has the following status: November 2020. If we further develop our website and our offers or if legal or official requirements change, it may be necessary to amend this data protection declaration. You can view the current data protection declaration at any time on the website.