.png)
Data protection
initiation
We ("we", "us", "our") are committed to protecting the privacy of users ("User" or "you") of our website and/or mobile app (the "Website" or " Mobile App”) very seriously and we are committed to protecting the information that users provide to us in connection with the use of our Website and/or our Mobile App (collectively: “Digital Assets”). Furthermore, we are committed to protecting and using your information in accordance with applicable law.
This Privacy Policy explains our practices regarding the collection, use, and disclosure of your information through the use of our digital assets (the "Services") when you access the Services through your devices.
Please read the Privacy Policy carefully and ensure you fully understand our practices regarding your information before using our Services. If you have read and fully understood this policy and do not agree with our practices, you must stop using our digital assets and services. By using our services, you accept the terms of this privacy policy. Continued use of the Services constitutes your acceptance of this Privacy Policy and any changes thereto.
In this privacy policy you will learn:
How we collect data
What data we collect
Why we collect this data
Who we share the data with
Where the data is stored
How long the data is retained
How we protect the data
How we deal with minors
Updates or changes to the Privacy Policy
What data do we collect?
Below is an overview of the data we may collect:
Unidentified and non-identifiable information that you provide during the registration process or that is collected through the use of our Services ("Non-Personally Identifiable Information"). Non-personal data do not allow any conclusions as to who collected them. Non-Personally Identifiable Information that we collect consists primarily of technical and aggregate usage information.
Individually identifiable information, meaning anything from which you can be identified or could be identified with reasonable effort (“Personal Information”). The Personal Information we collect through our Services may include information requested from time to time, such as names, email addresses, addresses, phone numbers, IP addresses and more. If we combine personal information with non-personal information, we treat it as personal information for as long as it is combined.
How do we collect data?
Below are the main methods we use to collect data:
We collect data when you use our services. Therefore, when you visit our digital assets and use the Services, we may collect, record and store usage, sessions and related information.
We collect data that you provide to us yourself, for example if you contact us directly via a communication channel (e.g. an e-mail with a comment or feedback).
We may collect information from third party sources as described below.
We collect information that you provide to us when you log into our Services through a third party such as Facebook or Google.
Why do we collect this data?
We may use your data for the following purposes:
to provide and operate our Services;
to develop, customize and improve our Services;
to respond to your feedback, requests and requests and to offer assistance;
to analyze request and usage patterns;
for other internal, statistical and research purposes;
to improve our data security and fraud prevention capabilities;
to investigate violations and enforce our terms and policies and to comply with applicable law, regulation or governmental request;
to provide you with updates, news, promotional materials and other information related to our Services. In the case of promotional e-mails, you can decide for yourself whether you wish to continue to receive them. If not, just click the unsubscribe link in those emails.
Who do we share this data with?
We may share your data with our service providers in order to operate our services (e.g. storing data via third-party hosting services, providing technical support, etc.).
We may also disclose your information in the following circumstances: (i) to investigate, detect, prevent, or address unlawful activity or other wrongdoing; (ii) to establish or exercise our rights of defense; (iii) to protect our rights, property, or personal safety, or the safety of our users or the public; (iv) in the event of a change of control of us or any of our affiliated companies (by way of a merger, acquisition or purchase of (substantially) all assets, etc.); (v) to collect, hold and/or manage your data using authorized third party service providers (e.g. cloud service providers) as appropriate for business purposes; (vi) to work collaboratively with third parties to improve your user experience. To avoid misunderstandings, we would like to point out that we can transfer or pass on non-personal data to third parties or use them in any other way at our own discretion.
Use of blog or forum
Please note that our Services enable social interactions (e.g. posting content, information and comments publicly and chatting with other users). We remind you that any content or data that you make available in these areas can be read, collected and used by other people. We do not recommend posting or sharing information that you do not want to make public. If you upload content to our digital assets or otherwise make it available as part of using any service, you do so at your own risk. We cannot control the actions of other users or members of the public with access to your data or content. You acknowledge and hereby acknowledge that copies of your data may remain accessible even after deletion on cached and archived pages or after a third party has made a copy/storage of your content.
Cookies and Similar Technologies
When you visit or access our Services, we authorize third parties to use web beacons, cookies, pixel tags, scripts, and other technologies and analytics services ("Tracking Technologies"). These Tracking Technologies may allow third parties to collect your information automatically in order to improve the browsing experience on our digital assets, to optimize their performance and to ensure a customized user experience, as well as for security and fraud prevention purposes.
To learn more about this, please read our cookie policy.
Connection to advertising services, campaign managers or Facebook Ads
We may provide advertising, which may also be tailored to you, through our Services and our digital assets (including websites and applications that use our Services), such as: B. Ads based on your recent browsing behavior on websites, devices or browsers.
In order to serve these advertisements to you, we may use cookies and/or JavaScript and/or web beacons (including clear GIFs) and/or HTML5 local storage and/or other technologies. We may also use third parties such as B. Network advertisers (ie third parties who serve ads based on your website visits) to serve targeted ads. Third-party ad network providers, advertisers, sponsors and/or website traffic measurement services may also use cookies and/or JavaScript and/or web beacons (including clear GIFs) and/or Flash cookies and/or other technologies to improve effectiveness measure your ads and customize ad content for you. These third party cookies and other technologies are governed by the specific privacy policy of the third party and not this one.
Where do we store the data?
Non-Personally Identifiable Information
Please note that our companies and our trusted partners and service providers are located around the world. For the purposes explained in this Privacy Policy, we store and process all non-personal data that we collect in different jurisdictions.
Collection of Personal Data
Personal information may be maintained, processed and stored in the United States, Ireland, South Korea, Taiwan, Israel and other jurisdictions to the extent required for the proper provision of our Services and/or by law (as further explained below).
How long is the data retained?
Please note that we retain the information we collect for as long as is necessary to provide our services, comply with our legal and contractual obligations to you, resolve disputes, and enforce our agreements.
We can correct, supplement or delete incorrect or incomplete data at any time at our own discretion.
How do we protect the data?
The hosting service for our digital assets provides us with the online platform through which we can offer our services to you. Your data may be stored through our hosting provider's data storage, databases and general applications. It stores your data on secure servers behind a firewall, and it offers secure HTTPS access to most areas of its services.
Category: User accepts payments/eCom
All payment options offered by us and our hosting provider for our digital assets comply with the regulations of the PCI-DSS (data security standard of the credit card industry) of the PCI Security Standards Council (council for security standards of the credit card industry). This is a collaboration between brands such as Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card data (including physical, electronic, and procedural controls) by our store and service providers.
Notwithstanding the measures and efforts taken by us and our hosting provider, we cannot and do not guarantee the absolute privacy or security of any information you upload, post or otherwise disclose to us or others.
For this reason, we would like to ask you to set strong passwords and, if possible, not to transmit to us or others confidential information, the disclosure of which you believe could cause serious or lasting harm to you. In addition, since email and instant messaging are not considered secure forms of communication, we ask that you do not share any confidential information through any of these communication channels.
We will only use your personal information for the purposes set out in the Privacy Policy and only when we are satisfied that:
the use of your personal information is necessary to perform or enter into a contract (e.g. to provide you with the Services themselves or to provide customer or technical support);
the use of your personal data is necessary to comply with a relevant legal or regulatory obligation, or
the use of your personal information is necessary to support our legitimate business interests (provided that we do so at all times in a way that is proportionate and respects your privacy rights).
As an EU resident you can:
request confirmation as to whether or not personal data concerning you is being processed and request access to your stored personal data and certain additional information;
request to receive personal data that you have provided to us in a structured, commonly used and machine-readable format;
request rectification of your personal data held by us;
request the erasure of your personal data;
object to our processing of your personal data;
request the restriction of the processing of your personal data, or
lodge a complaint with a supervisory authority.
However, please note that these rights are not absolute and may be subject to our own legitimate interests and regulatory requirements. If you have general questions about the personal information we collect and how we use it, please contact us as provided below.
In the course of providing the Services, we may transfer information across borders to affiliates or other third parties and from your country/jurisdiction to other countries/jurisdictions around the world. By using the Services, you consent to the transfer of your information outside of the EEA.
If you are a resident of the EEA, your personal data will only be transferred to locations outside the EEA where we are satisfied that an adequate or comparable level of protection of personal data is in place. We will take appropriate steps to ensure that we have appropriate contractual arrangements in place with our third parties to ensure that appropriate safeguards are in place to minimize the risk of unlawful use, alteration, destruction, loss or theft of your personal information and that such third parties will act in accordance with applicable laws at all times.
California Consumer Protection Law Rights
If you are using the Services as a California resident, you may have rights under the California Consumer Privacy Act ("CCPA") to request access to and deletion of your information.
To exercise your right to access and delete your data, please see below how to contact us.
We do not sell users' personally identifiable information for the intent and purposes of the CCPA.
Updates or changes to the Privacy Policy
We may, in our sole discretion, revise this Privacy Policy from time to time, the version posted on the Website will always be current (see “As of Date” statement). We encourage you to periodically review this Privacy Policy for changes. If there are any significant changes, we will post a notice on our website. Your continued use of the Services after notification of changes has been posted to our website constitutes your acknowledgment and acceptance of the changes to the Privacy Policy and your agreement to be bound by the terms of those changes.
Your rights
You have a right to free information about the data we have stored about you and, if necessary, a right to correction, restriction of processing or deletion of this data. You also have the right to data portability. Finally, you also have the right to complain to the data protection supervisory authority about the processing of your personal data by us.
Right to object
We would also like to point out that you can object to the future processing of your personal data at any time in accordance with the legal requirements of Article 21 GDPR. The objection can be made in particular against processing for direct advertising purposes.
Right to information
If you have any questions about the collection, processing or use of your personal data, for information, for the correction, blocking or deletion of data and to revoke any consent you may have given or to object to a specific use of data, please contact us using the following e-mail Address to us:
Data Erasure and Storage Duration
Personal data will be deleted as soon as the purpose of storage no longer applies.
Storage can also take place if this has been provided for by European or national laws or other regulations to which the person responsible is subject.
Encryption by SSL / TLS
For security reasons, our website uses SSL or TLS encryption. This protects transmitted data and cannot be read by third parties. You can recognize successful encryption by the fact that the protocol designation in the browser's status bar changes from "http://" to "https://" and that a closed padlock symbol is visible there.
Web hosting through Domain Factory
We use the services of Domainfactory GmbH, Oskar-Messter-Str. 33, 85737 Ismaning, Germany for web hosting for our websites and have concluded a contract for order processing in accordance with Art. 28 DSGVO with the domain factory.
legal basis
The legal basis for the processing of this data is Article 6 Paragraph 1 Clause 1 Letter f GDPR. operation and maintaining the operational security of these websites.
log data
The provider of the Internet services (provider) automatically collects "log data" in server log files.
The log data includes the following information:
- Date and time of the respective request
- Internet address (URL) that was requested
- URL that the visitor visited immediately before (referrer)
- Browser and language used
- Operating system used
- IP address and hostname of the visitor
- Access status / http status code
- each transmitted amount of data
This data is transmitted to us automatically and this data cannot be assigned to you personally with a reasonable effort.
legal basis
The legal basis for the processing of this data is our legitimate interest in accordance with Article 6 Paragraph 1 Clause 1 Letter f GDPR.
The logging is used for access control and monitoring of the technical processes and their optimization. In addition, this data is used in accordance with § 76 BDSG to check the processing under data protection aspects.
It will not be passed on to third parties, except to law enforcement authorities by judicial order if necessary.
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected, or after the statutory deletion period has been reached.
Consequently, there is no possibility of objection on the part of the user.
linking
This website may contain links to websites operated by other companies; including, for example, social media websites such as YouTube or Facebook.
If you follow such links you may encounter cookies that are not under our control. We cannot assume any liability for this and we refer to the data protection regulations or cookie guidelines of the respective websites.
cookies
In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies. These are small text files that are stored on your end device and store certain information for exchange with our system.
Types of Cookies
First-party cookies - Necessary cookies
These are generated by our website and are necessary for the error-free operation of the application. These cookies are also called session cookies or transient and are automatically deleted after the end of the browser session, i.e. after closing the browser.
Without these cookies, the error-free operation of the website cannot be guaranteed.
legal basis
The legal basis for the processing of this data is Article 6 Paragraph 1 Clause 1 Letter f GDPR.
Third party cookies
These are set by various services (e.g. analysis services or Facebook) and store a unique identifier that your end device recognizes the next time you visit (persistent cookies).
These cookies remain on your end device for a specified period of time. This duration is variable.
legal basis
The legal basis for the processing of this data is Article 6 Paragraph 1 Clause 1 Letter a GDPR.
Disable cookies
Please note that certain cookies are set as soon as you enter our website.
You can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude the acceptance of cookies for certain cases, in particular cookies from third parties (third party cookies) or in general.
If cookies are not accepted, the functionality of our website may be restricted for you.
Third party providers:
Facebook Pixel and Facebook Custom Audiences
Facebook Conversion Tracking, the so-called "Facebook Pixel" of the social network Facebook, is used on our website for the purpose of analyzing and optimizing our website. The provider of these services is Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. If you are based in the EU, the provider of the services is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter "Facebook").
By using the Facebook pixel, Facebook is able to identify and determine visitors to our website as a potential target group for the display of ads (so-called “Facebook ads”). So we use the Facebook pixel to only display the Facebook ads we have placed to those Facebook users who have also shown an interest in our website or who have certain characteristics (interests that are determined based on websites visited, etc.) . We transmit this information to Facebook and thereby form so-called "Custom Audiences". By using the Facebook pixel, we want to ensure that our Facebook ads correspond to the potential interest of the visitor and are not perceived as a nuisance. By using the Facebook pixel, we can understand the effectiveness of the Facebook ads statistically and for market research purposes. We analyze whether visitors are redirected to our website after clicking on a Facebook ad, i.e. whether a so-called "conversion" takes place
General information on the processing of data by Facebook can be found here https://www.facebook.com/policy.php. Further information and details on the Facebook pixel can be found here: https://www.facebook.com/business/help/651294705016616. Facebook is certified under the Privacy Shield and thus offers a guarantee to comply with European data protection standards (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
You can object to the collection by the Facebook pixel and the use of your data to display Facebook ads. In order to set which types of advertisements are displayed to you within Facebook, you can visit the page set up by Facebook and follow the instructions for setting usage-based advertising there: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, ie they are adopted for all devices, such as desktop computers or mobile devices.
legal basis
Article 6(1)(a) GDPR applies to this processing of the data.
ActiveCampaign
If you would like to subscribe to our e-mail newsletter and read it regularly, you must register with a valid e-mail address and thus give your consent to the processing of your personal data by us. Please note the declaration of consent on the registration form for the newsletter.
Small, "invisible" files (beacons) that are sent with the newsletter can be used to carry out various evaluations to improve our offers. The IP address, browser and time of retrieval and opening of the newsletter and click behavior on links contained in the newsletter are recorded and statistically evaluated.
We use the services of ActiveCampaign, LLC, 150 N. Michigan Ave Suite 1230, Chicago, IL, US, USA to send the newsletter. When you visit and use these pages, ActiveCampaign data is transferred to the USA, which is considered an unsafe third country according to the GDPR. We have no knowledge of the type and scope of processing or the duration of storage by ActiveCampaign.
We have concluded a DPA (Data Processing Agreement) with ActiveCampaign according to a contract for order processing in accordance with Art. 28 DSGVO.
ActiveCampaign is certified under the Privacy Shield and thus offers a guarantee to comply with European data protection standards (https://www.privacyshield.gov/participant?id=a2zt0000000TSo1AAG&status=Active).
Further information can be found in the data protection information of ActiveCampaign LLC Inc at https://www.activecampaign.com/legal/privacy-policy
legal basis
The legal basis for the processing of this data is your consent in accordance with Article 6 (1) (a) GDPR.
Elopage
We also offer you digital products such as tickets, online courses, vouchers, digital products and download products for sale on our websites. We use the elopage service for this. As soon as you click on one of our product buttons, you leave our website and are forwarded to our individual elopage sales page.
elopage is a service of: elopay GmbH, Joachimsthaler Straße 21, 10719 Berlin
All functions on the sales side as well as the entire downstream sales process are carried out via elopage.
We have concluded a corresponding contract in accordance with Art. 28 GDPR with elopay GmbH as our processor.
legal basis
The legal basis for the processing of personal data when forwarding from our website to the sales page via elopage results from Article 6 Paragraph 1 Sentence 1 lit. b).
You can find elopage's privacy policy here https://elopage.com/privacy
Google Web Fonts
This website uses so-called web fonts provided by Google. This is done in order to be able to display fonts uniformly. When you call up a page, your browser loads the required web fonts into your browser memory. For this purpose, your browser must establish a connection to Google's servers in the USA. This gives Google the information that our website was accessed via your IP address. Google Web Fonts are used in the interest of a uniform and attractive presentation of our website. If the browser does not support Google Web Fonts, a standard font will be used by your computer.
legal basis
This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR. You can find more information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google's data protection declaration: https https://www.google.com/policies/privacy/.
Google Analytics
This website uses Google Analytics, a web analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses so-called "cookies", text files that are stored on your computer and which are used for analysis allow you to use the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. According to the GDPR, the USA is considered a third country with an insecure level of data protection.
If IP anonymization is activated on this website, however, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there.
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports and statistics on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
You can prevent the storage of cookies by setting your browser software accordingly; we would like to point out to you however that in this case you will if applicable not be able to use all functions of this website in full.
You can also prevent the data generated by the cookie and related to your use of the website (including your IP address) being sent to Google and the processing of this data by Google by using the browser plug-in available under the following link. Download and install in: http://tools.google.com/dlpage/gaoptout?hl=de.
As an alternative to the browser plugin or within browsers on mobile devices, please click this link to prevent future detection by Google Analytics within this website: Google Analytics Opt-Out. An opt-out cookie will be stored on your device.*
If you delete your cookies, you must click this link again.
We use Google Analytics to analyze and regularly improve the use of our website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
You can find more information about Google here:
User conditions: http://www.google.com/analytics/terms/de.html
Overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html, as well as the data protection declaration: http://www.google.de/intl/de/policies/privacy.
legal basis
The legal basis for the processing of the data is our legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR, as we would like to offer you an attractive website and various modern information and interaction options with us.
Contact
If you have general questions about the Services or the information we collect about you and how we use it, please contact us at:
Name: Julia Zeman
Address: Schönhauser Allee 58, 10437 Berlin
Email address: post@puppetuni.de