Career
Contact
Shop
Language switcher
Language switcher

Data protection

Cow

1. basic information on data processing and legal basis

 

1.1. This privacy policy explains the type, scope and purpose of the processing of personal data within our online and offline offering and the associated websites, functions and content (hereinafter jointly referred to as "online offering" or "website"). The privacy policy applies regardless of the domains, systems, platforms and devices (e.g. desktop or mobile) on which the online offering is executed.

 

1.2. The terms used, such as "personal data" or their "processing", correspond to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).

 

1.3. The personal data of users processed in the context of this online offer includes inventory data (e.g., names, addresses, e-mail addresses, telephone numbers of customers), contract data (e.g., services used, names of clerks, payment information), usage data (e.g., the websites visited on our online offer, interest in our products) and content data (data relating to communication, e.g., entries in the contact form).

 

1.4. The term "user" covers all categories of natural persons affected by data processing. These include our business partners, customers, suppliers, interested parties and other visitors to our online offering. The terms used, such as "user", are to be understood as gender-neutral.

 

1.5. We only process users' personal data in compliance with the relevant data protection regulations. This means that user data is only processed if there is a legal basis for doing so. These bases include contractual agreements (e.g. dispatch of products); compliance with legal obligations (e.g. tax retention obligations); express user consent and the existence of a legitimate interest. These legitimate interests include the interest in the analysis, optimisation and economic operation and security of our online and offline services; in the presentation of our company to the public and to potential customers, in particular in the course of advertising and marketing activities.

2. security measures

 

2.1. We take organisational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of the data protection laws are complied with and thus to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons.

 

2.2. The security measures include in particular the encrypted transmission of data between your browser and our server.

3. disclosure of data to third parties and third-party providers

 

3.1. Data is only passed on to third parties within the framework of data protection regulations. We only pass on user data to third parties if this is permitted on the basis of the aforementioned principles. This is regularly necessary for the fulfilment of contractual obligations or due to the legitimate interest in the economic and effective operation of our business operations.

 

3.2. Where we use subcontractors to provide our services, we take appropriate legal precautions and technical and organisational measures to ensure the protection of personal data in accordance with the relevant legal requirements.

 

3.3. If content, tools or other means from other providers (hereinafter jointly referred to as "third-party providers") are used within the scope of this privacy policy and their registered office is located in a third country, it is to be assumed that data is transferred to the countries in which the third-party providers are based. Third countries are countries in which the GDPR is not directly applicable law, i.e. generally countries outside the EU or the European Economic Area. Data is transferred to third countries either if there is an adequate level of data protection, user consent or other legal authorisation.

4. provision of contractual services

 

4.1. We process inventory data (e.g., names and addresses as well as contact data of users), contract data (e.g., services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services in accordance with Art. 6 para. 1 lit. b. GDPR. GDPR.

 

4.3. As part of the registration and renewed logins as well as the use of our online services, we store the IP address and the time of the respective user action. This data is stored on the basis of our legitimate interests as well as those of the user in protection against misuse and other unauthorised use. This data is not passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so.

5. qimiQ websites

 

5.1. We process inventory data (e.g., names and addresses as well as contact data of users), contract data (e.g., services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services pursuant to Art. 6 para. 1 lit b. DSGVO.

 

5.4. Content Management System ("CMS") for this website is provided by WordPress of Automattic Inc, 60 29th St # 343, San Francisco, CA 94110. Data protection: en.wordpress.org/about/privacy With regard to the transfer to the USA, there is a corresponding data protection adequacy decision adopted by the European Commission on 10 July 2023, whereby the service provider Automattic Inc. is included in the corresponding Data Privacy Framework list: https://www.dataprivacyframework.gov/list

 

5.5. We use web hosting services of the company Kinsta Inc, 8605 Santa Monica Blvd #92581. West Hollywood, CA 90069. USA, whereby the data is hosted in a server farm in Frankfurt and is not transferred outside the EU. Data protection: https://kinsta.com/de/legal/datenschutzpolitik/.

6. QimiQ Online Shop

 

6.1. We process inventory data (e.g., names and addresses as well as contact data of users), contract data (e.g., services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services pursuant to Art. 6 para. 1 lit b. DSGVO.

 

6.3. Within the scope of registration and renewed logins as well as the use of our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests as well as those of the users in protection against misuse and other unauthorised use. This data is not passed on to third parties, unless it is necessary for the pursuit of our claims or there is a legal obligation to do so in accordance with Art. 6 Para. 1 lit. c DSGVO.

 

6.4. We use IT support to maintain the customer data list, currently provided by LightCyde New Media Solutions GmbH (Pichl 47a, A-8973 Schladming, Austria).

7. QimiQ Recipe Database

 

7.1. We process inventory data (e.g., names and addresses as well as contact data of users), contract data (e.g., services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services pursuant to Art. 6 para. 1 lit b. DSGVO.

 

7.3. Within the scope of registration and renewed logins as well as the use of our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests as well as those of the users in protection against misuse and other unauthorised use. This data is not passed on to third parties, unless it is necessary for the pursuit of our claims or there is a legal obligation to do so in accordance with Art. 6 Para. 1 lit. c DSGVO.

 

7.5. We use web hosting services provided by Vercel Inc, (440 N Barranca Ave #4133 Covina, CA 91723) . Privacy Policy: https://vercel.com/legal/privacy-policy 

8. contacting

 

8.1. When contacting us (via contact form or email), the user's details are processed for the purpose of handling the contact request and its processing pursuant to Art. 6 (1) lit. b) DSGVO.

 

8.2. Users' details may be stored in our Customer Relationship Management System ("CRM") or comparable enquiry organisation.

 

8.3. We use the CRM system "HubSpot", from the provider HubSpot Inc. (25 First Street, 2nd Floor, Cambridge, MA 02141, USA), on the basis of our legitimate interests (efficient and fast processing of user enquiries). With regard to the transfer to the USA, there is a corresponding data protection adequacy decision adopted by the European Commission on 10 July 2023, whereby the service provider Hubspot is included in the corresponding Data Privacy Framework list: https://www.dataprivacyframework.gov/list.

9. comments, contributions̈and evaluations

 

9.1. When users leave comments or other contributions, their IP addresses are stored on the basis of our legitimate interests within the meaning of Art. 6 (1) lit. f. DSGVO are stored.

 

9.2. This is done for our security in case someone leaves unlawful content in comments and posts (insults, forbidden political propaganda, etc.). In this case, we ourselves can be prosecuted for the comment or post and are therefore interested in the identity of the author.

10. collection of access data and log files

 

10.1. We collect data on every access to the server on which this service is located (so-called server log files) on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO, we collect data about each access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.

 

10.2. Log file information is stored for security reasons (e.g. to investigate misuse or fraud) for a maximum period of one day and then deleted. Data whose further storage is required for evidence purposes is excluded from deletion until the respective incident has been finally clarified.

11. cookies

 

11.1. Cookies are pieces of information that are transmitted from our web server or third-party web servers to users' web browsers and stored there for later retrieval. Cookies may be small files or other types of information storage.

 

11.2. We use "session cookies", which are only stored for the duration of the current visit to our online presence (e.g. in order to be able to save your login status or the shopping cart function and thus enable the use of our online offer at all). A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. In addition, a cookie contains information about its origin and the storage period. These cookies cannot store any other data. Session cookies are deleted when you have finished using our online offer and log out or close the browser, for example.

 

11.4. If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.

12. Google Analytics

 

12.1. On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR), we use Google Analytics, a web analysis service of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043 USA ("Google"). GDPR) Google Analytics, a web analytics service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) ("Google"). Google uses cookies. The information generated by the cookie about the use of the online offer by the user is usually transmitted to a Google server in the USA and stored there.

 

12.2.  With regard to the transfer to the USA, there is a corresponding data protection adequacy decision adopted by the European Commission on 10 July 2023, whereby the service provider Google is included in the corresponding Data Privacy Framework list: https://www.dataprivacyframework.gov/list.

 

12.3. Google will use this information on our behalf for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. In doing so, pseudonymous user profiles of the users can be created from the processed data.

 

12.4. We use Google Analytics to display the ads placed within Google's advertising services and those of its partners only to users who have also shown an interest in our online offering or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited), which we transmit to Google (so-called "Remarketing Audiences" or "Google Analytics Audiences"). With the help of Remarketing Audiences, we also want to ensure that our advertisements correspond to the potential interest of the users and do not have a harassing effect.

 

12.5. We only use Google Analytics with IP anonymisation activated. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

 

12.6. The IP address transmitted by the user's browser will not be merged with other data from Google. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent the collection of the data generated by the cookie and related to their use of the online offer to Google as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link: tools.google.com/dlpage/gaoptout.

 

12.7. You can find out more information about Google's use of data, setting options and objection options on the Google website: policies.google.com/technologies/partner-sites?hl=en ("Data use by Google when you use our partners' websites or apps"). policies.google.com/technologies/ads?hl=en ("Data use for advertising purposes"), adsettings.google.com ("manage information that Google uses to serve ads to you").

16. meta -custom audiences and meta -marketing services

 

16.1. Based on our legitimate interests in the analysis, optimisation and economic operation of our online offer and for these purposes, the so-called "meta pixel" of the social network Facebook, which is operated by Meta Platforms, Inc. (1 Hacker Way, Menlo Park, CA 94025, USA) or, if you are resident in the EU, Meta Platforms Ireland Ltd (Merrion Road Dublin, Dublin 4, Ireland) ("Meta"), is used within our online offer.

 

16.2.  With regard to the transfer to the USA, there is a corresponding data protection adequacy decision adopted by the European Commission on 10 July 2023, whereby the service provider Meta is included in the corresponding Data Privacy Framework list: https://www.dataprivacyframework.gov/list

 

16.3. With the help of the meta pixel, Meta is able to determine the visitors to our online offering as a target group for the display of adverts (so-called "Facebook ads"). Accordingly, we use the meta pixel to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offering or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that we transmit to Meta (so-called "custom audiences"). With the help of the Meta pixel, we also want to ensure that our Facebook ads correspond to the potential interest of users and are not annoying. With the help of the Facebook pixel, we can also track the effectiveness of Facebook adverts for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook advert (so-called "conversion").

 

16.4. The meta pixel is integrated directly by Meta when you visit our website and can store a cookie, i.e. a small file, on your device. If you subsequently log in to Facebook or visit Facebook while logged in, the visit to our online offer will be noted in your profile. The data collected about you is anonymous to us, so it does not allow us to draw any conclusions about the identity of the user. However, the data is stored and processed by Meta so that a connection to the respective user profile is possible and can be used by Meta and for its own market research and advertising purposes. If we transmit data to Meta for comparison purposes, it is encrypted locally in the browser and only then sent to Meta via a secure https connection. This is done for the sole purpose of making a comparison with the data that is also encrypted by Meta.

 

16.5. Furthermore, we use the additional function "extended synchronisation" when using the Meta pixel. Here, inventory data such as telephone numbers, email addresses or Facebook IDs of users are transmitted to Meta in encrypted form to form target groups for Facebook ads and are only used for this purpose. Users declare their consent to the processing of their personal information as part of the "extended comparison".

 

16.6. Meta processes the data in accordance with Meta's Data Usage Policy. Accordingly, general information on the display of Facebook ads can be found in Meta's data usage policy: www.facebook.com/policy.php. Special information and details about the meta pixel and how it works can be found in the Meta help section: www.facebook.com/business/help/651294705016616.

 

16.7. You can object to the collection by the Meta pixel and use of your data to display Facebook ads. To set which types of adverts are displayed to you within Facebook, you can go to the page set up by Meta and follow the instructions on the settings for usage-based advertising: www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.

 

16.8. You can also refuse the use of cookies that are used for reach measurement and advertising purposes via the deactivation page of the network advertising initiative (optout.networkadvertising.org) and additionally the US-American website (optout.aboutads.info) or the European website (www.youronlinechoices.com/at/praferenzmanagement) contradict.

 

16.9. To prevent your data from being collected by the Facebook pixel on our website, please click on the following link and deactivate the marketing cookies.

17 Newsletter

 

17.1. The following information explains the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedures and your rights of objection. By subscribing to our newsletter, you agree to receive it and to the procedures described.

 

17.2 Content of the newsletter: We send newsletters, emails and other electronic notifications with promotional information (hereinafter "newsletter") only with the consent of the recipients or a legal permission. If the contents of the Newsletter are specifically described in the course of registration, they are decisive for the consent of the user. In addition, our newsletters contain information about our products, offers, promotions and our company.

 

17.3 Logging:  Subscriptions to the newsletter are logged in order to be able to prove the registration process in accordance with legal requirements. This includes storing the time of registration and confirmation as well as the IP address. Changes to your data stored with the mailing service provider are also logged.

 

17.4 Shipping service provider: The newsletter is sent using "HubSpot", the provider HubSpot Inc. (25 First Street, 2nd Floor, Cambridge, MA 02141, USA). "MailChimp", a newsletter distribution platform of the US provider The Rocket Science Group, LLC (675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA). With regard to the transfer to the USA, there is a corresponding data protection adequacy decision, adopted by the European Commission on 10 July 2023, whereby the service provider is included in the corresponding Data Privacy Framework list: https://www.dataprivacyframework.gov/list

 

17.7. Furthermore, according to its own information, the mailing service provider may use this data in anonymous form, i.e. without allocation to a user, to optimise or improve its own services, e.g. to technically optimise the mailing and presentation of the newsletter or for statistical purposes in order to determine which countries the recipients come from. However, the mailing service provider does not use the data of our newsletter recipients to write to them itself or pass it on to third parties.

 

17.8 Login data: To subscribe to the newsletter, please enter your email address. We ask you to enter your name so that we can address you personally in the newsletter.

 

17.9 Statistical survey and analyses: The newsletter may contain a so-called "web-beacon", i.e. a pixel-sized file that is retrieved from the server of the dispatch service provider when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval, is initially collected. This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behaviour based on their retrieval locations (which can be determined with the help of the IP address) or the access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our endeavour nor that of the mailing service provider to observe individual users. The analyses serve us much more to recognise the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

 

17.10. The use of the dispatch service provider, the performance of statistical surveys and analyses as well as the logging of the registration process are based on our legitimate interests in accordance with Art. 6 Para. 1 lit. f DSGVO. Our interest is directed towards the use of a user-friendly and secure newsletter system that serves our business interests and meets the expectations of the users.

 

17.11. Cancellation / Revocation: You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. This will also terminate your consent to the dispatch of the newsletter by the dispatch service provider and the statistical analyses. Unfortunately, it is not possible to cancel the dispatch by the dispatch service provider or the statistical analysis separately. You will find a link to cancel the newsletter at the end of each newsletter. If users have only registered for the newsletter and cancelled this registration, their personal data will be deleted.

18. integration of services and contents of third parties

 

18.1. On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR), we use content or service offers from third-party providers within our online offer. GDPR) content or service offers from third-party providers in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content"). This always presupposes that the third-party providers of this content recognise the IP address of the user, as they would not be able to send the content to their browser without the IP address. The IP address is therefore required to display this content. We endeavour to only use content whose respective providers only use the IP address to deliver the content.

 

18.2. The following presentation provides an overview of third-party providers and their content, together with links to their data protection declarations, which contain further information on the processing of data and, in part already mentioned here, options for objection (so-called opt-out):

  • If our customers use the payment services of third parties (e.g. PayPal, Stripe or Klarna), the terms and conditions and the data protection notices of the respective third party providers apply, which can be accessed within the respective websites or transaction applications.
  • External fonts from the third-party provider Adobe Systems Software Ireland Companies (4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland) via fonts.adobe.com ("Adobe Fonts"). Google Fonts are integrated by accessing a Google server (usually in the USA). Privacy policy:  https://www.adobe.com/de/privacy/policy.html,
  • We use the online shop translation solution "translatepress" (Reflection Media SRL, Str. Armoniei, nr 23A, Ap. 46, Timisoara City, Timis County, Romania).
  • For the collection of customer ratings, we work together with the company Trusted Shops (Trusted Shops GmbH, Colonius Carré, Subbelrather Straße 15c, 50823 Cologne, Germany). The Trusted Shops trust badge is integrated on this website to display our Trusted Shops seal of approval and any ratings collected, as well as to offer Trusted Shops products to buyers after they have placed an order. This serves to protect our legitimate interests in an optimal marketing of our offer, which outweigh our interests in the context of a balancing of interests, in accordance with Art. 6 Para. 1 S. 1 lit. f DSGVO. The Trustbadge and the services advertised with it are an offer of Trusted Shops GmbH. When the Trustbadge is called up, the web server automatically saves a so-called server log file, which contains, for example, your IP address, the date and time of the call-up, the amount of data transferred and the requesting provider (access data) and documents the call-up. This access data is not evaluated and is automatically overwritten at the latest seven days after the end of your visit to the site. Further personal data is only transferred to Trusted Shops if you have consented to this, have decided to use Trusted Shops products after completing an order or have already registered to use them. In this case, the contractual agreement made between you and Trusted Shops applies. Privacy policy: www.trustedshops.de/impressum.
  • Customer data (name, address, telephone, email) is transferred to Österreichische Post AG (Rochusplatz 1, 1030 Vienna, Austria) in order to fulfil the contract in the online shop.
  • We use the Amazon billing service Amainvoice from the company amaZervice GmbH (Am Riedbach 3, 87499 Wildpoldsried/ Allgäu, Germany). Privacy policy: amainvoice.com/?privacy-policy1TP4legal-privacy-policy.

19. rights of the users

 

19.1. Users have the right, upon request and free of charge, to obtain information about the personal data we have stored about them.

 

19.2. In addition, users have the right to rectification of inaccurate data, restriction of processing and erasure of their personal data, where applicable, to exercise their rights to data portability and, in the event of a presumption of unlawful data processing, to lodge a complaint with the competent supervisory authority.

 

19.3. Likewise, users can revoke consent, in principle with effect for the future.

20 Deletion of data

 

20.1. The data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations. If the user data is not deleted because it is required for other and legally permissible purposes, its processing is restricted. I.e. the data is blocked and not processed for other purposes. This applies, for example, to user data that must be retained for reasons of commercial or tax law.

 

20.2. Data that is transmitted in connection with a contractual relationship is generally stored for the duration of the underlying contractual relationship and beyond, insofar as this is necessary and expedient for the fulfilment of post-contractual obligations or for reasons of due diligence, for example for the examination and defence of legal claims (normally 3 years from termination/fulfilment of the contract). In addition, data for the fulfilment of legal obligations (e.g. tax law) is generally stored for 7 years.

 

20.3. If the processing is based on a declaration of consent, the data will be processed for the corresponding processing operations until the explicit revocation of the declaration of consent.

If the processing is based on the legitimate interests of the controller or a third party, data will be processed either until an objection to the processing is raised and the legitimate interest of the data subject is proven, or until the legitimate interest ceases to exist, with the corresponding review taking place at least once a year.

21 Right of objection

 

Users may object to the future processing of their personal data in accordance with the legal requirements at any time. The objection can be made in particular against the processing for purposes of direct advertising.

22. ÄChanges to the data protection̈ration

 

22.1. We reserve the right to change the data protection declaration in order to adapt it to changed legal situations or in the event of changes to the service as well as data processing. However, this only applies with regard to declarations on data processing. Insofar as user consent is required or components of the data protection declaration contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users.

 

22.2. Users are requested to inform themselves regularly about the content of the privacy policy.

Stand: 01.02.2024