PRIVACY POLICY

General information about data handling

We are very pleased that you are interested in our website – and thus in our company. The protection of your private rights and freedoms is important to us; we only use your data for the purposes intended. Since it is important to us that you know at all times to what extent we collect, use and, if necessary, pass your data onto third parties, we will subsequently inform you in detail about the processing of your personal data (collected via our website).

In principle, you can use our pages without providing any data; if there are exceptions for selected services, we will explain these in the following chapters. We will not process data without a legal basis without your informed consent.

When processing personal data, we strictly adhere to the requirements of the EU Data Protection Regulation (GDPR) and, if necessary, other data protection regulations.

Name and address of the data controller

Giselas Energy Art

Rießerkopfstr. 4

82467 Garmisch-Partenkirchen

Tel: +49 (0) 15902436279
Mail: [email protected]

Data protection contact

Gisela Gonzalez
Mail: [email protected]

Timeliness of the privacy policy

To ensure up-to-date data protection information in connection with the services of our website, we use the Cloud-Service by Cookiebox GmbH.

The rights of data subjects

Chapter III of the EU Data Protection Regulation (GDPR) provides for extensive rights for data subjects, which we will explain to you below with regard to the processing of your personal data:

1. The right to be informed
2. The right of rectification
3. Right to deletion (right to be forgotten)
4. The right to restriction of processing
5. The right to data portability
6. Right to object
7. Automated individual decision-making including profiling
8. Right to withdraw consent under the data protection laws
9. The right to file a legal complaint with a supervisory authority

General information about data processing on the website

The following information applies to the data processing on our website in general. If there are exceptions or additions to this information, these are described in detail in the respective sections.

Information on data security
Legal basis for processing
Our legitimate interest
General deadlines for data deletion

After elimination of the storage purpose, the retention periods are generally at least six or ten years. As a rule, the deletion of data generally takes place without delay in accordance with our deletion plan, insofar as it does not preclude any obligation to retain data, the need to fulfil a contract or a legitimate interest.

Deletion or blocking of personal data
Collection of general data and information
Obligation to provide personal data

Information about specific data processing on the website

Depending on the processing, the purposes, legal basis and other information may vary. You will find the exact assignment of the information in the following chapter.
Contact form
Web tracking technologies – managed with Usercentrics

Data Purposes

This list represents the purposes of the data collection and processing.

  • Advertisement
  • Functionality
  • Event tracking
Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Browser information
  • Device operating system
  • Full URL clickstream to, through, and from AWS website (including date and time)
  • IP address
  • E-mail address
  • Time zone
  • Usage data
  • Geographic location
Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. f GDPR
Location of Processing
European Union
Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data is retained as long as necessary to fulfill the purpose(s) for which it was collected.
Data Recipients
  • Amazon Web Services Inc.
Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://aws.amazon.com/de/contact-us/
Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

Worldwide

Click here to read the privacy policy of the data processor: https://aws.amazon.com/privacy/?nc1=f_pr

Cookie Policy of Processor: https://aws.amazon.com/de/legal/cookies/

This is a consent management service. Usercentrics GmbH is used on the website as a processor for the purpose of consent management.
Processing company

Usercentrics GmbH

Sendlinger Str. 7, 80331 Munich, Germany

Data Purposes

This list represents the purposes of the data collection and processing.

  • Compliance with legal obligations
  • Consent storage
Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Local storage
Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Opt-in and opt-out data
  • Referrer URL
  • User agent
  • User settings
  • Consent ID
  • Time of consent
  • Consent type
  • Template version
  • Banner language
Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. c GDPR
Location of Processing
European Union
Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The consent data (given consent and revocation of consent) are stored for three years. The data will then be deleted immediately.
Data Recipients
  • Usercentrics GmbH
Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Click here to read the privacy policy of the data processor: https://usercentrics.com/privacy-policy/

This is a web analytics service. With this the user can measure the advertising ROI as well as track Flash, video, and social networking sites and applications.
Processing company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Purposes

This list represents the purposes of the data collection and processing.

  • Marketing
  • Analytics
Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
  • Pixel
Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • App updates
  • Click path
  • Date and time of visit
  • Device information
  • Downloads
  • Flash version
  • Location information
  • IP address
  • JavaScript support
  • Pages visited
  • Purchase activity
  • Referrer URL
  • Usage data
  • Widget interactions
  • Browser information
Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR
Location of Processing
European Union
Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The Retention Period depends on the type of the saved data. Each client can choose how long Google Analytics retains data before automatically deleting it.
Data Recipients
  • Google Ireland Limited, Alphabet Inc., Google LLC
Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form
Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

United States of America,Singapore,Chile,Taiwan

Click here to read the privacy policy of the data processor: https://policies.google.com/privacy?hl=en

Opt-out Link: https://tools.google.com/dlpage/gaoptout?hl=de

Cookie Policy of Processor: https://policies.google.com/technologies/cookies?hl=en

Storage Information

Below you can see the longest potential duration for storage on a device, as set when using the cookie method of storage and if there are any other methods used.

  • Maximum age of cookie storage: 2 years
This is a conversion tracking service.
Processing company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Purposes

This list represents the purposes of the data collection and processing.

  • Advertisement
  • Conversion Tracking
  • Analytics
Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
  • Pixel
  • Web beacons
Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Browser language
  • Browser type
  • Clicked advertisements
  • Cookie ID
  • Cookie information
  • Date and time of visit
  • IP address
  • Referrer URL
  • Usage data
  • Web request
Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR
Location of Processing
European Union
Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.
Data Recipients
  • Google Ireland Limited
  • Google LLC
  • Alphabet Inc
Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/troubleshooter/7575787?hl=en
Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

United States of America,Singapore,Taiwan,Chile

Click here to read the privacy policy of the data processor: https://policies.google.com/privacy?hl=en

Opt-out Link: https://safety.google/privacy/privacy-controls/

Cookie Policy of Processor: https://policies.google.com/technologies/cookies?hl=en

Storage Information

Below you can see the longest potential duration for storage on a device, as set when using the cookie method of storage and if there are any other methods used.

  • Maximum age of cookie storage: 1 year
This is an advertising service.
Processing company

Microsoft Corporation

One Microsoft Way, Redmond, WA 98052-6399, United States of America

Data Purposes

This list represents the purposes of the data collection and processing.

  • Advertisement
  • Conversion Tracking
Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Bounce rates
  • Browser language
  • Clicked advertisements
  • Conversions
  • Digital signature
  • Duration of visit
  • Engagement metrics
  • Microsoft Click ID
  • Number of visits
  • Page response times
  • Page title
  • Referrer URL
  • Screen color depth
  • Screen resolution
  • UET ID tag
  • URL
Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR
Location of Processing
European Union
Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

Data will be deleted as soon as they are no longer needed for the processing purposes.
Data Recipients
  • Microsoft Corporation
Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://aka.ms/privacyresponse
Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

Worldwide

Click here to read the privacy policy of the data processor: https://privacy.microsoft.com/en-us/PrivacyStatement

Opt-out Link: https://account.microsoft.com/privacy/ad-settings/signedout?ru=https:%2F%2Faccount.microsoft.com%2Fprivacy%2Fad-settings

Storage Information

Below you can see the longest potential duration for storage on a device, as set when using the cookie method of storage and if there are any other methods used.

  • Maximum age of cookie storage: 1 year, 25 days
This is a Tracking technology offered by Facebook and used by other Facebook services such as Facebook Custom Audiences.
Processing company

Facebook Ireland Limited

4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland

Data Purposes

This list represents the purposes of the data collection and processing.

  • Analytics
  • Marketing
  • Retargeting
  • Tracking
  • Advertisement
Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
  • Pixel
Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Ads viewed
  • Content viewed
  • Device information
  • Geographic location
  • HTTP-header
  • Interactions with advertisement, services, and products
  • IP address
  • Items clicked
  • Marketing information
  • Non-sensitive custom data
  • Pages visited
  • Pixel ID
  • Referrer URL
  • Success of marketing campaigns
  • Usage data
  • User behaviour
  • Facebook cookie information
  • Facebook user ID
  • Usage/click behaviour
  • Browser information
Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR
Location of Processing
European Union
Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted the latest after 720 days.
Data Recipients
  • Facebook Inc.
  • Facebook Ireland Limited
Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://www.facebook.com/help/contact/540977946302970
Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

Singapore,United Kingdom,United States of America

Click here to read the privacy policy of the data processor: https://www.facebook.com/privacy/explanation

Opt-out Link: https://www.facebook.com/ads/preferences/

Cookie Policy of Processor: https://www.facebook.com/policies/cookies

Storage Information

Below you can see the longest potential duration for storage on a device, as set when using the cookie method of storage and if there are any other methods used.

  • Maximum age of cookie storage: 1 year
This is an affiliate marketing service.
Processing company

Firstlead GmbH

Rosenfelder Straße 15-16, 10315 Berlin, Germany

Data Purposes

This list represents the purposes of the data collection and processing.

  • Affiliate marketing
Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Affiliate identification number
  • Clicked advertisements
  • Referrer URL
  • Timestamp
  • Visitor's ordinal number
Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR
Location of Processing
European Union
Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.
Data Recipients
  • Firstlead GmbH
Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]

Click here to read the privacy policy of the data processor: https://www.adcell.de/agb#sector_6

Opt-out Link: https://www.adcell.de/datenschutz

This is an advertising and email campaign service.
Processing company

The Rocket Science Group LLC

675 Ponce de Leon Ave NE, Suite 5000 Atlanta, GA 30308, United States of America

Data Purposes

This list represents the purposes of the data collection and processing.

  • Advertisement
  • Email Campaigns
Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Browser ID
  • Browser information
  • Date and time of email access
  • Device operating system
  • E-mail address
  • IP address
  • Metrics related to performance of services
  • Pages visited
  • Unique device identifier
  • Usage data
Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR
Location of Processing
United States of America
Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.
Data Recipients
  • The Rocket Science Group LLC
Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]
Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

United States of America

Click here to read the privacy policy of the data processor: https://mailchimp.com/legal/privacy/

Cookie Policy of Processor: https://mailchimp.com/legal/cookies/

This is a tag management system. With this the user can update measurement codes and related code fragments collectively known as tags on the users website or mobile app.
Processing company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Purposes

This list represents the purposes of the data collection and processing.

  • Tag Management
Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Pixel
Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Aggregated data about tag firing
Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR
Location of Processing
European Union
Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted after 14 days of retrieval.
Data Recipients
  • Alphabet Inc., Google LLC, Google Ireland Limited
Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form
Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

United States of America,Singapore,Taiwan,Chile

Click here to read the privacy policy of the data processor: https://policies.google.com/privacy?hl=en

Opt-out Link: https://safety.google/privacy/privacy-controls/

Cookie Policy of Processor: https://policies.google.com/technologies/cookies?hl=en

This is a web font service.
Processing company

Monotype Imaging Holdings Inc.

600 Unicorn Park Drive, Woburn, Massachusetts 01801, United States of America

Data Purposes

This list represents the purposes of the data collection and processing.

  • Providing web fonts
Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • IP Address
  • Browser information
Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. f GDPR
Location of Processing
European Union
Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.
Data Recipients
  • Monotype Imaging Holdings Inc.
Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]
Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

Worldwide

Click here to read the privacy policy of the data processor: https://www.myfonts.com/legal/website-use-privacy-policy/

This is a service that ensures online trust and safety for online merchants and buyers.
Processing company

Trusted Shops GmbH

Colonius Carré, Subbelrather Straße 15c, 50823 Cologne, Germany

Data Purposes

This list represents the purposes of the data collection and processing.

  • Recommendations
Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Date and time of visit
  • Transferred volume of data
  • Requesting provider
  • IP address
Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. f GDPR
Location of Processing
Germany,Israel,United States of America
Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

Log files are deleted 90 days after creation, at the latest.
Data Recipients
  • Trusted Shops GmbH
Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

[email protected]
Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

Israel,United States of America

Click here to read the privacy policy of the data processor: https://business.trustedshops.de/impressum#datenschutz