We are delighted that you have visited us at en.bett1.de and thank you for your interest. Protection of your privacy when you visit our website is important to us.
The data controller for processing of personal data within the scope described here is bett1.de GmbH (bett1.de), represented by its managing director Adam Szpyt, Tauentzienstr. 11, 10789 Berlin, Germany.
You can contact our data protection officer at [email protected] or at our postal address, marked for the attention of the data protection officer.
Please take a moment to read the following information about how we handle and protect your data when you visit our website.
We comply with the provisions of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), the German Telemedia Act (TMG), the German Social Code X (SGB X) and other regulations of data protection law. We carry out the following data processing procedures:
Collection, Processing and Use of Data by bett1.de
Logfiles – Users can visit our website without providing specific information about their identity. Every time our site is accessed, system-related usage data are logged by our servers. The following information is transmitted by the web browser and stored in so-called server logfiles: the date and time of access, name of the file accessed, data volume transmitted, notification of successful access, web browser, requesting domain and IP address of the requesting computer. We use these data to ensure fault-free technical operation of our website, in particular to detect faults in the system, and they are erased at the latest 60 days after collection. The legal basis for this storage is Art. 6 (1) (f) GDPR.
Registration – For users who create a user account on our website, we collect, process and use the following personal data: first name, surname, e-mail address and password. We use these data to create your user account, which we provide for your use and through which we contact you about matters relating to your user account. Your contact details (address, fax number, telephone number and your billing and delivery address(es)), your previous orders and information about your newsletter subscription are also stored in your user account when you place an order. The legal basis for this storage process is, on the one hand, Art. 6 (1) (b) GDPR; on the other hand, it is Art. 6 (1) (f) GDPR, as we have a legitimate interest in being able to provide more specific assistance or an easier process for subsequent orders by collecting the data. We erase the registration data if no purchase is made, at the latest after six months from deregistration. If you make a purchase, the following regulations apply in relation to that purchase.
Purchase – For users who order one of the products offered on our website in return for payment, a mattress for example, we collect, process and use the following personal data: e-mail address, first name, surname, street and house number, any additional address details, town or city, post code, country and telephone number. Depending on the payment method you choose, we also process payment details, such as account number and sort code. We use these data to process the purchase you make, in particular to send you the product you have ordered. We pass on your personal order data to third parties (in particular, suppliers and financial service providers) for the purposes of processing the contract as far as is necessary. The legal basis for this data processing is Art. 6 (1) (b) GDPR and, as we also have retention obligations under tax law, Art. 6 (1) (c) GDPR. The data are erased when we no longer require them for contractual reasons or under tax law, at the earliest therefore 10 years after delivery of the mattresses.
Newsletter – Users have the option to register voluntarily to receive a newsletter (available in German language only) by e-mail. In this case, we process the following personal data so that we can inform you by e-mail newsletter of forthcoming offers and special deals in our web shop: surname, first name and associated e-mail address. The legal basis for this data processing is Art. 6 (1) (a) GDPR. The data is erased four years after cancellation of the newsletter.
Users can cancel their subscription to the newsletter at any time with effect from that point forward by sending a cancellation e-mail to [email protected], simply clicking on the link at the end of the newsletter or cancelling the newsletter in the customer area. The legal basis for use is Art. 6 (1) (a) GDPR. Following cancellation, we will no longer use the data to send the newsletter but only for evidential purposes and for legal defence against action relating to distribution of newsletters (Art. 6 (2) (f) GDPR).
We use the technical service provider MailChimp to distribute our customer newsletter. MailChimp is a service provided by The Rocket Science Group, LLC, 512 Means St. Suite 404, Atlanta, GA 30318, USA (MailChimp). If you subscribe to our newsletter, the data that you provide are transmitted to MailChimp and stored there. MailChimp offers extensive analytical options in relation to use of the newsletters. These analyses are group-based and are not used by us for individual analysis. MailChimp also uses the analytical tool Google Analytics and integrates it in part into the newsletters. MailChimp guarantees the processing of personal data according to European law in the following contractual clause: https://mailchimp.com/help/about-mailchimp-and-the-gdpr/. Further information about MailChimp and data protection at MailChimp is available here: mailchimp.com/legal/privacy/.
Reviews – The satisfaction of our customers with our products and service is extremely important to us. In order to survey your satisfaction, we may contact you with your unique order number from your order, your name and your e-mail address which you provided in the order process. The legal basis for this is Art. 6 (1) (f) GDPR. For distribution of e-mails, we use the services of the technical service providers Trustpilot A/S, Pilestraede 58, 5th floor, DK-1112 Copenhagen, Denmark, Trusted Shops GmbH, Colonius Carré, Subbelrather Straße 15c, 50823 Cologne, Germany and MailChimp, The Rocket Science Group, LLC, 512 Means St. Suite 404, Atlanta, GA 30318, USA.
E-mail Communication – For the dispatch of order confirmations, invoices, instructions for use and dispatch confirmations we use the e-mail system MailChimp via Mandrill, The Rocket Science Group, LLC, 512 Means St. Suite 404, Atlanta, GA 30318, USA. MailChimp guarantees the processing of personal data according to European law in the following contractual clause: https://mailchimp.com/help/about-mailchimp-and-the-gdpr/. Further information about MailChimp and data protection at MailChimp can be found here: mailchimp.com/legal/privacy/. The process of sending these documents is processed on the basis of Art. 6 (1) (b) GDPR. Furthermore, we process for the dispatch of the instructions for use according to Art. 6 (1) (f) GDPR, in order to provide our customers with a simple, environmentally friendly and universal access to the instructions for use for your product.
To best serve our customers' concerns, our customer service department uses the Zendesk ticketing system from Zendesk, Inc. 989 Market Street #300, San Francisco, CA 94102, USA. We have agreed with Zendesk, Inc. to comply with the EU Standard Privacy Clauses (SCC). Zendesk guarantees the processing of personal data in accordance with European law (BCR Processor Policy) in the following contractual clause: https://d1eipm3vz40hy0.cloudfront.net/pdf/ZENDESK%20-%20BCR%20Processor%20Policy.pdf. We process your personal data exclusively for the purpose of the issue you have specified. Your data, as well as the message history, will be stored for later inquiries. For further information on data processing by Zendesk, please visit www.zendesk.com/company/privacy.
Contact Form – In order to make it easier for our customers to contact us, we offer a contact form on our website. Your request, name, e-mail address and telephone number can be transferred to the ticketing system for processing. Your express consent is required for this (Art. 6 (1) (a) GDPR).
Requests by E-mail – Customers can contact our customer service department ([email protected]) with any questions they may have. In this case, we process the personal data that you have voluntarily provided us with only for the purpose of answering your request in the best possible way and to be able to contact you (Art. 6 (1) (b) GDPR, Art. 6 (1) (f) GDPR).
Shopware und Google Cloud – bett1.de uses the Shopware system to provide the store. Our store is hosted in the Google Cloud Platform on systems of Google Ireland Limited Gordon House, Barrow Street Dublin 4 Ireland. Your personal data is generally processed in the EU, but Google Ireland Ltd. may also use subcontractors that are either located in countries outside the EU or process data there. In these cases, Google has concluded standard contractual clauses of the European Commission with the subcontractors, which, as appropriate guarantees, establish an adequate level of data protection during processing. You can access a copy of the clauses at https://cloud.google.com/terms/sccs .
Cloudflare – bett1.de uses the services of CloudFlare of the enterprise CloudFlare, Inc., 665 3rd pc. #200, San Francisco, CA 94107, USA, to guarantee a high accessibility of the website. Cloudflare, Inc. guarantees the processing of personal data according to European law in the following contractual clause: www.cloudflare.com/enterpriseterms/. Through CloudFlare, we are able to distribute the server load and detect and fend off attacks on our services. The network communication between you and en.bett1.de is also technically routed and analyzed over the network of CloudFlare. To optimize the load distribution CloudFlare may save cookies on your device. This process serves to ensure the smoothest possible operation of our website and the personal data required for this, such as IP address or cookie ID, are processed exclusively for this purpose (Art. 6 (1) (f) GDPR). Cloudflare also collects statistical data about the visit of this website. The access data includes: Name of the accessed website, file, date and time of access, transferred data volume, notification of successful access, browser and operating system used, URL of the previously visited website, IP address and associated service provider. Cloudflare uses the log data for statistical analysis for the purpose of operation, security and optimization of the offer. More information about security and privacy at CloudFlare can be found at www.cloudflare.com/security-policy.
Payment Service Provider for Purchase on Account and Hire Purchase
We offer various types of payment to our customers. For the “payment on account” and “hire purchase” payment types, we use the payment service provider Klarna AB (hereinafter referred to as Klarna), Sveavägen 46, 111 34 Stockholm, Sweden.
You may withdraw your consent to Klarna to use these personal data at any time. You will find Klarna’s contact details in its legal notice at: www.klarna.com/de/impressum.
If you choose Klarna as payment service provider during the order process, Klarna will set cookies necessary for the process. Information about these cookies can be found at www.klarna.com/de/cookies.
We work continuously to make the most of all of the technical and organisational options available to protect the personal data of our customers from access by unauthorised third parties. Communication by e-mail, however, brings with it risks that cannot be excluded entirely. We recommend that you communicate confidential information to us by post.
In order to make visiting our website as attractive as possible and to enable the use of certain functions, we use so-called cookies on our website and various sub-pages. Cookies are small text files that are stored locally on the computer of the site visitor and thus enable recognition when visiting our website again. Cookies are used to make the website more user-friendly and effective overall.
On behalf of the operator of this website, this information is used to evaluate your use of the website, to compile reports on the website activities and to provide further services to the website operator in connection with the use of the website and the Internet. The pseudonymized user profiles are not merged with personal data about the bearer of the pseudonym without the express consent of the person concerned, which must be given separately.
This website uses the following cookie providers, the scope and functionality of which are explained below. Detailed information about all cookies can be found in the table below.
The process via Shopware serves the smoothest possible operation of our website. Data such as IP address and cookie ID are stored and processed exclusively for this purpose. The data is stored for up to 30 days.
The process via Cloudflare serves the smoothest possible operation of our web offer. The cookie used is used to identify individual users behind a shared IP address and to apply security settings for each individual user. This cookie does not store any personal data, but only evaluates and processes it for this purpose. All data is stored for up to 30 days.
Principles – The en.bett1.de website uses Google Analytics, a web analysis service provided by Google Inc. ("Google"). Google Analytics creates usage profiles that serve to analyze visitor behavior. These are evaluated and used for all pages in order to improve and tailor our offer to suit your needs. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, in the event that IP anonymization is activated on this website, your IP address will be shortened by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before this happens. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. The data is stored for up to three months. However, this requires your prior consent in accordance with Art 6, Paragraph 1 lit. a DS-GVO.
You can prevent storage of cookies by means of a corresponding setting in your browser software; please note, however, that in this case you may not be able to use all functions of this website to their full extent. In addition, you can prevent recording of the data generated by the cookie relating to your use of the website (including your IP address) by Google and processing of that data by Google (including your IP address) by downloading and installing the browser plugin available at tools.google.com/dlpage/gaoptout?hl=en.
Opt-out function – Users have the option to prevent recording of data by Google Analytics by clicking on Deactivate Google Analytics. An opt-out cookie is set that prevents future recording of your data when visiting this website.
We wish to point out that Google Analytics has been extended on the website of en.bett1.de to include the code “anonymizeIp”, which ensures anonymised recording of IP addresses (so-called IP masking).
We also use Google Analytics to evaluate data from AdWords and the double-click cookie for statistical purposes. If you do not want this to happen, you can deactivate it via the ad preferences manager (www.google.com/settings/ads/onweb/?hl=en).
At en.bett1.de we use the "Website Custom Audiences" service of the social network Facebook. This service is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, and enables us to serve ads to a defined target audience on Facebook. Via Facebook we are able to display advertisements to a defined target group. The data collected in this way is anonymous, which is why we cannot view the personal data of individual users. However, this data is stored and processed by Facebook, which we will inform you about according to our state of knowledge. Facebook can link this data with your Facebook account and also use it for its own advertising purposes, in accordance with the Facebook Data Usage Guidelines https://www.facebook.com/about/privacy/. The data obtained in this process is stored for up to three months. However, this first requires your prior consent in accordance with Art 6, Paragraph 1 lit. a DS-GVO.
Principles – On the website we use Bing Ads, a technology of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Microsoft will place a cookie on your device if you have come to our site through a Microsoft Bing ad. Bing Ads can be used to determine whether a website visitor has been redirected to bett1.de via an ad. This allows us to analyze visitor behavior. No personal data is transmitted. It is only reported how many people have clicked on a particular advertisement to come to our website. Bing stores the collected data for up to one year. You can opt-out of this by disabling cookies in your browser.
Opt-out function – Weiterhin können Sie der Analyse über den Link choice.microsoft.com/de-DE/opt-out direkt bei Microsoft widersprechen. Weitere Informationen zum Datenschutz und zu den eingesetzten Cookies bei Microsoft und Bing Ads finden Sie auf der Website von Microsoft privacy.microsoft.com/de-de/privacystatement.
Microsoft Clarity, as a data controller, is secure and DSGVO compliant for visitors to this website. If you would like to read more about Microsoft Clarity or how Microsoft might use your data, please click here: privacy.microsoft.com/en-gb/privacystatement.
Opt-out function – You can object to anonymous analysis of your surfing behaviour on our website by ticking the box to opt out of the technical service of Criteo GmbH at: www.criteo.com/privacy/.
On our website we use Shopping24 for performance tracking and our product placement. The operator is shopping24 Gesellschaft für multimediale Anwendungen mbH, Poßmoorweg 2, 22301 Hamburg. Shopping24 collects a hash ID generated by shopping24 as well as order data by using so-called tracking cookies. Using these cookies, shopping24 can track the performance of a campaign for our website. Shopping24 does not pass on personal data of the user to third parties without explicit consent.
As soon as the data is no longer needed for logging purposes, it is deleted. You can permanently prevent cookies from being set by making the appropriate settings in your browser. In this case, Shopping24 cannot set a cookie. In addition, cookies already used by Shopping24 can be deleted at any time via the browser. For more information about Shopping24's privacy practices, please click here:: https://www.shopping24.de/datenschutz
Our website uses the technology of Outbrain Inc, 222 Broadway 19th Floor, New York, NY 10038,222 Broadway 19th Floor, New York, NY 10038, USA (hereinafter "Outbrain"). However, this first requires your prior consent pursuant to Art 6, paragraph 1 lit. a DS-GVO. This technology enables us to place content on third-party websites that is of interest to our users via our website as a type of recommendation and to draw our users' attention to it. These recommendations are determined on the basis of the content previously read by the user. This technology is based on cookies that evaluate the user's behavior. These advertisements, tailored to our website users, appear only on Outbrain Engage or Outbrain Extended Network advertising spaces. Outbrain provides the ability to opt out of the interest-based advertising feature here: www.outbrain.com/de/legal/privacy. When, as may occur, data is transferred to Outbrain's servers in the United States, Outbrain uses standard contractual clauses recognized by the European Commission . For more information, please visit www.outbrain.com/de/legal/privacy#privacy-policy.
We use the functions of Google AdWords on the website. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. Google Remarketing analyzes your user behavior on our website, which includes, for example, clicking on certain products, in order to classify you in certain advertising target groups and subsequently play you suitable advertising messages when you visit other online offers. In addition, the advertising target groups created with Google Remarketing can be linked with Google's cross-device functions. In this way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one end device, which may be a smartphone, for example, can also be displayed on another of your end devices (e.g. tablet or PC). The storage period of the cookies set is up to 540 days.
Users have the option of preventing collection by Google Remarketing by deactivating the switch at https://adssettings.google.com/authenticated. In addition, there is an opt-out option on the cross-provider deactivation page optout.networkadvertising.org/?c=1.
On bett1.de, we use the "Advanced Matching" service of the social network TikTok. This service is operated by TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland; "TikTok") and enables us to play advertisements on TikTok to a defined target group. The data collected in this way is anonymized, which is why we cannot see the personal data of individual users. However, this data is stored and processed by TikTok, about which we inform you according to our level of knowledge. TikTok may link this data to your TikTok account and also use it for its own promotional purposes, in accordance with Tiktok's data usage policy https://www.tiktok.com/legal/privacy-policy-eea?lang=de. The legal basis for the processing of your data is your consent according to Art. 6, para. 1 lit. a DS-GVO.
We would like to point out that TikTok is solely responsible for processing your personal data under data protection law. There is a possibility that your data will also be transferred to the USA by TikTok for processing purposes. The European Court of Justice has determined with respect to the USA ("third country") that this is a country with an insufficient level of data protection. Furthermore, this means that your data may be processed by US authorities for control and monitoring purposes. The legal basis for this data processing is also here your consent according to Art. 6 para. 1 lit. a DS-GVO.
This website uses Hotjar, a web analytics service provided by Hotjar Ltd, Level 2, St Julians Business Centre, 3 Elia Zammit Street, St Julians STJ 1000, Malta ("Hotjar"). We use Hotjar to evaluate the use of the Site and to compile reports on Site activity. In particular, the IP address is stored in anonymized form, web pages viewed and movement patterns on these pages, or the number and position of clicks on links. Cookies are used to collect information about the behaviour of website visitors and their end devices, in particular the IP address of the device. This information is only collected and stored in anonymous form. In addition, information on screen size, device type, information on the browser used and the location of the website visitor is also collected. All data is stored for up to one year. However, this initially requires your prior consent in accordance with Art 6, Paragraph 1 lit. a DS-GVO.
If you do not want information about your behaviour to be used by Hotjar as described above, you can deactivate automatic acceptance of cookies in general in your browser settings.
We also use the option provided by Hotjar of receiving anonymous user feedback in the form of so-called “Feedback Polls”. Website visitors can give us feedback about our website by means of this function without providing personal data. Sometimes you may have the option to send us a feedback message on a voluntary basis as a user. If personal data are included in this message (e.g. your name), we then process these data solely for the purpose of evaluating the feedback and, if appropriate, contacting you about your feedback.
4.Please also note that to facilitate obtaining a valid legal basis for processing personal data for the purpose of ad personalization, your company may be integrated into the IAB Transparency & Consent Framework through a registered Consent Management Platform (CMP).
Our website uses tracking technology from solute GmbH, Zeppelinstr. 15 in 76185 Karlsruhe, Germany, on the entry page and order confirmation page to track orders and for billing purposes for customers who have been redirected to our website via the billiger.de site and other partners of solute GmbH.
For this purpose, a check is made on the entry page as to whether a parameter "soluteclid" is present in the URL. If the URL contains the parameter "soluteclid", this is stored together with the URL of the entry page in the local storage of the browser of your end device. In addition, the URL of the entry page is transmitted to the servers of solute GmbH with an HTTP request. The browser's local storage is searched for the "soluteclid" on the order confirmation page. If a "soluteclid" exists, it is sent to the servers of solute GmbH by means of an HTTP request together with the URL of the initial page, a unique ID of the order process and the total shopping basket value. The "soluteclid" is deleted from the local storage of the browser of your end device after the order process has been completed or after the end of the local storage period of your browser. The duration of the storage of objects in the local storage of a browser can vary depending on the browser and the guidelines of the manufacturer. The "soluteclid" is read and processed for a maximum of 30 days after collection.
The storage and analysis of the data is based on Art. 6 para. 1 lit. b DSGVO. Pursuant to Art. 6 para. 1 lit. f DSGVO, the shop operator has a legitimate interest in analysing information about orders placed in order to optimise the range of goods on offer on the basis of the data and to bill the services used for this purpose.
Den Verantwortlichen (Unternehmer) trifft nach Art. 13 DSGVO die Pflicht, jeden Betroffenen zum Zeitpunkt der Erhebung seiner personenbezogenen Daten zu informieren. Um Ihnen diesen Vorgang zu erleichtern, stellen wir Ihnen zu diesem Zweck gerne unseren Datenschutzhinweis bezüglich des Conversion Trackings zur Verfügung. Datenschutzhinweis: Unsere Website nutzt auf der Einstiegsseite und Bestellbestätigungsseite eine Tracking-Technologie der solute GmbH, Zeppelinstr. 15 in 76185 Karlsruhe zur Nachverfolgung von Bestellungen und zu Abrechnungszwecken für Kunden, die über die Seite billiger.de und weitere Partner der solute GmbH auf uns aufmerksam werden.
We use the services of Exactag (Exactag GmbH, Wanheimer Straße 68, D-40468 Düsseldorf, Germany) on our website. Exactag GmbH („Exactag“) collects, processes and stores data for reach measurement, statistical analysis and commercial optimisation on this website and any subsites thereto.
The data is collected via two fundamentally different ways, each having its own specific legal basis:
- In the event the user has given consent according to Art. 6(1)(1) lit. a of the GDPR, Sect. 25(1)(1) TTDSG, the data will be collected in a user specific way.
- In the event the user has not given consent, the data is collected in an anonymous way, i.e. without collecting any direct or indirect personally identifiable information, and on a group level, i.e. the collected data is randomly assigned to groups of users. An identification of a specific user is therefore impossible. Such anonymous collection is absolutely necessary in accordance with Sect. 25(2) No. 2 TTDSG to conduct commercial cost optimisations and to provide the requested service.
Right to objectTo ensure the exclusion from the user-level data collection, a cookie can be set in your browser as an alternative to refused consent. This cookie is named „optout" and will be set by „exactag.com". The cookie may not be deleted, as long as you want to object to the user level data collection. To object the user level data collection, please click this link.
According to Art. 13 DSGVO, the responsible party (entrepreneur) is obliged to inform each data subject at the time of collection of their personal data. To make this process easier for you, we are happy to provide you with our data protection notice regarding conversion tracking for this purpose. Data protection notice: our website uses tracking technology from solute GmbH, Zeppelinstr. 15 in 76185 Karlsruhe, Germany, on the entry page and order confirmation page to track orders and for billing purposes for customers who become aware of us via the billiger.de page and other partners of solute GmbH.
Our ultimate goal is to make our website as secure and secure as possible for you and for us. To ensure this, we use Google reCAPTCHA from Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. With reCAPTCHA we can determine whether you are really a flesh and blood human being and not a robot or other spam software. By spam we mean any unsolicited information sent to us by electronic means. With the classic CAPTCHAS, you usually had to solve text or image puzzles in order to check. With reCAPTCHA from Google we usually do not have to bother you with such puzzles. In most cases it is sufficient to simply check the box and confirm that you are not a bot. With the new Invisible reCAPTCHA version, you don't even have to check the box. How this works exactly and above all which data is used for this purpose, you will learn in the course of this data protection declaration.
What is reCAPTCHA?
Why do we use reCAPTCHA on our website?
We only want to welcome people of flesh and blood on our site. Bots or spam software of various kinds can safely stay at home. That is why we do everything possible to protect ourselves and offer the best possible user-friendliness for you. For this reason we use Google reCAPTCHA from the company Google. So we can be pretty sure that we remain a "bot-free" website. Through the use of reCAPTCHA, data is transmitted to Google to determine whether you are really a human being. reCAPTCHA thus serves the security of our website and consequently your security. For example, without reCAPTCHA it could happen that a bot registers as many e-mail addresses as possible during registration in order to "spam" forums or blogs with unwanted advertising content. With reCAPTCHA we can avoid such bot attacks.
Which data is stored by reCAPTCHA?
reCAPTCHA collects personal data from users to determine whether the actions on our website are really from people. This means that the IP address and other data that Google requires for the reCAPTCHA service can be sent to Google. IP addresses are almost always shortened within the member states of the EU or other states that are party to the Agreement on the European Economic Area before the data lands on a server in the USA. The IP address is not combined with any other data held by Google unless you are logged into your Google Account while using reCAPTCHA. First, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube, Gmail, etc.) are already placed on your browser. Then reCAPTCHA sets an additional cookie in your browser and takes a snapshot of your browser window. The following list of collected browser and user data does not claim to be complete. Rather, they are examples of data which, to our knowledge, are processed by Google.
– Referrer URL (the address of the page the visitor comes from) – IP address (for example, 2184.108.40.206)
– Information about the operating system (the software that enables your computer to operate. Known operating systems are Windows, Mac OS X or Linux) – Cookies (small text files that store data in your browser)
– Mouse and keyboard behaviour (every action you perform with the mouse or keyboard is saved)
– Date and language settings (which language or date you have preset on your PC is saved)
– Screen resolution (shows how many pixels the image consists of)
It is indisputable that Google uses and analyses this data even before you click on the checkbox "I am not a robot". With the Invisible reCAPTCHA version, even the ticking is omitted and the whole recognition process runs in the background. How much and what kind of data Google exactly stores, you will not find out from Google in detail.
The following cookies are used by reCAPTCHA: Here we refer to the reCAPTCHA demo version of Google at www.google.com/recaptcha/api2/demo. All these cookies require a unique identifier for tracking purposes. Here is a list of cookies that Google reCAPTCHA has set on the demo version
Purpose: This cookie is set by DoubleClick (also owns Google) to register and report the actions of a user on the website in dealing with advertisements. This enables the effectiveness of the advertising to be measured and appropriate optimisation measures to be taken. IDE is stored in browsers under the domain doubleclick.net.
Expiry date: after one year
Purpose: This cookie collects statistics on website usage and measures conversions. A conversion occurs, for example, when a user becomes a buyer. The cookie is also used to show users relevant advertisements. Furthermore, the cookie can be used to prevent a user from seeing the same advertisement more than once.
Expiry date: after one month
Expiry date: after 9 months
Purpose: The cookie stores the status of a user's consent to use various Google services. CONSENT is also used for security purposes to verify users, prevent fraudulent use of login information and protect user data from unauthorised attacks.
Ablaufdatum: after 19 years
Purpose: NID is used by Google to match ads to your Google search. Google uses the cookie to "remember" your most commonly entered search queries or your previous interaction with ads. So you always get tailor-made ads. The cookie contains a unique ID in order to collect the user's personal preferences for advertising purposes.
Expiry date: after 6 months
Purpose: As soon as you have ticked the "I am not a robot" box, this cookie is set. The cookie is used by Google Analytics for personalised advertising. DV collects information in anonymous form and is also used to make user distinctions.
Expiry date: after 10 minutes
Note: This list cannot claim to be exhaustive, as experience has shown that Google always changes its choice of cookies.
How long and where is the data stored?
By inserting reCAPTCHA, data is transferred from you to the Google server. Where exactly this data is stored is not clearly shown by Google, even after repeated requests. Without having received confirmation from Google, it can be assumed that data such as mouse interaction, time spent on the website or language settings are stored on the European or American Google servers. The IP address that your browser transmits to Google is generally not merged with other Google data from other Google services. However, if you are logged into your Google account while using the reCAPTCHA plug-in, the data will be merged. The different data protection regulations of Google apply to this.
How can I delete my data or prevent data storage?
If you do not want any data about you or your behaviour to be transmitted to Google, you must log out completely from Google and delete all Google cookies before you visit our website or use the reCAPTCHA software. In principle, the data is automatically transmitted to Google as soon as you visit our website. In order to delete this data again, you must contact Google support at support.google.com/?hl=de&tid=331599549805.
Therefore, when you use our website, you agree that Google LLC and its representatives automatically collect, process and use data.
Source: Created with the data protection generator of AdSimple in cooperation with bauenwir.de
Processing Outside the European Economic Area
Your Rights As a Data Subject and Withdrawal of Your Consent
The General Data Protection Regulation guarantees you certain rights that you can assert in respect of us. You have the right:
– to demand confirmation from us about whether we are processing personal data about you and if so, the precise details of that data processing (Art. 15 GDPR: Right of access by the data subject),
– to demand that we immediately rectify incorrect personal data about you. In accordance with the purpose of the processing, you also have the right to demand completion of incomplete personal data – including by means of an additional declaration (Art. 16 GDPR: Right to rectification),
– to demand that we immediately erase personal data about you (Art. 17 GDPR: Right to erasure),
– to demand that we restrict processing (Art. 18 GDPR: Right to restriction of data processing),
– in the case of processing on the basis of consent or to fulfil a contract, to receive the personal data about you that you have provided to us in a structured, commonly used, machine-readable format and to transmit those data to another controller without hindrance from us or to transfer the data directly to the other controller insofar as this is technically feasible (Art. 20 GDPR: Right to data portability),
– to object, on grounds relating to your particular situation and at any time to processing of personal data concerning you that is necessary for the performance of a task carried out for reasons of public interest or to exercise public authority (Art. 21 GDPR: Right to object),
– to lodge a complaint with a supervisory authority at any time, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes applicable law (Art. 77 GDPR in conjunction with § 19 BDSG: Right to lodge a complaint with a supervisory authority).
Finally, if you have given us your consent, you have the right to withdraw that consent at any time. All data processing that we have carried out up to the time of your withdrawal remains lawful in this case. You can simply click on the link included in all e-mails for this purpose and deregister from the e-mail service, or send a message to [email protected]. If you notify us in this message that you do not wish to receive e-mails in future, we will not send any more e-mails to the e-mail address provided by you. E-mails that we send to you to fulfil any contract concluded with you are not affected by this.
As of: 01 December 2023