Privacy Info

§ 1 General information

Your personal data (e.g. title, name, address, e-mail address, telephone number, bank details, credit card number) will only be processed by us in accordance with the provisions of German data protection law and the data protection law of the European Union (EU). In addition to the processing purposes, recipients, legal bases and storage periods, the following provisions also inform you about your rights and the controller responsible for your data processing. This privacy policy only applies to our websites. If you are redirected to other sites via links on our pages, please inform yourself there about the respective handling of your data.

§ 2 Data processing for contract fulfillment

(1) Purpose of processing

The personal data you provide to us during the ordering process is required for the conclusion of a contract with us. You are not obliged to provide your personal data. However, we cannot send you the goods without your address. For some payment methods, we require the necessary payment data in order to pass it on to a payment service provider commissioned by us. The processing of your data entered in the ordering process is therefore carried out for the purpose of fulfilling the contract.

If you send us an inquiry by email, via a contact form, etc. before concluding a contract, we process the data received in this way to carry out pre-contractual measures and answer your questions about our products, for example.

If you open a customer account, your data (in particular name, address, payment method, e-mail and password) will be processed for registration and creation of a customer login. With the stored data, you can shop with us more quickly and view your orders at any time. You can remove the account again by sending us a message or using the delete function.

(2) Legal basis

The legal basis for this processing is Art. 6 para. 1 b) GDPR.

(3) Categories of recipients

Payment service provider, shipping service provider, hosting provider, merchandise management system if applicable, suppliers if applicable (dropshipping).

(4) Storage period

We store the data required for contract processing until the expiry of the statutory warranty and, if applicable, contractual guarantee periods.

We store the data required under commercial and tax law for the periods specified by law, regularly ten years (cf. § 257 HGB, § 147 AO).

The data processed to carry out pre-contractual measures will be deleted as soon as the measures have been carried out and it is clear that no contract has been concluded.

§ 3 Further information

Table of contents:
Definitions
Name and address of the controller
Name and address of the data protection officer
cookies
Collection of general data and information
Registration on our website
Contact option via the website
Routine deletion and blocking of personal data
Rights of the data subject
Data protection for applications and in the application process
Legal basis for processing
Legitimate interests in the processing pursued by the controller or a third party
Duration for which the personal data is stored
Legal or contractual provisions for the provision of personal data
Will my data be used for advertising purposes?
Transmission of personal data
Terms and conditions of payment service providers
Google Analytics
Matomo
Recaptcha

We are very delighted that you have shown interest in our enterprise. Data protection is of a particularly high priority for the management of the Geiger GmbH. It is generally possible to use the Geiger GmbH website without providing any personal data. However, if a data subject wishes to make use of special services of our company via our website, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.

The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to the Geiger GmbH. By means of this data protection declaration, our company would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed of their rights by means of this privacy policy.

As the controller, the Geiger GmbH has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, Internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.

1. Definitions of terms

The data protection declaration of the Geiger GmbH is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terminology used in advance.

We use the following terms, among others, in this privacy policy

a) Personal data
Personal data is any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b) Data subject
Data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.

c) Processing
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of restricting its future processing.

e) Profiling
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

f) Pseudonymization
Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

g) Controller or controller responsible for the processing
Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

h) Processor

Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

i) Recipient

Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

j) third party
A third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

k) Consent
Consent is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. Name and address of the controller

The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is

Geiger GmbH
Messingweg 1
48308 Senden
Senden, Germany
Phone: 0 25 97 / 96 12 0
E-mail: full-service@wer-gmbh.de
Website: www.geigerpromo.de

3. Name and address of the data protection officer

The data protection officer of the controller is

Christopher v. d. Osten
Geiger GmbH
Messingweg 1
48308 Senden
Germany
Phone: 0 25 97 / 93 996 90
E-Mail: cvdo@wer-gmbh.de
Website: www.geigerpromo.de

Any data subject can contact our data protection officer directly at any time with any questions or suggestions regarding data protection.

4. Cookies

The Internet pages of the Geiger GmbH use cookies. Cookies are text files that are placed and stored on a computer system via an Internet browser.

Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier for the cookie. It consists of a string of characters through which websites and servers can be assigned to the specific internet browser in which the cookie was stored. This enables the websites and servers visited to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified via the unique cookie ID.

Through the use of cookies, the Geiger GmbH can provide the users of this website with more user-friendly services that would not be possible without the cookie setting.

By means of a cookie, the information and offers on our website can be optimized for the benefit of the user. As already mentioned, cookies enable us to recognize the users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, the user of a website that uses cookies does not have to re-enter their access data each time they visit the website because this is taken over by the website and the cookie stored on the user's computer system. Another example is the cookie for a shopping basket in an online store. The online store remembers the items that a customer has placed in the virtual shopping cart via a cookie.

The data subject can prevent the setting of cookies by our website at any time by means of a corresponding setting of the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable.

5. Collection of general data and information

The website of the Geiger GmbH collects a series of general data and information when a data subject or automated system calls up the website. This general data and information is stored in the server log files. The (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our website (so-called referrer), (4) the sub-websites which are accessed via an accessing system on our website can be recorded, (5) the date and time of access to the website, (6) an internet protocol address (IP address), (7) the internet service provider of the accessing system and (8) other similar data and information used for security purposes in the event of attacks on our information technology systems.

When using these general data and information, the Geiger GmbH does not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website as well as its advertisement, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, the Geiger GmbH analyzes anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

As a responsible company, we do not use automatic decision-making or profiling.

6. Registration on our website

The data subject has the option of registering on the controller's website by providing personal data. Which personal data is transmitted to the controller is determined by the respective input mask used for registration. The personal data entered by the data subject is collected and stored exclusively for internal use by the controller and for the controller's own purposes. The controller may arrange for the data to be passed on to one or more processors, such as a parcel service provider, who will also use the personal data exclusively for internal use attributable to the controller.

By registering on the controller's website, the IP address assigned by the data subject's Internet service provider (ISP), the date and time of registration are also stored. This data is stored against the background that this is the only way to prevent the misuse of our services and, if necessary, to make it possible to investigate criminal offenses committed. In this respect, the storage of this data is necessary to safeguard the controller. This data is not passed on to third parties unless there is a legal obligation to pass it on or the passing on serves the purpose of criminal prosecution.

The registration of the data subject with the voluntary provision of personal data serves the controller to offer the data subject content or services which, due to the nature of the matter, can only be offered to registered users. Registered persons are free to change the personal data provided during registration at any time or to have it completely deleted from the controller's database.

The controller shall provide any data subject at any time upon request with information about which personal data relating to the data subject is stored. Furthermore, the controller shall rectify or erase personal data at the request or indication of the data subject, insofar as this does not conflict with any statutory retention obligations. All of the controller's employees are available to the data subject as contact persons in this context.

7. Contact Option via the Website

The website of Geiger GmbH contains information, based on legal regulations, that enables quick electronic contact with our company as well as direct communication with us, which also includes a general address of electronic mail (email address). If a recipient contacts the data controller by email or via a contact form, the personal data transmitted by the recipient are automatically stored. Such personal data transmitted by the recipient to the data controller on a voluntary basis are stored for the purpose of processing or contacting the recipient. These personal data are not disclosed to third parties.

8. Routine Deletion and Blocking of Personal Data

The data controller processes and stores personal data of the concerned person only for the period required to achieve the purpose of storage or as long as stipulated by the European Directive and Regulation legislator or another legislator in laws or regulations to which the data controller is subject.

If the purpose of storage no longer applies or if a storage period prescribed by the European Directive and Regulation legislator or another competent legislator expires, the personal data are routinely blocked or deleted in accordance with legal provisions.

9. Rights of the Concerned Person

a) Right to Confirmation
Every concerned person has the right granted by the European Directive and Regulation legislator to obtain confirmation from the data controller as to whether personal data relating to them is being processed. If a concerned person wishes to exercise this right of confirmation, they can contact a staff member of the data controller at any time.

b) Right to Information
Any person affected by the processing of personal data has the right, granted by the European Directive and Regulation legislator, to receive free information at any time from the data controller about the personal data stored about them and to obtain a copy of this information. Furthermore, the European Directive and Regulation legislator has provided the concerned person with information on the following:

The purposes of processing
The categories of personal data being processed
The recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations
If possible, the planned duration for which the personal data will be stored, or, if this is not possible, the criteria used to determine this duration
The existence of a right to rectify or delete personal data concerning them, or to restrict processing by the controller, or to object to such processing
The existence of a right to lodge a complaint with a supervisory authority
If the personal data are not collected from the data subject: Any available information on their source
The existence of automated decision-making, including profiling, as referred to in Article 22(1) and (4) GDPR, and, at least in these cases, meaningful information about the logic involved as well as the significance and the envisaged consequences of such processing for the data subject

Furthermore, the data subject has the right to be informed whether personal data are transferred to a third country or an international organization. If this is the case, the data subject has the right to obtain information about the appropriate safeguards relating to the transfer.

If a data subject wishes to exercise this right of access, they may contact a staff member of the data controller at any time.

c) Right to RectificationAny person affected by the processing of personal data has the right, granted by the European Directive and Regulation legislator, to demand the immediate correction of inaccurate personal data concerning them. Additionally, the concerned person has the right, considering the purposes of the processing, to request the completion of incomplete personal data—including by means of a supplementary declaration.

If a concerned person wishes to exercise this right to rectification, they can contact a staff member of the data controller at any time.

d) Right to Erasure (Right to Be Forgotten)
Any person affected by the processing of personal data has the right, granted by the European Directive and Regulation legislator, to demand that the controller delete the personal data concerning them without delay, provided one of the following reasons applies and as long as processing is not required:

The personal data were collected or otherwise processed for purposes for which they are no longer needed.The data subject revokes their consent, on which the processing according to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR was based, and there is no other legal basis for the processing.
The data subject objects to the processing according to Art. 21(1) GDPR, and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing according to Art. 21(2) GDPR.
The personal data were unlawfully processed.
The deletion of the personal data is required to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
The personal data were collected in relation to the offered services of the information society according to Art. 8(1) GDPR.

If one of the above reasons applies and a data subject wishes to arrange for the deletion of personal data stored by Geiger GmbH, they may contact a staff member of the data controller at any time. The staff member of Geiger GmbH will ensure that the deletion request is promptly complied with.

If the personal data were made public by Geiger GmbH and our company is obligated as the controller according to Art. 17(1) GDPR to delete the personal data, Geiger GmbH will take reasonable measures, including technical ones, taking into account the available technology and the implementation costs, to inform other controllers responsible for processing the disclosed personal data that the data subject has requested the deletion of all links to these personal data or of copies or replications of these personal data, as far as the processing is not required. The staff member of Geiger GmbH will arrange what is necessary on a case-by-case basis.

e) Right to Restriction of Processing

Any person affected by the processing of personal data has the right, granted by the European Directive and Regulation legislator, to request the restriction of processing from the controller if one of the following conditions applies:

The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
The processing is unlawful, and the data subject opposes the erasure of the personal data and requests instead the restriction of their use.
The controller no longer needs the personal data for the purposes of processing, but the data subject requires them for the establishment, exercise, or defense of legal claims.
The data subject has objected to processing pursuant to Art. 21(1) GDPR, and it has not yet been determined whether the legitimate grounds of the controller override those of the data subject.

If one of the above conditions applies and a data subject wishes to request the restriction of personal data stored by Geiger GmbH, they can contact a staff member of the data controller at any time. The staff member of Geiger GmbH will arrange for the restriction of processing.

f) Right to Data Portability

Any person affected by the processing of personal data has the right, granted by the European Directive and Regulation legislator, to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used, and machine-readable format. They also have the right to transfer these data to another controller without hindrance by the controller to whom the personal data were provided, provided the processing is based on consent according to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, or on a contract according to Art. 6(1)(b) GDPR, and the processing is carried out using automated procedures. This does not apply if the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Furthermore, in exercising their right to data portability according to Art. 20(1) GDPR, the data subject has the right to have the personal data transferred directly from one controller to another, where technically feasible and as long as this does not adversely affect the rights and freedoms of others.

To assert the right to data portability, the data subject may contact a staff member of Geiger GmbH at any time.

g) Right to Object

Any person affected by the processing of personal data has the right, granted by the European Directive and Regulation legislator, to object, at any time and for reasons arising from their particular situation, to the processing of personal data concerning them that is carried out based on Art. 6(1)(e) or (f) GDPR. This also applies to profiling based on these provisions.

Geiger GmbH will no longer process personal data in the event of an objection unless we can demonstrate compelling legitimate grounds for the processing that outweigh the interests, rights, and freedoms of the data subject, or the processing is for the establishment, exercise, or defense of legal claims.

If Geiger GmbH processes personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data for such marketing. This also applies to profiling, insofar as it is related to such direct marketing. If the data subject objects to Geiger GmbH regarding processing for the purposes of direct marketing, Geiger GmbH will no longer process the personal data for these purposes.

Furthermore, the data subject has the right, for reasons arising from their particular situation, to object to the processing of personal data concerning them that is carried out by Geiger GmbH for scientific or historical research purposes or for statistical purposes pursuant to Art. 89(1) GDPR, unless such processing is necessary for the performance of a task carried out in the public interest.

To exercise the right to object, the data subject may directly contact any employee of Geiger GmbH or another staff member. The data subject is also free to exercise their right to object in connection with the use of information society services, regardless of Directive 2002/58/EC, using automated procedures that utilize technical specifications

h) Automated Individual Decision-Making, Including Profiling

Any person affected by the processing of personal data has the right, granted by the European Directive and Regulation legislator, not to be subject to a decision based solely on automated processing—including profiling—that produces legal effects concerning them or similarly significantly affects them, unless the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is authorized by Union or Member State law to which the controller is subject and that law contains suitable measures to safeguard the rights and freedoms and legitimate interests of the data subject, or (3) occurs with the explicit consent of the data subject.

If the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the controller or (2) occurs with the explicit consent of the data subject, Geiger GmbH will take appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject, including at least the right to obtain human intervention on the part of the controller, to express their point of view, and to contest the decision.

If the data subject wishes to exercise rights concerning automated decisions, they can contact a staff member of the controller at any time.

i) Right to Withdraw Consent

Any person affected by the processing of personal data has the right, granted by the European Directive and Regulation legislator, to withdraw consent to the processing of personal data at any time.

If the data subject wishes to exercise their right to withdraw consent, they may contact a staff member of the controller at any time.

10. Data Protection in Applications and the Application Process

The controller collects and processes the personal data of applicants for the purpose of managing the application process. Processing may also occur electronically. This is particularly the case when an applicant submits application documents electronically, for example via email or through a web form on the website, to the controller. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of managing the employment relationship in compliance with statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted two months after the notification of the rejection decision, provided that no other legitimate interests of the controller prevent deletion. A legitimate interest in this context might include a burden of proof in a procedure under the General Equal Treatment Act (AGG).

11. Legal Basis for Processing

Art. 6(1)(a) GDPR serves as the legal basis for our company for processing operations where consent is obtained for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, such as processing operations required for the delivery of goods or the provision of any other service or consideration, the processing is based on Art. 6(1)(b) GDPR. The same applies to processing operations required to carry out pre-contractual measures, for example in cases of inquiries about our products or services. If our company is subject to a legal obligation requiring the processing of personal data, such as for the fulfillment of tax obligations, the processing is based on Art. 6(1)(c) GDPR.

In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. This could be the case, for example, if a visitor were injured on our premises and their name, age, health insurance data, or other vital information had to be provided to a doctor, hospital, or other third parties. In such a case, the processing would be based on Art. 6(1)(d) GDPR.

Finally, processing operations could be based on Art. 6(1)(f) GDPR. This legal basis is used for processing operations not covered by any of the aforementioned legal bases when processing is necessary to safeguard a legitimate interest of our company or a third party, provided the interests, fundamental rights, and freedoms of the data subject do not override. Such processing operations are particularly permitted because they were specifically mentioned by the European legislator. In this regard, the legislator considered that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47 Sentence 2 GDPR).

12. Legitimate Interests in Processing Pursued by the Controller or a Third Party

If the processing of personal data is based on Article 6(1)(f) GDPR, our legitimate interest is the conduct of our business activities for the benefit of the well-being of all our employees and shareholders.

13. Duration for Which Personal Data Are Stored

The criterion for the duration of the storage of personal data is the respective statutory retention period. After the expiry of this period, the corresponding data are routinely deleted, provided that they are no longer required for contract fulfillment or contract initiation.

14. Statutory or Contractual Provisions for Providing Personal Data; Necessity for Contract Conclusion; Obligation of the Data Subject to Provide Personal Data; Possible Consequences of Non-Provision

We inform you that the provision of personal data is partially required by law (e.g., tax regulations) or may also result from contractual regulations (e.g., information about the contractual partner). In some cases, it may be necessary for the conclusion of a contract that a data subject provides us with personal data, which we then have to process. For instance, the data subject is obliged to provide us with personal data if our company concludes a contract with them. Failure to provide personal data would result in the contract with the data subject not being concluded.

Before the provision of personal data by the data subject, the data subject must contact one of our employees. Our employee will clarify for the data subject on a case-by-case basis whether the provision of personal data is legally or contractually required, or necessary for the conclusion of the contract, whether there is an obligation to provide the personal data, and what the consequences of not providing the personal data would be.

15. Are My Data Used for Advertising Purposes?

We use your personal data for advertising purposes only if you have given consent; this consent can be revoked at any time for the future. We point out the possibility of revocation when obtaining consent.

16. Transmission of Personal Data

As part of our processing of personal data, it may occur that data are transmitted to other entities, companies, legally independent organizational units, or individuals, or disclosed to them.

Recipients of this data may include, for example, service providers tasked with IT-related tasks or providers of services and content integrated into a website. In such cases, we comply with legal requirements and, in particular, enter into appropriate contracts or agreements with the recipients of your data to ensure the protection of your data.

Orbitalum Tools GmbH is responsible for the assortment and pricing.
The following data are transmitted in encrypted form:

Order date
Ordered items
Order value
Shipping costs
Postal code
City
Country

17. Payment Providers

Furthermore, Geiger GmbH must ensure that the debtor has effectively provided their consent for the collection, processing, and use of the data in accordance with Art. 6ff GDPR. This includes, but is not limited to, ensuring that Geiger GmbH effectively agrees with its customer on the following:

Consent for data transmission (customer, claim amount, due date, etc.).
Consent for the storage, processing, transmission, and use of the data for identity, risk, and creditworthiness assessments, as well as for use and storage in the event of the assumption of payment default risks by Unzer and associated companies or third parties, including but not limited to credit agencies and collection agencies.
Authorization for Geiger GmbH to assign claims.

PayPal: Payment services (technical integration of online payment methods) (e.g., PayPal, PayPal Plus, Braintree); Service provider: PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg; Legal basis: Contract performance and pre-contractual inquiries (Art. 6(1)(b) GDPR); Website: https://www.paypal.com/de; Privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Stripe: Payment services (technical integration of online payment methods); Service provider: Stripe, Inc., 510 Townsend Street, San Francisco, CA 94103, USA; Legal basis: Contract performance and pre-contractual inquiries (Art. 6(1)(b) GDPR); Website: https://stripe.com; Privacy policy: https://stripe.com/de/privacy.

Unzer: Payment services (technical integration of online payment methods); Service provider: Unzer GmbH, Schöneberger Straße 21a, 10963 Berlin, Germany; Legal basis: Contract performance and pre-contractual inquiries (Art. 6(1)(b) GDPR); Website: https://unzer.com; Privacy policy: https://www.unzer.com/de/datenschutz/.

18. Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses "cookies," which are text files stored on your computer, to help analyze how you use the website. The information generated by the cookie about your use of this website is typically transmitted to and stored on a Google server in the USA. If IP anonymization is activated on this website, your IP address will first be truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activities, and to provide further services related to website and internet usage to the website operator.

The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

You can prevent the storage of cookies by configuring your browser software accordingly; however, we would like to point out that in this case, you may not be able to fully use all the functions of this website.

Matomo
We use the open-source analytics software Matomo on our website for statistical analysis of visitor access. Matomo is operated on our servers, and no data are transmitted to third parties (e.g., Matomo). The IP address processed for recording your visit is immediately anonymized (the last 2 bytes of your IP address are anonymized). Only the anonymized IP address is used for preparing and storing your visit. The following data may be stored in the visitor log along with a pseudonymized visitor ID (a device fingerprint):

Anonymized IP address
Accessed pages (date, time, URL, title, duration of stay)
Downloaded files
Clicked links to other websites
Operating system
Browser type, version, and language
Device type, brand, model, and resolution
Approximate location (based on anonymized IP address)
Referrer URL (previously visited page)

Visitor logs are automatically deleted after seven days, and daily reports are deleted after 24 months. You can prevent the tracking of your visit by configuring your browser settings (Do Not Track).

19. Google reCAPTCHA

We use "Google reCAPTCHA" (hereinafter referred to as "reCAPTCHA") on our websites. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

reCAPTCHA is used to check whether data entered on our websites (e.g., in a contact form) is done by a human or an automated program. To this end, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g., IP address, the duration of the website visit, or user mouse movements). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run entirely in the background. Website visitors are not informed that an analysis is taking place.

Data processing is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in protecting its web offerings against abusive automated surveillance and SPAM.

Further information about Google reCAPTCHA and Google's privacy policy can be found at the following links:

Here is the translation:

20. Google reCAPTCHA

We use "Google reCAPTCHA" (hereinafter referred to as "reCAPTCHA") on our websites. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

The reCAPTCHA analyses run entirely in the background. Website visitors are not informed that an analysis is taking place.

Data processing is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in protecting its web offerings against abusive automated surveillance and SPAM.

Further information about Google reCAPTCHA and Google's privacy policy can be found at the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.

Senden, 27.06.2025

§ 4 PayPal Transactions

Please note that all PayPal transactions are subject to the PayPal Privacy Policy:
https://www.paypal.com/de/webapps/mpp/ua/privacy-full

§ 5 Web Analysis with Google Analytics

(1) Purpose of Processing
This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics 4 uses so-called "cookies," text files that are stored on your device, enabling us to analyze your use of the website.

According to Google, Google Analytics 4 does not log or store individual IP addresses. Analytics does not provide precise location data. Instead, the following metadata derived from IP addresses are provided: “City” (and the derived latitude and longitude of the city), “Continent,” “Country,” “Region,” “Subcontinent” (and their ID-based equivalents). For accesses originating from the EU, IP addresses are only used to derive location data and are then immediately deleted. They are not logged, are inaccessible, and are not used for any other purposes. All IP lookups for data collection in Analytics take place on EU-based servers before traffic is forwarded to Analytics servers for processing. These servers may also be located outside the EU.

On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on website activities, and provide other services related to website and internet usage to the website operator.

(2) Legal Basis

The legal basis for this processing is your consent pursuant to Art. 6(1)(a) GDPR.

(3) Categories of Recipients

Google and its partner companies.

(4) Transfer to a Third Country

Google Ireland Limited is an affiliate of Google LLC. Google LLC is located in the USA (1600 Amphitheatre Parkway, Mountain View, CA 94043). The basis for the transfer of personal data from the EU to the USA is the EU-US Data Privacy Framework.

(5) Retention Period

14 months.

(6) Right of Withdrawal

You can withdraw your consent at any time with effect for the future via our cookie banner or through our website.

You can also generally prevent the storage of cookies by configuring your browser settings accordingly; however, we would like to point out that in this case, you may not be able to fully utilize all the features of this website.

Additionally, you can prevent the collection of data generated by the cookie and related to your use of the website, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: optout.

§ 6 Information About Cookies

(1) Purpose of Processing
Technically necessary cookies are used on this website. These are small text files that are stored in or by your internet browser on your computer system. These cookies enable functionalities such as adding multiple products to a shopping cart.

(2) Legal Basis
The legal basis for this processing is Art. 6(1)(f) GDPR.

(3) Legitimate Interest
Our legitimate interest is the functionality of our website. The user data collected through technically necessary cookies are not used to create user profiles, thus safeguarding your interest in data protection.

(4) Retention Period
Technically necessary cookies are usually deleted when the browser is closed. Persistent cookies have varying lifetimes, ranging from a few minutes to several years.

(5) Right to Object
If you do not wish to store these cookies, please disable the acceptance of cookies in your internet browser. However, this may result in functional restrictions on our website. Persistent cookies can also be deleted via your browser at any time.

§ 7 Your Rights as a Data Subject

If personal data about you is processed, you are considered a data subject under the GDPR and have the following rights toward us as the controller:

Right to Access
You may request information under Art. 15 GDPR about your personal data that we have processed.
Right to Rectification
If the information concerning you is not (or no longer) accurate, you may request its correction under Art. 16 GDPR. If your data is incomplete, you may request its completion.
Right to Erasure
Under the conditions of Art. 17 GDPR, you may request the deletion of your personal data.
Right to Restrict Processing
You have the right under the provisions of Art. 18 GDPR to request the restriction of processing of data concerning you.
Right to Data Portability
Under Art. 20 GDPR, you have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format or request its transfer to another controller.
Right to Withdraw Consent
Under Art. 7(3) GDPR, you have the right to withdraw your consent to data processing at any time. The lawfulness of processing based on consent until withdrawal is not affected.
Right to Lodge a Complaint with a Supervisory Authority
If you believe that the processing of personal data concerning you violates the GDPR, you have the right under Art. 77 GDPR to lodge a complaint with a supervisory authority (particularly in the Member State of your residence, workplace, or location of the alleged violation).

Please also note your right to object under Article 21 GDPR:

a) General: Reasoned objection required
If the processing of your personal data occurs:

to safeguard our overriding legitimate interests (legal basis pursuant to Art. 6(1)(f) GDPR), or
in the public interest (legal basis pursuant to Art. 6(1)(e) GDPR),

you have the right, at any time, to object to the processing for reasons arising from your particular situation; this also applies to profiling based on the provisions of the GDPR.

In the case of an objection, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.

b) Special case of direct marketing: Simple objection is sufficient
If your personal data is processed for direct marketing purposes, you have the right, at any time and without providing reasons, to object to such processing; this also applies to profiling insofar as it is associated with such direct marketing.

If you object to the processing for direct marketing purposes, your personal data will no longer be processed for these purposes.

Data controller:
Geiger GmbH
Messingweg 1
48308 Senden
Phone: 02597-96120
Email: info@geigerpromo.de

Contact details of our data protection officer:
Jensenstraße 19
83209 Prien
Email: cvdo@wer-gmbh.de

This document was created and is updated using the technology of janolaw GmbH.