Responsible

• Fabian Dornhecker
• Arndtstraße 38
• 04275 Leipzig
• hi@laboldevita.com

Overview of the processing

The following summary summarizes the types of data processed and the purposes of their processing and refers to the individuals concerned.

Types of processed data

• Inventory data (e.g., names, addresses).
• Inventory data (e.g., names, addresses).
• content data (e.g., text input, photographs, videos).
• Contact information (e.g., e-mail, phone numbers).
• Meta / communication data (e.g., device information, IP addresses).
• Usage data (e.g., websites visited, interest in content, access times).
• Contract data (for example, subject matter, term, customer category).
• Payment details (e.g., bank details, invoices, payment history).

Categories of affected persons

• business and contractual partners.
• Interested persons.
• communication partner.
• Customer.
• Users (e.g., website visitors, online service users).

Purposes of processing

• Providing our online offer and user-friendliness.
• Office and organizational procedures.
• Direct marketing (for example by e-mail or by post).
• Contact requests and communication.
• Safety measures.
• Contractual services and service.
• Management and answering of inquiries.

Relevant legal bases

In the following, we share the legal basis of the General Data Protection Regulation (DSGVO), on the basis of which we process the personal data. Please note that in addition to the provisions of the DSGVO, the national data protection regulations may apply in your home or country of residence.

• Consent (Article 6 (1) (1) (a) DSGVO) - The data subject has given his consent to the processing of personal data relating to him for a specific purpose or several specific purposes.
• Performance of contract and pre-contractual inquiries (Art. 6 (1) sentence 1 lit. DSGVO) - The processing is necessary for the fulfillment of a contract of which the data subject is a party or for the implementation of pre-contractual measures Person done.
• Legal obligation (Article 6 (1) (1) (c) DSGVO) - The processing is necessary to fulfill a legal obligation to which the person responsible is subject.
• Legitimate interests (Article 6 (1) sentence 1 lit. DSGVO) - Processing is necessary to safeguard the legitimate interests of the person responsible or a third party, unless the interests or fundamental rights and freedoms of the data subject providing the protection personal data require, outweigh.

National data protection regulations in Germany: In addition to the data protection regulations of the General Data Protection Regulation, national data protection regulations apply in Germany. This includes in particular the law on the protection against misuse of personal data in data processing (Bundesdatenschutzgesetz - BDSG). In particular, the BDSG contains special rules on the right of access, the right of cancellation, the right to object, the processing of special categories of personal data, processing for other purposes and for transmission as well as automated decision-making in individual cases, including profiling. Furthermore, it regulates data processing for the purposes of the employment relationship (§ 26 BDSG), in particular with regard to the establishment, implementation or termination of employment relationships and the consent of employees. Furthermore, state data protection laws of the individual federal states can be applied.

Safety measures

Transmission and disclosure of personal data

Data processing in third countries

Commercial and business services

We process data of our contract and business partners, e.g. Customers and prospects (collectively referred to as "contractors") in the context of contractual and comparable legal relationships and related measures and in the context of communication with the contractors (or pre-contractual), for example, to answer inquiries.
We process this data in order to fulfill our contractual obligations, to safeguard our rights and for the purposes of the administrative tasks associated with this information as well as the entrepreneurial organization. Within the scope of the applicable law, we only pass on the data of the contracting parties to third parties insofar as this is necessary for the aforementioned purposes or for the fulfillment of legal obligations or with the consent of the contractual partners (eg to participating telecommunications, transport and other auxiliary services as well as subcontractors , Banks, tax and legal advisers, payment service providers or tax authorities). About other forms of processing, e.g. For purposes of marketing, the contracting parties are informed in the context of this privacy policy.
What data is required for the above purposes, we inform the contractors or in the context of data collection, e.g. in online forms, by special markings (for example colors) or symbols (for example asterisks or the like), or in person with.
We delete the data after expiration of legal warranty and comparable obligations, ie, basically after expiration of 4 years, unless the data are stored in a customer account, eg, as long as they have to be kept for legal reasons of archiving (eg for Tax purposes usually 10 years). Data that has been disclosed to us as part of an order by the contractor, we delete according to the specifications of the contract, in principle after the end of the contract.
Insofar as we use third-party providers or platforms to provide our services, the terms and conditions and privacy notices of the respective third-party providers or platforms apply in the relationship between the users and the providers.
Shop and E-Commerce: We process the data of our customers in order to enable them to select, purchase or order the selected products, goods and related services, as well as their payment and delivery or execution.
The required information is marked as such in the context of the order or comparable purchase process and includes the information required for delivery, or provision and billing as well as contact information in order to hold any consultation.
Artistic and literary services: We process the data of our clients in order to enable them to select, purchase or commission the services or works as well as associated activities as well as their payment and delivery or execution.
The required information is marked as such within the scope of the order, order or comparable contract conclusion and includes the information required for delivery and billing as well as contact information in order to be able to hold any consultations.

• Processed data types: inventory data (eg names, addresses), payment data (eg bank details, invoices, payment history), contact data (eg e-mail, telephone numbers), contract data (eg subject of contract, duration, customer category), usage data (eg visited websites, interest in Content, access times), meta / communication data (eg device information, IP addresses).
• Affected persons: prospective customers, business and contractual partners, customers.
• Purposes of processing: contractual services and services, contact requests and communications, office and organizational procedures, administration and response to inquiries, security measures.
• Legal basis: fulfillment of the contract and pre-contractual inquiries (Article 6 (1) sentence 1 lit. DSGVO), legal obligation (Article 6 (1) sentence 1 (c) DSGVO), legitimate interests (Article 6 para 1 p. 1 DSGVO).

Payment service

In the context of contractual and other legal relationships, due to legal obligations or otherwise based on our legitimate interests, we offer the persons concerned efficient and secure payment options and use besides banks and credit institutions other payment service providers (collectively "payment service providers").
The data processed by the payment service providers includes inventory data, such as the name and the address, bank data, e.g. Account numbers or credit card numbers, passwords, TANs and checksums, as well as contract, summary and recipient-related information. The information is required to complete the transactions. However, the data entered will only be processed and stored by the payment service providers. That is, we do not receive any account or credit card related information, but only information with confirmation or negative disclosure of the payment. The data may be transmitted by the payment service providers to credit reporting agencies. This transmission aims at the identity and credit check. For this we refer to the terms and conditions and the privacy policy of the payment service providers.
For the payment transactions, the terms and conditions and the privacy notices of the respective payment service providers, which are available within the respective websites or transaction applications apply. We also refer to these for further information and assertion of rights of revocation, information and other data subjects.

• Processed data types: inventory data (eg names, addresses), payment data (eg bank details, invoices, payment history), contract data (eg subject matter, duration, customer category), usage data (eg visited websites, interest in content, access times), meta- / communication data ( eg device information, IP addresses).
• Affected persons: customers, interested parties.
• Purposes of processing: contractual services and service.
• Legal basis: fulfillment of the contract and pre-contractual inquiries (Article 6 (1) sentence 1 (b) DSGVO), entitled interests (Article 6 (1) sentence 1 (f) of the DSGVO).

Deployed services and service providers:

• PayPal: payment services; Service Provider: PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg; Website:  ►https://www.paypal.com; Privacy Policy:  ►https://www.paypal.com/webapps/mpp/ua/privacy-full

Contact

When contacting us (for example via contact form, e-mail, telephone or via social media), the details of the requesting persons are processed to the extent necessary to answer the contact requests and any requested action.
Responding to the contact requests in the context of contractual or pre-contractual relationships is to fulfill our contractual obligations or to answer (pre) contractual requests and otherwise on the basis of legitimate interests in answering the requests.

• Processed data types: inventory data (e.g., names, addresses), contact data (e.g., e-mail, telephone numbers), content data (e.g., text input, photographs, videos).
• Affected persons: communication partners.
• Purposes of processing: contact requests and communication.
• Legal basis: fulfillment of the contract and pre-contractual inquiries (Article 6 (1) sentence 1 (b) DSGVO), entitled interests (Article 6 (1) sentence 1 (f) of the DSGVO).

Provision of the online offer and web hosting

To provide our online offer securely and efficiently, we use the services of one or more web hosting providers whose servers (or servers managed by them) can access the online offer. For these purposes, we may use infrastructure and platform services, computing capacity, storage and database services, as well as security and technical maintenance services.
The data processed in the provision of the hosting offer may include all information relating to the use and communication of the users of our online offer. This includes, on a regular basis, the IP address necessary to deliver the content of online content to browsers, and all submissions made within our online offer or web pages.
E-mail delivery and hosting: The webhosting services we use also include the sending, receiving and saving of e-mails. For these purposes the addresses of the recipients as well as sender as well as further information concerning the e-mail dispatch (for example the participating providers) as well as the contents of the respective e-mails are processed. The aforementioned data may also be processed for purposes of SPAM detection. We ask you to note that e-mails on the Internet are generally not encrypted. As a rule, e-mails are encrypted on the transport route, but (if no so-called end-to-end encryption method is used) not on the servers from which they are sent and received. We can therefore take no responsibility for the transmission of emails between the sender and the reception on our server.
Collection of access data and log files: We ourselves (or our web hosting provider) collect data for every access to the server (so-called server log files). The server logfiles can contain the address and name of the retrieved web pages and files, the date and time of the retrieval, transferred data volumes, notification of successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page) and, as a rule, IP addresses. Addresses and the requesting provider belong.
The server log files can be used for security purposes, for example, to avoid overloading the servers (especially in the case of abusive attacks, so-called DDoS attacks) and second, to ensure the utilization of the servers and their stability.

• Processed data types: content data (e.g., text input, photographs, videos), usage data (e.g., visited web pages, interest in content, access times), meta / communication data (e.g., device information, IP addresses).
• Affected persons: Users (e.g., website visitors, online service users).
• Legal basis: legitimate interests (Article 6 (1) sentence 1 (f) of the DSGVO).

Newsletter and Communication

We send out newsletters, e-mails and other electronic notifications (hereinafter referred to as "newsletter") only with the consent of the recipient or a legal permission.Where in the context of an application to the newsletter whose contents are specifically described, they are for the consent of the users authoritative. Incidentally, our newsletter contains information about our services and us.
To subscribe to our newsletters, it is generally sufficient to provide your e-mail address. However, we may ask you to provide a name for personal address in the newsletter, or other information as required for the purpose of the newsletter.
Double-Opt-In-Procedure: Registration for our newsletter is basically done in a so-called Double-Opt-In-Procedure. This means that after signing up you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that nobody can register with external e-mail addresses. Registration for the newsletter will be logged in order to prove the registration process according to the legal requirements. This includes saving the login and confirmation times as well as the IP address. Likewise, changes to your data stored with the shipping service provider will be logged.
Deletion and Limitation of Processing: We may save the e-mail addresses discharged for up to three years on the basis of our legitimate interests, before we delete them, in order to be able to provide evidence of a previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for cancellation is possible at any time, provided that at the same time the former existence of a consent is confirmed. In the case of obligations to permanently observe contradictions, we reserve the sole purpose of storing the e-mail address for this purpose in a blacklist.
The logging of the registration process is based on our legitimate interests for the purpose of proving its proper course. Insofar as we commission a service provider with the dispatch of e-mails, this is done on the basis of our legitimate interests in an efficient and secure shipping system.
Legal notice: The distribution of the newsletter is based on the consent of the recipient or, if consent is not required, on the basis of our legitimate interests in direct marketing, if and insofar as this is legally required, e.g. in the case of existing customer advertising. Insofar as we entrust a service provider with the sending of e-mails, this is done on the basis of our legitimate interests. The registration process is recorded on the basis of our legitimate interests in order to prove that it has been performed in accordance with the law.

Content:
Information about us, new publications, our services and offers.
Measuring success: The newsletters contain a so-called "web-beacon", ie a pixel-sized file that is retrieved from the server when the newsletter is opened, or, if we use a shipping service provider, from its server Information such as information about the browser and your system, as well as your IP address and the time of retrieval, collected.
This information is used to improve the technicality of our newsletter based on the technical data or the target groups and their reading habits, based on their retrieval locations (which can be determined using the IP address) or access times. This analysis also includes determining if the newsletters are opened, when they are opened, and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our goal nor, if used, that of the shipping service provider to observe individual users. The evaluations serve to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
The evaluation of the newsletter and the performance measurement are made, subject to the express consent of the users, on the basis of our legitimate interests for the purpose of using a user-friendly and secure newsletter system which serves both our business interests and the expectations of the users.
A separate revocation of the performance measurement is unfortunately not possible, in this case, the entire newsletter subscription must be terminated, or it must be contradicted.

• Processed data types: inventory data (e.g., names, addresses), contact data (e.g., e-mail, telephone numbers), meta / communication data (e.g., device information, IP addresses), usage data (e.g., websites visited, interest in content, access times).
• Affected persons: communication partners.
• Purposes of processing: direct marketing (e.g., by e-mail or by post).
• Legal basis: Consent (Article 6 (1) sentence 1 (a) DSGVO), entitled interests (Article 6 (1) (1) (f) of the DSGVO).
• Opt-out: You may terminate the receipt of our newsletter at any time, ie. Revoke your consent, or object to further reception. You can find a link to cancel the newsletter either at the end of each newsletter or else you can use one of the contact options above, preferably e-mail, for this purpose.

Deployed services and service providers:

• Mailchimp: e-mail marketing platform; Service Provider: \ "Mailchimp \" - Rocket Science Group, LLC, 675 Ponce De Leon Ave NE # 5000, Atlanta, GA 30308, USA; Website:  ►https://mailchimp.com; Privacy Policy:  ►https://mailchimp.com/legal/privacy/; Privacy Shield (ensuring data protection level when processing data in the US):  ►https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active

Plugins and embedded functions as well as content

We incorporate functionality and content into our online offering sourced from their respective vendors' servers (hereafter referred to as "third party vendors"), such as graphics, videos, social media buttons, and posts (hereafter referred to as "third party") uniformly referred to as "content").
The integration always requires that the third-party providers of this content process the IP address of the users, since they would not be able to send the content to their browser without the IP address. The IP address is therefore required for the presentation of these contents or functions. We endeavor to use only those content whose respective providers use the IP address only for the delivery of the content. Third parties may also use so-called pixel tags (invisible graphics, also referred to as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include, but is not limited to, technical information about the browser and the operating system, websites to be referenced, time of visit, and other information regarding the use of our online offer.
Notes on legal bases: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is the consent. Otherwise, users' data will be processed based on our legitimate interests (i.e., interest in efficient, economical and recipient-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this privacy policy.

• Processed data types: usage data (e.g., visited web pages, interest in content, access times), meta / communication data (e.g., device information, IP addresses).
• Affected persons: Users (e.g., website visitors, online service users).
• Purposes of processing: Providing our online offering and usability, contractual services and service.
• Legal basis: legitimate interests (Article 6 (1) sentence 1 (f) of the DSGVO).

Deployed services and service providers:

• Google Fonts: We incorporate the fonts (\ "Google Fonts \") of the provider Google, whereby the data of the users are used solely for the purpose of displaying the fonts in the user's browser. The integration is based on our legitimate interests in a technically secure, maintenance-free and efficient use of fonts, their consistent presentation and taking into account possible licensing restrictions for their integration. Service Providers: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent Company: Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA; Website:  ►https://fonts.google.com/; Privacy Policy:  ►https://policies.google.com/privacy; Privacy Shield (ensuring privacy levels when processing data in the US):  ►https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&status=Active

Deletion of data

Modification and update of the privacy policy

Rights of data subjects

As DSPRO interested parties, you are entitled to various rights, in particular from Articles 15 to 18 and 21 DS-GVO:

• Right to object: You have the right at any time, for reasons arising from your particular situation, against the processing of your personal data relating to you, which pursuant to Art. 6 para. 1 lit. e or f DSGVO takes an objection; this also applies to profiling based on these provisions. If the personal data relating to you are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct mail.
• Right of Withdrawal: You have the right to revoke granted consent at any time.
• Right to information: You have the right to ask for confirmation as to whether the data in question is being processed and for information about this data as well as for further information and copying of the data in accordance with legal requirements.
• Right to correction: You have the legal right to demand the completion of the data concerning you or the correction of the incorrect data concerning you.
• Right to deletion and limitation of processing: You have the right, in accordance with the statutory provisions, to demand that data relating to you be deleted immediately, or, alternatively, to require a restriction of the processing of data in accordance with legal requirements.
• Right to Data Portability: You have the right to receive data relating to you that you have provided to us in accordance with legal requirements in a structured, common and machine-readable format or to request their transmission to another person in charge.
• Complain to the supervisory authority: You also have the right, as required by law, to consult with a supervisory authority, in particular in the Member State of your usual place of residence, employment or the place of the alleged breach, if you believe that the processing of your personal data relates to you Data violates the DSGVO.

Definitions

This section provides an overview of the terminology used in this Privacy Policy. Many of the terms are taken from the law and defined above all in Art. 4 DSGVO. The legal definitions are binding. The following explanations, on the other hand, are intended above all to aid understanding. The terms are sorted alphabetically.

• Personal data: "Personal data" means any information relating to an identified or identifiable natural person (hereinafter the "data subject"); a natural person is considered as identifiable, which can be identified directly or indirectly, in particular by means of assignment to an identifier such as a name, to an identification number, to location data, to an online identifier (eg cookie) or to one or more special features, are the expression of the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.
• Responsible: "Responsible" means the natural or legal person, public authority, body or other body that alone or jointly with others decides on the purposes and means of processing personal data.
• Processing: "Processing" means any process performed with or without the aid of automated procedures or any such process associated with personal data. The term covers a wide range and covers practically every handling of data, be it collection, evaluation, storage, transfer or deletion.