Privacy statement

We are pleased that you have visited our website and would like to thank you for your interest.

We value the trust you have placed in us very highly and thus fully appreciate the importance and responsibility of dealing with your data carefully and protecting it against misuse.

This data protection statement informs you about when we store what data and how we use such data – needless to say, always taking current legal regulations into account, in particular the General Data Protection Regulation (GDPR).

For security reasons and the protection of transmission of personal data and further confidential contents (e.g. accessing information or inquiries to the responsible person), this website uses SSL or TLS encryption. You can recognise an encrypted connection from the character string "https://" and the padlock icon in your browser line.

The controller for this website is:

weinor GmbH & Co. KG
Matthias-Brüggen-Straße 110
50829 Köln - Ossendorf (Germany)

E-Mail:  info@weinor.de

You can reach our Data Protection Officer as follows:

Creditreform Compliance Services GmbH

Hammfelddamm 13

41460 Neuss
E-Mail: datenschutz@weinor.de

Data collection when visiting our website

You can use our website without letting us know who you are. When you simply use our website to gain information, we only collect data of the kind your browser sends to our server (“log files”).

When you visit our website, we collect the following information that is technologically necessary for us to display the website:

• Our website which you visited
• Date and time of your request
• The amount of data sent in bytes
• Referring page that led you to the current page
• Browser used including version and language
• Operating system
• Used IP address used (anonymised if applicable)

Processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to check the log files retrospectively in the event of specific indications of unlawful use. The processed data is stored for a period of 4 weeks and then deleted.

Use of cookies

We use so-called cookies on various pages to make your visit to our website more interesting and informative and to enable the use of certain functions. These are small text files that are stored on your terminal device.

Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your terminal device and enable us or our advertising partners to recognise your browser on your next visit.

For the aforementioned purposes, we also use the services of the following advertising partners (third-party providers), who are responsible for the data processing taking place through the service in accordance with Article 4 Nr. 7 GDPR. These persistent cookies are automatically deleted after a predefined period of time, which differs depending on the cookie. You can find further information below.

Cloudflare

Description of Service

This is a service providing increased security and performance for websites. Cloudflare offers for example a content delivery network („CDN“) to improve the loading times of the website. The use of a CDN enables the user to make content available for retrieval more quickly with the help of regionally or internationally distributed servers.

Processing Company

Cloudflare Inc.

101 Townsend St., San Francisco, CA 94107, United States of America

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

privacyquestions@cloudflare.com, legal@cloudflare.com

Data Purposes

This list represents the purposes of the data collection and processing.

• Optimization
• Website security
• Improvement of service
• Reducing bandwidth usage

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• IP address
• System configuration information
• Name of website
• Date and time of request
• Name and URL of the accessed file
• Amount of data transferred
• Status Information
• Device operating system
• Referrer URL
• Requesting provider
• Device type
• Time of the server request

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. f GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

United States of America,European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

Data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the provider's privacy policy or contact the provider directly.

• United States of America
• Singapore
• Australia
• United Arab Emirates

Data Recipients

In the following the recipients of the data collected are listed.

• Cloudflare Group

Click here to read the privacy policy of the data processor

https://www.cloudflare.com/privacypolicy/

Click here to read the cookie policy of the data processor

https://www.cloudflare.com/cookie-policy/

Stored Information

• Name: __cf_bm; This is used for the bot protection solution provided by Cloudflare.; Type: cookie; Duration: 30 minutes;
• Name: cf_clearance; This cookie is used to store the proof of challenge passed. It is used to no longer issue a challenge if present. It is required to reach an origin server.; Type: cookie; Duration: 30 minutes;
• Name: _cfuvid; This cookie is used for rate limiting rules.; Type: cookie; Duration: 7 days;
• Name: cf_chl_cc_XXX, cf_chl_rc_i, cf_chl_rc_ni; The cookie is used by Cloudflare for the execution of challenges. It is not used for tracking or beyond the scope of the challenge.; Type: cookie; Duration: Session;
• Name: __cflb; This is used to return an end user to the same customer origin for a specific period of time configured by the customer. ; Type: cookie; Duration: 1 day;

cloudfront.net

Description of Service

This is a content delivery network provided by Amazon. The use of a CDN enables the user to make content available to you for retrieval more quickly with the help of regionally or internationally distributed servers. When you access this content, a connection is established between you and the respective servers of the CDN, whereby personal data may be transmitted.

Processing Company

Amazon Web Services EMEA SARL

38 Avenue John F. Kennedy, L-1855 Luxemburg

Data Purposes

This list represents the purposes of the data collection and processing.

• Content Delivery

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Scripts

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• User agent data
• Usage data
• Device operating system
• Device information
• IP address
• Browser information

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. f GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

• Worldwide

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the provider's privacy policy or contact the provider directly.

• Worldwide

Data Recipients

In the following the recipients of the data collected are listed.

• Amazon Web Services EMEA SARL

Click here to read the privacy policy of the data processor

https://aws.amazon.com/privacy/

Click here to read the cookie policy of the data processor

https://aws.amazon.com/privacy/

JSDelivr

Description of Service

This is a CDN for open-source projects.

Processing Company

Prospect One sp.z o.o.

Królewska 65A/1, 30-081 Kraków, Poland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

dak@prospectone.io

Data Purposes

This list represents the purposes of the data collection and processing.

• Functionality
• Optimization
• Customer Support
• Analytics

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Usage data
• IP address
• Browser type
• Browser version
• Pages visited
• Date and time of visit
• Amount of time spent on a page
• Unique device identifier
• Diagnostic data

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. f GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

• European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Data Recipients

In the following the recipients of the data collected are listed.

• Prospect One sp. z o.o., Third-party Service Providers

Click here to read the privacy policy of the data processor

https://www.jsdelivr.com/terms/privacy-policy-jsdelivr-net

Usercentrics Consent Management Platform

Description of Service

This is a consent management service. Usercentrics GmbH is used on websites and apps as a processor for the purpose of consent management.

Processing Company

Usercentrics GmbH

Sendlinger Str. 7, 80331 Munich, Germany

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

datenschutz@usercentrics.com

Data Purposes

This list represents the purposes of the data collection and processing.

• Compliance with legal obligations
• Consent storage

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Local storage
• Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Opt-in and opt-out data
• Referrer URL
• User agent
• User settings
• Consent ID
• Time of consent
• Consent type
• Template version
• Banner language
• IP address
• Geographic location

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. c GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

• European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The consent data (given consent and revocation of consent) are stored for one year. The data will then be deleted immediately.

Data Recipients

In the following the recipients of the data collected are listed.

• Usercentrics GmbH

Click here to read the privacy policy of the data processor

https://usercentrics.com/privacy-policy/

Stored Information

• Name: ucString; This holds the ControllerID and SettingsID, the language, settings version and services with their consent history.; Type: web; Domain: usercentrics.com;
• Name: ucData; This holds information about the Google Consent Mode.; Type: web;

DoubleClick Ad

Description of Service

This is an advertising service. With this service it is possible to provide relevant ads to users and get campaign reports.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/troubleshooter/7575787?hl=en

Data Purposes

This list represents the purposes of the data collection and processing.

• Advertisement
• Analytics
• Optimization

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Browser information
• Click path
• Cookie information
• Date and time of visit
• Demographic data
• Device identifiers
• Location information
• Hardware/software type
• Internet service provider
• IP address
• Number of times ads are seen
• Serving domains
• Interaction data
• Page views
• Search history

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the provider's privacy policy or contact the provider directly.

• United States of America

Data Recipients

In the following the recipients of the data collected are listed.

• Google Ireland Limited
• Google LLC
• Alphabet Inc.

Click here to read the privacy policy of the data processor

https://business.safety.google/privacy/?hl=en

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

Storage Information

• Maximum age of cookie storage: 1 year

Stored Information

• Name: test_cookie; Test for cookie setting permissions in user's browser; Type: cookie; Duration: 1 day; Domain: doubleclick.net;
• Name: IDE; Contains a randomly generated user ID. Using this ID, Google can recognize the user across different websites across domains and display personalized advertising.; Type: cookie; Duration: 1 year; Domain: doubleclick.net;

Facebook Pixel

Description of Service

This is a Tracking technology offered by Facebook and used by other Facebook services. It is used to track interactions of visitors with websites ("Events") after they have clicked on an ad placed on Facebook or other services provided by Meta ("Conversion").

Processing Company

Meta Platforms Ireland Ltd.

4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://www.facebook.com/help/contact/1650115808681298

Data Purposes

This list represents the purposes of the data collection and processing.

• Analytics
• Marketing
• Retargeting
• Advertisement
• Conversion Tracking
• Personalisation

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies
• Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Ads viewed
• Content viewed
• Device information
• Geographic location
• HTTP-header
• Interactions with advertisement, services, and products
• IP address
• Items clicked
• Marketing information
• Pages visited
• Pixel ID
• Referrer URL
• Usage data
• User behaviour
• Facebook cookie information
• Facebook user ID
• Usage/click behaviour
• Browser information
• Device operating system
• Device ID
• User agent
• Browser type

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

• European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

User’s interactions tracked on websites will not be stored longer than for two years. However, the data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the provider's privacy policy or contact the provider directly.

• Singapore
• United States of America
• United Kingdom

Data Recipients

In the following the recipients of the data collected are listed.

• Meta Platforms Ireland Ltd., Meta Platforms Inc.

Click here to read the privacy policy of the data processor

https://www.facebook.com/privacy/explanation

Click here to read the cookie policy of the data processor

https://www.facebook.com/policies/cookies

Storage Information

• Maximum age of cookie storage: 1 year

Stored Information

• Name: messaging_plugin_#; Type: cookie; Duration: - ;
• Name: fr; Type: cookie; Duration: - ;
• Name: _fbp; Type: cookie; Duration: - ;
• Name: pxcelBcnLcy; Type: cookie; Duration: - ;
• Name: _fbp; Type: web;

Google Ads

Description of Service

This is an advertising service. This service can be used to show personalised or non-personalised advertisement to users.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data Purposes

This list represents the purposes of the data collection and processing.

• Advertisement
• Analytics
• Providing Service
• Statistics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies
• Tracking Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Ads viewed
• Cookie ID
• Date and time of visit
• Device information
• Geographic location
• IP address
• Search terms
• Ads shown
• Client ID
• Impressions
• Online identifiers
• Browser information
• Referrer URL
• Interaction data

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

• European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes. Log data is anonymized after 9 months and cookie information is anonymized after 18 months.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the provider's privacy policy or contact the provider directly.

• Chile
• Singapore
• Taiwan
• United States of America

Data Recipients

In the following the recipients of the data collected are listed.

• Alphabet Inc., Google LLC, Google Ireland Limited

Click here to read the privacy policy of the data processor

https://business.safety.google/privacy/

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies

Click here to opt out from this processor across all domains

https://safety.google/privacy/privacy-controls/

Storage Information

• Maximum age of cookie storage: 1 year

Stored Information

• Name: NID; This is used to provide advertisements or retargeting.; Type: cookie; Duration: 6 months;
• Name: __gads; This is used to provide advertisements or retargeting.; Type: cookie; Duration: 1 year, 1 month;
• Name: pm_sess; This is used to make sure that requests come from a user.; Type: cookie; Duration: 30 minutes;
• Name: ANID; This is used to show advertisements on websites outside of Google.; Type: cookie; Duration: 1 year, 1 month;
• Name: _gcl_au; This is used to store and track conversions.; Type: cookie; Duration: 2 months, 29 days;
• Name: FPGCLAW; This cookie is used to track campaign related information on the user.; Type: cookie; Duration: 2 months, 29 days;
• Name: FPGCLGB; This cookie is used to track campaign related information on the user.; Type: cookie; Duration: 2 months, 29 days;
• Name: _gcl_gb; This cookie is used to track campaign related information on the user.; Type: cookie; Duration: 2 months, 29 days;
• Name: _gac_gb_<wpid>; This cookie is used to track campaign related information on the user.; Type: cookie; Duration: 2 months, 29 days;
• Name: _gcl_aw; This cookie is set when a user arrives at the website via a click on a Google ad.; Type: cookie; Duration: 2 months, 29 days;
• Name: YSC; This is used to store and track interaction.; Type: cookie; Duration: Session;
• Name: 1P_JAR; This is used to collect information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website.; Type: cookie; Duration: 30 days;
• Name: AID; This is used to link activities on other devices the user has previously logged into with a Google account. ; Type: cookie; Duration: 1 year, 1 month;
• Name: FPAU; This is used to collect information about the users and their activity on the website through embedded elements with the purpose of analytics and reporting.; Type: cookie; Duration: 2 months, 29 days;

Google Analytics

Description of Service

This is a web analytics service. With this, the user can measure the advertising return on investment "ROI" as well as track user behavior with flash, video, websites and applications.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data Purposes

This list represents the purposes of the data collection and processing.

• Marketing
• Analytics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies
• Pixel
• JavaScript

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Click path
• Date and time of visit
• Device information
• Location information
• IP address
• Pages visited
• Referrer URL
• Browser information
• Hostname
• Browser language
• Browser type
• Screen resolution
• Device operating system
• Interaction data
• User behaviour
• Visited URL
• Cookie ID

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

• European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The Retention Period depends on the type of the saved data. Each user can choose how long Google Analytics retains data before automatically deleting it.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the provider's privacy policy or contact the provider directly.

• United States of America
• Singapore
• Chile
• Taiwan

Data Recipients

In the following the recipients of the data collected are listed.

• Google Ireland Limited, Alphabet Inc., Google LLC

Click here to read the privacy policy of the data processor

https://business.safety.google/privacy/?hl=en

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

Click here to opt out from this processor across all domains

https://tools.google.com/dlpage/gaoptout?hl=de

Storage Information

• Maximum age of cookie storage: 2 years

Stored Information

• Name: __utmb; This cookie is used to track the time of the visit.; Type: cookie; Duration: Session;
• Name: _ga; This cookie is used to distinguish between users.; Type: cookie; Duration: 2 years;
• Name: _gid; This cookie is used to identify the user.; Type: cookie; Duration: 1 day;
• Name: __utma; This cookie is used to record the time and date of the first visit, the total number of visits and the start time of the current visit. ; Type: cookie; Duration: Session;
• Name: __utmz; This cookie is used to record where the visitor came from. ; Type: cookie; Duration: Session;
• Name: IDE; This is used to show personalised ads. ; Type: cookie; Duration: 1 year, 1 month;
• Name: CONSENT; This is used to store the consent choices of the user. ; Type: cookie; Duration: 2 years;
• Name: __utmt; This is used to throttle the request rate. ; Type: cookie; Duration: 10 minutes;
• Name: _gat; This is used to read and filter requests from bots.; Type: cookie; Duration: 1 minute;
• Name: __utmc; This is used to store the time of the visit.; Type: cookie; Duration: 30 minutes;
• Name: FPID; This is used to store a value used for setting the Client ID in the request to Google's servers.; Type: cookie; Duration: 2 years;
• Name: FPLC; This is used to register a unique ID that is used to generate statistical data about how the visitor uses the website.; Type: cookie; Duration: 20 hours;

Google Maps

Description of Service

This is an integrated map service.

Processing Company

Google LLC

1600 Amphitheatre Parkway Mountain View, CA 94043, United States of America

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data Purposes

This list represents the purposes of the data collection and processing.

• Displaying Maps

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• APIs

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Date and time of visit
• Location information
• IP address
• URL
• Usage data
• Search terms
• Geographic location

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

• European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the provider's privacy policy or contact the provider directly.

• Singapore
• Taiwan
• Chile
• United States of America

Data Recipients

In the following the recipients of the data collected are listed.

• Google Ireland Limited, Google LLC, Alphabet Inc

Click here to read the privacy policy of the data processor

http://www.google.com/intl/de/policies/privacy/

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

Stored Information

• Name: NID; This cookie is used to store the users preferences.; Type: cookie; Duration: 6 months;

Kameleoon A/B Testing

Description of Service

Kameleoon enables e-commerce and marketing departments to personalize the customer journey and offer each visitor unique experiences, to maximize both sales and margins. Kameleoon is the leading SaaS platform for AI-driven personalization in Europe.

Processing Company

Kameleoon SAS

12 rue de la Chaussée d'Antin, 75009 Paris, France; Beim Alten Ausbesserungswerk 4, 77654 Offenburgh, Germany; 21 Lombard Street London EC3V 9AH, United Kingdom

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

dataprotection@kameleoon.com

Data Purposes

This list represents the purposes of the data collection and processing.

• Testing

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies
• Local Storage

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Browser information
• Screen resolution
• Time zone
• Operating system information
• Device type
• Geographic location
• Number of page views
• Usage data
• Date and time of visit
• Number of opened tabs
• Whether or not an ad blocker is installed
• Number of visits
• Referrer URL
• URL
• IP address

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

• European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.The data will be deleted as soon as they are no longer needed for the processing purposes. By default, visitor data are kept in local storage for 380 days and analytics data for 2 years.

Data Recipients

In the following the recipients of the data collected are listed.

• Kameleoon SAS

Click here to read the privacy policy of the data processor

https://www.kameleoon.com/de/datenschutz/

MaTelSo

Description of Service

This is a service that enables caller behavior through tracking of phone numbers.

Processing Company

MaTelSo GmbH

Heilbronner Str. 150, 70191 Stuttgart, Germany

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

scheffel@useconsult.de

Data Purposes

This list represents the purposes of the data collection and processing.

• Marketing
• Call tracking
• User-Journey Analysis

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Date of call
• Duration of call
• Document path
• Destination number
• Time of call
• Browser information
• Remote user agent
• Referrer URL
• Date and time of visit

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

• European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Click here to read the privacy policy of the data processor

https://www.matelso.com/de/privacy-statement

Taboola

Description of Service

This is an advertising platform. With this service it is possible to increase user engagement.

Processing Company

Taboola Europe Limited

Aldgate House, 2nd Floor, 33 Aldgate High Street, London EC3N 1DL, UK

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

dpo@taboola.com

Data Purposes

This list represents the purposes of the data collection and processing.

• Advertisement
• Analytics
• Personalisation
• Providing Service

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Date and time of visit
• Device information
• Device operating system
• Geographic location
• IP address
• Referrer URL
• Websites visited
• Event information
• User behaviour
• Gender
• Browser information
• Hashed version of email address

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

• European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

User information is kept for no longer than 13 months from the users last interaction with the service.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the provider's privacy policy or contact the provider directly.

• Israel
• United States of America
• United Kingdom
• Hong Kong
• Singapore

Data Recipients

In the following the recipients of the data collected are listed.

• Taboola, Affiliates, Service providers, Customers

Click here to read the privacy policy of the data processor

https://www.taboola.com/de/policies/datenschutzerklaerung

Click here to read the cookie policy of the data processor

https://www.taboola.com/de/policies/cookie-richtlinie

Click here to opt out from this processor across all domains

https://www.taboola.com/privacy-policy#user-choices-and-optout

Storage Information

Maximum age of cookie storage: 1 year

Stored Information

• Name: taboola_session_id; Creates a temporary session ID to avoid the display of duplicate recommendations on the page.; Type: cookie; Duration: Session; Domain: trc.taboola.com ;
• Name: taboola_select; Maintains a record of whether the user performed an action in the “Taboola Select” feature.; Type: cookie; Duration: 1 year; Domain: taboola.com;
• Name: taboola_fp_td_user_id ; Indicates that the user clicked on an item that was recommended by Taboola’s Services. This is used for reporting and analytics purposes. ; Type: cookie; Duration: 1 year; Domain: taboola.com;
• Name: t_gid; Assigns a unique User ID that allows Taboola to recommend specific advertisements and content to this user. ; Type: cookie; Duration: 1 year; Domain: taboola.com;
• Name: trc_cookie_storage; Assigns a unique User ID that is used for attribution and reporting purposes. ; Type: cookie; Duration: 1 year;
• Name: _tb_sess_r; Used on websites of taboola's publisher Customers that utilize the Taboola Newsroom services. It maintains a session reference about the user’s visit to this particular website. ; Type: cookie; Duration: 30 minutes;
• Name: _tb_t_ppg; Used on websites of our publisher Customers that utilize the Taboola Newsroom services. This cookie is used to identify the referring website (i.e. the website that the user visited prior to arriving at this publisher’s website). ; Type: cookie; Duration: Session;
• Name: abLdr; Supports routine technical and performance improvements for Taboola’s browser-based Services. ; Type: cookie; Duration: 3 hours; Domain: taboola.com;
• Name: abMbl; Supports routine technical and performance improvements for Taboola’s mobile SDK Services. ; Type: cookie; Duration: 3 hours; Domain: taboola.com;
• Name: tb_click_param; Used on websites of taboola's publisher Customers that utilize the Taboola Newsroom services. It measures performance of the publisher’s homepage articles that are clicked.; Type: cookie; Duration: 30 seconds;

Vimeo

Description of Service

This is a service for displaying video content.

Processing Company

Vimeo.com, Inc.

555 West 18th Street, New York, New York 10011, United States of America

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Privacy@vimeo.com

Data Purposes

This list represents the purposes of the data collection and processing.

• Displaying Videos

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Browser information
• Browser language
• Browser type
• Cookie information
• Device information
• Device operating system
• Information from third party sources
• IP address
• Pages visited
• Referrer URL
• Information users provide on site
• Search queries
• Geographic location
• Content viewed

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

• United States of America

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the provider's privacy policy or contact the provider directly.

• United States of America

Data Recipients

In the following the recipients of the data collected are listed.

• Vimeo.com, Inc.

Click here to read the privacy policy of the data processor

https://vimeo.com/privacy

Click here to read the cookie policy of the data processor

https://vimeo.com/cookie_policy

Click here to opt out from this processor across all domains

https://vimeo.com/cookie_policy

Storage Information

Maximum age of cookie storage: 2 years

Stored Information

• Name: muxData; This cookie is used in conjunction with a video player. If the visitor is interrupted while viewing video content, the cookie remembers where to start the video when the visitor reloads the video.; Type: cookie; Duration: Session; Domain: vimeo.com;
• Name: has_loggend_in; This cookie is used in conjunction with a video player. If the visitor is interrupted while viewing video content, the cookie remembers where to start the video when the visitor reloads the video.; Type: cookie; Duration: Session; Domain: vimeo.com;
• Name: vuid; Registers a unique ID that is used by Vimeo.; Type: cookie; Duration: 2 years; Domain: vimeo.com;
• Name: player; Saves the user's preferences when playing embedded videos from Vimeo.; Type: cookie; Duration: 1 year; Domain: vimeo.com;
• Name: is_logged_in; Set after a user's first upload; Type: cookie; Duration: Session; Domain: vimeo.com;

weinor

Description of Service

Your browser caches the website from which you were transferred to our retailer search function. After your contact data is sent to the retailer, this information is also cached in our customer administration system.

Processing Company

weinor GmbH & Co. KG

Mathias-Brüggen-Straße 110, 50829 Köln, Germany

Data Purposes

This list represents the purposes of the data collection and processing.

• Usage statistics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• session storage

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Campaign information

Legal Basis

In the following the required legal basis for the processing of data is listed.

• § 25 para. 1 TDDSG [German Teleservices Data Protection Act]
• Art. 6 para. 1 p. 1 lit. a) GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

• Germany

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

Non-cookie storage: Yes, the data is deleted when the browser tab is closed.

Customer management system, the data is deleted when it is no longer required.

Click here to read the privacy policy of the data processor

https://www.weinor.de/datenschutz

Storage Information

• Non-cookie storage: yes

YouTube Video

Description of Service

This is a video player service. It can be used by user to watch, like, share, comment and upload videos.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data Purposes

This list represents the purposes of the data collection and processing.

• Displaying Videos

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

• Cookies (if Privacy-Enhanced Mode is not activated)

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

• Device information
• IP address
• Referrer URL
• Videos viewed

Legal Basis

In the following the required legal basis for the processing of data is listed.

• Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

• European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the provider's privacy policy or contact the provider directly.

• Chile
• United States of America
• Taiwan
• Singapore

Data Recipients

In the following the recipients of the data collected are listed.

• Alphabet Inc.
• Google LLC
• Google Ireland Limited

Click here to read the privacy policy of the data processor

https://business.safety.google/privacy/?hl=de

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=de

Click here to opt out from this processor across all domains

https://safety.google/privacy/privacy-controls/

Storage Information

• Maximum age of cookie storage: 8 months

Stored Information

• Name: __sak; This is used to store information about the visitor's video preferences.; Type: web;
• Name: LAST_RESULT_ENTRY_KEY; This is used to save the user settings when retrieving a Youtube video integrated on other web pages.; Type: web;
• Name: yt-player-bandaid-host, yt-player-bandwidth, yt-player-headers-readable; This is used to determine the optimal video quality based on the visitor's device and network settings.; Type: web;
• Name: yt-remote-cast-installed, yt-remote-connected-devices, yt-remote-device-id, yt-remote-fast-check-period, yt-remote-session-app, yt-remote-session-name; This is used to store the user's video player preferences using embedded YouTube video.; Type: web;
• Name: YEC; This is used to store the user's video player preferences using embedded YouTube video.; Type: cookie; Duration: 1 year, 1 month;
• Name: CONSENT; This is used to detect if the visitor has accepted the marketing category in the cookie banner. ; Type: cookie; Duration: 2 years;
• Name: DEVICE_INFO; This is used to track user’s interaction with embedded content.; Type: cookie; Duration: 5 months, 26 days;
• Name: remote_sid; This is used for the implementation and functionality of YouTube video content on the website.; Type: cookie; Duration: Session;
• Name: test_cookie; This is a test for cookie setting permissions in user's browser.; Type: cookie; Duration: 1 day;
• Name: VISITOR_INFO1_LIVE; This is used to measure the users bandwidth to determine whether they get the new or old player interface.; Type: cookie; Duration: 6 months;
• Name: YSC; This is set by the YouTube video service on pages with embedded YouTube videos.; Type: cookie; Duration: Session;
• Name: PREF; This is used to store information such as your preferred page configuration and playback settings such as explicit autoplay options, random mix, and player size.; Type: cookie; Duration: 8 months;
• Name: pm_sess; This is used to maintain your browsing session.; Type: cookie; Duration: 30 minutes;
• Name: CGIC; This is used to provide search results by auto-completing search queries based on a user's initial input.; Type: cookie; Duration: 6 months;
• Name: UULE; This is used to determine the users geographic location. ; Type: cookie; Duration: 6 hours;
• Name: _Secure-YEC; This is used to store the user's video player preferences using embedded YouTube videos.; Type: cookie; Duration: 1 year, 1 month;

You can revoke your consent at all times or update it

Please note that you can also configure your browser so you are informed about the placement of cookies and can decide on an individual basis to accept or exclude the acceptance of cookies for specific cases or in general. You can delete cookies at any time in your browser's system settings.

Please note that if you do not accept cookies, our website's functionality may be limited.

Facebook Fanpage

Facebook is an Internet-based social meeting place that allows users to interact with each other in virtual space. We use the Facebook fan page to communicate with users and thereby optimise our online offering.

The provider of the platform is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

We are jointly responsible for the operation of the fan page with the provider of the platform Meta Platform Ireland Limited. We have concluded a contract with the provider on joint responsibility (pursuant to Article 26 GDPR), the content of which can be found here: https://www.facebook.com/legal/terms/page_controller_addendum.

The responsibilities can be found here: www.facebook.com/legal/controller_addendum

The legal basis for the processing of personal data is our legitimate interest in communicating with users (pursuant to Article 6(1)(f) GDPR) in order to gain a better understanding of their interests.

Information on how Meta Platform Ireland processes personal data, including the legal basis on which Meta Platform Ireland relies and the options for exercising data subjects' rights vis-à-vis Meta Platform Ireland, can be found in Meta Platform Ireland's data policy at https://www.facebook.com/about/privacy.

As part of Page Insights, we ourselves only receive anonymised statistical data; we have no access to personal data processed by Facebook.

You can obtain the information on Page Insights required by the GDPR from Facebook at: https://www.facebook.com/legal/terms/information_about_page_insights_data

We would like to point out that the Facebook fan page is publicly accessible and personal information that you post or provide there can be viewed by others. We can neither control nor prevent how other users of the fan page use this information.

Contacting us

Personal data are collected when you contact us (e.g. by e-mail or via the contact form on our website). Exactly what data are collected if you use a contact form is shown in the corresponding contact form. Over and above this, you may also provide further data voluntarily when reaching out to us.

This data will be stored and used solely for the purpose of replying to your query or for us and our retailer/partners to contact you, and for related technical administration purposes. The legal basis for these data being processed is our legitimate interest in answering your query, in accordance with Article 6, Paragraph 1, Point (f) of the GDPR.

If you contact us for the purpose of entering into a contract with us, Article 6, Paragraph 1, Point (b) of the GDPR constitutes a further legal basis for data processing.

When your query has been dealt with, the data will be erased. This is the case when the circumstances indicate that the issue in question has been definitively resolved and that erasing the data does not conflict with any statutory retention requirements.

Signing up for our e-mail newsletter

If you subscribe to our e-mail newsletter, we will send you regular information about our offers.

The only mandatory information required for sending the newsletter is your e-mail address. Any other information is supplied on a voluntary basis and used to address you personally. To send the newsletter, we use the “double opt-in” process. That means that we will only send you an e-mail newsletter if you have explicitly confirmed to us that you agree to it being sent. We will then send you a confirmation e-mail asking you to click on a link to confirm that you wish to receive newsletters in the future.

By activating the confirmation link, you give us your consent to use your personal data in accordance with Article 6, Paragraph 1, Point (a) of the GDPR. When you register for the newsletter, we will save your IP address as assigned by your Internet Service Provider (ISP) as well as the date and time of registration so as to trace any possible misuse of your e-mail address at a later date.

The data collected by us when you register for the newsletter will be used exclusively for promotional purposes in the form of the newsletter. You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending a message to the data controller named above. After unsubscribing, your e-mail address will immediately be deleted from our newsletter mailing list, unless you have expressly consented to the further use of your data or we reserve the right to further data use which is permitted by law and about which we inform you in this statement.

Processing of data concerning online surveys

Any personal data that you provide us during online surveys will solely be used for internal purposes, e.g. customer satisfaction analyses. No such data will be forwarded to third parties.

Your participation in the online survey is voluntary and also possible without you having to register or provide any contact details.

The legal basis for processing this data is Art. 6 Para. 1 lit. f GDPR. Our justified interest is the analysis and evaluation of your information for the improvement of our service and products.

We only store your personal data as long as necessary for the purposes for which it was collected or is prescribed by law. The retention periods may vary depending on the type of data and the purpose of its processing.

You can unsubscribe from future online surveys at any time by clicking on the link included with the invitation or by sending a corresponding email to interview@weinor.de.

Data processing during training

You can register for our training or seminars on our website. Here, various personal data is requested from you. The personal data you provide to us in the context of this registration shall only be used to process your registration and participation. No data shall be passed on to third parties.

The processing of your data within the scope of registration of and carrying out the training or seminar takes place based on Art. 6 Para. 1 lit. b GDPR and is used for preparation and implementation of the respective training or seminar.

We only store your personal data as long as necessary for the purposes for which it was collected or is prescribed by law. The retention periods may vary depending on the type of data and the purpose of its processing.

During the training, the participants shall be asked to enter their names on an attendance list. This shall solely serve the purpose of documentation and invoicing. After the event, the attendance list for the training shall be kept in the invoicing records. These documents shall be destroyed after a retention period of 10 years.

Ordering brochures/advertising material

We process your personal data within the scope of orders for brochures or advertising material for our products.

The personal data provided by you on the order form is used exclusively for processing and handling your order.

The legal basis for the processing is Art. 6 Para. 1 lit. b GDPR (pre-contractual measure). Your data is not passed on to third parties unless necessary for the fulfilment of your order (e.g. a forwarding agent).

We only store your personal data as long as necessary for the purposes for which it was collected or is prescribed by law. The retention periods may vary depending on the type of data and the purpose of its processing.

weinor partner account / Log-in area

As a weinor partner, you have to option to hold an account with us. It is prepared by us and then provided to you.

The data entered (e.g. name, E-mail address and password) is processed in order to provide you with a personal customer account and enable you to use the functions such as order history or address administration.

The legal basis for the processing is Art. 6 Para. 1 lit. f GDPR. Our vested interests are in the provision of the service, improvement of customer loyalty and customer satisfaction efficient processing of customer inquiries and orders.

The data is stored over the period during which the business relationship with you exists. Following this, the data is deleted after fulfilment of the legal retention periods. These are normally 6-10 years.

You have the following rights vis-à-vis us with regard to the data concerning you:

• Entitlement to information
• Entitlement to correction or deletion
• Entitlement to restriction of processing and
• Entitlement to data portability

Entitlement to complain to a supervisory authority

Moreover, you are entitled to complain about our processing of your data at a supervisory data protection authority. The supervisory authority directly responsible for us is:

Landesbeauftragte für Datenschutz und Informationsfreiheit
Nordrhein-Westfalen
Kavalleriestr. 2 - 4
40213 Düsseldorf

Tel.: 0211/38424-0
Fax: 0211/38424-10
E-Mail: poststelle@ldi.nrw.de