Data Protection

Data protection declaration

Data protection

We have written this data protection declaration (version 24.01.2021-321254092) to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679, what information we collect, how we use data and what options you have as a visitor to this website.

Unfortunately, it is in the nature of things that these explanations sound very technical, but we have tried to describe the most important things as simply and clearly as possible.

Automatic data storage

When you visit websites these days, certain information is automatically created and stored, including on this website.

When you visit our website as you are doing now, our web server (the computer on which this website is stored) automatically saves data such as

• the address (URL) of the website accessed
• browser and browser version
• the operating system used
• the address (URL) of the previously visited page (referrer URL)
• the host name and IP address of the device from which access is made
• date and time

in files (web server log files).

Web server log files are usually stored for two weeks and then automatically deleted. We do not pass this data on, but cannot rule out that this data will be viewed in the event of illegal behavior.

Cookies

Our website uses HTTP cookies to store user-specific data.

Below we explain what cookies are and why they are used so that you can better understand the following privacy policy.

What exactly are cookies?

Whenever you surf the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites save small text files in your browser. These files are called cookies.

One thing cannot be denied: cookies are really useful little helpers. Almost all websites use cookies. To be more precise, they are HTTP cookies, as there are other cookies for other applications. HTTP cookies are small files that are saved by our website on your computer. These cookie files are automatically stored in the cookie folder, which is basically the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies save certain user data from you, such as language or personal page settings. When you visit our site again, your browser sends the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you your usual default settings. In some browsers, each cookie has its own file, in others, such as Firefox, all cookies are saved in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “malware”. Cookies cannot access information on your PC either.

For example, cookie data can look like this:

• Name: _ga
• Expiry time: 2 years
• Use: Distinguishing between website visitors
• Example value: GA1.2.1326744211.152321254092

A browser should support the following minimum sizes:

• A cookie should be able to contain at least 4096 bytes
• At least 50 cookies should be able to be stored per domain
• At least 3000 cookies should be able to be stored in total.

What types of cookies are there?

The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the privacy policy. At this point we would like to briefly explain the different types of HTTP cookies.

There are 4 types of cookies:

Strictly necessary cookies
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues browsing on other pages and only goes to the checkout later. These cookies do not delete the shopping cart, even if the user closes their browser window.

Functional cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and behavior of the website in different browsers.

Targeted cookies
These cookies ensure better user-friendliness.

For example, entered locations, font sizes or form data are saved.

Advertising cookies
These cookies are also called targeting cookies. They are used to provide the user with individually tailored advertising. This can be very practical, but also very annoying.

When you visit a website for the first time, you are usually asked which of these types of cookies you would like to accept. And of course this decision is also saved in a cookie.

How can I delete cookies?

You decide how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option of deleting cookies, only partially allowing them or deactivating them. For example, you can block third-party cookies but allow all other cookies.

If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you don’t want cookies at all, you can set up your browser so that it always informs you when a cookie is about to be set. This way you can decide for each individual cookie whether you want to allow the cookie or not. The procedure varies depending on the browser. The best thing to do is to search for the instructions in Google using the search term “delete cookies Chrome” or “deactivate cookies Chrome” in the case of a Chrome browser, or replace the word “Chrome” with the name of your browser, e.g. Edge, Firefox, Safari.

What about my data protection?

The so-called “cookie guidelines” have been in place since 2009. They state that the storage of cookies requires your consent. However, there are still very different reactions to these guidelines within the EU countries. In Germany, the cookie guidelines have not been implemented as national law. Instead, this guideline was largely implemented in Section 15 Paragraph 3 of the Telemedia Act (TMG).

If you would like to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments from the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.

Storage of personal data

Personal data that you send us electronically on this website, such as name, email address, address or other personal information when submitting a form or comments in the blog, will be used by us together with the time and IP address only for the specified purpose, stored securely and not passed on to third parties.

We therefore only use your personal data to communicate with those visitors who expressly request contact and to process the services and products offered on this website. We do not pass on your personal data without your consent, but cannot rule out that this data will be viewed in the event of illegal behavior.

If you send us personal data by email – i.e. outside of this website – we cannot guarantee secure transmission and the protection of your data. We recommend that you never send confidential data unencrypted by email.

The legal basis according to Article 6 paragraph 1 a GDPR (legality of processing) is that you give us your consent to process the data you have entered. You can revoke this consent at any time – an informal email is sufficient, you can find our contact details in the imprint.

Rights according to the General Data Protection Regulation

According to the provisions of the GDPR, you are generally entitled to the following rights:

Right to rectification (Article 16 GDPR)
Right to erasure (“right to be forgotten”) (Article 17 GDPR)
Right to restriction of processing (Article 18 GDPR)
Right to notification – obligation to notify in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 GDPR)
Right to data portability (Article 20 GDPR)
Right to object (Article 21 GDPR)
Right not to be subject to a decision based exclusively on automated processing – including profiling – (Article 22 GDPR)
If you believe that the processing of your data violates data protection law or that your data protection rights have otherwise been violated in any way, you can contact the Federal Commissioner for Data Protection.

and Freedom of Information (BfDI).

Evaluation of visitor behavior

In the following data protection declaration we inform you about whether and how we evaluate data from your visit to this website. The evaluation of the collected data is usually anonymous and we cannot draw conclusions about you personally from your behavior on this website.

You can find out more about options for objecting to this evaluation of visit data in the following data protection declaration.

TLS encryption with https

We use https to transmit data securely over the Internet (data protection through technology design Article 25 Paragraph 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission over the Internet, we can ensure the protection of confidential data. You can recognize the use of this data transmission security by the small lock symbol in the top left of the browser and the use of the https scheme (instead of http) as part of our Internet address.

Embedded social media elements data protection declaration

We integrate elements from social media services on our website to display images, videos and texts.

By visiting pages that display these elements, data is transferred from your browser to the respective social media service and stored there. We have no access to this data.

The following links take you to the pages of the respective social media services where it is explained how they handle your data:

Instagram privacy policy: https://help.instagram.com/519522125107875
The Google privacy policy applies to YouTube: https://policies.google.com/privacy?hl=de

Facebook data policy: https://www.facebook.com/about/privacy

Twitter privacy policy: https://twitter.com/de/privacy

YouTube privacy policy

We have integrated YouTube videos on our website. This allows us to present you interesting videos directly on our site. YouTube is a video portal that has been a subsidiary of Google since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit a page on our website that has an embedded YouTube video, your browser automatically connects to the YouTube or Google servers. Various data is transferred (depending on the settings). Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all data processing in Europe.

Below we would like to explain in more detail which data is processed, why we have embedded YouTube videos and how you can manage or delete your data.

What is YouTube?

On YouTube, users can watch, rate, comment on and upload videos for free. Over the last few years, YouTube has become one of the most important social media channels in the world. So that we can display videos on our website, YouTube provides a code snippet that we have integrated into our site.

Why do we use YouTube videos on our website?

YouTube is the video platform with the most visitors and the best content. We strive to offer you the best possible user experience on our website. And of course, interesting videos are a must. With the help of our embedded videos, we provide you with other helpful content in addition to our texts and images. In addition, our website is easier to find on the Google search engine thanks to the embedded videos. Even if we place advertisements via Google Ads, Google can – thanks to the data collected – only show these advertisements to people who are interested in our offers.

What data is stored by YouTube?

As soon as you visit one of our pages that has a YouTube video embedded, YouTube sets at least one cookie that stores your IP address and our URL. If you are logged into your YouTube account, YouTube can usually assign your interactions on our website to your profile using cookies. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution or your internet provider. Other data can include contact details, any ratings, sharing content via social media or adding to your favorites on YouTube.

If you are not logged into a Google account or a YouTube account, Google stores data with a unique identifier that is linked to your device, browser or app. For example, your preferred language setting is retained. However, a lot of interaction data cannot be saved because fewer cookies are set.

In the following list we show cookies that were set in the browser in a test. On the one hand, we show cookies that were set without a logged-in YouTube user.

On the other hand, we show cookies that are set with a logged-in account. The list cannot claim to be complete because the user data always depends on the interactions on YouTube.

Name: YSC

Value: b9-CV6ojI5Y321254092-1

Purpose: This cookie registers a unique ID to save statistics on the video you have watched.

Expiry date: after the end of the session

Name: PREF

Value: f1=50000000

Purpose: This cookie also registers your unique ID. Google receives statistics about how you use YouTube videos on our website via PREF.

Expiry date: after 8 months

Name: GPS

Value: 1

Purpose: This cookie registers your unique ID on mobile devices to track the GPS location.

Expiry date: after 30 minutes

Name: VISITOR_INFO1_LIVE

Value: 95Chz8bagyU

Purpose: This cookie attempts to estimate the user’s bandwidth on our websites (with built-in YouTube video).

Expiry date: after 8 months

Other cookies that are set when you are logged in with your YouTube account:

Name: APISID

Value: zILlvClZSkqGsSwI/AU1aZI6HY7321254092-

Purpose: This cookie is used to create a profile of your interests. The data is used for personalized advertisements.

Expiry date: after 2 years

Name: CONSENT

Value: YES+AT.de+20150628-20-0

Purpose: The cookie stores the status of a user’s consent to use various Google services. CONSENT is also used for security purposes to verify users and protect user data from unauthorized attacks.

Expiry date: after 19 years

Name: HSID

Value: AcRwpgUik9Dveht0I

Purpose: This cookie is used to create a profile of your interests. This data helps to display personalized advertising.

Expiry date: after 2 years

Name: LOGIN_INFO

Value: AFmmF2swRQIhALl6aL…

Purpose: This cookie stores information about your login data.

Expiry date: after 2 years

Name: SAPISID

Value: 7oaPxoG-pZsJuuF5/AnUdDUIsJ9iJz2vdM

Purpose: This cookie works by uniquely identifying your browser and device. It is used to create a profile of your interests.

Expiry date: after 2 years

Name: SID

Value: oQfNKjAsI321254092-

Purpose: This cookie stores your Google account ID and your last login time in digitally signed and encrypted form.

Expiry date: after 2 years

Name: SIDCC

Value: AN0-TYuqub2JOcDTyL

Purpose: This cookie stores information about how you use the website and what advertising you may have seen before visiting our site.

Expiry date: after 3 months

How long and where is the data stored?

The data that YouTube receives from you and processes is stored on Google servers. Most of these servers are located in America. At https://www.google.com/about/datacenters/inside/locations/?hl=de you can see exactly where the Google data centers are located. Your data is distributed across the servers. This means that the data can be accessed more quickly and is better protected against manipulation.

Google stores the data collected for different lengths of time. Some data can be deleted at any time, others are automatically deleted after a limited period of time, and others are stored by Google for a longer period of time. Some data (such as items from “My Activity”, photos or documents, products) stored in your Google account remains stored until you delete it. Even if you are not logged into a Google account, you can delete some data associated with your device, browser, or app.

How can I delete my data or prevent data storage?

In principle, you can delete data in your Google account manually. With the automatic deletion function for location and activity data introduced in 2019, information is stored for either 3 or 18 months and then deleted, depending on your decision.

Regardless of whether you have a Google account or not, you can configure your browser to delete or deactivate cookies from Google. Depending on which browser you use, this works in different ways. The following instructions show you how to manage cookies in your browser:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you do not want to have cookies at all, you can set up your browser so that it always informs you when a cookie is to be set. This way you can decide for each individual cookie whether you want to allow it or not.

Since YouTube is a subsidiary of Google, there is a joint privacy policy. If you want to find out more about how your data is handled, we recommend that you read the privacy policy at https://policies.google.com/privacy?hl=de.

Source: Created with the data protection generator from AdSimple in cooperation with justmed.de