Privacy Notice

Please note that the German version of the privacy notice is authoritative. The English version is for information purposes only.

1. Scope and contact information

        1.1. Contact information

        1.2. Scope

        1.3. Third party offers

2. Glossary - Definition of terms

        2.1. Personal data

        2.2. Processing

        2.3. Profiling

        2.4. Pseudonymisation

3. General information on data collection and processing when using our services

        3.1. Purpose

        3.2.  Legal basis

        3.3. Data transmission to third parties

        3.4. Storage and deletion of data

        3.5. Obligation to provide personal data

        3.6. Automated decision-making and profiling

        3.7. Data security

4.  Your data protection rights

        4.1. Revocability of consent given at any time

        4.2. Right to information

        4.3. Right to rectify inaccurate personal data

        4.4. Right to erasure of personal data

        4.5. Right to restriction of data processing

        4.6. Right to data transfer

        4.7. Right to logde an objection at any time

        4.8. Possibility of objection in the case of direct advertising

5. Purpose of processing - Fraport processes your personal data for the following purposes

        5.1. Data processing in the context of contact requests for services or other concerns

        5.2. Data processing for advertising purposes - newsletter, competitions, personalised advertising

        5.3. Data processing for the creation and management of the customer account

6. Data processing for the execution & initiation of contracts

        6.1. Purchase of goods or services via the online trading platform

        6.2. Booking a parking space via the Frankfurt Airport Parkenshop

        6.3. Booking a parking space via the Frankfurt Airport Aboshop

        6.4. Purchase of tickets for airport tours and admission to the Fraport Visitor Center via the Fraport Visitor Service online webshop

        6.5. Submitting a booking request of VIP handlings via the VIP service website

        6.6. Purchase of gate to gate services via the online webshop

        6.7. Booking requests for MyAirport Guide escort services by FraSec Services GmbH at Frankfurt Airport via Fraport AG's online webshop

7. Website visit and IT tools

        7.1. Necessary collection of personal data for the correct operation of the websites

        7.2. Cookies and Internet and tracking technologies

        7.3. Use of cookies and tracking technologies, lega basis and purpose

8. Cookie and tracking technologies used

        8.1. Usercentrics Consent Management Platform (Essential)

        8.2. ChatBot (Functional)

        8.3. Google Analytics (Functional)

        8.4. Google Analytics 4 (Functional)

        8.5. Google Tag Manager (Functional)

        8.6. SAS CI360

        8.7. Searchperience (Functional)

        8.8. Sherpa (Functional)

        8.9. AWIN (Marketing)

        8.10. Bing Ads (Marketing)

        8.11. Criteo (Marketing)

        8.12. DoubleClick Floodlight (Marketing)

        8.13. Facebook Pixel (Marketing)

        8.14. Google Ads Conversion Tracking (Marketing)

        8.15. Google Ads Remarketing (Marketing)

        8.16. Twitter Conversion Tracking (Marketing)

        8.17. usemax advertisment (Marketing)

        8.18. YouTube Video (Marketing)

           


1. Scope and contact information

Fraport AG Frankfurt Airport Services Worldwide ("Fraport", "we", "us"), with its registered office in Frankfurt am Main, Germany, is the data controller for the processing of personal data relating to you.   

Fraport AG Frankfurt Airport Services Worldwide

60547 Frankfurt am Main

Executive Board: Dr Stefan Schulte (Chairman), Anke Giesen, Julia Kranenberg, Dr Pierre Dominique Prümm, Dr Matthias Zieschang

Frankfurt am Main Local Court, HRB 7042

Phone: +49 69 690-0

Mail: info@fraport.de

Contact details of the data protection officer: You can reach Fraport's data protection officer at datenschutz@fraport.de.   

This data protection declaration applies to the websites operated by Fraport at www.frankfurt-airport.de and www.frankfurt-airport.com, the corresponding (mobile) web services and the services and functions offered via these websites:  

  

  

  • Travel homepage (frankfurt-airport.com)
    Thetravel homepage informs website visitors about what Frankfurt Airport has to offer, such as flights, restaurants, shops and the other infrastructure of Frankfurt Airport.
  • Online trading platform (shop.frankfurt-airport.com)
    On the online trading platform, goods and services of traders located at Frankfurt Airport are offered for sale, including delivery of the goods within Germany. Purchases can be made as a guest or as a registered customer.    
  • Parking Webshop (parken.frankfurt-airport.com)
    Users can reserve and pay for parking spaces at Frankfurt Airport for the period of their choice via the Parking Webshop. The contract can be processed as a guest or as a registered user.    
  • Service Shop (serviceshop.frankfurt-airport.com)
    In the Service Shop you can purchase services offered at Frankfurt Airport.
  • Fraport Conference Center
    The Fraport Conference Center offers services relating to meeting and conference facilities.
  • Visitor Services
    Visitor Services offers airport tours and operates the Visitor Terrace in Terminal 2 and the Visitor Centre in Terminal 1. Tickets for the services can be booked via the website.
  • VIP services (vip.frankfurt-airport.com)
    The VIP service offers you exclusive assistance for departure, arrival or transfer at Frankfurt Airport.
  • The user account "Fra-ID" (account.frankfurt-airport.com)
    Fraportallows you to create a user account. This user account allows you to centrallymanage your purchases, reservations and entered data. You can regularly use the services  described above without having to register or identify yourself
    The  offer platform (pass.frankfurt-airport.com)  is part of the user account and offers vouchers for download for fully  registered Fra-ID holders. These can be redeemed at various shops on the site.

  

In addition, Fraport includes links to third-party websites or content on some websites, for example YouTube or the lost property office site operated by FraAlliance GmbH. These are third-party offers, which Fraport will make clear to you at the appropriate point. For these offers, the website or offer provider's own separate data protection regulations regularly apply. In these cases, please refer to the information on the corresponding websites or within the corresponding offers for the corresponding data protection information.   


2. Glossary - Definitions of terms

We want our privacy policy to be readable and understandable for the public, but also for our customers. To ensure this, we would first like to explain some of the terms used by the European legislator in the context of the General Data Protection Regulation (GDPR).  

Personal data is any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person is a person who can be identified, directly or indirectly, by reference to, for example, a name, address details, identification number such as a vehicle registration number, account details, etc., or to one or more particular characteristics of a physical, physiological, genetic, mental, economic, cultural or social nature.

Processing is any operation performed with or without the aid of automated procedures in relation to personal data, such as collection, recording, extraction, consultation and use. It also includes disclosure by transmission, dissemination or any other form of making available, alignment, combination, restriction or erasure or destruction.

Profiling is any type of automated processing of personal data which consists of using that personal data to analyse or predict certain personal aspects relating to a natural person, to include aspects relating to that natural person's performance at work, economic situation, personal preferences, health, interests, behaviour, location or change of location.  

Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.


3. General information on data collection and processing when using our services

Fraport processes personal data of website visitors to the extent that this is actually necessary for the provision of a functional website, the website content and for the fulfilment of the desired service and contract performance.

Fraport processes your personal data for the purpose of providing the requested services. The specific personal data processed in the context of your requested service can be found under the relevant service in section IV of this data protection declaration.

Insofar as Fraport has obtained the consent of the data subject for the processing of personal data, Article 6 (1), sentence 1 a) of the DSGVO shall apply as the legal basis.   

If the processing of personal data is necessary for the performance of a contract with the data subject or for pre-contractual measures initiated by the data subject, Article 6(1)(b) DSGVO serves as the legal basis.   

If the data processing is the result of a legal obligation to which we are subject, Fraport relies on Article 6 (1) c) of the GDPR as the legal basis.   

Insofar as the processing of personal data is necessary to protect the legitimate interests of Fraport or a third party - without jeopardising the interests, fundamental rights or freedoms of the data subject - Article 6 (1), sentence 1 f) DSGVO applies as the legal basis.  

Data is only passed on if this is necessary for the performance of the contract or to protect the legitimate interests of Fraport. This is the case, for example, if we commission companies (such as technical service providers, travel service providers, logistics service providers) with the performance of corresponding services in order to enable the performance, operation, security and availability of our services.   

If, for example, you book travel services (e.g. flight or hotel offers) or order other services (e.g. tours or airport visits) via a booking mask included in our services, we collect the data necessary to fulfil your booking request and implementation and pass this on to third parties (e.g. airlines, travel agencies, etc.) to the extent necessary to fulfil your request. In individual cases, further data protection conditions may apply to these services and related services provided by third parties (e.g. data processing by an airline). For details, please refer to the information provided by the respective providers.  

We also pass on data to third parties if we are legally obliged to do so (e.g. in the case of official enquiries).  

All personal data that Fraport collects and stores is automatically deleted as soon as the purpose for collecting it has been fulfilled and there is no legal obligation to continue storing it. We delete or anonymise your data as soon as the legally required retention period has expired. The specific storage periods for the corresponding services you have used can be found in the specific descriptions of data processing under section IV of this data protection declaration.   

The collection of your personal data is indispensable for the conclusion of a contract as well as for the fulfilment of your enquiry, service and/or contractual obligations. If you do not provide us with the requested information, neither the fulfilment of your request, a successful conclusion of a contract nor further services will be possible. You voluntarily provide us with personal data that is neither required by law nor necessary for the performance of the contract for the provision and use of the services you have selected.   

You are not subject to a decision based solely on automated processing - including profiling - as a result of the processing of your data.   

Protecting the information you give us or that we receive about you is a top priority for us. Our websites use the widely used SSL (Secure Socket Layer) procedure in conjunction with the highest level of encryption supported by your browser (usually 256-bit encryption). If your browser does not support this encryption, 128-bit v3 technology is used. You can tell whether the contents of our website are transmitted in encrypted form by the fact that a key or lock symbol is displayed in the lower status bar of your browser.

The SSL certificates are issued by Entrust Certification Authority - L1K.

Fraport also uses suitable technical and organisational security measures to prevent accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties as far as possible. Fraport continuously adapts these measures in line with technological developments.   


4. Your data subject rights

As a data subject within the meaning of the GDPR, you are entitled to assert the following rights vis-à-vis Fraport at datenschutz@fraport.de. These are the right to information, the right to
correction, the right to deletion, the right to restriction of processing, the right to object and, in certain cases, a right to data portability. Finally, you have the right to lodge a complaint with a competent supervisory authority if you believe that the processing of personal data concerning you violates data protection law (for Hesse, this is the Hessian Commissioner for Data Protection and Freedom of Information in Wiesbaden, www.datenschutz-hessen.de).  

If you have given us consent for certain data processing pursuant to Art. 6 (1) a) DSGVO or Art. 9 (2) a) DSGVO, you are entitled to revoke this consent at any time in writing to Fraport AG at datenschutz@fraport.de without affecting the lawfulness of the processing carried out on the basis of the consent until the revocation.

You have the right to request confirmation from Fraport as to whether it is processing personal data relating to you. You can also request information about the personal data processed. If you request this, the controller must provide you with further information about the data processing as specified in Article 15 of the GDPR.

  

You have the right to demand that Fraport immediately correct any inaccurate personal data relating to you and/or complete any incomplete personal data.  

You have the right to request Fraport to delete personal data relating to you without delay if it is no longer required for the purposes pursued. Art.17 DSGVO also provides for other reasons that give you the right to have the personal data relating to you deleted.  

Article 18 of the GDPR regulates certain situations in which you have the right to request a restriction of data processing. This applies in particular in the event that you object to the processing of personal data relating to you. For the duration of the review, you can make use of your right to restriction of data processing in accordance with Art.18 DSGVO.  

Under the conditions of Art. 20 DSGVO, you have the right to data portability. This includes the right to receive personal data relating to you that you have provided to Fraport in a structured, common and machine-readable format and the right to transfer this data to other data controllers without hindrance. Where technically feasible, you may also request that the data be transferred directly to another controller.  

In addition to the aforementioned right to withdraw consent given to Fraport at any time, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6 (1), sentence 1 e) or f) DSGVO; this also applies to profiling based on these provisions. The personal data will then no longer be processed by Fraport unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms. Even if the processing serves the assertion, exercise or defence of legal claims, Fraport may continue to process personal data relating to you.   

You may object to the use of your personal data for direct marketing purposes at any time by contacting Fraport AG, Frankfurt Airport, 60547 Frankfurt am Main, Germany, or at datenschutz@fraport.de, even if and to the extent that such use is based on a legitimate interest of Fraport.    


5. Purposes of processing - Fraport processes your personal data for the following purpose

You can contact Fraport via our website in various ways. For example, via contact forms on the respective service websites, e-mail or by calling one of our service numbers. Our customer service is available for all questions regarding shops and gastronomy, online orders via the online trading platform at service@frankfurt-airport-shops.com or 069-79540540, and for car park bookings at parken.online@fraport.de.  

If you make use of these options for an enquiry, the personal data contained in the input mask of the contact form or stated in your e-mail to us or during a telephone call will be stored. Fraport only uses the processing of your personal data from an input mask, e-mail or telephone call to process your enquiry.

The legal basis for the processing of data when contacting us via the contact form is the consent of the user in accordance with Art.6 Para.1 a) DSGVO. You give your consent to the processing of the data during the submission process of the contact form. You can revoke your consent to the processing of personal data at any time. In such a case, the conversation, in particular the processing of an enquiry, cannot be continued. When contact is made by e-mail or telephone, Fraport has the necessary legitimate interest to collect the data for processing the enquiry and to store it in accordance with Art.6 para.1 f) DSGVO. Both points of contact are carried out by the same Fraport processor, with whom Fraport has concluded a processing agreement in accordance with Art. 28 DSGVO.

As a rule, no data is passed on to third parties unless this is absolutely necessary for the proper processing of your enquiry. This could be the case, for example, if you have a question about an order placed on the online trading platform and we need to forward your enquiry to the respective retailer with whom you have concluded a purchase contract for clarification. All personal data stored in the course of contacting us will be automatically deleted two months after the last contact.   

Receipt of newsletters
We also offer you the opportunity to register (even without a customer account) on our websites for newsletters, such as the Frankfurt Airport B2C Retail Newsletter. If a newsletter for which you can register on our pages is not a newsletter for which Fraport is responsible, we will make this clear before registration.
We will only send newsletters if you have previously consented to receive them at the e-mail address you have provided. You can revoke your consent at any time free of charge to Fraport AG, Frankfurt Airport, 60547 Frankfurt am Main at datenschutz@fraport.de, by making settings in your customer account or by pressing the revocation link in any advertising mail received, with effect for the future, without the legality of the processing carried out on the basis of the consent up to the revocation being affected.    

The legal basis for this data processing is Art.6 para.1a) DSGVO. After entering your e-mail address in the corresponding form, you will receive a notification e-mail from Fraport with a confirmation link. By clicking on this link, you confirm that you have actually ordered and wish to receive the newsletter.   Only when you have clicked on this link are you entered in our distribution list for sending the e-mail newsletter (so-called double opt-in procedure). You give the following consent:  

"By clicking the "Register" button, I consent to Fraport AG Frankfurt Airport Services Worldwide, 60547 Frankfurt am Main, collecting, storing and using the personal data I have provided here for the purpose of sending me the newsletter I have requested. I would like to receive the Frankfurt Airport B2C Retail Newsletter from Fraport AG by e-mail. In this newsletter, I would like to be informed about offers, promotions and news concerning Frankfurt Airport. This includes shopping on site at Frankfurt Airport as well as online on the online retail platform, special offers for visitors and travellers such as parking facilities, conference offers, tours, etc. and information on new free as well as paid attractions.

I am aware that I have the right to revoke my consent at any time. I can do this in my customer account - if available - as well as via links at the end of each newsletter e-mail or by sending an e-mail to datenschutz@fraport.de. The revocation of consent does not affect the lawfulness of the processing of the above-mentioned personal data, which took place on the basis of the consent until its revocation; rather, the revocation of my consent only affects the future. If I refuse to give my consent or revoke my consent in the future, the newsletter/information e-mail to which I have subscribed can no longer be sent to me."

In addition, you can activate personalised newsletter tracking by clicking the checkbox when ordering the newsletter. You hereby give the following consent:  

"I allow Fraport to record and evaluate my personal usage behaviour in the newsletter in order to better tailor the content to my personal interests and preferences. This also includes the analysis through individual measurement, storage and evaluation of opening rates and the click rates in recipient profiles for the purpose of designing future newsletters according to the interests of our readers. I am aware that I can revoke this consent at any time with effect for the future - if available - in the customer account as well as by means of links at the end of each e-mail."

When registering for a customer account and later in your account settings, you have the option of agreeing to receive certain types of newsletters and to be contacted by Fraport for customer satisfaction surveys, market surveys and opinion polls. By clicking on the checkbox, you consent to receiving the Fraport newsletters you have selected to your e-mail address. By activating the corresponding checkbox, you agree that Fraport may use your contact data as described above for customer care and advertising purposes.

Insofar as further declarations of consent are required for the implementation of advertising measures, the measures shall only be carried out after obtaining the corresponding consents. The right to use personal data (inter alia for the implementation of advertising measures) on the basis of legal permissions or separately obtained declarations of consent remains unaffected by the above declaration of consent or its revocation.  

  

Raffles
If you register to participate in competitions organised by Fraport, we will use the data you provided during the respective registration for the purpose of conducting the competition, in particular to notify you of the prize in accordance with Art.6 para.1 b) DSGVO. Only the data actually necessary for the execution of the competition, such as first name, surname and contact details, will be collected. Your personal data will be deleted immediately after the end of the competition, unless you have expressly given Fraport your consent to receive advertising, e.g. to your e-mail address, in accordance with Art.6 Para.1 a) DSGVO as part of your participation in the competition.   In addition, we may send you vouchers, discounts, etc. to your e-mail address, provided that you have also expressly consented to such receipt in advance. For legal reasons, Fraport may not send you any such advantage offers/vouchers or newsletters without your express consent. Fraport will always inform you of the exact conditions of participation together with the respective competition.

  

Personalised advertising
Fraport is entitled to use stored data about you, e.g. the categories of goods purchased (e.g. "watches") or services purchased from us, for the personalisation of advertising materials (e.g. e-mail, banners on the website). The data is used for this purpose exclusively in a highly pseudonymised form. Our aim is to send you advertising that is geared solely to your actual or perceived needs and accordingly not to bother you with useless advertising. The legal basis for this data processing is Art. 6 (1) f) DSGVO, provided that no cookies or tracking technologies are used. If cookies or tracking technologies are used, the use of your personal data for advertising purposes is based on the consent(s) given for this purpose (cf. Art. 6 para. 1 sentence 1 a) DSGVO and section 2 below).  

For the convenient administration of purchases made, bookings as well as individual settings for the receipt of newsletters and vouchers for all our services, website users have the option of setting up a central personal user account for the services mentioned in section I.   

You can open the customer account either during a booking or purchase process via our services or without a purchase process at https://account.frankfurt-airport.com in various ways.   

  

Types/categories of personal data

Create the account

Normal required account creation via email address:
When registering as part of the account creation process, we will ask you for your first name, last name, email address and ask you to set a password.    

Registration with Facebook:
The "Facebook Login" service is offered in the EU by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. Depending on your personal data protection settings on Facebook and the information stored there, the general and publicly accessible information stored on the user's profile is transferred from Facebook to the user account when the Facebook Login is used. This includes: First name, last name, email address, profile picture. We do not transfer any personal data of the user from the customer account to Facebook Login. Nevertheless,   Facebook becomes aware that your Facebook Login has been used to create an account or log in to your customer account on our website. For more information, please see Meta Platforms Ireland Limited's Terms of Use and Privacy Policy. (https://www.facebook.com/legal/terms?ref=pf)  


Registration with Google:
Registration with Google is offered in the EU by Google Ireland Limited Gordon House, Barrow Street, Dublin 4, Ireland. Depending on the personal data protection settings at Google and the information stored there, the general and publicly accessible information stored on the user's profile is transferred to the user account by Google when the Google login is used. This includes: First name, last name, email address. Fraport does not transmit any personal data of the user from the customer account to Google. Nevertheless, Google will be aware that your Google login has been used to create an account or log in to your customer account on our website. Further information can be found in the terms of use and privacy policy of Google Ireland Limited (https://policies.google.com/privacy?hl=en).  


Register with Apple:
"Sign up with Apple" is offered in the EU by Apple Distribution International Ltd,Hollyhill Industrial Estate, Hollyhill, Cork, Republic of Ireland. When you first sign up, Apple will only provide the following information: First name, last name, email address. Fraport does not transmit any personal data of the user from the customer account to Apple. However, Apple will know that your Apple login has been used to create an account or log in to your account on our website. For more information, please see the Apple Distribution International Ltd. terms of use and privacy policy (https://www.apple.com/de/legal/privacy)    

  

Manage the account
The user can enter and edit their personal master data (first name, last name, Miles & More card number, date of birth, country, e-mail address) in the My Profile area.
In addition, the user can store any number of addresses and also delete them again. The address data entered there can then be used when booking the various services (e.g. the online trading platform) so that address data does not have to be entered there again. As part of the account management, the user can give Fraport permission to receive certain newsletters and newsletter tracking, as well as provide further details on individual preferences in order to receive advertising from Fraport that is tailored to the user.    

If the user has made orders or digital bookings via the online trading platform, these can be viewed in his personal account and, depending on the case, also cancelled.   

  • Orders on the online trading platform: The customer's order data (order number, billing address, e-mail address, ordered items) are displayed in the account. Furthermore, in the case of online purchases (delivery to one address), the customer can download the merchant's invoice as a pdf file and display the shipping address and tracking number of the parcel service provider.    
  • Ordering parking space bookings: The customer's order data (see section "Parking space booking") is displayed in the account. In addition, the customer has the option in the self-service to resend his entry ticket and invoices.    

  

Transmission to third parties

No personal data will be transmitted to third parties.

  

Legal basis

The collection and processing of personal data is based on Art. 6 (1) sentence 1 a) DSGVO. You have given us your consent to the processing of personal data by creating your customer account.

  

Location  

All your personal data is stored in the EU. Your data is stored at the Fraport data centre in Frankfurt Main, the West Europe Azure Cloud and the Datacenter EU of our service provider SAP Deutschland SE, Hasso Plattner Ring, 69190 Walldorf.   

  

Retention period and deletion:  

Your personal data will be stored in the account until you delete the customer account.
Please note that Fraport will continue to store your contract or invoice data even after your account has been deleted in order to comply with statutory retention obligations.

  


  


6. Data processing for the execution & initiation of contracts

When purchasing goods or services via the online trading platform, Fraport collects and processes your personal data for the purpose of executing the purchase contract in accordance with Art.6 para.1 sentence 1 b) DSGVO. On this basis, Fraport only collects personal data that is actually necessary for the initiation, execution and termination of a contract between you and Fraport. Failure to provide the necessary data will result in us not being able to offer or provide you with the services offered by us or third parties, or not to the full extent.

Depending on the selected items or delivery methods (Click & Collect), you may be required to provide details of your flight.   

  

Types/categories of personal data

Purchase of products and delivery to an address  
In the case of delivery to a desired address, we collect from you a title, first and last name, e-mail address (for sending the necessary order e-mails), Miles & More service card number (optional) as well as address data for billing and delivery address (if different), data on the purchase (e.g., order number, invoice amount, item).

Reservation for our Click & Collect service as a passenger  
If you order items as a passenger for your flight and would like to pick them up at Frankfurt Airport before your departure, we collect from you a title, first and last name, e-mail address (for sending the necessary order e-mails), reservation data (e.g., order number, invoice amount, item), Miles & More service card number (optional), and your flight information (flight date, departure time or arrival time, flight number, airline, gate,   destination). We collect this information for your flight booking and check the transmitted details against an internal flight database operated by Fraport to determine the ideal pick-up location and pick-up time for your goods at Frankfurt Airport or to check the availability of goods at your departure gate.

Reservation for our Click & Collect service as a non-traveller
If you order items as a non-traveller (e.g. visitor to the airport), we will generally make the items available to you in the public area of the terminal before the security or border controls. For this purpose, we record a title, first and last name, e-mail address, Miles & More service card number (optional) and reservation data (e.g. order number, invoice amount, item).

In principle, we reserve the right to check whether your order meets the contractual requirements for reservations/purchases on the online trading platform (for example, commercial resales are prohibited).

If you have a customer account (see chapter "Creating and managing the customer account"), we will also save your address data entered in the checkout forms as a selectable address in the account - if you expressly wish to do so using the checkbox ("Save address in profile"). You can then conveniently select this address in the order process for further orders.

  

Transmission to third parties

To process your orders, your data (see above) will be transmitted to the respective retailer. If you have ordered from more than one retailer within one purchase, each retailer will only see those items that were purchased/reserved from them.

For delivery to your desired address, the seller forwards the delivery address to the logistics company or shipping partner commissioned by him.

  

Payment service provider

If a payment is necessary, this is made via independent third parties to whose website you are redirected to process the payment. Fraport itself does not make any payments. Credit card payments are processed by Payone GmbH, Germany. Payments with Paypal are processed by PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg.

  

Legal basis  

In principle, the legal basis for processing your personal data is Art.6 para. 1 p.1 b (purpose of the contract).

  

Location

Your data is stored on Amazon Web Services servers located in Frankfurt am Main, the Fraport data centre located in Frankfurt am Main and the West Europe Azure Cloud. If you have a customer account, your addresses will be stored in SAP's Datacenter EU.

  

Service provider  

Omnevo GmbH, Kirchgasse 6, 65185 Wiesbaden operates the online trading platform and its underlying systems. Fraport has concluded an order processing agreement with the aforementioned service provider in accordance with Art. 28 DSGVO.

  

Retention period and deletion

We keep your personal data relating to your orders for six years due to the legal obligation to retain them and anonymise them on 31.12. of the sixth year. Example: If you place an order on 15.05.2022, we will anonymise your data on 31.12.2028.  

When booking a parking space via the Parking Shop, Fraport collects and processes your personal data for the purpose of executing the contract in accordance with Art.6 Para. 1 S.1 b) DSGVO. On this basis, Fraport only collects personal data that is actually necessary for the initiation, execution and termination of a contract between you and Fraport. Failure to provide the necessary data will result in us not being able to offer or provide you with the services offered by us or third parties, or not to the full extent.   

  

Types/categories of personal data

In the case of a car park booking, we collect from you a title, first and last name, e-mail address (for the digital dispatch of the necessary documents and confirmations), booking data (e.g., booking number, reserved time/space, invoice amount). Optionally, you can provide us with your Miles & More service card number and a billing address if you wish to receive an invoice.

If you have a customer account (see chapter "Creating and managing a customer account") and log in to the Parkenshop with it, we will fill in the data stored in the customer account for you, such as title, first name, surname and address.

  

Transmission to third parties  

No data will be passed on to third parties.

  

Payment service provider  

Payment is made via independent third parties to whose website you are redirected to process the payment. Fraport itself does not make any payments. Credit card payments are processed by VR-Payment GmbH, Germany. Payments with PayPal are processed by Paypal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg.  

  

Legal basis    

In principle, the legal basis for processing your personal data is Art.6 para. 1 p.1 b) (purpose of the contract) DSGVO.

  

Storage location  

For the provision of the Frankfurt Airport Parkenshops service, data is stored by the service providers on servers in Germany and the EU with a comparable level of data protection on the basis of concluded order processing agreements.   

  

Service provider  

Syzygy Deutschland GmbH, Horexstraße 28, 61352 Bad Homburg v.d.H. operates the Frankfurt Airport Parkenshop and its underlying
system.     

Dr. toews, IT-Lösungen, St. Valentinstr. 11, 67271 Mertesheim operates the corresponding booking management system.

Fraport has concluded a contract processing agreement with the aforementioned service providers in accordance with Art. 28 DSGVO.

  

Retention period and deletion  

We keep your booking data for ten years due to legal retention obligations. Example: If you make a car park booking on 15.05.2022 for the period 01.06. to 15.06.2022, we will delete your data on 01.01.2033.  

In the subscription shop, you have the option of submitting an application for a parking agreement for one or more parking spaces. Fraport processes your personal data to initiate the contract in accordance with Article 6 (1) sentence 1 b) DSGVO. On this basis, Fraport only collects personal data that is actually necessary for the initiation of a contract between you and Fraport. Failure to provide the necessary data will result in us not being able to offer or provide you with the services offered by us or third parties, or not to the full extent.

  

Types/categories of personal data

When you submit the application, we record your title, first and last name, telephone number, e-mail address (for sending the necessary confirmations and contract documents) as well as the billing and delivery address and, if applicable, the company address. In addition, we record the first and last name of the parking card user as well as the vehicle registration number of the vehicles.

  

Transmission to third parties  

None of your data will be passed on to third parties.

  

Payment service provider  

If a contract is concluded, payment will be made on account. The invoice will be issued by Fraport AG. Your billing address will be stored for this purpose

  

Legal basis    

In principle, the legal basis for processing your personal data is Art.6 para. 1 p.1 b) DSGVO (purpose of the contract).

The legal basis for the data of the parking card user, including the vehicle registration number, is Art. 6 para. 1 p. 1 f) (legitimate interest). We use this data to make the parking card assignable to a user/vehicle.

  

Location  

For the provision of the Frankfurt Airport Aboshop service, data is stored by the service provider on servers in Germany and the EU with a comparable level of data protection.

  

Service provider  

Syzygy Deutschland GmbH, Horexstraße 28, 61352 Bad Homburg v.d.H. operates the Frankfurt Airport Aboshop and its underlying system.  

Dr. toews, IT-Lösungen, St. Valentinstr. 11, 67271 Mertesheim operates the corresponding administration system.

Customer service is provided by Zwei Löwen Mediawerk GmbH, Hafenweg 46-48, 48155 Münster.     

Fraport has concluded a contract processing agreement with the aforementioned service providers in accordance with Art. 28 DSGVO.

  

Retention period and deletion  

If a contract is concluded, we keep your personal data relating to your contract for the entire term of the contract and for ten years after termination of the contract due to the statutory retention obligations. Example: If you conclude a contract on 15.05.2022 with a term from 01.06.2022 to 31.08.2022, we will delete the contract data on 01.01.2033.  

When purchasing tickets for airport tours and admission to the Fraport Visitor Centre via the Fraport Visitor Service online webshop, Fraport collects and processes your personal data for the purpose of executing the purchase contract in accordance with Art.6 para. 1 sentence 1 b) DSGVO. On this basis, Fraport only collects personal data that is actually necessary for the initiation, execution and termination of a contract between you and Fraport. Failure to provide the necessary data will result in us not being able to offer or provide you with the services offered by us or third parties, or not to the full extent.   

  

Types/categories of personal data

To purchase a ticket for an airport tour or the Fraport Visitor Centre, we collect your title, company name, first and last name, billing address, telephone number, purchase data (e.g., order number, invoice amount, services/articles booked) and e-mail address of the person making the booking as well as the name(s) of the possible accompanying person(s).

    

Transmission to third parties  

Your data will not be transferred to third parties at any time.

  

Payment service provider  

If a payment is necessary, this is made via independent third parties to whose website you are redirected to process the payment. Fraport itself does not make any payments. Credit card payments are processed by the company VR Payment. Payments with PayPal are processed by PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg.   

  

Legal basis    

In principle, the legal basis for processing your personal data is Art.6 para. 1 p.1 b) DSGVO (purpose of the contract).   

For the name(s) of the possible accompanying person(s), Art.6 para. 1 p.1 f) DSGVO is the legal basis (legitimate interest). We use this data to ensure that the correct participants take part in the respective tour or visitor group.

    

Location  

Your data is stored at the Fraport data centre in Frankfurt Main and on servers operated by Plus.line AG in Frankfurt Main.

  

Service provider  

BEMBEL GmbH, Große Rittergasse 88, 60594 Frankfurt develops and maintains the online shop of the Fraport Visitor Service and underlying systems.   

Fraport has concluded an order processing agreement with the aforementioned service provider in accordance with Art. 28 DSGVO.

  

Retention period and deletion  

We keep your personal data relating to your orders for six years due to the legal obligation to retain them and anonymise them on 31.12. of the sixth year. Example: If you place an order on 15.05.2022, we will anonymise your data on 31.12.2028.     

If users submit an offer request regarding VIP handling via the website, Fraport collects and processes your personal data for the purpose of processing the offer request in accordance with Article 6 (1) sentence 1 b) of the German Data Protection Regulation (DSGVO). On this basis, Fraport only collects personal data that is actually necessary to initiate the contract between you and Fraport. Failure to provide the necessary data will result in us not being able to offer or provide you with the services offered by us or third parties, or not to the full extent.

  

Types/categories of personal data

To check the offer request for VIP handling, Fraport records the flight data (date and flight number), title, first and last name of the passengers. In addition, information can be provided on whether the passenger is a small child (<2 years) or whether there are (currently) any mobility restrictions. We use this data to optimally tailor our services to your needs, for example to provide suitable child seats or vehicles for your transport. In addition, we record the title, first and last name, telephone number and e-mail address of the person making the enquiry (client).

  

Transmission to third parties  

No personal data will be transmitted to third parties for the purpose of reviewing the offer request and submitting a contract offer.   

  

Legal basis    

In principle, the legal basis for processing your personal data is Art.6 para. 1 p.1 b (purpose of the contract).

The legal basis for the passenger information is Art. 6 para. 1 p. 1 f) DSGVO. We need this data to be able to provide you with a suitable offer for   VIP handling (e.g. type and number of vehicles required, child seats).

  

Location

For the provision of the service(s) specified in the VIP booking form, data is stored by the service provider on servers in Germany and the EU with a
comparable level of data protection.

Your data is stored at the Fraport data centre in Frankfurt Main and on the servers of Plus Line AG in Frankfurt Main.

  

Service providers and authorities

House of Yas GmbH, Sechtemer Straße 5, 50968 Cologne operates the booking form. Fraport has concluded an order processing agreement with the aforementioned service provider in accordance with Art. 28 DSGVO.

  

Retention period and deletion  

If a contract is concluded, we will retain your personal data relating to your order for six years on the basis of the statutory retention obligation
and anonymise it on 31.12. of the sixth year. Example: If you place an order on 15.05.2022, we will anonymise your data on 31.12.2028. If no contract is concluded, we will delete your personal data immediately after rejecting the booking request.

When you purchase a gate-to-gate service via the online webshop, Fraport collects and processes your personal data for the purpose of executing the purchase contract in accordance with Art.6 para. 1 sentence 1 b) DSGVO. On this basis, Fraport only collects personal data that is actually necessary for the initiation, execution and termination of a contract between you and Fraport. Failure to provide the necessary data will result in us not being able to offer or provide you with the services offered by us or third parties, or not to the full extent.   

    

Types/categories of personal data

For the purchase of a gate to gate service, the data processed is the passenger's first and last name, flight data (booking code, departure airport, flight number arrival, flight number departure, destination airport), and telephone number.

We collect the following data from the person making the booking: title, first name, surname, billing address (street and house number, postcode, town,
country), e-mail address, purchase data (e.g. order number, invoice amount, service booked).

  

Transmission to third parties

The data is not transmitted to third parties at any time.

    

Payment service provider

If a payment is necessary, this is made via independent third parties to whose website you are redirected to process the payment. Fraport itself does not make any payments. Credit card payments and Sepa direct debit procedures are carried out by the company VR Payment.   

    

Legal basis    

In principle, the legal basis for processing your personal data is Art.6 para. 1 p.1 b) (purpose of the contract).   

If the travellers are not or not only the person making the booking, the legal basis for processing this personal data is Art. 6. para. 1 p. 1 f) (legitimate interest). We need this data to be able to offer you the right service and to identify or contact the travellers on site.

  

Location

Your data is stored at the Fraport data centre in Frankfurt Main and on servers operated by Plus.line AG in Frankfurt Main.

    

Service providers and authorities

BEMBEL GmbH, Große Rittergasse 88, 60594 Frankfurt, Germany, develops and maintains the online shop and underlying systems. Fraport has concluded an order processing agreement with the aforementioned service provider in accordance with Art. 28 DSGVO.

    

Retention period and deletion  

We keep your personal data relating to your orders for six years due to the legal obligation to retain them and anonymise them on 31.12. of the sixth year. Example: If you place an order on 15.05.2022, we will delete your data on 31.12.2028.    

In the case of booking requests for MyAirportguide escort services at Frankfurt Airport via Fraport AG's online webshop, FraSec Services GmbH collects and processes your personal data for the purpose of executing the purchase contract in accordance with Art.6 para. 1 sentence 1 b) DSGVO. On this basis, FraSec Services only collects personal data that is actually necessary for the initiation, execution and termination of a contract between you and FraSec Services. Failure to provide the necessary data will mean that we will not be able to provide the services we offer to you.  
  

      

Type of data  


The following data is processed for booking requests: Salutation, title, company name, first and last name, address, VAT ID number, telephone number, e-mail address of the person making the booking as well as name(s), age and telephone number(s) of the person(s) to be accompanied. Pseudonyms may be used for the names of the persons to be accompanied, provided that the Passengers have been informed of this by the Ordering Party. Telephone numbers of the guests are optional.

  

Transmission to third parties     

Your data will not be transmitted to third parties at any time. Fraport AG merely provides the platform for FraSec Services GmbH and does not collect any personal data itself.

      

Payment service provider    

Where payment is required, this is made via independent third parties to whose website you are directed to process the payment. FraSec Services itself does not make any payments. Credit card payments and, if offered, SEPA direct debit mandates are carried out by the company VR Payment.   

      

Legal basis      

In principle, the legal basis for processing your personal data is Art.6 para. 1 p.1 b (purpose of the contract).  

If the travellers are not or not only the person making the booking, the legal basis for processing this personal data is Art. 6. para. 1 p. 1 f) (legitimate interest). We need this data to be able to offer you the right service and to identify or contact the travellers on site.

      

Location    

Your data is stored at the Fraport data centre in Frankfurt Main and on servers operated by Plus.line AG in Frankfurt Main.

      

Service provider    

BEMBEL GmbH, Große Rittergasse 88, 60594 Frankfurt develops and maintains Fraport's online shop and underlying systems.  
  

Fraport has concluded an order processing agreement with the aforementioned service provider in accordance with Art. 28 DSGVO.

      

Retention period and deletion    

We keep your personal data relating to your orders for six years due to the legal obligation to retain them and anonymise them on 31.12. of the sixth year in each case. Example: If you place an order and we confirm an escort service for 15.09.2022, we will delete your data on 31.12.2028. If your order request is rejected, the data will be anonymised within 24 hours of receipt of the order.  

When you enquire about renting a conference room at the Fraport Conference Center (FraCC), Fraport collects and processes your personal data for the purpose of executing the sales contract in accordance with Art.6 para. 1 sentence 1 b) DSGVO. On this basis, Fraport only collects   personal data that is actually necessary for the initiation, execution and termination of a contract between you and Fraport. Failure to provide the necessary data will result in us not being able to offer or provide you with the services offered by us or third parties, or not to the full extent.  

    

Types/categories of personal data

When renting a conference room, the personal data processed are in particular the company, company address, first name and surname of the person making the booking, e-mail address and first name and surname of the contact person at the location of the event.

  

Transmission to third parties  

If a technical service provider is necessary for the rented service (provision of special conference technology that goes beyond the scope of the equipment provided by FraCC), this service provider shall receive the company name of the client. In the case of "more complicated" technical services, the technical service provider will also receive the customer's telephone number and/or e-mail address after consultationwith the customer so that direct arrangements can be made.

      

Legal basis    

In principle, the legal basis for processing your personal data is Art.6 para. 1 p.1 b DSGVO (purpose of the contract).  

The legal basis for personal data that is not that of the enquirer is Art. 6 para. 1 p. 1 f DSGVO (legitimate interest). We need this information in order to know the responsible contact person on site at the time of the event.

    

Location  

The storage location for your data is the
Fraport computer centre located in Frankfurt Main and the servers of Plus Line
AG located in Frankfurt Main.

    

Service provider  

TPS Veranstaltungsservice GbR, Feldstraße 2, 63303 Dreieich, Germany, provides and maintains technical equipment as required.

    

Retention period and deletion  

We keep your personal data relating to your orders for six years due to the legal obligation to retain them and anonymise them on 31.12. of the sixth year. Example: If you place an order on 15.05.2022, we will anonymise your data on 31.12.2028.  

When purchasing daily/monthly tickets for the staff bus at the Frankfurt site via the online webshop, Fraport collects and processes your personal data for the purpose of executing the purchase contract in accordance with Art.6 para. 1 p.1 b) DSGVO. On this basis, Fraport only collects personal data that is actually necessary for the initiation, execution and termination of a contract between you and Fraport. Failure to provide the necessary data will result in us not being able to offer you the services offered by us or third parties.

  

Types/categories of personal data

For the purchase of a ticket for the use of the staff buses, the data processed are the user's title, first and last name, address and e-mail address. For holders of an airport ID card (select "employee" when booking the ticket), the ID card number and the name of the company are also requested.    

  

Transmission to third parties  

Your data will not be transferred to third parties at any time.

  

Payment service provider  

If a payment is necessary, this is made via independent third parties to whose website you are redirected to process the payment. Fraport itself does not make any payments. Credit card payments are processed by the company VR Payment.   

  

Legal basis    

In principle, the legal basis for processing your personal data is Art.6 para. 1 p.1 b (purpose of the contract).

  

Location

Your data is stored at the Fraport data centre in Frankfurt Main and on the servers of Plus Line AG in Frankfurt Main.

  

Service providers and authorities

BEMBEL GmbH, Große Rittergasse 88, 60594 Frankfurt develops and maintains the online shop and underlying systems.

  

Retention period and deletion  

We keep your personal data relating to your orders for 6 years due to the legal obligation to retain them and anonymise them on 31.12. of the 6th year. Example: If you order on 15.05.2022, we will anonymise your data on 31.12.2028.     


7. Website visit and IT-Tools

When visiting our websites and using our services, information is automaticallycollected from the user's terminal device. This includes, for example, the IP address assigned to you by your internet provider, the website(s) from which you visit us, your browser type (incl. version and language), your device type and related information (e.g. resolution of the monitor), device IDs (e.g. your MAC address or comparable device IDs) as well as information on your operating system, date and duration of your visit as well as further information on the use of our services (e.g. search queries, pages viewed, click behaviour). The legal basis for the temporary storage is Art.6 para.1 f) DSGVO.   

Fraport processes and uses this data to display our websites correctly and to determine the causes of technical difficulties. This data is also used to technically optimise the websites and to ensure the security of our computer systems and networks. Subject to the further descriptions in this data protection declaration, this data does not allow us to draw any conclusions about you. Fraport only stores your IP address and MAC address in anonymised form. The collection of this data is absolutely necessary for the operation of our websites. Accordingly, there is no possibility of objection on the part of the user.   

The data is deleted as soon as the purpose of its collection is no longer necessary.

For the shopping cart on the online trading platform, for example, this is the case after two weeks. Log files are deleted after 30 days at the latest.   

Due to the classification as critical infrastructure, we take into account the increased requirements from the IT security laws for the detection of attacks on the IT infrastructure. Your data can therefore be stored in a separate analysis system for up to a maximum of 12 months. The legal basis for the temporary storage is Art.6 para.1 f) DSGVO.

Furthermore, we use the services of third parties to fulfil our offers (more under "technologies used"). For all these services, we pay attention to server locations within the European Union. We would like to inform you that it cannot be ruled out that the data will be transferred to the USA and could be subject to access by the security authorities there in accordance with 50 U.S.C. §1881(b)(4), 50 U.S.C. § 1881a (= FISA 702).  

Cookies and similar technologies are used on our websites.
Cookies are small text files that are stored on the end device (smartphone, computer or similar) in the cache of the site visitor's internet browser. Information is stored in the cookie that is related to the specific end device used, for example the IP address or the browser type. However, a cookie can also store which content you see on our websites and how you interact with the content. However, this does not mean that we gain direct knowledge of your identity. In addition, our emails or web pages may contain small, transparent image files or lines of code to record how you interact with them. This information is used to help website publishers better analyse and improve their services. An example of this would include serving personalised advertising from our advertising partners.    

We use temporary cookies, so-called session cookies, which are stored on your end device for a certain fixed period of time. These allow us, for example, to offer you a shopping basket display with the number of items in your shopping basket or to statistically record the use of our website and optimise our offer.   

Other cookies, so-called session-spanning cookies, remain on your computer and enable us, among other things, to recognise your Internet browser so that data already entered is not lost during the interruption of a usage process (e.g. interruption of the Internet connection) or the change to another service within our offer. These cookies also enable us to make the offer more attractive to you, for example by displaying information tailored to your interests.

We also use cookies in our websites that enable an analysis of your surfing behaviour.

In accordance with legal requirements, the storage and retrieval of information on end devices, for example by setting cookies, is only permitted if you have given us your consent in advance.

The legal basis for this is § 25 Paragraph 1 Sentence 1 TTDSG as well as Art. 6 Paragraph 1 lit. A DSGVO. However, you do not have to give your consent if the storage/retrieval is necessary for the function of the website (cf. Section 25 (2) No. 2 TTDSG).or Art. 6 (1) lit. F DSGVO).

A necessity is given, for example, with regard to ensuring the following functionalities:     

  • Enabling the maintenance of log-in
  • Ensuring system security
  • Display of the shopping basket

With regard to the data processing that is necessary for the operation of the website, you do not have the right to object.

When accessing our website, the user is informed about the use of cookies for third-party analysis and advertising purposes (i.e. all those cookies and tracking technologies that require consent) and his or her consent to the processing of personal data used in this context is obtained. In this context, we also refer to this privacy policy.   

You give your consent to all technologies used by us that require your consent by clicking on the "Accept all" button in the Privacy Settings banner on our websites. By clicking on "Accept all", you give us your consent for Fraport to store data on or retrieve data from your terminal device.

By clicking on "Refuse all", you refuse the use of all technologies that require your consent. Technologies for the provision of our website functionalities or the protection of our legitimate interests according to Art. 6 para. 1 p.1 f) DSGVO remain unaffected by this.

You can also agree or disagree to individual analysis or advertising functionalities by clicking on "Privacy settings" in the banner. In the menu that opens, you can obtain detailed information about each service and selectively give your consent.

Cookies are stored on your end device and transmitted to us by it. You have the option of preventing or restricting the storage of cookies on your computer by setting your browser accordingly. In this case, for example, you can no longer be shown offers tailored to your interests. The function of our websites may also be restricted and not offer you a satisfactory experience, as videos, for example, but also tools relating to travel safety or our chatbot will not function. Please note that you may still see advertisements in our services.

  

You can delete cookies that have already been stored on your terminal device at any time.

We would like to expressly point out to you that your corresponding data collection and processing consent can be adjusted at any time with effect for the future vis-à-vis Fraport. To this end, you will find the options to agree to all cookies, reject them or discontinue each service at the bottom of each page under the "Cookie settings" button.

For your transparency, we therefore classify the suppliers into the categories "Essential", "Functional" and "Marketing".  


8. Cookie and tracking technologies used

Service description

This is a consent management service. On the website, Usercentrics GmbH is used as a processor for the purpose of consent management.

  

Processing company

Usercentrics GmbH
Sendlinger Str. 7, 80331 Munich, Germany

  

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

datenschutz@usercentrics.com

  

Data processing purposes

This list represents the purposes of data collection and processing.

  • Compliance with legal obligations
  • Consent storage
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Local Storage
  • Pixel
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • Opt-in and opt-out data
  • Referrer URL
  • User Agent
  • User settings
  • Consent ID
  • Date of consent
  • Consent type
  • Template version
  • Banner language
  

Legal basis

The following is the required legal basis for the processing of data.

  • Art. 6 para. 1 p. 1 lit. c DSGVO
  

Place of  processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union
  

Duration for saving the data

The retention period is the period of time during which the collected data are stored for processing. The data must be deleted as soon as they are no longer needed for the specified processing purposes.

  • The consent data (consent given and revocation of consent) is stored for three years. The data will then be deleted immediately.
  

Data recipient

The recipients of the data collected are listed below.

  • Usercentrics GmbH
  

Service description

This is a website chat service.

  

Processing  company

Airbot Technology Limited
Office 7, 35-37 Ludgate Hill, London EC4M 7JN, United Kingdom

  

Data protection officer of the processing  company

Below you will find the e-mail address of the data protection officer of the processing company.

dpo@airport.ai

  

Data processing purposes

This list represents the purposes of data collection and processing.

  • Tracking conversations in the website chat
  • Optimisation of the user experience
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Local memory
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • IP address
  • Date and time of the visit
  • Usage data
  • Browser information
  • Device Information
  

Legal basis

The following is the required legal basis for the processing of data.

  • Art. 6 (1) (a) GDPR
  

Place of  processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union
  

Duration for saving the data

The retention period is the period of time during which the collected data are stored for processing. The data must be deleted as soon as they are no longer needed for the specified processing purposes.

  • The data is deleted as soon as it is no longer required for processing.
  

Data recipient

The recipients of the data collected are listed below.

  • Airbot Technology Limited
  

Service description

This is a web analytics service. It allows the user to measure the return of interest "ROI" of advertising as well as track user behaviour with Flash, video, websites and applications.

  

Processing  company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

  

Data protection officer of the processing  company

Below you will find the e-mail address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

  

Data processing purposes

This list represents the purposes of data collection and processing.

  • Marketing
  • Analysis
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Cookies
  • Pixel
  • JavaScript
  • Device fingerprint
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • Click path
  • Date and time of the visit
  • Unit information
  • Location information
  • IP address
  • Pages visited
  • Referrer URL
  • Browser information
  • Hostname
  • Browser language
  • Browser type
  • Screen resolution
  • Device operating system
  • Interaction data
  • User behaviour
  • Visited URL
  

Legal basis

The following is the required legal basis for the processing of data.

  • Art. 6 para. 1 p. 1 lit. a DSGVO
  

Place of  processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union
  

Duration for saving the data

The retention period is the period during which the collected data are stored for processing. The data must be deleted as soon as they are no longer needed for the specified processing purposes.

  • The retention period depends on the type of data stored. Each customer can choose how long Google Analytics stores data before it is automatically deleted.
  

Disclosure to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area and to a country that does not provide an adequate level of data protection. If the data is transferred to the US, there is a risk that your data may be processed by US authorities for control and monitoring purposes, without any possible redress available to you. Below is a list of countries to which the data will be transferred. This may be for various purposes, such as storage or processing.

  • United States of America
  • Singapore
  • Chile
  • Taiwan
  

Data recipient

The recipients of the data collected are listed below.

  • Google Ireland Limited, Alphabet Inc, Google LLC
  

Memory information

Below is the longest potential storage time on a device set when using the cookie storage method and when using other methods.

Maximum limit for the storage of cookies: 2 years

Non-cookie storage: No

  

Stored  information

This service uses various means to store information on a user's device as listed below.

  • _ga: Used to distinguish users.
  • Type: cookie
  • Duration: 2 years
  •   _gid: Used to distinguish users.
  • Type: cookie
  • Duration: 1 day
  • _gat_gtag_xxx: Used to distinguish users.
  • Type: cookie
  • Duration: 1 minute
  •   _gac_xx: Contains information about which ad was clicked on.
  • Type: cookie
  • Duration: 2 months, 29 days
  

Service description

This service allows users to measure traffic and engagement on their websites and mobile apps using customisable reports.

  

Processing company

Google Ireland Limited
Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

  

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

  

Data processing purposes

This list represents the purposes of data collection and processing.

  • Marketing
  • Analysis
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Tracking Code
  • Cookies
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • Account details
  • Anonymised IP address
  • Bounce rates
  • Browser information
  • Click path
  • Date and time of the visit
  • Unit information
  • Downloads
  • Duration of visit
  • Location information
  • Internet service provider
  • Mouse movements
  • Screen resolution
  • Behavioural data
  • Referrer URL
  • App updates
  

Legal basis

The following is the required legal basis for the processing of data.

  • Art. 6 para. 1 p. 1 lit. a DSGVO
  

Place of processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union
  

Duration for saving the data

The retention period is the period of time during which the collected data are stored for processing. The data must be deleted as soon as they are no longer needed for the specified processing purposes.

  • The customer can choose how long Google Analytics stores data. The maximum retention period is 26 months.
  

Disclosure to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area and to a country that does not provide an adequate level of data protection. If the data is transferred to the US, there is a risk that your data may be processed by US authorities for control and monitoring purposes, without any possible redress available to you. Below is a list of countries to which the data will be transferred. This may be for various purposes, such as storage or processing.

  • United States of America
  • Singapore
  • Taiwan
  • Chile
  

Data recipient

The recipients of the data collected are listed below.

  • Alphabet Inc, Google LLC, Google Ireland Limited
  

Memory information

Below is the longest potential storage time on a device set when using the cookie storage method and when using other methods.

  • Maximum limit for the storage of cookies: Session
  • Non-cookie storage: No
  

Stored information

This service uses various means to store information on a user's device as listed below.

  • Google: Used to distinguish users.
  • Type: cookie
  • Duration: 2 years
  • Google: Used to distinguish users.
  • Type: cookie
  • Duration: 1 day
  • Google: Used to maintain session status.
  • Type: cookie
  • Duration: 2 years
  • Google: Contains campaign-related information. If you have linked your Google Analytics and Google Ads accounts, the Google Ads website conversion tags will read this cookie unless you opt out.
  • Type: cookie
  • Duration: 2 months, 29 days
  

Service description

This is a tag management system. Via the Google Tag Manager, tags can be integrated centrally via a user interface. Tags are small sections of code that can track activities. Script codes of other tools are integrated via the Google Tag Manager. The Tag Manager makes it possible to control when a certain tag is triggered.

  

Processing  company

Google Ireland Limited
Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

  

Data protection officer of the processing  company

Below you will find the e-mail address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

  

Data processing purposes

This list represents the purposes of data collection and processing.

  • Tag management
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Website tags
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • Aggregated data on tag resolution
  

Legal basis

The following is the required legal basis for the processing of data.

  • Art. 6 para. 1 p. 1 lit. a DSGVO
  

Place of  processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union
  

Duration for saving the data

The retention period is the period of time during which the collected data are stored for processing. The data must be deleted as soon as they are no longer needed for the specified processing purposes.

  • The data is deleted 14 days after retrieval.
  

Disclosure to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area and to a country that does not provide an adequate level of data protection. If the data is transferred to the US, there is a risk that your data may be processed by US authorities for control and monitoring purposes, without any possible redress available to you. Below is a list of countries to which the data will be transferred. This may be for various purposes, such as storage or processing.

  • United States of America
  • Singapore
  • Taiwan
  • Chile
  

Data recipient

The recipients of the data collected are listed below.

  • Alphabet Inc, Google LLC, Google Ireland Limited
  

Service description

This is a web analysis and optimisation service.

  

Processing  company

SAS Institute Inc.

  

Data processing purposes

This list represents the purposes of data collection and processing.

  • Marketing
  • Advertising
  • Web analytics
  • Optimisation
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Accept cookies
  • Pixel tags
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • IP address
  • Usage data
  • App updates
  • Device information
  • Pages visited
  • Downloads
  • Location information
  • Widget interactions
  • Date and time of the visit
  • Click path
  • Browser information
  • JavaScript support
  • Referrer URL
  • Flash version
  • Buying activity
  

Legal basis

The following is the required legal basis for the processing of data.

  • Art. 6 (1) (a) DSGVO
  

Place of  processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union
  

Processing  company

AOE GmbH
Luisenforum Kirchgasse 6 65185 Wiesbaden

  

Data protection officer of the processing  company

Below you will find the e-mail address of the data protection officer of the processing company.

datenschutz@aoe.com

  

Data processing purposes

This list represents the purposes of data collection and processing.

  • Automated, anonymised analysis of customer behaviour on the website
  • Creation of recommendations based on an algorithm
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Cookies
  • Pixel
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • Anonymised user ID
  • Browsing behaviour
  

Place of  processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • Germany
  

Disclosure to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area and to a country that does not provide an adequate level of data protection. If the data is transferred to the US, there is a risk that your data may be processed by US authorities for control and monitoring purposes, without any possible redress available to you. Below is a list of countries to which the data will be transferred. This may be for various purposes, such as storage or processing.

  • Germany
  

Data recipient

The recipients of the data collected are listed below.

  • AOE GmbH
  

Processing  company

VISA RUN INC
313 Richmond Street East, Unit 868, Toronto, Ontario, Canada M5A 4S7

  

Data protection officer of the processing  company

Below you will find the e-mail address of the data protection officer of the processing company.

ivan@joinsherpa.com

  

Data processing purposes

This list represents the purposes of data collection and processing.

  • Show travel restrictions
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Local memory
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • IP address
  • Date and time of the visit
  • Usage data
  • Browser information
  • Unit information
  • Widget interactions
  

Service description

This is an affiliate network.

  

Processing  company

AWIN AG
Eichhornstraße 3, 10785 Berlin, Germany

  

Data protection officer of the processing  company

Below you will find the e-mail address of the data protection officer of the processing company.

global-privacy@awin.com

  

Data processing purposes

This list represents the purposes of data collection and processing.

  • Affiliate marketing
  • Tracking
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Cookies
  • Journey Day
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • Viewed advertisements
  • Browser information
  • Clicked ads
  • Unit information
  • Device operating system
  • Referrer URL
  • Time at which the advertisement was clicked on
  • Time at which the advertisement was viewed
  • Touchpoint to the advertising medium
  • Usage data
  • User Agent
  • Business transaction
  • Information about orders
  • Leads
  • Newsletter information
  • Success of the referrer
  

Legal basis

The following is the required legal basis for the processing of data.

  • Art. 6 para. 1 p. 1 lit. a DSGVO
  

Place of  processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union
  

Duration for saving the data

The retention period is the period of time during which the collected data are stored for processing. The data must be deleted as soon as they are no longer needed for the specified processing purposes.

  • Data are deleted as soon as they are no longer needed for the processing purposes.
  

Data recipient

The recipients of the data collected are listed below.

  • AWIN AG
  

Memory information

Below is the longest potential storage time on a device set when using the cookie storage method and when using other methods.

  • Maximum limit for the storage of cookies: 1 year
  • Non-cookie storage: No
  

Stored information

This service uses various means to store information on a user's device as listed below.

  • zttpvc: Set when you see an advertisement. Stores an ID for the website showing the advertisement and the time you saw the advertisement.
  • Type: cookie
  • Duration: Session
  • Domain: ad.zanox.com
  • ztvc: Set when you see an advertisement. Stores an ID for the website showing the advertisement and the time you saw the advertisement.
  • Type: cookie
  • Duration: Session
  • Domain: www.zanox-affiliate.de
  • zptpvc: Set when you see an advertisement. Stores an ID for the website where the advertisement was shown and the time when you saw the advertisement.
  • Type: cookie
  • Duration: 2 months, 29 days
  • Domain: www.zanox-affiliate.de
  • zpvc: Set when you see an advertisement. Stores an ID for the website where the advertisement was shown and the time when you saw the advertisement.
  • Type: cookie
  • Duration: 2 months, 29 days
  • Domain: www.zanox-affiliate.de
  • ztcc: Set when you click on one of AWIN's links. Stores IDs for the referring website, the ad you clicked on, the group of ads the ad belongs to, the time you clicked on it, the ID for the type of ad and any references the referring page adds to the click.
  • Type: cookie
  • Duration: Session
  • Domain: www.zanox-affiliate.de
  • zcc: Set when you click on one of AWIN's links. Stores IDs for referring websites, ads you clicked on, group of ads the ad belongs to, time you clicked on it, ID for the type of ad and any references the referring site adds to the click.
  • Type: cookie
  • Duration: 1 year
  • Domain: www.zanox-affiliate.de
  • bld: Sets a browser-specific ID to identify a new click on the same browser.
  • Type: cookie
  • Duration: 1 year
  • Domain: awin1.com
  • aw*****: Set when you click on one of AWIN's links. Stores IDs for the referring website, the ad you clicked on, the group of ads the ad belongs to, the time you clicked on it, the ID for the type of ad, the ID for the product and any references the referring website adds to the click.
  • Type: cookie
  • Duration: 30 days
  • Domain: awin1.com
  • AWSESS: Set when you see an advertisement and is used to help AWIN ensure that you are not always shown the same advertisement.
  • Type: cookie
  • Duration: Session
  • Domain: awin1.com
  • awpv*****: Set when you see an advertisement. Stores an ID for the website where the advertisement was shown and the time you saw the advertisement.
  • Type: cookie
  • Duration: 1 day
  • Domain: awin1.com
  • AW: Set when you click on one of AWIN's links. Stores IDs for the referring website, the ad you clicked on, the group of ads the ad belongs to, the time you clicked on it, the ID for the type of ad, the ID for the product and any references the referring website adds to the click.
  • Type: cookie
  • Duration: 30 days
  • Domain: awin1.com
  •   _aw_m_*****: Set when you click on one of AWIN's links. Stores IDs for the referring website, the ad you clicked on, the group of ads the ad belongs to, the time you clicked on it, the ID for the type of ad, the ID for the product and any references the referring website adds to the click.
  • Type: cookie
  • Duration: 30 days
  

Service description

This is an advertising service.

  

Processing company

Microsoft Corporation
One Microsoft Way, Redmond, WA 98052-6399, United States of America

  

Data protection officer of the processing  company

Below you will find the e-mail address of the data protection officer of the processing company.

https://aka.ms/privacyresponse

  

Data processing purposes

This list represents the purposes of data collection and processing.

  • Advertising
  • Conversion tracking
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Cookies
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • Bounce rates
  • Browser language
  • Clicked ads
  • Conversions
  • Digital signature
  • Duration of visit
  • Employment metrics
  • Microsoft Click ID
  • Number of visits
  • Response times of the page
  • Page title
  • Referrer URL
  • Screen colour depth
  • Screen resolution
  • UET ID tag
  • URL
  

Legal basis

The following is the required legal basis for the processing of data.

  • Art. 6 para. 1 p. 1 lit. a DSGVO
  

Place of processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union
  

Duration for saving the data

The retention period is the period of time during which the collected data are stored for processing. The data must be deleted as soon as they are no longer needed for the specified processing purposes.

  • The data will be deleted as soon as they are no longer necessary for the purposes of processing.
  

Disclosure to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area and to a country that does not provide an adequate level of data protection. If the data is transferred to the US, there is a risk that your data may be processed by US authorities for control and monitoring purposes, without any possible redress available to you. Below is a list of countries to which the data will be transferred. This may be for various purposes, such as storage or processing.

  • Worldwide
  

Data recipient

The recipients of the data collected are listed below.

  • Microsoft Corporation
  

Memory information

Below is the longest potential storage time on a device set when using the cookie storage method and when using other methods.

  • Maximum limit for storing cookies: 1 year, 25 days
  • Non-cookie storage: No
  

Stored information

This service uses various means to store information on a user's device as listed below.

  • MR: Analytics cookie used to pass user transaction information to the Bing advertising network.
  • Type: cookie
  • Duration: 5 months, 27 days
  • MUID: Often used by Microsoft as a unique user ID. This bing.com cookie enables tracking by synchronising the ID across many Microsoft domains.
  • Type: cookie
  • Duration: 1 year, 25 days
  • MMUIDB: This cookie registers data about you from multiple visits and on multiple websites. This information is used to measure the effectiveness of advertising on websites.
  • Type: cookie
  • Duration: 1 year, 25 days
  

Service description

This is an advertising service.

  

Processing company

Criteo SA
32 Rue Blanche, 75009 Paris, France

  

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

dpo@criteo.com

  

Data processing purposes

This list represents the purposes of data collection and processing.

  • Advertising
  • Marketing
  • Personalisation
  • Retargeting
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Cookies
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • Browser information
  • Click path
  • Date and time of the visit
  • Unit information
  • Files viewed
  • Location information
  • IP address
  • Mobile advertising IDs
  • Number of page views
  • Featured products
  • Search terms
  • Technical IDs
  • Usage data
  • Number of advertisements placed
  • Referrer URL
  

Legal basis

The following is the required legal basis for the processing of data.

  • Art. 6 para. 1 p. 1 lit. a DSGVO
  

Place of processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  •   European Union
  

Duration for saving the data

The retention period is the period of time during which the collected data are stored for processing. The data must be deleted as soon as they are no longer needed for the specified processing purposes.

  • Technical data is retained for up to 13 months. Cookies expire 13 months after their last update.
  

Disclosure to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area and to a country that does not provide an adequate level of data protection. If the data is transferred to the US, there is a risk that your data may be processed by US authorities for control and monitoring purposes, without any possible redress available to you. Below is a list of countries to which the data will be transferred. This may be for various purposes, such as storage or processing.

  • ·                 Worldwide
  

Data recipient

The recipients of the data collected are listed below.

  • ·                 Subsidiaries
  • ·                 Affiliated companies
  

Memory information

Below is the longest potential storage time on a device set when using the cookie storage method and when using other methods.

  • Maximum limit for the storage of cookies: 10 years
  • Non-cookie storage: No
  

Stored information

This service uses various means to store information on a user's device as listed below.

  • _csrf: Ensures visitor browsing security by preventing cross-counterfeiting. This cookie is essential for the security of the website and the visitor.
  • Type: cookie
  • Duration: Session
  • Domain: criteo.com
  • connect.sid: This cookie is required for secure login and detection of spam or abuse of the website.
  • Type: cookie
  • Duration: 1 year
  • Domain: criteo.com
  • XSRF-TOKEN: Ensures visitor browsing security by preventing cross-counterfeiting. This cookie is essential for the security of the website and the visitor.
  • Type: cookie
  • Duration: 1 year
  • Domain: criteo.com
  • _gat: Used to throttle the request rate.
  • Type: cookie
  • Duration: 1 day
  • Domain: criteo.com
  • ajs_anonymous_id: This cookie is used to count how often a website has been visited by different visitors. For this purpose, an ID is assigned to the visitor so that the visitor is not registered twice.
  • Type: cookie
  • Duration: 1 year
  • Domain: criteo.com
  • _hjAbsoluteSessionInProgress: This cookie is used to count how often a website has been visited by different visitors. For this purpose, an ID is assigned to the visitor so that the visitor is not registered twice.
  • Type: cookie
  • Duration: 1 day
  • Domain: criteo.com
  • _hjid: Sets a unique ID for the session. This allows the website to retrieve data on visitor behaviour for statistical purposes.
  • Type: cookie
  • Duration: 1 year
  • Domain: criteo.com
  • _hjIncludedInPageviewSample: Determines whether the user's navigation should be registered in a specific statistical placeholder.
  • Type: cookie
  • Duration: 1 day
  • Domain: criteo.com
  • _hjTLDTest: Detects the SEO ranking for the current website. This service is part of a third-party statistics and analysis service.
  • Type: cookie
  • Duration: Session
  • Domain: criteo.com
  • amplitude_unsent_#: Used in connection with the website's pop-up questionnaires and messengering. The data is used for statistical or marketing purposes.
  • Type: cookie
  • Duration: Session
  • Domain: criteo.com
  • amplitude_unsent_identify_#: Used in connection with the website's pop-up questionnaires and messengering. The data is used for statistical or marketing purposes.
  • Type: cookie
  • Duration: Session
  • Domain: criteo.com
  • ki_r: Used to remember which questions the user has seen. This ensures that the user is not shown the same questions again.
  • Type: cookie
  • Duration: 5 years
  • Domain: criteo.com
  • ki_t: Used to remember which questions the user has seen. This ensures that the user is not shown the same questions again.
  • Type: cookie
  • Duration: 5 years
  • Domain: criteo.com
  • openam
  • Type: cookie
  • Duration: Session
  • Domain: criteo.com
  • _hjFirstSeen: This cookie is used to determine if the visitor has visited the website before or if they are a new visitor to the website.
  • Type: cookie
  • Duration: 1 day
  • Domain: criteo.com
  • amplitude_cookie_test: Detects if partner data synchronisation is working and in progress - This feature sends user data between third-party advertising companies for the purpose of targeted advertising.
  • Type: cookie
  • Duration: Session
  • Domain: criteo.com
  • amplitude_id_b37a423901694056906133c8c13c895dcriteo.com: Unique self-generated ID to manage anonymous rights of browsers and taxes to access related management based on statistical data and navigation.
  • Type: cookie
  • Duration: 10 years
  • Domain: criteo.com
  • amplitude_idundefinedcriteo.com
  • Type: cookie
  • Duration: Session
  • Domain: criteo.com
  • amplitude_testcriteo.com
  • Type: cookie
  • Duration: Session
  • Domain: criteo.com
  • pardot: Used to identify the visitor across visits and devices. This allows the website to present relevant advertising to the visitor. - The service is provided by third-party advertising hubs that allow advertisers to bid in real time.
  • Type: cookie
  • Duration: Session
  • Domain: criteo.com
  • zdi: Collects anonymous data related to the user's visits to the website, such as the number of visits, average time on the website and pages loaded, in order to display targeted ads.
  • Type: cookie
  • Duration: 1 day
  • Domain: criteo.com
  

Service description

This is a conversion tracking service from Google.

  

Processing company

Google Ireland Limited
Google Building Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland

  

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

https://support.google.com/policies/troubleshooter/7575787?hl=en

  

Data processing purposes

This list represents the purposes of data collection and processing.

  •   Analysis
  • Conversion tracking
  • Marketing
  • Optimisation
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Cookies
  • Pixel
  • Local Storage
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • Click path
  • Cookie ID
  • IP address
  • Unique identifier of the mobile device
  • Number of visits
  • Pages visited
  • Transactions
  • Usage data
  

Legal basis

The following is the required legal basis for the processing of data.

  • Art. 6 para. 1 p. 1 lit. a DSGVO
  

Place of processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union
  

Duration for saving the data

The retention period is the period of time during which the collected data are stored for processing. The data must be deleted as soon as they are no longer needed for the specified processing purposes.

  • The data will be deleted as soon as they are no longer needed for the processing purposes.
  

Disclosure to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area and to a country that does not provide an adequate level of data protection. If the data is transferred to the US, there is a risk that your data may be processed by US authorities for control and monitoring purposes, without any possible redress available to you. Below is a list of countries to which the data will be transferred. This may be for various purposes, such as storage or processing.

  • United States of America
  • Singapore
  • Chile
  • Taiwan
  

Data recipient

The recipients of the data collected are listed below.

  • Alphabet Inc.
  • Google LLC
  • Google Ireland Limited
  

Memory information

Below is the longest potential storage time on a device set when using the cookie storage method and when using other methods.

  • Maximum limit for the storage of cookies: 30 days
  • Non-cookie storage: No
  

Stored information

This service uses various means to store information on a user's device as listed below.

  • IDE: This cookie is generated by DoubleClick Floodlight and used to store "CheckForPermission" values.
  • Type: cookie
  • Duration: 30 days
  • Domain: doubleclick.net
  

Service description

This is a tracking technology offered by Facebook and used by other Facebook services. It is used to track visitors' interactions with websites ("events") after they have clicked on an ad placed on Facebook or other services provided by Meta ("conversion").

  

Processing company

Meta Platforms Ireland Ltd.
4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland

  

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

https://www.facebook.com/help/contact/540977946302970

  

Data processing purposes

This list represents the purposes of data collection and processing.

  • Analysis
  • Marketing
  • Retargeting
  • Advertising
  • Conversion tracking
  • Personalisation
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Cookies
  • Pixel
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • Viewed advertisements
  • Respected content
  • Unit information
  • Geographical location
  • HTTP header
  • Interactions with advertising, services and products
  • IP address
  • Clicked elements
  • Marketing information
  • Pages visited
  • Pixel ID
  • Referrer URL
  • Usage data
  • User behaviour
  • Facebook cookie information
  • Facebook User ID
  • Usage/click behaviour
  • Browser information
  • Device operating system
  • Device ID
  • User Agent
  • Browser type
  

Legal basis

The following is the required legal basis for the processing of data.

  • Art. 6 para. 1 p. 1 lit. a DSGVO
  

Place of processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union
  

Duration for saving the data

The retention period is the period of time during which the collected data are stored for processing. The data must be deleted as soon as they are no longer needed for the specified processing purposes.

  • User interactions recorded on the websites are stored for no longer than two years. However, the data is deleted as soon as it is no longer needed for the purposes of processing.
  

Disclosure to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area and to a country that does not provide an adequate level of data protection. If the data is transferred to the US, there is a risk that your data may be processed by US authorities for control and monitoring purposes, without any possible redress available to you. Below is a list of countries to which the data will be transferred. This may be for various purposes, such as storage or processing.

  • Singapore
  • United States of America
  • Worldwide
  

Data recipient

The recipients of the data collected are listed below.

·                 Meta Platforms Ireland Ltd, Meta Platforms Inc.

  

Memory information

Below is the longest potential storage time on a device set when using the cookie storage method and when using other methods.

  • Maximum limit for the storage of cookies: 1 year
  • Non-cookie storage: No
  

Stored information

This service uses various means to store information on a user's device as listed below.

  • _fbp: Cookie from Facebook used for website analytics, ad targeting and ad measurement.
  • Type: cookie
  • Duration: 3 months
  • Domain: facebook.com
  

Service description

This is a conversion tracking service. This service records what happens after a click on an ad placed by us via Google Ads when users subsequently visit the website. With conversions, we measure whether users perform a certain action on the website (e.g. whether services are ordered) after clicking on an ad placed by us via Google Ads. This allows the user to understand which keywords, ads, ad groups or campaigns lead to the desired user interaction.

  

Processing company

Google Ireland Limited
Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

  

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

https://support.google.com/policies/troubleshooter/7575787?hl=en

  

Data processing purposes

This list represents the purposes of data collection and processing.

  • Conversion tracking
  • Analysis
  • Measuring the success of the marketing campaigns
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Cookies
  • Tracking pixel
  • Tracking Code
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • Browser language
  • Browser type
  • Clicked ads
  • Cookie ID
  • Date and time of the visit
  • IP address
  • Referrer URL
  • Web request
  • User behaviour
  

Legal basis

The following is the required legal basis for the processing of data.

  • Art. 6 para. 1 p. 1 lit. a DSGVO
  

Place of processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union
  

Duration for saving the data

The retention period is the period of time during which the collected data are stored for processing. The data must be deleted as soon as they are no longer needed for the specified processing purposes.

  • Data are deleted as soon as they are no longer needed for the processing purposes.
  

Disclosure to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area and to a country that does not provide an adequate level of data protection. If the data is transferred to the US, there is a risk that your data may be processed by US authorities for control and monitoring purposes, without any possible redress available to you. Below is a list of countries to which the data will be transferred. This may be for various purposes, such as storage or processing.

  • United States of America
  • Singapore
  • Taiwan
  • Chile
  

Data recipient

The recipients of the data collected are listed below.

  • Google Ireland Limited, Google LLC, Alphabet Inc
  

Memory information

Below is the longest potential storage time on a device set when using the cookie storage method and when using other methods.

  • Maximum limit for the storage of cookies: 1 year
  • Non-cookie storage: No
  

Stored information

This service uses various means to store information on a user's device as listed below.

  • test_cookie: Set as a test to check whether the browser allows cookies to be set. Does not contain any identification features.
  • Type: cookie
  • Duration: 15 minutes
  • Domain: doubleclick.net
  • IDE: Contains a randomly generated user ID. Based on this ID, Google can recognise the user across different websites and show them personalised advertising.
  • Type: cookie
  • Duration: 1 year
  • Domain: doubleclick.net
  •   _gcl_aw: This cookie is set when a user clicks on a Google ad to access the website. It contains information about which ad was clicked on, so that successes achieved, such as orders or contact requests, can be attributed to the ad.
  • Type: cookie
  • Duration: 2 months, 29 days
  • _gcl_dc_: This cookie is set when a user clicks on a Google ad to access the website. It contains information about which ad was clicked on, so that successes achieved, such as orders or contact requests, can be attributed to the ad.
  • Type: cookie
  • Duration: 2 months, 29 days
  

Service description

This is a remarketing service. Using remarketing, the user can display interest-based advertisements to users of the website on other websites within the Google Display Network (e.g. in Google Search or on YouTube). For this purpose, the user's interactions are analysed, e.g. which products and services a user is interested in. This enables targeted advertising to be displayed to the user on other websites even after the user has visited the website.

  

Processing company

Google Ireland Limited
Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

  

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

https://support.google.com/policies/troubleshooter/7575787?hl=en

  

Data processing purposes

This list represents the purposes of data collection and processing.

  • Remarketing
  • Advertising
  • Tracking the user action
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Cookies
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • Duration of visit
  • IP address
  • Pages visited
  • Content in which the user is interested
  • Website usage
  • Referrer URL
  • Advertising ID
  • Date and time of the visit
  • Unit information
  • Browser information
  

Legal basis

The following is the required legal basis for the processing of data.

  • Art. 6 para. 1 p. 1 lit. a DSGVO
  

Place of processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union
  

Duration for saving the data

The retention period is the period of time during which the collected data are stored for processing. The data must be deleted as soon as they are no longer needed for the specified processing purposes.

  • Data are deleted as soon as they are no longer needed for the processing purposes.
  

Disclosure to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area and to a country that does not provide an adequate level of data protection. If the data is transferred to the US, there is a risk that your data may be processed by US authorities for control and monitoring purposes, without any possible redress available to you. Below is a list of countries to which the data will be transferred. This may be for various purposes, such as storage or processing.

  • United States of America
  • Singapore
  • Taiwan
  • Chile
  

Data recipient

The recipients of the data collected are listed below.

  • Google Ireland Limited
  • Google LLC
  • Alphabet Inc.
  

Memory information

Below is the longest potential storage time on a device set when using the cookie storage method and when using other methods.

  • Maximum limit for the storage of cookies: 1 year
  • Non-cookie storage: No
  

Stored information

This service uses various means to store information on a user's device as listed below.

  • IDE: Contains a randomly generated user ID. Based on this ID, Google can recognise the user across different websites and show them personalised advertising.
  • Type: cookie
  • Duration: 1 year
  • Domain: doubleclick.net
  • test_cookie: Set as a test to check whether the browser allows cookies to be set. Does not contain any identification features.
  • Type: cookie
  • Duration: 15 minutes
  • Domain: doubleclick.net
  

Service description

This is a conversion tracking service.

  

Processing company

Twitter International Company
One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland

  

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

https://twitter.ethicspointvp.com/custom/twitter/forms/data/form_data.asp

  

Data processing purposes

This list represents the purposes of data collection and processing.

  • Advertising
  • Conversion tracking
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Cookies
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • Timestamp
  • Browser User Agent String
  • Website tag ID
  • IP address
  • Cookie ID
  

Legal basis

The following is the required legal basis for the processing of data.

  • Art. 6 para. 1 p. 1 lit. a DSGVO
  

Place of processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union
  

Duration for saving the data

The retention period is the period of time during which the collected data are stored for processing. The data must be deleted as soon as they are no longer needed for the specified processing purposes.

  • Data are deleted as soon as they are no longer needed for the processing purposes.
  

Data recipient

The recipients of the data collected are listed below.

  • Twitter, Inc.
  

Service description

This is an advertising service that displays ads and provides onsite optimisation and email retargeting.

  

Processing company

Emego GmbH
Werdener Str. 36, 46047 Oberhausen, Germany

  

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

mail@matutis.de

  

Data processing purposes

This list represents the purposes of data collection and processing.

  • Advertising
  • Optimisation
  • Retargeting
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Cookies
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • IP address
  • Date and time of the visit
  • Session duration
  • Browser type
  • Referrer URL
  • Internet provider
  • Screen resolution
  

Legal basis

The following is the required legal basis for the processing of data.

  • Art. 6 para. 1 p. 1 lit. a DSGVO
  

Place of processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union
  

Duration for saving the data

The retention period is the period of time during which the collected data are stored for processing. The data must be deleted as soon as they are no longer needed for the specified processing purposes.

  • Data are deleted as soon as they are no longer needed for the processing purposes.
  

Data recipient

The recipients of the data collected are listed below.

  • Emego GmbH
  • Service proviers
  

Service description

This is a video player service.

  

Processing company

Google Ireland Limited
Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

  

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

  

Data processing purposes

This list represents the purposes of data collection and processing.

  • Show videos
  

Technologies used

This list contains all the technologies that this service uses to collect data. Typical technologies are cookies and pixels placed in the browser.

  • Cookies (if the "Privacy-Enhanced" mode is not activated)
  

Collected data

This list contains all (personal) data collected by or through the use of this service.

  • Unit information
  • IP address
  • Referrer URL
  • Viewed videos
  

Legal basis

The following is the required legal basis for the processing of data.

  • Art. 6 para. 1 p. 1 lit. a DSGVO
  

Place of processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

  • European Union
  

Duration for saving the data

The retention period is the period of time during which the collected data are stored for processing. The data must be deleted as soon as they are no longer needed for the specified processing purposes.

  • Data are deleted as soon as they are no longer needed for the processing purposes.
  

Disclosure to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area and to a country that does not provide an adequate level of data protection. If the data is transferred to the US, there is a risk that your data may be processed by US authorities for control and monitoring purposes, without any possible redress available to you. Below is a list of countries to which the data will be transferred. This may be for various purposes, such as storage or processing.

  • Worldwide
  

Data recipient

The recipients of the data collected are listed below.

  • Alphabet Inc.
  • Google LLC
  • Google Ireland Limited
  

Memory information

Below is the longest potential storage time on a device set when using the cookie storage method and when using other methods.

  • Maximum limit for the storage of cookies: 10 years
  • Non-cookie storage: No
  

Stored information

This service uses various means to store information on a user's device as listed below.

  • PREF: This cookie stores your preferences and other information, in particular preferred language, how many search results should be displayed on your page and whether or not you want to activate Google's SafeSearch filter.
  • Type: cookie
  • Duration: 10 years
  • VISITOR_INFO1_LIVE: This cookie measures your bandwidth to determine whether you are receiving the new player interface or the old one.
  • Type: cookie
  • Duration: 6 months
  • use_hitbox: This cookie increases the "Views" counter of the YouTube video.
  • Type: cookie
  • Duration: Session
  • YSC: This is set on pages with embedded YouTube video.
  • Type: cookie
  • Duration: Session