Skip to content
Cart
Your cart is currently empty.

PRIVACY POLICY






GENERAL INFORMATION ON DATA PROTECTION



Effective Date: Friday, 31.02.2023
The protection of your personal data is important to us. It is a principal part of our development and sales activity. GEZEITEN collects and uses your personal data exclusively in the framework of the provisions of data protection law which apply in the Federal Republic of Germany. The following explanations provide information about the way in which personal data (hereinafter referred to as “data”) is collected and used as well as the extent of such collection and use and its purpose. This information can be read at any time on our website.

This Website is published by GEZEITEN GmbH, Pappelweg 8, 74081 Heilbronn (Germany).

In the following, you will receive an initial overview of the types of data that are processed, and the subjects affected by this processing.






USAGE DATA 



We collect and use your personal data where this is necessary to enable you to use our Internet service and to settle charges for the same (usage data). These include but are not limited to characteristics used to identify you as well as information about the times at which you start and finish using our service and the extent to which you make use of it. If you have provided us with personal data we only use such data in response to your queries, to process contracts concluded with you and for technical administration. Your personal data shall only be disclosed to third parties or otherwise communicated if this is necessary for the purpose of performing the contract - including but not limited to communicating order data to suppliers - and of making settlement or if you have consented in advance. You have the right to revoke your consent with effect for the future at any time.

Stored personal data is deleted whenever you revoke your consent to this storage, whenever knowledge of such data is no longer required to meet the purpose of which the data has been stored or if such data cannot be stored for any other legal reasons.

If you subscribe to our newsletter your e-mail address will be used for internal advertising purposes until such time as you cancel your subscription to the newsletter. Subscriptions can be cancelled at any time.






SECURITY MEASURES



We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk, Article 32 GDPR. The security measures we take include, in particular, the following.

Secure Sockets Layer | Transport Layer Security (SSL):
We use SSL / TLS for encrypted transmission of data between the end devices of our visitors and our server. In this way, the risk of unauthorized viewing of the transmitted data is significantly reduced.

HTTP Strict Transport Security (HSTS):
Our server transmits an instruction to the end device of our users in the header of its response to request it to exclusively communicate encrypted via SSL / TLS. This prevents so-called HTTP downgrade attacks.






TRANSFER AND DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES



In the course of our processing of personal data, it may happen that the data is transferred to or is disclosed to other bodies, companies, legally independent organizational units, or persons. The recipients of this data may include, in particular:

IT-Service Providers:
This includes service providers for the provision of hosting, mail services and server technology.

Payment Service Providers:
Service providers who cooperate with us to process payments. 

Shipping Service Providers:
Service providers who perform logistical tasks for us. These include, in particular, parcel service providers.

Authorities:
Government agencies with which we exchange data in order to fulfill orders or for legal reasons.

In such a case, we ensure the protection of personal data by concluding contracts or agreements with the respective third parties that serve to adequately protect the data. We carefully and conscientiously select third parties to whom we disclose data. Insofar as we use third-party providers or platforms to provide our services, the terms and conditions and data protection notices of the respective third-party providers or platforms apply in the relationship between the users and the providers.






DATA PROCESSING IN THIRD COUNTRIES 



Insofar as we process data in a third country, i.e. a country outside the European Union or the European Economic Area, or the processing is carried out by third parties outside this area, this processing is only carried out in accordance with the applicable legal provisions. Subject to the express consent of the data subjects or legally required transfers, we only process data or have data processed in third countries with an adequate level of protection. This includes, in particular, countries that process data on the basis of special guarantees, such as contractual obligation through so-called standard protection clauses of the EU Commission, the existence of certifications or binding internal data protection regulations (Art. 44 to 49 GDPR).






GENERAL NOTICE ON THE DELECTION OF DATA 



The data processed by us will be deleted in accordance with the legal requirements as soon as the consent to its processing has been revoked or other permissions (e.g. legitimate interests, legal obligations, etc.) cease to apply. If the data is not deleted because it is required for other and legally permissible purposes, its processing is limited to these purposes. I.e., the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law or whose storage is necessary for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person. Further information on the deletion of personal data is provided, where applicable, under the individual points of this data protection declaration.






EXPLANATION OF THE LEGAL BASIS 



In the following, we will inform you about the legal basis of the German General Data Protection Regulation (GDPR), on the basis of which we process personal data. In addition to the regulations of the GDPR, national regulations of the respective user’s country of residence or domicile may apply.

Legitimate Interests (Art. 6 para. 1 p.1 lit. f GDPR): 
Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

Contract Performance and Pre-contractual Inquiries (Art. 6 para. 1 p. 1 lit. b. GDPR): 
Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

Legal Obligation (Art. 6 para. 1 p. 1 lit. c. GDPR): 
Processing is necessary for compliance with a legal obligation to which the controller is subject.

Protection of Vital Interests (Art. 6 para. 1 p. 1 lit. d. GDPR): 
Processing is necessary in order to protect the vital interests of the data subject or of another natural person.

Application Procedure as a Pre-Contractual or Contractual Relationship (Art. 9 para. 1 p. 1 lit. b GDPR): 
(Insofar as special categories of personal data within the meaning of Article 9 (1) of the GDPR (e.g. health data, such as severely disabled status or ethnic origin) are requested from applicants in the context of the application process so that the controller or the data subject can exercise the rights accruing to him or her under labor law and social security and social protection law and fulfill his or her obligations in this regard, their processing shall be carried out in accordance with Article 9 (2) b. GDPR, in case of protection of vital interests of the applicants or other persons according to Art. 9 para. 2 lit. c. GDPR or for the purposes of preventive health care or occupational medicine, for the assessment of the employee's ability to work, for medical diagnostics, care or treatment in the health or social sector or for the management of systems and services in the health or social sector pursuant to Art. 9 para. 2 lit. h. GDPR. In the case of communication of special categories of data based on voluntary consent, their processing is based on Art. 9 para. 2 lit. a. GDPR.).

Data Processing for Purposes of the Employment Relationship (§ 26 BDSG): 
We process (special) types of personal data in the employment relationship on the basis of the statutory provision for the purpose of establishing, implementing and terminating the employment relationship.

Consent (if requested) (Art. 6 para. 1 p. 1 lit. a GDPR): 
The data subject has given consent to the processing of his or her personal data for one or more specific purposes.

Storing information in the End User's Terminal Device with the End User's Consent (§ 25 para. 1 p. 1 TTDSG): 
We use memory areas of the terminal device of our users for certain functions with the explicit and informed consent of the same.

Storing Information in the End User's Terminal Device out of Necessity. (§ 25 para. 2 No. 2 TTDSG): 
Unless we have asked for your permission when you visit our website or use individual functions, we use the memory of your terminal device for the technical presentation and delivery of our telemedia service if this is technically necessary.

Processing for the Exercise of a Public Interest (Art. 6 para. 1 lit. e GDPR): 
Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.






RIGHTS OF THE AFFECTED SUBJECTS 



The affected subjects have rights, which we inform you about below.

Right of Objection (Art. 21 GDPR): 
The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1) (GDPR), including profiling based on those provisions. Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.

Right of Access (Art. 15 GDPR): 
The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information. 

Right of Rectification (Art. 16 GDPR): 
You subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

Right to Erasure and to Restriction of Processing (Art. 17, 18 GDPR):
The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay, or alternatively, to have the right to obtain from the controller restriction of processing of the data in accordance with the statutory provisions.

Right to Data Portability (Art. 20 GDPR): 
The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller. 

Right to Lodge a Complaint With a Supervisory Authority (Art. 77 GDPR): 
Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes the GDPR. 

Right to Withdrawal of Consent (Art. 7 para.3 GDPR): 
The data subject shall have the right to withdraw his or her consent at any time.







COOKIE POLICY




“Cookies” are small text files that can be used by websites to make a user's experience more efficient. In order to extend the functional scope of our Internet service and to make it easier for you to use, we make use of "cookies". These are text files which are saved on your computer and enable your use of the website to be analyzed. These cookies help us to store data on your computer when you access our website. You have the option of blocking the storage of cookies on your computer by changing the settings on your browser. If you do this, however, you may no longer be able to use all the functions which our services provide. 

This site uses cookies to offer you a better customer experience. To modify your preferences or opt-out of the use of some or all of our cookies, please go to “Manage Cookies” or view our Cookie Policy to find out more. By clicking “Accept all” you consent to the use of these cookies.

The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.

Your consent applies to the following domains: www.gezeiten.com






TECHNICALLY NECESSARY COOKIES



We send the request to set the following cookies to our visitors' system the first time they visit a page.

If you do not agree with the setting of the above-mentioned cookies, you can configure your browser to refuse their installation. Under certain circumstances, this can lead to our website no longer functioning properly.

Processed Data: 
Usage Date, Meta- und Communications Data
Data Subjects: 
Users of our Website.
Legal Basis: 
The use of these cookies is absolutely necessary for the operation of the website and follows on the basis of our legitimate interest in the effective delivery of our online offer, Art. 6 para. 1 S.1 lit. f GDPR and § 25 para. 2 No. 2 TTDSG.







OPTIONAL COOKIES



We only set the following cookies after the user has given us their consent to do so. The legal basis for the processing is the consent of the user (Art. 6 para. 1 p. 1 lit. a GDPR).

In order to further improve our website, understand the interests and expectations of our users, identify problems with click paths on our website, and evaluate the performance of individual pages and our site as a whole, we use web analytics services. For this purpose, we collect and process data about the end device used by the user, the pages called up, the time spent calling up and staying on the respective pages, the user's origin (referrer) and, as far as possible, his or her geographical position. Insofar as we do this exclusively by evaluating the HTTP requests (see above), the processing is based on our legitimate interest. Insofar as we use additional services, this is only done with your consent:
Legitimate Interests (Art. 6 para. 1 p.1 lit. f GDPR)
Consent (if requested) (Art. 6 para. 1 p. 1 lit. a GDPR)

In order to further improve our website, understand the interests and expectations of our users, identify problems with click paths on our website, and evaluate the performance of individual pages and our site as a whole, we use web analytics services. For this purpose, we collect and process data about the end device used by the user, the pages called up, the time spent calling up and staying on the respective pages, the user's origin (referrer) and, as far as possible, his or her geographical position. Insofar as we do this exclusively by evaluating the HTTP requests (see above), the processing is based on our legitimate interest. Insofar as we use additional services, this is only done with your consent.
Legitimate Interests (Art. 6 para. 1 p.1 lit. f GDPR)
Consent (if requested) (Art. 6 para. 1 p. 1 lit. a GDPR)

In order to further improve our website, understand the interests and expectations of our users, identify problems with click paths on our website, and evaluate the performance of individual pages and our site as a whole, we use web analytics services. For this purpose, we collect and process data about the end device used by the user, the pages called up, the time spent calling up and staying on the respective pages, the user's origin (referrer) and, as far as possible, his or her geographical position. Insofar as we do this exclusively by evaluating the HTTP requests (see above), the processing is based on our legitimate interest. Insofar as we use additional services, this is only done with your consent.
Legitimate Interests (Art. 6 para. 1 p.1 lit. f GDPR)
Consent (if requested) (Art. 6 para. 1 p. 1 lit. a GDPR)

Processed Data: Usage Data, Meta- und Communications Data
Data Subjects: Users of Our Website.
Legal Basis: Consent of the Users (Art. 6 para. 1 p. 1 lit. a GDPR).
Objection: You can revoke consent for the future by using the consent tool on this website.







DATA PROCESSING BY EXTERNAL SERVICE PROVIDERS AND PROCESSORS




We use external service providers to optimize the delivery and integration of files in terms of performance and compatibility. If necessary, they store the files we require on servers in different geographical regions in order to reduce retrieval times. In doing so, the respective providers accrue corresponding request data.






AMAZON WEB SERVICES INC. / AMAZON AWS CLOUDFRONT



Cloudfront is a network for efficient delivery of static content (images, scripts, text, etc.). In doing so, the network moves content geographically closer to customers and ensures scalability of delivery. Your personal data is handled in accordance with applicable data protection law and in accordance with the information in Amazon’s privacy policy at: https://aws.amazon.com/de/compliance/data-privacy/.

Processed Data: 
Usage Data, Meta Data






CLOUDFLARE INC. / CLOUDFLARENET



The Cloudflare network is a globe-spanning and complex IT infrastructure network. As a rule, requests are forwarded to our servers via the servers of this network, although certain requests can also be processed directly by Cloudflare (caching). We use the services of a specialized and reputable company to operate and maintain our server and network infrastructure (data centers). Your personal data is handled in accordance with applicable data protection law and in accordance with the information in Cloudflare´s privacy policy at: https://www.cloudflare.com/privacypolicy/.

Processed Data: 
Usage Data, Meta Data, Content Data, Contact Data, Contract Data

Legitimate Interests:
Our legitimate interest is in the use of a highly available service and technology that is low-maintenance or maintenance-free for us. This ensures a consistently high level of security for the services.






YOUR CHOICE ABOUT COOKIES



Our legitimate interest is in using highly available service, technology that is low-maintenance or maintenance-free for us and not having to develop all services ourselves and instead having recourse to highly complex services operated by third parties. This ensures a consistently high level of security for the services and securing our services against unauthorized and damaging access.

Processed Data: 
Usage Data, Meta Data, Geo Data






GOOGLE LLC / GOOGLE MARKETING PLATFORM (MARKETING)



We process personal data for online marketing purposes. This includes in particular the presentation of advertising content that corresponds to the potential interests of the user. For this purpose, we use the advertising network "Google Ads". For this purpose, so-called user profiles are created and assigned to the user's terminal device by means of a cookie (see above). These cookies can later be read and analyzed on websites that use the same marketing provider. Profiling may include, in particular, data such as websites visited, content viewed, and online networks used. However, it is also possible to record communication partners and - if the user allows this - the user's location. The IP addresses of the user are also stored, again using so-called IP masking. 






YOUTUBE (VIDEO PLATFORM)



We use external providers to display videos on our website. These are usually integrated into our page by means of a so-called iframe. In this case, the browser calls up the external page containing the video when our own page loads. We use these external providers based on our legitimate interest in the simple integration of multimedia content into our offer. Affected Domains: jnn-pa.googleapis.com, googlevideo.com (incl. Subdomains), www.youtube.com (incl. Subdomains), www.youtube-nocookie.com, s.ytimg.com, i.ytimg.com (incl. Subdomains)






GOOGLE ANALYTICS



In order to further improve our website, understand the interests and expectations of our users, identify problems with click paths on our website, and evaluate the performance of individual pages and our site as a whole, we use web analytics services. For this purpose, we collect and process data about the end device used by the user, the pages called up, the time spent calling up and staying on the respective pages, the user's origin (referrer) and, as far as possible, his or her geographical position. Insofar as we do this exclusively by evaluating the HTTP requests (see above), the processing is based on our legitimate interest. If we use additional services, this will only be done with your consent. So-called SCCs (standard contractual clauses) exist between the above-mentioned responsible party and the operator. Affected Domains: analytics.google.com, region1.analytics.google.com, www.google-analytics.com (incl. Subdomains). Your personal data is handled in accordance with applicable data protection law and in accordance with the information in Google LLC’s privacy policy at: https://policies.google.com/privacy 






ISRG (INTERNET SECURITY RESEARCH GROUP) / LET‘S ENCRYPT



Let's Encrypt provides SSL certificates as a free certificate authority. The validity of such a certificate is limited in time before it has to be renewed. Such a certificate can also be recalled and "devalidated".

"r3.o.lencr.org" is one of the security servers of the Let's Encrypt organization, through which data about revoked certificates is published. We use certificate verification for your security. Your browser checks whether our certificate is still validated at the time of connection. We use certain security techniques to protect our website (especially forms) and other parts of our infrastructure from unauthorized access, spam and automated access. Affected Domains: r3.o.lencr.org. Your personal data is handled in accordance with applicable data protection law and in accordance with the information in ISRG´s privacy policy at: https://letsencrypt.org/privacy/. 






SHOPIFY INTERNATIONAL LIMITED / SHOP CONNECTION



Shopify hosts the customer content in its own Contend Delivery Network. As a customer, we have no influence on Shopify's data processing operations. Services that Shopify provides so that our web store can be displayed and used by you conveniently. Your personal data is handled in accordance with applicable data protection law and in accordance with the information in Shopify´s privacy policy at: https://www.shopify.com/legal/privacy.

Optimization of the User Interface: 
Our legitimate interest in the optimization of our user interface and thus the effective design of our services.

Customer Communication and Support: 
Our legitimate interest in direct, easy communication with our (potential) customers; possibly also in an environment they use anyway, as well as our legitimate interest in being able to offer customer-oriented support at this point.

Enabling the Operation of a Website: 
Processing is based on our legitimate interest in being able to maintain a website at all.

Payment Options: 
Our legitimate interest in being able to offer our customers familiar and secure payment options so that they can complete their purchase safely.

Maintenance: 
Our legitimate interest in being able to effectively maintain our services, detect errors and investigate them effectively.

High Availability: 
Our legitimate interest in using a highly available service.






USE OF FACEBOOK SOCIAL PLUGINS 



Our website uses social plugins ("plugins") for the social network facebook.com, which is run by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). The plugins are identified with a Facebook logo or with "Facebook Social Plugin." If you access a web page on our website which includes such a plugin, your browser establishes direct connection with the Facebook servers. The content of the plugin is sent from Facebook directly to your browser and then integrated in the website. The integration of plugins provides Facebook with the information that you have accessed the corresponding page on our website. If you are logged on to Facebook your visit can be assigned by Facebook to your Facebook account. If you interact with the plugins, by for example using the "Like" button or by adding a comment, the corresponding information will be sent from your browser directly to Facebook where it will be stored. The purpose and scope of data collection and further processing and use of data by Facebook and your rights and data privacy setting options in this regard are detailed in Facebook's own privacy policy. If you do not wish Facebook to collect information about you via our website you must logout from Facebook before going to our website.





META PIXEL (formerly FACEBOOK PIXEL)



Based on your consent, we collect data on our pages through "Meta Pixel", a service provided by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
This allows us to track the actions of users after they have been redirected to a provider website by clicking on a Facebook advertisement. This allows us to record the effectiveness of Facebook ads for statistical purposes. The data collected remains anonymous to us. This means that we cannot view the personal data of individual users. However, the collected data is stored and processed by Meta. We will inform you about this matter, according to our current information. Meta may link the data to your Facebook account data and use the data for its own advertising purposes, according to its data policy https://www.facebook.com/about/privacy/.

Conversion tracking also allows Meta and its partners to display ads to you on and off Facebook. In addition, a cookie is stored on your computer for these purposes. The purpose and scope of the data collection and the further processing and use of the data by Meta, as well as the related rights and settings options for protecting the privacy of users, can be found in Meta's privacy policy: https://www.facebook.com/about/privacy/ or at https://www.facebook.com/help/568137493302217.

If we transmit data to Meta for matching purposes, this data is encrypted and only then sent via a secure https connection. There, it is matched with the data encrypted in the same way by Meta.





META CONVERSIONS API (formerly FACEBOOK COVERSION)



With your consent, we also use Meta's Conversions API. The Conversions API establishes a connection between advertiser marketing data and Meta systems. This allows us to optimize ad targeting and measure results. This is done via a secure connection between our server and Meta's systems. In addition to Meta Pixel, server events are matched here for measurement, reporting and optimization of our offers. Both processes, Meta Pixel and Conversions API, may involve the transmission of personal data to Meta Platforms, Inc., One Hacker Way, Menlo Park, CA 94025, USA. You also agree to this transmission with your consent. There is a risk that U.S. security authorities may process your data without notifying you and providing you with redress.

For "event data" collected on our website, such as visits, app installs, and purchases, we and Meta are joint data controllers within the meaning of the General Data Protection Regulation (Art. 26 DS-GVO). The joint responsibility is for the collection of the data and its transfer to Meta.
You can revoke your consent to Meta Platforms' services in the future by resetting your selection in our consent management system.