Data protection information

1. Contact and responsible party

1.1. Group Data Protection Officer

If you would like to contact us regarding data protection, we can best process your request if you send an email to our Group Data Protection Officer. Of course, you can also contact us by any other means.

You can reach the Group Data Protection Officer of the Ravensburger Group at:

Ravensburger AG
Legal Department – Group Data Protection Officer
Otto-Maier-Straße 1
88214 Ravensburg
Germany
Email: [email protected]

1.2. Responsible

The parties responsible for this website are listed below. The individual companies are responsible for different aspects. Information about which company is responsible for which area can be found in this privacy policy or in the respective offer on the website.

Ravensburger AG
Otto-Maier Straße 1
88214 Ravensburg
Germany
Email: [email protected]
Phone: +49 (0) 751 86 0
Fax: +49 (0)751 86 13 11

Ravensburger Verlag GmbH
Otto-Maier Straße 1
88214 Ravensburg
Germany
Email: [email protected]
Phone: +49-(0)751 86 0
Fax: +49 (0)751 86 13 11

Ravensburger Freizeit und Promotion GmbH
Am Hangenwald 1
88074 Meckenbeuren
Germany
Email: [email protected] or [email protected]
Phone: +49 (0) 7542 400 0

2. Your rights

2.1. Note for data subjects from the EU/EEA

If you are a resident of a member state of the European Union or the European Economic Area, you have the rights set out in the General Data Protection Regulation (GDPR): the right to information, correction, deletion, restriction of processing, data portability, revocation of your consent to data processing, and objection to processing.

Please contact us if you wish to exercise any of your rights. You can find our contact details in the "Contact and responsible parties" section. To help us correctly assign your request, it would be helpful if you could let us know in what context you have contacted Ravensburger or whether you are referring to a specific offer.

2.1.1. Right to information

You can request information at any time about whether and, if so, which personal data we process about you.

2.1.2. Right to rectification

If you discover or believe that we have processed incorrect information about you, you have the right to rectification.

2.1.3. Right to erasure

You have the right to request that we erase the personal data we process about you. As a precaution, we would like to point out at this point that in some cases we are legally obliged to store data and may not erase this data before the statutory erasure period has expired. This includes, for example, tax law retention obligations or storage obligations due to possible warranty claims. A justification for further storage may arise from our interest in enforcing or defending our protected legal positions.

We would like to point out that we will block your data immediately as soon as and to the extent that we are obliged to comply with your request for deletion. However, due to technical circumstances, it may take a few days for the data to be permanently deleted, even in the case of an immediate deletion obligation. Please also note that once your data has been deleted, it cannot be restored.

2.1.4. Right to restriction of processing

You have the right to restrict the processing of data. Please also contact us via the channels described in this privacy policy.

2.1.5. Right to data portability

Under applicable data protection law, you may have the right to have your data transferred to another controller. Please let us know which data you would like to transfer and to whom. We will review your request immediately and inform you of the outcome.

2.1.6. Right to object and right of withdrawal

2.1.6.1. Withdrawal of consent

If you have given your consent to the processing of your data, you can revoke this consent at any time without giving reasons, but only with effect for the future. The processing of your data up to the time of your revocation remains unaffected.

Information on how you can revoke your consent can be found in the respective offer. You can also contact us via all the channels listed in this privacy policy. With regard to your consent to cookies and other digital (website) tools, you will find the option to revoke your consent below under section9.2.5 . With regard to your newsletter consent, you will find the information in the "Newsletter" section under section

2.1.6.2. Objection to data processing

If we base the processing of your personal data on the balancing of interests, you can object to the processing.

When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your objection, we will review the situation and either stop or adjust the data processing or point out our compelling legitimate reasons for continuing the processing.

2.1.6.3. Objection to direct marketing based on a balancing of interests

You can, of course, object to the processing of your personal data for advertising and data analysis purposes at any time. The best way to object to advertising is to contact us using the contact details provided in section1 .

2.1.7. Right to lodge a complaint

If you believe that our actions do not comply with the applicable data protection rules, you have the option of lodging a complaint with a data protection supervisory authority at your place of residence, permanent residence, our place of business, or the place of the alleged infringement.

2.1.8. No fully automated decisions

You have the right not to be subject to a decision based solely on automated processing that produces legal effects concerning you or similarly significantly affects you. We do not make such decisions—all decisions with legal effects concerning you are made by humans (unless we expressly state otherwise in the specific processing).

2.2. Note for data subjects from other countries

Many countries outside the EU and the EEA also have comparable data protection rights. If you are from another country and would like to exercise your rights, you can contact us at any time. We will carefully review your request and handle it in accordance with the legal requirements applicable to us.

Please also inform yourself about the data protection laws in your country to find out what specific rights you have there. We do everything we can to protect your data in the best possible way and in accordance with the law – regardless of where you are located.

3. Data provision obligation

We may collect data from you due to legal requirements or to fulfill a contract. If you do not provide us with this data or do not provide it to the extent required, this may result in us being unable to fully meet our obligations or provide you with the service.

4. Possible external recipients of data

4.1. Data processing by processors

In some cases, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions, and are regularly monitored.

4.2. Transfer to other third parties

We may also pass on your personal data to third parties if we offer promotions, competitions, contracts, or similar services together with partners. You can obtain more detailed information on this when you provide your personal data or, if the offer is described in more detail in this privacy policy, below.

4.3. Note for data subjects from the EU/EEA: Data transfers to third countries

If our service providers or partners are based in a country outside the EU or the European Economic Area (EEA), we will inform you of the consequences of this when you provide your personal data or in this privacy policy. In such cases, however, we always ensure that the applicable data protection regulations are complied with and that appropriate data protection instruments are used (e.g., adequacy decisions of the EU Commission, (EU standard) data protection agreements, if necessary, together with supplementary appropriate guarantees to protect your data from access by authorities and to ensure effective legal protection in the third country).

5. Processing of data relating to children and young people

The processing of data relating to children and young people is subject to increased legal requirements, which we carefully review and take into account. Our offers are generally aimed at adults. If we have unintentionally collected data from minors, we will delete it immediately, provided there are no legal reasons to the contrary. In any case, we will block the data so that it cannot be used for marketing purposes. Please inform us if your minor child has used one of our online offers and you do not agree with this.

If one of our offers is aimed at children and young people under the age of 16, we limit data processing to necessary data and only store this data for as long as it is required for the use of the offer. We provide such offers with an easily understandable data protection notice for the target group.

We only accept data transfers or consent from persons under the age of 16 with the consent of the legal guardian(s). In competitions in which children under the age of 16 are allowed to participate, we only ask for the data that is absolutely necessary.

If you provide us with data about your children, we will process this data exclusively for the specified purpose and in accordance with your consent or legal requirements.

We take appropriate technical and organizational measures when handling data from children and young people and do not use this data for marketing purposes. Children are often unable to assess the dangers of digital communication. Please educate your children, make them aware of the dangers, and keep an eye on their online activities.

6. Data processing when visiting our website

6.1. Data protection officer

The data protection officer responsible for providing the website is the company named as the website provider in the website imprint. You can find the contact details in the imprint and above under "1 ."

6.2. Data processing when visiting the website

When you use the website for informational purposes, i.e., simply viewing it without registering or otherwise providing us with information, we process the personal data that your browser transmits to our server. The data described below is technically necessary for us to display our website to you and to ensure stability and security.

• Your IP address
• Which browser you use
• Its version and language settings
• Which operating system you use
• Date and time of your access, including the difference from Greenwich Mean Time (GMT)
• Content of the access (specific website)
• Access status/HTTP status code
• The website through which the access is made

This data is stored for the duration of the session and deleted after a maximum of 30 days.

7. Additional offers and functions on our websites

If our websites contain additional offers, in particular time-limited promotions, you will receive information on data protection and the responsible party for the respective offer, unless this is described in this privacy policy.

8. Processing of personal data of business partners and interested parties

We work with numerous business partners, e.g., creators such as authors and illustrators, licensors, agencies, trading partners, cooperation partners, journalists, influencers, suppliers, freight forwarders, and technical service providers. Despite the diversity of these relationships, the following basic principles of data protection apply. Please note that specific regulations may apply in certain cases. In case of doubt, these take precedence over the general provisions described below. If such special regulations exist, we will inform you accordingly.

Data protection responsibility depends on which company you have a business relationship with or the reason for the business contact.

8.1. Processing within the scope of the business relationship

In the context of our business relationship, we process personal data that is necessary to establish, execute, or terminate a contract with you. This includes, in particular, the collection and storage of data for the initiation of contracts, communication with you, the execution of the business relationship, and the processing of payment transactions.

This may include, for example:

• Provision of services or delivery of products and billing
• Order and contract management
• Collaboration on projects and their documentation
• Payment of fees to licensors, authors, and illustrators
• Provision of requested information or materials

8.2. Processing based on a legitimate interest

We also process your data on the basis of our legitimate interest. Examples of this include:

• Maintaining the business relationship
• Analyzing and optimizing business processes to increase efficiency
• Business security measures, including the security of our IT systems
• Assertion of legal claims and defense in legal disputes

8.3. Consent

If you have given us your consent to process your personal data beyond the above-mentioned cases, for example if you have agreed that we may store

• store personal information voluntarily provided during the business relationship (e.g., hobbies, interests) in order to maintain the personal relationship, or
• inform you about news and events,

we process your data on the basis of this consent. You can revoke your consent at any time with effect for the future. To do so, you can contact us via any of the channels listed in this privacy policy.

8.4. Processing based on legal obligations

We also process personal data to comply with our commercial and tax law retention obligations, which include the retention of business documents for the period specified by law. In addition, we fulfill other legal obligations, such as fraud and money laundering prevention.

8.5. Other processing purposes

Please note that this list of processing purposes is not exhaustive and may be expanded if necessary for the performance of the business relationship.

8.6. Data transfer within the Ravensburger Group

Depending on the nature of the business relationship or contact, your data may be transferred within our group of companies if and to the extent necessary.

8.7. Storage period

We store your data in accordance with legal requirements for as long as is necessary to achieve the respective purpose. We then delete your data, unless and to the extent that there are legal retention periods.

9. Digital tools and your settings options

9.1. Why we use digital tools

We use various digital tools when you use our website. We distinguish between digital tools that are necessary for the operation of our website and its offerings, and optional tools. The latter serve, for example, to make the website more user-friendly, to compile anonymous statistics on the use of our website, to integrate external media (e.g., maps or videos), or to display advertising that is as relevant as possible to you—both on our website and on third-party websites.

You can find out how to give or withdraw your consent to the use of optional tools via the consent banner in section 9.3.

The digital tools we use include technologies such as cookies, pixels, API integrations, and local storage:

• Cookies: Small text files that are stored on your device and enable us to store and retrieve information about your use of our website.
• Pixels: Small image files embedded in web pages that enable us to track your interactions, such as which pages you have visited.
• API integrations: Interfaces that allow different software applications to communicate with each other and exchange data.
• Local storage: Methods that store data directly in your device's browser to enable a faster and more personalized user experience.

9.2. These are the tools used in detail:

9.2.1. Technically necessary digital tools

These digital tools are always necessary to display the website, ensure its technical security, and provide some other basic functions of the website.

We use the following technically necessary digital tools on this website:

9.2.1.1. Commanders Act (Privacy Center)

Provider: Fjord Technologies SAS, 3 bis rue Taylor, 75010 Paris, France
Type of technology: First-party cookies, consent management tool
Purpose of use: Commanders Act helps us to manage tool consent on our website in a legally compliant manner. The consent banner provided informs you about which cookies we use and allows you to decide which ones you want to allow. Your selection is then saved so that you are not asked again each time you visit the website.
Data collected and its processing: To document your consent, Commanders Act stores an anonymous cookie in your browser. This cookie contains information about which cookies you have accepted or rejected. In addition, it records when you made your selection and which version of the cookie banner was displayed to you. This allows us to ensure that you are always informed about current changes and that your consent remains traceable.
Place of processing: EU/EEA
Legal basis: Legitimate interest (ensuring legally compliant consent management and storage of user settings), legal obligation
Maximum storage period: 13 months
Provider's privacy policy: https://www.commandersact.com/de/datenschutz/

9.2.2. Convenience

These digital tools simplify your use of the website and enable more convenient operation. For example, they allow us to show you items that you added to your shopping cart during a previous visit or to save other settings you have made so that you can always pick up where you left off. The legal basis for their use is your consent, which you can revoke at any time by changing your settings, see section 9.3.

We do not use any digital tools in the "comfort" category on this website.

9.2.3. Statistics

These digital tools enable us to statistically evaluate visits to and use of our website. These statistics allow us, for example, to determine visitor numbers and popular content and use this knowledge to improve our offering and our websites. All these statistics and associated data are anonymous. The legal basis for their use is your consent, which you can revoke at any time by changing your settings, see section 9.3.

We use the following digital tools from the "Statistics" category on this website:

9.2.3.1. Commanders Act (server-side tracking – statistics)

Provider: Fjord Technologies SAS, 3 bis rue Taylor, 75010 Paris, France
Type of technology: Server-side tracking, tag management system, no client-side cookies or memory access
Purpose of use: Commanders Act is used for the data protection-compliant collection and evaluation of statistical information about the use of our website. The aim is to analyze technical performance and optimize our content based on aggregated, non-personalized data. Processing is based exclusively on events recorded on the server side, without direct user identification.
Data collected and its processing: The following data is collected, among other things: IP address (truncated or anonymized), timestamp, pages visited, device type used, operating system, browser, referring URL (referrer), interactions with page elements.

The data is processed exclusively in pseudonymized and aggregated form. There is no profiling, no tracking across websites, and no connection to other third-party services.

Place of processing: EU/EEA
Legal basis: Consent
Maximum storage period:
Provider's privacy policy: https://www.commandersact.com/de/datenschutz/

9.2.3.2. Google Analytics

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Type of technology: Third-party cookie
Purpose of use: Recording and analyzing user behavior to improve the website, identifying frequently visited areas, adapting content based on usage patterns.
Data collected and its processing: Device/browser data, IP addresses (shortened by IP masking), pages visited, length of stay, interactions with the website.
Place of processing: EU/EEA and USA (Transatlantic Privacy Framework certified)
Legal basis: Consent
Maximum storage period: 14 months
Provider's privacy policy: https://www.google.de/intl/de/policies/privacy/ https://support.google.com/analytics/answer/6004245?hl=de

9.2.3.3. Klevu

Provider: Klevu Oy, Bertel Jungin aukio 5, 02600 Espoo, Finland
Type of technology: First-party cookie, API integration
Purpose of use: Klevu Search optimizes product searches in our online shop by providing you with relevant search results based on your search behavior and our regional product catalogs.
Data collected and its processing: When you enter a search term on our website, Klevu Search analyzes your search query in real time. With your consent, Klevu Search can also access information about your previous purchases, such as items, order numbers, and product values, in order to personalize the search results according to your preferences. A cookie is set for this purpose, which stores this information.
Place of processing: EU/EEA
Legal basis: Consent
Maximum storage period:
Provider's privacy policy: https://www.klevu.com/privacy-policy/

9.2.3.4. Matomo

Provider: InnoCraft Limited, 7 Waterloo Quay, PO625, 6140 Wellington, New Zealand.
Type of technology: First-party cookie, tracking script
Purpose of use: Matomo enables us to analyze the use of our website in order to improve our content and user experience. The statistics obtained help us to make our offering more relevant to you.
Data collected and its processing: Matomo collects interactions between you and our website using cookies, device and browser data, IP addresses, and website or app activity. The IP address is used exclusively for location determination (country), but is completely masked and not stored. We do not store any personally identifiable information such as your email address. The anonymized web analysis data is stored for an unlimited period of time.
Place of processing: EU/EEA (own server structure, no transfer to third parties)
Legal basis: Consent, insofar as Matomo is used without cookies, legitimate interest
Maximum storage period: Unlimited (anonymized data)
Provider's privacy policy: https://matomo.org/privacy-policy/

9.2.3.5. Microsoft Clarity

Provider: Microsoft Ireland Operations Ltd., One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland
Type of technology: Third-party cookie
Purpose of use: Microsoft Clarity is used to compile usage statistics and analyze the usage behavior of visitors to our website. This helps us to optimize the website and improve the user experience.
Data collected and its processing: Data is collected for the purpose of compiling usage statistics. This data is anonymized and summarized in statistics. The data collected includes: usage behavior, pages visited, interactions on the website
Place of processing: EU/EEA, USA
Legal basis: Consent
Maximum storage period:
Provider's privacy policy: https://privacy.microsoft.com/de-de/privacystatement

9.2.3.6. Miros

Provider: Miros OÜ, Tehnika 16, 10149 Tallinn, Estonia
Type of technology: First-party cookie, pixel, API integration
Purpose of use: Miros AI helps us to show you content that matches your interests. When you click on the "Show similar images" button on our website, Miros AI analyzes the images currently displayed and presents you with similar images.
Data collected and its processing: Without the use of cookies, Miros AI analyzes the content you view in real time to suggest similar motifs. With your express consent, we also use a cookie that stores information about your purchases on our site, including order value and items ordered. Based on this information, we can recommend similar products to you on your next visit. The cookie remains active for the duration specified by Miros AI, unless you delete it manually via your browser settings or revoke your consent via our consent management system.
Place of processing: EU/EEA
Legal basis: Consent
Maximum storage period:
Provider's privacy policy:
https://miros.ai/privacy-policy/

9.2.4. Marketing

These digital tools enable us to display content, including advertising, that is personally selected and particularly relevant to you based on your interests. In order to personalize such content for you, we may evaluate your use of our website and determine and display relevant content to you. To do this, we sometimes use external partners who enable us to display personalized advertising on other websites as well. For this purpose, we transfer the necessary data for the use of our offers to our partners.

The legal basis for this use is your consent, which you can revoke at any time by changing your settings, see section 9.3.

We use the following digital tools from the "Marketing" category on this website:

9.2.4.1. O_Generic

Provider: Kepler Group LLC, 2 Park Avenue, New York, NY 10016, USA
Type of technology: Third-party service, tracking and segmentation tool, pixel tracking (if applicable), cookies, device identifiers
Purpose of use: Kepler is used to analyze user behavior on our website, segment target groups, and display personalized content or advertising. Kepler also helps optimize campaign performance, conversion rates, and user experiences.
Data collected and its processing: The following data is processed, among other things: IP address, device and browser information, screen resolution, referrer URL, session duration, click behavior, pages viewed, scroll behavior, movement data (if applicable), and individual user identifiers.

If Kepler is linked to other marketing services (e.g., Meta, Google, DSPs), cross-platform user profiling may also take place ( ).

The data is processed in pseudonymized form, but can be used for recognition-based advertising and A/B testing.

Place of processing: USA and, if applicable, other third countries
Legal basis: Consent
Maximum storage period:
Provider's privacy policy: https://www.keplergrp.com/privacy-policy/

9.2.4.2. Bounce Commerce

Provider: Bounce Commerce GmbH, Lindenallee 39, 47608 Geldern, Germany
Type of technology: Third-party cookie
Purpose of use: Bounce Commerce helps to identify and resolve problems with forms and navigation on a website. This improves the user experience and ensures that all information is processed correctly.
Data collected and its processing: Bounce Commerce does not collect any personal or personally identifiable data, only technical data from a user session.
Place of processing: EU/EEA
Legal basis: Legitimate interest (correction of website errors and ensuring a correct data basis)
Maximum storage period: 3 hours
Provider's privacy policy: https://www.bounce-commerce.de/datenschutz

9.2.4.3. Elaine

Provider: ELAINE technologies GmbH, Zanderstrasse 7, 53177 Bonn, Germany
Type of technology: Email marketing platform, API integration
Purpose of use: Recording conversions generated from emails (e.g., purchases in the online shop after clicking on a newsletter link).
Data collected and its processing: When the website is accessed via a link contained in an email, a conversion pixel is set (after consent has been given to the "Marketing" category in the cookie banner). Among other things, this records the URL accessed, the timestamp of the visit, and information on whether a defined conversion (e.g., purchase) has taken place. The data is collected solely for the purpose of assigning the conversion to a specific email campaign.
Place of processing: Germany/EU
Legal basis: Consent
Maximum storage period: 30 days
Provider's privacy policy: https://www.elaine.io/datenschutz

9.2.4.4. Meta / Facebook / Instagram

Provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland
Type of technology: Pixel, API integration
Purpose of use: By integrating the Meta Pixel, we can display targeted advertisements ("Meta Ads") and measure their success ("conversion tracking"). This allows us to track whether users perform a specific action on our website after clicking on an ad, such as making a purchase.
Data collected and its processing: The Meta Pixel collects data about your interactions with our website and can link this to your Facebook or Instagram user profile. This includes pages visited, interactions with ads, and any purchases made. Meta may use this data to create user profiles and for personalized advertising. Data may also be shared with the US parent company Meta Platforms, Inc. and other subcontractors.
Place of processing: EU/EEA, US (data transfer possible)
Legal basis: Consent
Maximum storage period: In accordance with Meta's guidelines
Provider's privacy policy: http://www.facebook.com/about/privacy

9.2.4.5. Google Ads

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Type of technology: Third-party cookie
Purpose of use: We use Google Ads to draw attention to our offers through advertisements. If you access our website via a Google ad, Google Ads will store a cookie on your device.
Data collected and its processing: The advertising material is delivered by Google via so-called ad servers. Ad server cookies are used to collect metrics such as ad impressions or clicks. These cookies enable us to evaluate the success of our advertising campaigns. The stored data includes a unique cookie ID, the number of ad impressions per placement, and opt-out information. The cookies are not used to identify you personally.
Place of processing: EU/EEA, USA (data transfer possible)
Legal basis: Consent
Maximum storage period: Max. 6 months
Provider's privacy policy:

https://www.google.com/intl/de/policies/privacy

https://services.google.com/sitestats/de.html

9.2.4.6. idealo

Provider: idealo internet GmbH, Zimmerstr. 50, 10888 Berlin, Germany
Type of technology: Third-party service, API/script integration (widget), cookies or similar tracking technologies where applicable
Purpose of use: The integration of idealo widgets enables current price comparisons and product information to be displayed directly on our website. This serves to provide user-friendly market information about our products.
Data collected and its processing: When loading the integrated content, idealo may process the following data: IP address, browser and device information, referrer URL, timestamp, interactions with the widget (e.g., clicks), if applicable.

If you click on an embedded idealo element, you will be redirected to idealo.de, where further tracking and analysis processes by idealo are possible.

idealo may use cookies and similar technologies to evaluate the use of the embedded content or to measure its success.

Place of processing: Germany
Legal basis: Consent
Maximum storage period: 60 minutes
Provider's privacy policy: https://www.idealo.de/preisvergleich/Datenschutz.html

9.2.4.7. impact

Provider: Impact Tech, Inc., 223 E. De La Guerra St., Santa Barbara, CA 93101, USA
Type of technology: Tracking pixels, cookies, JavaScript code, server-to-server integrations
Purpose of use: Impact provides a platform for managing and optimizing partnerships, including affiliate marketing and influencer collaborations. By using tracking technologies, Impact enables the accurate attribution of customer interactions and transactions to specific partners, which facilitates performance measurement and billing.
Data collected and its processing: When using Impact, various data is collected, including device and browser information, IP addresses, and click and conversion data. This information is used to analyze the effectiveness of partnerships, prevent fraud, and improve the user experience.
Place of processing: USA
Legal basis: Consent
Maximum storage period: 720 days
Provider's privacy policy: https://impact.com/privacy-policy/

9.2.4.8. intent.ly

Provider: Intent.ly Ltd, International House, 24 Holborn Viaduct, London EC1A 2BN, United Kingdom
Type of technology: Third-party service, JavaScript tag, tracking technology (e.g., cookies, session storage, fingerprinting)
Purpose of use: intent.ly is used to analyze user behavior on our website in real time and to display context-sensitive content or offers (e.g., pop-ups, product recommendations, exit intent messages). The aim is to improve the user experience and conversion rate. It is only used with your consent.
Data collected and its processing: intent.ly collects the following information in particular: IP address (truncated or complete), device and browser data, referrer URL, session duration, mouse movements, click behavior, scroll depth, interactions with content, and any subpages visited.

The data is processed pseudonymously, but may lead to recognition through additional data sources (e.g., for registered users).

intent.ly may also use cookies or similar technologies to identify users across multiple visits and deliver personalized content.
Place of processing: UK, possibly other third countries
Legal basis: Consent
Maximum storage period:
Provider's privacy policy:
https://intent.ly/privacy-policy/

9.2.4.9. Microsoft

Provider: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland
Type of technology: API integration, third-party service (script/data loader, cookies or similar technologies where applicable)
Purpose of use: The Bing Loader is used to dynamically integrate content or functions from Microsoft Bing (e.g., map services, search suggestions, or address completions) into our website. Integration only takes place with your consent.
Data collected and its processing: When you access the integrated services, the following data may be transmitted to Microsoft and processed: IP address, device information, browser data, referrer URL, location data (if shared), usage and interaction data.

If you are logged in to Microsoft services (e.g., Microsoft account, Outlook, Edge), the data may be linked to your user profile. The data collected may also be used by Microsoft for analysis, to improve services, and for personalized advertising.

Place of processing: EU/EEA, USA (data transfer possible)
Legal basis: Consent
Maximum storage period: In accordance with Microsoft guidelines
Provider's privacy policy: https://privacy.microsoft.com/de-de/privacystatement

9.2.4.10. Pinterest

Provider: Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland
Type of technology: Pixel, API integration
Purpose of use: By integrating the Pinterest tag, we can display targeted advertisements ("Pinterest Ads") and measure their success ("conversion tracking"). This allows us to track whether users perform a specific action on our website after clicking on an ad, such as making a purchase.
Data collected and its processing: The Pinterest tag collects data about your interactions with our website and can link this to your Pinterest user profile. This includes pages visited, interactions with ads, and any purchases made. Pinterest may use this data to create user profiles and for personalized advertising. Data may also be shared with the US parent company Pinterest Inc. and other subcontractors.
Place of processing: EU/EEA, data transfer to third countries possible
Legal basis: Consent
Maximum storage period: In accordance with Pinterest's guidelines
Provider's privacy policy: https://policy.pinterest.com/de/privacy-policy

9.2.4.11. Sovendus

Provider: Sovendus GmbH, c/o Design Offices Karlsruhe Bahnhofplatz, Bahnhofplatz 12, 76137 Karlsruhe, Germany
Type of technology: Third-party service, voucher platform, iFrame/script integration, tracking technology (e.g., hash value-based pseudonymization)
Purpose of use: Sovendus is used to optionally display a voucher offer for another online shop after you have completed a purchase. This serves to promote user loyalty and participation in an advertising-financed benefits program.
Data collected and its processing: In order to select a voucher offer that is suitable for you, a pseudonymized hash value of your email address and your IP address in truncated form are transmitted to Sovendus. When a voucher is selected, additional data (e.g., name, email address) is transmitted to Sovendus so that the voucher can be provided. For statistical purposes, the order number, shopping cart value, session ID, and a timestamp are also processed.
Place of processing: EU/EEA
Legal basis: Consent
Maximum storage period: Sovendus only stores personal data for as long as it is needed for the above-mentioned purposes and in accordance with the statutory retention obligations.
Provider's privacy policy: https://www.sovendus.de/datenschutz/

9.2.4.12. Spotify

Provider: Spotify AB, Regeringsgatan 19, 111 53 Stockholm, Sweden
Type of technology: Third-party service, iFrame embedding or API integration (cookies, local storage, device identifiers, if applicable)
Purpose of use: The integration of Spotify content enables us to provide audio content such as music or podcasts directly on our website. This allows us to expand our multimedia offering and provide you with an interactive user experience. Integration only takes place with your consent.
Data collected and its processing:   When loading embedded Spotify elements (e.g., playlists, players), Spotify processes the following data, among other things: IP address, device and browser information, referrer URL, timestamp, location data (if applicable), and usage and interaction data (e.g., playback behavior).

If you are logged into Spotify, your visit to our website may be linked to your Spotify account.

Spotify may also process the collected data for its own purposes (e.g., usage analysis, personalized content, advertising).
Place of processing: EU/EEA, third countries if applicable
Legal basis: Consent
Maximum storage period: In accordance with Spotify's guidelines
Provider's privacy policy: https://www.spotify.com/de/legal/privacy-policy/

9.2.4.13. TikTok

Provider: TikTok Technology Limited, The Sorting Office, Ropemaker Place, Dublin 2, Dublin, D02 HD23, Ireland
Type of technology: Pixel, API integration
Purpose of use: By integrating the TikTok pixel, we can display targeted advertisements ("TikTok Ads") and measure their success ("conversion tracking"). This allows us to track whether users perform a specific action on our website after clicking on an ad, such as making a purchase.
Data collected and its processing: The TikTok Pixel collects data about your interactions with our website and can link this to your TikTok user profile. This includes pages visited, interactions with ads, and any purchases made. TikTok may use this data to create user profiles and for personalized advertising. Data may also be shared by TikTok with its affiliated companies.
Place of processing: EU/EEA, data transfer to third countries possible
Legal basis: Consent
Maximum storage period: In accordance with TikTok's guidelines
Provider's privacy policy: https://www.tiktok.com/legal/page/eea/privacy-policy/de

9.2.4.14. trbo

Provider: trbo GmbH, Leopoldstr. 41, 80802 Munich, Germany
Type of technology: First-party cookie, web beacon, tracking tool
Purpose of use: trbo enables us to optimize our online offering, measure the effectiveness of our online advertising, and provide personalized offers.
Data collected and its processing: Pseudonymous user data is collected, in particular via cookies or web beacons. A random identification number is used for this purpose, which is not linked to other personal data such as name or address. In addition, data such as pages visited, click behavior, and length of stay are collected.
Place of processing: EU/EEA
Legal basis: Consent
Maximum storage period: 14 months
Provider's privacy policy: https://www.trbo.com/datenschutz/

9.2.4.15. UpSellit

Provider: USI Technologies, Inc., 9854 National Blvd #1260, Los Angeles, CA 90034, USA
Type of technology: Tracking pixels, cookies, JavaScript code
Purpose of use: UpSellit offers solutions to increase conversion rates and reduce shopping cart abandonment through personalized user engagement and interaction. This includes behavior-based email campaigns, individual offers, and real-time chat features that aim to improve the shopping experience and motivate customers to complete the purchase process.
Data collected and its processing: UpSellit does not collect personal data such as IP addresses or unique user IDs for purposes outside the agreed marketing measures. The information collected is used exclusively to analyze user behavior on the website and to provide personalized content in order to optimize the user experience. No data is stored or passed on for other purposes.
Place of processing: EU/EEA, data transfer to third countries possible
Legal basis: Consent
Maximum storage period: No personal data is stored.
Provider's privacy policy: https://labs.upsellit.com/privacy-policy

9.2.4.16. YouTube Ads

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Type of technology: Third-party service, advertising tracking, cookies, device identifiers, remarketing tags
Purpose of use: YouTube Ads is used to display interest-based advertising and to measure the effectiveness of our advertising campaigns on YouTube and the Google network. This also includes the option of targeting users again based on their behavior (retargeting).
Data collected and its processing: The following data may be processed as part of YouTube Ads: IP address, device information, browser data, interactions with advertising material or videos (e.g., views, clicks, playback time), pages visited, referrer URLs, and individual user identifiers (e.g., Google Ads ID).

If you are logged into your Google account, this data can be linked to your profile and used for personalized advertising. Even without logging in, recognition can take place via cookies or device identifiers.

The information collected is used by Google for analysis, optimization, and personalized advertising—both within YouTube and in the extended Google advertising network.

Place of processing: EU/EEA and, if applicable, third countries (in particular the USA)
Legal basis: Consent
Maximum storage period: In accordance with Google's guidelines
Provider's privacy policy: https://policies.google.com/privacy

9.2.5. External media

These tools enable content from third-party providers such as maps, videos, or social media posts to be displayed directly on our website. If you activate this content, external providers may collect data about you. The use of these tools is based on your consent, which you can revoke at any time via the settings.

The legal basis for the use of these tools is your consent, which you can revoke at any time by changing your settings, see section 9.3.

We use the following digital tools from the "External Media" category on this website:

9.2.5.1. Social Native

Provider: Social Native Inc., 9903 S. Santa Monica Blvd. #766, Beverly Hills, CA 90212, USA
Type of technology: API integration
Purpose of use: Social Native searches Instagram for images and videos that show our products and are suitable for further distribution. If we want to share this content via the internet or print media, we contact the respective Instagram users to obtain their consent for use. Users can also upload images directly via our website, either via their social media account or by uploading them from their PC. Users can decide for themselves which name should be displayed. The content is only used with the express consent of the respective user.
Collected data and its processing: When a user agrees to a post or uploads a post via our website, the image or video, the Instagram username (if applicable), and any other information associated with the post will be processed. This data will be used exclusively for marketing our products via digital and non-digital channels.
Place of processing: USA
Legal basis: Consent and contract fulfillment
Maximum storage period: Purely statistical storage (website visitors), until consent is revoked (Instagram users)
Provider's privacy policy: https://www.socialnative.com/privacy-policy/

9.2.5.2. YouTube

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Type of technology: API integration, third-party service (iFrame embedding, cookies and similar technologies where applicable)
Purpose of use: YouTube enables us to provide videos directly on our website in order to offer you informative and entertaining content. The integration only takes place after you have given your consent.
Collected data and its processing: When using YouTube, Google processes the following data in particular: IP address, device information, browser data, referrer URL, and, if applicable, interaction data (e.g., playback status, video duration, clicks).

If the user is logged in to Google or YouTube, the visit to our website can be assigned to the respective user account. Even without logging in, recognition can take place via unique identifiers.

Google may also use the data for profiling, personalized advertising (especially for logged-in Google accounts), and performance and usage analysis.

Place of processing: EU/EEA, USA (data transfer possible)
Legal basis: Consent
Maximum storage period: In accordance with Google's guidelines
Provider's privacy policy: 
https://www.google.de/intl/de/policies/privacy

9.3. Your settings options

Here you can access the consent banner to configure your personal settings and give or withdraw your consent to the use of optional tools.

9.4. Overview of individual cookies and other digital tools

An overview of the individual cookies and other digital tools can be found in our cookies policy.

10. Other integrated services

Some features of our websites—such as forms or online shops—use third-party services. These only become active when you actually use them. Therefore, they are not part of our general consent banner, but are based on other legal grounds such as contract fulfillment or legitimate interest.

We explain below which services are used and what happens to your data.

10.1. Endereco – Address verification and validation

Provider: Endereco UG (limited liability), Balthasar-Neumann-Str. 4b, 97236 Randersacker, Germany
Type of technology: Third-party service, API integration, server-side and/or client-side verification of form data
Purpose of use: Endereco is used to check the correctness and completeness of user entries in forms (e.g., addresses, email addresses, phone numbers) in real time and, if necessary, to suggest automated corrections. This serves to improve data quality and reduce incorrect entries in the ordering or registration process.
Data collected and its processing: When using the validation functions, the data entered by the user (e.g., postal address, email address, telephone number) is transmitted to Endereco's servers via an encrypted connection. The data is used exclusively for one-time validation during entry and is not stored permanently.

No profiling, linking to other data sources, or advertising use takes place.

Place of processing: EU/EEA
Legal basis: Contract fulfillment, legitimate interest (improvement of data quality, reduction of input errors, protection against misuse)
Maximum storage period: 30 days
Provider's privacy policy: https://www.endereco.de/datenschutz/

10.2. Typeform – Online forms and surveys

Provider: Typeform S.L., Carrer Bac de Roda, 163, 08018 Barcelona, Spain
Type of technology: Third-party service, iFrame/script embedding, cookies or similar technologies where applicable, data processing via externally hosted form
Purpose of use: Typeform is used to provide interactive forms or surveys directly on our website or via external links.
Data collected and its processing: When using a Typeform form, in addition to the information actively entered by the user (e.g., name, email address, answers to form questions), technical data is also processed, including: IP address, device and browser information, referrer URL, timestamp, location data if applicable.

Typeform may use cookies or similar technologies for analysis and security purposes.

When you fill out a form, the data is processed directly by Typeform on behalf of the form provider (us).
Place of processing: EU/EEA, data transfer to third countries (in particular the USA) if necessary
Legal basis: Consent
Maximum storage period: The data is stored for as long as necessary for the purposes for which it was collected and in accordance with the applicable legal provisions.

Provider's privacy policy: 
https://www.typeform.com/privacy-policy/