Website Privacy Policy

1. Privacy at a glance

General information

Data processing on this website is carried out by the website operator. The operator’s contact details can be found in the “Controller” section of this policy.

How we collect your data

Your data is collected when you provide it to us (e.g. by entering it in a contact form). Other data is collected automatically or after your consent when visiting the site. This mainly includes technical data (e.g. browser, operating system, time of access). The collection happens automatically as soon as you enter the site.

What we use your data for

Part of the data is collected to ensure error-free provision of the website. Other data may be used to analyse user behaviour. If contracts can be concluded or initiated via the site, the transmitted data is also processed for offers, orders, or other requests.

Your rights

You have the right to obtain information about the origin, recipients, and purpose of your stored personal data at any time. You also have the right to request correction or deletion of this data. If you have given consent to data processing, you can withdraw it at any time for the future. Furthermore, you have the right to request restriction of processing under certain circumstances and the right to lodge a complaint with a supervisory authority. For this and other questions you can contact us at any time.

Analytics and third-party tools

When visiting this website, your browsing behaviour may be statistically evaluated. This is mainly done with analytics programs. Details can be found in this privacy policy.

2. Hosting

We host our website with the following provider:

Strato AG
Otto-Ostrowski-Straße 7
10249 Berlin, Germany

When you visit our website, Strato collects various log files including your IP address. For more information, see Strato’s privacy notice: https://www.strato.de/datenschutz/.

The use of Strato is based on Art. 6(1)(f) GDPR (legitimate interest in reliable presentation of the website). If consent was obtained, processing is based on Art. 6(1)(a) GDPR and §25(1) TDDDG (if it involves storing cookies or accessing device information). Consent can be revoked at any time.

Data processing agreement
We have concluded a data processing agreement with Strato to ensure your personal data is processed only according to our instructions and in compliance with GDPR.

3. General information and mandatory details

Data protection

We take the protection of your personal data seriously. Your data is treated confidentially and in accordance with legal data protection regulations and this policy. Note that data transmission on the Internet (e.g. communication by email) can have security gaps. Complete protection against access by third parties is not possible.

Controller

konax media Günther Fick GbR
Weberstraße 30
23966 Wismar
Germany
Phone: +49 (0)3841 6204972
Email: info@dearlist.de

The controller is the natural or legal person who decides, alone or jointly with others, on the purposes and means of processing personal data.

Storage duration

Unless a more specific storage period is stated in this policy, your personal data remains with us until the purpose for processing ceases. If you make a legitimate deletion request or withdraw consent, your data will be deleted unless we have other legally permissible reasons to store it (e.g. tax or commercial retention periods); in the latter case deletion takes place after these periods expire.

Legal bases for processing

If you have consented, processing is based on Art. 6(1)(a) GDPR (and Art. 9(2)(a) GDPR for special categories). If you consented to transfer to third countries, this is also based on Art. 49(1)(a) GDPR. If you consented to store cookies or access device information, processing is based on §25(1) TDDDG. Consent can be revoked at any time. If data is required for contract performance or pre-contractual measures, processing is based on Art. 6(1)(b) GDPR. For legal obligations, Art. 6(1)(c) GDPR applies. Processing based on legitimate interest uses Art. 6(1)(f) GDPR. Details on the applicable legal bases are given in the sections below.

Recipients of personal data

We work with various external parties. Personal data is transferred to them only if required for contract fulfilment, if legally obliged, if we have a legitimate interest, or if another legal basis permits it. With processors we conclude data processing agreements; for joint processing we conclude joint controller agreements.

Withdrawal of your consent

Many processing operations are only possible with your express consent. You can revoke consent at any time with future effect. The lawfulness of processing carried out before the withdrawal remains unaffected.

Right to object under Art. 21 GDPR

If processing is based on Art. 6(1)(e) or (f) GDPR, you have the right to object at any time on grounds relating to your particular situation; this also applies to profiling based on these provisions. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms or the processing serves the establishment, exercise, or defence of legal claims (Art. 21(1) GDPR).

If your personal data is processed for direct marketing, you have the right to object at any time to such processing; this also applies to profiling related to direct marketing. If you object, your personal data will no longer be used for direct marketing (Art. 21(2) GDPR).

Right to lodge a complaint

In case of GDPR violations, data subjects have a right to lodge a complaint with a supervisory authority, particularly in the Member State of their habitual residence, place of work, or place of the alleged infringement. The right to lodge a complaint exists without prejudice to other administrative or judicial remedies.

Right to data portability

You have the right to receive data we process automatically based on your consent or in performance of a contract, in a commonly used, machine-readable format, or to have it transmitted to another controller where technically feasible.

Access, erasure, and rectification

Within the scope of applicable law, you have the right to free information about your stored personal data, its origin, recipients, and purpose and, if necessary, a right to rectification or deletion of this data. For this and other questions you can contact us at any time.

Right to restriction of processing

You have the right to request restriction of processing in the following cases:

• If you contest the accuracy of your personal data, we usually need time to verify this. For the duration of verification, you have the right to request restriction of processing.
• If processing is unlawful, you may request restriction instead of deletion.
• If we no longer need the data, but you need it for legal claims, you may request restriction instead of deletion.
• If you have objected under Art. 21(1) GDPR, a balance must be struck between your interests and ours. Pending this decision, you have the right to request restriction.

If processing is restricted, such data – apart from storage – will only be processed with your consent or for the establishment, exercise, or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the EU or a Member State.

SSL/TLS encryption

For security and to protect confidential content (e.g. orders or enquiries) this site uses SSL/TLS encryption. An encrypted connection is indicated by “https://” and the padlock icon in your browser. When enabled, data you transmit cannot be read by third parties.

Objection to advertising emails

We object to the use of contact data published under the legal notice requirements for sending unsolicited advertising and information materials. The site operators expressly reserve the right to take legal action in the event of unsolicited advertising (e.g. spam emails).

4. Data collection on this website

Cookies

Our websites use “cookies”. Cookies are small data packages that do no harm to your device. They are stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are deleted automatically after your visit. Persistent cookies remain until you delete them or your browser deletes them automatically. Cookies can be set by us (first-party cookies) or by third parties (third-party cookies). Third-party cookies enable certain services of third-party companies within websites (e.g. payment processing).

Cookies have various functions. Many are technically necessary because certain website functions would not work without them (e.g. shopping cart, video display). Others may be used to analyse user behaviour or for advertising. Necessary cookies for electronic communication, provision of certain functions you request, or optimisation of the website (e.g. audience measurement) are stored on the basis of Art. 6(1)(f) GDPR unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for technically error-free and optimised services. If consent for cookies and similar technologies is requested, processing is based solely on this consent (Art. 6(1)(a) GDPR and §25(1) TDDDG); consent can be revoked at any time.

You can configure your browser to inform you about cookie setting, to allow cookies only in individual cases, to exclude cookies for specific cases or in general, and to enable automatic deletion when closing the browser. Disabling cookies may limit the functionality of this website. Which cookies and services are used can be found in this privacy policy.

Contact form

If you send us enquiries via the contact form, your details including the contact data provided will be stored for the purpose of processing the enquiry and for follow-up questions. We do not pass on this data without your consent. Processing is based on Art. 6(1)(b) GDPR if your request relates to contract performance or pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively handling enquiries (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if requested; consent can be revoked at any time.

Data entered in the contact form remains with us until you request deletion, revoke consent, or the purpose for storage no longer applies (e.g. after completing your request). Mandatory legal provisions – especially retention periods – remain unaffected.

Enquiry by email, telephone, or fax

If you contact us by email, telephone, or fax, your enquiry including resulting personal data (name, enquiry) will be stored and processed for the purpose of handling your request. We do not share this data without your consent. Processing is based on Art. 6(1)(b) GDPR if related to contract performance or pre-contractual measures. Otherwise, processing is based on our legitimate interest in effective communication (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if requested; consent can be revoked at any time.

Data sent in enquiries remains with us until you request deletion, revoke consent, or the purpose for storage no longer applies (e.g. after your request is completed). Mandatory legal provisions – especially statutory retention periods – remain unaffected.

5. Plugins and tools

Google Fonts

This site uses Google Fonts for consistent font display. When you call up a page, your browser loads the required fonts into your browser cache to display texts and fonts correctly. To do this, your browser connects to Google servers and Google learns that our website was accessed via your IP address.

The use of Google Fonts is based on Art. 6(1)(f) GDPR (legitimate interest in a consistent presentation). If consent was requested, processing is based solely on Art. 6(1)(a) GDPR and §25(1) TDDDG (if it involves storing cookies or accessing device information). Consent can be revoked at any time. If your browser does not support Google Fonts, a standard font will be used.

Further information on Google Fonts: https://developers.google.com/fonts/faq and Google’s privacy policy: https://policies.google.com/privacy.

Google is certified under the EU-US Data Privacy Framework (DPF): https://www.dataprivacyframework.gov/participant/5780.

6. Online marketing and affiliate programs

Affiliate programs on this website

We participate in affiliate programs. Ads from a company are placed on websites or other media of other companies in the affiliate network. If you click an affiliate ad, you are redirected to the advertised offer. If you then complete a defined transaction (conversion), the affiliate and possibly the medium owner receive compensation. To calculate this compensation, the network operator must track which ad led you to the offer and that you completed the defined transaction. Cookies or similar recognition technologies (e.g. device fingerprinting) are used for this.

Storage and analysis of the data is based on Art. 6(1)(f) GDPR. Participants in the affiliate program have a legitimate interest in correct calculation of commissions. If consent was requested, processing is based solely on Art. 6(1)(a) GDPR and §25(1) TDDDG (if it involves cookies or device access). Consent can be revoked at any time.

We participate in the following affiliate programs:

Amazon Associates Program
Provider: Amazon Europe Core S.à.r.l. Details: https://www.amazon.de/gp/help/customer/display.html?nodeId=201909010.
Amazon is certified under the EU-US Data Privacy Framework (DPF): https://www.dataprivacyframework.gov/participant/5776.

7. eCommerce and payment providers

Processing customer and contract data

We collect, process, and use personal customer and contract data to establish, structure, and change our contractual relationships. Personal data about the use of this website (usage data) is collected, processed, and used only to the extent necessary to enable or bill the use of the service. Legal basis is Art. 6(1)(b) GDPR.

Collected customer data is deleted after completion of the order or termination of the business relationship and after any statutory retention periods have expired. Statutory retention periods remain unaffected.

8. Audio and video conferencing

Data processing

We use online conferencing tools to communicate with customers. The tools we use are listed below. When you communicate with us via video or audio conference, personal data is processed by us and the tool provider.

The tools collect data you provide (e.g. email address or phone number). They also process conference duration, start and end times, number of participants, and other metadata. The provider also processes technical data required to provide the service (IP addresses, MAC addresses, device IDs, device type, OS type/version, client version, camera, microphone, speaker type, connection type).

If content is exchanged, uploaded, or otherwise provided within the tool, it is stored on the tool provider’s servers. This includes cloud recordings, chat messages, voicemails, photos and videos, files, whiteboards, and other shared information.

We have limited influence over the data processing of the tool providers. Our options are based on the provider’s policies. For details, please see the privacy notices of the tools used.

Purpose and legal bases

The tools are used to communicate with prospective or existing contract partners or to provide services to customers (Art. 6(1)(b) GDPR). The use also serves to simplify and speed up communication with us (legitimate interest under Art. 6(1)(f) GDPR). If consent was requested, the tools are used on the basis of that consent; it can be revoked at any time with effect for the future.

Storage period

Data collected directly by us via the conferencing tools is deleted from our systems when you request deletion, revoke consent, or the purpose for storage no longer applies. Stored cookies remain on your device until you delete them. Statutory retention periods remain unaffected.

We have no influence on the storage duration of your data that the tool operators store for their own purposes. For details, please check the tool providers.

Conferencing tools used

Zoom
Provider: Zoom Communications Inc., 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. Privacy: https://www.zoom.com/de/trust/privacy/privacy-statement/.
Data transfer to the USA is based on the EU Commission’s standard contractual clauses. Zoom is certified under the EU-US Data Privacy Framework: https://www.dataprivacyframework.gov/participant/5728.

Microsoft Teams
Provider: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. Privacy: https://privacy.microsoft.com/de-de/privacystatement.
Microsoft is certified under the EU-US Data Privacy Framework: https://www.dataprivacyframework.gov/participant/6474.