We will inform you as soon as the changes require your cooperation (e.g. consent) or other individual notification.
The controller in the sense of the GDPR and other national data protection laws of the member states as well as other data protection regulations is:
Aimend U G
Köpenicker Straße 147
Phone: +49 (0) 30 823 40 15
You may contact Aimend's Data Protection Officer by email at firstname.lastname@example.org.
The use of published contact details for marketing purposes is prohibited; offenders sending unwanted spam messages are expressly disclaimed. We expressly reserve the right to take legal action in the event of unsolicited advertising information, such as spam e-mails.
1. General Notes Legal basis for the processing of personal data
Processing of Personal Data
Information we may collect from you
When you use the Site or contact us by e-mail, social media, SMS, telephone, or other methods, we may collect and process the following data about you: Information you give us, including: - Forms filled out by you on the Site; - Content of correspondence with us by phone, e-mail or otherwise; - Site registration; - Subscriptions or orders placed on the Site; - Participation in discussion boards or other social media functions on the Site; - Entering a competition, promotion or survey; - If applicable, resume, work history, CV, resume or other job application information; - Reporting a problem or requesting support for the Site. The personal data of the person concerned will be erased or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if EU regulations, laws or other provisions by the European or national legislator to which the person responsible is subject are applicable. The data will also be erased or blocked if a storage period prescribed by the aforementioned laws expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.
Security of processing
We take appropriate technical and organisational measures to ensure a level of security appropriate to the risk, in accordance with article 32 GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. The measures include in particular safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, transmission, security of availability and its separation Furthermore, we consider the protection of personal data during the development or selection of hardware, software and procedures, in accordance with the principle of data protection by technology design and by default (article 25 GDPR). The security measures include in particular the encrypted transmission of data between your browser and the server. For security reasons and to protect the transmission of confidential content, such as requests you send to us, our website uses SSL encryption. You can recognize an encrypted connection by the fact that the browsers address line changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties.
Transfers to third countries
We only process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or in the context of the use of third-party services or disclosure or transfer of data to third parties on the basis of the fulfilment of our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or leave the data in a third country only if the special requirements of article 44 et seqq. GDPR are applicable. This means, for example, processing is carried out on the basis of special guarantees, such as the officially recognised determination of a data protection level corresponding to the EU (e.g. for the USA by the "Privacy Shield") or compliance with officially recognised special contractual obligations (so-called "standard contractual clauses").
Collection, processing, and transfer of personal data in orders. When you submit an order we only collect and use your personal data insofar as this is necessary for the fulfilment and handling of your order as well as processing of your queries. The provision of data is necessary for conclusion of a contract. Failure to provide it will prevent the conclusion of any contract. The processing will occur on the basis of Article 6(1) b) GDPR and is required for the fulfilment of a contract with you. Your data is transferred here for example to the shipping companies and dropshipping providers, payment service providers, service providers for handling the order and IT service providers that you have selected. We will comply strictly with legal requirements in every case. The scope of data transmission is restricted to a minimum.
We forward your email address to the shipping company in the course of contractual processing, if you have explicitly agreed to this in the order process. The forwarding is for the purpose of informing you by email on the shipping status of your order. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us or the transport company without affecting the legality of the processing carried out with your consent up to the withdrawal.
Cooperation with processors and third parties
If we disclose data to other persons and companies (processors or third parties) within the scope of our processing, transmit them or otherwise grant them access to the data, this shall only take place on the basis of a legal permission, if you have consented, if there is a legal obligation or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.). If we commission third parties with the processing of data on the basis of a so-called "order processing contract" we do this on the basis of article 28 GDPR.
Rights of the Data Subject
You have the right to request confirmation as to whether the personal data (hereinafter also referred to as “data”) are being processed and to access information about these data as well as further information and a copy of the data in accordance with article 15 GDPR. In accordance with article 16 GDPR, you have the right to request the completion of data concerning you or the rectification of inaccurate personal data concerning you. In accordance with article 17 GDPR, you have the right to demand that the relevant data be erased immediately or, alternatively, to obtain a restriction of processing the data in accordance with article 18 GDPR. You have the right to receive the data you have provided to us in accordance with article 20 GDPR and to request its transmission to another controller. In accordance with article 77 GDPR, you also have the right to lodge a complaint with a supervisory authority.
Right of withdrawal
You have the right to revoke consents granted pursuant to article 7 para. 3 GDPR with effect for the future.
Right of objection
You can object to the future processing of the data concerning you in accordance with article 21 GDPR at any time. The objection may be lodged in particular against processing for direct marketing purposes.
Erasure of personal data
Links to third party sites
Our Site, our newsletters and other communications may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.
2. Data collection on our website Server Log Files
Every time you visit our website, our system automatically collects data and information in so-called server log files, which your browser automatically transmits to us. The following data is collected:a) Information about the browser type and version usedb) The user's operating systemc) The IP address of the userd) The date and time of accesse) Websites from which the user's system reaches our website These data are not combined with other data sources. The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this the IP address of the user must remain stored for the duration of the session. The data is stored in log files to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. Our purpose and our legitimate interest in data processing are based on article 6 para. 1 lit. f GDPR. An evaluation of the data for marketing purposes does not take place in this context. The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For data collected for providing the website, this is the case when the respective session has ended. If the data is stored in log files, this is the case after seven days at the latest. Further storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment to a particular client is no longer possible. The collection of data for providing the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no right to object with regard to the user.
The websites partly use so-called cookies. Cookies serve to make our website more user-friendly, effective and secure. Some elements of our website require that the browser can be identified even after a page change. Cookies are small text files that are stored on your computer and saved by your browser. These cookies contain a characteristic character string that enables a unique identification of the browser when the website is called up again. Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit our website. You can configure your browser in such a way that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally and activate the automatic deletion of cookies when closing the browser. Cookies that have already been saved can be deleted at any time. When cookies are deactivated, the functionality of this website may be limited. The following data is stored and transmitted in the cookies:
a) Log-in information
b) Layout Cookies
c) Search terms (Blog).
Using the links below, you can find out how to manage cookies (or deactivate them, among other things) in major browsers:
Chrome Browser: https://support.google.com/accounts/answer/61416?hl=en
Internet Explorer: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
3. Website Analysis Services
Google Ads conversion tracking
Our website uses the online marketing programme “Google Ads”, including conversion tracking. Google conversion tracking is a service operated by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the data controller responsible for your data if you have your habitual residence in the European Economic Area or Switzerland. Google Ireland Limited is therefore the company affiliated with Google which is responsible for processing your data and for compliance with applicable data protection laws.
4. Online presence in social media
Within our website and based on our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of article 6 para. 1 lit. f. GDPR) we use content or services from third parties in order to integrate their content and services, e.g. videos (hereinafter collectively referred to as "content") into our website. This always requires that the third party providers of this content obtain the IP address of the users, as they otherwise would not be able to send the content to the users' browsers. The IP address is therefore required for displaying the content. We do our best to use only those contents whose respective providers use the IP address only for the delivery of the contents. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. "Pixel tags" can be used to evaluate information such as visitor traffic on the pages of the particular website. The pseudonymous information may also be stored in cookies on the user's device and may include technical information about the browser and operating system, referring websites, visiting time and other information about the use of our website, and may also be linked to such information from other sources.
Use of Facebook remarketing
5. Newsletter/ Contact / Evaluations
Collection and processing when using the contact form When you use the contact form we will only collect your personal data (name, email address, message text) in the scope provided by you. The data processing is for the purpose of making contact. By submitting your message you agree to the processing of your transmitted data. Processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent.You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. We will only use your email address to process your request. Finally your data will be deleted, unless you have agreed to further processing and use.
Data collection when you post a comment When you comment on an article or a contribution, we collect your personal data (name, email address, comment text) only in the scope provided by you. The processing serves to allow you to comment and to display comments. By submitting the comment you agree to the processing of the transmitted data. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. You personal data will then be deleted.
On publication of your comment the name and email address you have entered will be published.
On submission of your comment your IP address will also be saved in order to prevent misuse of the comment function and to ensure the security of our IT systems. By submitting the comment you agree to the processing of the transmitted data. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. Your IP address will then be deleted.
Use of your email address for mailing of newsletters.
We use your email address outside of contractual processing exclusively to send you a newsletter for our own marketing purposes, if you have explicitly agreed to this.
The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent.
You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can unsubscribe from the newsletter at any time using the relevant link in the newsletter or by contacting us.
Your email address will then be removed from the distributor.
Your data will be forwarded to a service provider for email marketing in the course of order processing. It will not be forwarded to other third parties.
Your data will be transferred to a third country, which is covered by an adequacy decision by the European Commission.Use of your email address for mailing of direct marketing We use your email address, which we obtained in the course of selling a good or service, for the electronic transmission of marketing for our own goods or services which are similar to those you have already purchased from us, unless you have objected to this use. You must provide your email address in order to conclude a contract. Failure to provide it will prevent the conclusion of any contract. The processing will be carried out on the basis of art. 6 (1) lit. f GDPR due to our justified interest in direct marketing. You can object to this use of your email address at any time by contacting us. You will find the contact details for exercising your right to object in our imprint. You can also use the link provided in the marketing email. This will not involve any costs other than transmission costs at basic tariffs.
6. Payment Provider
Payment service providers
Use of PayPal
All PayPal transaction are covered by the PayPal Data Privacy Statement. You can find this at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=en
Use of Stripe
All other transactions are covered by the Stripe Data Privacy Statement. You can find this at
7. California Online Privacy Protection Act
8. COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. We do not specifically market to children under the age of 13 years old.