Thank you for visiting our website www.e-bikelifter.com and for your interest in our company. With the aim of offering you the highest possible degree of transparency, we inform you in the following about the type, scope and purpose of the collection, processing and use of personal data, which arise in the context of the use of our website. You can access the complete version of the General Data Protection Regulation (hereinafter referred to as “GDPR”) here.

Table of contents

1. Definitions of terms
2. Controller pursuant to Art. 4 No. 7 GDPR
3. Legal basis for processing
4. Storage of data / deletion of data
5. Disclosure of personal data
6. Collection of personal data
6.1. 6.1 Exclusive informational use of our website
6.2. 6.2. Contacting us by e-mail
6.3. 6.3. Contact form
7. Cookies
8. Hosting
9. YouTube
10. Etracker Analytics (web tracking)
11. Your rights
12. Right to object
13. Data security

1. Definitions of terms

The following terms that we use within our privacy policy are defined within Art. 4 of the GDPR. This is only an excerpt from Art. 4 of the GDPR. All definitions can be found in the GDPR (available here).

• Personal data (Art. 4 No. 1 GDPR)
  Personal data means any information relating to an identified or identifiable natural person (hereinafter “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
• Processing (Art. 4 No. 2 GDPR)
  Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
• Pseudonymisation (Art. 4 No. 5 GDPR)
  Pseudonymisation includes the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures which ensure that the personal data are not attributed to an identified or identifiable natural person.
• Data controller (Art. 4 No. 7 GDPR)
  The controller is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.
  A processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
• Third party (Art. 4 No. 10 GDPR)
  A third party is a natural or legal person, public authority, agency or other body, other than the data subject, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or the processor.
• Consent (Art. 4 No. 11 GDPR)
  Consent of the data subject means any freely given specific, informed and unambiguous indication of his or her wishes in the form of a statement or other unambiguous affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.
• Undertaking (Art. 4 No. 18 GDPR)
  An undertaking means a natural or legal person engaged in an economic activity, regardless of its legal form, including associations or partnerships regularly engaged in an economic activity.

2. Controller pursuant to Art. 4 No. 7 GDPR

by, schulz GmbH
Bühler Straße 121
66130 Saarbrücken
Phone: +49 (0)681 – 95 97 25 0
Fax: +49 (0)681 – 95 97 25 20
E-mail: info@e-bikelifter.com
You can find our complete imprint here:
https://e-bikelifter.com/impressum

3. Legal basis for processing

For each processing operation described in our privacy policy, we will inform you of the relevant legal basis on which the processing is carried out. A distinction is made between the following categories of cases where processing is lawful:
You have given us consent to process the personal data relating to you for one or more specific purposes (Art. 6 para. 1 s. 1 lit. b).
There is a contract between you and us for the performance of which the processing is carried out or the processing is necessary for the performance of pre-contractual measures which are carried out at your request (Art. 6 para. 1 s. 1 lit. b) GDPR).
The fulfilment of a legal obligation to which we are subject requires the processing (Art. 6 para. 1 s. 1 lit. c) GDPR).
The protection of vital interests of you or another natural person requires processing (Art. 6 para. 1 s. 1 lit. d) GDPR).
The performance of a task assigned to us in the public interest or the exercise of official authority require processing (Art. 6 para. 1 s. 1 lit. e) GDPR).
The necessity of processing to protect our legitimate interests or those of a third party, unless your interests or fundamental rights and freedoms which require the protection of personal data override (Art. 6 para. 1 s. 1 lit. f) GDPR).

4. Storage of data / deletion of data

Within the processing described in our data protection declaration, we will inform you of the corresponding storage period or the times of deletion or blocking of data. If no explicit storage period is defined, the data will be deleted or blocked as soon as the purpose or legal basis for the storage no longer exists.
Data may be stored beyond the defined periods if legal regulations to which we are subject (e.g. § 147 AO (Abgabenordnung), § 247 HGB (Handelsgesetzbuch)) stipulate a different storage period.
Following the storage period, the personal data will be deleted or blocked unless further storage is required by us on a legal basis. Furthermore, storage beyond the specified period is possible in the event of a (possible) legal dispute with you or other legal proceedings.

5. Disclosure of personal data

If your personal data is passed on, you will be informed accordingly at the relevant point in our data protection declaration. If your personal data is transferred outside the European Economic Area and thus to so-called third countries, you will be informed accordingly at the relevant point in our data protection declaration. As a matter of principle, we only transfer personal data to third countries where the EU Commission has confirmed an adequate level of protection or where we can guarantee the careful handling of personal data on the basis of contractual agreements or other suitable guarantees.

6. Collection of personal data

In the following, we will inform you about the collection of personal data (such as name, e-mail address, address or user behaviour).

6.1. 6.1 Exclusive informational use of our website

If you do not register on our website (for example, in the form of a newsletter) or transmit data to us in any other way (for example, by using a contact form), only that personal data is collected which is transmitted to our server by your browser. This is data that is technically necessary for us to provide you with the website for viewing while ensuring a secure and stable display. This is the following information, which is derived from a log file line:

Internet protocol address (IP address)
Time and date of the respective access
Time zone difference to Greenwich Mean Time (GMT)
The specific page accessed
Status of the access / Hypertext Transfer Protocol (http)
Amount of data that was transferred in each case
Website from which our website was accessed (referrer URL)
Internet browser used (incl. language and version)
Operating system used

The legal basis for the collection of the listed data results from Art. 6 para. 1 s. 1 lit. f) GDPR. We have a legitimate interest in ensuring an error-free connection and comfortable use of our website, as well as analysing system stability and security and using the data for further administrative purposes.

6.2. 6.2 Contact via e-mail

If you contact us via the e-mail address provided in section 2 or other e-mail addresses of our company that are published on our website, we will store your e-mail address as well as other contact data within your e-mail (e.g. your name or your telephone number) in order to process your enquiry. This data is deleted immediately as soon as further storage is no longer necessary. If there are legal retention periods with regard to the data, the deletion of the data will be replaced by a corresponding restriction of the processing. Depending on the reason for sending the e-mail, the legal basis for processing the data is Art. 6 para. 1 s. 1 lit. b) GDPR or Art. 6 para. 1 s. 1 lit. f) GDPR, i.e. it is either used to process the contract concluded with you and to fulfill our (pre-)contractual obligations or is based on our legitimate interest in contacting people interested in our services.

6.3. 6.3. Contact form

When contacting us via the contact form available on our website, the contact data you provide will be stored and processed by us in order to process your request. Depending on the reason for contacting us, the legal basis for processing the data is Art. 6 para. 1 s. 1 lit. b) GDPRor Article 6 (1) sentence 1 lit. f GDPR, i.e. it is either used to process the contract concluded with you and to fulfil our (pre-)contractual obligations or it is based on our legitimate interest in contacting people interested in our services.

7. Cookies

We use cookies on our website. Cookies are small, browser-specific text files that are stored on your hard drive. This provides certain information to the body that sets the respective cookie, which, however, can neither execute programs nor transmit viruses. Cookies are divided into the following classes:
First, a distinction is made according to who set the respective cookie (website operators in the form of first-party cookies or third parties in the form of third-party cookies).
Then there is a distinction regarding the duration of storage.

• There are transient cookies that are automatically deleted when the browser is closed, which mainly concerns so-called session cookies that store a session ID. With these session cookies, your computer will be recognised if you call up our website again within a session with the same browser. When you close the browser or log out, these temporary cookies are deleted.
• In addition, there are so-called persistent cookies, which are stored for a longer period of time (up to two years). However, the period until deletion differs from cookie to cookie. You can delete these cookies manually at any time via your browser settings.
• Another group is formed by the so-called Flash cookies. This is a Flash player-bound cookie that stores the technical data required for the playback of video or audio content (e.g. picture quality or network speed). Normally, there is no automatic expiry date here and the cookies store the required data independently of the browser used. Some browsers (e.g. Firefox) offer the option of deleting Flash cookies together with the other cookies.

Furthermore, a distinction is made between cookies based on their function, which is most relevant from a data protection perspective.

• Technical (essential) cookies are cookies that are necessary to perform basic functions of the website (e.g. saving a product that has been placed in the shopping cart).
• Performance cookies collect information about the use of the website and any errors that occur. This is anonymous information that is used to improve the website.
• Advertising cookies or targeting cookies make it possible to display adapted advertising (also from third parties) to the user of the website and to determine the effectiveness of this advertising.
• Sharing cookies connect the website with other services (e.g. social media sites).

We use automated technical cookies only and thus cookies that are essential for the operation of our website on the basis of our legitimate interest within the meaning of Art. 6 para. 1 s. 1 lit. f) GDPR in order to design our website effectively and to continuously improve it.
We would like to point out that you can prevent the storage of cookies at any time by setting your browser accordingly. We have compiled further information in this context with regard to the most popular browsers below, but we would like to point out that this may restrict the functionality of our website.

• Mozilla Firefox: https://support.mozilla.org/de/kb/verbesserter-schutz-aktivitatenverfolgung-desktop
• Microsoft Edge: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
• Google Chrome: https://support.google.com/chrome/answer/95647
• Opera: https://help.opera.com/de/latest/web-preferences/#cookies
• Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac

8. Hosting

Our website is hosted by the company HostPress GmbH, Bahnhofstraße 34, 66571 Eppelborn, Imprint: https://www.hostpress.de/impressum/ (hereinafter referred to as “HostPress”). When you access our website, the personal data mentioned in this privacy policy is transmitted to HostPress for purely informational use of the website. For this purpose, we have concluded a corresponding contract for order processing with the company HostPress. The server locations of HostPress are exclusively in Germany. Here you can find the data protection information of HostPress : https://www.hostpress.de/datenschutz/.

9. YouTube

We integrate YouTube videos on our website. This is a video portal of the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, legal notice: https://www.google.de/intl/de/contact/impressum.html. The parent company of this Irish-based company is: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as “Google”). Google’s privacy policy can be found here: https://policies.google.com/privacy?hl=de.

We have integrated the videos in the so-called “extended data protection mode”, which ensures that no cookies are set and – according to Google – the playback of the video is not used by Google to personalize the use of the YouTube platform. Likewise, according to Google, the playback of the video is not used to personalize advertising.

Data is transferred to the USA and therefore to a third country. The data transfer to this third country is justified in the present case in accordance with Art. 44 and 45 GDPR, as Google is an active participant in the Data Privacy Framework. This is a data protection agreement between the EU and the USA in which the level of data protection for certified companies in the USA is declared appropriate (“adequacy decision”). The legal basis for processing the data also arises from Art. 6 para. 1 sentence 1 lit. f GDPR, i.e. it is based on our legitimate interest in providing our website users with videos on the website to inform them about our services.
When you play the video, the local and session storage are also described, which is technically necessary for you to be able to play the video.

10. Etracker Analytics (web tracking)

We use the etracker Analytics service of etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany, Imprint: https://www.etracker.com/impressum/ (hereinafter referred to as “etracker”) on our website. Here you can find FAQ from etracker regarding the GDPR: https://www.etracker.com/en/docs/faq-2/eu-gdpr/. You can access etracker’s privacy policy here: https://www.etracker.com/en/data-privacy/. We have concluded a corresponding contract for order processing with the company etracker. We use etracker Analytics based on our legitimate interest according to Art. 6 para. 1 s. 1 lit. f) GDPR, in this case in the interest of evaluating our website and improving it for you as a user. As standard, etracker Analytics does not use cookies, but records the visit behavior (by means of purely technical parameters, such as the shortened IP address or the browser used) within a session (website visit) by means of cookie-less session tracking. A fingerprinting process is used to generate a hash value (a combination of characters from which the original data cannot be derived) from purely technical data (such as the shortened IP address or the browser used), to which the date of the page call is also added in order to make it even less likely that the identity of the user can be determined. This value is automatically deleted every 24 hours. Within the 24 hours, this fingerprint makes it possible to analyze user behavior.
You can object to the data processing here at any time:

Hier Opt-Out einfügen

11. Your rights

Below we inform you about your rights under the GDPR. You can access the GDPR as a complete document here.

• Right to information according to Art. 15 para. 1 GDPR
  You have the right to request confirmation from us as to whether personal data relating to you is being processed. If the answer is in the affirmative, in addition to the right to information about this personal data, you have a right to information about the purposes of processing, the categories of personal data processed, the recipients or categories of recipients to whom your personal data have been disclosed or will be disclosed in the future (especially in the case of recipients in third countries or international organizations), the storage period or Criteria for determining the storage period, the existence of a right to rectify or erase the personal data concerning you or the right to restrict processing on our part, as well as about the existence of a right to object to such processing, the existence of a right to lodge a complaint with a supervisory authority, any available information about the origin of the data (in the event that it was not collected by us), the existence of automated decision-making, including profiling, and, where applicable, meaningful information about the logic involved and the scope and intended effects of such processing.
• Right to rectification according to Art. 16 GDPR.
  You have the right to request from us the immediate rectification of inaccurate personal data as well as the completion of incomplete personal data concerning you.
• Right to erasure (“right to be forgotten”) according to Art. 17 para. 1 GDPR
  You have the right to demand that we delete the personal data concerning you without delay. However, according to Art. 17 para. 3 GDPR, this right does not exist if the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest in the field of public health, for archiving purposes in the public interest or for the establishment, exercise or defense of legal claims.
• Right to restriction of processing according to Art. 18 para. 1 GDPR.
  You have the right to demand that we restrict the processing of your personal data if you dispute the accuracy of your personal data (the restriction applies here for the period that allows us to check the accuracy), the processing of your personal data is unlawful and you refuse to delete it, we no longer need your personal data for the processing purposes, but you need it to assert, exercise or defend legal claims or you object to the processing pursuant to Art. 21 para. 1 GDPR (the restriction applies here as long as it has not yet been determined whether our legitimate reasons outweigh yours).
• Right to data portability according to Art. 20 GDPR.
  You have the right to obtain from us the personal data concerning you in a structured, commonly used and machine-readable format, as well as to have it transferred to another controller without hindrance on our part (or to request that it be transferred directly from us to another controller, if this is technically feasible), if the processing by us was based on consent or a contract or was carried out with the help of automated processes.
• Right to revoke consent given in accordance with Art. 7 para. 3 GDPR.
  You have the right to revoke your consent at any time with effect for the future, so that the data processing based on the consent can no longer be continued in the future, but the lawfulness of the processing carried out until your revocation is not affected.
• Right of complaint according to Art. 77 GDPR
  Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data concerning you infringes the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or the place of the alleged infringement. For more information, please visit the website of the Federal Commissioner for Data Protection and Freedom of Information. https://www.bfdi.bund.de/EN/Home/home_node.html

12. Right to object

In addition to the aforementioned rights, you also have the right to object at any time with future effect to the processing of your personal data which is carried out on the basis of the performance of a task carried out in the public interest or in the exercise of official authority (Art. 6 para. 1 s. 1 lit. e) GDPR) or for the protection of legitimate interests on our part (Art. 6 para. 1 s. 1 lit. f) GDPR), provided that there are grounds for doing so which arise from your particular situation. In the event of an objection, no further processing of the personal data will be carried out unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. In the case of processing of your personal data for the purpose of direct marketing or profiling, where there is a link to direct marketing, you have a general right to object without having to provide reasons based on your particular situation. In the event of an objection, we will immediately cease processing the personal data for these purposes. To exercise your right of revocation or objection, simply send an e-mail to: info@e-bikelifter.com

13. Data security

Our website uses the encryption and communication protocol TLS 1.3 (Transport Layer Security). Through the TLS certificate used by us and issued by a certification authority, we enable an encrypted data exchange between web browser and web server, whereby sensitive data cannot be read by third parties. We use the procedure with the highest encryption level that your browser supports, which is usually 256-bit encryption. The higher the bit number, the longer the key and therefore the better the protection against third parties.

This privacy policy was created individually for this website by Frame for Business GmbH in cooperation with the law firmDr. Schultheiß.