Data Protection Statement

Data Protection Statement

Byodo Naturkost GmbH, hereinafter referred to as “we” for simplicity’s sake, has the utmost respect for your privacy. As such, we take the protection of your personal data, for example your name, date of birth, address, e-mail address, telephone no., etc., very seriously. This data protection notice regulates the collection, processing and use of your personal data, if and insofar as they are required for the use of our website. When handling these data, we adhere strictly to the pertinent statutory data protection regulations as well as the following principles.

By confirming your agreement with the data protection principles when using our websites, especially with regard to the placing of orders, subscription to our newsletter and filling in of our contact forms, you expressly consent to the use of your personal data and instruct us to do so in the manner prescribed by said data protection principles. The following data protection principles and the public directory (only available in German) describe in detail how we collect and use this information.

1. Data controller

The controller within the meaning of the General Data Protection Regulation and other national data protection legislation of the EU Member States as well as other data protection provisions is:

Byodo Naturkost GmbH
Leisederstrasse 2
84453 Mühldorf
Germany
Tel.: +49 (0)8631/ 3629-0
Fax.: +49 (0)8631/ 3629-750
E-mail: info@byodo.de
Internet: www.byodo.de

Any person affected can contact us directly or our data protection officer with all questions and suggestions regarding data protection.

The external data protection officer of the controller is:

Mr Jens Engelhardt, his deputy is Mr Erdem Durmus
c/o NOTOS Xperts GmbH
Heidelberger Str. 6
64283 Darmstadt
Tel.: +49 6151-52010-0
Fax.: +49 6151-52010-99
Email: datenschutz@notos-xperts.de 
Web: www.notos-xperts.de

2. Scope of data processing

We only save personal data to the extent necessary to provide a functional website as well as our content and services. Our users’ personal data are only processed for the performance of the offered services (for example for the provision of quotes and advice, execution of contracts, establishing contact and asking of follow-up questions) insofar as such processing is necessary. No personal data are collected automatically.
Our users’ personal data are only processed regularly with the user’s consent. An exception applies in such cases where it is not possible to obtain consent beforehand for reasons of fact and where statutory provisions permit data processing.

3. Legal basis for the processing of personal data

To the extent that we obtain the consent of the data subjects for personal data processing operations, the legal basis is Art. 6 para. 1 lit. a of the EU General Data Protection Regulation (GDPR).
Where the processing of personal data is necessary for the performance of a contract to which the data subject is party, the legal basis is Art. 6 para. 1 lit. b of the GDPR. This also applies to processing operations required to take steps prior to entering into a contract.
To the extent that the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, the legal basis is Art. 6 para. 1 lit. c of the GDPR.
The personal data of the contracting partner are generally collected in the scope of conclusion of a contract for the services offered in our online shop. Insofar as the processing of the data is required for conclusion of the contract, the permissive rule for the data processing is Art. 6 para. 1 lit. b of the GDPR. If the processing is necessary for the purposes of legitimate interests of our company or a third party, except where such interests are overridden by the interest or fundamental rights and freedoms of the data subject, the legal basis for processing is Art. 6 para. 1 lit. f of the GDPR.

4. Duration of storage

As a matter of principle, the data are deleted as soon as the purpose for which they were collected no longer applies. To the extent necessary, we process your personal data for the entire duration of the business relationship (from initiation to conclusion and execution of a contract) and additionally in accordance with the legally prescribed storage and documentation requirements as per, for example, the German Fiscal Code (AO) and other statutory provisions.

5. Statistical evaluation

Log files are automatically stored on the web server when this page is visited. The data contained include:

  • Browser type and version
  • Operating system in use
  • Referrer URL
  • Host name of accessing computer
  • Time of server request

This information is all documented without any personal association or IP addresses and is used for statistical evaluation purposes only. The data are utilised to make our websites more user-friendly and improve the offering accordingly. The legal basis for the temporary storage of the data is Art. 6 para. 1 lit. f of the GDPR.
The collection of the data for provision of the website and the storage of said data in log files is absolutely essential for proper operation of the website. Therefore, there is no opt-out option available to the user.

6. Security of data

The personal data you make available are secured by technical and organisational security measures to ensure that they cannot be accessed by unauthorised third parties.

7. E-mail security

If you send us an e-mail, your e-mail address is employed exclusively for the subsequent correspondence with you. We would like to draw your attention to the fact that information sent unencrypted via e-mail can theoretically be viewed without authorisation. For this reason, we cannot provide a guarantee for the confidentiality of this data transfer. If you are sending particularly sensitive data or information, it is thus recommendable to do so by post.

8. Online Application & Applications via e-mail

If you would like to apply for a position advertised by us, this is primarily possible via our online applicant portal. If you are unable to use this option, you can submit your application by post. Please note that this method has a longer processing time.

If you wish to send us an e-mail with content requiring protection, e.g., a job application, we urgently recommend encrypting the attachments (CV, certificates, etc.) in order to prevent unauthorised attention and falsification occurring during the transfer. To this end, please contact the individual named in the respective job description.

9. Provision of data to third parties

We do not provide data to third parties without your consent unless this is also explicitly permitted by law or subject to a judicial or official ruling. In the scope of contract conclusions (online business), personal data are provided to service providers (e.g., delivery companies, logistics companies) for the proper execution of the contract.

10. Availability of data

In the scope of our business, you are required to make the personal data available which are required for the initiation and performance of said business and that we are legally required to collect. If you do not make these data available, we shall generally be forced to refuse conclusion or execution of the contract or may not be able to continue to execute an existing contract and have to terminate it accordingly.
However, you are not obliged to grant your consent to data processing concerning data which are not relevant and/or required by law or other regulations for the execution of the contract.

11. Changes to data protection regulations

These data protection principles may be revised over the course of time if we include additional service offerings and new functions or new legal requirements come into force. We reserve the right to change these data protection principles at any time and publish the revised version on our website. The revised function shall become valid at the time of its publishing on the site.

12. Your right to information, verification, erasure and objection

You have the right to request information on the personal data we store concerning you personally free of charge. In addition, you also have the right to verify incorrect data, block specific data and demand the erasure of data in the legally prescribed cases. Furthermore, you have the right to object to the further use of your personal data at any time. We draw your attention to the fact that your right to erasure of your data may be restricted by statutory storage obligations that we are obliged to obey.
You may direct complaints to the Bavarian Data Protection Authority (BayLDA), Promenade 27 (Schloss), 91522 Ansbach, Germany.

13. External links

External links always open in a new window. Links allow us to provide an access for the use of this content (Art. 8 of the German Telemedia Act (Telemediengesetz)). We are not responsible for the content visited via the links as we have not initiated the information transfer, selected the recipient of the information or selected or changed the transferred information. The opening and linking methods selected by the operator (Hosting, GRZ IT Center Linz GmbH GmbH) of our websites do not temporarily cache this information automatically, so they also do not result in any responsibility or data protection obligations for us with regard to the third-party content. Nevertheless, we thoroughly check all third-party content the first time the links to such Internet offerings are included on our site so as to determine whether they might lead to possible civil or criminal law liability.

14. Customer and information pages

Certain areas of the website (online shop) are only available to registered users. The data entered there fall under the data responsibility of Lavano GmbH, Lußhardtstraße 1, 76689 Karlsdorf-Neuthard, Germany, and are also stored there.

15. SMS and newsletter information service

Our website contains an option to subscribe to a newsletter free of charge. When signing up to the newsletter, the data in the input screen are sent to us.

  • E-mail address

In addition, the following data will be collected when signing up:

  • IP address of the accessing computer
  • Date and time of registration

Your consent to data processing is obtained and a reference to this privacy policy is made as part of the process of signing up.
Your data will not be passed on to third parties as part of data processing for sending you the newsletter. The data are used solely for sending out the newsletter.
The legal basis for data processing after the user signs up to a newsletter, provide the user has granted their consent, is Art. 6 para. 1 lit. a of the GDPR.
The legal basis for the sending of the newsletter following the purchase of goods or service is Art. 7 para. 3 of the German Act Against Unfair Competition (UWG).
The data are erased as soon as they are no longer required to achieve the purpose for which they were collected. The user’s e-mail address will therefore be stored for as long as the newsletter subscription remains active.
The data subject may unsubscribe from the newsletter at any time. A corresponding link is included in every letter for exactly this purpose.

16. Contact form and e-mail contact

Our Internet site includes a contact form which can be used for electronic contact as well as personal contact via post or telephone. If the user opts to do so, the data entered in the input screen will be sent to us and stored.
This information is necessary for processing of queries and the input thus mandatory.

  • Surname, first name
  • E-mail address
  • Subject

The following information is optional, but required if we are to send you the requested documents, contact you by telephone to answer questions or they simply appear pertinent to the clarification of the query.

  • Address
  • Post code
  • Town/city
  • Telephone number
  • Country
  • File attachment

If you send us a file attachment, please ensure that you also possess the corresponding rights to the information contained.
Your consent to data processing is obtained and a reference to this privacy policy is made as part of the sending process.
Your data will not be passed on to third parties in this context. The data are used solely for processing the enquiry.
The data are erased as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data in the input screen of the contact form and those sent via e-mail, this is the case when the respective conversation with the user is over. The conversation is over when it can be inferred from the circumstances that the enquiry concerned has been closed.

17. Cookies

Some of the Internet sites use ‘cookies’. Cookies do not damage your computer and do not contain viruses. Cookies help make our offering more user-friendly, efficient and safe. Cookies are small text files that are stored on your computer and saved by your browser.
The majority of the cookies we use are so-called ‘session cookies’. These are deleted automatically when you leave our website. Other cookies remain stored on your end device until you delete them. These cookies allow us to recognise your browser again if you visit in the future.
You can adjust the settings of your browser so that you are informed about the storage of cookies and cookies are only permitted in certain cases, cookies are excluded under specific conditions or entirely or all cookies are automatically deleted when you close your browser window. Disabling cookies can restrict the proper functioning of this website.
Cookies required for electronic communication and the provision of certain functions you wish to use (e.g., shopping basket function) are stored in accordance with the provisions of Art. 6 para. 1 lit. f of the GDPR. The website operator has a legitimate interest in the storage of cookies for the technically unimpaired and optimised provision of its services. Insofar as other cookies (e.g., cookies for the analysis of your surfing habits) are stored, they are treated specially in this data protection policy.

18. Analysetool Matomo

We use the web analytics service Matomo to analyze and regularly improve the use of our website. The statistics obtained allow us to improve our offer and make it more interesting for you as a user. Cookie tracking is deactivated in the analysis tool. We classify the cookies we use as technically essential in accordance with Article 5(3) of Directive 2002/58/EC. Therefore, no consent is required for the use of cookies, Matomo also uses the shortened IP address (e.g. 111.xxx.xxx.xxx) for geolocation purposes, as we have a legitimate interest in classifying visitors to our website by region in order to better plan our marketing campaigns, in accordance with Art 6 lit. f DSGVO. A direct inference to a person can be excluded. The IP address transmitted by your browser is neither merged with other data collected by us nor passed on to third parties.

If individual pages of our website are called up, the following data is stored:

  • IP address (masked 2 byte) of your calling system (e.g. 111.xxx..xxx.xxx)
  • browser type and version, screen resolution, language set, local time, operating system used
  • the number of pages and files you access on our website, time spent on the website, frequency of your access to the website, number of actions, bounce rate, page generation time
  • the website from which you visit us (referrer URL) - if your browser does not prohibit this
  • device used (e.g. TV, consoles, smartphones, desktops, etc.)
  • If applicable, the website you visit after ours (when clicking on an external link on our website)
  • the date and time of your access.
  • No tracking cookies are set on your computer as part of our web analysis. The Matomo software and the data collected using Matomo are operated, stored and processed exclusively on our own servers.

19. Social media plugins lLike & share button)

Facebook plugins
Our pages integrate plug-ins from the social network Facebook, provided by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. The Facebook plug-ins can be identified by the Facebook logo or the “Like” button on our page. An overview of the Facebook plug-ins can be found here: https://developers.facebook.com/docs/plugins/.
If you visit our sites, the plug-in establishes a direct connection between your browser and the Facebook server. This provides Facebook with the information that you have visited our page using your IP address. You can link the contents of our pages to your Facebook profile by clicking the Facebook “Like” button when logged in to your Facebook account. This permits Facebook to associate the visit to our site with your user account. Please note that we as the provider of the pages have no knowledge of the contents of the data communicated and how they are used by Facebook. Further information can be found in Facebook’s data privacy policy at: https://www.facebook.com/policy.php.
If you do not want Facebook to associate the visit to our site with your Facebook user account, please log out of your Facebook account.

Instagram plugins
Functions of the service Instagram are integrated on our pages. These functions are offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA 94025, USA integrated. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Instagram. For more information, please see Instagram's privacy policy: https://instagram.com/about/legal/privacy/.

Twitter plugins
On our pages, functions of the service Twitter are integrated. These functions are offered by Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the "Re-Tweet" function, the websites you visit are linked to your Twitter account and made known to other users. In the process, data is also transferred to Twitter. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter. For more information, please refer to Twitter's privacy policy at: https://twitter.com/privacy. You can change your privacy settings on Twitter in the account settings at https://twitter.com/account/settings.

20. Facebook Pixel

We actively use the "Facebook Pixel" (basic version) of the social network Facebook, which is operated by Meta Platforms Ireland Limited, 4 Grand Canal Quare, Dublin 2, Ireland ("Facebook").

By using the Facebook pixel, it is possible for Facebook to identify you as a visitor to our online offer as a target group for the placement of advertisements (so-called "Facebook Ads and Instagram Ads").

On the basis of explicit user consent, we use the Facebook pixel to display the Facebook and Instagram ads placed by us only to those Facebook and Instagram users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that we transmit to Facebook (so-called "Custom Audiences").

With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of the users and do not have a harassing effect.

The processing of data by Facebook takes place within the framework of Facebook's data processing conditions. General information on the display of Facebook ads can be found in Facebook's data usage policy: https://www.facebook.com/policy.php.

Specific information and details on the Facebook Pixel and how it works can be found in Facebook's help section: https://www.facebook.com/business/help/651294705016616.

For the processing of data for which Facebook acts as processor, we have concluded a processing agreement with Facebook, according to which Facebook is obliged to protect our customers' data and not to pass it on to third parties.

We are aware of the transfer of your personal data to a third country and have implemented appropriate safeguards in accordance with Article 46 of the GDPR to ensure lawful and secure processing of your personal data. 

We store your data for up to 180 days after your last interaction.

You have the option to revoke your consent to the use of Facebook Pixel or Facebook Custom Audiences by making a setting on Cookiebot and thus prevent the use of the tool. You can also deactivate the collection of your data by the Facebook Pixel and the use of your data to display Facebook Ads in your Facebook account. To set which types of advertisements are displayed to you within Facebook, you can visit the page set up by Facebook for this purpose and follow the instructions there on the settings for usage-based advertising: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.

21. Fonts from Adobe Typekit

This page uses ‘web fonts’ provided by Adobe Typekit for the standardised display of fonts. When you open a page, your browser loads the required fonts in your browser cache so as to be able to display the texts and fonts correctly.
For this purpose, the browser you use needs to connect to Adobe Typekit’s servers. This provides Adobe Typekit with the information that you have visited our website using your IP address. The Adobe Typekit fonts are employed in the interest of making the presentation of our online offers standardised and appealing. This constitutes a legitimate interest as defined by Art. 6 para. 1 lit. f of the GDPR.
If your browser does not support the special fonts, your computer will utilise a standard font. Further information on Adobe Typekit fonts can be found at typekit.com and in Adobe Typekit’s data privacy policy: https://www.adobe.com/de/privacy/policies/typekit.html 
https://www.adobe.com/de/privacy/policies/typekit.html

22. Google

Google Ads (formerly AdWords)

We have integrated Google Ads on this website. Google Ads is an Internet advertising service that allows advertisers to display ads both in Google's search engine results and in the Google advertising network. Google Ads enables an advertiser to specify certain keywords in advance, by means of which an ad is displayed in Google's search engine results exclusively when the user retrieves a keyword-relevant search result using the search engine. In the Google advertising network, the ads are distributed to topic-relevant websites by means of an automatic algorithm and in compliance with the previously defined keywords.

The operating company of the Google AdWords services is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

If a data subject accesses our website via a Google ad, a so-called conversion cookie is stored by Google on the data subject's information technology system. Cookies are small data packages that are stored either locally or on the server, but regularly on the respective end devices of the website visitors. A conversion cookie loses its validity after thirty days and is not used to identify the person concerned. The conversion cookie is used to track whether certain subpages, for example the shopping cart from an online store system, have been called up on our website, provided that the cookie has not yet expired. Through the conversion cookie, both we and Google can track whether a data subject who arrived on our website via an AdWords ad generated a turnover, i.e. completed or cancelled a purchase of goods.

The data and information collected through the use of the conversion cookie are used by Google to create visit statistics for our website. These visit statistics are in turn used by us to determine the total number of users who were referred to us via Ads ads, i.e. to determine the success or failure of the respective Ads ad and to optimize our Ads ads for the future. Neither our company nor other advertisers of Google Ads receive information from Google by means of which the data subject could be identified.

By means of the conversion cookie, personal information, for example the websites visited by the data subject, is stored. Each time the data subject visits our websites, personal data, including the IP address of the internet connection used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on this personal data collected via the technical procedure to third parties.

We base the lawfulness of the use of Google AdWords on obtaining consent through the cookie consent banner pursuant to Art. 6 (1) lit. a GDPR and Section 25 of the German Telecommunications-Telemedia Data Protection Act (TTDSG). You can withdraw your consent at any time with effect for the future, the processing up to the time of withdrawal remains unaffected in its lawfulness.

Google is a US company, which means that your personal data may be processed in the USA. We are aware of the transfer of your personal data to a third country without an adequacy decision pursuant to Article 45 GDPR and have taken appropriate safeguards pursuant to Article 46 GDPR to ensure lawful and secure processing of your personal data. The transfer of your personal data to the USA is based on the standard contractual clauses approved by the Commission for the transfer of personal data to third countries. Additional information on this can be found in on the Google website. Further information and the applicable Google privacy policy can be found at https://www.google.de/intl/de/policies/privacy/.

Google Tag Manager

We use the "Google Tag Manager" of the US company Google Inc. (1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA) on our website. By using Google Tag Manager, we are able to implement and manage tracking codes or conversion pixels on our website, for example. We use Google Tag Manager to ensure and improve the functionality as well as the process optimization and user-friendliness of our website.

When Google Tag Manager is used, data is collected on our website and passed on to the associated analysis tools. Google Tag Manager collects data about the use of individual tags and transmits it. Here, a processing of personal data cannot be excluded.

Google is a US company, which means that your personal data may be processed in the USA. The USA is an insecure third country for which there is no adequacy decision by the Commission pursuant to Article 46 of the GDPR, i.e. there is no adequate level of protection for personal data. In order to nevertheless ensure the security of your personal data during this transfer, the standard contractual clauses approved by the Commission for the transfer of personal data to third countries have been concluded as appropriate measures pursuant to Art. 46 (2) lit. c GDPR. You can find more details on this in the disclosures of Google .

We base the lawfulness of the processing on the legal basis of consent according to Art. 6 para. 1 lit. a GDPR as well as §25 of the German Telecommunications-Telemedia Data Protection Act (TTDSG). You can withdraw this consent at any time with effect for the future by changing the corresponding setting under the cookie settings. This does not affect the lawfulness of the data processing until the time of withdrawal.

The personal data remains stored for as long as it is required to achieve the purposes for which it was originally collected. For more information on data protection in connection with the use of Google Tag Manager and the associated use of cookies, please refer to the privacy policy of Google Inc: https://support.google.com/tagmanager/answer/9323295?hl=de

Google Signals

We use the "Google Signals" service of Google Inc. (1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA) on our website. The use of Google Signals enables us to use further functions of Google Analytics, e.g. to carry out a cross-device analysis of usage behavior. Google Signals is used for the purpose of optimizing processes and improving user-friendliness.

When using Google Signals, personal data collected by Google Analytics, which is linked to the registered Google account, is used for cross-device analysis. This enables us to track potential accesses via various end devices and browsers and to better estimate and evaluate the access figures and interactions in order to obtain a precise report regarding the use of our online offer.

The described functions and the associated processing of your personal data only affect you if you are logged in with a Google account at the time of accessing our website and have consented to the use of your personal data for the purposes of personalized advertising by Google.

Google is a US company, which means that your personal data may be processed in the USA. The USA is an insecure third country for which there is no adequacy decision by the Commission pursuant to Article 46 of the GDPR, i.e. there is no adequate level of protection for personal data. In order to nevertheless ensure the security of your personal data during this transfer, the standard contractual clauses approved by the Commission for the transfer of personal data to third countries have been concluded as appropriate measures pursuant to Art. 46 (2) lit. c GDPR. You can find more details on this in the disclosures of Google.

We base the lawfulness of the processing on the legal basis of consent according to Art. 6 para. 1 lit. a GDPR as well as § 25 of the German Telecommunications-Telemedia Data Protection Act (TTDSG). You can withdraw this consent at any time with effect for the future. The lawfulness of the processing carried out up to the time of the withdrawal remains unaffected.

The personal data will remain stored for as long as it is necessary to achieve the purposes for which it was originally collected. For more information on data protection in connection with the use of Google Signals, please refer to the privacy policy of Google Inc: https://support.google.com/analytics/answer/7532985?hl=de#zippy=%2Cthemen-in-diesem-artikel

Enhanced Conversion

We use the "Enhanced Conversions" service of the US company Google Inc. (1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA) on our website. By using the service "Enhanced Conversions", already existing conversions can be recorded more precisely, whereby already existing conversion tags can be supplemented. In addition, by using the "Enhanced Conversions" service, it is possible for us to transmit conversion data we have collected ourselves from our website to Google in the form of a hash value. The use of the "Google Conversion" service is for the purpose of process optimization.

If you make a conversion while using our website, we collect the following personal data from you, among other things:

  • E-mail address
  • Name
  • Private address
  • Phone number

Google is a US company, which means that your personal data may be processed in the USA. The USA is an insecure third country for which there is no adequacy decision by the Commission pursuant to Article 46 of the GDPR, i.e. there is no adequate level of protection for personal data. In order to nevertheless ensure the security of your personal data during this transfer, the standard contractual clauses approved by the Commission for the transfer of personal data to third countries have been concluded as appropriate measures pursuant to Art. 46 (2) lit. c GDPR. You can find more details on this in the disclosures of Google.

We base the use of "Enhanced Conversions" on the legal basis of obtaining consent pursuant to Art. 6 (1) lit. a GDPR and § 25 of the German Telecommunications-Telemedia Data Protection Act (TTDSG). You can withdraw your consent at any time with effect for the future. The data processing that took place up to the time of the withdrawal remains unaffected in its lawfulness.

The personal data will remain stored for as long as it is necessary to achieve the purposes for which it was originally collected. For more information on data protection in connection with the use of "Enhanced Conversion", please click here..: https://support.google.com/google-ads/answer/9888656?hl=de

Google Consent Mode API

In the context of the use of Google services on our website, we use the Google Consent Mode API of the US company Google Inc. (1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA). This is an interface via which our website can inform Google whether you have given your consent to the use of (Google) services. Google Consent Mode API is used for the purpose of optimizing processes and improving the user-friendliness of our website.

In the context of a use of Google Consent Mode API it is necessary to process personal data such as your IP address. Furthermore, in the context of the use of the Google Consent Mode API, it cannot be ruled out that your personal data collected in this way will be transmitted to Google.

Google is a US company, which means that your personal data may be processed in the USA. The USA is an insecure third country for which there is no adequacy decision by the Commission pursuant to Article 46 of the GDPR, i.e. there is no adequate level of protection for personal data. In order to nevertheless ensure the security of your personal data during this transfer, the standard contractual clauses approved by the Commission for the transfer of personal data to third countries have been concluded as appropriate measures pursuant to Art. 46 (2) lit. c GDPR. You can find more details on this in the disclosures of Google.

We base the use of Google Consent Mode API on the legal basis of obtaining consent pursuant to Art. 6 (1) lit. a GDPR and § 25 of the German Telecommunications-Telemedia Data Protection Act (TTDSG). You can withdraw this consent at any time with effect for the future. The lawfulness of the processing carried out up to the time of the withdrawal remains unaffected.

The personal data will remain stored for as long as it is necessary to achieve the purposes for which it was originally collected. For more information on data protection in connection with the use of the Google Consent Mode API, please click here: https://support.google.com/analytics/answer/9976101?hl=en

Google Conversion Tracking

As part of the operation of our website and the use of Google Ads, we use Google Conversion Tracking of the US company Google Inc. (1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA). Google Conversion Tracking is used for the purposes of analysis, retargeting, marketing and advertising . This allows us to track which Google Ads ad the user used to reach our website, which pages the user visited on our website and whether a conversion occurred, in order to evaluate the effectiveness and user-friendliness of our Google Ads ad.

In the context of the use of Google Conversion Tracking, an anonymous profile of the website visitors is created, which contains various data on the behavior and the visitor himself. It cannot be ruled out that personal data of yours is also processed.

Google is a US company, which means that your personal data may be processed in the USA. We are aware of the transfer of your personal data to a third country without an adequacy decision pursuant to Article 45 GDPR and have taken appropriate safeguards pursuant to Article 46 GDPR to ensure lawful and secure processing of your personal data. The transfer of your personal data to the US is based on the standard contractual clauses approved by the Commission for the transfer of personal data to third countries. Additional information on this can be found in the website of Google.

We base the use of Google conversion tracking on the legal basis of obtaining consent pursuant to Art. 6 (1) lit. a GDPR. You can withdraw this consent at any time with effect for the future. The lawfulness of the processing that took place until the time of the withdrawal remains unaffected.

The personal data remains stored for as long as it is required to achieve the purposes for which it was originally collected. For more information on data protection in connection with the use of Google Conversion Tracking and the associated use of cookies, please refer to the privacy policy of Google Inc: https://support.google.com/google-ads/answer/1722022?hl=de

23. Social Media Management Tool „Facelift“

As part of the use of our social media channels, we use the social media management tool Facelift from Facelift brand building technologies GmbH (Gerhofstr. 19, 20354 Hamburg, Germany). We use Facelift for the purposes of process optimization - and support as well as the implementation of digital marketing and customer support on our social media channels. By using Facelift, it is possible for us to enrich our social media profiles in the networks Facebook, Instagram, and Twitter with content and to moderate them. When using Facelift, the processing of personal data becomes necessary. Among other things, the following personal data may be processed:

  • Name
  • First name
  • Date of birth
  • Address
  • E-mail address
  • Phone
  • User ID from social networks
  • Postings
  • Comments and news from social networks

The personal data collected from you in this way will be processed by Facelift by processing on behalf of Byodo. Byodo has concluded a corresponding data processing agreement with Facelift pursuant to Art. 28 GDPR to ensure the security and integrity of your personal data as well as compliance with data protection. Byodo excludes the transfer of your personal data to third parties or to a (non-EU) third country.

We base the use of the social media management tool Facelift on your consent pursuant to Art. 6 para. 1 lit. a GDPR . Your consent is voluntary, and you can withdraw it at any time. To do so, you must adjust your consent settings.

In principle, your data will only be stored for as long as it is required to fulfill the original purpose of the survey. After the original purpose of collection has ceased to apply, we erase your personal data. This is not the case if erasure is excluded due to legal retention periods to which Byodo is subject.