Privacy Policy

§ 1 Information on the collection of personal data

(1) In the following, we inform you about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behavior.

(2) Responsible person according to Art. 4 para. 7 EU General Data Protection Regulation (DS-GVO) is Tanja Barth, Böblinger Straße 43, 70199 Stuttgart, e-mail address info(at)tanjabarth.com..

(3) When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, your name, if applicable, and your telephone number) will be stored by us in order to answer your questions. We delete the data accrued in this context after the storage is no longer necessary, or restrict the processing if there are legal obligations to retain data.

(4) If we use contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail about the respective processes below. In doing so, we will also state the defined criteria for the storage period.

§ 2 Your rights
(1) You have the following rights with respect to personal data concerning you:
- Right to information,
- Right to rectification or deletion,
- Right to restriction of processing,
- Right to object to processing,
- Right to data portability.
(2) You also have the right to complain to a data protection supervisory authority about our processing of your personal data.

§ 3 Collection of personal data when visiting our website
(1) In the case of mere informational use of the website, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 para. 1 p. 1 lit. f DS-GVO):
- IP address
- Date and time of the request
- Time zone difference from Greenwich Mean Time (GMT)
- Content of the request (concrete page)
- Access status/HTTP status code
- Data volume transferred in each case
- Website from which the request comes
- Browser
- Operating system and its interface
- Language and version of the browser software.
(2) In addition to the previously mentioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive associated with the browser you are using and through which the body that sets the cookie (here by us), certain information flows. Cookies cannot execute programs or transfer viruses to your computer. They serve to make the Internet offer as a whole more user-friendly and effective.
(3) Use of cookies:
a) This website uses the following types of cookies, the scope and functionality of which are explained below:
- Transient cookies (for this b)
- Persistent cookies (in addition c).
b) Transient cookies are automatically deleted when you close the browser. These include in particular the session cookies. These store a so-called session ID, with which various requests of your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.
c) Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
d) You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. We would like to point out that you may not be able to use all functions of this website.

§ 4 Further functions and offers of our website
(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interestedö. For this purpose, you usually have to provide further personal data, which we use to provide the respective service and for which the aforementioned data processing principles apply.
(2) In some cases, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly monitored.
(3) Furthermore, we may pass on your personal data to third parties if we offer promotions, competitions, contracts or similar services together with partners. You will receive more information about this when you provide your personal data or below in the description of the offer.
We offer payment through the following payment service providers on our website at www:
PayPal / PayPal Plus

The provider here is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal").

The payment data you enter will be transmitted to PayPal if you have selected payment via PayPal.

All PayPal transactions are subject to the PayPal Privacy Policy, which you can find and view at https://www.paypal.com/de/webapps/mpp/ua/privacy-prev?locale.x=de_DE.

Legal bases are Art. 6 para. 1 p. 1 lit. a and b DS-GVO. For the revocation of your consent to the processing of your data, § 5 paragraph 1 of this privacy policy applies in this respect.

(4) If our service providers or partners are located in a country outside the European Economic Area (EEA), we will inform you about the consequences of this circumstance in the description of the offer.

§ 5 Objection or revocation against the processing of your data
(1) If you have given your consent to the processing of your data, you may revoke this consent at any time. Such a revocation affects the permissibility of the processing of your personal data after you have expressed it to us.
(2) Insofar as we base the processing of your personal data on the balance of interests, you can object to the processing. This is the case if the processing is not necessary, in particular, for the fulfillment of a contract with you, which is shown by us in each case in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we do. In the event of your justified objection, we will review the situation and either discontinue or adjust the data processing or show you our compelling legitimate grounds on the basis of which we will continue the processing.
(3) Of course, you can object to the processing of your personal data for purposes of advertising and data analysis at any time. You can inform us about your advertising objection under the following contact details: [see our imprint - link].

§ 6 Special forms of use
Use of our portal
(1) If you wish to use our portal, you can register by entering your e-mail address, a password of your choice, and a user name of your choice. There is no obligation to use a clear name, a pseudonymous use is possible. We use the so-called double-opt-in procedure for registration, i.e. your registration is only completed when you have confirmed your registration by clicking on the link contained in a confirmation e-mail sent to you for this purpose. If your confirmation is not received within [24 hours], your registration will be automatically deleted from our database. The provision of the aforementioned data is mandatory, all other information you can provide voluntarily by using our portal.
(2) If you use our portal, we store your data required for the fulfillment of the contract, including information on the method of payment, until you permanently delete your access. Furthermore, we store the voluntary data provided by you for the time of your use of the portal, unless you delete it beforehand. You can manage and change all data in the protected customer area. The legal basis is Art. 6 para. 1 p. 1 lit. f DS-GVO.
(3) If you use the portal, your data may become accessible to other participants of the portal in accordance with the contractual performance. Non-registered members will not receive any information about you. For all registered members your [username and photo] are visible, regardless of whether you have released them. On the other hand, your entire profile with the data you have shared is visible to all members whom you have confirmed as personal contacts. If you make content available to your personal contacts that you do not send by means of a private message, this content is visible to third parties, provided that your personal contact has given the release. As far as you post contributions in public groups, these are visible for all registered members of the portal.
(4) To prevent unauthorized access by third parties to your personal data, especially financial data, the connection is encrypted using TLS technology.

§ 7 Newsletter
1. Newsletter
(1) With your consent, you can subscribe to our newsletter, with which we inform you about our current interesting offers. The advertised goods and services are named in the declaration of consent.
(2) For the registration to our newsletter we use the so-called double-opt-in procedure. This means that after your registration we will send you an e-mail to the specified e-mail address, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we store your IP addresses and the time of registration and confirmation. The purpose of this procedure is to prove your registration and, if necessary, to be able to clarify a possible misuse of your personal data.
(3) Mandatory information for sending the newsletter is only your e-mail address. The provision of further, separately marked data is voluntary and will be used to address you personally. After your confirmation, we store your e-mail address for the purpose of sending the newsletter. The legal basis is Art. 6 para. 1 p. 1 lit. a DS-GVO.
(4) You can revoke your consent to receive the newsletter at any time and unsubscribe from the newsletter. You can declare the revocation by clicking on the link provided in every newsletter e-mail, by e-mail to info@tanjabarth.com or by sending a message to the contact details given in the imprint.
[(5) We would like to point out that we evaluate your user behavior when sending the newsletter. For this evaluation, the emails sent contain so-called web beacons or tracking pixels, which are single-pixel image files that are stored on our website. For the evaluations, we link the data mentioned in § 3 and the web beacons with your e-mail address and an individual ID.
You can object to this tracking at any time by clicking the separate link provided in each email or by informing us via another contact channel. The information will be stored as long as you have subscribed to the newsletter. After unsubscribing, we store the data purely statistically and anonymously.
2. Use and utilization of Infusionsoft
For sending newsletters we use the software Infusionsoft ("Infusionsoft"), whose provider is Infusionsoft Inc. by Keap, 1260 South Spectrum Boulevard, Chandler, Arizona 85286, USA.
Infusionsoft enables, among other things, the organization and analysis of the sending of newsletters. The data entered by you when receiving the newsletter is stored on Infusionsoft's servers located in the United States of America. Infusionsoft enables us to analyze our newsletter campaigns. The e-mails sent to Infusionsoft contain so-called web beacons, which connect to Infusionsoft's servers in the USA when the e-mail is opened. In this way, it can be determined whether a newsletter message has been opened and which links, if any, have been clicked on. The technical information collected in the process (such as time of retrieval, IP address, browser type and operating system) cannot be assigned to the respective newsletter recipient and is used exclusively for statistical analysis of newsletter campaigns. The analysis results can be used in such a way that future newsletters can be better adapted to the interests of the recipients. If you do not agree to this, you must simply unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. In addition, there is also the possibility to unsubscribe from the newsletter on our website. The legal basis for the data processing is Art. 6 para. 1 p. 1 lit. a DS-GVO. You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare the revocation by clicking on the link provided in every newsletter email.
By entering into a so-called "Data Processing Agreement", we have obligated Infusionsoft to protect our customers' data and not to disclose it to third parties.
For more information about the purpose and scope of data collection and your processing, please see Infusionsoft's privacy policy at https://keap.com/legal/data-protection-faq.

§ 8 Use of Google Web Fonts
For the uniform display of fonts, we use Google Web Fonts, a service of Google LLC. Further information on this service can be found at http://developers.google.com/fonts/faq?hl=de-DE&csw=1 and https://fonts.google.com/.
General information on Google's privacy policy can be found at http://www.google.com/intl/de-DE/policies/privacy.
The legal basis for the use of Google Web Fonts is Art. 6 para. 1 p. 1 lit. f DS-GVO.

§ 9 Externes Hosting / Content Delivery Networks (CDN)
The hosting of this website is carried out by an external service provider, which is
webgo GmbH,
Heidenkampsweg 81,
20097 Hamburg.

The personal data collected on this website is stored on the servers of the external service provider, see the list in § 3 (1). Our external service provider will only process your data if this is necessary for the fulfillment of its contractual obligations and it complies with our instructions regarding your data.
Since the external service provider acts on our behalf with regard to the collection, processing and use of personal data, we have concluded a contract for commissioned data processing with the service provider to implement the requirements of Art. 28 DS-GVO.
The legal basis for the use of the external service provider is Art. 6 para. 1 p. 1 lit. b and f DS-GVO.

§ 10 Social media
Use of social media plug-ins
(1) We currently use the following social media plug-ins: Instragram, Telegram. We use the so-called two-click solution. This means that when you visit our site, no personal data is initially passed on to the providers of the plug-ins. You can identify the provider of the plug-in by marking the box with its initial letter or logo. We give you the opportunity to communicate directly with the provider of the plug-in via the button. Only if you click on the marked box and thereby activate it, the plug-in provider receives the information that you have accessed the corresponding website of our online offer. In addition, the data mentioned under § 3 of this declaration will be transmitted. By activating the plug-in, your personal data is transmitted to the respective plug-in provider and stored there (in the case of US providers, in the USA). Since the plug-in provider collects data in particular via cookies, we recommend that you delete all cookies via your browser's security settings before clicking on the grayed-out box.
(2) We have no influence on the collected data and data processing operations, nor are we aware of the full scope of data collection, the purposes of processing, the storage periods. We also have no information on the deletion of the collected data by the plug-in provider.
(3) The plug-in provider stores the data collected about you as usage profiles and uses them for purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (also for users who are not logged in) for the display of tailored advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. Via the plug-ins, we offer you the opportunity to interact with the social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 para. 1 p. 1 lit. f DS-GVO.
(4) The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in to the plug-in provider, the data we collect is directly assigned to your account with the plug-in provider. If you click the activated button and, for example, link to the page, the plug-in provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this allows you to avoid an assignment to your profile with the plug-in provider.
(5) Further information on the purpose and scope of data collection and processing by the plug-in provider can be found in the privacy statements of these providers, which are provided below. There you will also find further information about your rights in this regard and setting options for protecting your privacy.
(6) Addresses of the respective plug-in provider and URL with their privacy notices:
a) Instagram LLC, represented by Kevin Systrom and Mike Krieger, 1601 Menlo Park CA 94025, USA; https://instagram.com/legal/privacy/. Further information on data collection:
https://help.instagram.com/155833707900388/
https://help.instagram.com/478745558852511
https://instagram.com/legal/terms.
b) Telegram FZ-LLC, Dubai; https://telegram.org/privacy. For more information, see:
https://telegram.org/tos
https://core.telegram.org/api
https://core.telegram.org/bots
https://core.telegram.org/mtproto
https://telegram.org/apps#source-code.

§ 11 Online advertising
Facebook Pixel
(1) Furthermore, the website uses the analysis tool "Facebook Pixel" of Facebook Inc. ("Facebook") 1601 S California Ave, Palo Alto, California 94304, USA. We use this tool to measure the effectiveness of our advertising and to make the website more interesting for you by analyzing the actions that users perform on our website.
(2) Due to the analysis tool used, your browser automatically establishes a direct connection with the Facebook server when you perform an action on our website and the Facebook pixel is triggered, e.g. placing an item in the shopping cart or concluding a contract. We have no influence on the scope and further use of the data collected by Facebook through the use of this tool and therefore inform you according to our state of knowledge: By calling up the Facebook pixel, Facebook receives the information that you have called up the corresponding web page of our website or clicked on an ad of ours. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, it is possible that the provider will learn and store your IP address and other identifying features.
(3) The revocation of consent to "Facebook Pixel" is possible for logged-in users at http://www.facebook.com/settings/?tab=ads#.
(4) The legal basis for the processing of your data is Art. 6 para. 1 p. 1 lit. f DS-GVO. For more information on data processing by Facebook, please visit http://www.facebook.com/about/privacy.

§ 12 Using the Zoom conference tool
To conduct real-time video or audio conferences, we use Zoom, a service provided by Zoom Communications Inc. (hereinafter "Zoom"), San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA.
If communication with us occurs via video or audio conference, your personal data will be collected by both us and Zoom.
The following data is collected:
- E-mail address
- Phone number
- Start and end of conference participation
- Conference duration
- Number of conference topics
- other "contextual information" related to the communication process (metadata)
- all technical data required for handling online communication (in particular IP address, MAC address, device IDs, device type, operating system and its interface, client version, camera type, microphone, loudspeaker, type of connection)
Zoom also stores on its servers the exchange, upload or provision of content in any other way. This includes in particular the following content:
- Chat / instant messages
- Cloud recordings
- photos and videos uploaded via voicemails, files, whiteboards, and other information shared in the course of using the Service.
We process and store your personal data initially for the duration for which the respective purpose of use requires corresponding storage. If applicable, this also includes the periods of the initiation of a contract and the processing of a contract. On this basis, personal data is regularly deleted as part of the fulfillment of our contractual and/or legal obligations, unless further processing for a limited period is required for the following purposes:
- Fulfillment of legal obligations to maintain records, e.g. those arising from the German Commercial Code (sections 238, 257 (4) HGB) and the German Fiscal Code (section 147 (3) and (4) AO). The periods specified there for storage and documentation are up to ten years.
- Preservation of evidence, taking into account the statute of limitations. According to Sections 194 et seq. of the German Civil Code (BGB), these limitation periods can be up to 30 years, with the regular limitation period being three years.
The provisions in §§ 3 and 5 of this privacy policy apply to the exercise of your rights.
Further legal information (such as guidelines and general terms and conditions) regarding this service can be found at https://zoom.us/docs/de-de/privacy-and-legal.html. The privacy policy can be viewed at https://zoom.us/de-de/privacy.html.
Since Zoom acts on our behalf with regard to the collection, processing and use of personal data, we have concluded a contract for commissioned data processing with Zoom to implement the requirements of Art. 28 DS-GVO.
The legal basis for the use of Zoom is Art. 6 para. 1 p. 1 lit. b and f DS-GVO.

§ 13 Data security
All information you submit to us is stored on servers within the European Union. Unfortunately, the transmission of information via the Internet is not completely secure, which is why we cannot guarantee the security of data transmitted to our website via the Internet. However, we secure our website and other systems by technical and organizational measures against loss, destruction, access, alteration or distribution of your data by unauthorized persons. In particular, we transmit your personal data in encrypted form. We use the coding system SSL (Secure Socket Layer) or TLS (Transport Layer Security).

§ 14 No disclosure of personal data
We do not disclose your personal data to third parties unless you have consented to the disclosure of data or we are entitled or obliged to disclose data due to legal provisions and/or official or court orders. This may involve, in particular, the disclosure of information for the purposes of law enforcement, the prevention of danger or the enforcement of intellectual property rights.

§ 15 Data protection and third-party websites
The Website may contain hyperlinks to and from third party websites. If you follow a hyperlink to one of these websites, please note that we cannot accept any responsibility or guarantee for third-party content or data protection conditions. Please be sure to review the applicable privacy policy before submitting any personal information to those websites.

§ 16 Changes to these data protection provisions
We reserve the right to change this privacy policy at any time with effect for the future. A current version is available on the website. Please visit the website regularly and inform yourself about the applicable data protection provisions.

May 1st, 2021