Privacy Policy

1) Introduction and Contact Details of the Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data is any data with which you can be personally identified.

1.2 The controller for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Caredeluxe GmbH, Kaiser-Joseph-Str. 254, 79098 Freiburg, Germany, Tel.: 01762012883, Email: info@caredeluxe.com. The controller responsible for the processing of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

2) Data Collection When Visiting Our Website

2.1 When you use our website purely for information purposes, i.e. if you do not register or otherwise transmit information to us, we only collect such data that your browser transmits to the page server (so-called “server log files”). When you visit our website, we collect the following data that is technically necessary for us to display the website to you:

Our visited website
Date and time at the time of access
Amount of data sent in bytes
Source/reference from which you reached the page
Browser used
Operating system used
IP address used (if applicable: in anonymized form)

The processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or otherwise used. However, we reserve the right to subsequently check the server log files if there are concrete indications of illegal use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the character string “https://” and the lock symbol in your browser line.

3) Hosting & Content Delivery Network

For hosting our website and displaying the page content, we use a provider who provides their services themselves or through selected subcontractors exclusively on servers within the European Union.

All data collected on our website is processed on these servers. We have concluded a data processing agreement with the provider that ensures the protection of our site visitors’ data and prohibits unauthorized disclosure to third parties.

4) Cookies

To make visiting our website attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your device. Some of these cookies are automatically deleted after closing the browser (so-called “session cookies”), while others remain on your device for longer and enable the storage of page settings (so-called “persistent cookies”). In the latter case, you can see the storage duration in the overview of your web browser’s cookie settings.

If personal data is also processed by individual cookies we use, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR either for the performance of the contract, in accordance with Art. 6 para. 1 lit. a GDPR in the case of consent given, or in accordance with Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit.

You can set your browser so that you are informed about the setting of cookies and can decide individually about their acceptance or exclude the acceptance of cookies for certain cases or generally.

Please note that if you do not accept cookies, the functionality of our website may be limited.

5) Contact

5.1 Calendly

For the provision of an online appointment booking function, we use the services of the following provider: Calendly, LLC, BB&T Tower, 271 17th St NW, Atlanta, GA 30363, USA

For the purpose of scheduling appointments, first and last name as well as email address (and possibly the telephone number, if a telephone appointment is desired) are collected in accordance with Art. 6 para. 1 lit. b GDPR and transmitted to the provider and stored there for appointment organization in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in effective customer management and efficient appointment administration.

After the appointment has been held or after the agreed appointment period has expired, your data will be deleted by the provider.

We have concluded a data processing agreement with the provider that ensures the protection of our site visitors’ data and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level on the basis of an adequacy decision by the European Commission.

5.2

In the context of contacting us (e.g. via contact form or email), personal data is processed exclusively for the purpose of processing and answering your request and only to the extent necessary for this purpose.

The legal basis for processing this data is our legitimate interest in responding to your inquiry in accordance with Art. 6 para. 1 lit. f GDPR. If your contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted when it can be inferred from the circumstances that the matter in question has been finally clarified and provided there are no legal retention obligations to the contrary.

6) Use of Customer Data for Direct Advertising

Registration for Our Email Newsletter

If you register for our email newsletter, we will regularly send you information about our offers. The only mandatory information for sending the newsletter is your email address. Providing additional data is voluntary and will be used to address you personally. For sending the newsletter, we use the so-called double opt-in procedure, which ensures that you only receive newsletters when you expressly confirm your consent to receive the newsletter by clicking on a verification link sent to the email address provided.

By activating the confirmation link, you give us your consent to the use of your personal data in accordance with Art. 6 para. 1 lit. a GDPR. We store your IP address entered by your Internet Service Provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your email address at a later date. The data we collect when you register for the newsletter is used strictly for this purpose.

You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending a corresponding message to the controller mentioned at the beginning. After successful unsubscription, your email address will be deleted immediately from our newsletter distribution list, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

7) Data Processing for Order Processing

To the extent necessary for contract processing for delivery and payment purposes, the personal data we collect will be passed on to the commissioned transport company and the commissioned credit institution in accordance with Art. 6 para. 1 lit. b GDPR.

If we owe you updates for goods with digital elements or for digital products on the basis of a corresponding contract, we process the contact data you transmitted when placing your order to inform you personally within the scope of our legal information obligations in accordance with Art. 6 para. 1 lit. c GDPR. Your contact data is used strictly for the purpose of communications about updates we owe and is only processed by us to the extent necessary for the respective information.

To process your order, we also work with the following service provider(s), who support us in whole or in part in carrying out concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.

8) Web Analysis Services

Google Analytics 4

This website uses Google Analytics 4, a web analysis service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), which enables an analysis of your use of our website.

By default, when you visit the website, Google Analytics 4 sets cookies that are stored as small text blocks on your device and collect certain information. This information includes your IP address, which is however shortened by Google by the last digits to exclude direct personal reference.

The information is transferred to Google servers and processed there. Transfers to Google LLC based in the USA are also possible.

Google uses the information collected on our behalf to evaluate your use of the website, to compile reports on website activities for us, and to provide other services related to website use and internet use. The shortened IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. The data collected as part of the use of Google Analytics 4 is stored for a period of two months and then deleted.

All processing described above, in particular the setting of cookies on the device used, only takes place if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR.

Without your consent, Google Analytics 4 will not be used during your page visit. You can revoke your consent at any time with effect for the future. To exercise your right of revocation, please deactivate this service via the “Cookie Consent Tool” provided on the website.

We have concluded a data processing agreement with Google that ensures the protection of our site visitors’ data and prohibits unauthorized disclosure to third parties.

Further legal information on Google Analytics 4 can be found at https://business.safety.google/intl/de/privacy/, https://policies.google.com/privacy?hl=de&gl=de and at https://policies.google.com/technologies/partner-sites

Demographic Features

Google Analytics 4 uses the special function “demographic features” and can create statistics that make statements about the age, gender and interests of site visitors. This is done by analyzing advertising and information from third-party providers. This allows target groups to be identified for marketing activities. However, the collected data cannot be assigned to a specific person and is deleted after storage for a period of two months.

Google Signals

As an extension to Google Analytics 4, Google Signals can be used on this website to create cross-device reports. If you have activated personalized ads and linked your devices to your Google account, Google can, subject to your consent to the use of Google Analytics in accordance with Art. 6 para. 1 lit. a GDPR, analyze your usage behavior across devices and create database models, including cross-device conversions. We do not receive any personal data from Google, only statistics. If you want to stop cross-device analysis, you can deactivate the “Personalized Advertising” function in the settings of your Google account. To do this, follow the instructions on this page: https://support.google.com/My-Ad-Center-Help/answer/12155764?hl=de

Further information on Google Signals can be found at the following link: https://support.google.com/analytics/answer/7532985?hl=de

UserIDs

As an extension to Google Analytics 4, the “UserIDs” function can be used on this website. If you have consented to the use of Google Analytics 4 in accordance with Art. 6 para. 1 lit. a GDPR, have set up an account on this website and log in to this account on different devices, your activities, including conversions, can be analyzed across devices.

Collection of User-Provided Data

To improve analysis results for users whose contact data we have received in the context of business or business-like relationships, we use the “Collection of User-Provided Data” function. Subject to your express consent in accordance with Art. 6 para. 1 lit. a GDPR, we transmit one or more files with aggregated customer data relating to you (especially email address and telephone number) electronically to Google as part of this function. Google does not receive access to clear data, but automatically encrypts the information in the customer files during the transmission process using a special algorithm. The encrypted information can then only be used by Google to assign it to existing Google accounts that the data subjects have set up. The processing serves to refine measurement data, improves cross-device user traceability and enables the integration of analysis results into advertising personalization and conversion tracking functions of Google Ads.

You can revoke your consent to us at any time with effect for the future. Further information on Google’s data protection measures regarding the transmission of customer data can be found here: https://support.google.com/google-ads/answer/6334160?hl=de&ref_topic=10550182

9) Page Functionalities

9.1 Facebook Plugins

Plugins of the social network of the following provider are used on our website: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

These plugins enable direct interactions with content on the social network. To increase the protection of your data when visiting our website, the plugins are initially deactivated and integrated into the page using a so-called “2-click” or “Shariff” solution.

This integration ensures that when you call up a page of our website that contains such plugins, no connection is yet established with the provider’s servers.

Only when you activate the plugins and thus give your consent to the data transmission in accordance with Art. 6 para. 1 lit. a GDPR does your browser establish a direct connection to the provider’s servers. In this case, regardless of whether you are logged into an existing user profile, certain information about your device (including your IP address), your browser and your page history is transmitted to the provider and may be further processed there.

If you are logged into an existing user profile on the provider’s social network, information about interactions made via the plugins will also be published there and displayed to your contacts.

You can revoke your consent at any time by deactivating the activated plugin by clicking on it again. However, the revocation has no effect on the data that has already been transferred to the provider.

Data may also be transferred to: Meta Platforms Inc., USA

We have concluded a data processing agreement with the provider that ensures the protection of our site visitors’ data and prohibits unauthorized disclosure to third parties.

9.2 Instagram Plugins

Plugins of the social network of the following provider are used on our website: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland

This integration ensures that when you call up a page of our website that contains such plugins, no connection is yet established with the provider’s servers.

If you are logged into an existing user profile on the provider’s social network, information about interactions made via the plugins will also be published there and displayed to your contacts.

Data may also be transferred to: Meta Platforms Inc., USA

We have concluded a data processing agreement with the provider that ensures the protection of our site visitors’ data and prohibits unauthorized disclosure to third parties.

9.3 LinkedIn Plugins

Plugins of the social network of the following provider are used on our website: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

This integration ensures that when you call up a page of our website that contains such plugins, no connection is yet established with the provider’s servers.

If you are logged into an existing user profile on the provider’s social network, information about interactions made via the plugins will also be published there and displayed to your contacts.

Data may also be transferred to: LinkedIn Inc., USA

We have concluded a data processing agreement with the provider that ensures the protection of our site visitors’ data and prohibits unauthorized disclosure to third parties.

For the transmission of data to the USA, the provider relies on standard contractual clauses of the European Commission, which are intended to ensure compliance with the European data protection level.

9.4 Vimeo

This website uses plugins to display and play videos from the following provider: Vimeo.com, Inc., 330 West 34th Street, 10th Floor, New York, NY 10001, USA

When you visit a page of our website that contains such a plugin, your browser establishes a direct connection to the provider’s servers to load the plugin. Certain information, including your IP address, is transmitted to the provider.

When the playback of embedded videos is started via the plugin, the provider also uses cookies to collect information about user behavior, create playback statistics and prevent abusive behavior.

If you are logged into a user account with the provider during your page visit, your data will be directly assigned to your account when you click on a video. If you do not want the assignment to your account, you must log out before activating the playback button.

All aforementioned processing, in particular the setting of cookies for reading information on the device used, only takes place if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke the consent given at any time with effect for the future by deactivating this service via the “Cookie Consent Tool” provided on the website.

9.5 Facebook Connect

On our website we provide a single sign-on function from the following provider: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

In addition to the transmission of data to the above-mentioned provider location, data may also be transmitted to: Meta Platforms Inc., USA

If you have an account with the provider, you can use this account data to create a user account or register on our website.

When visiting this page, a direct connection can be established between your browser and the provider’s servers via this login function, even if you do not have an account with the provider or are not logged into one. The provider thus receives the information that you have visited our page. The information collected in this respect (possibly including your IP address) is transmitted directly from your browser to a server of the provider and stored there. However, the information is not used to personally identify you and is not passed on to third parties.

These data processing operations are carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in a user-friendly and interactive design of our online presence.

If you press the login button to register on our website with the data of your account with the provider, the provider transmits exclusively on the basis of your express consent in accordance with Art. 6 para. 1 lit. a GDPR the general and publicly accessible information stored in your account (user ID, name, address, email address, age and gender) to us.

We store and use the data transmitted by the provider to set up a user account with the necessary data (form of address, first name, last name, address data, country, email address, date of birth), provided you have released this to the provider. Conversely, data (e.g. information about your surfing or purchasing behavior) can be transferred from us to your account with the provider on the basis of your consent.

The consent given can be revoked at any time with effect for the future to us.

9.6 Google Web Fonts

This site uses so-called web fonts from the following provider for uniform display of fonts: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

When a page is called up, your browser loads the required web fonts into your browser cache to display texts and fonts correctly and establishes a direct connection to the provider’s servers. Certain browser information, including your IP address, is transmitted to the provider.

Data may also be transmitted to: Google LLC, USA

The processing of personal data in the course of establishing a connection with the provider of the fonts is only carried out if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by deactivating this service via the “Cookie Consent Tool” provided on the website.

If your browser does not support web fonts, a standard font from your computer will be used.

Further information on Google’s privacy policy can be found here: https://business.safety.google/intl/de/privacy/

9.7 Gravity Forms

For conducting surveys or online forms, we use the services of the following provider: Rocketgenius Inc., 1620 Centerville Turnpike STE 102, Virginia Beach, VA 23464, USA

The provider enables us to design and evaluate surveys and online forms. In addition to the respective personal data that you enter into the forms, information about your operating system, browser, date and time of your visit, referrer URL and your IP address is also collected, transmitted to the provider and stored on the provider’s servers.

The information you enter into the forms is stored in a password-protected manner to ensure that third-party access is excluded and that only we can evaluate the data for the purpose named in the form.

When processing personal data that is necessary for the performance of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 para. 1 lit. b GDPR serves as the legal basis. If you have given us your consent to process your data, the processing is based on Art. 6 para. 1 lit. a GDPR. Consent given can be revoked at any time with effect for the future.

We have concluded a data processing agreement with the provider that ensures the protection of our site visitors’ data and prohibits unauthorized disclosure to third parties.

10) Tools and Other

Cookie Consent Tool

This website uses a so-called “Cookie Consent Tool” to obtain effective user consent for cookies and cookie-based applications that require consent. The “Cookie Consent Tool” is displayed to users when the page is accessed in the form of an interactive user interface on which consent can be given for certain cookies and/or cookie-based applications by checking boxes. Through the use of the tool, all cookies/services requiring consent are only loaded if the respective user gives corresponding consent by checking boxes. This ensures that such cookies are only set on the respective user’s device if consent has been given.

The tool sets technically necessary cookies to store your cookie preferences. Personal user data is generally not processed in this process.

If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning or logging cookie settings, this is done in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website.

A further legal basis for processing is Art. 6 para. 1 lit. c GDPR. As the controller, we are subject to the legal obligation to make the use of technically non-essential cookies dependent on the respective user consent.

Where necessary, we have concluded a data processing agreement with the provider that ensures the protection of our site visitors’ data and prohibits unauthorized disclosure to third parties.

Further information on the operator and the setting options of the Cookie Consent Tool can be found directly in the corresponding user interface on our website.

11) Rights of the Data Subject

11.1 The applicable data protection law grants you the following data subject rights (information and intervention rights) vis-à-vis the controller with regard to the processing of your personal data, whereby the legal basis cited is referred to for the respective exercise requirements:

Right of access according to Art. 15 GDPR;
Right to rectification according to Art. 16 GDPR;
Right to erasure according to Art. 17 GDPR;
Right to restriction of processing according to Art. 18 GDPR;
Right to notification according to Art. 19 GDPR;
Right to data portability according to Art. 20 GDPR;
Right to withdraw consent given according to Art. 7 para. 3 GDPR;
Right to lodge a complaint according to Art. 77 GDPR.

11.2 RIGHT TO OBJECT

IF WE PROCESS YOUR PERSONAL DATA AS PART OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL END THE PROCESSING OF THE DATA CONCERNED. HOWEVER, FURTHER PROCESSING REMAINS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES THE ASSERTION, EXERCISE OR DEFENSE OF LEGAL CLAIMS.

IF YOUR PERSONAL DATA IS PROCESSED BY US FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL END THE PROCESSING OF THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

12) Duration of Storage of Personal Data

The duration of storage of personal data is measured by the respective legal basis, the processing purpose and – if relevant – additionally by the respective statutory retention period (e.g. commercial and tax retention periods).

When processing personal data on the basis of express consent in accordance with Art. 6 para. 1 lit. a GDPR, the data concerned is stored until you revoke your consent.

If there are statutory retention periods for data that is processed in the context of legal or quasi-legal obligations on the basis of Art. 6 para. 1 lit. b GDPR, this data is routinely deleted after the retention periods have expired, provided it is no longer required for contract performance or contract initiation and/or we have no legitimate interest in continued storage.

When processing personal data on the basis of Art. 6 para. 1 lit. f GDPR, this data is stored until you exercise your right to object according to Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves the assertion, exercise or defense of legal claims.

When processing personal data for the purpose of direct marketing on the basis of Art. 6 para. 1 lit. f GDPR, this data is stored until you exercise your right to object according to Art. 21 para. 2 GDPR.

Unless otherwise specified in the other information in this declaration about specific processing situations, stored personal data is otherwise deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

Data privacy

Privacy Policy

1) Introduction and Contact Details of the Controller

2) Data Collection When Visiting Our Website

3) Hosting & Content Delivery Network

4) Cookies

5) Contact

5.1 Calendly

5.2

6) Use of Customer Data for Direct Advertising

Registration for Our Email Newsletter

7) Data Processing for Order Processing

8) Web Analysis Services

Google Analytics 4

Demographic Features

Google Signals

UserIDs

Collection of User-Provided Data

9) Page Functionalities

9.1 Facebook Plugins

9.2 Instagram Plugins

9.3 LinkedIn Plugins

9.4 Vimeo

9.5 Facebook Connect

9.6 Google Web Fonts

9.7 Gravity Forms

10) Tools and Other

Cookie Consent Tool

11) Rights of the Data Subject

12) Duration of Storage of Personal Data