Data Protection

Privacy Notice of LS DigiServ GmbH

General information regarding the handling of your data

The following notes provide you with information on the type, scope and purposes of the collection, use and processing of personal data on our website:

https://greenmd.shop

1. Responsible Office - contact

1.1. Responsible body within the meaning of the Data Protection Act

The responsible body within the meaning of Article 4 (7) of the EU General Data Protection Regulation (GDPR) is:

LS DigiServ GmbH

Jacobsrade 74

22962 Siek, Germany

Phone.: +49 40 65863459

Fax: +49 40 65863458

E-Mail: info@greenmd.shop

Contact: Sergej Lissowsky

1.2. Contact

a) If you have any questions regarding data protection, or if you wish to exercise any rights or claims regarding your personal data, you can contact us using the contact details given above (under section 1.1.).

b) In our contact form, you must provide mandatory information (e.g. your e-mail address, your name) in order to answer your request. We need this information in order to process your inquiry and to be able to contact you. You can fill in the other fields voluntarily.

c) When you contact us (e.g. by telephone, e-mail), your details will be stored in accordance with Art. 6 para. 1 lit. b) GDPR for the purpose of processing your enquiry and in the event that follow-up questions arise. We delete the data arising in this connection after storage is no longer required or restrict processing if there are legal obligations to retain data (see section 14).

2. Data processed by us

2.1. Legal grounds

a) Personal data may be processed during each visit to our website. Your personal data will only be processed if this is legally permitted (legal basis). This is the case in accordance with Art. 6 para. 1 GDPR, if

- you have given us your consent, or

- the processing is necessary for the performance of our contract with you, or

- pre-contractual measures are required in the event of a request by you, or

- the processing is necessary in order to protect your vital interests, or

- to protect that of another natural person, or

- the processing is necessary for the protection of our legitimate interests or those of a third party, unless your interests or fundamental rights and freedoms, which require the protection of personal data, outweigh the processing (balancing of interests)

b) The personal data collected from you will be deleted as soon as the purpose of the collection no longer applies (see section 14).

2.2. What are personal data?

a) The meaning of "personal data" can be derived from Article 4 of the General Data Protection Regulation (GDPR). According to this, personal data is information that can be assigned to your person using proportionate means. Personal data are divided into four groups. These include inventory data (e.g. names and addresses of customers), contract data (e.g. services used, names of clerks, payment information), usage data (e.g. the websites visited by our online offer, interest in our products) and content data (e.g. entries in the contact form). Information that cannot be attributed to a specific or determinable person, or only with a disproportionately large expenditure of time, cost and labour, are called anonymous data and are therefore not personalized.

b) In addition, when visiting our website, certain data is also processed for technical reasons. These are mainly technical information such as the IP address that your Internet access provider assigns to your computer when you connect to the Internet, or information about the Internet page from which you accessed our website or about the type and version of the Internet browser you are using. However, this also includes login data, your operating system, download errors, the length of visits to certain pages, and all telephone numbers from which you call our customer service number. This technical information may be personal data in individual cases. That technical information will only be used by us if this is necessary for technical reasons concerning the operation and protection of our website against attacks and misuse in accordance with Art. 6 para. 1 (f) GDPR.

2.3. What does “processing” mean?

"Processing", as defined by Article 4 of the GDPR, includes all operations that are part of the handling of data. The term "processing" covers not only the collection or registration of data, but also its organisation, classification, storage, adaptation or modification. However, the term also covers other actions, such as actual use, or transmission or distribution. Ultimately, however, this also includes the restriction, deletion or destruction of data.

3. Data Security

The security of your personal data has a very high priority for us. Therefore, we protect your stored data by technical and organisational measures. This ensures compliance with data protection laws and effectively prevents loss or abuse by third parties. In particular, our employees who process personal data are obliged to maintain data secrecy and must comply with it.

4. SSL-encryption

Our website uses secure SSL encryption when transmitting personal data or personal content of our users. Please make sure that SSL encryption is activated for corresponding activities from your side. You can recognise an encrypted connection by your browser’s address bar changing from "http://" to "https://". Data encrypted via SSL cannot be read by third parties. Therefore, please transmit your confidential information only if SSL encryption is activated and contact us if in doubt.

5. Collection of personal data when visiting our website

a) When using the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser sends to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website and to ensure its stability and security [legal basis is Art. 6 para. 1 (f) GDPR]:

- the IP address of the requesting device (i.e. your computer or smartphone)

- Date and time of access to our website,

- Search words you used to find our site,

- Time zone difference to Greenwich Mean Time (GMT),

- Content of the request ( specific page),

- Access status/ http status code,

- the amount of data transmitted,

- the website from which access is made (referrer URL),

- Operating system and its interface,

- as well as the browser used and, if applicable, the operating system of your computer and the name of your access provider.

b) For security reasons (e.g. for the investigation of potential cases of abuse or fraud), the above-mentioned data will be stored for a maximum of seven days and then deleted. Data whose further storage is required for evidential purposes are excluded from deletion until the respective incident has been conclusively clarified.

c) In addition to the data mentioned above, cookies are stored on your computer when you use our website. You will find more detailed information on cookies under section 10.

d) The data are collected by us on the basis of our legitimate interests as defined in Art. 6 para. 1 (f) GDPR. We do not use the collected data for the purpose of drawing conclusions about your person. The purposes pursued by us include in particular:

- ensuring a smooth connection to the website,

- ensuring a comfortable use of our website,

- the investigation of cases of abuse or fraud,

- the evaluation of system safety and stability, and

- other administrative purposes.

6. Transfer of data to third parties and third party providers

a) Data will only be passed on to third parties within the scope of the legal requirements. We therefore only pass on user data to third parties if:

- you have given your explicit consent in accordance with Art. 6 para. 1 (a) GDPR,

- the passing on is necessary in accordance with Art. 6 para. 1 (f) GDPR for the assertion, exercise or defence of legal claims and there is no reason to assume that you have a serious, great interest in your data not being passed on,

- if there is a legal obligation to pass on the data in accordance with Art. 6 para. 1 © GDPR, and

- this is legally permitted and is required under Art. 6 para.1 (b) GDPR for the handling of contractual relationships with you.

b) When passing on your personal data, we always ensure the highest possible level of security. For this reason, your data will only be passed on to service providers and partner companies that have been carefully selected and contractually obliged to ensure that personal data is protected in accordance with the relevant legal regulations.

c) We would like to point out to you that in addition to this data protection declaration, the data protection guidelines and declarations of the locally responsible partners and their authorised institutions may also apply.

7. Where is your personal data stored?

a) The personal data we collect is generally stored within the European Union ("EU"). However, it may happen in exceptional cases that personal data is transferred to non-European countries. In these so-called "third countries" the GDPR is not a directly applicable law. In such countries, the data protection law may be less strict.

b) Such transfer of data to countries outside the European Economic Area may occur, for example, when processing a request for services or providing support services by electronic means.

c) However, in the event of such a transfer of data to a third country, we will ensure that it takes place in accordance with this Privacy Policy. In addition, we will ensure that the recipient in the third country ensures an adequate level of data protection for you and other parties concerned or that a legal permission exists. This is done, for example, by concluding a contract with the recipient in the third country on the basis of the so-called standard contractual clauses of the European Commission. These standard contractual clauses guarantee a similar level of data protection as the one provided by the European Data Protection Regulation.

8. Conclusion of contracts, user registration

a) In accordance with Art. 6 Para. 1 lit. b DSGVO, personal data will also be collected and processed if you provide us with this data for the purpose of carrying out a user relationship, contract or in the context of initiating a contractual or user relationship. The data that is collected can be seen from the respective input forms or is communicated within the scope of the enquiry. We store and use the data you provide for the purpose of processing the contract. After the contract or usage relationship has been fully processed, your data will be blocked with regard to tax and commercial law retention periods and deleted after these periods have expired, unless you have expressly consented to further use of your data or we have reserved the right to legally permitted further use of data, about which we inform you accordingly below.

b) You can create a user account with us. As part of the registration process, you will be provided with the required mandatory information. This includes in particular your name, address, date of birth, e-mail address and billing address. Further details are marked as such.

c) If you have cancelled your user account, your user account data will be deleted. However, this only applies if the storage is necessary in accordance with Art. 6 Para. 1 lit. c DSGVO (see "Deletion and storage periods for your data", Section 14).

d) Within the scope of registration and repeated logins as well as the use of our online services, we will save your IP address and the time of your respective use. The storage is based on our legitimate interests, in particular to protect against abuse and other unauthorized use (Art. 6 para. 1 p. 1 lit. f GDPR). In principle, this data is not passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so in accordance with Art. 6 Para. 1 lit. c GDPR.

9. External payment providers

a) Within the scope of fulfilling contracts (Art. 6 para. 1 lit. b. GDPR) we use external payment service providers through whose platforms the users and we can carry out payment transactions. Furthermore, the external payment service providers are selected on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f. GDPR in order to offer our users effective and secure payment options.

b) The data processed by the payment service providers include basic data, such as name and address, bank data, such as account or credit card numbers, passwords, TANs and checksums, as well as contract sums and recipient related data. These details are required to complete the transactions. However, the data entered is only processed by the payment service providers and stored by them. This means that we do not receive any account or credit card related information, but only information with confirmation or negative information about the payment. Under certain circumstances, the payment service providers may transfer the data to credit agencies. The purpose of this transmission is to check the buyers identity and credit rating.

c) In addition, the data protection notices of the respective payment service providers apply to the processing:

- Paypal (https://www.paypal.com/de/webapps/mpp/ua/privacy-full)

- Klarna ( https://www.klarna.com/international/privacy-policy/)

- Visa (https://bb.visa.com/legal/global-privacy-notice.html)

- Mastercard (https://www.mastercard.us/en-us/vision/corp-responsibility/commitment-to-privacy/privacy.html)

- American Express (https://www.americanexpress.com/de/content/privacy-policy-statement.html)

10. Cookies

a) We use so-called "cookies" to recognise multiple use of our offer by the same user or Internet connection holder. Cookies are small text files that are stored by the web browser on the user's terminal device to store certain information.

b) If the user consents to the use of cookies, the legality of the data processing is governed by Art. 6 para. 1 (a) GDPR. If consent is not requested, our legitimate interest (i.e. interest in the analysis, optimisation and economic operation of this website and services) within the meaning of Art. 6 para. 1 (f) GDPR constitutes the legal basis for the use of cookies.

c) The cookies used by the website are divided into the following categories according to their purpose and function: Necessary cookies; functional cookies; performance cookies; marketing / third party cookies; cooking requiring consent.

Necessary cookies ensure that this website and the service functions properly. Functional cookies enable this website to store information such as the user name or language selection and to offer the user improved and personalised functions based on this information. These cookies collect and store only anonymous information. Performance cookies collect information on how our website is used in order to improve its attractiveness, content and functionality. Marketing / third party / consent cookies originate from external advertising companies and are used to collect information about the websites last visited by the user.

d) Necessary cookies cannot be deactivated or activated individually. The user has the possibility to adjust his cookie settings at any time or to deactivate cookies generally in his browser. The user can object to the use of functional cookies, performance cookies or marketing cookies at any time by adjusting his cookie settings accordingly. However, the exclusion of cookies may lead to functional restrictions of this online service. Information on how to deactivate cookies in the most common browsers can be found under the following links:

· Google Chrome https://support.google.com/accounts/answer/61416?co

· Microsoft Internet Explorer https://support.microsoft.com/en-us/topic/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d

· Safari https://support.apple.com/guide/safari/sfri11471/mac

· Firefox https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox

· Opera https://help.opera.com/latest/web-preferences/#cookies

11. Integration of third party content

11.1. Google Analytics

a) For the purpose of a demand-oriented design and continuous optimisation, we use Google Analytics, a web analysis service of Google Inc. ("Google"), 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

b) The use of Google Analytics is based on our legitimate interests within the meaning of Art. 6 para. 1 (f) GDPR. We use Google Analytics to analyse and thus regularly improve the use of our website. We can use the statistics obtained to optimise our offer and make it more interesting for you as a user. For the exceptional cases in which personal data is transferred to the USA, Google has committed itself to the EU-US Privacy Shield and thus offers a guarantee of compliance with European data protection law https://www.privacyshield.gov/EU-US-Framework.

c) We also use Google Analytics for a cross-device analysis of visitor flows, which is carried out via a user ID. You can deactivate the cross-device analysis of your usage in your customer account under "My data", "Personal data".

d) We use Google Analytics with the addition "_anonymizeIp()". This allows IP addresses to be processed in a shortened form, thus excluding the possibility of identifying a person. If the data collected about you contains a personal reference, it will immediately be excluded. The personal data will therefore be deleted immediately.

e) We use the "demographic characteristics" function of Google Analytics. This allows us to create reports that contain statements about the age, gender and interests of the site visitors. This data comes from interest-based advertising by Google as well as from visitor data from third parties. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google Account or generally prohibit the collection of your data by Google Analytics as described in the section "Objection to data collection".

f) Google Analytics uses so-called "cookies", text files which are stored on your computer and allow an analysis of your use of the website (see section 10). The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, your IP address will be shortened by Google within member states of the European Union or in other states which are party to the Agreement of the European Economic Area. Only in exceptional cases the full IP address will be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating the use of the website by users, compiling reports on website activity and providing other services to the website operator relating to website activity and internet usage.

g) The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google.

h) You may refuse the use of cookies by selecting the appropriate settings on your browser; however, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) as well as Google from processing this data by downloading and installing the browser plug-in available under the following link. The current link is: https://tools.google.com/dlpage/gaoptout?hl=en.

i) You can find further information on the use of data for advertising purposes by Google, as well as setting and objection options, on their websites:

- Use of data by Google https://marketingplatform.google.com/about/analytics/terms/us/

- Use of data for advertising purposes http://www.google.com/policies/technologies/ads

- About data protection https://marketingplatform.google.com/about/analytics/terms/us/

- To the privacy policy http://www.google.de/intl/de/policies/privacy

11.2. Google Cloud

a) For the purposes of document storage, spreadsheets and presentations, exchange of documents, content and information with certain recipients, we use the cloud software services offered by Google Ireland Limited, Gordon House, Barrow Street, DUBLIN 4, IRELAND. Insofar as a transfer to the USA takes place, we refer to the certification of Google USA under the Privacy Shield(https://www.privacyshield.gov/participant?id=a2zt0000000000001L5AAI&status=Aktive) and standard protection clauses (https://cloud.google.com/terms/data-processing-terms).

b) In this context, the personal data of users are processed insofar as they become part of the documents and content processed within the services described or are part of communication processes. Google also processes usage data and metadata used by Google for security purposes and service optimisation.

c) In the context of the use of publicly accessible documents, web pages or other content, Google may store cookies on users' computers for the purposes of web analysis or to remember users' preferences.

d) We use the Google Cloud services on the basis of our legitimate interests pursuant to Art. 6 (1) lit. f DSGVO in efficient and secure administration and collaboration processes.

e) For further information, please see Google's privacy policy (https://www.google.com/policies/privacy) and the security information for Google cloud services (https://cloud.google.com/security/privacy/).

11.3. WhatsApp for Business

a) For the purpose of communicating with our customers and other third parties, we use, among other things, the messaging service WhatsApp. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

b) Communication via WhatsApp Business uses end-to-end encryption (peer-to-peer), which prevents WhatsApp Business or other third parties from gaining access to the communication content. WhatsApp Business does, however, gain access to metadata that is generated in the course of the communication process (e.g. sender, recipient and time). We would also like to point out that WhatsApp Business, according to its own statement, shares personal data of its users with its parent company Facebook, which is based in the USA.

c) WhatsApp is used on the basis of our legitimate interest in communicating as quickly and effectively as possible with customers, interested parties and other business and contractual partners (Art. 6 para. 1 lit. f DSGVO). Insofar as a corresponding consent has been requested, the data processing is carried out exclusively on the basis of the consent.

d) Further details on data processing can be found in WhatsApp's privacy policy at: https://www.whatsapp.com/legal/#privacy-policy

11.4. Use of social media and other external providers

a) We provide links on our website to the providers listed below.

b) The legal basis for this is Art. 6 para. 1 p. 1 lit. f DSGVO. We use this to make our website more appealing to the respective user and thus ultimately to make it better known. The underlying promotional purpose is to be regarded as a legitimate interest within the meaning of the DSGVO.

c) In order to increase the protection of your data when visiting our website, these buttons are not unrestricted plug-ins, but are only integrated into the page using an HTML link. This type of integration ensures that when you call up a page of our website that contains such buttons, no connection is yet established with the servers of the respective providers. When you click on the button, a new browser window opens and calls up the provider's page on which you can interact with the service there (if necessary after entering your login data).

11.4.1. Facebook

a) We link to our offer on the social network Facebook, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). Facebook Inc. with its headquarters in the USA is certified for the us-European data protection agreement "Privacy Shield", which ensures compliance with the level of data protection applicable in the EU.

b) For the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights in this regard and setting options for protecting your privacy, please refer to Facebook's privacy policy: https://www.facebook.com/policy.php/

11.4.2. LinkedIn

a) We link to our offer at the service of the network LinkedIn. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Instagram is certified for the us-European data protection agreement "Privacy Shield", which ensures compliance with the level of data protection applicable in the EU.

b) For the purpose and scope of the data collection and the further processing and use of the data by LinkedIn, as well as your rights in this regard and setting options for protecting your privacy, please refer to LinkedIn's data protection information: https://de.linkedin.com/legal/privacy-policy

11.4.3. TikTok

a) We link to our offer on the social media service "TikTok, TikTok Inc. 10100 Venice Blvd, Culver City, CA 90232, USA.

b) For the purpose and scope of the data collection and the further processing and use of the data by Tik Tok, as well as your rights in this regard and setting options for protecting your privacy, please refer to TikTok's privacy policy: https://www.tiktok.com/legal/privacy-policy?lang=de.

11.4.4. Twitter

a) We link to the microblogging service Twitter on our website, which is operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA ("Twitter"). Twitter Inc. is based in the USA and is certified for the us-European data protection agreement "Privacy Shield", which ensures compliance with the level of data protection applicable in the EU.

b) For the purpose and scope of the data collection and the further processing and use of the data by Twitter, as well as your rights in this regard and setting options for protecting your privacy, please refer to Twitter's privacy policy: https://twitter.com/privacy/

11.5. Integration of YouTube

a) Components (videos) of the company YouTube are used on our website. The legal basis for the use of YouTube is Art. 6 para. 1 (f) GDPR. We use it in order to make our website more appealing to the respective user and thereby make it better known. The advertising purpose behind this is to be regarded as a legitimate interest within the meaning of the GDPR.

(b) YouTube, LLC 901 Cherry Ave., 94066 San Bruno, CA, USA, is a company belonging to Google Inc, Amphitheatre Parkway, Mountain View, CA 94043, USA.

c) The YouTube videos on our website are all embedded in "enhanced privacy mode", which means that no data about you as a user is transferred to YouTube if you do not watch the videos. Only when you do start playing the videos, the following data will be transmitted. We have no influence on this data transmission.

d) By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned under section 5 will be transmitted. This will occur regardless of whether YouTube provides a user account which you are logged in to or whether no user account exists. If you are logged in to your Google account, your data will be directly associated with your account. If you do not want your profile to be associated with YouTube, you must log out before activating the button.

YouTube stores your data in user profiles and uses them for the purposes of advertising, market research and/or the demand-oriented design of its website. Such an analysis is carried out in particular (even for users who are not logged in) to offer demand-oriented and tailored advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles. You must contact YouTube to exercise this right.

e) For more information on the purpose and scope of data collection and processing by YouTube, please see their privacy policy. There you will also find further information on your rights and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has committed itself to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

12. Your rights regarding your data

You have the following rights regarding the processed data:

- in accordance with art. 15 of the GDPR, you can request information about your personal data processed by us. In particular, you may request information on the purposes of the processing, the category of personal data, the categories of recipients to whom your data have been or will be transmitted, the planned storage period, the existence of a right of rectification, erasure, restriction of processing or opposition, the existence of a right of appeal, the origin of your data, if not collected by us, as well as the existence of automated decision making including profiling and, if applicable, meaningful information on the details of the data;

- in accordance with Art. 16 GDPR, you can immediately request the correction of incorrect or incomplete personal data stored by us;

- in accordance with Art. 17 GDPR, you can request the deletion of your personal data stored with us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or if the data is necessary for the assertion, exercise or defence of legal claims

- in accordance with Art. 18 GDPR, you can request the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR

- in accordance with Art. 20 GDPR, you have the right to data transmission, i.e. to receive your personal data that you have provided us with in a structured, common and machine-readable format or may request the transfer to another responsible party, provided that the processing is based on your consent or on a contract with us and that the processing was carried out by using automated procedures. However, in the case of a transfer of data to another party, you can only request the transfer if it is technically feasible;

- In accordance with Art. 7 Para. 3 GDPR, you can withdraw your consent to us at any time. As a result, we may no longer continue to process the data that was based on this consent in the future; and

- Under Art. 77 GDPR, you have the right to file a complaint to a supervisory authority. To do so, you may contact the supervisory authority at your usual place of residence or work or at our head office.

In order to exercise your rights to correct or delete personal data, to request information, to revoke a consent or to object, only a simple message to us is required. There are no costs for you to exercise your rights. You can contact us using the contact information provided in section 1.1. of this data protection declaration.

13. Right of objection

a) If you have given your consent to the processing of your data, you can withdraw this consent at any time. After you have expressed it to us, such a withdrawal will affect the permissibility of the processing of your personal data.

b) If we base the processing of your personal data on the balancing of interests, you may object to the processing. If you do so, please explain the reasons why we should not process your personal data as we have done. If your objection is well-founded, we will examine the situation and either stop or adapt the data processing or outline our compelling reasons for continuing the processing. We will inform you of such compelling reasons. You have the right to file a complaint at any time to a supervisory authority (e.g. the supervisory authority at your place of residence or at the registered office of our company).

c) You can object to the processing of your personal data for the purposes of advertising and data analysis at any time. You can inform us about your objection to advertising by using the contact details given in section 1.1.

d) If you wish to make use of your right of withdrawal or objection, it is sufficient to send an e-mail to the person named in section 1.1.

14. Deletion and retention periods of your data

a) The data stored with us will be deleted as soon as they are no longer required for the intended purpose. For details, please refer to the sections of this notice which explain the nature and purpose of the processing of personal data in question.

b) Data which we are required to be stored by law, statutes or contractual obligations (e.g. for tax reasons) will be blocked instead of deleted to prevent use for other purposes. This includes storage for 6 years in accordance with § 257 (1) German HGB (for trading books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting vouchers, etc.) or storage for 10 years in accordance with § 147 (1) AO (books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.).

15. Updates to our Privacy Notice

a) This Privacy Notice is currently valid and was updated in 03/2023.

b) Due to changes in the law or adjustments in data processing, it may be necessary to update this data protection declaration. We therefore recommend that you check this page regularly for changes. If the change affects your consent or the provisions of the contractual relationship, these will only be made with your consent. You will be contacted separately by us for this purpose.