1. Privacy at a Glance

General Information

The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. Detailed information on data protection can be found in our privacy policy listed below.

Data Collection on This Website

Who is responsible for data collection on this website? Data processing on this website is carried out by the website operator. The operator's contact details can be found under “Information on the Responsible Party” in this privacy policy. How do we collect your data? Your data is collected in part when you provide it to us – for example, by entering it into a contact form. Other data is automatically collected or recorded with your consent by our IT systems when you visit the website. This primarily includes technical data (e.g. internet browser, operating system, time of page access). This data is collected automatically as soon as you enter the website.

What do we use your data for?

Some of the data is collected to ensure the website functions properly. Other data may be used to analyze your usage behavior. What rights do you have regarding your data? You have the right to receive information, free of charge, at any time about the origin, recipient, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can revoke this consent at any time for the future. You also have the right, under certain circumstances, to request the restriction of the processing of your personal data. Furthermore, you have the right to lodge a complaint with the competent supervisory authority. You may contact us at any time with questions about your data protection rights. Analytics and Third-Party Tools When visiting this website, your browsing behavior may be statistically evaluated. This is primarily done using analytics programs. Details about these programs can be found in the full privacy policy below.

2. Hosting

We host the content of our website with the following provider: Strato The provider is Strato AG, Otto-Ostrowski-Straße 7, 10249 Berlin, Germany (hereinafter referred to as “Strato”). When you visit our website, Strato collects various log files including your IP addresses. For more information, please refer to Strato’s privacy policy: 👉 https://www.strato.de/datenschutz/

The use of Strato is based on Article 6(1)(f) of the GDPR. We have a legitimate interest in the most reliable presentation of our website possible. If corresponding consent has been requested, processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and § 25(1) of the German TTDSG, insofar as consent includes the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) as defined by the TTDSG. Consent can be revoked at any time.

Data Processing Agreement

We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a legally required contract under data protection law that ensures Strato processes personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

3. General Information and Mandatory

Disclosures Data Protection The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy. When you use this website, various personal data is collected. Personal data refers to any data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this happens. Please note that data transmission over the Internet (e.g. communication via email) can have security vulnerabilities. A complete protection of data from access by third parties is not possible.

Information About the Responsible Party

The responsible party for data processing on this website is:

Heidi Allar and Jose Codes GbR Wessobrunnerweg 14 86163 Augsburg Germany Phone: +49 177 5834764 Email: info@nice2be.de

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of the processing of personal data (e.g. names, email addresses, etc.). Storage Duration Unless a more specific storage period is mentioned within this privacy policy, your personal data will remain with us until the purpose for the data processing no longer applies. If you make a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law). In the latter case, deletion will occur after these reasons no longer apply. Legal Basis for Data Processing on This Website If you have consented to data processing, we process your personal data based on Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR if special categories of data according to Art. 9(1) GDPR are processed. In the case of explicit consent to the transfer of personal data to third countries, the data processing is also based on Art. 49(1)(a) GDPR. If you have consented to the storage of cookies or access to information on your device (e.g. via device fingerprinting), the data processing is additionally based on § 25(1) TTDSG. Consent can be revoked at any time. If your data is required to fulfill a contract or carry out pre-contractual measures, we process your data on the basis of Art. 6(1)(b) GDPR. In addition, if your data is required to fulfill a legal obligation, we process it based on Art. 6(1)(c) GDPR. Data processing may also be based on our legitimate interest according to Art. 6(1)(f) GDPR. The relevant legal basis for each individual case is explained in this privacy policy. Recipients of Personal Data As part of our business operations, we work with various external parties. In some cases, the transfer of personal data to these external parties is necessary. We only disclose personal data to external parties if this is necessary for the fulfillment of a contract, if we are legally obligated to do so (e.g. transfer to tax authorities), if we have a legitimate interest according to Art. 6(1)(f) GDPR, or if another legal basis permits the transfer. When using processors (data processing on behalf), we only transfer personal data of our customers on the basis of a valid data processing agreement. In cases of joint processing, a joint processing agreement is concluded. Revocation of Your Consent to Data Processing Many data processing operations are only possible with your explicit consent. You can revoke consent at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation. Right to Object to Data Processing in Special Cases and to Direct Advertising (Art. 21 GDPR)

IF DATA PROCESSING IS BASED ON ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT, AT ANY TIME, TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION. THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS FOR PROCESSING CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21(1) GDPR). IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT ADVERTISING PURPOSES, YOU HAVE THE RIGHT TO OBJECT TO SUCH PROCESSING AT ANY TIME. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).**

4. Data Collection on This Website Cookies

Our websites use so-called “cookies.” Cookies are small data packages that do not harm your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted after your visit. Persistent cookies remain stored on your device until you delete them manually or your web browser deletes them automatically. Cookies may be set by us (first-party cookies) or by third-party companies (third-party cookies). Third-party cookies enable the integration of certain third-party services within websites (e.g., payment services). Cookies serve various purposes. Many cookies are technically necessary, as certain website functions would not work without them (e.g., shopping cart function or video display). Other cookies are used to analyze user behavior or for advertising purposes. Cookies that are necessary for the performance of electronic communication processes or for the provision of certain functions you desire (e.g., shopping cart) or for optimizing the website (e.g., audience measurement cookies) are stored based on Art. 6(1)(f) GDPR unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimized provision of services. If consent has been requested for the storage of cookies and similar recognition technologies, processing is carried out solely on the basis of this consent (Art. 6(1)(a) GDPR and § 25(1) TTDSG); consent can be revoked at any time. You can configure your browser to notify you about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for specific cases or in general, and enable the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website. Which cookies and services are used on this website can be found in this privacy policy.

Server Log Files

The provider of these pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These include: Browser type and version Operating system used Referrer URL Host name of the accessing device Time of the server request IP address These data will not be merged with other data sources. The collection of this data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of the website – for this purpose, server log files must be recorded.

Contact Form

If you send us inquiries via the contact form, your details from the form, including the contact data you provide there, will be stored by us for the purpose of processing your inquiry and for any follow-up questions. We do not share this data without your consent. The processing of this data is based on Art. 6(1)(b) GDPR if your request is related to the performance of a contract or is necessary to carry out pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of inquiries (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR), if requested; consent can be revoked at any time. The data you enter in the contact form remains with us until you request deletion, revoke your consent to storage, or the purpose for storing the data no longer applies (e.g., after your request has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.

Inquiry by Email, Telephone, or Fax

If you contact us by email, telephone, or fax, your inquiry including all resulting personal data (e.g., name, request) will be stored and processed by us for the purpose of handling your request. We do not share this data without your consent. The processing of this data is based on Art. 6(1)(b) GDPR if your inquiry is related to the performance of a contract or necessary to carry out pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of inquiries (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR), if obtained; consent can be revoked at any time. The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage, or the purpose for data storage no longer applies. Mandatory legal provisions – especially retention periods – remain unaffected.

5. Social Media

Social Media Elements with Shariff This website uses elements from various social media platforms (e.g., Facebook, X (formerly Twitter), Instagram, Pinterest, XING, LinkedIn, Tumblr). You can generally recognize these elements by the respective social media logos. To ensure data protection on this website, we use these elements only together with the so-called “Shariff” solution. This application prevents the social media elements integrated on this website from transmitting personal data to the respective provider when the page is first loaded. Only when you activate the respective social media element by clicking the corresponding button will a direct connection to the provider’s server be established (consent). Once activated, the respective provider receives the information that you have visited this website with your IP address. If you are logged into your corresponding social media account (e.g., Facebook), the provider can link your visit to your account. Activating the plugin constitutes consent within the meaning of Art. 6(1)(a) GDPR and § 25(1) TTDSG. You can revoke this consent at any time with future effect. The use of these services is intended to obtain legally required consents for the use of certain technologies. The legal basis is Art. 6(1)(c) GDPR.

Facebook

This website includes elements of the social network Facebook. The provider is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. According to Facebook, the data collected may also be transferred to the USA and other third countries. You can find an overview of Facebook plugins here: 👉 https://developers.facebook.com/docs/plugins/?locale=en_US When the plugin is activated, a direct connection between your device and the Facebook server is established. Facebook thereby receives the information that you have visited this website with your IP address. If you click the Facebook "Like" button while logged into your Facebook account, you can link the content of this website to your Facebook profile. This allows Facebook to associate your visit to this website with your user account. We would like to point out that, as the website operator, we have no knowledge of the content of the transmitted data or how Facebook uses it. Further information can be found in Facebook's privacy policy: 👉 https://www.facebook.com/privacy/explanation The use of this service is based on your consent under Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent can be revoked at any time. If personal data is collected on our website using the described tool and forwarded to Facebook, Meta Platforms Ireland Limited and we are jointly responsible for this data processing (Art. 26 GDPR). This joint responsibility is limited solely to the collection and forwarding of data to Facebook. The processing by Facebook after forwarding is not part of the joint responsibility. Our shared responsibilities are set out in a joint processing agreement, which you can view here: 👉 https://www.facebook.com/legal/controller_addendum According to this agreement, we are responsible for providing privacy information when using the Facebook tools and for the privacy-compliant implementation of the tool on our website. Meta is responsible for the data security of Facebook products. You can exercise data subject rights (e.g., access requests) directly with Facebook. If you assert them with us, we are obliged to forward them to Facebook. Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses: 👉 https://www.facebook.com/legal/EU_data_transfer_addendum Meta is certified under the EU-U.S. Data Privacy Framework (DPF): 👉 https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active

Instagram

Functions of the Instagram service are integrated on this website. These functions are provided by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. When the Instagram element is activated, a direct connection between your device and the Instagram server is established. Instagram receives information that you have visited this website. If you are logged into your Instagram account, you can link the content of this site to your profile by clicking the Instagram button. This allows Instagram to associate your visit to this site with your user account. We point out that we as the provider of this site have no knowledge of the content of the transmitted data or how it is used by Instagram. The use of Instagram is based on your consent under Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent can be revoked at any time. Where personal data is collected on our website and forwarded to Facebook or Instagram, Meta Platforms Ireland Limited and we are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited to data collection and transmission. Further processing by Meta is not part of the joint responsibility. You can find the agreement here: 👉 https://www.facebook.com/legal/controller_addendum Data subject rights regarding Instagram data can be exercised with Meta. If you contact us, we are obliged to forward such requests. Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses and the Data Privacy Framework: 👉 https://privacycenter.instagram.com/policy/ Certification details: 👉 https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active

6. Plugins and Tools

Google Maps This site uses the mapping service Google Maps. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. To use the features of Google Maps, it is necessary to store your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. If Google Maps is activated, Google may use Google Fonts to ensure the uniform display of fonts. When accessing Google Maps, your browser loads the required web fonts into its cache to display texts and fonts correctly. The use of Google Maps is in the interest of an attractive presentation of our online offers and to make it easy to find the locations we indicate on the website. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR. If corresponding consent has been obtained, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TTDSG, provided the consent includes the storage of cookies or access to information on the user's device (e.g. device fingerprinting) as defined by the TTDSG. Consent can be revoked at any time. Data Transfer to the USA Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses (SCCs). You can find details here: 👉 https://privacy.google.com/businesses/gdprcontrollerterms/ 👉 https://privacy.google.com/businesses/gdprcontrollerterms/sccs/ For more information on how Google handles user data, please see Google’s privacy policy: 👉 https://policies.google.com/privacy?hl=en Google is certified under the EU-U.S. Data Privacy Framework (DPF). This is an agreement between the EU and the USA that ensures compliance with European data protection standards when processing data in the United States. Each company certified under the DPF commits to complying with these standards. Certification details can be found here: 👉 https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active