Data privacy policy

We at Pfando's cash & drive GmbH take the protection of your personal data seriously. The protection of your privacy and data security during the processing of personal data is our top priority, which we take into account in our business processes and constantly optimize. We process your personal data on the basis of data protection law, in particular the General Data Protection Regulation GDPR. In the following data protection declaration, we inform you how we process your personal data and what rights you are entitled to.

Who is responsible for the processing of your personal data and how can you reach our data protection officer?

Responsible:
Name/Fa.: Pfando AT GmbH
Street no.: Heiligenstädter Lände 29
Postcode, city, country: 1190 Vienna
FB: FN 616655 x
Managing Director: Tobias Renkel

Data Protection Officer:
Name: Attorney Jan Kühne
E-mail address: datenschutz@pfando.at

Here you will find the topics of our privacy policy with a direct link to the explanations:

1. Which personal data do we process, why do we do this and what legal permission do we have for it? (Legal basis)
2. How do we protect personal data?
3. The transfer to cooperation partners is necessary to fulfill our services. You can find out to whom your data will be passed on here.
4. What happens to your data when you contact us?
5. For your and our security, we collect access data and log files
6. In order to make your visit to our website even more pleasant, we use cookies & reach measurement
7. We use Google Analytics so that we can reach you optimally and our offer is perfectly tailored to you
8. Always up to date with Google Re/Marketing Services
9. The window to the world – Outbrain
10. Industry evaluations via Salesviewer
11. With AppNexus, every ad is up to date
12. Always see the relevant ad using Sizmek
13. Get in touch via Live Chat Inc.
14. With Hotjar we develop our homepage exactly to your taste
15. Maintaining partnerships with easy.tracking
16. Find everything with Bing Universal Event Tracking
17. Relevant ads for you with advanced store
18. Facebook, Custom Audiences and Facebook marketing services
19. RTBLAB
20. Let’s Chat with WhatsApp
21. Snapchat
22. You will love our newsletters
23. Spoteffects
24. Nimbata
25. Pfando your new employer?!
26. Integration of services and content from third parties
27. Storage and deletion of your personal data
28. You have the following data protection rights
29. You can reach the authority responsible for us as follows
30. You can exercise your right to object at any time
31. Changes to the privacy policy

1.      Which personal data do we process, why do we do this and what legal permission do we have for it? (Legal basis)

1.1.   This privacy policy clarifies the nature, scope and purpose of the processing of personal data within our online offer and the websites, functions and content associated with it (hereinafter jointly referred to as "online offer" or "website"). The privacy policy applies regardless of the domains, systems, platforms and devices used (e.g. desktop or mobile) on which the website is executed.
1.2.   With regard to the terms used, such as "personal data" or its "processing", we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).
1.3.   We process inventory data (e.g. names and addresses as well as contact details of customers), contract data (e.g. services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services in accordance with Art. 6 Para. 1 lit b. GDPR.
1.4.  The personal data of users processed within the framework of this online offer includes inventory data (e.g. names and addresses of customers), contract data (e.g. services used, names of clerks, payment information), usage data (e.g. the websites visited of our online offer, interest in our products) and content data (e.g. entries in the contact form).
1.5.  The term "user" includes all categories of people affected by data processing. These include our business partners, customers, interested parties and other visitors to our website. The terms used, such as "user", are to be understood as gender-neutral.
1.6.   We process personal data of users only in compliance with the relevant data protection regulations. This means that user data will only be processed if there is legal permission to do so, in particular if data processing is necessary for the provision of our contractual services (e.g. processing of orders and inquiries) and online services, or is required by law, user consent has been obtained, as well as on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation and security of our online offer within the meaning of Art. 6 Para. 1 lit. f. GDPR, in particular in measuring reach, creating profiles for advertising and marketing purposes and collecting access data and using the services of third-party providers.
1.7.   We would like to point out that the legal basis for consent is Art. 6 Para. 1 lit. a. and Art. 7 GDPR, the legal basis for the processing to fulfill our services and carry out contractual measures is Art. 6 Para. 1 lit. b. GDPR, the legal basis for processing to fulfill our legal obligations is Art. 6 Para. 1 lit. c. GDPR, and the legal basis for processing to protect our legitimate interests is Art. 6 Para. 1 lit. f. GDPR.

2.      How do we protect personal data?

2.1.   We take organizational, contractual and technical security measures in accordance with the state of the art to ensure that the regulations of data protection laws are observed and to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.
2.2.   The security measures include in particular the encrypted transmission of data between your browser and our server, the secure storage in protected areas and the hardware and software protection against unwanted access by third parties or loss.
2.3.  Trustpilot. We use the Trustpilot rating portal, which is operated by TrustPilot A/S, Pilestraede 58, 5th floor, 1112 Copenhagen, Denmark. In order to constantly improve our service, we offer our customers the opportunity to rate us via this independent portal without us being able to influence this in any way.
An invitation to submit a review is generated for every contract that is concluded with our group of companies. For this purpose, your name, first name, email address and a reference number (order number for clear assignment) are transmitted to Trustpilot. This data is neither used by Trustpilot itself nor passed on to third parties. A review of our company can be carried out on the page https://de.trustpilot.com/evaluate/pfando.de. The verification of the review is based on the reference number (order number) using a specially generated link. Submitting a review is voluntary.
To submit a review or record customer feedback, it is necessary to create and open a user profile with Trustpilot. In addition to a review for the inviting company, reviews can then also be recorded for any company on the Trustpilot rating portal.
If a review is submitted by clicking on the link contained in the invitation, a user profile is automatically created at TrustPilot after entering the personal data (name and email address for verification). This is accompanied by agreement to Trustpilot's data protection regulations and general terms and conditions. These can be viewed on the Trustpilot website at http://de.legal.trustpilot.com/end-user-privacy-terms
By concluding a contract with us, you consent to the aforementioned transmission of the reference data to Trustpilot in accordance with Art. 6 Para. 1 lit. a) GDPR and expressly agree to the automated sending of a review invitation from this application.
The rating profile for Pfando can be viewed at: https://de.trustpilot.com/review/pfando.de

3.      The transfer to cooperation partners is necessary to fulfill our services.
You can find out to whom your data will be passed on here

3.1.   Data will only be passed on to third parties within the framework of legal requirements. We only pass on user data to third parties if this is necessary for contractual purposes, e.g. on the basis of Art. 6 Para. 1 lit. b) GDPR, or on the basis of legitimate interests in accordance with Art. 6 Para. 1 lit. f. GDPR in the economic and effective operation of our business.
3.2.   If we use subcontractors to provide our services, we take appropriate legal precautions and corresponding technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal regulations.
3.3.  If, within the framework of this data protection declaration, content, tools or other means from other providers (hereinafter jointly referred to as "third-party providers") are used and their stated registered office is in a third country, it must be assumed that a data transfer to the countries in which the third-party providers are based takes place. Third countries are countries in which the GDPR is not directly applicable law, i.e. basically countries outside the EU or the European Economic Area. Data is transferred to third countries either if there is an adequate level of data protection, user consent or other legal permission.

4.      What happens to your data when you contact us?

4.1.   When you contact us (via contact form, telephone, chat or email), the user's details are processed in accordance with Art. 6 Para. 1 lit. b) GDPR to process the contact request and its handling.
4.2.   The user's details can be stored in our customer relationship management system ("CRM system") or comparable request organization.

5.      For your and our security, we collect access data and log files

5.1.   On the basis of our legitimate interests within the meaning of Art. 6 Para. 1 lit. f. GDPR data about every access to the server on which this service is located (so-called server log files). The access data includes the name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.
5.2.   Log file information is stored for a maximum of seven days for security reasons (e.g. to investigate misuse or fraud) and then deleted. Data, the further storage of which is required for evidence purposes, is excluded from deletion until the respective incident has been finally clarified.
5.3.   A database backup of the web host is carried out every 4 weeks, overwriting the old backup. This ensures that your data is not stored longer than necessary by our data processor.

6.      In order to make your visit to our website even more pleasant, we use cookies & reach measurement

6.1.  Cookies are information that is transmitted from our web server or third-party web servers to the web browsers of users and stored there for later retrieval. Cookies can be small files or other types of information storage.
6.2.  We use "session cookies" that are only stored for the duration of the current visit to our online presence (e.g. to enable the page function via your browser). A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. A cookie also contains information about its origin and the storage period. These cookies cannot store any other data. Session cookies are deleted when you have finished using our online offer and log out or close the browser, for example.
6.3.  Our website offers you the functionality of language cookies (WPML). This saves the language in which you want to view the website. If you change the page to one of the subpages, this cookie will show you again in which language the subpage should appear for you.
6.4.  Users are informed about the use of cookies in the context of pseudonymous reach measurement within the framework of this data protection declaration.
6.5.  If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.
6.6.  You can object to the use of cookies, which are used for reach measurement and advertising purposes, via the deactivation page of the network advertising initiative (http://optout.networkadvertising.org/) and additionally the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).
6.7. You can change your cookie consent at any time in our cookie policy.

7.      We use Google Analytics so that we can reach you optimally and our offer is perfectly tailored to you

7.1.   On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. GDPR) we use Google Analytics, a web analysis service of Google Inc. ("Google"). Google uses cookies. The information generated by the cookie about the use of the online offer by users is usually transmitted to a Google server in the USA and stored there.
7.2.   Google is certified under the Privacy Shield Agreement and thereby offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
7.3.   Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with other services related to the use of this online offer and the internet. Pseudonymous user profiles can be created from the processed data.
7.4.   We use Google Analytics to display the ads placed by Google and its partners within advertising services only to users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products that are determined based on the websites visited) that we transmit to Google (so-called "remarketing" or "Google Analytics audiences"). With the help of remarketing audiences, we also want to ensure that our ads correspond to the potential interest of users and are not annoying.
7.5.   We only use Google Analytics with activated IP anonymization. This means that the IP address of users is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.
7.6.   The IP address transmitted by the user's browser is not merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent Google from collecting the data generated by the cookie and relating to their use of the online offer and from processing this data by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
7.7.   Further information on data use by Google, settings and objection options can be found on the Google websites: https://www.google.com/intl/de/policies/privacy/partners ("Data use by Google when you use websites or apps of our partners"), http://www.google.com/policies/technologies/ads ("Data use for advertising purposes"), http://www.google.de/settings/ads ("Manage information that Google uses to show you advertising").

8.      Always up to date with Google Re/Marketing Services

8.1.   Wir nutzen auf Grundlage unserer berechtigten Interessen (d.h. Interesse an der Analyse, Optimierung und wirtschaftlichem Betrieb unseres Onlineangebotes im Sinne des Art. 6 Abs. 1 lit. f. DSGVO) die Marketing- und Remarketing-Dienste (kurz „Google-Marketing-Services”) der Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, („Google“).
8.2.   Google ist unter dem Privacy-Shield-Abkommen zertifiziert und bietet hierdurch eine Garantie, das europäische Datenschutzrecht einzuhalten (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
8.3.   Die Google-Marketing-Services erlauben uns Werbeanzeigen für und auf unserer Website gezielter anzuzeigen, um Nutzern nur Anzeigen zu präsentieren, die potentiell deren Interessen entsprechen. Falls einem Nutzer z.B. Anzeigen für Produkte angezeigt werden, für die er sich auf anderen Webseiten interessiert hat, spricht man hierbei vom „Remarketing“. Zu diesen Zwecken wird bei Aufruf unserer und anderer Webseiten, auf denen Google-Marketing-Services aktiv sind, unmittelbar durch Google ein Code von Google ausgeführt und es werden sog. (Re)marketing-Tags (unsichtbare Grafiken oder Code, auch als “Web Beacons” bezeichnet) in die Webseite eingebunden. Mit deren Hilfe wird auf dem Gerät der Nutzer ein individuelles Cookie, d.h. eine kleine Datei abgespeichert (statt Cookies können auch vergleichbare Technologien verwendet werden). Die Cookies können von verschiedenen Domains gesetzt werden, unter anderem von google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com oder googleadservices.com. In dieser Datei wird vermerkt, welche Webseiten der Nutzer aufgesucht, für welche Inhalte er sich interessiert und welche Angebote er geklickt hat, ferner technische Informationen zum Browser und Betriebssystem, verweisende Webseiten, Besuchszeit sowie weitere Angaben zur Nutzung des Onlineangebotes. Es wird ebenfalls die IP-Adresse der Nutzer erfasst, wobei wir im Rahmen von Google-Analytics mitteilen, dass die IP-Adresse innerhalb von Mitgliedstaaten der Europäischen Union oder in anderen Vertragsstaaten des Abkommens über den Europäischen Wirtschaftsraum gekürzt und nur in Ausnahmefällen ganz an einen Server von Google in den USA übertragen und dort gekürzt wird. Die IP-Adresse wird nicht mit Daten des Nutzers innerhalb von anderen Angeboten von Google zusammengeführt. Die vorstehend genannten Informationen können seitens Google auch mit solchen Informationen aus anderen Quellen verbunden werden. Wenn der Nutzer anschließend andere Webseiten besucht, können ihm entsprechend seiner Interessen die auf ihn abgestimmten Anzeigen angezeigt werden.
8.4.   Die Daten der Nutzer werden im Rahmen der Google-Marketing-Services pseudonym verarbeitet. D.h. Google speichert und verarbeitet z.B. nicht den Namen oder E-Mailadresse der Nutzer, sondern verarbeitet die relevanten Daten Cookie-bezogen innerhalb pseudonymer Nutzer-Profile. D.h. aus der Sicht von Google werden die Anzeigen nicht für eine konkret identifizierte Person verwaltet und angezeigt, sondern für den Cookie-Inhaber, unabhängig davon wer dieser Cookie-Inhaber ist. Dies gilt nicht, wenn ein Nutzer Google ausdrücklich erlaubt hat, die Daten ohne diese Pseudonymisierung zu verarbeiten. Die von Google-Marketing-Services über die Nutzer gesammelten Informationen werden an Google übermittelt und auf Googles Servern in den USA gespeichert.
8.5.   Zu den von uns eingesetzten Google-Marketing-Services gehört u.a. das Online-Werbeprogramm „Google AdWords“. Im Fall von Google AdWords, erhält jeder AdWords-Kunde ein anderes „Conversion-Cookie“. Cookies können somit nicht über die Websites von AdWords-Kunden nachverfolgt werden. Die mit Hilfe des Cookies eingeholten Informationen dienen dazu, Conversion-Statistiken für AdWords-Kunden zu erstellen, die sich für Conversion-Tracking entschieden haben. Die AdWords-Kunden erfahren die Gesamtanzahl der Nutzer, die auf ihre Anzeige geklickt haben und zu einer mit einem Conversion-Tracking-Tag versehenen Seite weitergeleitet wurden. Sie erhalten jedoch keine Informationen, mit denen sich Nutzer persönlich identifizieren lassen.
8.6.   Wir können auf Grundlage des Google-Marketing-Services “DoubleClick” Werbeanzeigen Dritter einbinden. DoubleClick verwendet Cookies, mit denen Google und seinen Partner-Websites, die Schaltung von Anzeigen auf Basis der Besuche von Nutzern auf dieser Website bzw. anderen Websites im Internet ermöglicht wird.
8.7.   Ebenfalls können wir den Dienst „Google Optimizer“ einsetzen. Google Optimizer erlaubt uns im Rahmen so genannten “A/B-Testings” nachzuvollziehen, wie sich verschiedene Änderungen einer Website auswirken (z.B. Veränderungen der Eingabefelder, des Designs, etc.). Für diese Testzwecke werden Cookies auf den Geräten der Nutzer abgelegt. Dabei werden nur pseudonyme Daten der Nutzer verarbeitet.
8.8.   Ferner können wir den “Google Tag Manager” einsetzen, um die Google Analyse- und Marketing-Dienste in unsere Website einzubinden und zu verwalten.
8.9.   Weitere Informationen zur Datennutzung zu Marketingzwecken durch Google, erfahren Sie auf der Übersichtsseite: https://www.google.com/policies/technologies/ads, die Datenschutzerklärung von Google ist unter https://www.google.com/policies/privacy abrufbar.
8.10.Wenn Sie der interessensbezogenen Werbung durch Google-Marketing-Services widersprechen möchten, können Sie die von Google gestellten Einstellungs- und Opt-Out-Möglichkeiten nutzen: http://www.google.com/ads/preferences.

9.   The window to the world – Outbrain

9.1. On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. GDPR) we use the cookie technology of the provider Outbrain UK Ltd. ("Outbrain").
9.2. Outbrain is used to show you possible content that may be of interest to you on other websites of third parties. We hope that this will improve the quality of your internet experience and increase the number of users of our offer.
9.3. The company Outbrain UK Ltd. works exclusively with pseudonymized data. This means that your personal data will not be processed.
9.4. Information on data protection from Outbrain can be found at http://outbrain.com/legal/privacy. There you can also set the opt-out if you wish.
9.5. If you want to activate or deactivate Outbrain on this website, you can do so under the cookie preferences in your browser settings.

10.       Industry evaluations via Salesviewer

10.1.   On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. GDPR) we use the web analysis and optimization tool of the SalesViewer service
10.2.  Salesviewer is a third-party provider SalesViewer GmbH, Nikolaistr. 2, 44866 Bochum, Germany
10.3.   To use SalesViewer, a JavaScript-based code is used to collect company-related data and use it accordingly. The data collected with this technology is encrypted using a non-reversible one-way function (so-called hashing). The data is immediately pseudonymized and not used to personally identify the visitor to this website.
10.4.   You can object to data collection and storage at any time with effect for the future by clicking on this link https://www.salesviewer.com/opt-out to prevent collection by SalesViewer® within this website in the future. An opt-out cookie for this website is stored on your device. If you delete your cookies in this browser, you must click this link again.

11.   With AppNexusist every ad is up to date

11.1.On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. GDPR) we use the web analysis and optimization tool of the AppNexus service,
11.2.AppNexus is a third-party provider AppNexus Inc., 28 W 23rd Street, 4th Floor, New York, NY, 10010, USA,
11.3.The AppNexus application offers the possibility to optimize your advertising space in real time, to operate contextual advertising and various other techniques to make your advertising budget as efficient as possible. For those addressed, i.e. you as a customer, this means that you can be presented with more relevant content, the advertising is free of mail ware or other harmful applications and you have trouble-free access to the desired content.
11.4.According to its own information, AppNexus does not collect any personal data, but only platform-based information such as the type of browser, cookie information, operating system, etc.
11.5.You can find everything you want to know about AppNexus and its privacy policy at: https://www.appnexus.com/en/company/platform-privacy-policy-de1
11.6.The company AppNexus Inc. has joined the Pivacy Shield Agreement:
https://www.privacyshield.gov/participant?id=a2zt0000000GnlTAAS&status=Active
11.7.If you do not want to use the optimized ads from AppNexus, you can find the opt-out here https://www.appnexus.com/en/company/platform-privacy-policy-de1

12.   Always see the relevant ad using Sizmek

12.1. Based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online services within the meaning of Art. 6 para. 1 lit. f GDPR), we use the web analysis and optimization tool of the Sizmek Technologies, Inc. service.
12.2. Sizmek is a third-party provider Sizmek Technologies, Inc., 401 Park Avenue S, 10016 New York City / USA
12.3. Sizmek allows us to present you with relevant and targeted advertising and advertisements on our website and on third-party websites based on your interests and usage behavior.
12.4. We also use Sizmek to measure and statistically evaluate the success of our advertisements (e.g., interaction with or clicks on an advertisement). For this purpose, cookies and similar technologies (e.g., pixels and statistical device identifiers) are used on the (end) device with which you visit our website in order to analyze and evaluate your usage behavior (e.g., clicks) and interaction with advertisements.
12.5. The data collected includes non-personal usage-related data (e.g., clicks on advertising, websites, time and duration) and non-personal browser data (e.g., language setting, screen resolution) that do not allow any conclusions to be drawn about your person.
12.6. You can find the privacy policy of Sizmek. at:
https://www.sizmek.com/privacy-policy-de/
12.7. You can view the “Terms and Conditions” of Sizmek at the following link: https://www.sizmek.com/terms-use/
12.8. Sizmek Technologies, Inc. is also a certified member of the Privacy Shield Agreement, thereby offering a guarantee of working in compliance with the GDPR https://www.privacyshield.gov/participant?id=a2zt0000000GnB8AAK&status=Active
12.9. If you do not want to support us in optimizing the website for you, you can set the opt-out at: https://www.sizmek.com/privacy-policy-de/.

13.   Contact via Live Chat Inc

13.1. Based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online services within the meaning of Art. 6 para. 1 lit. f GDPR) and in the interest of providing you with a variety of contact options, we use the software of the third-party provider Live Chat Inc., One International Place, Suite 1400 Boston, Massachusetts 02110-2619, United States of America.
13.2. Live Chat Inc. is certified under the Privacy Shield Agreement, thereby offering a guarantee of complying with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000L16xAAC&status=Active).
13.3. To provide you with the fastest and best possible access to our services, we offer this communication medium. However, the servers of Live Chat Inc. are located in the USA.
13.4. You can view the “Terms and Conditions” of Live Chat Inc. at the following link: https://www.livechatinc.com/terms-and-conditions/
13.5. Live Chat Inc. also provides you with a detailed security description at: https://www.livechatinc.com/kb/livechat-security-and-data-storage/
13.6. You can find the privacy policy at: https://www.livechatinc.com/gdpr-compliance/

14.   With Hotjar, we develop our homepage exactly to your taste

14.1. Based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online services within the meaning of Art. 6 para. 1 lit. f GDPR), we use the web analysis and optimization tool of the Hotjar service.
14.2. Hotjar is a third-party provider Hotjar Ltd., Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe
14.3. With the help of Hotjar, movements on the websites can be traced.
Hotjar generates so-called heatmaps and enables us to design the website in such a way that you will find all buttons and information in the right place for you.
14.4. Technical data such as selected language, system, screen resolution and browser type are recorded and statistically and anonymously evaluated.
14.5. With Hotjar, we can obtain direct feedback from users of the website. In this way, we obtain valuable information to make our websites even better for our customers.
14.6. You can find the privacy policy of Hotjar Ltd. at: https://www.hotjar.com/legal/policies/privacy
14.7. You can view the “Terms and Conditions” of Hotjar Ltd. at the following link: https://www.hotjar.com/legal/policies/terms-of-service
14.8. If you do not want to support us in optimizing the website for you, you can set the opt-out at: https://www.hotjar.com/opt-out.

15. Cultivating partnerships with easy.tracking

15.1. Based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online services within the meaning of Art. 6 para. 1 lit. f GDPR), we use the services of EASY Marketing GmbH, Asselner Hellweg 124, 44319 Dortmund.
15.2. Easy.tracking stores cookies in the user's browser for the correct recording of sales and/or leads.
15.3. “TRS” identifies database records that contain the touchpoint data. This enables easy.marketing to read out a unique 24-digit code that leads back to the partner website. This enables the user's origin to be traced back to the homepage of a Pfando’s cooperation partner.
15.4. A fallback cookie “TRSCJ” stores the touchpoint data rudimentarily for later visits.
15.5. If you do not want to support tracking by our partners, you can set your opt-out at: https://pvn.pfando.de/privacy-optout.do.
15.6. You can access the information stored so far at: https://pvn.pfando.de/privacy-mydata.do

16.  Find everything with Bing Universal Event Tracking

16.1.  In order to design our marketing activities in a targeted manner, data is collected and stored on our website using Microsoft Bing Ads technologies, from which pseudonymized user profiles are created. This is a service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. This service enables us to track the activities of users on our website if they have reached our website via ads from Bing Ads. If you reach our website via such an ad, a cookie is placed on your computer. Our website contains a Bing UET tag.
This is a code that, in conjunction with the cookie, stores non-personal data about the use of the website. Information about your identity is not collected.
16.2.  The information collected is transferred to Microsoft servers in the USA and stored there for a maximum of 180 days. You can prevent the collection of data generated by the cookie and related to your use of the website, as well as the processing of this data, by deactivating the setting of cookies. However, this may limit the functionality of the website.
16.3.  Under certain circumstances, Microsoft can track your usage behavior across multiple electronic devices through so-called cross-device tracking and is therefore able to display personalized advertising on or in Microsoft websites and apps. You can deactivate this behavior at http://choice.microsoft.com/de-de/opt-out.
16.4.  Further information on the analysis services of Bing can be found on the Bing Ads website (https://help.bingads.microsoft.com/#apex/3/de/53056/2). Further information on data protection at Microsoft and Bing can be found in Microsoft's privacy policy (https://privacy.microsoft.com/de-de/privacystatement).

17.   Relevant ads for you with advanced store

17.1. In order to enable our customers to have the most interesting and relevant surfing experience possible, we rely on the ad4mat technology of advanced store GmbH, Alte Jakobstr. 79/80, 10179 Berlin, based on Art. 6 para. 1/f GDPR.
17.2. Ad4mat collects pseudonymous information and data about the user's surfing behavior via cookies in order to create analyses of surfing behavior using a special algorithm.
17.3. This cookie is used exclusively to optimize the online presence and does not allow any conclusions to be drawn about the identity of the user. advanced store GmbH has committed itself to the European industry standard for Online Behavioral Advertising, the EDAA.
17.4. Further information on this and preference management can be found here http://www.youronlinechoices.com/de/.
17.5. If you wish to object to the use of pseudonymous cookie IDs and the corresponding analysis of your surfing behavior, you have the option to do so at https://www.ad4mat.com/de/adchoices/.
17.6. You can also find further information and the privacy policy of advanced store GmbH at https://www.advanced-store.com/de/datenschutz/.

18.   Facebook, Custom Audiences and Facebook marketing services

18.1.Innerhalb unseres Onlineangebotes wird aufgrund unserer berechtigten Interessen an Analyse, Optimierung und wirtschaftlichem Betrieb unseres Onlineangebotes und zu diesen Zwecken das sog. “Facebook-Pixel” des sozialen Netzwerkes Facebook, welches von der Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, bzw. falls Sie in der EU ansässig sind, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland betrieben wird (“Facebook”), eingesetzt.
18.2.Facebook ist unter dem Privacy-Shield-Abkommen zertifiziert und bietet hierdurch eine Garantie, das europäische Datenschutzrecht einzuhalten (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
18.3.Mit Hilfe des Facebook-Pixels ist es Facebook zum einen möglich, die Besucher unseres Onlineangebotes als Zielgruppe für die Darstellung von Anzeigen (sog. “Facebook-Ads”) zu bestimmen. Dementsprechend setzen wir das Facebook-Pixel ein, um die durch uns geschalteten Facebook-Ads nur solchen Facebook-Nutzern anzuzeigen, die auch ein Interesse an unserem Onlineangebot gezeigt haben oder die bestimmte Merkmale (z.B. Interessen an bestimmten Themen oder Produkten, die anhand der besuchten Webseiten bestimmt werden) aufweisen, die wir an Facebook übermitteln (sog. „Custom Audiences“). Mit Hilfe des Facebook-Pixels möchten wir auch sicherstellen, dass unsere Facebook-Ads dem potentiellen Interesse der Nutzer entsprechen und nicht belästigend wirken. Mit Hilfe des Facebook-Pixels können wir ferner die Wirksamkeit der Facebook-Werbeanzeigen für statistische und Marktforschungszwecke nachvollziehen, in dem wir sehen ob Nutzer nachdem Klick auf eine Facebook-Werbeanzeige auf unsere Website weitergeleitet wurden (sog. „Conversion“).
18.4.Das Facebook-Pixel wird beim Aufruf unserer Webseiten unmittelbar durch Facebook eingebunden und kann auf Ihrem Gerät ein sog. Cookie, d.h. eine kleine Datei abspeichern. Wenn Sie sich anschließend bei Facebook einloggen oder im eingeloggten Zustand Facebook besuchen, wird der Besuch unseres Onlineangebotes in Ihrem Profil vermerkt. Die über Sie erhobenen Daten sind für uns anonym, bieten uns also keine Rückschlüsse auf die Identität der Nutzer. Allerdings werden die Daten von Facebook gespeichert und verarbeitet, sodass eine Verbindung zum jeweiligen Nutzerprofil möglich ist und von Facebook sowie zu eigenen Marktforschungs- und Werbezwecken verwendet werden kann. Sofern wir Daten zu Abgleichzwecken an Facebook übermitteln sollten, werden diese lokal in auf dem Browser verschlüsselt und erst dann an Facebook über eine gesicherte https-Verbindung gesendet. Dies erfolgt alleine mit dem Zweck, einen Abgleich mit den gleichermaßen durch Facebook verschlüsselten Daten herzustellen.
18.5.Die Verarbeitung der Daten durch Facebook erfolgt im Rahmen von Facebooks Datenverwendungsrichtlinie. Dementsprechend generelle Hinweise zur Darstellung von Facebook-Ads, in der Datenverwendungsrichtlinie von Facebook: https://www.facebook.com/policy.php. Spezielle Informationen und Details zum Facebook-Pixel und seiner Funktionsweise erhalten Sie im Hilfebereich von Facebook: https://www.facebook.com/business/help/651294705016616.
18.6.Sie können der Verwendung Ihrer Daten zur Darstellung von Facebook-Ads widersprechen. Um einzustellen, welche Arten von Werbeanzeigen Ihnen innerhalb von Facebook angezeigt werden, können Sie die von Facebook eingerichtete Seite aufrufen und dort die Hinweise zu den Einstellungen nutzungsbasierter Werbung befolgen: https://www.facebook.com/settings?tab=ads. Die Einstellungen erfolgen plattformunabhängig, d.h. sie werden für alle Geräte, wie Desktopcomputer oder mobile Geräte übernommen.
18.7.Um die Erfassung Ihrer Daten mittels des Facebook-Pixels auf unserer Webseite zu verhindern, klicken Sie bitten den folgenden Link: Facebook-Opt-Out Hinweis: Wenn Sie den Link klicken, wird ein „Opt-Out“-Cookie auf Ihrem Gerät gespeichert. Wenn Sie die Cookies in diesem Browser löschen, dann müssen Sie den Link erneut klicken. Ferner gilt das Opt-Out nur innerhalb des von Ihnen verwendeten Browsers und nur innerhalb unserer Webdomain, auf der der Link geklickt wurde.
Um die Erfassung Ihrer Daten mittels des Facebook-Pixels auf unserer Webseite zu verhindern, klicken Sie bitten den folgenden Link:
Facebook Opt-Out-Cookie setzen
Facebook-Opt-Out-Hinweis: Wenn Sie den Link klicken, wird ein „Opt-Out“-Cookie auf Ihrem Gerät gespeichert.
18.8.Sie können dem Einsatz von Cookies, die der Reichweitenmessung und Werbezwecken dienen, ferner über die Deaktivierungsseite der Netzwerkwerbeinitiative (http://optout.networkadvertising.org/) und zusätzlich die US-amerikanische Webseite (http://www.aboutads.info/choices) oder die europäische Webseite (http://www.youronlinechoices.com/uk/your-ad-choices/) widersprechen.

19.    RTBLAB

19.1 RTBLAB. Our website uses the analysis service rtbLab. The provider is EASYmedia GmbH, Löhner Straße 12d, 44652 Herne, Germany. Usage profiles can be created from the data under a pseudonym. Cookies can be used for this purpose. Cookies are small text files that are stored locally in the cache of your Internet browser. The cookies make it possible to recognize your browser. The data collected with rtbLab technologies will not be used to personally identify visitors to our website without the separately granted consent of the data subject and will not be merged with personal data about the bearer of the pseudonym. rtbLab cookies remain on your end device until you delete them. The storage of rtbLab cookies is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the anonymized analysis of user behavior in order to optimize both its website and its advertising. You can object to the data collection and storage at any time with effect for the future. In order to object to the collection and storage of your visitor data for the future, you can obtain an opt-out cookie from rtbLab under the following link, which ensures that no visitor data from your browser will be collected and stored by rtbLab in the future: login.rtbmarket.com/index/optout . This will set an opt-out cookie from rtbLab. Please do not delete this cookie as long as you wish to maintain your objection.
19.2 RTBLAB RETARGETING. Our websites use the functions of rtbLab. The provider is EASYmedia GmbH, Löhner Straße 12d, 44652 Herne, Germany. This function serves to present visitors to the website with interest-based advertisements. The browser of the website visitor stores so-called “cookies”, text files that are stored on your computer and that make it possible to recognize the visitor. On these pages, the visitor can then be presented with advertisements that relate to content that the visitor has previously accessed on websites that use the retargeting function of rtbLab. If you have given your consent, rtbLab will link your web and app browser history with your end device for this purpose.
You can object to the data collection and storage at any time with effect for the future. In order to object to the collection and storage of your visitor data for the future, you can obtain an opt-out cookie from rtbLab under the following link, which ensures that no visitor data from your browser will be collected and stored by rtbLab in the future: login.rtbmarket.com/index/optout .
This will set an opt-out cookie from rtbLab. Please do not delete this cookie as long as you wish to maintain your objection.
The data collection is based on Art. 6 para. 1 lit. f GDPR. The legitimate interest arises from the fact that the website operator has an interest in the anonymized analysis of website visitors for advertising purposes.

20.    Let’s Chat with WhatsApp

20.1. In order to provide our customers and interested parties with another way to communicate, we offer contact via WhatsApp Messenger. We use WhatsApp based on our legitimate interests in fast and efficient communication and fulfillment of the needs of our communication partners in communication via messengers in accordance with Art. 6 para. 1 lit. f. GDPR.
20.2. If you would like to communicate with us via WhatsApp, please note the following information on the functionality, encryption, risks of WhatsApp, use of metadata within the Facebook group of companies and your options for objection.
You do not have to use WhatsApp and can contact us in alternative ways, e.g. via telephone or e-mail. Please use the contact options provided to you or use the contact options provided on our website.
20.3. WhatsApp (WhatsApp Inc. WhatsApp Legal 1601 Willow Road Menlo Park, California 94025, USA) is a US-American service, which means that the data you send via WhatsApp may first be transmitted to WhatsApp in the USA before it is forwarded to us.
20.4. However, WhatsApp is certified under the Privacy Shield Agreement and therefore assures that it complies with European and Swiss data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TSnwAAG&status=Active).
20.5. WhatsApp also assures that the communication content (i.e. the content of your message and attached images) is end-to-end encrypted. This means that the content of the messages is not visible, not even by WhatsApp itself. You should always use an up-to-date version of WhatsApp to ensure that the message content is encrypted.
20.6. However, we would like to point out to you as our communication partners, i.e. in particular customers and interested parties, that although WhatsApp cannot see the content, it can find out that and when communication partners communicate with us, as well as technical information on the device used by the communication partners and, depending on the settings of their device, also location information (so-called metadata). With the exception of the encrypted content, a transmission of the data of the communication partners within the Facebook group of companies is possible, in particular for purposes of optimizing the respective services and purposes of security.
20.7. Likewise, communication partners should assume, at least as long as they have not objected to this, that their data processed by WhatsApp may be used for marketing purposes or to display advertising tailored to users.
20.8. Further information on the purpose, type and scope of the processing of your data by WhatsApp, as well as the related rights and setting options to protect your privacy, can be found in WhatsApp's privacy policy: https://www.whatsapp.com/legal/.
20.9. You can object to communication with us via WhatsApp at any time. In the case of subscribing to messages (also known as “broadcasts”) via WhatsApp, you can delete our corresponding telephone number from their contacts and ask us to remove your contact from our directory. In the case of ongoing individual inquiries or communications, you can also ask us not to continue the communication via WhatsApp.
20.10. In the case of communication via WhatsApp, we delete the WhatsApp messages as soon as we can assume that we have answered any user inquiries, if no reference to a previous conversation is to be expected and there are no legal storage obligations to the contrary.
20.11. The deletion on the devices we use takes place within 30 days.
20.12. Furthermore, we would like to point out that we will not transmit the contact data provided to us to WhatsApp without your consent (e.g. by us initiating contact with you via WhatsApp).

20.13. In conclusion, we would like to point out that for reasons of your security, we reserve the right not to answer inquiries via WhatsApp. This is the case, for example, if contractual internals require special confidentiality or an answer via the messenger does not meet the formal requirements. In such cases, we will refer you to more adequate communication channels.

21.    Snapchat

21.1 Our website uses the tracking tag of the social network Snapchat, from Snap Inc., 63 Market Street, Venice, CA 90291, USA. Snapchat is certified under the EU-U.S.-Privacy-Shield. The processing of data by Snap Inc. is carried out within the framework of Snapchat's data protection policy. Information on data use can be found at: https://www.snap.com/de-DE/privacy/privacy-by-product/. Information on the Snapchat tag can be found in the help section of Snapchat: https://businesshelp.snapchat.com/en-US/a/snap-pixel-about.
21.2 Purpose of data processing: The Snapchat pixel is used for the purpose of analysis, optimization and economic operation.
With the help of the Snapchat pixel, Snap Inc. can determine the visitors to our website as a target group for the display of advertisements. We use the Snapchat tag to display the Snapchat ads placed by us only to those Snapchat users who have also shown an interest in our online offer or who have certain characteristics that we transmit to Snapchat (Custom Audiences).
With the Snapchat tag, we also want to ensure that our Snapchat ads correspond to the interests of users. In addition, we measure the effectiveness of Snapchat advertising.
21.3 Legal basis of data processing: The legal basis for the processing of personal data using Snapchat Pixel is Art. 6 para. 1 letter f) GDPR, i.e. a legitimate interest on our part. Our legitimate interest lies specifically in the analysis, optimization and economic operation of our website and our online offers.
21.4 Objection and removal option / opt-out: You can object to the collection by the Snapchat pixel and the use of your data for the display of Snapchat ads. To set which types of advertisements are displayed to you within Snapchat, you can call up the function available in the Snapchat app. You can also object to the use of cookies that serve to measure reach and for advertising purposes via the deactivation page of the network advertising initiative (http://optout.networkadvertising.org/) and additionally the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

22.    You will love our newsletters

22.1. We would like to briefly show you the registration, dispatch and statistical evaluation procedure as well as your rights of objection. By subscribing to our newsletter, you agree to receive it and to the described procedure.
22.2. Content of the newsletter: We send newsletters, e-mails and other electronic notifications with the latest information about Pfando or our offers (hereinafter “Newsletter”) only with your consent or a legal permission. If the contents of a newsletter are specifically described within the scope of a registration for the newsletter, they are decisive for the consent of the users. In addition, our newsletters contain information about our products, offers, promotions and our company.
22.3. Double opt-in and logging: Registration for our newsletter takes place in a so-called double opt-in procedure. This means that after registration you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that nobody can register with other people's e-mail addresses. Registrations for the newsletter are logged in order to be able to prove the registration process in accordance with legal requirements. This includes the storage of the registration and confirmation time, as well as the IP address.
22.4. Newsletter2Go is used as newsletter software. Your data will be transmitted to Newsletter2Go GmbH. Newsletter2Go is a German, certified provider, which was selected according to the requirements of the GDPR and the Federal Data Protection Act. Further information can be found here: https://www.newsletter2go.de/informationen-newsletter-empfaenger/
22.5. Furthermore, according to its own information, the shipping service provider can use this data in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services. However, the shipping service provider does not use the data of our newsletter recipients to write to them itself or pass them on to third parties.
22.6. Registration data: To register for the newsletter, it is sufficient to provide your e-mail address. However, in order to be able to address you personally, we ask you to also provide your name.
22.7. Our newsletters contain a so-called “web beacon”, i.e. a pixel-sized file that is retrieved from the server of the shipping service provider when the newsletter is opened. Within the scope of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval, are collected. This information is used to technically improve the services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined with the help of the IP address) or the access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our intention nor that of the shipping service provider to observe individual users. Rather, the evaluations serve us to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
22.8. The use of the shipping service provider, the implementation of statistical surveys and analyses as well as the logging of the registration procedure are based on our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR. Our interest is directed towards the use of a user-friendly and secure newsletter system that serves both our business interests and meets the expectations of users.
22.9. Termination/Revocation – You can terminate the receipt of our newsletter at any time, i.e. revoke your consent. At the same time, your consent to its dispatch by the shipping service provider and the statistical analyses expires. A separate revocation of the dispatch by the shipping service provider or the statistical evaluation is unfortunately not possible. You will find a link to cancel the newsletter at the end of each newsletter. If the users have only registered for the newsletter and have cancelled this registration, their personal data will be deleted.

23. Spoteffects

Our website uses xad spoteffect from XAD spoteffects GmbH Saarstr. 7 80797 Munich, as well as the associated open source web analysis tool Piwik to improve the website and measure the success of TV advertising.
Piwik uses visitor cookies for recognition. A visitor cookie is set for a period of 13 months. Alternatively, visitors can also be recognized by the tracker using heuristics. The data of the last 31 days is searched for suitable visitors.
The IP addresses are shortened and stored in hashed form, so that no conclusions can be drawn about households or persons.
To prevent the collection of your data by Piwik on our website, please click on the following link: http://trck.spoteffects.net/analytics/index_siteid773.php?module=CoreAdminHome&action=optOut&language=de and uncheck the box.

24. Nimbata

On our website, we use the cloud-based call tracking solution Nimbata from the provider Nimbata LLC (6 Liberty Square, Boston, MA 02109, USA). Nimbata helps us understand which marketing campaigns lead to calls to our company.

With the help of cookies, Nimbata assigns specific tracking numbers to users and interactions, which enables us to find out the source of incoming call activities. Your IP address, your device information and the assigned tracking ID are processed and, if necessary, linked to data from our marketing campaigns. The setting of cookies and the processing of your personal data in this context is based on your consent in accordance with Art. 6 para. 1 lit. a) GDPR.

For more information about data protection at Nimbata, please visit https://www.nimbata.com/privacy-policy

25.   Pfando as your new employer?!

25.1. Pfando's cash & drive GmbH, as the operator of this website, publishes job advertisements. As a user of the website, you can apply for specific job advertisements or submit a speculative application. You are also able to join the Pfando Talent Network.

In the event of a successful application, Pfando's will store your data for the duration of your employment and delete your data no later than 6 months after its termination. Otherwise, the data you submit will be processed exclusively for the purpose of carrying out the application process and will be deleted within 6 months of the end of the application process.

The legal bases for processing are Art. 6 Para. 1 lit. b, 88 GDPR, § 26 BDSG (new).

You have the option at any time to withdraw your consent to the processing of personal data or to object to data processing that is not based on consent. The revocation or objection can be made in particular by e-mail to datenschutz@pfando.at. All personal data that Pfando's has stored in the course of your contact will be deleted in this case.

Your right to object does not, in principle, apply to data that the company requires to fulfill a contract or pre-contractual measures. However, you may have other rights under which you can claim the deletion of your data.

Data collection during application

  • Title (required field)
  • First name and last name (required field)
  • Email address (required field)
  • Phone number
  • Application documents (such as cover letter, CV (required field), certificates, photo)
  • [- if applicable, detailed information on training, qualifications]

25.2. Processing of log data.

When accessing the provider's website, your internet browser automatically transmits certain data to the provider's server for technical reasons. The following data is collected by the provider separately from other data that you may transmit to the provider and used for the aforementioned purposes:

Data collection (usage data)

  • Name of the accessed website or URL,
  • Date and time of access,
  • Access status / Http status code,
  • Data volume transferred in each case,
  • Website from which the request comes,
  • Browser software and software version,
  • Operating system and version,
  • IP address (anonymized, shortened by the last 3 digits),
  • Randomly generated key number of the cookie or session.

If the data is stored in log files, the usage data will be deleted after 7 days at the latest. Storage beyond this period is possible in accordance with data protection permits. In this case, the IP addresses are deleted or alienated, so that it is no longer possible to assign the website access to your computer.

The legal basis for the storage of data and log files is Art. 6 para. 1 lit. f GDPR in conjunction with Section 15 of the German Telemedia Act (TMG).

The collection of data for the provision of the website and the storage of data in log files is mandatory for the operation of the website. Consequently, there is no possibility of objection on the part of the user. However, you can exercise your right to object by means of automated procedures that use technical specifications, such as the anonymization of your IP address by VPN providers.

The following section, 'Use of cookies by the provider for web analysis,' applies to the collection of usage data for the purpose of reach measurement.

26. Integration of services and content from third parties

26.1. Within our online offer, we use content or service offers from third-party providers on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. GDPR) in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content").
26.2. This always presupposes that the third-party providers of this content perceive the IP address of the user, since they could not send the content to their browser without the IP address. The IP address is therefore required for the presentation of this content. We endeavor to only use content whose respective providers use the IP address only to deliver the content. Third-party providers can also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user's device and contain, among other things, technical information about the browser and operating system, referring websites, visiting time and other information on the use of our online offer, as well as being linked to such information from other sources.
26.3. The following overview provides an overview of third-party providers and their content, along with links to their data protection declarations, which contain further information on the processing of data and, in some cases already mentioned here, opt-out options:
26.4. External fonts from Google, Inc., https://www.google.com/fonts ("Google Fonts"). The integration of Google Fonts takes place through a server call to Google (usually in the USA). Data protection declaration: https://www.google.com/policies/privacy/, opt-out: https://www.google.com/settings/ads/.
26.5. Maps from the "Google Maps" service provided by third-party provider Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, opt-out: https://www.google.com/settings/ads/.
26.6. External code from the JavaScript framework "jQuery", provided by the third-party provider jQuery Foundation, https://jquery.org.

27. Storage and deletion of your personal data

27.1. The data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no legal retention requirements to prevent deletion. If the user's data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to user data that must be retained for commercial or tax reasons.
27.2. In accordance with legal requirements, data is stored for 6 years in accordance with Section 257 (1) of the German Commercial Code (HGB) (commercial books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years in accordance with Section 147 (1) of the German Fiscal Code (AO) (books, records, management reports, accounting documents, commercial and business letters, documents relevant to taxation, etc.).

28. You have the following data protection rights

28.1. Users have the right (Art. 15 GDPR) to receive information free of charge upon request as to whether personal data has been collected and stored by us.
You have the right to receive information about which personal data is being used and to request a copy of the personal data in accordance with Section 34 of the German Federal Data Protection Act (BDSG). However, the right to information can also be restricted by Section 34 BDSG.
28.2. In addition, users have the right (Art. 16 GDPR) to correct incorrect data, restrict processing (Art. 18 GDPR) and delete (Art. 17 GDPR) their personal data. The right to deletion may be restricted in accordance with Section 35 BDSG.
28.3. To assert your rights, you have the right to data portability (Art. 20 GDPR).
In the event of the assumption of unlawful data processing, you can request a machine-generated list of your personal data and directly name the addressee who should receive it in order to lodge a complaint with the responsible supervisory authority.
28.4. Users can also revoke their consent, generally with effect for the future.

29. You can reach the authority responsible for us as follows

Berlin Commissioner for Data Protection and Freedom of Information
Alt-Moabit 59-61
10555 Berlin
Telephone: 030 13889-0
Fax: 030 2155050
E-mail:mailbox@datenschutz-berlin.de

30. You can exercise your right to object at any time

30.1. Under certain conditions, you have the right to object to our processing of your personal data at any time for reasons arising from your particular situation or if personal data is used for the purpose of direct marketing, and we may be obliged to no longer process your personal data.
In addition, you have the right to object at any time to the processing of personal data relating to you for the purpose of direct advertising. This also applies to profiling, insofar as it is associated with such direct advertising. In this case, the personal data will no longer be processed by us for these purposes.

To exercise your above rights, please send us an e-mail to
datenschutz@pfando.at,

or contact us by mail at
Pfando AT GmbH
Heiligenstädter Lände 29
1190 Vienna
Keyword: my data

31. Changes to the data protection declaration

31.1 We reserve the right to supplement or amend the privacy policy at any time in order to adapt it to changes in the legal situation or in data processing and the introduction of new technologies. However, this only applies with regard to declarations on data processing. If user consent is required or components of the data protection declaration contain provisions of the contractual relationship with the customer, the changes will only be made with your consent.
31.2 We will publish changes at www.pfando.at and/or inform you directly (e.g. by email).