MBCY_Logo_Black_ouhemt
NewReleasesSaleShop ByFootwearApparelAccessoriesBrands

Privacy Notice, as of March 2025

We appreciate your interest in our website. Protecting your privacy is very important to us. Below, we provide detailed information about how we handle your personal data.

Your personal data will only be collected, processed, and used by MBCY in accordance with the applicable data protection law. Our data protection practices therefore comply with the EU General Data Protection Regulation (GDPR) and the German Data Protection Adaptation and Implementation Act EU (BDSG-new).

Personal data includes all information relating to an identified or identifiable natural person; a natural person is considered identifiable if they can be identified directly or indirectly, particularly through the association with an identifier such as a name, an identification number, location data, an online identifier, or one or more characteristics that express the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person (Art. 4 No. 1 GDPR). This includes, for example, your name, your phone number, your address, and all inventory data you provide when registering and setting up your customer account. Statistical data or anonymized data that we collect when visiting our web shop, which cannot be directly associated with you as a person, are not included.

1. General Information

2. Responsible Entity and Contact

Sole Brothers GmbH Schanzenstraße 41 51063 Cologne

Phone: +49 800 - 411 00 00

Email: [email protected]

3. Data Protection Officer

MBCY has appointed a Data Protection Officer. You can reach the Data Protection Officer via email at: [email protected]

4. Subject of Data Protection

The subject of data protection is personal data. According to Art. 4 No. 1 of the General Data Protection Regulation (GDPR), personal data includes all information related to an identified or identifiable natural person; a natural person is considered identifiable if they can be identified directly or indirectly, particularly through the association with an identifier such as a name, an identification number, location data, an online identifier, or one or more characteristics that express the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person (Art. 4 No. 1 GDPR).

This includes, for example, your name, your phone number, your address, and all inventory data you provide when registering and setting up your customer account. Statistical data or anonymized data that we collect, for example, when visiting our web shop, which cannot be directly associated with you as a person, are not included.

5. Automated Data Collection

When accessing this website, the accessing device automatically transmits the following data for technical reasons:

  • Browser type and version

  • Operating system used

  • Referrer URL

  • Hostname of the accessing computer

  • Time of server request

  • IP address

  • If JavaScript is enabled, the browser also transmits the resolution and color depth of the browser window

The data is stored for the following purposes:

  • Ensuring the security of IT systems

  • Defending against attacks on our online offering and IT systems

  • Ensuring the proper operation of this online offering

The IP address is only stored for a period of 7 days. Processing takes place based on our overriding legitimate interests according to Art. 6 Para. 1 lit. f) GDPR.

6. Contact

If you contact us via our contact form or through other means (phone, email), we process your information related to the inquiry, including your contact details (especially your name, email address, and possibly your phone number), for the purpose of processing the inquiry and any follow-up questions. Processing is based on Art. 6 Para. 1 lit. f) GDPR. We have a legitimate interest in effectively handling your inquiry, and if it involves a contract, in enabling the initiation and execution of the respective contractual relationship. If you are (or may become) a contractual partner, the processing of contract-related inquiries is based on Art. 6 Para. 1 lit. b) GDPR.

The data you provide when contacting us will be retained until the purpose for data storage/processing no longer applies (e.g., after completing your request). Mandatory legal provisions – especially retention periods – remain unaffected. We store contract-related or legally relevant inquiries during the general limitation period, i.e., three years from the end of the year in which we received your inquiry. Storage takes place due to our legitimate interest in properly documenting our business operations and securing our legal positions (Art. 6 Para. 1 lit. f) GDPR). In the case of contract-related inquiries, storage takes place for the purpose of initiating and executing the respective contractual relationship (Art. 6 Para. 1 lit. b) GDPR) or our corresponding legitimate interest (Art. 6 Para. 1 lit. f) GDPR).

7. Advertising and Market Research Purposes

We offer you, among others, the following services:

  • Sending newsletters with current offers/product advertisements

  • White mail (postal delivery)

  • Participation in sweepstakes

In connection with these services, we may use your data to create and maintain a user profile to provide you with individualized advertising that we believe may be of special interest to you, provided the following conditions (see 7.1, 7.2) are met. To carry out the aforementioned services, we use service providers/processors (see 28.3).

7.1 Newsletter

Before subscribing to our solebox & MBCY newsletter, you agree that we may use the data you provide to send you information by e-mail about the content and products in our range. We use the so-called double opt-in procedure for sending the newsletter, i.e. we will only send you a newsletter by e-mail if you have expressly confirmed to us beforehand that we should activate the newsletter service. For statistical purposes, we anonymously evaluate which links in the newsletter are clicked on. It is not possible to identify the specific person who clicked on the link. Based on your consent, we also evaluate which links you click on in the newsletter in a personalized form to optimize our offer. We will then send you a notification email and ask you to confirm that you wish to receive our newsletter by clicking on a link contained in this email. If other companies are commissioned to process and send the newsletter, they will also be obliged to protect your data in accordance with data protection regulations and to use it only for the specified purpose.

In detail, the following data may be processed

  • Data that you provide to us when you subscribe to the solebox & MBCY newsletter (e-mail address, title if applicable, first name, surname, address, zip code, shoe size, preferred brands, interests, date of birth);

  • Data that we need to prove your consent to receive the solebox & MBCY newsletter and the processing of your data (IP address and time stamp of the newsletter order and the click on the link in the confirmation e-mail, declarations of consent given);

  • Data that we receive when you read the solebox & MBCY newsletter (opening the newsletter, clicks on links contained in the newsletter, data on the end device used, data on the location based on the IP address, accessibility of the e-mail address, execution of a purchase on www.mbcy.com or an action on the website after clicking on an offer)

  • Data that we receive when you participate in a competition organized by us (details of the competition, answers);

  • Data that we receive when you register a user account on our website www.mbcy.com (title, first name, surname, email address, zip code, date of registration, date of last login);

  • Data about your purchases made at MBCY online or in the store (goods/services, payment amount, currency, location, checkout or terminal ID and time and number of the transaction as well as store ID, discount amount);

  • Data that we receive when redeeming vouchers or coupons and activating credit (redeemed vouchers and coupons from MBCY, date and place of redemption);

  • Data collected when you use our website www.mbcy.com (pages viewed, services used, wish list, preferences);

  • Data that we receive when using customer surveys (survey results);

  • Data that we generate based on the evaluation of the aforementioned data (customer segments, presumed product preferences).

We only process the aforementioned data if we actually receive it, for example when you use our website features, place an order on www.mbcy.com or take part in one of our competitions. Your data is processed on the basis of your consent (Art. 6 para. 1 lit. a) GDPR).

If you no longer wish to receive newsletters from us, you can withdraw your consent at any time. A message via the contact form or e.g. e-mail, letter is sufficient for this.

Of course, you will also find an unsubscribe link in every newsletter. We also store information in order to be able to prove your consent. This information includes the time of consent.

This processing is based on Art. 6 para. 1 lit. c) in conjunction with Art. 7 para. 1 GDPR. If you withdraw your consent, we will delete your data immediately. We will delete information that we have stored to prove your consent after one month.Further storage to prove consent is based on our legitimate interest, the proper documentation of our business operations and the assertion, safeguarding or defense of claims (Art. 6 para. 1 lit. f) GDPR).

7.2 Sweepstakes

7.3 WhatsApp WhatsApp Ireland Privacy Notice. For sending messages via WhatsApp, we process your phone number and your WhatsApp profile name. The processing of your data is based on your consent, which you grant us in the WhatsApp chat by clicking the button “Sounds awesome.” or “Subscribe.” The legal basis for this processing is Art. 6 Para. 1 lit. a) GDPR. We are the data controller under data protection law. For offering and using WhatsApp Conversations, we use the software solution of Charles GmbH, Gartenstr. 86-87, 10115 Berlin (“Charles”). As a processor, Charles processes your data exclusively on our behalf and for no other purposes. The legal basis for this processing is Art. 6 Para. 1 lit. a) GDPR.

Right of Withdrawal

You can withdraw your consent(s) at any time with future effect by sending the message “STOP” in our WhatsApp chat.

8. Cookies & Similar Technologies

Example: To use our shopping cart, both session cookies and persistent cookies must be enabled. You can configure your browser to inform you about the setting of cookies and decide individually whether to accept them or exclude cookies for specific cases or generally. If cookies are not accepted, the functionality of our website may be limited.

The following categories of cookies are used:

Technically necessary cookies for the operation of our website: These cookies are essential for the operation and functionality of the website. They help make the website technically accessible and usable and offer essential functionalities, such as navigation on the website, correct display in the internet browser, or consent management. Without these cookies, the website cannot function properly.

Functional/Analysis Cookies: These cookies are used to measure online traffic and analyze user behavior. This helps us better understand how our website is used and improve our services.

Marketing Cookies: These cookies allow us to make you aware of relevant MBCY advertising campaigns and show you personalized MBCY content on third-party websites based on your interests. Furthermore, targeting allows us to limit the frequency of an ad and reduce the display of advertisements for you.

The legal basis for using technically required cookies is § 15 Abs. 1 Telemediengesetz ("TMG") or based on Art. 6 Para. 1 S. 1 lit. f) GDPR to safeguard our legitimate interests. Our legitimate interests particularly lie in providing you with a technically optimized, user-friendly, and needs-based website and ensuring the security of our systems. Otherwise, we use cookies based on your consent according to Art. 6 Para. 1 lit. a) GDPR.

If we use cookies based on your consent, you can withdraw your consent at any time with future effect by adjusting your cookie settings here. Alternatively, you can change your settings at any time via the "Cookie Settings" link. You can find the link in the footer of the website. The legality of the processing carried out until the withdrawal remains unaffected.

9. Personal Product Recommendations - Tracking Pixel mbcy.com, your shopping history is used. This includes, in particular, items and product categories that you have viewed, searched for, or purchased. All information collected for this purpose is stored anonymously, and it is not possible to infer your identity. The legal basis for data processing is Art. 6 Para. 1 lit. a) GDPR. You can withdraw your consent as described in section 8. Please note that we will no longer be able to offer you personalized recommendations in this browser after withdrawal.

10. Google Tag Manager

11. Analytics Software, Marketing Pixels, and Retargeting

11.1 Google Analytics here.

According to section 10.3 of the Google Data Processing Agreement, the transmitted data is stored in the following locations (so-called "data center locations"): Google Data Center Locations. Therefore, we only use Google Analytics if you also consent to the transmission to the previously listed data center locations. In some cases, the third countries where the data centers are located or from which processing is carried out do not have an adequate level of data protection based on a decision by the European Commission (a list of so-called secure third countries can be found here).

For example, the USA is currently considered an insecure third country. Transmission to insecure third countries involves risks for your personal data, especially since access by US authorities cannot be ruled out when data is transmitted to the USA. These risks cannot be completely mitigated by merely concluding Standard Contractual Clauses between MBCY and the processor or controller in the third country.

However, the provisions of Google's data processing (see Google Privacy and Terms in the section "Appendix 2") include various technical and organizational measures designed to ensure the security of your personal data. Please take these circumstances into account when giving your consent. General information on how Google processes your personal data can be found here.

If you have consented to the use of Google Analytics, we use the web analysis service Google Analytics. Google Analytics collects pseudonymous data about your use of our website, including your truncated IP address, and uses cookies. The information generated by the cookies about your use of the website (including your truncated IP address) is transmitted to a Google server at the aforementioned data center locations and stored there.

Google will use this information to evaluate your use of the website, compile reports on website activities for us, and generate further analyses and evaluations related to the use of our website and internet usage. Google may also link this data with other data about you, such as your search history, your personal account, usage data from other devices, and other data stored by Google.

Google may also transfer this information to third parties if required by law (e.g., government authorities) or if third parties process this data on behalf of Google. The data stored by Google Analytics is retained for a period of 14 months. After this period, only aggregated statistics are kept at Google Analytics. The use of Google Analytics is based on your consent (Art. 6 Para. 1 lit. a) GDPR). You can withdraw your consent as described in section 8. Further information on data usage by Google can be found here.

11.2 Google Ads Remarketing

If you are logged in to Google during your visit to our website, Google uses your data together with Google Analytics data to create and define target group lists for cross-device remarketing. To do this, your personal data is temporarily linked with Google Analytics data by Google to form target groups.

As part of the use of Google Ads Remarketing, as described in section 11.1, there may be a transfer of personal data to third countries (particularly to the servers of Google LLC in the USA). Please take the aforementioned circumstances into account when giving your consent.

Details about the processing triggered by Google Ads Remarketing and how Google handles data from websites can be found here. The data stored by Google is retained for a period of 14 months. After this period, only aggregated statistics are kept at Google Analytics. The use of Google Ads Remarketing is based on your consent (Art. 6 Para. 1 lit. a) GDPR). You can withdraw your consent as described in section 8.

11.3 Microsoft Bing Ads

If your personal data is processed in an insecure third country, we have concluded the Standard Contractual Clauses approved by the EU Commission with Microsoft in accordance with Art. 46 Para. 2 lit. c) GDPR. Additionally, we only use Microsoft Bing Ads if you also consent to the transmission to the data center locations listed under Microsoft Privacy Statement.

In some cases, the third countries where the data centers are located or from which processing is carried out do not have an adequate level of data protection based on a decision by the European Commission (a list of so-called secure third countries can be found here). For example, the USA is currently considered an insecure third country.

Transmission to insecure third countries poses risks to your personal data, particularly as access by US authorities cannot be ruled out when data is transmitted to the USA. These risks cannot be fully eliminated solely by concluding Standard Contractual Clauses between MBCY and the processor or controller in the third country. However, the provisions of Microsoft's data processing (see Licensing Documents) include various technical and organizational measures to ensure the security of your personal data. Please consider the aforementioned circumstances when giving your consent.

The use of Microsoft Bing Ads is based on your consent (Art. 6 Para. 1 lit. a) GDPR). You can withdraw your consent as described in section 8. For more information on data protection and the cookies used by Microsoft and Bing Ads, please visit the Microsoft Privacy Statement

11.4 Facebook Custom Audiences www.facebook.com/audiencenetwork/), provided you have shown interest in our online offering or have specific characteristics (e.g., interest in certain topics or products apparent from visited websites) that we transmit to Facebook (this process results in your profile being assigned to certain groups, called “Custom Audiences”).

With the help of the Facebook Pixel, we also want to ensure that our Facebook ads correspond to your interest in targeted advertising and prevent annoying effects. Furthermore, the Facebook Pixel allows us to trace the effectiveness of Facebook ads for statistical and market research purposes by seeing if you were redirected to our website after clicking on a Facebook ad (so-called “conversion tracking”).

In this context, Facebook Ireland Ltd. processes the following data types:

  • Usage data (e.g., visited websites, interest in content, access times);

  • Meta-/communication data (e.g., device information, IP addresses);

  • Event data (“event data” are data that can be transmitted from us to Facebook via the Facebook Pixel and relate to persons or their actions, such as visits to websites, interactions with content, functions, app installations, product purchases, etc.; event data are processed to form target groups for content and advertising information (Custom Audiences)).

As part of the so-called enhanced data matching, information for matching purposes is hashed, collected, and stored, which can identify individuals (e.g., names, email addresses, and phone numbers). Event data are deleted by Facebook after a maximum of two years, and the audiences formed from them are deleted when our Facebook account is deleted.

The following purposes are pursued: marketing, profiles with user-related information (creating user profiles), remarketing (targeted addressing of visitors or customers of one’s own website on other websites), conversion tracking (measuring the effectiveness of marketing measures), and audience building (determining marketing-relevant target groups or other content distribution).

We are jointly responsible with Facebook Ireland Ltd. for the collection or receipt, as part of a transfer (but not the further processing), of “event data” that Facebook collects via the Facebook Pixel – and similar functions (e.g., interfaces) executed on our online offering – or receives for the following purposes:

  • Displaying content/advertising information corresponding to the presumed interests of users;

  • Delivering commercial and transactional messages (e.g., addressing users via Facebook Messenger);

  • Improving ad delivery and personalizing functions and content (e.g., improving detection of which content or advertising information likely corresponds to users’ interests).

For this purpose, we have concluded an agreement on joint responsibility for data processing with Facebook Ireland, which is available here: de-de.facebook.com/legal/terms/page_controller_addendum.

If Facebook provides us with metrics, analyses, and reports (which are aggregated, i.e., do not contain information about individual users and are anonymous to us), this processing does not take place within the framework of joint responsibility but is based on a data processing agreement (“Data Processing Terms”, “Data Security Terms” and with regard to processing in the USA based on Standard Contractual Clauses (“Facebook EU Data Transfer Addendum”)). According to the Facebook EU Data Transfer Addendum, processing of your personal data may also take place in EU third countries such as the USA.

For this reason, we only use Facebook Custom Audiences if you also consent to the possible transfers resulting from this. Some third countries where data centers are located or from which processing is conducted do not have an adequate level of data protection based on a decision by the European Commission (a list of so-called safe third countries can be found at ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de).

For example, the USA is currently considered an unsafe third country. Transfer to unsafe third countries involves risks for your personal data, especially since access by US authorities cannot be ruled out. These risks cannot be excluded solely by concluding Standard Contractual Clauses between MBCY and the processor or controller in the third country. Nevertheless, Facebook uses IP masking (pseudonymization of the IP address) as a security measure in this context as well as the additional measures listed here: www.facebook.com/legal/terms/data_security_terms.

Please consider the above circumstances when giving your consent. The use of Facebook Custom Audiences is based on your consent (Art. 6 Para. 1 lit. a) GDPR). You can withdraw your consent as described in section 8.

Additional information on the data processing terms for Facebook Custom Audiences can be found here: www.facebook.com/legal/terms/customaudience.

11.5 TikTok Ads & Pixel

TikTok uses this data to show its users targeted and personalized advertising and to create interest-based user profiles. The collected data is anonymous to us and not visible, and is only used by us in the context of measuring the effectiveness of advertising campaigns.

If personal data is processed in an insecure third country, this is done according to the provisions under section 11.1. Please consider the aforementioned circumstances when giving your consent.

The use of TikTok Ads / Pixel is based on your consent (Art. 6 Para. 1 lit. a) GDPR). You can withdraw your consent as described in section 8. TikTok's privacy notice can be found here: www.tiktok.com/legal/page/eea/privacy-policy/de-DE.

11.6 Snap Pixel and Website Custom Audiences

With the help of the Snap Pixel, Snapchat can identify visitors to our website as a target group for displaying ads (so-called "Snapchat Ads"). Accordingly, we use the Snapchat Pixel to show the Snapchat ads placed by us only to Snapchat users who have shown interest in our website or have certain characteristics (e.g., interests in certain topics or products that are determined based on visited websites) that we transmit to Snapchat (so-called "Custom Audiences").

With the help of the Snap Pixel, we also want to ensure that our Snapchat ads correspond to the potential interest of users and do not cause annoyance. Furthermore, the Snap Pixel allows us to trace the effectiveness of Snapchat advertising campaigns for statistical and market research purposes by seeing whether users were redirected to our website after clicking a Snapchat ad (so-called "conversion").

The processing of data by Snapchat is carried out in accordance with Snapchat’s data use policy, which can be accessed here: Privacy Center - You Control Your Info | Snapchat Privacy. The legal basis for data processing is Art. 6 Para. 1 lit. a) GDPR. The cookies required for this service (so-called marketing cookies) are used only with your consent. You can withdraw your consent at any time in our preference center.

11.7 Use of Pinterest Social Plugins

On our site, we use social plugins from the social network Pinterest, which is operated by Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA (“Pinterest”). When you visit a page containing such a plugin, your browser establishes a direct connection to Pinterest’s servers. The plugin transmits log data to Pinterest’s servers in the USA. All data collected is anonymous to us and does not allow conclusions about the identity of the respective user.

Data collected includes device information (e.g., type, brand), the operating system used, the IP address of the device, the time of access, the type and content of the campaign, the reaction to the respective campaign (e.g., purchase completion, newsletter subscription), as well as device identifiers based on individual device characteristics. This allows us to recognize your device on our website.

We use Pinterest to optimize our online offerings and to appropriately deploy our Pinterest campaigns. A so-called “Pinterest Tag” (an individual code snippet) is used in the advertising campaign. When a Pinterest user sees or clicks on an ad, further actions and target groups that have shown interest are tracked. This enables us to ensure that Pinterest ads are shown only to Pinterest users who have already shown interest in our offering and correspond to the user’s potential interest.

This data helps us measure the conversion of the respective campaign. The data is used for statistical and market research purposes and helps to optimize the campaigns. The legal basis is Art. 6 Para. 1 lit. f) GDPR.

Personal data such as your IP address and email address, as well as other information such as device ID, device type, and operating system, may be transmitted to Pinterest. Pinterest uses email or other login or device information to identify users of our website and associate their actions with a Pinterest user account.

The data is stored in accordance with statutory retention periods and then automatically deleted. If you log into your Pinterest account after visiting our website or visit our website while logged in, Pinterest may store and process this data. Pinterest may associate this data with your Pinterest account and use it for its own advertising purposes.

More information can be found in Pinterest’s privacy policy: https://policy.pinterest.com/de/privacy-policy. You can object to this specific data processing at any time by either disabling the relevant settings under “Personalization” in your Pinterest account at https://help.pinterest.com/en/article/personalization-and-data or by clicking on Opt-Out.

11.8 Criteo

We may share information such as technical identifiers from your registration information on our website or our CRM system with trusted advertising partners. This enables your devices and/or environments to be linked, offering you a seamless user experience across the devices and environments you use. The use of Criteo is based on your consent (Art. 6 Para. 1 lit. a) GDPR). You can withdraw your consent as described in section 8.

Further information on data protection and details about linking capabilities in connection with Criteo can be found in the privacy notice at www.criteo.com/de/privacy.

11.9 ContentSquare

The information generated by the cookie about your use of the website is generally transmitted to a server of contentsquare and stored there. The IP address transmitted by your browser is not merged with other data from contentsquare. contentsquare shortens your IP address so that your data is processed anonymously.

The following cookies are used by contentsquare:

  • _cs_id, to recognize returning website users (stored for up to 13 months)

  • _cs_s, a session cookie that is set at the beginning of the website visit and deleted 30 minutes after the last page call

The use of contentsquare is based on your consent (Art. 6 Para. 1 lit. a) GDPR). You can withdraw your consent as described in section 8.

11.10 Zenloop

In doing so, the public IP address, email address, device and browser data, statistical data about your purchase, the website from which you use the feedback platform, and other possible data you leave in your message are processed. The legal basis for this is Art. 6 Para. 1 lit. f) GDPR.

We offer this service to make the shopping experience on our website even more attractive. This is our legitimate interest. If you wish to be contacted by MBCY following your feedback after your order, you can leave a message in the comment field and confirm the process. In this case, we may contact you via email to process your request.

Further information about data protection at zenloop can be found at www.zenloop.com/de/legal/privacy/.

11.11 Emarsys

For visitors subscribed to the newsletter, our website uses JavaScript commands to collect browsing and purchase data. This data is used to enrich your customer profile and provide you with a personalized experience across all our contact points. Additionally, we store the following personal data in our Emarsys CRM suite and use this data for targeting and profiling within the website, SCAYLE, possibly WhatsApp, newsletter, and possibly via push permissions for the app:

  • Mobile phone number

  • Email address

  • Salutation

  • First and last name

  • Date of birth

  • IP address

  • Order data

  • Shoe size

  • Preferred brands

  • Interests

In connection with the use of the Emarsys Marketing Cloud, your data may be matched by Google and Facebook. This circumstance may also result in your data being processed outside Europe. Considering the risks already mentioned (see the sections on Google and Facebook in these privacy notices), we only use Emarsys if you also consent to the possible transfers to insecure third countries. Some third countries where data centers are located or from which processing is carried out do not have an adequate level of data protection based on a decision by the European Commission (a list of so-called safe third countries can be found here). For example, the USA is currently not considered a safe third country. Transfer to insecure third countries involves risks for your personal data, especially since access by US authorities cannot be ruled out. These risks cannot be excluded solely by concluding Standard Contractual Clauses between us and the processor or controller in the third country. Nevertheless, Google and Facebook implement security measures to protect your personal data (see the sections on Google and Facebook in these privacy notices). Please consider the above circumstances when giving your consent.

We process your data only automatically for the purpose of evaluating certain personal aspects (profiling). We analyze your data using mathematical-statistical procedures to tailor advertising to your individual interests.

After unsubscribing from the newsletter, we will stop sending the newsletter and delete your data unless you also have a customer account on our website, in which case we store your data as long as the customer account exists. However, this only applies if we are not legally obligated to store the data for specific purposes, including the defense against legal claims.

The legal basis for data processing is Art. 6 Para. 1 lit. a) GDPR. You can withdraw your consent as described in section 8.

11.12 ChannelPilot www.channelpilot.de/datenschutz.

11.13 Conversion Linker

If personal data is processed in an insecure third country, this takes place according to the provisions under section 11.1. Please consider the aforementioned circumstances when giving your consent.

The following cookies are used by Google:

  • _gcl_au: Contains a randomly generated user ID (stored for up to 90 days)

  • _gcl_aw: This cookie is set when a user clicks on a Google ad and is redirected to the website. It contains information about which ad was clicked, so that successes such as orders or contact inquiries can be assigned to the ad (stored for up to 90 days).

The legal basis for data processing is Art. 6 Para. 1 lit. a) GDPR. You can withdraw your consent as described in section 8.

11.14 Google Enhanced Conversions

Enhanced Conversions is an extension of Google Ads Remarketing. Using the Google Tag Manager, customer-related data that has been previously encrypted as hash values is transmitted to a Google interface. The customer data includes input data in form fields on our website. Google links the data collected this way with any existing usage data from your Google account if you were logged in when interacting with an ad. We never see the information from your Google account. We only receive aggregated conversion reports from Google, which are improved in accuracy by using Enhanced Conversions.

Data collection only takes place after you explicitly consent and complete the input of customer data on our website. Then an automatic assignment to your Google account occurs if you are logged into your Google account when interacting with ads. If you want to prevent this, you can either log out of your Google account or not give consent to the service.

To our knowledge, Google uses the data confidentially and ensures its protection. The policies that apply when using Enhanced Conversions for customer data can be found here. How Google uses your data is described here.

As described under section 11.1, the use of Google Enhanced Conversions may result in the transfer of personal data to third countries (especially to servers of Google LLC in the USA).

The legal basis for processing your personal data is your consent, Art. 6 Para. 1 sentence 1 lit. a GDPR, and, if data stored on the device via tags is processed, also § 25 Para. 1 TDDDG (German Telemedia Data Protection Act).

You can withdraw your consent as described in section 8.

Further information on Google Enhanced Conversions is available here: Erweiterte Conversions - Google Ads-Hilfe.

12. Use and Application of Livereach

Tagged content includes products distributed by us. To search for and make these relevant contents usable for us, we use the software solution of the third party “Livereach,” operated by Gorilla GmbH, Geisbergweg 8, 48143 Münster. When Livereach finds publicly accessible content relevant to us, we contact the user who posted the content. The user then has the opportunity to grant us usage rights by agreeing to the terms of participation.

Content for which usage rights have been granted to us can then be shared by us in accordance with the terms of use on the internet (e.g., in our own webshop) and in print. Along with the content, personal data connected with the original content, such as the username/alias, may also be shared.

The use of Livereach is in our interest to promote our brand and products. The legality of processing personal data arises from Art. 6 Para. 1 lit. b) or f) GDPR, provided you do not conclude or intend to conclude a contract with us.

The privacy policy of the third-party Livereach can be viewed here.

13. Digital Genius

The legal basis for processing is Art. 6 Para. 1 lit. b) or f) GDPR, provided you do not conclude or intend to conclude a contract with us. In this case, our overriding legitimate interest lies in providing suitable communication channels.

14. Reviews

The email contains a link to a review form where you can rate the purchased product or service. Reviews can also be submitted directly via a form on the website.

In the course of reviews, your email address, the content entered in the review form, and a so-called device fingerprint (IP address, device ID, and geolocation) are processed. The data is processed to collect and publish the review and to verify its authenticity. Cookies that are strictly necessary to provide the review system are also stored. The review system is provided by Bazaarvoice, Inc. in the USA. Bazaarvoice acts as a processor based on a data processing agreement pursuant to Art. 28 GDPR.

There may be a transfer of personal data to a third country without an adequate level of data protection. In such cases, we ensure that appropriate safeguards according to Art. 46 GDPR are in place for the transfer. Proof of appropriate safeguards (EU standard contractual clauses) will be provided to you upon request at any time.

The legal basis for this data processing is our legitimate interest pursuant to Art. 6 Para. 1 lit. f GDPR in supporting users in selecting products and services by providing authentic reviews from other users. If you have explicitly consented to certain data processing, the legal basis for these is your explicit consent pursuant to Art. 6 Para. 1 lit. a GDPR.

You have the option to have your review deleted at any time. Please contact us using the contact details provided above.

15. Use of Tracking Tools from trbo GmbH

If you have given us your consent pursuant to Art. 6 Para. 1 sentence 1 lit. a GDPR, we use tracking tools (especially so-called “cookies” and “web beacons”). The data collected and used in this context is always stored only under a pseudonym (e.g., a random identification number) and is not linked with other personal data about you (e.g., name, address, etc.).

The data is deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. Deletion of data at the user and event level takes place no later than 14 months after collection.

You can revoke your consent for the processing of personal data via trbo for the purposes mentioned above at any time with future effect or change your selected preferences. To do this, please access the cookie settings again via this link: Cookie Settings.

We have concluded a data processing agreement with trbo, in which we oblige the provider to protect our customers’ data and not to pass it on to third parties. Further information on data protection at trbo can be found here: www.trbo.com/datenschutz/.

16. Our Social Media Presences

16.1 Facebook Fanpage https://www.facebook.com/MBCYSTORE.

For users outside the USA and Canada, Facebook is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook Ireland”). For users in the USA and Canada, Facebook Inc., 1601 South California Avenue, Palo Alto, CA 94304, USA, operates Facebook.

Even if you are not registered on Facebook and visit our Facebook fan page, Facebook may collect pseudonymous usage data about you. Further information can be found in Facebook’s Data Policy at https://de-de.facebook.com/about/privacy/ and at Facebook. The Data Policy also provides information about the settings options for your Facebook account.

Facebook Ireland may share your data within the Facebook corporate group and with other third parties. This may involve transferring personal data to the USA and other third countries for which no adequacy decision of the EU Commission exists. In such cases, Facebook Ireland will use the EU Commission-approved standard contractual clauses pursuant to Art. 46 Para. 2 lit. c) GDPR. Further information can also be found in Facebook’s Data Policy.

We are jointly responsible with Facebook for processing so-called Insights Data when visiting our Facebook fan page. Using this Insights Data, Facebook Ireland analyzes behavior on our Facebook fan page and provides us with this data in anonymized form. For this purpose, we have concluded an agreement with Facebook Ireland on joint responsibility for data processing, which can be viewed here: Facebook. Facebook Ireland undertakes, among other things, to assume primary responsibility under the GDPR for processing Insights Data and to fulfill all obligations under the GDPR concerning the processing of Insights Data. This processing serves our legitimate economic interests in optimizing and tailoring our Facebook fan page, Art. 6 Para. 1 lit. f) GDPR.

We also point out the following: If you visit or like our Facebook fan page as a logged-in Facebook user, Facebook Ireland collects personal data. If you are not registered on Facebook and visit the Facebook fan page, Facebook Ireland may collect pseudonymous usage data.

Specifically, the following information is collected by Facebook Ireland:

  • Visiting a page or a post or video from a page,

  • Subscribing or unsubscribing from a page,

  • Liking or unliking a page or a post,

  • Recommending a page in a post or comment,

  • Commenting on, sharing, or reacting to a page post (including the type of reaction),

  • Hiding or reporting a page post as spam,

  • Clicking on a link from another page on Facebook or from a website outside Facebook that leads to the page,

  • Hovering over the name or profile picture of a page to preview page content,

  • Clicking on the website, phone number, "Get Directions" button, or another button on a page,

  • Information about whether you are logged in via a computer or mobile device while visiting or interacting with a page or its content.

Further information is available in Facebook’s data policy at de-de.facebook.com/legal/terms/information_about_page_insights_data.

16.2 Instagram Instagram (@mbcystore).

For users outside the USA and Canada, Instagram is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook Ireland”). For users in the USA and Canada, Facebook Inc., 1601 South California Avenue, Palo Alto, CA 94304, USA, operates Instagram.

Further information can be found in Instagram’s privacy policy at help.instagram.com/155833707900388.

16.3 Community Features

We point out that these areas are publicly accessible and all personal information you enter there or provide when registering can be viewed by others. We cannot control how other users use this information. In particular, we cannot prevent unwanted messages from third parties being sent to you.

Content posted in community areas can be stored indefinitely. If you want us to remove content you have posted, please send us an appropriate email to the address specified above in section 2.

17. Payment Methods

The legal basis for this data processing is Art. 6 Para. 1 lit. b) GDPR, insofar as the processing is necessary for payment processing, as well as Art. 6 Para. 1 lit. f) GDPR, whereby our overriding legitimate interest lies in proper payment processing. In our online shop, we essentially offer the following payment methods:

17.1 Credit Cards

Further information about the Saferpay service can be found here: www.six-payment-services.com/de/site/e-commerce/solutions/paymentsolution.html.

Important security information: In case of misuse of your credit card by unauthorized persons, you have the option to object via your credit card institution. Maximum security: We ensure optimal protection of your personal data in the checkout area of our online shop with the latest SSL encryption. Additionally, for credit card payments, your entire transaction is secured by the mandatory entry of the card verification number (CVC2 or CVV2). Good to know: These numbers are not stored on the magnetic stripe of your credit card and thus do not appear on payment receipts.

17.2 PayPal

Further data protection information can be found in PayPal’s privacy policy: www.paypal.com/de/webapps/mpp/ua/privacy-full.

17.3 Klarna here. Your personal data will be handled by Klarna in accordance with applicable data protection regulations and according to Klarna’s privacy policy.

18. Order Process

The associated processing is carried out for the purpose of handling your purchase. The legal basis for processing is Art. 6 Para. 1 lit. b) GDPR. In the case of a purchase in our online shop (contract conclusion), the provision of your personal data is necessary. If you do not provide the aforementioned data, a purchase in our online shop cannot take place. The data is made available to employees responsible for sales and logistics as well as commissioned service providers/processors in this context (see section 28.3). Your data will be stored until the respective purchase contract has been completed and thereafter in anonymized and blocked form as long as statutory retention periods apply regarding the transactions made.

19. Customer Account

We also use your personal data to provide you with a personalized online experience and to immediately provide you with information about your purchase. The processing of your personal data for your account is based on your consent when you create a customer account. The legal basis for processing is Art. 6 Para. 1 lit. a) GDPR. We store your personal data as long as it is necessary to provide the account. Personal data collected and used exclusively for the purpose of providing you with a customer account will be deleted after the account is closed. You can withdraw your consent as described in section 8.

20. Internet Security

Furthermore, you can provide the following voluntary information during registration: mobile phone number and date of birth. We use the mandatory information to authenticate you during login and to process requests to reset your password. The data you provide during registration or login is processed and used by us (1) to verify your authorization to manage the user account; (2) to enforce the terms of use of the app and all related rights and obligations; and (3) to contact you to send technical or legal notices, updates, security alerts, or other messages related to the management of the user account.

We use voluntary information to provide you with personalized communication. This data processing is justified by (1) the processing being necessary to fulfill the contract between you as the data subject and us pursuant to Art. 6 Para. 1 lit. b) GDPR, or (2) our legitimate interest in ensuring the functionality and error-free operation, which here outweighs your rights and interests in protecting your personal data within the meaning of Art. 6 Para. 1 lit. f) GDPR.

20.1 SSL Encryption

We use the information available to us to develop, test, and improve our products, including conducting surveys and studies as well as tests and troubleshooting for new products and features. We use the information available about you—including information about your interests, actions, and connections—to select and personalize the advertisements, offers, and other sponsored content we show you.

The processing of your personal data for the use of MBCY is based on your consent. The legal basis for the processing is Art. 6 Para. 1 lit. a) GDPR.

21. Data Security

22. Automated Individual Decisions or Profiling Measures

23. Data Disclosure

If it is necessary to clarify unlawful use of our services or for law enforcement purposes, personal data will be forwarded to law enforcement authorities and, if applicable, to injured third parties. However, this only happens if there are concrete indications of illegal or abusive behavior. Disclosure may also take place if it serves to enforce contracts or other agreements. We are also legally obligated to provide information upon request to certain public authorities. These include law enforcement agencies, authorities enforcing administrative offenses subject to fines, and tax authorities. The disclosure of these data is based on our legitimate interest in combating abuse, prosecuting crimes, and securing, asserting, and enforcing claims (Art. 6 Para. 1 lit. f GDPR) or on the basis of a legal obligation (Art. 6 Para. 1 lit. c GDPR).

Your data will be disclosed to the shipping company commissioned with delivery, insofar as this is necessary to deliver the goods. The shipping company uses your personal data exclusively for the purpose of processing the delivery. For payment processing, we forward your payment data to the credit institution, PayPal, or other payment service providers responsible for the payment. Your data will not be disclosed to other third parties or used for advertising purposes. The legal basis for data processing is Art. 6 Para. 1 lit. b GDPR. Upon full completion of the contract and full payment of the purchase price, your data will be blocked for further use and deleted after expiry of statutory retention periods under tax and commercial law.

We rely on contractually affiliated third-party companies and external service providers ("processors") to provide services. In such cases, personal data will be disclosed to these processors to enable further processing. These processors are carefully selected and regularly reviewed by us to ensure your rights and freedoms are protected. Processors are only permitted to use the data for the purposes specified by us and are contractually obligated to handle your data exclusively in accordance with these privacy notices and applicable data protection laws.

Disclosure of data to processors is based on Art. 28 Para. 1 GDPR. In addition to the processors already mentioned in these privacy notices, we also use the following categories of processors:

  • IT service providers

  • Cloud service providers

  • Software service providers

In the context of administrative processes and the organization of our operations, financial accounting, and compliance with legal obligations such as archiving, we disclose or transmit the same data received in the context of providing our contractual services to tax authorities, advisors such as tax consultants or auditors, as well as other fee offices and payment service providers. The disclosure of these data is based on our legitimate interest in maintaining our business operations, fulfilling our tasks, and providing our services (Art. 6 Para. 1 lit. f GDPR) or on the basis of a legal obligation (Art. 6 Para. 1 lit. c GDPR).

In the course of further developing our business, the structure of Sole Brothers GmbH may change by changing the legal form, founding, acquiring, or selling subsidiaries, business units, or components. In such transactions, customer data and contact persons’ data will be disclosed together with the part of the company being transferred. For any disclosure of personal data to third parties to the extent described above, we ensure that this is done in accordance with these privacy notices and applicable data protection laws. Such disclosure of personal data is justified by our legitimate interest in adapting our corporate structure to economic and legal conditions as necessary (Art. 6 Para. 1 lit. f GDPR).

24. Provision of Your Data

However, providing your data is necessary to a certain extent so that we can offer you the functions on our website and our services. In particular, providing your data is required so that we can receive and process your inquiries, enable contract initiation or execution, and so that you can use the community functions related to our social media presences. Additionally, providing your data is necessary to receive and process your application.

If the provision of your data is required, we will indicate this by marking the respective fields as mandatory during entry. Providing further data is voluntary. If mandatory data is not provided, we will not be able to provide the corresponding functions and services; in particular, we will not be able to receive or process your inquiries or enable contract initiation or execution. Furthermore, you will not be able to use the community functions of our social media presences. If you do not provide the required data in connection with your application, we cannot consider your application. If voluntary data is not provided, we may not or may not fully provide the corresponding functions and services.

25. Transfer to Third Countries

For our service providers who process your data on our behalf (“processors”), we conclude standard contractual clauses for the transfer to processors in third countries. For transfers to third parties in third countries, we use the standard contractual clauses for transfers to third parties as controllers. You can request a copy of these standard contractual clauses from the contact details provided in section 2.

26. Change of Purpose

27. Deletion of Your Data

If your data is relevant for contract initiation or execution, storage takes place for the purpose of initiating and executing the respective contractual relationship (Art. 6 Para. 1 lit. b GDPR). If we are legally obligated to retain data, we also store your data beyond the statutory period (Art. 6 Para. 1 lit. c GDPR). Legal retention requirements may result from retention periods under the Commercial Code (HGB) or the Fiscal Code (AO). The retention period according to these regulations generally ranges between 6 and 10 years from the end of the year in which the relevant transaction was completed, e.g., when your inquiry was finally processed or the contract ended.

28. Your Rights as a Data Subject

28.1 Right of Access

28.2 Right to Rectification of Incorrect Data

28.3 Right to Erasure

28.4 Right to Restriction of Processing

28.5 Right to Data Portability

28.6 Right to Object

28.7 Right to Lodge a Complaint

  • Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen

  • Kavalleriestr 2-4 40213 Düsseldorf

  • Phone: 0211/38424-0

  • Fax: 0211/38424-10

  • Email: [email protected]

29. Data Processing When Exercising Your Rights

30. Updates and Changes

31. Scayle Data Protection | SCAYLE.

31.1 Akamai Technologies, Inc.

The following list contains all (personal) data collected through or when using this service:

  • Browser information

  • Visited pages

  • Date and time of the visit

  • Operating system

  • IP address

The legal basis for processing your personal data is Article 6(1)(f) GDPR, balancing of interests, based on our legitimate interest in ensuring the constant availability of our website. The place of processing is the European Union and the United States of America (Currently, there is no adequacy decision by the European Commission stating that the USA generally provides an adequate level of protection. If the protection level for personal data is not guaranteed at a level equivalent to the European standard, the transfer of personal data is carried out by appropriate safeguards and on the basis of EU standard contractual clauses to protect personal data; as an additional guarantee, personal data processed in connection with Akamai is pseudonymized and therefore particularly protected).

The lifespan of the cookies used lasts until the end of the respective session. The personal data collected with their help will be deleted when it is no longer needed for processing.

To read the data processor’s privacy policy, click here.

31.2 Amazon Web Services Inc. Amazon.com. This service enables companies and organizations to operate IT infrastructure and applications in the cloud. The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg (hereinafter referred to as “AWS”).

More detailed information can be found here: AWS GDPR Data Processing Addendum – now part of the Service Terms | Amazon Web Services. Further information on the processing of personal data can be found in the AWS privacy notice: (Data Protection).

The use of the AWS service is subject to your consent (Article 6(1)(a) GDPR). The legal basis for the use of the AWS service is Article 6(1)(f) GDPR. We have a legitimate interest in the reliable presentation of our website. If we have obtained your consent to process personal data, the processing takes place exclusively based on Article 6(1)(a) GDPR and § 25 Para. 1 TDDDG (Telecommunications and Telemedia Data Protection Act) if the consent includes the storage of cookies or access to information on the user’s device (e.g., scanning device fingerprints). This consent can be revoked at any time.

31.3 Datadog Inc.

Among other things, the following information may be collected:

  • IP address

  • Date and time of page visit

  • User navigation (click path)

  • Information about the browser and device you use

  • Visited pages

  • Link URL (website from which you accessed our website)

  • Location data

  • Shopping activities

Datadog uses technologies such as cookies, browser web storage, and tracking pixels to analyze your use of the website. The processing of personal data, particularly setting cookies, only takes place with your consent. More information about terms of use and personal data protection can be found here: Privacy Policy | Datadog.

31.4 New Relic Inc. Terms & Conditions.

31.5 Functional Software, Inc.

Information about the protection of personal data can be found at the following link: Privacy Policy 3.3.1 (31 May 2024).

31.6 Cloudflare, Inc.

For this purpose, personal data may be processed in server log files by Cloudflare. Cloudflare also collects statistical data about visits to this website. The data collected include:

  • Name of the accessed website, accessed file and URL

  • Date and time of access

  • Transferred data volume

  • HTTP status code (e.g., 200, 404)

  • Browser type, version, and language settings

  • Operating system and its version

  • Referrer URL

  • IP address of the requesting device

  • Requesting provider

  • Geographical location data

  • Information on security risks (e.g., suspicious activity or bot detection)

  • TLS/SSL information for secure connection

The data agreement is based on standard contractual clauses, which can be found here: https://www.cloudflare.com/cloudflare-customer-scc/ Further information about Cloudflare’s privacy policies can be found here: Privacy Policy Cloudflare | Cloudflare.

The company holds a certification under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to adhering to these data protection standards. More information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnZKAA0&status=Active

Additional information applies when using Cloudflare Turnstile: Cloudflare Turnstile is used to verify whether data input on this website is performed by a human or an automated program. To do so, Turnstile analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as a visitor accesses a website with Turnstile enabled. Turnstile evaluates various information for the analysis (e.g., IP address, visitor’s dwell time on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to Cloudflare. Data transfer between your browser and our servers is analyzed on Cloudflare’s servers to defend against attacks. Cloudflare uses cookies to enable your access to our website. The use of Cloudflare Turnstile is in the interest of secure use of our internet presence and defense against harmful external attacks. The storage and analysis of the data is based on Art. 6 Para. 1 lit. f) GDPR and § 25 Para. 2 No. 2 TDDDG.

32. Google Maps Google Maps/Earth Additional Terms of Service – Google More information on handling user data can be found in Google’s privacy policy: Privacy Policy – Privacy & Terms – Google

33. Webgains Webgains Privacy & Opt-Out

34. RTB House

  1. Below you will find a notice published in the customer’s privacy policy regarding the processing of personal data by RTB House for the purpose of conducting online advertising campaigns on your behalf. “For the execution of personalized advertising campaigns, MBCY processes certain data about users’ online activities on this website. These data may include online identifiers (e.g., cookie ID / mobile advertising ID), information about specific pages visited, products viewed or added to the shopping cart along with timestamps, and purchased products, as well as technical device and browser details. MBCY commissions RTB House GmbH, an advertising technology company, as a third-party subcontractor to conduct advertising campaigns based on these data and to display personalized ads to users. If these data constitute ‘personal data’ under the GDPR, MBCY acts as controller and RTB House GmbH as processor. Further information about RTB House retargeting technology can be found at: https://www.rtbhouse.com/privacy-center/.”

  2. Please note that, besides including the above information in your privacy policy, you must also comply with all obligations arising from applicable laws to ensure the lawfulness of collecting, processing, and sharing user data. These obligations particularly include:

    1. Obtaining valid user consent for storing and accessing information on the user’s device using cookie-based or other tracking technologies (according to the ePrivacy Directive);

    2. Obtaining a valid legal basis for processing the personal data collected on the website through such tracking technologies for the purpose of later ad personalization, including the creation of a personalized advertising profile, as well as for transferring these data to RTB House as processor for the purposes described above (pursuant to Article 6 GDPR);

    3. Properly informing your website users about the specific aspects of processing their data (in accordance with Article 13 GDPR).

  3. Considering these obligations, we strongly recommend consulting a professional law firm to create or review your website notices and privacy policies and to closely monitor the application of data protection laws on online advertising in your jurisdiction, especially through your local supervisory authorities.

  4. Please also note that your company can integrate a registered Consent Management Platform (CMP) into the IAB Transparency & Consent Framework (TCF) to facilitate obtaining a valid legal basis for processing personal data for ad personalization purposes. More information about the IAB TCF initiative and its benefits for website operators can be found at: https://advertisingconsent.eu/publishers/

The legal basis for this data processing is your consent pursuant to Art. 6 Para. 1 Sentence 1 lit. a GDPR and § 25 Para. 1 Sentence 1 TDDDG, which you may revoke at any time.

35. Speedkit This website uses the product Speed Kit from Baqend GmbH, Stresemannstr. 23, 22769 Hamburg, to reduce page load times. Publicly accessible data about the infrastructure of Baqend GmbH is delivered for this purpose. No personalized or personal content is transmitted or stored. IP addresses are anonymized immediately after transmission. Further information can be found here: SpeedKit Privacy Policy

36. Use of Kameleoon If you give us your consent, this website uses the testing and web analytics service Kameleoon. The use of Kameleoon serves to evaluate your website usage and to compile reports about website activities so that we can regularly improve our offerings. The program enables analysis of user behavior based on user segmentation. By evaluating log file data, we can determine how individual user segments visit the website, which landing pages are accessed, and how click rates can be increased.

For the analyses, as described above, cookies/local storage of the browser are used, linked with a pseudonymized ID. Your IP address is fully anonymized and not stored. The information generated by the cookie/local storage about your use of this website is transmitted to a Kameleoon server in Germany and stored there in aggregated and pseudonymized form. The IP address transmitted by your browser to Kameleoon in the context of Kameleoon is not combined with other data from Kameleoon.

The legal basis for storing the cookie is your consent (Art. 6 Para. 1 Sentence 1 lit. a GDPR). You can revoke your consent at any time as described under 8.