The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is the:
sizzly GmbH
Böheimstraße 101B
70199 Stuttgart
Germany
Phone: +49 (0) 711 2552894
E-mail: info@sizzly.de
Website: www.sizzly.de
1. scope of the processing of personal data
We only process our users' personal data insofar as this is necessary to provide a functional website and our content and services. The processing of our users' personal data only takes place regularly with the user's consent. An exception applies in cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by law.
2. legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis.
Art. 6 para. 1 lit. b GDPR serves as the legal basis for the processing of personal data necessary for the performance of a contract to which the data subject is a party. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
Insofar as the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.
If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.
3. data erasure and storage duration
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or erased if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
1. description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.
The following data is collected:
- Information about the browser type and version used
- The user's operating system
- The user's internet service provider
- The IP address of the user
- Date and time of access
- Websites from which the user's system accesses our website
- Websites that are accessed by the user's system via our website
The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
2. legal basis for data processing
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR.
3. purpose of data processing
Temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.
Data is stored in log files to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. The data is not analyzed for marketing purposes in this context.
These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f GDPR.
4. duration of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or anonymized so that it is no longer possible to identify the accessing client.
5. possibility of objection and removal
The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, the user has no option to object.
1. description and scope of data processing
Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user accesses a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.
We use cookies that are necessary for the operation of our website. The following data is stored and transmitted in the cookies:
- Language settings
- Articles in a shopping cart
- Log-in information
- Payment information
We also use cookies on our website that enable an analysis of the user's surfing behavior. The following data can be transmitted in this way:
- Search terms entered
- Frequency of page views
- Use of website functions
When accessing our website, the user is informed about the use of cookies for analysis purposes and his consent to the processing of the personal data used in this context is obtained. In this context, reference is also made to this privacy policy.
When you visit our website for the first time, a banner appears asking for your consent to the use of optional cookies. If you give your consent, we will store a cookie on your computer and the banner will no longer be displayed until the validity period of the cookie has expired. Once the validity period has expired or if you delete the cookie manually, the banner will be displayed again the next time you visit our website and you will have the opportunity to save your preferences again. You also have the option to change or withdraw your consent at any time by accessing the cookie banner settings interface via the button at the bottom left of the screen.
2. legal basis for data processing
The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. f GDPR.
The legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 para. 1 lit. a GDPR if the user has given consent to this.
3. purpose of data processing
The purpose of using technically necessary cookies is to enable the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary for the browser to be recognized even after a page change.
We need cookies for the following applications:
- Shopping cart
- Transfer of language settings
- Remembering search terms
- Processing of payments
Analysis cookies are used for the purpose of improving the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus constantly optimize our offer. These purposes also constitute our legitimate interest in the processing of personal data in accordance with Art. 6 para. 1 lit. f GDPR.
4. duration of storage, possibility of objection and removal
Cookies are stored on the user's computer and transmitted by it to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.
1. description and scope of data processing
On our website, we offer users the opportunity to register by providing personal data. The data is entered into an input mask and transmitted to us and stored. The data is not passed on to third parties. The following data is collected as part of the registration process:
- Name
- E-mail address
- Phone number
As part of the registration process, the user's consent to the processing of this data is obtained.
2. legal basis for data processing
The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR if the user has given consent.
3. purpose of data processing
User registration is required for the provision of certain functions on our website. These include
- Automated data transfer from the user profile during the ordering process
- Storage of payment information
4. duration of storage
The data will be deleted as soon as it is no longer required for the purpose for which it was collected.
This is the case for the data collected during the registration process if the registration on our website is canceled or modified.
5. possibility of objection and removal
As a user, you have the option of canceling your registration at any time. You can change the data stored about you at any time.
As part of the ordering process, we collect and process the personal data collected from you in order to process and execute your order.
1. description and scope of data processing
To process your order, we collect the following data, some of which is optional:
- Name
- Phone number
- E-mail address
- Payment information
- Ordered articles
2. legal basis for data processing
The legal basis for the processing of the data is your consent in accordance with Art. 6 para. 1 lit. a GDPR.
Furthermore, the processing of the aforementioned data serves the fulfillment of a contract with you, additional legal basis for the processing of the data is therefore Art. 6 para. 1 lit. b GDPR.
3. purpose of data processing
The purpose of data processing is to correctly record, process and execute your order or, if necessary, to reverse it.
4. duration of storage
The data will be deleted as soon as it is no longer required for the purpose for which it was collected.
This is the case during the execution period of the order to fulfill a contract if the data is no longer required for the execution of the contract. Even after conclusion of the contract, it may be necessary to store your personal data in connection with the order in order to comply with contractual or legal obligations.
5. possibility of objection and removal
You can request the deletion of your data in connection with an order with us, please use the contact options listed in the imprint. However, premature deletion of the data is only possible insofar as contractual or legal obligations do not prevent deletion.
In the course of processing orders, the payment process is regularly handled digitally (online payment); we use external service providers for this purpose.
1. description and scope of data processing
The specific data processed varies depending on the payment provider used and the payment method selected for payment. Essentially, however, information such as personal data (name, address), bank information (account number, credit card number, passwords) is collected as an essential prerequisite for the processing of transactions. Other user data, such as information on website visits, preferred content and subpages accessed, may also be stored. Furthermore, the user's IP address and details of the device used may be processed by the payment providers.
The data is usually stored and processed on the servers of the respective payment providers. As the operator of our website, we have no access to this information. We are only informed about the success or failure of the payment made. As part of identity and credit checks, it is possible that the payment provider will forward data to the relevant authorities. It should be emphasized that all payment transactions are always subject to the terms and conditions and data protection guidelines of the respective provider. For this reason, we strongly recommend that you carefully check both the terms and conditions and the privacy policy of the payment providers we use.
Please note that you have the right to request the deletion or correction of your data at any time. We ask you to contact the relevant service provider directly regarding your rights (such as the right of withdrawal, the right to information and the right to notification).
2. legal basis
The processing of the aforementioned data serves to fulfill a contract with you, the legal basis for the processing of the data is therefore Art. 6 para. 1 lit. b GDPR.
3. purpose of data processing
The purpose of data processing is to correctly record, process and execute the online payment associated with your order or, if necessary, to reverse it.
4. duration of storage
The data will be deleted as soon as it is no longer required for the purpose for which it was collected.
This is the case during the execution period of the online payment to fulfill a contract if the data is no longer required for the execution of the contract. Even after conclusion of the contract, it may be necessary to store your personal data in connection with the online payment in order to comply with contractual or legal obligations.
5. possibility of objection and removal
You can request the deletion of your data in connection with a payment to us, please use the contact options listed in the imprint. However, premature deletion of the data is only possible insofar as contractual or legal obligations do not prevent deletion.
In addition, you can contact the payment providers we use directly at any time and request the relevant information. The contact details can be found on the respective website of the payment service providers listed in the next section.
6th service provider
We use the following service providers to process digital payments:
Adyen N.V.
The service provider is the company Adyen N.V., Simon Carmiggeltstraat 6-50, 1011 DJ Amsterdam, The Netherlands.
You can use the following link to access Adyen N.V.'s data protection agreement and find out how Adyen processes the data it receives: https://www.adyen.com/policies-and-disclaimer/privacy-policy
For the processing and correct provision of your order, we pass on your personal data (name, telephone number, e-mail address, order) to the restaurant commissioned by you. The restaurant has its own responsibility and obligations with regard to the processing of your personal data, as you are a direct customer of the restaurant. If you have any questions about the handling of your personal data, please contact the restaurant directly.
In the course of carrying out and processing an order or online payment, automated communication of the processing progress takes place, for example via SMS and e-mail, for which purpose we use external service providers.
1. description and scope of data processing
To inform you about the current status or processing progress of an order or the result of an online payment, for example, we will send you SMS or e-mail messages. To do this, we use the contact details that you provided when placing the order or making the online payment.
2. legal basis
The processing of the aforementioned data serves to fulfill a contract with you, the legal basis for the processing of the data is therefore Art. 6 para. 1 lit. b GDPR.
3. purpose of data processing
The purpose of data processing is to inform you about the current processing status of your order or the online payment associated with it, to clarify any queries that may arise or to request further information that is necessary for the correct execution or, if applicable, reversal of the transaction.
4. duration of storage
The data will be deleted as soon as it is no longer required for the purpose for which it was collected.
This is the case during the execution period of the order or online payment for the fulfillment of a contract if the data is no longer required for the execution of the contract. Even after conclusion of the contract, it may be necessary to store your personal data in connection with the communication relating to your order or online payment in order to comply with contractual or legal obligations.
5. possibility of objection and removal
You can request the deletion of your data in connection with the communication that took place when placing an order or making an online payment, please use the contact options listed in the legal notice. However, premature deletion of the data is only possible insofar as contractual or legal obligations do not prevent deletion.
In addition, you can contact the service providers we use directly at any time and request the relevant information. The contact details can be found on the respective websites of the service providers listed in the next section.
6th service provider
We use the following service providers to send text messages and e-mails in connection with the communication of the processing progress of your order or online payment:
Twilio
The service provider of this platform is the American company Twilio Inc., based at 101 Spear Street, 5th Floor, San Francisco, California, 94105, USA.
In the course of its services, Twilio also processes your personal data, part of which is processed in the United States of America. We would like to point out that the European Court of Justice currently does not consider the level of protection for the transfer of personal data to the USA to be sufficient. This finding may potentially entail various risks for the lawfulness and security of data processing.
Twilio uses so-called Standard Contractual Clauses as described in Article 46(2) and (3) of the General Data Protection Regulation (GDPR) as the basis for data processing for recipients in third countries (i.e. countries outside the European Union, including Iceland, Liechtenstein and Norway) or for the transfer of such data to such countries. These standard contractual clauses, also known as Standard Contractual Clauses (SCCs), are model clauses provided by the European Commission that aim to ensure that personal data, even if it is transferred to and stored in third countries such as the USA, complies with EU data protection standards. By implementing these clauses, Twilio undertakes to maintain the European level of data protection when processing relevant data, even if the data is stored, processed and managed in the USA. These clauses find their legal basis in an implementing decision of the European Commission. Further details on this decision and the associated standard contractual clauses can be found at the following link: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
Additional information on the standard contractual clauses and data processing by Twilio can be found at https://www.twilio.com/en-us/legal/privacy.
Our website is not intended for persons under the age of 16 and we do not intend to collect personal data from visitors to the website who are under the age of 16. However, we have no way of verifying the age of visitors. We therefore recommend that parents monitor their children's online activities to prevent their personal data from being collected without parental consent. Please contact us if you suspect that we are collecting personal data from minors so that we can arrange for this data to be deleted if necessary.
1. description and scope of data processing
Contact forms are available on our website which can be used to contact us electronically. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored. These data are (if entered):
- Name
- E-mail address
- Phone number
Your consent is obtained for the processing of the data as part of the sending process and reference is made to this privacy policy.
Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored.
No data will be passed on to third parties in this context. The data is used exclusively for processing the conversation.
2. legal basis for data processing
The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR if the user has given consent.
The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 para. 1 lit. f GDPR. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
3. purpose of data processing
The processing of the personal data from the input mask serves us solely to process the contact. In the case of contact by email, this also constitutes the necessary legitimate interest in the processing of the data.
The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
4. duration of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input screen of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
5. possibility of objection and removal
The user has the option to revoke their consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.
All personal data stored in the course of contacting us will be deleted in this case.
1. scope of the processing of personal data
If you have given your consent, this site uses Mixpanel, a web analysis service of Mixpanel Inc, One Front Street, 28th Floor, San Francisco, CA 94111. We use this service to analyze the surfing behavior of our users. Mixpanel places a cookie on the user's computer (for cookies, see above). If individual pages of our website are accessed, the following data is stored:
- The website called up
- The website from which the user accessed the website (referrer)
- The subpages that are accessed from the accessed website
- The time spent on the website
- Interaction with the content provided on the website
- The frequency of visits to the website
Users' personal data is stored exclusively within the European Union. The data will not be passed on to third parties.
2. legal basis for the processing of personal data
The legal basis for the processing of users' personal data is Art. 6 para. 1 lit. a GDPR.
3. purpose of data processing
The processing of users' personal data enables us to analyze the surfing behavior of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to constantly improve our website and its user-friendliness.
4. duration of storage
The data is deleted as soon as it is no longer required for our recording purposes. This is regularly the case after 24 months.
5. possibility of objection and removal
Cookies are stored on the user's computer and transmitted by it to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.
1. scope of the processing of personal data
We use the software "Matomo" (www.matomo.org) on this website, a service provided by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand. The software places a cookie (a text file) on your computer with which your browser can be recognized. If subpages of our website are accessed, the following data is stored:
- the IP address of the user, shortened by the last two bytes (anonymized)
- the subpage accessed and the time of access
- the page from which the user reached our website (referrer)
- which browser with which plugins, which operating system and which screen resolution is used
- the time spent on the website
- the pages that are accessed from the accessed subpage
Users' personal data is stored exclusively within the European Union. The data will not be passed on to third parties.
Further information on Matomo's terms of use and data protection regulations can be found at: https://matomo.org/privacy/
2. legal basis for the processing of personal data
The legal basis for the processing of users' personal data is Art. 6 para. 1 lit. a of the GDPR.
3. purpose of data processing
The processing of users' personal data enables us to analyze the surfing behavior of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to constantly improve our website and its user-friendliness. Our legitimate interest pursuant to Art. 6 para. 1 lit. a GDPR lies in these purposes. By anonymizing the IP address, we take into account the user's interest in the protection of personal data. The data is never used to personally identify the user of the website and is not merged with other data.
4. duration of storage
The data will be deleted as soon as it is no longer required for our recording purposes.
5. possibility of objection and removal
Cookies are stored on the user's computer and transmitted by it to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.
We integrate the service reCAPTCHA v3 of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
1. scope of the processing of personal data
reCAPTCHA sends various information to Google, some of which is personal, such as the browser type used, the referrer URL, information on the operating system used and the IP address. Google does not provide a complete list of the information transmitted. ReCAPTCHA also sets so-called "cookies", text files that are stored on your computer. The information generated by the cookie is usually transferred to a Google server in the USA and stored there. However, due to the activation of IP anonymization on this platform, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on our behalf to provide the reCAPTCHA service. The IP address transmitted by your browser through reCAPTCHA will not be merged with other Google data. The use of reCAPTCHA is subject to Google's privacy policy and terms of use.
2. legal basis for the processing of personal data
The legal basis for the processing of users' personal data is Art. 6 para. 1 lit. f GDPR.
3. purpose of data processing
ReCAPTCHA is a service for checking whether our site is accessed by a human or automatically by a machine ("bot") and therefore serves to protect us against unjustified access and spam messages.
4. duration of storage
Googel does not specify the exact storage period of the data transmitted to Google. Further information on Google reCAPTCHA is available at https://www.google.com/recaptcha/intro/v3.html.
5. possibility of objection and removal
Cookies are stored on the user's computer and transmitted by it to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.
1. scope of the processing of personal data
We use the Microsoft Bookings service from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA, to make appointments online. The data is only collected and transmitted if you call up the booking form by clicking on a corresponding button (e.g. "Arrange demo"), fill it out and send it.
2. legal basis for the processing of personal data
The legal basis for the processing of users' personal data is Art. 6 para. 1 lit. a GDPR.
3. purpose of data processing
The data is processed and used to arrange, organize and carry out (online) appointments and to make the necessary contact with you.
4. duration of storage
The data will be deleted as soon as it is no longer required for the purpose for which it was collected.
5. possibility of objection and removal
You have the option of withdrawing your consent to data processing or objecting to the use of your data at any time. In this case, the intended contact with you is no longer possible or communication that has already begun can no longer be continued.
1. scope of the processing of personal data
If you have given your consent, LinkedIn Insight Tag, a tracking service of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, is used on this site. We use this service to analyze the surfing behavior of our users. LinkedIn places a cookie on the user's computer (for cookies, see above). By using LinkedIn Insight Tag, the following data is collected and transmitted to LinkedIn
- URL
- Referrer URL
- IP address
- Device and browser properties (user agent)
- Timestamp
We, sizzly GmbH, have no access to the data collected at any time, nor do we have any influence on the type and scope of further use of the data collected by LinkedIn.
For us, sizzly GmbH, the data collected is anonymous; we cannot draw any conclusions about the identity of the users. However, LinkedIn can store and process the data so that a connection to the respective LinkedIn user profile is possible. LinkedIn may use the data in accordance with the LinkedIn privacy policy, which can be accessed at: https://www.linkedin.com/legal/privacy-policy
2. legal basis for the processing of personal data
The legal basis for the processing of users' personal data is Art. 6 para. 1 lit. a GDPR.
3. purpose of data processing
The LinkedIn Insight Tag collects information about our website visitors and enables us to track our LinkedIn campaigns. In particular, the LinkedIn Insight Tag allows us to track the actions of users who have visited our website via a LinkedIn ad, for example. This process helps us to evaluate our advertising measures and optimize them in the future, and we can also use the evaluations provided by LinkedIn for market research purposes.
4. duration of storage
According to LinkedIn's privacy policy (available at https://www.linkedin.com/legal/privacy-policy), the direct identifiers of LinkedIn members will be removed by LinkedIn within seven days in order to pseudonymize the data; this remaining pseudonymized data will then be deleted by LinkedIn within 180 days.
We, sizzly GmbH, do not have access to the collected data at any time; no storage takes place on our systems. We also have no influence on the type and scope of further use of the data collected by LinkedIn.
5. possibility of objection and removal
Cookies are stored on the user's computer and transmitted by it to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.
You can object to the described data processing by LinkedIn and the use of this data to display LinkedIn Ads. As a LinkedIn member, you can use this website to set which types of advertisements are displayed to you within LinkedIn: https://www.linkedin.com/psettings/advertising. You can also deactivate interest-based advertising by LinkedIn and the LinkedIn Insight Conversion Tool by opting out at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
1. scope of the processing of company-related data
This website uses SalesViewer® technology from SalesViewer® GmbH to collect and store data for marketing, market research and optimization purposes.
2. purpose of data processing
This data can be used to create user profiles under a pseudonym. For this purpose, so-called tracking pixels are used, which are used to collect company-related data. The data collected with these technologies will not be used to personally identify the visitor to this website and will not be merged with personal data about the bearer of the pseudonym without the separately granted consent of the person concerned.
3. duration of storage
The data will be deleted as soon as it is no longer required for the purpose for which it was collected.
4. possibility of objection and removal
You can object to the collection and storage of data at any time with effect for the future by visiting the link www.salesviewer.com/opt-out to prevent the collection by SalesViewer® within this website in the future. An opt-out cookie for this website will be stored on your device. If you delete your cookies in this browser, you must click this link again.
Salesviewer® GmbH is headquartered in Bochum, Germany, and guarantees 100% GDPR compliance. You can view this assurance at www.salesviewer.com/datenschutz.
1. scope of the processing of company-related data
sizzly uses chat software from the company Userlike UG (haftungsbeschränkt), Probsteigasse 44-46, 50670 Cologne, Germany. You can use the chat like a contact form to chat with our employees almost in real time. When you start the chat, the following personal data is collected:- Date and time of access,
- Browser type/version,
- IP address,
- Operating system used,
- URL of the previously visited website,
- Amount of data sent.
- And if specified: First name, last name and e-mail address.
Depending on the course of the conversation with our employees, further personal data may be collected in the chat and entered by you. The nature of this data depends largely on your query or the problem you describe to us. The purpose of processing all this data is to provide you with a quick and efficient means of contact and thus improve our customer service.
All of our employees have been and continue to be trained in data protection and instructed in the secure and confidential handling of customer data. All of our employees are obliged to maintain confidentiality and have signed an addendum in their employee contracts to the obligation to maintain confidentiality and to observe data protection.
By accessing the website sizzly.de, the chat widget is loaded in the form of a JavaScript file from AWS Cloudfront. The chat widget technically represents the source code that is executed on your computer and enables the chat.
Your consent is obtained for the processing of the data as part of the sending process and reference is made to this privacy policy.
Acceptance of this privacy policy and your consent are mandatory prerequisites for starting the chat. By starting the chat, you agree to the processing under the conditions stated here. If you do not give us your consent, we will unfortunately not be able to provide you with the chat function. In this case, please use the regular contact options of telephone, e-mail or our contact form.
In this case, the user's personal data transmitted with the e-mail will be stored. The data will not be passed on to third parties in this context. The data is used exclusively for processing the conversation.
2. legal basis for data processing
In addition, sizzly stores the chat history for a period of 12 months. This serves the purpose of sparing you extensive explanations of the history of your request and for the constant quality control of our chat offer. Processing is therefore permitted in accordance with Art. 6 para. 1 letter f GDPR. If you do not wish this, you are welcome to inform us using the contact details below. We will then delete saved chats immediately.
The storage of chat data also serves the purpose of ensuring the security of our information technology systems. This is also our legitimate interest, which is why processing is permitted under Art. 6 (1) (f) GDPR.
Further information can be found in the privacy policy of Userlike UG (haftungsbeschränkt).
3. purpose of data processing
This website uses Userlike's live chat software for personal and uncomplicated contact with us. Userlike uses cookies to store the chat content when you browse the website and, if possible, to connect you to the same operator when you chat again. If a user's message is to be translated into the language of the operator during the chat and the operator's message is to be translated into the language of the end user, this translation can be made possible by using machine translation software. The data collected will not be used to personally identify the visitor to this website and will not be merged with personal data about the bearer of the pseudonym, unless personal data is provided voluntarily when using the live chat.
The provision of your personal data is necessary for the performance of the contract or a situation similar to a contract. You are not obliged to provide your personal data. If you do not provide your personal data, you will not be able to use the service described.
4. duration of storage
In addition, sizzly stores the chat history for a period of 12 months. The purpose of this is to save you from having to provide extensive explanations about the history of your request and to ensure constant quality control of our chat service.
5. possibility of objection and removal
The user has the option to revoke their consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.
All personal data stored in the course of making contact, as well as stored chats, will be deleted immediately in this case.
If you do not wish this, you are welcome to inform us using the contact details below. Saved chats will then be deleted by us immediately.
Functions of the Weglot translation service are integrated on this website. The provider is Weglot SAS, 138, rue Pierre Joigneaux in Bois-Colombes 92270 France. Weglot is loaded when you access the website so that you can change the language to a language other than German using the language icon in the header of the website. This allows a direct connection to be established between your browser and the Weglot server when you visit this website. Weglot then receives the information that you have visited this website with your IP address. The data is stored and analyzed on the basis of Art. 6 para. 1 lit. f GDPR. A corresponding consent is requested via the cookie and data protection settings of the website. The processing is then carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; consent can be revoked at any time via the data protection settings at the bottom of each subpage. Further information on this can be found in Weglot's privacy policy: https://weglot.com/privacy/.
We use Salesforce Sales Cloud to manage customer data and to send our newsletter and automated mailings. The provider is salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich (hereinafter "Salesforce"). The data is currently stored on servers in the EU.
1. description and scope of data processing
Salesforce Sales Cloud is a CRM system that enables us to manage existing and potential customers and customer contacts and organize sales and communication processes, among other things. Using the CRM system also enables us to analyze our customer-related processes. Customer data is stored on Salesforce servers. Personal data may also be transmitted to the parent company of salesforce.com Germany GmbH, salesforce.com inc, Salesforce Tower, 415 Mission Street, San Francisco, CA 94105, USA. You can view Salesforce's privacy policy here: https://www.salesforce.com/de/company/privacy/.
Details on the functions of Salesforce Sales Cloud can be found here: https://www.salesforce.com/de/products/sales-cloud/overview/.
The specific information required can be found on the respective input screen.
2. legal basis for data processing
The use of Salesforce Sales Cloud is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the most efficient customer and subscriber management and customer communication possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
Salesforce uses standard contractual clauses and has Binding Corporate Rules (BCR) that have been approved by the French data protection authority. These are binding internal company regulations that legitimize the internal transfer of data to third countries outside the EU and the EEA. The data processing conditions (Data Processing Addendum), which correspond to the standard contractual clauses, can be found here:
https://www.salesforce.com/de/blog/2020/07/die-binding-corporate-rules-von-salesforce-erfuellen-hoechste-da.html.
Details can be found in Salesforce's privacy policy:
https://www.salesforce.com/de/company/privacy/.
Order processing
We have concluded an order processing contract (AVV) with the above-mentioned provider. This is a contract prescribed by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR. You can find the data processing agreement here:
https://www.salesforce.com/content/dam/web/en_us/www/documents/legal/Agreements/data-processing-addendum.pdf.
Hyperforce EU Operating Zone
We also use the Salesforce Hyperforce infrastructure. Since 2023, the "Hyperforce EU Operating Zone" has enabled us to determine the storage location of our data ourselves and thus to store and process our data on Salesforce exclusively within the European Union. The data is stored in accordance with the GDPR and Salesforce ensures that support is also provided directly by employees from the EU.
Further information on the Salesforce Hyperforce EU Operating Zone can be found at:
https://www.salesforce.com/de/blog/it/hyperforce-eu-operating-zone.html
https://www.salesforce.com/eu/products/platform/hyperforce/hyperforce-eu-oz/.
3. purpose of data processing
The Salesforce Sales Cloud uses your personal information to send and statistically analyze the newsletter on our behalf. For evaluation purposes, the emails sent contain so-called web beacons or tracking pixels, which are one-pixel image files stored on our website. This makes it possible to determine whether a newsletter message has been opened and which links have been clicked on. Conversion tracking can also be used to analyze whether a predefined action has taken place after clicking on the link in the newsletter. Technical information is also collected (e.g. time of access, IP address, browser type and operating system). The data is collected exclusively in pseudonymized form and is not linked to your other personal data; direct personal reference is excluded. This data is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to the interests of recipients.
If you wish to object to data analysis for statistical evaluation purposes, you must unsubscribe from the newsletter.
4. duration of storage
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. Data stored by us for other purposes remains unaffected by this.
5. possibility of objection and removal
The user has the option to revoke their consent to the processing of personal data at any time. If the user contacts us by e-mail, they can object to the storage of their personal data at any time.
You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the "unsubscribe" link at the end of each newsletter.
The legality of the data processing operations already carried out remains unaffected by the revocation.
This site uses so-called Google Fonts, which are provided by Google, for the uniform display of fonts. Google Fonts are installed locally. There is no connection to Google servers.
You can find more information about Google Fonts at:
https://developers.google.com/fonts/faq
and in Google's privacy policy:
https://policies.google.com/privacy?hl=de.
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:
1. right to information
You can request confirmation from the controller as to whether personal data concerning you is being processed by us.
You have the right to request information as to whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.
2. right to rectification
You have a right to rectification and/or completion vis-à-vis the controller if the processed personal data concerning you is incorrect or incomplete. The controller must make the correction without delay.
3. right to restriction of processing
You may request the restriction of the processing of your personal data under the following conditions:
(1) if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
(2) the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
(3) the controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims, or
(4) if you have objected to the processing pursuant to Art. 21 (1) GDPR and it is not yet certain whether the legitimate reasons of the controller outweigh your reasons.
If the processing of personal data concerning you has been restricted, such data may only be processed - apart from being stored - with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.
4. right to erasure
a) Obligation to delete
You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You revoke your consent on which the processing was based pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR and there is no other legal basis for the processing.
(3) You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
(4) The personal data concerning you has been processed unlawfully.
(5) The deletion of personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
(6) The personal data concerning you were collected in relation to information society services offered in accordance with Art. 8 para. 1 GDPR.
b) Information to third parties
If the controller has made the personal data concerning you public and is obliged to erase it pursuant to Article 17(1) GDPR, it shall take reasonable steps, including technical measures, taking into account the available technology and the cost of implementation, to inform controllers which are processing the personal data that you as the data subject have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
c) Exceptions
The right to erasure does not exist if the processing is necessary
(1) to exercise the right to freedom of expression and information;
(2) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3) for reasons of public interest in the area of public health in accordance with Art. 9 para. 2 lit. h and i and Art. 9 para. 3 GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 para. 1 GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
(5) for the assertion, exercise or defense of legal claims.
5. right to information
If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.
You have the right to be informed about these recipients by the controller.
6. right to data portability
You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format.
7. right of objection
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions.
The controller will no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
8. right to revoke the declaration of consent under data protection law
You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
9. right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.