PRIVACY POLICY

The ZILONIS Energy Solutions GmbH website collects personal data about you. Strict compliance with the provisions of the Federal Data Protection Act, the Telemedia Act and the General Data Protection Regulation forms the basis of our trusting relationship with you as a user.

Our website may also contain links to external websites. However, we assume no responsibility for the content of these external editorial offers. When you leave our pages, we recommend that you carefully read the privacy policy of any website that collects personal data.

1 Responsible party
a) Responsible for data processing

ZILONIS Energy Solutions GmbH
Nisterfeld 11
57629 Müschenbach

Managing partners:
Musa Smakaj und Daniel Utsch
Phone: +49 2662 50044-0
E-mail: support@zilonis.de

b) Data protection officer
We have appointed Dr. Julia Zirfas as our data protection officer for our company.

FUTURE: Data protection
External data protection advice
E-mail: info@zukunft-datenschutz.de

2 What is personal data?

Personal data is all data that relates directly or indirectly to you as a person. This includes, for example, data such as your date of birth, your address and IP address, but also texts or images that allow conclusions to be drawn about you as a person. The following privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
We may be required by law to disclose your data to third parties. However, we only comply with such requests within this framework and after careful examination as to whether such an obligation actually exists.
Data processing takes place in Germany or in other European countries. If, in exceptional cases, data is transferred to a third country, then only to countries in which there is an adequate level of data protection or where we can equally ensure this through suitable guarantees such as the conclusion of standard contractual clauses or certifications.

3 What data is processed?
a) When you visit the website

When you visit the website, every access and every retrieval of a file stored on this website is logged in order to enable you to use the website. The following are logged
IP address
Time of the visit
Page or file accessed
Browser type and version used
Operating system and host name of the accessing computer
The data is also stored in the log files of our system. This data is not merged or stored together with other personal data of the user.

i) Legal basis

The legal basis for the temporary storage of the data and the log files is a legitimate interest Art. 6 para. 1 lit. f GDPR.

ii) For what purpose is this data processed?

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.
The data is stored in log files to ensure the functionality of the website. We also use the data to optimize the website and to ensure the security of our information technology systems. The data is not analyzed for marketing purposes in this context.

iii) How long will the data be stored?

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. The data stored in the log files is deleted after 7 days at the latest.

b) Required cookies

Like most websites, we also use cookies on our website. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user accesses a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. Session cookies store information that is used during your current visit to the site. These cookies are automatically deleted when you leave our site.
In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a specified period of time. If you visit our website again to make use of our services, it is automatically recognized that you have already visited us and which entries and settings you have made so that you do not have to enter them again.

i) Legal basis

The cookies absolutely necessary for the operation of the website and the associated personal data processed are required for the purposes mentioned to safeguard our legitimate interests in accordance with Art. 6 para. 1, 1 lit. f GDPR and to make the website available in accordance with Art. 6 para. 1 lit. b GDPR.

ii) For what purpose is this data processed?

The cookies set are technically necessary. Individual functions of the website cannot be offered without the use of cookies. For example, it is necessary for the browser to be recognized even after a page change.
We do not use the user data collected to create user profiles or to provide visitors to our website with advertising. The information generated by the cookies about your use of this website is not passed on to third parties.

iii) How long are cookies stored and how can I delete them?

Cookies are stored on your computer and transmitted from it to our website. As a user, you therefore have full control over the use of cookies. You have the option of preventing the use of cookies. To do this, you must change the corresponding settings in your Internet browser (e.g. Internet Explorer, Mozilla Firefox, Opera or Safari). However, in order to make full use of the website's functions, you should allow the use of cookies in your browser and instead reject optional cookies via the settings in the cookie layer.

c) Hosting of the website

This website is hosted and made available in cooperation with an external service provider.
The following personal data is processed as part of the hosting:
IP addresses
Content of contact requests and associated meta and communication data,
contract data
contact data
names
Website accesses and other data generated via a website

i) Legal basis

Hosting serves to make the website available and thus to fulfill the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our website by a professional provider (Art. 6 para. 1 lit. f GDPR).

ii) For what purpose is this data processed

Our hoster will only process your data to the extent necessary to fulfill its performance obligations and follow our instructions with regard to this data.
We use the hosting provider IONOS SE, Elgendorferstr. 57, 56410 Montabaur, Germany, as part of order processing in accordance with Art. 28 GDPR. The server is located in Karlsruhe. A corresponding order processing contract has been concluded with the provider for this purpose.

iii) How long will the data be stored

Your data will be stored by the contractor and the hosting company until the purpose for the data processing no longer applies.

d) IONOS WebAnalytics

This website uses analysis services from IONOS WebAnalytics. The provider of these services is 1&1 IONOS SE, Elgendorfer Straße 57, 56410 Montabaur, Germany. In connection with the performance of analyses by IONOS, it is possible, for example, to analyze the number of visitors and their behavior patterns during the visit (e.g. number of pages accessed, duration of their visit to the website, percentage of aborted visits), the origin of the visitors (i.e. from which page the visitor arrives at our website), the locations of the visitors as well as technical data (browser used and session of the operating system used). For this purpose, IONOS archives the following data in particular
Referrer (previously visited website)
Requested page on the website or file
Browser type and browser version
Operating system used
Type of device used
Time of access to the website
Anonymized IP address (only used to determine the access location)
According to IONOS, the data collected is completely anonymized so that it cannot be traced back to individuals. IONOS WebAnalytics does not archive cookies.

i) Purpose and legal basis

The data is stored and analyzed on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the statistical analysis of user behavior to optimize both the operator's website and the operator's advertising measures.

ii) Further information

Further information on data collection and processing by IONOS WebAnalytics can be found at the following link to the privacy policy
https://www.ionos.de/terms-gtc/index.php?id=6.

e) Contact form / contact by e-mail or telephone

You can use our contact form to get in touch with us quickly and easily or to send us feedback. The same applies to contacting us by e-mail and telephone. You can find all the ways to contact us under the heading Contact.

You must fill in the following data in the contact form:
Name
Gender (for a correct address)
Telephone number (for contacting us)
E-mail address (for contacting us)
Your message or feedback for us
You can also provide the following data voluntarily:
Address
Company name
The following data is also stored when the message is sent:
Date and time at which the message was sent
You decide which data you provide via one of the other contact channels.

i) Legal basis

The legal basis for the processing of data transmitted through the use of our contact form is Art. 6 para. 1 lit. f GDPR. If you voluntarily provide additional data, this is done with your consent (Art. 6 para. 1 lit. a GDPR).

ii) For what purpose is this data processed?

The data will only be stored for the purpose of answering and contacting you. The provision of further data is optional, but will also only be used to answer your inquiry. The transmission of data from the contact form is encrypted.

iii) How long will the data be stored?

The personal data collected by us for the use of the contact form will be automatically deleted after your inquiry has been dealt with. There may also be follow-up questions, in which case the data will be stored until the final answer is given. Communication is terminated when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

f) Sending information mailings and a newsletter

We send you information by e-mail as part of our customer relationship. This is important for you as our customer. Here we use the contact details you have provided to us. This is not the sending of a regular newsletter.

Separately from this contractual information, we also send a newsletter to which you can subscribe.

i) Legal basis

The legal basis for the processing of data for the sending of contractual information is Art. 6 para. 1 lit. b GDPR, as the establishment of contact is necessary for the performance of our contractual relationship.

The legal basis for sending the newsletter is your consent (Art. 6 para. 1 lit. a GDPR).

ii) For what purpose is this data processed?

The data is used to send information on contract-related topics by email or post. With your consent, also for sending the newsletter.

iii) How long will the data be stored?

Your data will remain stored during the ongoing contractual relationship. However, it will be blocked for further contact for the above-mentioned purposes after the end of our contractual relationship.

You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by clicking on the link provided in every newsletter email or by sending an informal message to the contact details above.

The newsletter is sent via the HupSpot tool. Further information on this can be found below under HubSpot CRM.

g) XOVI (SEO analysis)

We use a tool for our website to support search engine optimization and SEO analysis. The tool is a service of the provider XOVI GmbH, Hohenzollernring 72, 50672 Cologne, Germany.

i) Legal basis

The legal basis for the use of XOVI is Art. 6 para. 1 lit. f) GDPR.

ii) For what purpose is this data processed?

XOVI can be used to track user flows and carry out keyword and link analyses. In this way, for example, we obtain information on how customers find our site in order to make our websites more customer-friendly and target group-oriented.

iii) Further information

The complete privacy policy of XOVI GmbH can be found on the following page: www.xovi.de/datenschutz/.

h) Google Analytics and Google Tag Manager

Our website uses Google Analytics, a web analytics service provided by Google (Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland). Google Analytics uses cookies that enable your website usage to be analyzed (for cookies, see b) above).

With the help of Google Analytics tracking, we are able to recognize whether the user has performed certain actions. For example, we can analyze how often which buttons were clicked on our website and which products are checked or purchased particularly frequently. The purpose of this information is to create conversion statistics. We find out how many users have clicked on our ads and what actions they have taken. We do not receive any information that would enable us to identify users personally. As such, Google uses cookies or comparable recognition technologies for identification purposes.
The information generated by cookies about your use of this website, such as
Browser type/version,
operating system used,
Referrer URL (the previously visited page),
Host name of the accessing computer (IP address),
time of the server request,
are transmitted to a Google server in the USA and stored there.

Google Tag Manager is a tool with which we can integrate tracking or statistics tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store any cookies and does not carry out any independent analyses. It only manages and operates the tools integrated via it. However, Google Tag Manager records your IP address, which may also be transmitted to Google's parent company in the USA.

1. Legal basis

The legal basis for setting the cookie is § 25 para. 1 TTDSG. Personal data is processed exclusively with your consent (Art. 6 para. 1 lit. a GDPR). You can give your consent directly in our cookie banner (can be shown again at any time via the small cookie in the bottom left-hand side of the page).

i) For what purpose is this data processed?

Google analyzes the use of our online offer for us in order to compile reports on our activities and to provide us with further services associated with the use of this online offer and the use of the Internet For example, Google Marketing Services allow us to display advertisements in order to present users only with advertisements that potentially correspond to their interests. As part of Google Marketing Services, user data is only processed within pseudonymous user profiles.

ii) Further information

Further information on Google Conversion Tracking can be found in Google's privacy policy at: https://policies.google.com/privacy?hl=en
We only use Google Analytics with activated IP anonymization. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.
Users' personal data is deleted or anonymized after 14 months.

i) HotJar

Hotjar works with cookies and other technologies to collect data about the behavior of our users and their end devices. Hotjar stores the following information on our behalf in a pseudonymized user profile.

the IP address of your device (collected and stored in an anonymous format)
the screen size of the device
Device type (device identification features)
browser information
geographical location (country only)
preferred language for displaying the website.

i) For what purpose is this data processed?

We use Hotjar to better understand the needs of our users and to optimize the offer and experience on this website. Hotjar's technology gives us a better understanding of our users' experiences (e.g. how much time users spend on which pages, which links they click on, what they like and dislike, etc.) and this helps us to tailor our offering to our users' feedback.

ii) Legal basis

We only use Hotjar with your consent (Art. 6 para. 1 lit. a GDPR, as well as for the setting of cookies § 25 para. 1 TTDSG). You can give your consent when visiting the site via the cookie banner (can be displayed again at any time via the small cookie in the lower left half of the page).

iii) Further information

An order processing contract has been concluded with Hotjar; you are contractually prohibited from selling the data collected on our behalf.
You can find more information about Hotjar at https://www.hotjar.com/legal/policies/privacy/

j) Google Ads

We also use Google Ads on our website. Google Ads is an online advertising program of Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

i) For what purpose is this data processed?

Google Ads enables us to display ads in the Google search engine or on third-party websites when the user enters certain search terms into Google (keyword targeting). It is also possible to display targeted ads based on the user data that Google has (e.g. location data and interests; audience targeting). As a website operator, we can evaluate this data quantitatively, for example by analyzing which search terms have led to the display of our ads and how many ads have led to corresponding clicks.

ii) Legal basis

The legal basis for the setting of cookies is Section 25 (1) TTDSG. The use of Google Ads and the associated data processing is based on Art. 6 para. 1 lit. a GDPR. You can give your consent when visiting the site via the cookie layer (can be displayed again at any time via the small cookie in the lower left half of the page).

iii) Further information

Google is certified under the Data Privacy Framework. In addition, the transfer takes place on the basis of the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://policies.google.com/privacy/frameworks.

k) YouTube videos

We occasionally include videos from the www.YouTube.com website on our website when appropriate. The content is stored directly on YouTube and integrated on our site from there.
When the videos in question are accessed, the IP address, technical information (browser, operating system, basic device information) and, in particular, which of our websites you have visited are communicated.

i) For what purpose is this data processed?

Playing video content and simple preparation of content in a learning unit / e-learning.

ii) Legal basis

We show you these videos on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR. The videos shown contain details about our products or other useful information for you as a user.

iii) How is the data stored / processed?

We have embedded our videos in a data protection-friendly manner ("extended data protection mode"). This means that information about you is only passed on to the two companies when you watch the video. Only then will a server connection to YouTube be established and a corresponding cookie will be set. This is not used to monitor your user behavior, but rather to save your settings, e.g. the playback status and the desired volume. You will be informed of this again before each video.
The extended data protection mode only stores cookies that do not contain any personally identifiable data. However, if you have an account with YouTube, the company may be able to identify you. You can prevent the provider from recognizing you as a logged-in user by logging out of your account before playing the video
Provider of the YouTube platform: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Further information on data protection at Google/YouTube can be found here: https://www.google.com/policies/privacy/.

A general advertising opt-out is possible here: https://adssettings.google.com/authenticated.
Transmission to third countries: As this is a US provider, data is transmitted to the USA.

l) Social media

We maintain a company website on LinkedIn. We use this page to inform you, our customers and interested parties, about our services and, of course, to communicate with you.

i) Legal basis

The processing of your personal data takes place on the basis of our legitimate interests in effective information and communication with our users and customers, the management and improvement of our business processes (in particular also corresponding advertising measures) as well as the business analysis and further development of services and products (Art. 6 para. 1 lit. f. GDPR).
We also answer specific inquiries there. This is usually done as part of our contractual relationship with you or, in the case of interested parties, as a pre-contractual measure (Art. 6 para. 1 lit. b GDPR).

ii) For what purpose is the data processed?

Direct contact with customers and interested parties
Statistical evaluations for business analysis and further development of services and products
Provision of information about our company and our products

iii) Further information

Provider of the LinkedIN platform, LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.
If you are a member there, LinkedIn can assign the content and functions on our profile to your user profile there. For more information, please refer to LinkedIn Ireland's data protection information at: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.
As LinkedIn is a US company, some data is also transferred to the USA. This transfer takes place on the basis of the terms of use and data protection conditions agreed between you and LinkedIN when you join this professional network.

m) Hubspot CRM

We use Hubspot CRM on this website. The provider is Hubspot Inc. 25 Street, Cambridge, MA 02141 USA (hereinafter Hubspot CRM).

i) For what purpose are the data processed?

Hubspot CRM allows us, among other things, to manage existing and potential customers and customer contacts, to communicate with you and to plan and execute marketing activities based on your interests. Hubspot CRM allows us to capture, sort and analyze customer interactions via email, social media or phone across multiple channels. The personal data collected in this way can be evaluated and used for communication with the interested party or for marketing measures (e.g. newsletter dispatch). Hubspot CRM also allows us to record and evaluate the user behaviour of our contacts on our website.

ii) Legal basis

Hubspot CRM is used on the basis of Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in customer management and customer communication as efficiently as possible. If consent has been requested, the processing takes place solely on the basis of Art. 6 (1) lit. a GDPR; consent may be revoked at any time.

(iii) Further information

Further information can be found in Hubspot's privacy policy: https://legal.hubspot.com/de/privacy-policy.
The transfer of data to the USA takes place on the basis of the standard contractual clauses of the EU Commission. In the United States, Hubspot Inc. is also certified in the Data Privacy Framework, which ensures an adequate level of data protection.

n) In the context of the contractual relationship

We also use personal data during the start of the contractual relationship with them as well as during the contractual relationship.
These are:

• Name
• Address
• Age and date of birth
• Bank details
• Order and payment history
• other individual data assigned to your customer account and transmitted by you

We also use your name, address, date of birth and bank details for verification purposes.

i) For what purpose are the data processed?

We process your personal data in this context necessary for the performance of the contract as well as to enable the use of services. In addition, the data is also processed for billing purposes.
For purchases made on account or on the basis of other payment terms that require the granting of credit, we may perform a credit check (scoring). For this purpose, we transmit the data you provide to a credit reference agency. On the basis of these data, the probability of a default is determined. If the probability of a payment default is too high, we may reject the respective payment destination after a second manual review.

ii) Legal basis

We collect, process and use personal data only insofar as this is necessary for establishing, structuring or changing the legal relationship (inventory data). These measures are carried out on the basis of Art. 6 para. 1 lit. b GDPR, which allows the processing of data for the fulfillment of a contract or pre-contractual measures.
The creditworthiness check is carried out to fulfill the contract (Art. 6, para. 1 lit. b GDPR) and to prevent payment defaults (legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR). If consent is given in individual cases, the creditworthiness assessment is carried out on the basis of this consent (Art. 6(1)(a) GDPR); consent may be revoked at any time.

(iii) Further information

In the case of individual orders, the collected customer data is deleted with the processing of the order, but usually 3 after the termination of the business relationship. If there is a regular business relationship, your data will remain stored. Statutory storage obligations remain unaffected.

o) In the context of videoconferencing

For communication with our customers, we use e.g. online conference tools. The tools we use are listed in detail below. If you communicate with us via video or audio conference over the Internet, your personal data will be collected and processed by the provider of the respective conference tool and by us.
The conferencing tools collect all the information you provide or access to in order to use the tools (e-mail address and/or your phone number). In addition, the conference tools process the duration of the conference, the start and end (time) of participation in the conference, the number of participants and other "contextual information" about the communication process (metadata).
In addition, the provider of the tool processes all technical data necessary for the processing of online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and connection type.
If content is exchanged, uploaded or otherwise made available within the tool, it is also stored on the servers of the tool provider. This Content includes, but is not limited to, cloud recordings, chat/instant messages, voicemail, uploaded photos and videos, files, whiteboards and other information exchanged while using the Service.
Please note that we do not have complete influence on the data processing processes of the tools used. Our options are largely determined by the company policy of the respective provider. Further information on data processing by the conference tools can be found in the privacy statements of the tools used, which we have listed below this text.

i) For what purpose and on what legal basis are the data processed?

The conference tools are used to communicate with potential or existing contractual partners or to offer our customers certain services (Art. 6 para. 1 lit. b GDPR). In addition, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Insofar as consent has been obtained, the use of the relevant tools is based on this consent; the consent may be revoked at any time with effect for the future.

(ii) Duration of storage

The data collected by us directly via the video and conference tools will be deleted from our systems as soon as you request us to delete it, revoke your consent to storage or the reason for storing the data no longer applies. Stored cookies remain on your device until you delete them. Mandatory statutory retention periods remain unaffected.
We have no influence on the duration of the storage of your data, which are stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

(iii) Further information

Currently used conference tools: Microsoft Teams
We use Microsoft Teams. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. For details on data processing, please refer to the privacy policy of Microsoft Teams: https://privacy.microsoft.com/en-us/privacystatement.

p) In the context of an application

We offer visitors / potential new employees of our website the opportunity to apply to us (e.g. by e-mail, by post or via the online application form).
If you apply to us, we process the related personal data:

• First name, last name
• Address
• Contact details (e-mail address, telephone number)
• Work experience / skills
• Date of birth
• Salary expectations
• Availability / start date / notice period
• Certificates
• CV (content is determined by the applicant)
• Notes from job interviews

Information that you have stored in professional online networks or job exchanges may also be processed if you ask us to include such information in your application (this is therefore only done with your consent, Art. 6 para. 1 lit. a GDPR).

i) For what purpose and on what legal basis do you process your data?

The data you provide as part of your application will be processed and used exclusively for the purpose of candidate selection (decision on the establishment of an employment relationship), in some cases also automatically. The legal bases for this are § 26 BDSG (initiation of an employment relationship) and Art. 6 para. 1 lit b GDPR (General Contract Negotiations).

If, during the application process, we ask you about your gender in the form of the desired title, this is solely due to the fact that we want to address you in the correct way. The reason for stating your age or entering your date of birth is that there is a legal minimum age for some of our activities.
If your application leads to an employment, the data you provide will be processed on the basis of § 26 BDSG and Art. 6 para. 1 lit. b GDPR for the purpose of executing the employment relationship stored in our data processing system.
In the case of an online application directly via our homepage, you will be guided through an input screen based on questions. The data listed above are also queried in a question-and-answer dialogue.
Applicant pool: If we do not make you a job offer, you may be included in our applicant pool. In the event of an admission, all documents and information from the application will be sent to the applicant pool in order to be able to contact you for suitable vacancies.
The admission to the applicant pool takes place solely on the basis of your express consent Art. 1 lit. a GDPR. Acceptance of admission is voluntary and has no relation to the ongoing application procedure. The data subject may revoke his or her consent at any time. In this case, the data will be irrevocably deleted from the applicant pool, unless there are legal reasons for storage.

(ii) Duration of storage

If we are unable to make you a job offer or if you reject a job offer or withdraw your application, we will store your sub-algae for a maximum of 6 months after the completion of the application procedure (rejection or withdrawal of the application). After that, the data will be deleted and the physical application documents destroyed.
The storage serves in particular as evidence in the event of a legal dispute. If it is foreseeable that the data will be needed after the expiry of the 6-month period (e.g. due to an imminent or pending legal dispute), the deletion will only take place if the purpose for the further storage no longer exists.
A longer storage may also take place if you have given your consent (Article 6 (1) lit. a GDPR) or if statutory storage obligations prevent deletion. The data will be irrevocably deleted from the applicant pool no later than two years after the consent was given.

(iii) Further information

Of course, your data will be treated confidentially and only made available to the persons responsible for recruitment (Human Resources, Hiring Managers and other persons involved in the recruitment process of the respective teams). Everyone receives only those data that are necessary for a thorough examination of your documents. Processing and processing therefore takes place strictly in accordance with the responsibility and the “need-to-know” principle.

4 How is data transmitted?

For security reasons and to protect the transmission of confidential content, which you send to us as the site operator, we use an SSL or SSL. TLS encryption. An encrypted connection can be identified by the fact that the address line of the browser changes from “http://” to “https://” and by the lock icon in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

5 What are your rights as a data subject?

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

• Right to information according to Art. 15 GDPR (restrictions according to § 34 Federal Data Protection Act (BDSG) possible)
• Right to rectification according to Art. 16 GDPR
• Right to erasure according to Art. 17 GDPR (restrictions according to § 35 BDSG possible)
• Right to restriction of processing according to Art. 18 GDPR
• Right to object according to Art. 21 GDPR
• Withdrawal of consent pursuant to Art. 7 para. 3 GDPR
• Right to data portability according to Art. 20 GDPR
• Right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR in conjunction with § 19 BDSG

The supervisory authority responsible for us is the Complaints Body for Data Protection:
The State Commissioner for Data Protection and Freedom of Information Rhineland-Palatinate,
Postfach 30 40, 55020 Mainz (additional contact options at: https://www.datenschutz.rlp.de/de/themenfelder-themen/kontakt/)

6 How can I object or revoke?

If you have given us your consent to the processing of personal data, you have the right to revoke your declaration at any time with effect for the future.
You may object to such data processing that we have based on the legal basis "Legitimate Interest" (Art. 6 para. 1 lit. f GDPR).
You also have the right to object to the processing of personal data for direct marketing purposes (Art. 21 (2) GDPR). After an objection has been made, your data will no longer be processed "for direct marketing purposes" (Art. 21 para. 3 GDPR).
To do so, please send your revocation/opposition by e-mail or post to the ZILONIS contact details mentioned at the beginning.

7 Status of the declaration

This privacy policy is currently valid and has the status November 2023.
Due to the further development of the website or due to changed legal or regulatory requirements, it may become necessary to change this privacy policy.

Shop
Wishlist
0 items Cart
My account