This data protection information applies to the data processing by:
the controller: LaVita GmbH (hereinafter LaVita) Ziegelfeldstraße 10, 84036 Kumhausen, Germany
Email: firstname.lastname@example.org Telephone: +49 871/972 1718 Fax: +49 871/972 1717
The company data protection officer of LaVita can be reached at the above address (to the attention of: Data Protection Department) or can be reached at email@example.com.
When you call up our website www.lavita.de, the browser used on your terminal device automatically sends information to the server of our website. This information is temporarily stored in a “log file”. The following information is recorded without your intervention and stored until automatic deletion after 90 days:
We process the data mentioned above for the following purposes:
If you wish to order products as a guest on our website, we collect the following information:
Data is collected
The data processing is carried out at your request and is necessary for the fulfilment of the contract and pre-contractual measures in accordance with Article 6 para. 1 sentence 1 lit. b GDPR for the aforementioned purposes.
In order to ensure a smooth and easy processing of your order and for a quicker clarification of possible queries, you can also provide additional data:
The provision of this data is voluntary.
The personal data collected by us for the order will be stored until the expiry of the statutory warranty period and automatically deleted thereafter unless we are obliged to store the data for a longer period of time in accordance with Article 6 para. 1 sentence 1 lit. c GDPR because of tax and commercial law storage and documentation obligations (from HGB, StGB or AO) or you have consented to storage beyond this period in accordance with Article 6 para. 1 sentence. 1 lit. a GDPR.
You have the possibility to set up a password-protected user account in which we store your personal data. This serves the purpose of providing you with the greatest possible convenience in processing your orders by making the purchase process easier, faster, and more personal.
If you want to set up a password-protected user account with us, we need the following information from you:
In addition, you must enter a password of your own choice to create a user account. Together with your email address, this enables access to your user account. In your user account you can view and change the data stored about you at any time. You can also login via your Google account. You can find out more about this under point 8 “Social Logins”.
We store your personal data in a user account only if you have voluntarily given us your consent to do so in accordance with Article 6 para. 1 sentence 1 lit. a GDPR.
It is not necessary to create a user account to use our site or place orders. We offer you the possibility to place your order as a guest (see point 2. b). In this case, however, you must re-enter your data with each order.
After deletion of your user account, your data will be automatically deleted for further use unless we are obliged to store the data for a longer period of time in accordance with article 6 paragraph 1 sentence 1 lit. c DSGVO because of tax and commercial law storage and documentation obligations (from HGB, StGB or AO) or you have consented to further storage in accordance with article 6 paragraph 1 sentence 1 lit. a GDPR.
If you have expressly consented in accordance with Article 6 para. 1 sentence 1 letter a GDPR, we will use your email address to send you our blog newsletter on a regular basis. To receive the newsletter, you must simply enter an email address in the newsletter form on the blog home page.
We may also use your email address to send you information about similar products of our company provided you are our existing customer and have not objected to the use of your email address.
In both cases, you can unsubscribe at any time (e.g. via a link at the end of each newsletter). You can send your unsubscribe request by email to firstname.lastname@example.org at any time.
If we send you email newsletters, these newsletters contain elements that react to the reading or confirmation of links within the newsletter and are linked to an individual technical identification. We use this information for the statistical evaluation of all feedback obtained from the use of the newsletter in order to improve the newsletter service for you. We use the services of Exponea for newsletter campaign automation (cf 5. a) VII.).
If you have any questions of any kind, we offer you the opportunity to contact us using a form provided on the website. It is necessary to provide a valid email address so that we know who the enquiry comes from and can answer it. Further information can be provided voluntarily.
The data processing for the purpose of contacting us is carried out in accordance with Article 6 para. 1 sentence. 1 lit. a GDPR on the basis of your voluntarily given consent.
The personal data collected by us for the use of the contact form will be automatically deleted after the completion of your request.
You can send us an unsolicited application using the online application form. In the context of the application procedure, the following personal data will be collected and stored:
You also have the option of voluntarily providing us with your telephone number and a text for further information.
The data processing is carried out at your request and only to the extent that it is necessary to answer your application and establish the employment relationship in accordance with Article 88 para. 1 GDPR in conjunction with Section 26 para. 1 BDSG or if it is necessary to protect our legitimate interests according to Article 6 para. 1 sentence 1 lit. f GDPR.
The data are processed for the purpose of applying for employment. Personal data is regularly deleted 6 months after the end of the application procedure unless you have consented to longer storage in accordance with Article 6 para. 1 sentence. 1 lit. a GDPR.
Your personal data will not be transferred to third parties for purposes other than those listed below.
To the extent permitted by law, and in accordance with Article 6 para. 1 sentence 1 lit. b GDPR for the processing of contractual relationships with you, your personal data will be disclosed to third parties. This includes, in particular, the transfer to shipping companies for the purpose of delivering the goods ordered by you and the transfer of payment data to payment service providers or credit institutions in order to carry out a payment transaction. The data passed on may be used by the third party exclusively for the purposes mentioned.
On the basis of our legitimate interests in accordance with Article 6 para. 1 sentence 1 lit. f GDPR, we may also transfer your data to our partners. The transmission of your data to our partners is necessary for general accounting purposes. This economic interest is to be regarded as a legitimate interest within the meaning of Article 6 para. 1 sentence 1 lit. f GDPR.
In addition, we pass on your personal data to third parties only if:
Information in connection with the specifically used terminal device is stored in the cookie. However, this does not mean that we obtain immediate knowledge of your identity.
We also use temporary cookies, which are stored on your end device for a certain fixed period of time in order to optimise user-friendliness. If you visit our site again to use our services, we will automatically recognise that you have already visited and what entries and settings you have made so that you do not have to enter them again.
The data processed by cookies is required for the purposes mentioned above in order to safeguard our legitimate interests and those of third parties in accordance with Article 6 para. 1 sentence 1 lit. f GDPR.
Most browsers automatically accept cookies. You can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you will not be able to use all the functions of our website.
Here you can manage your cookie settings at any time:
The tracking measures listed below and used by us are carried out on the basis of Article 6 para. 1 sentence 1 lit. f GDPR. With the tracking measures we use, we want to ensure that our website is designed to meet the needs of our customers and is continuously optimised. We also use the tracking measures to statistically record the use of our website and evaluate it for the purpose of optimising our offer for you. These interests are to be considered legitimate within the meaning of the aforementioned provision.
The respective data processing purposes and data categories can be found in the corresponding tracking tools.
For the purpose of designing our pages to meet your needs and continuously optimising them, we use Google Analytics, a web analysis service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, US; hereinafter “Google”). In this context, pseudonymised user profiles are created, and cookies (see under point 4) are used. The information generated by the cookie about your use of this website such as
is transferred to a Google server in the US and stored there. The information is used to evaluate the use of the website, to compile reports on the website activities, and to provide further services connected with the use of the website and the Internet for the purposes of market research and the design of these Internet pages in line with requirements. This information may also be transferred to third parties if required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are made anonymous so that an assignment is not possible (IP masking).
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on.
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link. An opt-out cookie will be set to prevent your data from being collected in the future when you visit this website. The opt-out cookie is valid only in this browser and only for our website and is placed on your device. If you delete the cookies in this browser, you will have to set the opt-out cookie again.
Further information on data protection in connection with Google Analytics can be found in the Google Analytics Help.
In order to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you, we also use Google Conversion Tracking. Google Adwords will set a cookie (see point 4) on your computer if you have reached our website via a Google ad.
These cookies expire after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords client’s website and the cookie has not expired, Google and the client will be able to tell that the user clicked on the ad and was redirected to that page.
Every Adwords client receives a different cookie. Cookies can therefore not be tracked through the websites of Adwords clients. The information collected using the conversion cookie is used to generate conversion statistics for Adwords clients who have opted for conversion tracking. Adwords clients are informed of the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they will not receive information that can be used to identify users personally.
Google Tag Manager is a solution with which we can manage “website tags” via an interface (and thus integrate Google Analytics and other Google marketing services into our online offer). The Tag Manager itself (which implements the tags) does not process any personal data of the users. With regard to the processing of users’ personal data, we refer to the following information on Google services. Usage guidelines: https://www.google.com/intl/de/tagmanager/use-policy.html.
Our website uses the web analysis and optimization service “Google Optimize”, which is provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, US (hereinafter “Google Optimize”). We use the Google Optimize service to enhance the attractiveness, content, and functionality of our website by making new features and content available to a percentage of our users and by statistically evaluating changes in usage. Google Optimize is a sub-service of Google Analytics (see section on Google Analytics).
We use the reCAPTCHA service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, US (hereinafter referred to as “reCAPTCHA”) to protect your blog requests: “Google”). The purpose of the reCAPTCHA query is to identify whether a request is made by a human being or abusively by automated, machine processing.
The query includes the sending of the IP address, the reCAPTCHA entry, and possibly other data required by Google for the reCAPTCHA service to Google. These are transferred to a Google server in the US and stored there.
However, your IP address will be previously anonymised by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area so that it is not possible to assign it. Only in exceptional cases is the full IP address transmitted to a Google server in the US and truncated there.
The processing is carried out on the basis of Article 6 para. 1 sentence 1 lit. f GDPR. In particular, we have a legitimate interest in protecting ourselves from abusive automated spying and from unsolicited email advertising (SPAM).
We use Bing Universal Event Tracking (UET) from Microsoft Bing Ads. This is a service provided by Microsoft Corporation (“Microsoft”). This allows us to track the activities of users on our site when they have come to our site through ads from Bing Ads.
If you enter our website via a Bing Ads display, a cookie (see clause 4) is set on your computer. A Bing UET tag is integrated on our website. This is a code that is used in conjunction with the cookie to store some non-personal data about the use of the website. This includes the time spent on the website, which areas of the website have been accessed, and which display has been used to access the website. Information about your identity is not collected.
This information is transferred to Microsoft servers in the US and stored there for a maximum of 180 days.
For more information about Bing’s analysis services, please visit the Bing website (https://help.bingads.microsoft.com/#apex/3/de/53056/2).
For interest-based marketing purposes, retargeting, optimising our web offer, analysing your surfing behaviour, and marketing campaign automation, this website uses the services of Exponea DE GmbH, Kemperplatz 1, Mitte D, 10785 Berlin.
Exponea uses the following cookies to collect information about the use of our website: https://docs.exponea.com/docs/cookies-storage.
The data collected by the cookies contain the following information: IP address, login data, time zone setting, operating system and platform, information about visits including URL, search terms, information about what you searched or viewed on our site, site response time, download errors, length of visits to certain pages, information about site interaction (e.g., scrolling, clicks, and mouse-overs), the methods used to leave the site, user activities, and web browsing.
Other data (your name, first name, gender, email address) are processed by Exponea only if you have registered for our email newsletter. In this case, we use the data collected to create a user profile in order to provide you with a newsletter tailored to your interests.
The legal basis for data processing by Exponea is Article 6 para. 1 letter f GDPR.
We make it possible for you to control your participation in the data collection yourself. Click here for complete rejection of data collection by Exponea: https://www.lavita.de/opt-out-exponea/
Further information about the services of Exponea can be found at https://exponea.com/de/capabilities/.
Further information on data protection at Exponea can be found at https://exponea.com/de/privacy-policy/.
In the context of our legitimate interest in a technically perfect online offer and its economically efficient design and optimisation in accordance with Article 6 para. 1 lit. f GDPR, we use the analysis software Smartlook s.r.o., Šumavská 524/31, Veveří, 602 00 Brno, Czech Republic.
This software records movements on our website in “heat maps”. The recording is done anonymously. It records where clicks occur and how far visitors scroll down our individual pages. This enables us to make our website more customer-friendly and eliminates malfunctions. The protection of your personal data is ensured by Smartlook. No data can be assigned to specific users. Only mouse movements, click events and their position on the website, and the length of the scroll movement are measured. The screen size of the device, the device type, information about the browser, the country from which the site was accessed, and the preferred language are also recorded. If personal data from you or third parties are displayed on a website, Smartlook will automatically hide them or replace them with cryptic characters. The user profiles created by Smartlook are deleted after 30 days.
You can deactivate Smartlook detection by clicking on the following link: https://www.smartlook.com/de/opt-out
The targeting measures listed below and used by us are carried out on the basis of Article 6 para. 1 sentence 1 lit. f GDPR. Through the targeting measures we use, we want to ensure that you receive only advertising that is oriented to your actual or supposed interests on your end devices. These interests are to be considered legitimate within the meaning of the aforementioned provision.
The respective data processing purposes and data categories can be found in the corresponding targeting tools.
However, we would like to point out that you may not be able to use all functions of this website to their full extent. By using this website, you agree to the processing of the data collected about you by Google in the manner described above and for the aforementioned purpose. You can find more information about Google’s regulations here.
The cookie is automatically deleted after 30 days.
This site uses the advertising service of the company SoD ScreenOnDemand GmbH, Volkartstraße 76, 80636 Munich and the partner dataXtrade GmbH, Dachauer Straße 15c, 80335 Munich (together hereinafter "SoD"). The service is used to display interest-based advertising. In order to display advertisements individually according to your interests, SoD also uses technologies such as cookies or technologies and systems developed by SoD itself, which store information on your terminal device and can access it, provided you have consented to this via the cookie settings (Art. 6 para. 1 lit. a) DS-GVO). In this context, pseudonymous data such as online identifiers (e.g. cookie ID or mobile advertising ID) and transaction data (e.g. when a user viewed an advertisement or clicked on an advertisement) are processed. If you have consented to the transfer to third countries, your data may also be processed by US service providers. Please note that in so-called third countries outside the EU, such as the USA, no adequate level of data protection has currently been recognised by the EU and data processing by local authorities cannot be ruled out. We are responsible for collecting the data on this site and obtaining your consent together with SoD and the partner for the respective processing and have concluded an agreement pursuant to Art. 26 DS-GVO with them. According to this, we are in particular your contact for your data subject rights. However, you can assert your rights against each of the controllers. You can request further information on the agreement with SoD by emailing email@example.com. You can revoke your consent to the collection and processing of data - in addition to the cookie settings - via SoD at any time with effect for the future. SoD provides an opt-out link for this purpose on the website http://screenondemand.de/content-cookie-opt-out/. Further information on data processing in detail and in particular on the storage period at SoD can be found at: https://screenondemand.de/datenschutz-sod-produkte/.
Remarketing tags of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, US (“Facebook”) are integrated on our pages. When you visit our pages, the remarketing tags establish a direct connection between your browser and the Facebook server. Facebook thereby receives the information that you have visited our site with your IP address. This allows Facebook to associate your visit to our sites with your user account. We can use the information thus obtained to display Facebook Ads.
We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook.
We also use Facebook Website Custom Audiences. This is a marketing service of Facebook. This enables us to display individually tailored and interest-based advertising on Facebook for certain groups of pseudonymised visitors to our website who also use Facebook.
A Facebook Custom Audience pixel is integrated on our website. This is a Java Script code used to store non-personal data about the use of the website. This includes your IP address, the browser you use, and the source and destination pages. This information is transferred to Facebook servers in the US. There it is automatically checked whether you have saved a Facebook cookie. The Facebook cookie is used to automatically determine whether you belong to the target group relevant to us. If you belong to the target group, you will be shown corresponding ads from us on Facebook. During this process, neither we nor Facebook will identify you personally by comparing the data.
This link allows you to object to the use of the Custom Audiences service.
We use social plug-ins from the social networks Facebook, Twitter, and Instagram on our website on the basis of Article 6 para. 1 sentence 1 lit. f GDPR in order to make our company better known. The advertising purpose behind this is to be regarded as a legitimate interest within the meaning of the GDPR. The responsibility for data protection-compliant operation must be guaranteed by the respective provider. The integration of these plug-ins by us takes place by means of the “two-click method” in order to protect visitors to our website in the best possible way.
Social media plug-ins from Facebook are used on our platform in order to make their use more personal. For this, we use the “LIKE” or “SHARE” button. This is an offer from Facebook.
If you call up a page of our website that contains such a plug-in, your browser establishes a direct connection to the Facebook servers. The content of the plug-in is transmitted directly to your browser by Facebook and integrated into the website.
Through the integration of the plug-ins, Facebook receives the information that your browser has retrieved the corresponding page of our website, even if you do not have a Facebook account or are not logged in to Facebook. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the US and stored there.
If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook account. If you interact with the plug-ins, for example by pressing the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and displayed to your Facebook friends.
Facebook may use this information for the purposes of advertising, market research, and the design of Facebook pages to meet the needs of the market. For this purpose, Facebook creates usage, interest and relationship profiles (e.g. to evaluate your use of our website with regard to the advertisements displayed on Facebook) in order to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.
If you do not want Facebook to associate the data collected through our website with your Facebook account, you must log out of Facebook before visiting our website.
The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your rights in this regard and setting options to protect your privacy can be found in Facebook’s data protection information.
On our website, you will find plug-ins of the short news network of Twitter Inc. (Twitter). You can recognise the Twitter plug-ins (Tweet button) by the Twitter logo on our site. An overview of Tweet buttons can be found here.
When you call up a page of our website that contains such a plug-in, a direct connection is established between your browser and the Twitter server. Twitter thereby receives the information that you have visited our site with your IP address. If you click the Twitter “Tweet button” while you are logged in to your Twitter account, you can link the contents of our pages on your Twitter profile. This allows Twitter to associate your visit to our sites with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter.
If you do not want Twitter to be able to track visits to our site, please log out of your Twitter account.
Our site also uses social plug-ins (“Plug-ins”) from Instagram, which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, US (“Instagram”).
The plug-ins are marked with an Instagram logo, for example in the form of an “Instagram camera”.
If you call up a page of our website that contains such a plug-in, your browser establishes a direct connection to the Instagram servers. The content of the plug-in is transmitted directly from Instagram to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has retrieved the corresponding page of our website, even if you do not have an Instagram profile or are not logged in to Instagram.
This information (including your IP address) is transmitted directly from your browser to an Instagram server in the US and stored there. If you are logged in to Instagram, Instagram can immediately associate your visit to our website with your Instagram account. When you interact with the plug-ins, for example by clicking the “Instagram” button, this information is also sent directly to an Instagram server and stored there.
The information is also published to your Instagram account and displayed to your contacts.
If you do not want Instagram to associate the data collected through our website directly with your Instagram account, you must log out of Instagram before visiting our website.
On our website and for orders in our on-line shop, we use the buyer protection system of Trusted Shops GmbH, Subbelrather Str. 15c, 50823 Cologne, (“Trusted Shops”) in order to enable customers to safely purchase our products in the online shop.
Within the scope of your orders in our online shop, you have the possibility to use the buyer protection of Trusted Shops and give a rating in the rating system of Trusted Shops. This is done voluntarily.
If you have given us your consent in accordance with Article 6 para. 1 sentence 1 lit. a GDPR during or after your order by activating a corresponding check-box or clicking a button provided for this purpose (“Rate later”), we will pass on your email address to Trusted Shops for the processing of your orders in our online shop.
This consent can be revoked at any time by sending a message to the contact option described below or directly to Trusted Shops.
You have the right:
If your personal data are processed on the basis of legitimate interests in accordance with Article 6 para. 1 sentence 1 letter f GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR if there are reasons for doing so arising from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right of objection, which will be implemented by us without specifying a special situation.
If you would like to make use of your right of revocation or objection, an email to firstname.lastname@example.org is sufficient.
During the ordering process, we use the common SSL (Secure Socket Layer) procedure in connection with the highest encryption level supported by your browser. This is usually a 256 bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the display of the key or lock symbol in the lower status bar of your browser.
We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorised access by third parties. Our security measures are continuously improved in line with technological development.
and printed out.