Thank you for visiting our online shop. Protection of your privacy is
very important to us. Below you will find extensive information about
how we handle your data.
1. Responsible for the processing of data is:
Responsible for our website and the processing of date within the meaning of the General Data Protection
Regulation (GDPR) and the Federal Data Protection Act (BDSG) as well as other data protection regulations is:
Etienne Aigner AG
Represented by the managing board: Sibylle Schön (chairman)
Phone: 089 76993-0
Fax: 089 7607785
Chairman of the supervisory board: Evi Brandl
Registered at: Amtsgericht München, HRB 63254
VAT ID number: DE 129272981
Responsible according to § 18 MStV: Sibylle Schön, Zielstattstraße 27, 81379 München
You can find comprehensive information on the person responsible in our imprint at: https://www.aignermunich.com/imprint
2. Data Protecion Officer
You can contact our data protection officer as follows:
Intersoft consulting services AG
Beim Strohhause 17
3. Access data and hosting
You may visit our website without revealing any personal information. With every visit on the website, the web
server stores automatically only a so-called server log file which contains e.g. the name of the requested file,
your IP address, the date and time of the request, the volume of data transferred and the requesting provider
(access data), the operating system of the user's terminal device, information about the browser, the previous
website from which the user accessed our website.
These access data are analysed exclusively for the purpose of ensuring the smooth operation of the website and
improving our offer. This serves according to Art. 6 (1) 1 lit. f GDPR the protection of our legitimate interests in
the proper presentation of our offer that are overriding in the process of balancing of interests. The data required
to provide the website is already deleted at the end of the session. All other access data is deleted no later than
seven days after the end of your visit on our website.
4. Data collection and use for processing the contract, contact form
We collect personal data that you voluntarily submit to us when you place an order or contact us (e.g. via
contact form or by e-mail). These are contact details such as name, surname, email address, password. Mandatory
fields are marked as such because we absolutely need those data to perform the contract or process your contact
request and you would otherwise not be able to complete your order or send the contact request.
We use the data that you disclose to us to perform the contract according to Art. 6 (1) 1 lit. b GDPR. Insofar
as you send us an enquiry, we process the data provided by you in accordance with Art. 6 (1) 1 lit. f GDPR for the
response to you enquiry.
After complete processing of the contract or answering your customer enquiries, your data will be restricted
for further processing and insofar as it concerns contractual data, deleted after expiry of the retention periods
under tax and commercial law §§ 147 AO, 257 HGB 10 years for tax-relevant facts and 6 years for business/commercial
letters in accordance with § 147 AO, unless you have expressly consented to further use of your data or we reserve
the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.
Insofar as we base data processing in the context of a customer enquiry on our legitimate interest, we delete
the personal data at the latest after 2 years starting with the calendar year in which the enquiry was finally
answered, in order to be able to carry out a quality check.
In the case of data processing based on legitimate interest, you can object to this data processing at any
time. You can send your objection to the following e-mail address [email protected]
or to the contact details under 1. All data stored in connection with the contact will be deleted in this case.
5. Log-In Registration/opening a customer account
We offer you the opportunity to register at out website by providing your personal data, such as title, first
name, surname, email address, password and password confirmation. In addition, your IP address as a user and the
date and time of the log-in are stored at the time of registration.
The data processing is based on the establishment of a contract and the implementation of pre-contractual
measures in accordance with Art. 6 (1) lit. b GDPR. It serves the purpose of making the order process available in a
secure area in the customer account.
As far as the data described above is no longer required for the purposes also described above, the data will
be deleted. In the case of data in connection with contracts, there may still be legal (tax law §§ 147 AO, 257 HGB)
or contractual obligations (warranty) to continue to store the data after termination of the contract.
The deletion of your customer account/log-in registration is possible at any time and can be done by sending an
e-mail to [email protected]
6. Transfer of data
In order to fulfil the contract in accordance with Art. 6 (1) 1 lit. b GDPR, we pass on your data (title, first name, surname, billing/delivery address, telephone, e-mail address, articles)
to service providers (print service providers, shipping service providers, logistics providers, banks, IT service
providers, marketing service providers) for the processing of orders and payments as well as returns, insofar as
this is necessary.
We also use your data to assert and enforce our rights and in this case pass the data on to lawyers, tax
consultants, insurance companies or debt collection agencies.
In addition, we may be obliged to transfer your personal data to public authorities in order to comply with
legal obligations. These may include tax authorities and customs authorities.
If we use service providers outside the EU or the European Economic Area (EEA), we first check the level of
data protection in the country of the service provider to determine whether this is sufficient and take measures in
accordance with Art. 44 ff of the GDPR to achieve a sufficient level of data protection. Where the EU standard
contractual clauses are used, we have taken additional contractual, organisational and technical measures to ensure
the EU level of data protection and have carried out a transfer impact assessment. For more information, please
visit [email protected]
Data are also processed by a provider that we have engaged to render hosting and website presentation services on
our behalf. This serves to protect our legitimate interests in the correct presentation of our offer, which are
outweighed by a balance of interests. This provider processes on its servers all data that are collected in the
manner specified below when you visit our website or fill in forms made available for this purpose in our online
shop. Data are processed on other servers only in the scope described herein.
This service provider, the company maxcluster (maxcluster
), is located in Germany at
Lise-Meitner-Str. 1b in 33104 Paderborn.
6.1 Processing of orders and returns:
a) the following data for order processing: Salutation, first name, last name, billing/delivery address,
telephone, e-mail address, article, in order to make and notify deliveries to the customers.
b) ITG receives the following data from us and you for returns processing: Salutation, first name, last name,
billing/delivery address, telephone, e-mail address, article in order to process the returns.
6.2 Processing of payments:
You can select various payment methods in our webshop (including: credit card, Klarna pay in 30
days, Klarna slice it, PayPal, Apple Pay). Depending on which payment service provider and which payment method you select in
the order process, we pass on the payment data collected for this purpose to the credit institution commissioned
with the payment and, if applicable, to payment service providers commissioned by us.
In some cases, the selected payment service providers (Klarna, PayPal, Apple Pay) also collect this data themselves if you
create an account with them. In this case, you must log in to the payment service provider with your access data
during the ordering process.
Your personal data will be used by the payment service providers to check whether the selected payment option
can be offered to you. Please note that these recipients claim their own right or duty as a legal basis for the data
processing and are therefore considered their own data controllers. Their data protection provisions and T&Cs
Furthermore, we would like to inform you that if you do not pay an invoice, the payment service providers
and/or we may use debt collection agencies. In this case, the collection companies will receive your personal data,
which are necessary to enforce the claim; the data processing is carried out in this respect in accordance with Art.
6 (1) lit. f GDPR.
The following payment service providers process payments for AIGNER:
6.2.1 Credit card payments (VISA, Amex and Master) are made via the company Mollie
Account number or customer ID of the customer, which are used in combination with password, PIN to log in to the
respective online banking at Mollie. First name, last name, billing/delivery address, e-mail address, card
information (combination of card number [PAN], expiry date, verification numbers).
6.2.2 Klarna pay in 30 days, Klarna slice it is carried out via the company Klarna
(Klarna Bank AB (publ)).
Data used as destination address for ordering payment instruments for payment and customer authentication: Postal
address, telephone number, e-mail address, date of birth.
For more information on data protection at Klarna
(Klarna Bank AB (publ)), please see their privacy
6.2.3 PayPal payment is made through PayPal
(Europe) S.à r.l. et Cie, S.C.A.).
Data used as destination address for ordering payment instruments for payment and customer authentication:
Salutation, first name, last name, postal address, telephone number, e-mail address.
You can find more details about data protection at PayPal
(PayPal (Europe) S.à r.l. et Cie, S.C.A.) in their privacy
6.2.4 Apple Pay payment is made through Apple
Data used as destination address for ordering payment instruments for payment and customer authentication:
Salutation, first name, last name, postal address, telephone number, e-mail address.
You can find more details about data protection at Apple
(Apple Inc.) in their privacy
Their data protection provisions and general terms and conditions apply. When selecting the payment service
provider in the order process, we refer to the specifically applicable data protection provisions and general terms
and conditions of the respective payment service provider.
For detailed information on the individual selectable payment service providers and possible recipients, you can
contact us at [email protected]
We process your personal data in accordance with § 26 (1) of the German Federal Data Protection Act (BDSG) insofar
as this data is required for the application procedure in order to make a decision on the establishment of an
employment relationship. This is the following data: first name, last name, address, job position, e-mail address,
curriculum vitae, certificates of previous activities and regarding acquired professional qualifications as well as
voluntary information, such as this may be contained in the covering letter. As a matter of principle, we only
process the personal data that we receive from you as part of the application process.
Insofar as you have expressly consented to inclusion in the applicant pool, the data processing of your personal
data is based on your voluntary and informed consent pursuant to Art. 6 (1) 1 lit. a GDPR, § 26 (2) BDSG. You can
revoke your consent at any time, free of charge, also at [email protected]
or by post to the contact details under point 1.
Your personal data will be deleted within 6 months after completion of the application process, unless you have
expressly given us your consent to store your data for a longer period, we need the data to defend against legal
claims or an employment relationship has been established with you pursuant to § 26 BDSG. If no employment
relationship has arisen, but you have given us your consent for further data processing, we will store this data for
a maximum of three years.
You can apply to us electronically, via e-mail, among other ways. Please note that unencrypted e-mails are not
transmitted in an access-protected form. If you do not wish to do this, please send us your application by post to
the contact details under point 1. We will of course only use your details to process your application and will not
pass them on to third parties.
The data you send us as part of your application will only be processed in the personnel department and by the
superior (head of department) responsible for the specific personnel selection.
We only process your personal data listed above for longer than stated above if this is necessary due to our
overriding legitimate interest pursuant to Art. 6 (1) lit. f GDPR in order to defend ourselves against claims in the
event of a legal dispute. You can object to this at any time free of charge, also at [email protected]
8. Integration of the Trusted Shops Trustbadge / other widgets
The Trusted Shops Trustbadge is integrated on this website to display our Trusted Shops services (seal of approval,
collected reviews) and to offer Trusted Shops products to buyers after an order has been placed.
This serves to safeguard our overriding legitimate interests in optimal marketing by enabling secure shopping in
accordance with Art. 6 (1) 1 lit. f GDPR. The Trustbadge and the services advertised with it are an offer from
Trusted Shops AG, Subbelrather Str. 15C, 50823 Cologne, with whom we are jointly responsible for data protection
according to Art. 26 GDPR. In the context of this data protection notice, we will inform you below about the
essential contents of the contract in accordance with Art. 26 (2) GDPR.
The Trustbadge is provided by an US CDN provider (Content Delivery Network) as part of a shared responsibility. An
appropriate level of data protection is ensured by standard data protection clauses and other contractual measures.
Further information on data protection at Trusted Shops AG can be found here
When the Trustbadge is called up, the web server automatically saves a so-called server log file, which also
contains your IP address, date and time of the call, amount of data transferred and the requesting provider (access
data) and documents the call. The IP address is anonymized immediately after collection, so that the stored data
cannot be assigned to you personally. The anonymised data is used in particular for statistical purposes and for
After the order has been completed, your email address, which has been hashed using a cryptological one-way
function, is transmitted to Trusted Shops AG. The legal basis is Art. 6 (1) 1 lit. f GDPR. This serves to check
whether you are already registered for services with Trusted Shops AG and is therefore necessary for the
fulfillment of our and Trusted Shops overriding legitimate interests in the provision of buyer protection linked to
the specific order and the transactional evaluation services in accordance with Art. 6 (1) 1 lit. f GDPR required.
If this is the case, further processing takes place in accordance with the contractual agreement made between you
and Trusted Shops. If you are not yet registered for the services, you will then be given the opportunity to do so
for the first time. Further processing after registration is also based on the contractual agreement with Trusted
Shops. If you do not register, all transmitted data will be automatically deleted by Trusted Shops AG and a
personal reference is then no longer possible.
Trusted Shops uses service providers in the areas of hosting, monitoring and logging. The legal basis is Art. 6 (1)
1 lit. f GDPR for the purpose of ensuring trouble-free operation. Processing may take place in third countries (USA
and Israel). An adequate level of data protection is ensured in the case of the USA through standard data protection
clauses and further contractual measures and in the case of Israel through an adequacy decision.
As part of the shared responsibility between us and Trusted Shops AG, if you have questions about data protection
and to assert your rights, please contact Trusted Shops AG, whose contact options you can find here.
Irrespective of this, you can always contact us using the contact option described in this data protection
declaration. If necessary, your request will then be forwarded to the other person responsible for an answer.
9. Email newsletter
If you register for the Etienne Aigner AG newsletter on the website, we will use the data required from you in the
form (e-mail address, gender) to inform you weekly about the products and services of Etienne Aigner AG based on
your consent in accordance with Art. 6 (1) 1 lit. a GDPR. You can revoke your consent at any time for the future in
the unsubscribe link of the newsletter or by email to [email protected]
In order to obtain your consent in a legally secure manner, we will send you a confirmation link to the email
address you have provided. Only when you have clicked on this confirmation link is your consent deemed to have been
granted (double opt-in procedure).
The newsletter is sent within the scope of processing on our behalf and according to our instructions by our
service provider ActiveCampaign,
to whom we pass
on your email address for this purpose. This service provider is located in the USA.
10. Sending out of review reminders by e-mail
10.1 If you have given us your express consent to this during or after your order in accordance with Art. 6 (1) 1
lit. a GDPR, we will use your e-mail address, order number as a reference for the reminder to submit an evaluation
of your order via the evaluation system used by us. This consent can be revoked at any time by sending a message to
as well as to the
contact option described below under point 14.2 as well as in the evaluation mail itself for the future without any
disadvantages for you.
10.2 Review reminder by Trusted Shops
If you have given us your express consent to this during or after your order in accordance with Art. 6 (1) 1 lit. a
GDPR, we will transmit your e-mail address, order number as a reference to Trusted Shops AG, Subbelrather Str.
15c, 50823 Cologne (www.trustedshops.de).
This consent can be revoked directly to Trusted Shops.
We store the data collected as part of the evaluation for a maximum of 2 years for quality assurance purposes.
11. Cookies and web-analysis
Cookies are small text files that are automatically stored on your end device. Some of the cookies used by us are
deleted again after the end of the browser session, i.e. after closing your browser (so-called session cookies).
Other cookies remain on your end device and enable us to recognize your browser the next time you visit us
11.1 Basic information
In order to make your visit to our website more attractive and to enable the use of certain functions, to display
suitable products or for market research, we use so-called cookies or other tools on various pages, insofar as you
have explicitly given your consent to this in accordance with Art. 6 (1) 1 lit. a GDPR. This is done in the cookie
consent banner, in which we inform you in detail about the individual cookies, their purpose, storage period, the
data processed by them and about the provider, as well as in section 15.
to [email protected]
, among others, as
well as in the cookie consent banner and/or footer under cookie settings.
11.2 Browser settings
You can set your browser to inform you when cookies are set. Each browser differs in the way it manages cookie
settings. This is described in the help menu of each browser, which explains how you can change your cookie
settings. You can find this for each browser at the following links:
11.3 Cookies / tools
11.3.1 Necessary cookies and functional cookies
These cookies are necessary for you to be able to use our website, i.e. for its display and delivery. These
include, for example, cookies with which you can log in to the customer area or place items in your shopping cart.
We do not require your consent for this. The legal basis is Art. 6 (1) lit. f GDPR in connection with § 25
Telecommunications and Telemedia Data Protection Act (TTDSG).
11.3.2 Analysis / performance cookies
These cookies enable collecting anonymised data about user behaviour on our website. We analyse them e.g. to
improve the functionality of our website and recommend products that are of interest to you. In order to be
able to use these, we request your consent in the cookie consent banner pursuant to Art. 6 (1) 1 lit. a GDPR.
11.3.3 Targeting cookies
These cookies record information about your visit to the website, previously viewed pages and links you have
clicked on. We use this information to customise our website and tailor ads to your interests. In order to be able
to use these, we request your consent in the cookie consent banner pursuant to Art. 6 (1) 1 lit. a GDPR.
11.3.4 Third-party cookies
purposes. In order to be able to use these partners, we ask for your consent in the cookie consent banner
Some of our partner companies are located in third countries, i.e. countries outside the EU/EEA, so that your
personal data may also be processed in a third country that does not have an EU data protection level. We select our
partners carefully and check whether they can be replaced by European providers. If this is not the case, we
conclude appropriate contracts in accordance with Art. 44ff GDPR and take suitable measures to ensure the EU level
of data protection. If data is transferred to an unsafe third country, you will be informed in advance and asked for
your consent pursuant to Art. 49 (1) a GDPR in the cookie consent banner.
11.3.5 Cookie, analysis tool and social media overview
In the overview under point 15 you will find details about the individual cookies (first party, third-party cookie,
duration of storage, provider, third country transfer, purpose, stored data).
12. Analysis tools
Using of Google (Universal) Analytics for web analytics
Insofar as you have given your consent according to Art. 6 (1) 1 lit. a GDPR, this website uses Google (Universal)
Analytics. Google Universal Analytics is an offer from Google Ireland Limited, a company incorporated and operated
under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland (www.google.co.uk).
Google (Universal) Analytics uses methods, like e.g. cookies, that enable an analysis of your use of the website.
The information collected automatically by cookies about your use of this website are as a rule transmitted to and
stored on a Google server in the United States.
At the same time, as IP anonymisation is enabled on this website, the IP address will be shortened before being
transmitted within the area of member states of the European Union or other parties to the Agreement on the European
Economic Area. Only in exceptional cases, the full IP address will be sent to a Google server in the USA and
shortened there. Generally, Google does not associate the anonymised IP address, transmitted from your browser
through Google Analytics, with any other data held by Google.
During your website visit, your user behavior is recorded in the form of "events". Events can be:
- Page views
- First visit on the website
- Start of session
- Your "click path", interaction with the website
- Scrolls (whenever a user scrolls to the bottom of the page (90%))
- Clicks on external links
- Internal search queries
- Interaction with videos
- Seen / clicked ads
- Your approximate location (region)
- Your IP address (in shortened form)
- Technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
- Your internet service provider
- The referrer URL (via which website / via which advertising medium you came to this website)
On behalf of the operator of this website, Google will use this information for the purpose of evaluating your
anonymous use of the website and compiling reports on website activity. The reports provided by Google Analytics are
used to analyze the performance of our website and the success of our marketing campaigns.
Recipients of the data are/may be:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor according to Art. 28 GDPR)
Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
Alphabet Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
It cannot be ruled out that US authorities access the data stored by Google.
Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the
European standard, we have concluded EU standard contractual clauses with the service provider to establish an
appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA.
A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. You do
not have the same rights there as within the EU/EEA. You may not be entitled to any legal remedies against access by
After the end of the purpose, usually after 2 months or the end of the use of Google Analytics by us, the data
collected in this context will be deleted by us.
You may revoke your consent at any time in the cookie consent banner or footer under cookie settings by changing
your settings there.
Alternatively, you can prevent the storage of cookies from the outset by setting your browser software accordingly.
However, if you configure your browser to reject all cookies, this may restrict functionality on this and other
websites. You can also prevent the collection of data generated by the cookie and related to your use of the website
(including your IP address) to Google and the processing of this data by Google, by
a. Not giving your consent to the setting of the cookie or
12.2 Advertising with Google Ads remarketing
We use the Google Ads service. Google Ads is an online advertising programme of Google LLC, 1600 Amphitheatre
Parkway Mountain View, CA 94043, USA. The responsible party for users in the EU/EEA and Switzerland is Google
Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
This means that we place Google Ads and also use Google Remarketing and Conversion Tracking as part of this. The
ads are displayed after search queries on websites of the Google advertising network. In addition, we use Ads
remarketing lists for search ads. This allows us to customise search ad campaigns for users who have visited our
website before. Through the services, we have the ability to combine our ads with specific search terms or to serve
ads to previous visitors that, for example, advertise services that they have viewed on our website. This means that
we can display interest-based advertising to users of our website on other websites within the Google advertising
network (as a "Google Ad" within Google Search or on other websites).
analysis. When clicking on an advertisement or visiting our website, a cookie is set on the user's computer by
Google. These cookies have a duration of 180 days. Further information on the cookie technology used can also be
and we as the customer receive information about the fact that a user has clicked on an advertisement and has been
forwarded to our web pages. The information obtained in this way is used exclusively for statistical analysis to
optimise advertisements. We do not receive any information with which visitors can be personally identified. Your IP
address is transmitted to Google, but since we use Google Analytics on this website, your IP address is anonymised.
The statistics provided to us by Google include the total number of users who clicked on one of our ads and, if
applicable, whether they were redirected to a page on our website that was tagged with a conversion tag. These
statistics allow us to track which search terms were clicked on particularly often and which ads lead to the user
contacting us via the contact form. By integrating Adwords Conversion, Google receives the information that you have
called up a specific part of our website or clicked on one of our ads. If you are registered with Google, Google can
assign you to your account. Even if you are not registered or logged in to the account, Google may be able to find
out your IP address and thus who you are.
Insofar as data is processed outside the EU/EEA, where there is no level of data protection corresponding to the
European standard, we have concluded EU standard contractual clauses with the service provider to establish a secure
level of data protection and have taken further supplementary contractual, organisational and technical measures.
Insofar as data is processed outside the European Economic Area / the EU, where there is no level of data protection
that corresponds to the European standard, Google states that it uses standard
The collection and storage of data only takes place after explicit consent according to Art. 6 (1) 1 lit. a, 49 (1)
1 lit. a GDPR. This can be revoked at any time with effect for the future. You can revoke your consent at any time
for the future in the cookie consent banner or footer under cookie settings by changing your settings there.
However, we and Google still receive statistical information about how many users have visited this page and when.
If you do not wish to be included in these statistics, you can prevent this by using additional programs for your
browser (e.g. with the Ghostery add-on).
In addition to Google Adwords Conversion, we use the Google Adwords Remarketing application based on your
Google Adwords Remarketing, our advertisements can be displayed to you after a visit to our website in the
subsequent internet use by you. This is done by means of cookies stored in your browser, which are used by Google to
record and evaluate your usage behaviour when visiting various websites. In this way, Google can determine your
previous visit to our website. According to its own statements, Google does not combine the data collected in the
course of Google Remarketing with your personal data that may be stored by Google (e.g. because you have registered
for a Google service such as GMail). According to Google, pseudonymisation is used in remarketing.
You can revoke your consent to Google Ads, remarketing and conversion tracking for the future at any time in the
cookie consent banner or footer under cookie settings by changing your settings there.
12.3 Google Tag Manager
For reasons of transparency, we would like to point out that we use the Google Tag Manager of the provider Google
LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The responsible party for users in the EU/EEA and
Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
The Google Tag Manager itself does not collect any personal data. Google Tag Manager makes it easier for us to
integrate and manage our tags. Tags are small code elements that are used, among other things, to measure traffic
and visitor behaviour, to record the impact of online advertising and social channels, to set up remarketing and
targeting, and to test and optimise websites. We use the Tag Manager for the Google Analytics service. If you have
deactivated it, this deactivation will be taken into account by the Google Tag Manager. For more information on the
Google Tag Manager, see: https://www.google.com/intl/de/tagmanager/use-policy.html
12.4 Google reCAPTCHA
We use reCaptcha v2 on our websites. reCAPTCHA is a service provided by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The responsible party
for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St,
Dublin, D04 E5W5, Ireland.
The information collected via fingerprinting about your use of this website is generally transferred to a Google
server in the USA and stored there.
ReCaptcha is used to prevent the misuse of automated entries in web forms and thus to protect the technical systems
of the hoster.
When you call up one of our websites in which reCaptcha is integrated, a connection is established to Google's
servers. A reCaptcha cookie is set. Your IP address is transmitted to Google.
In addition, reCaptcha collects the following data by means of "fingerprinting":
- Browser plugins used
- cookies set by Google in the last 6 months
- number of mouse clicks and touches you have made on this screen
- CSS information for the page you are viewing
- the date
- the browser language
please note that if you do this you may not be able to use the full functionality of this website.
Insofar as data is processed outside the European Economic Area / the EU, where there is no level of data
protection corresponding to the European standard, Google states that it uses standard contractual clauses
The collection and storage of data only takes place after explicit consent according to Art. 6 (1) 1 lit. a, 49 (1)
You can revoke your consent to Google reCaptcha for the future at any time in the cookie consent banner or footer
under cookie settings by changing your settings there.
12.5 ADCELL Partner Programme
This website uses tracking cookies of Firstlead GmbH
(Rosenfelder Str. 15-16, 10315 Berlin) with the brand ADCELL
can find more information on data protection here
. As soon as the visitor clicks on an advertisement with the
Firstlead GmbH / ADCELL uses so-called tracking pixels. These allow information such as visitor traffic on the pages
to be evaluated. The information generated by cookies and tracking pixels about the use of this website (including
user agent information and IP address) and the delivery of advertising formats is transmitted to a server of
Firstlead GmbH / ADCELL and stored there. The servers are located at Firstlead GmbH in Berlin and Hetzner Online GmbH
. Among other things, Firstlead
GmbH / ADCELL can recognise that the partner link on this website has been clicked. Firstlead GmbH / ADCELL may pass
this (anonymised) information on to contractual partners under certain circumstances, but data such as the IP
address will not be merged with other stored data.
This website uses technology from the provider Criteo
, based at 32 Rue Blanche, 75009 Paris, France.
Criteo enables us to collect information about the surfing behaviour of our website visitors for advertising and
marketing purposes in anonymised or pseudonymised form. The service collects browsing behaviour data via cookies
and/or advertising IDs that record the following:
- Events related to your activity on our website (for example, number of pages viewed, products viewed on this
website, searches you have made on this website).
- Information about your terminal device (device type, operating system, version)
- Vague information about your location and information derived from your shortened IP address so that we can only
serve ads for products that are actually available in your country, region or city.
- Events related to Criteo's ad delivery, such as the number of ads displayed to you.
The data collected in this way is used to create user profiles under a pseudonym.
. There you can
also prevent the collection of data for "Criteo Dynamic Retargeting" and "Criteo Sponsored Products" by making the
The collection and storage of data only takes place with your express consent in accordance with Art. 6 (1) 1 lit.
a GDPR. You can revoke your consent for the future at any time in the cookie consent banner or footer under cookie
settings by changing your settings there.
To refuse this interest-based advertising, please visit the following websites:
This website uses Smartlook located at Šumavská 524/31, Veveří, 602 00 Brno, Czech Republic, EU.
Smartlook records movements on the website in so-called heat maps. This makes it possible to recognise anonymously where visitors click and how far they scroll. This allows the website to be designed in a better and more customer-friendly way. All data is collected without it being possible to assign it to specific users. Only how the mouse is moved, where it is clicked and how far it is scrolled can be traced. Furthermore, the screen size of the device, the type of device, information on the browser, the country from which access was made and the preferred language are recorded. If personal data of you or third parties are displayed on a website, these are automatically hidden by Smartlook. They are therefore not traceable for us.
The legal basis for the use of Smartlook is Art. 6 (1) lit. f GDPR.
12.8 New Relic
This website uses New Relic (188 Spear Street, Suite 1200, San Francisco, CA 94105, USA).
This serves the purpose of recording real-time statistical evaluations of the speed, accessibility and performance of the website in order to be able to ensure that the online shop is displayed to website visitors and, in the event of a malfunction, the technical source of the error can be determined in order to restore the accessibility of the website. The placement of this cookie is insofar technically absolutely necessary for the provision of the website. Personal data is not processed in this context.
The data is processed on the basis of our overriding interest in the optimal marketing of our online services in accordance with Art. 6 (1) lit. f GDPR.
Further data on data protection can be found here.
13. Social media plugins
We make reference to social media on our websites, for example by means of a link to
In addition, so-called social media plug-ins ("plug-ins") are used. We use the so-called "shariff" solution. With
the help of shariff, you can determine yourself whether and when data is transmitted to the operators of the
respective social networks. When you visit our websites, no data is therefore automatically transmitted to the
above-mentioned social networks. Only when you yourself actively click on the respective button does your internet
browser establish a connection to the servers of the respective social network, i.e. by clicking on the respective
social media button, you consent to your internet browser establishing a connection to the servers of the respective
social network and transmitting usage data to the respective operator of the social network. Before this happens,
you will be informed that data will be transmitted, to whom it will be transmitted and whether it will be
transmitted to an unsafe third country.
13.1 YouTube video plug-ins
We use services from YouTube, LLC, 901 Cherry Ave, 94066 San Bruno, CA, USA, a subsidiary of Google Inc,
Amphitheatre Parkway, Mountain View, CA 94043, USA, on our website. For users who are habitually resident in the
European Economic Area or Switzerland, Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4,
Ireland is the data controller for your data.
Here, we use a two-click solution to protect your personal data. When you call up a page in which a YouTube video
is embedded, a connection to the YouTube servers is only established when you click on the "confirm" button and
thereby also give your consent Art. 6 (1) lit. a GDPR and to the transfer of data to a third country in accordance
with Art. 49 (1) lit. a GDPR. In this case, YouTube will set cookies and use your visit data for its own purposes.
If you are logged in to YouTube at this time, the information about the videos you have viewed will be assigned to
your YouTube member account. You can prevent this by logging out of your member account before visiting our website.
Insofar as data is processed outside the European Economic Area / the EU, where there is no level of data protection
corresponding to the European standard, Google states that it uses standard contractual clauses. Further information
on YouTube's data protection is provided by Google at the following link: https://policies.google.com/privacy?hl=en-GB&gl=de
You can revoke your consent at any time in the cookie consent banner or footer under cookie settings by changing
your settings there.
Etienne Aigner AG uses the technical platform and services for Instagram of Meta Platforms Inc., 1601 Willow Road,
Menlo Park, CA, 94025 USA, which is managed in Europe by Meta Platforms Limited Ireland, Ltd. 4 Grand Canal Square,
Grand Canal Harbour, D2 Dublin Ireland, for the information service offered. You use the Instagram page and its
functions under your own responsibility, in particular the interactive functions.
When you visit our Instagram page, Instagram collects, among other things, your IP address and other information
that is present on your PC in the form of cookies. This information is used to provide us, as the operator of the
Instagram page, with statistical information about the use of the Instagram page. It is used for authentication,
security, website and product integrity, advertising and measurement, website features and services, performance,
and analysis and research. For more information, please visit the Instagram Help section at the following link: https://help.instagram.com/1896641480634370?cms_id=1896641480634370&published_only=true
Unless you have an Instagram account, you can manage interest-based online ads through the European Interactive
Digital Advertising Alliance settings. The data collection and storage through the use of the above-mentioned
cookies by Facebook can additionally, but also at any time with effect for the future, be objected to via the
following opt-out link: https://www.youronlinechoices.com/uk/your-ad-choices
Under the aforementioned link, you can manage your preferences regarding usage-based online advertising. If you
object to usage-based online advertising with a particular provider using the preference manager, this only applies
to the particular business data collection via the web browser you are currently using. The preference management is
cookie-based. Deleting all browser cookies will also remove the preferences you have set using the preference
You can also configure your browser before visiting our Instagram page so that no cookies are stored by Facebook.
Information on how to adjust the settings for cookies in your browser can be found in the help section of the
browser you are using.
We have no influence on whether and which cookies Facebook sets via our Instagram page and how this data is
The processing of your data by us when you contact us or interact with us via our Instagram page is based on our
legitimate interest pursuant to Art. 6 (1) 1 lit. f GDPR. Our overriding legitimate interest is to contact and
communicate with our interested parties and to respond to their specific requests. If your message is directed
towards the conclusion of a contract or concerns the implementation of an existing contractual relationship, the
legal basis for the processing is also Art. 6 (1) 1 lit. b GDPR.
As a matter of principle, we only store personal data until the respective purpose for which the data was collected
has been achieved. In the context of a business relationship with you, we store your personal data for as long as
the business relationship lasts; this also includes the initiation and execution of a contract as well as the
regular limitation period. In addition, we store the data if and insofar as we are subject to statutory retention
obligations. Such obligations may arise, for example, from the German Commercial Code (HGB) or the German Fiscal
If you have given us consent for a processing operation, the data related to the granting of consent will be stored
until revoked or at the longest for the duration of the processing operation and after its termination within the
scope of the statute of limitations.
There is no legal or contractual obligation to provide your personal data to us or to Meta Plaforms Inc. Failure to
provide such data will not have any negative consequences.
For statistical evaluation purposes, we use the Instagram insights function. In this context, we receive anonymised
data in the form of statistics, which Meta Platforms Inc. collects via cookies and pixels, among other things, on
the visitors to our Instagram page. This does not allow us to draw any conclusions about your person.
The following information is provided to us by Facebook with Instagram insights:
- Interactions: Promotional clicks as well as the percentage of clicks to the profile.
- Discovery: How many people were reached, impressions as well as new subscribers.
- Promotion: Gives an overview of how long the promotion has been running and how much has been spent so far.
- Target group: Demographic data such as gender, age and most popular locations.
Meta Platforms provides more detailed information on the insights functions in its Instagram privacy statement (https://instagram.com/about/legal/privacy
In the Instagram help section, there is a guide explaining which settings need to be made in order to decide in
which form targeted advertising is displayed. You can access these by selecting the "Manage your account" tab under
the link https://help.instagram.com/ and then "Instagram ads".
The data collected about you in this context will be processed by Meta Platforms Limited Ireland. and in the process
may be transferred to countries outside the European Union, at least a transfer to the parent company in the USA is
what information about you is transferred here and how it is processed.
In what way Instagram processes the data for its own purposes and to what extent activities on the Instagram page
are assigned to individual users, the storage period, the transfer to third parties, is not conclusively defined in
concrete terms by Meta Platforms Limited Ireland. We are not aware of this. When accessing the Instagram page, the
IP address of your end device is transmitted anonymously for German addresses and deleted after 90 days. Meta
Platforms Limited Ireland also stores information about the end devices of its users so that it may be possible for
Instagram Inc. to assign them to individual users.
13.3 Meta Pixel
For marketing purposes, this website uses so-called conversion and retargeting tags (also "meta pixels") of the provider Meta, i.e. Metaplatforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter Meta).
If we have your consent, the meta pixel will be set in your terminal device and the following information will be read out and the following data will be collected when you visit the website: Web pages visited, interest in content, access times, page views, first visit on the website, internal search queries, device information, your IP address, your location, your e-mail address, your telephone number, your gender, your first and last name, your date of birth, your user ID, your address.
We process this data for the following events, i.e. for the following purposes: page view (number of views of a particular website under a web browser), view content (pure visit on the website), add to cart (adding an item to the shopping cart), purchase (completion of the purchase with order confirmation) and initiate checkout (start the purchase process) have been collected and transmitted from there to our server. This website uses the meta pixel to analyse the general use of the website and to track the effectiveness of meta advertising ("conversion"). In addition, the meta pixel is used to show you individualised advertising messages based on your interest ("retargeting"). For this purpose, Meta processes data that the service collects via cookies and similar technologies on this website.
Due to the combined marketing tools used (Meta Pixel and Conversions API), your browser automatically establishes a direct connection with the server of Metaplatforms Ireland Ltd. (Meta) as soon as we have your consent pursuant to Art. 6 (1) lit. a, 49 (1) lit. a GDPR in connection with § 25 (1) Telecommunications and Telemedia Data Protection Act (TTDSG). Insofar as the above-mentioned data is collected, processed and also transmitted to Meta for the event add to cart (adding an item to the shopping cart), purchase (completion of the purchase with order confirmation) and initiate checkout (starting the purchase process), this is done in accordance with § 25 (2) 2 Telecommunications and Telemedia Data Protection Act (TTDSG), because this information which is collected and processed is required for the desired telemedia service of the user, selection of the product and insertion into the shopping cart, the payment function and for the completion of the ordering process and the purchase. In terms of data protection law, on the other hand, the transmission to Meta and thus also to the USA is based on your consent in accordance with Art. 6 (1) lit. a, 49 (1) lit. a GDPR.
The meta pixel is integrated by Meta when you call up our website immediately after you have given us your consent to user-based advertising (the creation of individualised or suitable advertisements, as well as for their optimisation) in accordance with § 25 para. 1 TTDSG in conjunction with Art. 6 para. 1 lit. a, 49 para. 1 lit. a DSGVO and can save a so-called cookie, i.e. a small file, on your device. If you subsequently log in to Facebook (Meta) or visit Facebook (Meta) while logged in, your visit to our website will be noted in your profile. The data collected about you is anonymous for us, so it does not allow us to draw any conclusions about the identity of the user. However, the data is stored and processed by Meta so that a connection to the respective user profile is possible. The processing of the data by Meta takes place within the framework of Meta's data usage policy. Accordingly, you can find more information on how the remarketing pixel works and generally on the display of Facebook ads in Facebook's data usage policy: https://www.facebook.com/privacy/policy.
It is not excluded that Metaplatforms Ireland Ltd. also transmits the collected data to the parent company in the USA, i.e. to an insecure third country where there is no level of data protection comparable to that in the EU. In this respect, your consent also constitutes consent to data processing in the USA.
The service provider of this tool, Meta Pixel, is the American company Meta Platforms Inc., 1601 S. California Avenue, Palo Alto, CA 94304, USA. The company Meta (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) is responsible for the European region. You can find out more about data protection at Meta under https://www.facebook.com/about/privacy and https://www.facebook.com/settings?tab=ads.
The standard contractual clauses of the EU Commission have been concluded for data transfer to the USA. You can find further details here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://www.facebook.com/help/566994660333381. At the same time, there are data security conditions under https://www.facebook.com/legal/terms/data_security_terms. For more information on when Facebook discloses personal data to security authorities, see https://www.facebook.com/safety/groups/law/guidelines. Meta also publishes a transparency report at https://transparency.fb.com/data/?source=https%3A%2F%2Ftransparency.facebook.com%2f and https://www.facebook.com/legal/terms/data_security_terms.
With regard to the collection of data on our website with the help of this meta tool (Meta Pixel) and the transfer of this data to Meta, we are jointly responsible with Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland pursuant to Art. 26 GDPR for the collection of data and the transfer to Meta Platforms Ireland Limited. Insofar as Meta Platforms Ireland Limited transfers this data to the parent company in the USA or to a third party, this is not covered by the joint responsibility. The substantive joint responsibility agreement between Metaplatforms Ireland Limited and us can be found at https://www.facebook.com/legal/controller_addendum. In this agreement, we have assumed responsibility for the implementation of the tool on our homepage and the provision of the privacy notice, whereas Metaplatforms Ireland Limited is responsible for data security. You can exercise your data subject rights in relation to the data processed by Metaplatforms directly against Metaplatforms Ireland Limited. If you exercise these rights against us, we will promptly forward these requests (e.g. access, deletion) to Metaplatforms Ireland Limited.
We do not know how Meta further processes your data for its own purposes. You can find out more about this under: https://www.facebook.com/legal/terms/dataprocessing.
Further information on data protection at Meta (Facebook) can be found at: https://www.facebook.com/privacy/policy/.
You can object to the collection by the Meta pixel and use of your data for the display of Meta ads. To do so, you can visit the page set up by Meta and follow the instructions there on the settings for usage-based advertising: https://www.facebook.com/settings or declare the objection via the page https://www.aboutads.info/choices/ or https://www.youronlinechoices.com/. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.
For more details, see:
13.4 Use of the Meta Conversion API
This website uses the Meta Conversion API, a server-side event tracking tool that can be used to enrich not only web events but also data from offline events.
The Meta Conversion API is a server-side data interface. Via this interface, we share with Meta the data that we collect on our website about your behaviour during the event (purchase) and that was transmitted from there to our server in order to send you an order confirmation when you complete the purchase. On the server side, the following personal data is collected:
- Visited websites
- Interest in content
- Access times
- Page impressions
- First visit on the website
- Internal search queries
- Device information
- Your IP address
- Your location
- Your email address
- Your telephone number
- Your gender
- Your first and last name
- Your date of birth
- Your user ID
- Your address
Etienne Aigner processes the following data from you email address, telephone number, gender, first and last name, date of birth and address. This data is transferred via the Meta Conversion API to Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter Meta). We do not enrich the data transmitted to Meta. Meta uses this data to create user statistics in order to be able to play out user-specific advertising in order to achieve an increase in reach and higher sales.
In doing so, your personal data may be processed by Meta in the USA, an insecure third country. There is no equivalent level of EU data protection in the USA. The use of the Conversion API and the data transfer of the above-mentioned data to the USA is based on Art. 6 (1) lit. a, 49 (1) lit. a GDPR and § 25 (1) Telecommunications and Telemedia Data Protection Act (TTDSG). With your consent, you therefore also agree to data processing in the USA. The consent can be freely revoked at any time for the future. You can object to your consent for data processing by the Conversion API for this web domain at any time with effect for the future at Meta (Facebook) and check at https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Foff_facebook_activity, https://www.facebook.com/help/2207256696182627/?ref=ofa and https://www.facebook.com/help/contact/1994830130782319.
Insofar as the above data is collected, processed and transmitted to Meta for the event purchase (conclusion of the purchase with order confirmation), this is done in accordance with § 25 (2) 2 Telecommunications and Telemedia Data Protection Act (TTDSG), because this information, which is collected and processed, is required for the telemedia service of the purchase requested by you. In terms of data protection law, however, the transmission to Meta and thus also to the USA is based on your consent in accordance with Art. 6 (1) lit. a, 49 (1) lit. a GDPR.
The service provider of this tool, Meta Conversion API, is the American company Meta Platforms Inc, 1601 S. California Avenue, Palo Alto, CA 94304, USA. Meta (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) is responsible for the European region. You can find out more about data protection at Meta under https://www.facebook.com/about/privacy and https://www.facebook.com/ads/settings.
We have concluded the standard contractual clauses of the EU Commission with Meta for data transfer to the USA. You can find details here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://www.facebook.com/help/566994660333381.
At the same time, there are data security conditions under https://www.facebook.com/legal/terms/data_security_terms. For more information about when Meta discloses personal data to security authorities, see https://www.facebook.com/safety/groups/law/guidelines. Meta also publishes a Transparency Report at https://transparency.fb.com/data/?source=https%3A%2F%2Ftransparency.facebook.com%2f and https://www.facebook.com/legal/terms/data_security_terms.
We do not know how Meta Platforms Ireland Limited further processes your data for its own purposes. You can find out more about this at: https://www.facebook.com/legal/terms/dataprocessing.
You can find further information on data protection at Meta Platforms Ireland Limited (Facebook) at: https://www.facebook.com/privacy/policy.
14. Contact possibilities and your rights
14.1 You have the following rights:
+ Art. 15 GDPR, the right to obtain information about your personal data which we process, within the scope described therein;
+ Art. 16 GDPR, the right to immediately demand rectification of incorrect or completion of your personal data stored by us;
+ Art. 17 GDPR, the right to request erasure of your personal data stored with us, unless further processing is
- to exercise the right of freedom of expression and information;
- or compliance with a legal obligation;
- for reasons of public interest or
- for establishing, exercising or defending legal claims;
+ Art. 18 GDPR, the right to request restriction of processing of your personal data, insofar as
- the accuracy of the data is contested by you;
- the processing is unlawful, but you refuse their erasure;
- we no longer need the data, but you need it to establish, exercise or defend legal claims, or
- you have lodged an objection to the processing in accordance with Art. 21 GDPR;
+ Art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used
and machine-readable format or to request its transmission to another controller;
+ Art. 7 (3) GDPR, the right to revoke your consent at any time without detriment for the future, gladly also by
email to [email protected]
+ Art. 77 GDPR, the right to complain to a supervisory authority . As a rule, you can contact the supervisory
authority at your habitual place of residence or workplace or at our company headquarters. In our case, the Bavaria
DPA (Data Protection Authority ), Promenade 18, 91522 Ansbach or online at https://www.lda.bayern.de/de/beschwerde.html
+ Art. 21 GDPR, the right to object at any time to data processing based on Art. 6 (1) lit. e and f GDPR if your
interest in not having the data processed exceeds our interest in the data processing or if we use the data
processing for reasons of direct advertising or for profiling which is related to direct advertising. You can also
lodge your objection by e-mail to [email protected]
or by post to the company's address.
Right to object
If we process personal data as described above to protect our legitimate
interests that are overriding in the process of balancing of interests, you may object to such data processing with
future effect. If your data are processed for direct marketing purposes, you may exercise this right at any time as
described above. If your data are processed for other purposes, you have the right to object only on grounds
relating to your particular situation.
After you have exercised your right to object, we will no longer
process your personal data for such purposes unless we can demonstrate compelling legitimate grounds for the
processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal
This does not apply to the processing of personal data for direct marketing purposes. In such a
case we will no longer process your personal data for such purposes.
To exercise your above rights, please contact us by email at
or by post at the company's address. The exercise of your above rights is free of charge for you.
14.2 Contact option
If you have any questions regarding the collection, processing or use of your personal data, for information,
correction, restriction or deletion of data as well as revocation of consent given or objection to a certain use of
data, please contact us directly via the contact details in our imprint or also directly to the data protection
officer by email [email protected]