1. Data protection at a glance
General information
The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data includes all data that can be used to personally identify you. Detailed information on the subject of data protection can be found in our Privacy Policy set out below this text.
Data collection on our website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. The operator’s contact details can be found in this website’s legal notice (Impressum).
How do we collect your data?
On the one hand, your data is collected when you provide it to us. This may include data that you enter into a contact form, for example.
Other data is automatically collected by our IT systems when you visit the website. This data includes primarily technical details (e.g., internet browser, operating system, or the time the page was accessed). The collection of this data takes place automatically as soon as you enter our website.
What do we use your data for?
Some of the data is collected to ensure the error-free provision of the website. Other data may be used to analyze your user behavior.
What rights do you have regarding your data?
You have the right at any time to receive, free of charge, information about the origin, recipient, and purpose of your stored personal data. You also have the right to request the correction, blocking, or deletion of this data. For this purpose, and for further questions on the subject of data protection, you can contact us at any time using the address provided in the legal notice (Impressum). Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
Analysis tools and third-party tools
When you visit our website, your browsing behavior may be analyzed statistically. This mainly happens with cookies and with so-called analysis programs. Your browsing behavior is usually analyzed anonymously; the browsing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You will find detailed information on this in the following Privacy Policy.
You can object to this analysis. We will inform you about the objection options in this Privacy Policy.
2. General information and mandatory disclosures
Data protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations as well as this Privacy Policy.
When you use this website, various personal data are collected. Personal data is any data by which you can be personally identified. This Privacy Policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
We would like to point out that data transmission over the internet (e.g., when communicating via email) may be subject to security vulnerabilities. Complete protection of data from third-party access is not possible.
Note on the responsible entity
The responsible entity for data processing on this website is:
Brand Design Award
Lampingstrasse 3
33615 Bielefeld
Germany
info@branddesignaward.org
The responsible entity is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke any consent you have already given at any time. A simple email to us is sufficient for this purpose. The lawfulness of any data processing carried out until the revocation remains unaffected by the revocation.
Right to lodge a complaint with the competent supervisory authority
In the event of a violation of data protection law, the data subject has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the data protection officer of the federal state in which our company is headquartered. A list of data protection officers and their contact details can be found at this link.
Right to data portability
You have the right to have data which we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a standard, machine-readable format. If you request the direct transfer of the data to another responsible person, this will only take place to the extent that it is technically feasible.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the website operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the address line of the browser changing from “http://” to “https://” and by the lock icon in your browser line.
When SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties.
Encrypted payments on this website
If, after concluding a fee-based contract, there is an obligation to send us your payment data (e.g., account number for a direct debit authorization), this data will be required for payment processing.
Payment transactions via common payment methods (Visa/MasterCard, direct debit) are carried out exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the browser’s address line switching from “http://” to “https://” and by the lock icon in your browser line.
With encrypted communication, any payment data you transmit to us cannot be read by third parties.
Information, blocking, deletion
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin, and recipients, as well as the purpose of data processing and, if applicable, a right to correct, block, or delete this data. For this purpose, and for further questions regarding personal data, you can contact us at any time using the address provided in the legal notice (Impressum).
Objection to advertising emails
We hereby object to the use of contact data published as part of our legal notice obligations for the purpose of sending unsolicited advertising and informational materials. The operators of these pages expressly reserve the right to take legal action in the event unsolicited advertising information is sent, for example, via spam emails.
3. Data collection on our website
Cookies
Some of our internet pages use what are known as cookies. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offerings more user-friendly, effective, and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are “session cookies.” They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser on your next visit.
You can set your browser to inform you about the setting of cookies and allow cookies only in individual cases, to refuse cookies in specific cases or in general, and to automatically delete cookies when closing the browser. If cookies are disabled, the functionality of this website may be limited.
Cookies required to carry out the electronic communication process or to provide certain functions you desire (e.g., the shopping cart function) are stored on the basis of Art. 6(1)(f) of the GDPR. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g., cookies for analyzing your browsing behavior) are stored, they are addressed separately in this Privacy Policy.
Server log files
The provider of these pages automatically collects and stores information in server log files, which your browser automatically transmits to us. These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
These data are not merged with other data sources.
The basis for data processing is Art. 6(1)(f) GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.
Contact form
If you send us inquiries via the contact form, the information you provide on the inquiry form, including the contact details you enter there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.
The processing of data entered into the contact form thus takes place exclusively on the basis of your consent (Art. 6(1)(a) GDPR). You can revoke this consent at any time. A simple email to us is sufficient for this. The lawfulness of any data processing carried out until the revocation remains unaffected.
The data you enter in the contact form remain with us until you ask us to delete them, revoke your consent to store them, or until the purpose for storing the data no longer applies (e.g., after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.
Registration on this website
You can register on our website to use additional features offered on the site. We use the data entered for this purpose only to enable you to use the respective offer or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject the registration.
For important changes, for example in the scope of our offer or for technically necessary alterations, we use the email address provided during registration to inform you accordingly.
The processing of the data provided during registration is based on your consent (Art. 6(1)(a) GDPR). You can revoke any consent you have given at any time. A simple email to us is sufficient for this. The lawfulness of data processing that has already taken place remains unaffected by the revocation.
The data collected during registration is stored by us as long as you are registered on our website and then deleted. Statutory retention periods remain unaffected.
Processing of data (customer and contract data)
We collect, process, and use personal data only insofar as it is necessary for establishing, structuring in content, or modifying the legal relationship (master data). This is carried out on the basis of Art. 6(1)(b) GDPR, which permits the processing of data to fulfill a contract or for pre-contractual measures. We collect, process, and use personal data relating to the use of our internet pages (usage data) only insofar as this is necessary to enable the user to utilize the service or for billing purposes.
Collected customer data will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.
Data transfer upon contract conclusion for online shops, merchants, and goods shipment
We only transfer personal data to third parties if this is necessary in the context of the contract, for example to the company entrusted with delivering the goods or to the credit institution entrusted with handling payments. Any further transfer of data does not take place, or only takes place if you have expressly consented to the transfer. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.
The basis for data processing is Art. 6(1)(b) GDPR, which permits the processing of data to fulfill a contract or for pre-contractual measures.
Data transfer upon contract conclusion for services and digital content
We only transfer personal data to third parties if this is necessary in the context of the contract, for example to the credit institution entrusted with handling payments.
Any further transfer of data does not take place, or only takes place if you have expressly consented to the transfer. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.
The basis for data processing is Art. 6(1)(b) GDPR, which permits the processing of data to fulfill a contract or for pre-contractual measures.
4. Newsletter
Newsletter data
If you would like to receive the newsletter offered on the website, we need an email address from you and information that allows us to verify you are the owner of the provided email address and that you agree to receive the newsletter. No other data are collected, or only on a voluntary basis. We use these data exclusively to send the requested information and do not pass them on to third parties.
The processing of the data entered in the newsletter subscription form is based solely on your consent (Art. 6(1)(a) GDPR). You can revoke your consent to the storage of the data, the email address, and its use for sending the newsletter at any time, for example via the “Unsubscribe” link in the newsletter. The lawfulness of any data processing already carried out remains unaffected by the revocation.
The data you have stored with us for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe. Data that we store for other purposes (e.g., email addresses for the members’ area) remain unaffected.
5. Plugins and tools
YouTube
The controller has integrated YouTube components on this website. YouTube is an internet video portal that allows video publishers to post video clips free of charge and other users to watch, rate, and comment on them free of charge. YouTube permits the posting of all types of videos, which is why entire films and TV programs, but also music videos, trailers, or videos created by users themselves can be accessed via the internet portal.
The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
Every time a page on this website operated by the controller that has a YouTube component (YouTube video) integrated is accessed, the internet browser on the IT system of the data subject is automatically prompted by the respective YouTube component to download a display of the corresponding YouTube component from YouTube. Further information about YouTube can be found at: https://www.youtube.com/yt/about/de/. In the course of this technical procedure, YouTube and Google receive information about which specific subpage of our website is visited by the data subject.
If the data subject is logged in to YouTube at the same time, YouTube recognizes which specific subpage of our website the data subject is visiting when a subpage containing a YouTube video is called up. This information is collected by YouTube and Google and assigned to the data subject’s respective YouTube account.
YouTube and Google receive information via the YouTube component that the data subject has visited our internet page whenever the data subject is logged into YouTube at the time of accessing our internet page; this occurs regardless of whether the data subject clicks on a YouTube video or not. If the data subject does not want this information to be transmitted to YouTube and Google, they can prevent it by logging out of their YouTube account before accessing our website.
The privacy policy published by YouTube, which can be accessed at https://www.google.de/intl/de/policies/privacy/, provides information about the collection, processing, and use of personal data by YouTube and Google.
Vimeo
Our website uses plugins from the Vimeo video portal. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
When you visit a page equipped with a Vimeo plugin, a connection to Vimeo’s servers is established. In the process, the Vimeo server is notified which of our pages you have visited. Vimeo also obtains your IP address. This applies even if you are not logged in to Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to Vimeo’s servers in the USA.
If you are logged in to your Vimeo account, you enable Vimeo to directly assign your browsing behavior to your personal profile. You can prevent this by logging out of your Vimeo account.
For more information on how user data is handled, please see Vimeo’s Privacy Policy: https://vimeo.com/privacy.
Google Maps
This site uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of providing an appealing presentation of our online offers and an easy way of finding locations indicated by us on the website. This constitutes a legitimate interest as defined in Art. 6(1)(f) GDPR.
Further information on the handling of user data can be found in Google’s Privacy Policy: https://www.google.de/intl/de/policies/privacy/.
Adobe Typekit Web Fonts
This site uses so-called web fonts, provided by Adobe Typekit, for uniform font display. When you open a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. For this purpose, the browser you use must connect to Adobe Typekit’s servers.
To provide the Typekit service, Adobe may collect information about the fonts provided on the web server. The information is used for billing and compliance and may include:
- Provided font types
- Set ID
- Account ID
- Service providing the fonts (e.g., Typekit or Edge Web Fonts)
- Application requesting the fonts (e.g., Adobe Muse)
- Server delivering the fonts (e.g., Typekit server or Enterprise CDN)
- Host name of the page on which the fonts are loaded
The use of Adobe Typekit Web Fonts is in the interest of a uniform and attractive presentation of our online offerings. This constitutes a legitimate interest as defined in Art. 6(1)(f) GDPR.
If your browser does not support web fonts, a standard font is used by your computer. Further information on Adobe Typekit Web Fonts can be found at https://typekit.com/ and in Adobe Typekit’s Privacy Policy: https://www.adobe.com/de/privacy/policies/typekit.html.
6. Payment providers
PayPal
On our website, we offer, among other things, payment via PayPal. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22–24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”).
If you choose to pay via PayPal, the payment data you provide will be transmitted to PayPal.
Your data is transmitted to PayPal on the basis of Art. 6(1)(a) GDPR (consent) and Art. 6(1)(b) GDPR (processing for the performance of a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the validity of past data processing operations.
Sofortüberweisung (Instant Transfer)
On our website, we also offer payment via “Sofortüberweisung” (instant transfer). The provider of this payment service is Sofort GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter “Sofort GmbH”).
Using the “Sofortüberweisung” procedure, we receive a real-time payment confirmation from Sofort GmbH, which allows us to immediately begin fulfilling our obligations.
If you opt for the “Sofortüberweisung” payment method, you transmit your PIN and a valid TAN to Sofort GmbH, enabling it to log in to your online banking account. Sofort GmbH automatically checks your account balance after logging in and carries out the transfer to us using the TAN provided by you. It then promptly sends us a transaction confirmation. After logging in, it also automatically checks your transactions, credit limit of your overdraft facility, and the presence of other accounts as well as their balances.
In addition to PIN and TAN, the payment data you provide and data about you are transmitted to Sofort GmbH. The personal data include your first and last name, address, telephone number(s), email address, IP address, and any other data required for the payment process. The transmission of this data is necessary to establish your identity beyond doubt and to prevent fraud attempts.
Your data is transmitted to Sofort GmbH on the basis of Art. 6(1)(a) GDPR (consent) and Art. 6(1)(b) GDPR (processing for the performance of a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the validity of past data processing operations.
Details about payment via “Sofortüberweisung” can be found at the following links:
https://www.sofort.de/datenschutz.html and https://www.klarna.com/sofort/.