Privacy policy

Responsible for data processing is:
Ryzon GmbH
Maastrichter Straße 45
50672 Cologne

Email: info@ryzon.net

Phone: +49(0) 221 30 19 77 2 - 3

We are pleased about your interest in our online shop. The protection of your privacy is very important to us. Below we inform you in detail about the handling of your data.

1. Access data and hosting

You can visit our websites without providing any personal information. Each time a website is accessed, the web server merely automatically saves a so-called server log file, which contains, for example, the name of the requested file, your IP address, the date and time of retrieval, the amount of data transferred, and the requesting provider (access data) and documents the retrieval. These access data are evaluated exclusively for the purpose of ensuring trouble-free operation of the site as well as the improvement of our offer. This serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in a correct presentation of our offer pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR. All access data are deleted at the latest seven days after the end of your visit to the site.

 Hosting

The services for hosting and displaying the website are partly provided by our service providers within the framework of processing on our behalf. Unless otherwise stated in this privacy policy, all access data and all data collected in forms provided for this purpose on this website are processed on their servers. If you have any questions about our service providers and the basis of our cooperation with them, please contact the contact point described in this privacy policy.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection: Canada, New Zealand, Japan, United Kingdom, USA.

The adequacy decision for the USA serves as the basis for the third-country transfer, provided that the respective service provider is certified. Until our service providers are certified, data transfer will continue to be based on this basis: Standard contractual clauses of the European Commission.

Our service providers are located and/or use servers in these countries: Australia, India, Singapore.
For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on these guarantees: Standard contractual clauses of the European Commission.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection: United Kingdom, USA.

The adequacy decision for the USA serves as the basis for the third-country transfer, provided that the respective service provider is certified. Until our service providers are certified, data transfer will continue to be based on this basis: Standard contractual clauses of the European Commission.

2. Data processing for contract processing and for contacting us

2.1 Data processing for contract processing

For the purpose of contract processing (including inquiries and processing of any existing warranty and performance disruption claims as well as any statutory update obligations) pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR, we collect personal data when you voluntarily provide it to us as part of your order. Mandatory fields are marked as such, as we absolutely need the data in these cases to process the contract and we cannot send the order without their information. Which data are collected can be seen from the respective input forms.

Further information on the processing of your data, in particular on the transfer to our service providers for the purpose of order, payment, and shipping processing, can be found in the following sections of this privacy policy. After complete processing of the contract, your data will be restricted for further processing and deleted after the expiration of the tax and commercial law retention periods pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR unless you have expressly consented to further use of your data pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR or we reserve the right to use data beyond this which is permitted by law and about which we inform you in this declaration.

2.2 Customer account

If you have given your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR by deciding to open a customer account, we use your data for the purpose of opening the customer account and storing your data for further future orders on our website. The deletion of your customer account is possible at any time and can either be done by a message to the contact option described in this privacy policy or via a function provided for this purpose in the customer account. After deletion of your customer account, your data will be deleted, unless you have expressly consented to further use of your data pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR or we reserve the right to use data beyond this which is permitted by law and about which we inform you in this declaration.

2.3 Contacting us

In the context of customer communication, we collect personal data to process your inquiries pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR if you voluntarily provide us with this data when contacting us (e.g. via contact form, live chat tool, or e-mail). Mandatory fields are marked as such, as we absolutely need the data in these cases to process your contact. Which data are collected can be seen from the respective input forms. After complete processing of your inquiry, your data will be deleted unless you have expressly consented to further use of your data pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR or we reserve the right to use data beyond this which is permitted by law and about which we inform you in this declaration.

3. Data processing for the purpose of shipping processing

To fulfill the contract pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR, we pass on your data to the shipping service provider commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. If you have any questions about our service providers and the basis of our cooperation with them, please contact the contact point described in this privacy policy.

4. Data processing for payment processing

In the processing of payments in our online shop, we work with these partners: technical service providers, credit institutions, payment service providers.

4.1 Data processing for transaction processing

Depending on the selected payment method, we pass on the data necessary for the processing of the payment transaction to our technical service providers, who act on our behalf as processors, or to the commissioned credit institutions or to the selected payment service provider, insofar as this is necessary for the processing of the payment. This serves the fulfillment of the contract pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR. In part, the payment service providers collect the data required for payment processing themselves, e.g. on their own website or through a technical integration in the order process. In this respect, the privacy policy of the respective payment service provider applies.
If you have any questions about our partners for payment processing and the basis of our cooperation with them, please contact the contact point described in this privacy policy.

4.2 Data processing for the purpose of fraud prevention and the optimization of our payment processes

We may provide our service providers with further data, which they use together with the data necessary for the processing of the payment as our processors for the purpose of fraud prevention and the optimization of our payment processes (e.g. invoicing, processing of contested payments, support of accounting). This serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in our protection against fraud or in efficient payment management pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.

4.3 Identity and creditworthiness check when selecting Klarna payment services

Purchase on account via Klarna
If you decide to use the payment services of Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter Klarna), we ask for your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR that we may transfer the data necessary for the processing of the payment and an identity and creditworthiness check to Klarna. In Germany, the identity and creditworthiness check can be carried out by the credit agencies mentioned in the privacy policy of Klarna. Klarna uses the information obtained on the statistical probability of default for a balanced decision on the establishment, execution, or termination of the contractual relationship. You can revoke your consent at any time by sending a message to the contact option described in this privacy policy. This may result in us no longer being able to offer you certain payment options. You can also revoke your consent to this use of personal data at any time by contacting Klarna directly.

5. Advertising by e-mail

5.1 E-mail newsletter with registration and newsletter tracking

If you subscribe to our newsletter, we use the data required for this or separately provided by you to send you our e-mail newsletter regularly based on your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR. You can unsubscribe from the newsletter at any time and can either do so by sending a message to the contact option described below or via a link provided for this purpose in the newsletter. After unsubscribing, we will delete your e-mail address from the recipient list unless you have expressly consented to further use of your data pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR or we reserve the right to use data beyond this which is permitted by law and about which we inform you in this declaration.

We would like to point out that we evaluate your user behavior when sending the newsletter. To do this, we also analyze how you handle our newsletter by measuring, storing, and evaluating opening rates and click rates to shape future newsletter campaigns ("newsletter tracking").

For this analysis, the sent e-mails contain one-pixel technologies (e.g. so-called web beacons, tracking pixels) which are stored on our website. For the analyses, we particularly link the following "newsletter data"

  • the page from which the page was requested (so-called referrer URL),
  • the date and time of the call,
  • the description of the type of web browser used,
  • the IP address of the requesting computer,
  • the e-mail address,
  • the date and time of registration and confirmation

and the one-pixel technologies with your e-mail address or your IP address and possibly an individual ID. Links contained in the newsletter may also contain this ID.

If you do not wish for newsletter tracking, it is possible to unsubscribe from the newsletter at any time as described above.

The information is stored as long as you have subscribed to the newsletter.

5.2 Newsletter delivery

The newsletter and the newsletter tracking described above may also be sent by our service providers within the scope of processing on our behalf. If you have any questions about our service providers and the basis of our cooperation with them, please contact the contact point described in this privacy policy.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection: United Kingdom.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection: USA.

The adequacy decision for the USA serves as the basis for the third-country transfer, provided that the respective service provider is certified. A certification is available.

Our service providers are located and/or use servers in these countries: Australia. For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on these guarantees: Standard contractual clauses of the European Commission.

6. Cookies and other technologies

6.1 General information

To make visiting our website attractive and to enable the use of certain functions, we use technologies including so-called cookies on various pages. Cookies are small text files that are automatically stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and allow us to recognize your browser on your next visit (persistent cookies).

Protection of privacy for end devices
When using our online offer, we use technologies that are absolutely necessary to provide the telemedia service expressly requested by you. The storage of information in your device or the access to information already stored in your device does not require consent in this respect.

For non-essential functions, the storage of information in your device or access to information already stored in your device requires your consent. We would like to point out that if you do not give consent, parts of the website may not be fully usable. Any consent given will remain in effect until you adjust or reset the respective settings in your device.

Subsequent data processing by cookies and other technologies

We use such technologies that are absolutely necessary for the use of certain functions of our website (e.g. shopping cart function). Through these technologies, IP address, time of visit, device and browser information, as well as information about your use of our website (e.g. information about the content of the shopping cart) are collected and processed. This serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in an optimized presentation of our offer pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.

We also use technologies to fulfill legal obligations to which we are subject (e.g. to be able to prove consent to the processing of your personal data) as well as for web analysis and online marketing. Further information, including the respective legal basis for data processing, can be found in the following sections of this privacy policy.

Cookie settings

The cookie settings for your browser can be found under the following links: Microsoft Edge™ / Safari™ / Chrome™ / Firefox™ / Opera™

If you have given your consent to the use of technologies pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR, you can revoke your consent at any time by sending a message to the contact option described in the privacy policy. Alternatively, you can also access the following link: https://ryzon.net/pages/cookie-settings. If cookies are not accepted, the functionality of our website may be restricted.

6.2 Cookiebot Consent Management Platform

We use Cookiebot on our website to inform you about the cookies and other technologies we use on our website and to obtain, manage, and document your consent to the processing of your personal data by these technologies, if necessary. This is required by Art. 6 para. 1 sentence 1 lit. c GDPR to fulfill our legal obligation pursuant to Art. 7 para. 1 GDPR to be able to prove your consent to the processing of your personal data to which we are subject. Cookiebot is a service provided by Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark, which processes your data on our behalf.
After submitting your cookie declaration on our website, the Cookiebot web server stores your anonymized IP address, the date and time of your declaration, browser information, the URL from which the declaration was sent, information about your consent behavior, and an anonymous random key. A cookie is also used to store information about your consent behavior and the key. Your data will be deleted after twelve months unless you have expressly consented to further use of your data pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR or we reserve the right to use data beyond this which is permitted by law and about which we inform you in this declaration.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection: USA.

The adequacy decision for the USA serves as the basis for the third-country transfer, provided that the respective service provider is certified. A certification is available.

6.3 Information on third-country transfer (data transfer to third countries)

We use technologies from service providers on our website whose headquarters and/or server locations may be in third countries, outside the EU or the EEA. If there is no adequacy decision for this country by the EU Commission, an adequate level of data protection must be ensured by other appropriate guarantees.

Suitable guarantees in the form of contractually agreed standard contractual clauses of the EU Commission or binding internal data protection rules (Binding Corporate Rules) are generally possible but require a prior review by the contracting parties as to whether an adequate level of protection can be guaranteed. According to the case law of the ECJ, it may be necessary to take additional protective measures.
We have generally agreed with the technology providers we use that process personal data in a third country on the standard contractual clauses issued by the EU Commission. Where possible, we also agree on additional guarantees to ensure that adequate data protection is ensured in third countries without an adequacy decision.

Nevertheless, despite all contractual and technical measures, it may happen that the level of data protection in the third country does not correspond to that of the EU. In such cases, we ask you, if necessary, in the context of the cookie consent, for your consent pursuant to Art. 49 para. 1 lit. a GDPR for the transfer of your personal data to a third country.
There is, in particular, the risk that local authorities in the third country may have access rights to your personal data that are not sufficiently limited from a European data protection perspective, that we as the data exporter or you as the data subject may not be aware of this, and/or you may not have sufficient legal remedies available to prevent and/or challenge such access.

In particular, the following countries are currently considered third countries without an adequacy decision by the EU Commission (exemplary enumeration):

  • China
  • Russia
  • Taiwan

In which third countries data transfer is carried out by us, you can find out in the data protection information on the respective tool used and/or by us consent management platform (CMP) used.

7. Use of cookies and other technologies

We use the following cookies and other technologies from third-party providers on our website. Unless otherwise stated in the individual technologies, this is done based on your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR. After the purpose ceases and the end of the use of the respective technology by us, the data collected in this context will be deleted. You can revoke your consent at any time with effect for the future. Further information on your revocation options can be found in the section "Cookies and other technologies". Further information, including the basis of our cooperation with the individual providers, can be found in the individual technologies. If you have any questions about the providers and the basis of our cooperation with them, please contact the contact point described in this privacy policy.

7.1 Use of Google services

We use the following technologies of Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The information automatically collected by the Google technologies about your use of our website is generally transferred to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and stored there. Unless otherwise stated in the individual technologies, data processing is based on an agreement between jointly responsible parties pursuant to Art. 26 GDPR. Further information on data processing by Google can be found in Google's privacy notices.

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection.

Our service providers are located and/or use servers in countries outside the EU and the EEA. For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on the standard data protection clauses of the European Commission.

 Google Analytics

For the purpose of website analysis, data (IP address, time of visit, device, and browser information, as well as information about your use of our website) is automatically collected and stored by Google Analytics, from which usage profiles are created using pseudonyms. Cookies can be used for this purpose. If you visit our website from the EU, your IP address will be stored on a server with a location in the EU for location data derivation and then immediately deleted before the traffic is forwarded for processing on further Google servers. Data processing is based on an agreement on order processing by Google.

For the purpose of optimizing our website marketing, we have activated the data sharing settings for "Google products and services". This allows Google to access and subsequently use the data collected and processed by Google Analytics to improve Google services. Data sharing with Google within the scope of these data sharing settings is based on an additional agreement between controllers. We have no influence on the subsequent data processing by Google.

For the purpose of optimizing our website marketing, we use the so-called User-ID function. With this function, we can assign your interaction data to one or more sessions on our online presences with a unique, permanent ID and thus analyze your user behavior across devices and sessions.

For web analysis, the Google Signals extension function of Google Analytics enables so-called "cross-device tracking". If your internet-enabled devices are linked to your Google account and you have activated the "personalized advertising" setting in your Google account, Google can create reports on your usage behavior (in particular the cross-device user numbers), even if you change your device. Personal data is not processed by us, we only receive statistics created based on Google Signals.

For web analysis and advertising purposes, the DoubleClick cookie of Google Analytics enables the recognition of your browser when visiting other websites. Google will use this information to compile reports on website activity and provide other services related to website usage.

If you do not give us your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR for the use of Google Analytics, no cookies will be stored on your device or read. The data processing described in the previous paragraphs does not take place. To close gaps in web analysis through behavioral and conversion modeling, pings with data (user agent, information about your consent behavior, screen resolution, IP address) are sent to Google.

 Google AdSense

Our website markets space for third-party advertisements through Google AdSense. These ads are displayed to you at various points on this website. The so-called DoubleClick cookie enables the display of interest-based advertising through the collection and processing of data (IP address, time of visit, device, and browser information as well as information about your use of our website) and through the automatic assignment of a pseudonymous user ID, which allows determining interests based on visits to this and other websites.

 Google Ads

For advertising purposes in Google search results and on third-party websites, the so-called Google Remarketing cookie is set when you visit our website, which automatically enables interest-based advertising through the collection and processing of data (IP address, time of visit, device, and browser information as well as information about your use of our website) and through a pseudonymous cookie ID and based on the pages you have visited. Further data processing will only take place if you have activated the "personalized advertising" setting in your Google account. In this case, if you are logged into Google during your visit to our website, Google uses your data together with Google Analytics data to create and define target group lists for cross-device remarketing.

To analyze website usage and track events, we measure your subsequent user behavior through Google Ads Conversion Tracking when you have reached our website via a Google Ads advertisement. Cookies can be used for this purpose, and data (IP address, time of visit, device, and browser information as well as information about your use of our website based on events defined by us, such as visiting a page or subscribing to a newsletter) is collected, from which usage profiles are created using pseudonyms.

If you do not give us your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR for the use of Google Ads, no cookies will be stored on your device or read. The data processing described in the previous paragraphs does not take place. To close gaps in web analysis through behavioral and conversion modeling, pings with data (user agent, information about your consent behavior, screen resolution, IP address, page URL, information about ad clicks in URL parameters) are sent to Google. Your IP address is used to derive the IP country.

 Google Maps

For the visual representation of geographical information, data about your use of the Maps functions, in particular, the IP address and location data, are collected, transmitted to Google, and subsequently processed by Google. We have no influence on this subsequent data processing.

 Google Tag Manager

Through Google Tag Manager, we can manage various codes and services on our website. When implementing the individual tags, Google may also process personal data (e.g. IP address, online identifiers (including cookies)). Data processing is based on an agreement on order processing by Google.

Through the use of Google Tag Manager, it is possible to integrate various services/technologies. If you do not want individual tracking services to be used and have therefore deactivated them, the deactivation remains for all affected tracking tags that are integrated by Google Tag Manager.

 YouTube Video Plugin

To embed third-party content, data (IP address, time of visit, device, and browser information) is collected, transmitted to Google, and subsequently processed by Google through the YouTube Video Plugin in the enhanced privacy mode we use. This only happens if you play a video.

7.2 Use of Microsoft services

We use the following technologies of Microsoft Ireland Operations Ltd., One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland ("Microsoft"). Data processing is based on an agreement between jointly responsible parties pursuant to Art. 26 GDPR. The information automatically collected by the Microsoft technologies about your use of our website is generally transferred to a server of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA, and stored there. Further information on data processing by Microsoft can be found in Microsoft's privacy notices.

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection.

Our service providers are located and/or use servers in countries outside the EU and the EEA. For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on the standard data protection clauses of the European Commission.

 Microsoft Advertising

For advertising purposes in Bing, Yahoo, and MSN search results as well as on third-party websites, the so-called Microsoft Advertising Remarketing cookie is set when you visit our website, which automatically enables interest-based advertising through the collection and processing of data (IP address, time of visit, device, and browser information as well as information about your use of our website) and through a pseudonymous cookie ID and based on the pages you have visited.

To analyze website usage and track events, we measure your subsequent user behavior through Microsoft Advertising Universal Event Tracking (UET) when you have reached our website via a Microsoft Advertising advertisement. Cookies can be used for this purpose, and data (IP address, time of visit, device, and browser information as well as information about your use of our website based on events defined by us, such as visiting a page or subscribing to a newsletter) is collected, from which usage profiles are created using pseudonyms. If your internet-enabled devices are linked to your Microsoft account and you have not deactivated the "interest-based advertising" setting in your Microsoft account, Microsoft can create reports on usage behavior (in particular the cross-device user numbers), even if you change your device, so-called "cross-device tracking". Personal data is not processed by us; we only receive statistics created based on Microsoft UET.

7.3 Use of Facebook services

 Use of Facebook Pixel

We use Facebook Pixel within the scope of the following technologies of Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland ("Facebook (by Meta)" or "Meta Platforms Ireland"). With Facebook Pixel, data (IP address, time of visit, device, and browser information as well as information about your use of our website based on events defined by us, such as visiting a page or subscribing to a newsletter) is automatically collected and stored, from which usage profiles are created using pseudonyms. As part of the so-called extended data matching, information is also collected and stored for matching purposes, which can identify individuals (e.g. names, e-mail addresses, and telephone numbers). For this purpose, a cookie is automatically set by Facebook Pixel when you visit our website, which automatically enables the recognition of your browser when visiting other websites using a pseudonymous cookie ID. Facebook (by Meta) will merge this information with other data from your Facebook account and use it to compile reports on website activity and to provide other services related to website use, in particular personalized and group-based advertising.
The information automatically collected by the Facebook (by Meta) technologies about your use of our website is generally transferred to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, and stored there. Further information on data processing by Facebook can be found in the privacy notices of Facebook (by Meta).

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection: USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.

The adequacy decision for the USA serves as the basis for the third-country transfer, provided that the respective service provider is certified. A certification is available.

Our service providers are located and/or use servers in these countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico. For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on these guarantees: Standard contractual clauses of the European Commission.

7.4 Other providers of web analysis and online marketing services

 Use of etracker for web analysis

For the purpose of website analysis, data (IP address, time of visit, device, and browser information as well as information about your use of our website) is automatically collected and stored using technologies of the etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany ("etracker"), from which usage profiles are created using pseudonyms. Cookies can be used for this purpose. The pseudonymized usage profiles are not merged with personal data about the bearer of the pseudonym without a separate, express consent. etracker acts on our behalf.

 Use of Wix statistics for web analysis

For the purpose of website analysis, data (IP address, time of visit, device, and browser information, location information as well as information about your use of our website) is automatically collected and stored using technologies of Wix Ltd., 40 Nemal St., Tel Aviv 6350671, Israel ("Wix"), from which usage profiles are created using pseudonyms. Cookies can be used for this purpose. The pseudonymized usage profiles are not merged with personal data about the bearer of the pseudonym without a separate, express consent. Wix acts on our behalf.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection: Israel, United Kingdom, USA.

The adequacy decision for the USA serves as the basis for the third-country transfer, provided that the respective service provider is certified. A certification is available.

Our service providers are located and/or use servers in these countries: Brazil, Mexico, India, Ukraine.
For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on these guarantees: Standard contractual clauses of the European Union.

Using the Visitor Recording-Tools of Visitor Analytics, statistics can be created in the context of visitor recordings about where you have scrolled and what you have clicked on the website. This function helps us make the website more user-friendly and fix technical errors.

 Use of Vimeo Video Plugin to embed third-party content

To embed third-party content, data (IP address, time of visit, device, and browser information) is collected, transmitted to Vimeo, and subsequently processed by Vimeo through the video plugin of Vimeo Inc., 330 West 34th Street, 5th Floor, New York 10011, USA ("Vimeo"). Data processing is based on an agreement between jointly responsible parties pursuant to Art. 26 GDPR. The Google Analytics extension function is automatically integrated into the Vimeo video plugin. For the purpose of website analysis, data (IP address, time of visit, device, and browser information as well as information about your use of our website) is automatically collected and stored by Google Analytics, from which usage profiles are created using pseudonyms. Cookies can be used for this purpose. Google Analytics is a service provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The information automatically collected by Google about your use of our website is generally transferred to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and stored there. If you visit our website from the EU, your IP address will be stored on a server with a location in the EU for location data derivation and then immediately deleted before the traffic is forwarded for processing on further Google servers. We have no influence and access to data processing by Vimeo, including settings and results of Google Analytics.

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection.

Our service providers are located and/or use servers in countries outside the EU and the EEA. For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on the standard data protection clauses of the European Commission.

Use of fraud0 for Detecting Invalid and Low-Quality Traffic

We Ryzon GmbH as the website provider use fraud0, a service provided by fraud0 GmbH Sendlinger Straße 7, 80331 Munich, to detect invalid traffic and low-quality traffic and to prevent fraud on our website. By using the fraud0 service, we can detect invalid traffic on our site, improve our online marketing efforts, clean marketing-relevant statistics and improve the usability of our website. 

The data obtained from this service is only used for analysis and mitigation of invalid and low-quality traffic. fraud0 processes data on our behalf and is contractually committed to measures to ensure the confidentiality of the processed data. A data processing agreement with fraud0 has been concluded. The fraud0 technology uses JavaScript pixels. During your website visit, the following data are collected by or through the use of this service: 

Browser and device information, such as the device type and model, manufacturer, operating system type and version (e.g. iOS or Android), web browser type and version (e.g., Chrome or Safari), user-agent, flash version, location information, IP address, JavaScript support, pages visited, time zone, the network connection type, hardware-based identifiers (e.g. MAC address), referrer URL, number of fonts, fonts hash, number of plugins, plugins hash, screen height and width, colour depth, platform, whether the resolution has been tampered, language or OS, whether ad blocking is enabled, whether do not track is enabled.

End-user’s behaviour on Controller’s sites, information, such as click path, session ID, session start/stop time, timezone offset, date and time of visit, usage and behavioural data. 

In our admin interface From fraud0 we receive a classification for invalid and low quality traffic, no personal data. There is no transfer of data to third parties - except as otherwise stated in our data processing agreement with you. When invalid or low quality traffic is detected, we generate invalid audience lists using our tag manager to automatically de-targeted this traffic across all our major buying channels like GoogleAds, Facebook, DV360 etc. Data processing by fraud0 only continues until a classification is done. Data processing by fraud0 will only continue until a classification has been made. The data is stored for further bot analysis with a period of one year. 

Tracking across websites does not happen at any time. We process data by using the fraud0 bot detection service based on Art. 6 lit. f GDPR. It is in the interest of the website operator to classify the users of its website as valid or as invalid traffic. First and foremost, we are preventing fraud (recital 47 of the GDPR), but we can also correct the website statistics by removing invalid traffic shares from our statistics. This will allow us to use our online marketing budget more efficiently and therefore continue to provide our services (as usual/free of charge/at a reasonable price). In case of using additional fraud0 services, we may process your data on another legal basis such as your consent, see further information: https://fraud0.com/privacy-policy/ . The data processing is performed exclusively in the European Union and Data is stored on Google's servers within the European Union and is not intended to be transferred to Google servers in the USA. The User may object to the processing by fraud0 at any time. The privacy policy and contact details of fraud0's data protection officer can be found at the following link: https://fraud0.com/privacy-policy/

8. Social Media

 Our online presence on Facebook (by Meta), Instagram (by Meta), YouTube, Pinterest, LinkedIn

If you have given your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR to the respective social media operator, your data will be automatically collected and stored for market research and advertising purposes when you visit our online presences in the above-mentioned social media, from which usage profiles are created using pseudonyms. These can be used to, for example, place advertisements inside and outside the platforms that are likely to correspond to your interests. Cookies are generally used for this purpose. Detailed information on the processing and use of the data by the respective social media operator, as well as contact options and your rights and settings options for protecting your privacy, can be found in the privacy notices of the providers linked below. If you need further assistance in this regard, you can contact us.

Facebook (by Meta) is an offer of Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland ("Meta Platforms Ireland"). The information automatically collected by Meta Platforms Ireland about your use of our online presence on Facebook (by Meta) is generally transferred to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, and stored there. Data processing in the context of visiting a Facebook (by Meta) fan page is based on an agreement between jointly responsible parties pursuant to Art. 26 GDPR. Further information (information on insights data) can be found here.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection: USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.

The adequacy decision for the USA serves as the basis for the third-country transfer, provided that the respective service provider is certified. A certification is available.

Our service providers are located and/or use servers in these countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico.
For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on these guarantees: Standard contractual clauses of the European Commission.

Instagram (by Meta) is an offer of Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland ("Meta Platforms Ireland"). The information automatically collected by Meta Platforms Ireland about your use of our online presence on Instagram is generally transferred to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, and stored there. Data processing in the context of visiting an Instagram (by Meta) fan page is based on an agreement between jointly responsible parties pursuant to Art. 26 GDPR. Further information (information on insights data) can be found here.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection: USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.

The adequacy decision for the USA serves as the basis for the third-country transfer, provided that the respective service provider is certified. A certification is available.

Our service providers are located and/or use servers in these countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico.
For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on these guarantees: Standard contractual clauses of the European Commission.

YouTube is an offer of Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The information automatically collected by Google about your use of our online presence on YouTube is generally transferred to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and stored there.

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection.

Our service providers are located and/or use servers in countries outside the EU and the EEA. For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on the standard data protection clauses of the European Commission.

Pinterest is an offer of Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland ("Pinterest"). The information automatically collected by Pinterest about your use of our online presence on Pinterest is generally transferred to a server of Pinterest, Inc., 505 Brannan St., San Francisco, CA 94107, USA, and stored there.

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection.

Our service providers are located and/or use servers in countries outside the EU and the EEA. For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on the standard data protection clauses of the European Commission.

LinkedIn is an offer of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn"). The information automatically collected by LinkedIn about your use of our online presence on LinkedIn is generally transferred to a server of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA, and stored there.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection: USA.

The adequacy decision for the USA serves as the basis for the third-country transfer, provided that the respective service provider is certified. A certification is available.

9. Contact options and your rights

9.1 Your rights

As a data subject, you have the following rights:

  • pursuant to Art. 15 GDPR, the right to request information about your personal data processed by us to the extent specified there;
  • pursuant to Art. 16 GDPR, the right to request the correction of inaccurate or incomplete personal data stored by us without undue delay;
  • pursuant to Art. 17 GDPR, the right to request the deletion of your personal data stored by us, unless further processing is required
    • to exercise the right to freedom of expression and information;
    • to comply with a legal obligation;
    • for reasons of public interest, or
    • to establish, exercise, or defend legal claims;
  • pursuant to Art. 18 GDPR, the right to request the restriction of the processing of your personal data, provided that
    • the accuracy of the data is contested by you;
    • the processing is unlawful, but you oppose its erasure;
    • we no longer need the data, but you require it for the establishment, exercise, or defense of legal claims; or
    • you have objected to the processing pursuant to Art. 21 GDPR;
  • pursuant to Art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format, or to request its transmission to another controller;
  • pursuant to Art. 77 GDPR, the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.

Right to object

If we process your personal data as explained above to safeguard our legitimate interests, which predominate in the context of a balancing of interests, you can object to this processing with effect for the future. If the processing is for direct marketing purposes, you can exercise this right at any time as described above. If the processing is for other purposes, you only have a right to object if there are reasons arising from your particular situation.

After you exercise your right to object, we will not process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing is for the establishment, exercise, or defense of legal claims.

This does not apply if the processing is for direct marketing purposes. In that case, we will no longer process your personal data for this purpose.

9.2 Contact options

If you have any questions about the collection, processing, or use of your personal data, for information, correction, restriction, or deletion of data as well as the revocation of any consent given or objection to a particular use of data, please contact our data protection officer.

Data Protection Officer:
Trusted Shops AG
Subbelrather Str. 15c
50823 Cologne
Germany

dsgvo@trustedshops.de