Privacy policy

1) Information about the collection of personal data and contact details of the controller

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data is all data with which you can be personally identified.

1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Leeroy Boatey, BOA-T, Kölnerstraße.95, 58509 Lüdenscheid, Deutschland, Tel.: 015752216849, E-Mail: crew@boa-t.de. The controller of personal data is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.B. orders or inquiries to the person responsible). You can recognize an encrypted connection by the string "https://" and the lock symbol in your browser line.

2) Data collection when visiting our website

When using our website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

• Our visited website
• Date and time at the time of access
• Amount of data sent in bytes
• Source/reference from which you came to the site
• Browser used
• Operating system used
• IP address used (if applicable: in anonymous form)

The processing takes place in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. A transfer or other use of the data does not take place. However, we reserve the right to subsequently check the server log files if there are concrete indications of illegal use.

3) Hosting

The hosting services on which this site is based are provided by RAIDBOXES GmbH (Friedrich-Ebert-Straße 7, 48153 Münster, Germany). RAIDBOXES GmbH offers Software as a Service (SaaS) services as part of cloud hosting. RAIDBOXES GmbH automatically collects and stores server log files with information that your browser transmits to us. These are: – Browser type

– Browser type
– Operating system
– Referrer URL (previously visited page)
– Hostname (IP address)

RAIDBOXES GmbH cannot assign this data to specific persons. This data is not merged with other data sources. The data will be deleted after a statistical evaluation at the latest after 7 days. Further information can be found in the data protection regulations of RAIDBOXES GmbH. These can hier be viewed
We have also concluded a contract for order data processing (DPA). This contract regulates the scope, type and purpose of RAIDBOXES GmbH's access to data. The access options are limited only to necessary accesses that are necessary to fulfill the hosting services."

4) Cookies

In order to make your visit to our website attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your device. In some cases, these cookies are automatically deleted after closing the browser (so-called "session cookies"), in some cases these cookies remain on your device longer and enable the storage of page settings (so-called "persistent cookies"). In the latter case, you can find the storage period in the overview of the cookie settings of your web browser.
If personal data is also processed by individual cookies used by us, the processing takes place in accordance with Art. 6 para. 1 lit.b GDPR either for the execution of the contract, in accordance with Art. 6 para. 1 lit. a GDPR in the case of a given consent or in accordance with Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the page visit.
You can set your browser so that you are informed about the setting of cookies and can decide individually on their acceptance or exclude the acceptance of cookies for certain cases or in general
Please note that if you do not accept cookies, the functionality of our website may be limited.

In addition, you can always find your Cookie-Einstellungen for this website:

Cookie-Einstellungen ändern

5) Contact

When contacting us (e.B via contact form or e-mail), personal data will be processed – exclusively for the purpose of processing and answering your request and only to the extent necessary for this purpose. The legal basis for the processing of this data is our legitimate interest in answering your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact is aimed at a contract, the additional legal basis for the processing is Art. 6 para. 1 lit.b GDPR. Your data will be deleted if it can be inferred from the circumstances that the facts in question have been conclusively clarified and provided that there are no statutory retention obligations to the contrary

6) Data processing when opening a customer account

In accordance with Art. 6 para. 1 lit.b GDPR, personal data will continue to be collected and processed to the extent necessary in each case if you inform us of this when opening a customer account. You can find out which data is required for opening an account in the input mask of the corresponding form on our website. A deletion of your customer account is possible at any time and can be done by sending a message to the above address of the person responsible. . After deletion of your customer account, your data will be deleted, provided that all contracts concluded via it have been completely processed, there are no statutory retention periods to the contrary and there is no legitimate interest on our part in further storage.

7) Comment function

As part of the comment function on this website, in addition to your comment, information about the time of creation of the comment and the comment name you have chosen will be stored and published on this website. Furthermore, your IP address is stored for security reasons in order to enable an assignment to the author in the event of illegal comments. Your e-mail address will be stored for contacting you if a third party should object to your published content as illegal.

8) Data processing for order processing

8.1 Insofar as necessary for the execution of the contract for delivery and payment purposes, the personal data collected by us will be passed on to the commissioned transport company and the commissioned credit institution in accordance with Art. 6 para. 1 lit.b GDPR.

In order to process your order, we also work together with the following service provider(s), who support us in whole or in part in the execution of concluded contracts. Certain personal data will be transmitted to these service providers in accordance with the following information.

8.2 Use of payment service providers (payment services)

– giropay
When paying via "giropay", payment is processed by giropay GmbH, An der Welle 4, 60322 Frankfurt/Main, to which we pass on the information you provided during the ordering process together with the information about your order. Your data will be passed on in accordance with Art. 6 para. 1 lit.b GDPR exclusively for the purpose of payment processing and only to the extent that it is necessary for this. You will find further information about the data protection regulations of giropay GmbH at the following Internet address: https://www.giropay.de/rechtliches/datenschutzerklaerung

– Paypal
In the case of payment via PayPal, credit card via PayPal, direct debit via PayPal or – if offered – "purchase on account" or "installment payment" via PayPal, we will pass on your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") as part of the payment processing. The transfer takes place in accordance with Art. 6 para. 1 lit.b GDPR and only to the extent necessary for payment processing.
PayPal reserves the right to carry out a credit report for the payment methods credit card via PayPal, direct debit via PayPal or – if offered – "purchase on account" or "installment payment" via PayPal. For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 para. 1 lit. f GDPR on the basis of PayPal's legitimate interest in determining your solvency. The result of the credit check with regard to the statistical probability of default PayPal used for the purpose of deciding on the provision of the respective payment method. The credit report can contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognized mathematical-statistical methods. Among other things, but not exclusively, address data is included in the calculation of the score values. For further information on data protection law, including on the credit agencies used, please refer to PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for contractual payment processing.

– SOFORT
If the payment method "SOFORT" is selected, payment will be processed by the payment service provider SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter referred to as "SOFORT"), to whom we will pass on the information you provided during the ordering process together with the information about your order in accordance with Art. 6 para. 1 lit.b GDPR. Sofort GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). The transfer of your data takes place exclusively for the purpose of payment processing with the payment service provider SOFORT and only to the extent that it is necessary for this. You can find more information about SOFORT's privacy policy at the following Internet address: https://www.klarna.com/sofort/datenschutz.

9) Online-Marketing

Facebook Pixel for creating Custom Audiences (with Cookie Consent Tool)
Within our online offer, the so-called "Facebook pixel" of the social network Facebook is used, which is operated by Facebook Ireland Limited, 4 Grand Canal Quare, Dublin 2, Ireland ("Facebook").
If a user clicks on an advertisement placed by us that is displayed on Facebook, an addition is added to the URL of our linked page by Facebook Pixel. If our site allows the sharing of data with Facebook via pixels, this URL parameter is written into the user's browser by cookie, which sets our linked page itself. This cookie is then read by Facebook Pixel and enables the data to be forwarded to Facebook.
With the help of the Facebook pixel, Facebook is able to determine the visitors of our online offer as a target group for the presentation of advertisements (so-called "Facebook ads"). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.B interests in certain topics or products, which are determined on the basis of the websites visited), which we transmit to Facebook (so-called "Custom Audiences"). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of the users and do not appear annoying. This is how we can furthermore, evaluate the effectiveness of Facebook ads for statistical and market research purposes by tracking whether users were redirected to our website after clicking on a Facebook advertisement (so-called "conversion").
The data collected is anonymous to us, so it does not allow us to draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook uses the data for its own advertising purposes, in accordance with the Facebook Data Use Policy (https://www.facebook.com/about/privacy/) can be used. The data may enable Facebook and its partners to place advertisements on and off Facebook.
The data processing associated with the use of the Facebook Pixel takes place exclusively with your express consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the "Cookie Consent Tool" provided on the website.

10) Page functionalities

– Google Web Fonts
This site uses so-called web fonts provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google") for the uniform presentation of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to Google's servers. This may also lead to a transmission of personal data to the servers of Google LLC. in the USA. In this way, Google becomes aware that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If your browser does not support web fonts, a standard font will be used by your computer.
For more information about Google Web Fonts, see https://developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy/</p>

11) Tools and Miscellaneous

11.1 Cookie Consent Tool

This website uses a so-called "cookie consent tool" to obtain effective user consent for cookies and cookie-based applications that require consent. The "Cookie Consent Tool" is displayed to users when the page is accessed in the form of an interactive user interface on which consents for certain cookies and/or cookie-based applications can be given by ticking the box. Through the use of the tool, all cookies/services requiring consent are only loaded if the respective user gives corresponding consent by ticking the box. This ensures that such cookies are only set on the respective end device of the user if consent has been given.
The tool sets technically necessary cookies to store your cookie preferences. Personal user data is generally not processed here.
If, in individual cases, the purpose of storing, assigning or logging cookie settings does involve the processing of personal data (such as the IP address), this is done in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in a legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website.
Another legal basis for the processing is Art. 6 para. 1 lit.c GDPR. As the controller, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.
Further information on the operator and the setting options of the cookie consent tool can be found directly in the corresponding user interface on our website.

11.2 Wordfence
For security purposes, this website uses the plugin "Wordfence", a service of Defiant Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter "Wordfence"). The plugin protects the website and the associated IT infrastructure from unauthorized third-party access, cyber attacks as well as viruses and malware. Wordfence collects the IP addresses of users and, if applicable, other data on your behaviour on our website (in particular accessed URLs and header information) to detect and ward off illegitimate page traffic and threats. The captured IP address is compared with a list of known attackers. If the captured IP address is detected as a security risk, Wordfence can automatically block it from accessing the page. The information collected in this way is transmitted to a server of Defiant Inc. in the USA and stored there.
The described data processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interests in the protection of the website against harmful cyber attacks and in the protection of structural and data integrity and security.
Defiant Inc. relies on the standard data protection clauses according to Art. 46 sentence 2 lit.c GDPR as the legal basis for the transfer of data to the USA.
If site visitors to the website have login rights, Wordfence also sets cookies (= small text files) on the visitor's device used. With the help of cookies, certain location and device information can be read out, which allow an assessment of whether the login-authorized access comes from a legitimate person. At the same time, access rights can be evaluated via the cookies and released via an internal firewall according to the authorization level. Finally, the cookies are used to register irregular access by Page administrators from new devices or new locations and to notify other administrators.
These cookies are only set if a user has login rights. Wordfence does not set cookies for site visitors without login authorization.
If personal data is processed via the cookies, the processing is carried out in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest in preventing illegitimate access to the site administration and the defense against unauthorized administrator access.
We have concluded a Data Processing Agreement with Defiant Inc., with which we oblige the company to protect the data of site visitors and not to pass them on to third parties.
Further information on Defiant Inc.'s use of data for Wordfence can be found in Wordfence's privacy policy at https://www.wordfence.com/privacy-policy/.

12) Rights of the data subject

12.1 The applicable data protection law grants you the following rights of data subjects (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the legal basis stated for the respective exercise requirements:

• Right to information in accordance with Article 15 GDPR;
• Right to rectification pursuant to Article 16 GDPR;
• Right to erasure in accordance with Article 17 GDPR;
• Right to restriction of processing pursuant to Article 18 GDPR;
• Right to information pursuant to Article 19 GDPR;
• Right to data portability in accordance with Article 20 GDPR;
• Right to revoke granted consent in accordance with Article 7 (3) GDPR;
• Right to lodge a complaint pursuant to Article 77 GDPR.

12.2 RIGHT TO OBJECT

IF WE PROCESS YOUR PERSONAL DATA IN THE CONTEXT OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO FURTHER PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OUTWEIGH YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL CLAIMS.

IF YOUR PERSONAL DATA IS PROCESSED BY US FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

13) Duration of storage of personal data

The duration of the storage of personal data is based on the respective legal basis, the purpose of the processing and – if relevant – additionally on the basis of the respective statutory retention period (e.B. commercial and tax retention periods).

When processing personal data on the basis of explicit consent in accordance with Art. 6 para. 1 lit. a GDPR, this data will be stored until the data subject revokes his consent.

If there are statutory retention periods for data that are processed within the framework of legal or quasi-contractual obligations on the basis of Art. 6 para. 1 lit.b GDPR, these data will be routinely deleted after expiry of the retention periods, provided that they are no longer required for the fulfilment or initiation of the contract and/or there is no legitimate interest in further storage on our part.

When processing personal data on the basis of Art. 6 para. 1 lit. f GDPR, this data will be stored until the data subject exercises his or her right to object pursuant to Article 21 (1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

When processing personal data for the purpose of direct marketing on the basis of Art. 6 para. 1 lit. f GDPR, this data will be stored until the data subject exercises his right of objection pursuant to Art. 21 para. 2 GDPR.

Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will otherwise be deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.