Privacy Policy

1. Data Protection at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally. Detailed information on data protection can be found in our privacy policy listed under this text.

Data Collection on This Website

Who is responsible for data collection on this website?

The data processing on this website is carried out by the website operator. You can find their contact details in the “Note on the Responsible Party” section of this privacy policy.

How do we collect your data?

Your data is collected in part by you providing it to us. This may include data you enter into a contact form.

Other data is automatically or with your consent collected by our IT systems when you visit the website. These are mainly technical data (e.g., internet browser, operating system, or time of page view). This data collection happens automatically as soon as you enter this website.

What do we use your data for?

Some of the data is collected to ensure the website is provided without errors. Other data may be used to analyze your user behavior. If contracts can be concluded or initiated through the website, the data provided will also be processed for contract offers, orders, or other service requests.

What rights do you have regarding your data?

You have the right to request information about the origin, recipients, and purpose of your stored personal data at any time, free of charge. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can withdraw this consent at any time for the future. Furthermore, you have the right, under certain circumstances, to request the restriction of processing your personal data. Additionally, you have the right to lodge a complaint with the competent supervisory authority.

If you have any further questions about data protection, feel free to contact us at any time.

Analysis Tools and Third-Party Tools

When visiting this website, your browsing behavior can be statistically analyzed. This is mainly done with so-called analysis programs.

Detailed information about these analysis programs can be found in the following privacy policy.

2. Hosting

We host the content of our website with the following provider:

All-Inkl

The provider is ALL-INKL.COM – Neue Medien Münnich, owned by René Münnich, Hauptstraße 68, 02742 Friedersdorf (hereinafter All-Inkl). You can find further details in All-Inkl’s privacy policy: https://all-inkl.com/datenschutzinformationen/.

Using All-Inkl is based on Art. 6 (1) lit. f GDPR. We have a legitimate interest in ensuring our website is displayed as reliably as possible. If explicit consent has been requested, processing will only occur based on Art. 6 (1) lit. a GDPR and § 25 (1) TDDG, provided the consent includes storing cookies or accessing information on the user’s device (e.g., device fingerprinting) as per TDDG. Consent can be withdrawn at any time.

Order Processing

We have entered into a data processing agreement (DPA) to use the above-mentioned service. This is a legally required contract ensuring that the personal data of our website visitors is processed only according to our instructions and in compliance with the GDPR.

3. General Information and Mandatory Information

Data Protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains which data we collect and how we use it. It also explains how and for what purpose this occurs.

We point out that data transmission over the internet (e.g., communication via email) may have security gaps. Complete protection of data against access by third parties is not possible.

Note on the Responsible Party

The responsible party for data processing on this website is:

DJ FD UP!
Niccolo Bonini
Darmstädter Str. 9
10707 Berlin

Phone: +49 171 9462531
Email: info@deejayfdup.com

The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data (e.g., names, email addresses, or similar).

Storage Duration

Unless a more specific storage duration is mentioned in this privacy policy, your personal data will remain with us until the purpose for processing the data is no longer applicable. If you make a legitimate request for deletion or withdraw your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial retention periods); in the latter case, deletion will take place after these reasons no longer apply.

General Information on the Legal Basis for Data Processing on This Website

If you have given consent to data processing, we process your personal data on the basis of Art. 6 (1) lit. a GDPR or Art. 9 (2) lit. a GDPR if special categories of data are processed under Art. 9 (1) GDPR. In the case of explicit consent for transferring personal data to third countries, data processing is also based on Art. 49 (1) lit. a GDPR. If you have consented to the storage of cookies or access to information on your device (e.g., via device fingerprinting), data processing will also occur on the basis of § 25 (1) TDDG. Consent can be withdrawn at any time. If your data is necessary for contract fulfillment or the performance of pre-contractual measures, we process your data based on Art. 6 (1) lit. b GDPR. Additionally, we process your data if it is necessary for fulfilling a legal obligation based on Art. 6 (1) lit. c GDPR. Data processing may also be based on our legitimate interest under Art. 6 (1) lit. f GDPR. Specific legal bases for data processing will be outlined in the following sections of this privacy policy.

Recipients of Personal Data

As part of our business operations, we work with various external parties. In some cases, it is necessary to transmit personal data to these external parties. We only pass on personal data to external parties if it is necessary for fulfilling a contract, if we are legally obligated to do so (e.g., passing data to tax authorities), if we have a legitimate interest in passing on the data under Art. 6 (1) lit. f GDPR, or if another legal basis permits the data transfer. When using processors, we only share personal data of our customers based on a valid data processing agreement. In the case of joint processing, a joint processing agreement is concluded.

Revocation of Your Consent to Data Processing

Many data processing operations are only possible with your explicit consent. You can revoke your consent at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to Object to Data Collection in Special Cases and to Direct Marketing (Art. 21 GDPR)

IF THE DATA PROCESSING IS BASED ON ART. 6 (1) LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME ON GROUNDS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE LEGAL BASIS FOR THE PROCESSING CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS OR THE PROCESSING IS NECESSARY FOR THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS (RIGHT TO OBJECT UNDER ART. 21 (1) GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR SUCH MARKETING PURPOSES; THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (RIGHT TO OBJECT UNDER ART. 21 (2) GDPR).

Complaint Right with the Competent Supervisory Authority

In the event of violations of the GDPR, affected individuals have the right to lodge a complaint with a supervisory authority, in particular in the member state of their usual residence, place of work, or the place of the alleged infringement. The complaint right exists without prejudice to other administrative or judicial remedies.

Right to Data Portability

You have the right to request that data we process based on your consent or in fulfillment of a contract be provided to you or to a third party in a common, machine-readable format. If you request direct transmission of the data to another responsible party, this will only be done to the extent technically feasible.

Access, Correction, and Deletion

You have the right to request access to your stored personal data, its origin, recipients, and the purpose of processing at any time in accordance with applicable law, as well as a right to correction or deletion of this data. For further questions about personal data, feel free to contact us at any time.

Right to Restrict Processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time for this. The right to restrict processing applies in the following cases:

• If you dispute the accuracy of your personal data stored with us, we usually need time to verify it. During the verification process, you have the right to request the restriction of processing of your personal data.
• If the processing of your personal data was unlawful, you can request the restriction of data processing instead of deletion.
• If we no longer need your personal data but you need it to exercise, defend, or assert legal claims, you have the right to request the restriction of processing instead of deletion.
• If you have filed an objection under Art. 21 (1) GDPR, a balancing must be made between your and our interests. As long as it is not yet clear whose interests outweigh, you have the right to request the restriction of processing of your personal data.

If you have restricted the processing of your personal data, such data – except for storage – may only be processed with your consent or to assert, exercise, or defend legal claims or to protect the rights of another person or for reasons of important public interest of the European Union or a member state.

SSL or TLS Encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator. You can recognize an encrypted connection by the change of the browser address line from “http://” to “https://” and by the lock symbol in your browser line.

When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

4. Data Collection on This Website

Cookies

Our websites use so-called “cookies”. Cookies are small data packets and do not harm your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted after your visit. Persistent cookies remain stored on your device until you delete them yourself or until an automatic deletion takes place through your web browser.

Cookies can originate from us (first-party cookies) or from third parties (so-called third-party cookies). Third-party cookies allow the integration of certain services from third parties within web pages (e.g., cookies for processing payment services).

Cookies serve various functions. Many cookies are technically necessary as certain website functions would not work without them (e.g., shopping cart function or displaying videos). Other cookies may be used to evaluate user behavior or for advertising purposes.

Cookies necessary for performing the electronic communication process, providing certain features you request (e.g., shopping cart function), or optimizing the website (e.g., cookies for measuring website audience) are stored based on Art. 6 (1) lit. f GDPR, unless another legal basis is provided. The website operator has a legitimate interest in storing necessary cookies to ensure the technical error-free and optimized provision of their services. If consent to the storage of cookies and similar recognition technologies is requested, processing will only occur based on this consent (Art. 6 (1) lit. a GDPR and § 25 (1) TDDG); consent can be revoked at any time.

You can configure your browser to inform you about cookie placement and allow cookies only in individual cases, exclude acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. Deactivating cookies may limit the functionality of this website.

You can find out which cookies and services are used on this website in this privacy policy.

Consent with Borlabs Cookie

Our website uses Borlabs Cookie’s consent technology to obtain your consent for storing certain cookies in your browser or for using certain technologies and to document this in compliance with data protection regulations. The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg (hereinafter Borlabs).

When you enter our website, a Borlabs cookie is stored in your browser, which stores the consents you have given or the withdrawal of these consents. This data is not passed on to the provider of Borlabs Cookie.

The collected data will be stored until you request deletion, delete the Borlabs cookie yourself, or the purpose for data storage no longer applies. Mandatory legal retention periods remain unaffected. You can find more details about Borlabs Cookie’s data processing at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

The use of the Borlabs cookie consent technology is to obtain the legally required consents for the use of cookies. The legal basis for this is Art. 6 (1) lit. c GDPR.

Server Log Files

The provider of the site collects and automatically stores information in so-called server log files that your browser automatically transmits to us. These include:

• Browser type and version
• Operating system used
• Referrer URL
• Hostname of the accessing computer
• Time of the server request
• IP address

A combination of these data with other data sources will not take place.

The collection of this data is based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in presenting the website without technical errors and optimizing the website – for this purpose, the server log files need to be collected.

Contact Form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided, will be stored by us for the purpose of processing the inquiry and for follow-up questions. We do not share this data without your consent.

The processing of this data is based on Art. 6 (1) lit. b GDPR, as long as your inquiry is related to fulfilling a contract or is necessary for the performance of pre-contractual measures. In all other cases, processing is based on our legitimate interest in efficiently processing the inquiries directed to us (Art. 6 (1) lit. f GDPR) or your consent (Art. 6 (1) lit. a GDPR), if it was requested; consent can be revoked at any time.

The data you enter in the contact form remains with us until you request deletion, withdraw your consent to storage, or the purpose for data storage no longer applies (e.g., after processing your inquiry has been completed). Mandatory legal provisions – particularly retention periods – remain unaffected.

Inquiries via Email, Phone, or Fax

If you contact us via email, phone, or fax, your inquiry, including all personal data resulting from it (name, inquiry), will be stored and processed by us for the purpose of processing your concern. We do not share this data without your consent.

The processing of this data is based on Art. 6 (1) lit. b GDPR, as long as your inquiry is related to fulfilling a contract or is necessary for the performance of pre-contractual measures. In all other cases, processing is based on our legitimate interest in efficiently processing the inquiries directed to us (Art. 6 (1) lit. f GDPR) or your consent (Art. 6 (1) lit. a GDPR), if it was requested; consent can be revoked at any time.

The data you send us via contact inquiries remains with us until you request deletion, withdraw your consent to storage, or the purpose for data storage no longer applies (e.g., after processing your concern has been completed). Mandatory legal provisions – particularly legal retention periods – remain unaffected.

Communication via WhatsApp

For communication with our customers and other third parties, we use, among other things, the instant messaging service WhatsApp. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

The communication takes place via end-to-end encryption (peer-to-peer), which prevents WhatsApp or other third parties from accessing the communication contents. However, WhatsApp has access to metadata generated during the communication process (e.g., sender, recipient, and time). We also point out that WhatsApp, according to its own statement, shares personal data of its users with its parent company Meta based in the USA. Further details on data processing can be found in WhatsApp’s privacy policy at: https://www.whatsapp.com/legal/#privacy-policy.

The use of WhatsApp is based on our legitimate interest in fast and effective communication with customers, prospects, and other business and contractual partners (Art. 6 (1) lit. f GDPR). If consent was requested, data processing will only occur based on the consent; this can be withdrawn at any time with effect for the future.

The communication contents exchanged between you and us on WhatsApp will remain with us until you request deletion, withdraw your consent to storage, or the purpose for data storage no longer applies (e.g., after processing your inquiry). Mandatory legal provisions – particularly retention periods – remain unaffected.

The company holds certification under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that ensures compliance with European data protection standards for data processing in the USA. Any company certified under the DPF commits to adhering to these standards. Further information is available from the provider at the following link: https://www.dataprivacyframework.gov/participant/7735.

We use WhatsApp in the “WhatsApp Business” variant.

The data transmission to the USA is based on the EU Commission’s Standard Contractual Clauses. Details can be found here: https://www.whatsapp.com/legal/business-data-transfer-addendum.

5. Analysis Tools and Advertising

Google Tag Manager

We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to integrate tracking or statistics tools and other technologies on our website. Google Tag Manager itself does not create user profiles, store cookies, or perform independent analyses. It is solely used to manage and serve the tools integrated through it. However, Google Tag Manager collects your IP address, which may also be transmitted to Google’s parent company in the United States.

The use of Google Tag Manager is based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and management of various tools on their website. If consent has been requested, processing will only occur based on Art. 6 (1) lit. a GDPR and § 25 (1) TDDG, provided the consent includes storing cookies or accessing information on the user’s device (e.g., device fingerprinting) as per TDDG. Consent can be withdrawn at any time.

The company holds certification under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that ensures compliance with European data protection standards for data processing in the USA. Any company certified under the DPF commits to adhering to these standards. Further information is available from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

Google Ads

The website operator uses Google Ads. Google Ads is an online advertising program by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads allows us to display ads in the Google search engine or on third-party websites when the user enters specific search terms in Google (keyword targeting). Additionally, targeted ads can be shown based on the user’s data stored at Google (e.g., location data and interests) (audience targeting). We, as the website operator, can quantitatively evaluate this data, for example, by analyzing which search terms led to the display of our ads and how many ads led to corresponding clicks.

The use of this service is based on your consent according to Art. 6 (1) lit. a GDPR and § 25 (1) TDDG. Consent can be withdrawn at any time.

The data transmission to the USA is based on the EU Commission’s Standard Contractual Clauses. Details can be found here: https://policies.google.com/privacy/frameworks and https://business.safety.google/controllerterms/.

The company holds certification under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that ensures compliance with European data protection standards for data processing in the USA. Any company certified under the DPF commits to adhering to these standards. Further information is available from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

Google Ads Remarketing

This website uses the features of Google Ads Remarketing. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

With Google Ads Remarketing, we can assign people who interact with our online offerings to specific target groups, and then display interest-based ads to them in the Google advertising network (remarketing or retargeting).

Additionally, the advertising target groups created with Google Ads Remarketing can be linked with Google’s cross-device features. This allows interest-based, personalized ads that are adapted based on your previous usage and browsing behavior on one device (e.g., mobile phone) to also be displayed on another of your devices (e.g., tablet or PC).

If you have a Google account, you can object to personalized advertising at the following link: https://adssettings.google.com/anonymous?hl=de.

The use of this service is based on your consent according to Art. 6 (1) lit. a GDPR and § 25 (1) TDDG. Consent can be withdrawn at any time.

For further information and the privacy policy, please refer to Google’s privacy policy at: https://policies.google.com/technologies/ads?hl=de.

The company holds certification under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that ensures compliance with European data protection standards for data processing in the USA. Any company certified under the DPF commits to adhering to these standards. Further information is available from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

Target Group Formation with Customer Matching

For target group formation, we use, among other things, Google Ads Remarketing’s customer matching. In this process, we pass certain customer data (e.g., email addresses) from our customer lists to Google. If the respective customers are Google users and logged into their Google account, they will be shown appropriate advertisements within the Google network (e.g., on YouTube, Gmail, or in the search engine).

6. Plugins and Tools

Google Fonts (Local Hosting)

This page uses Google Fonts, provided by Google, to ensure consistent font display. The Google Fonts are installed locally. No connection to Google’s servers is made in this process.

For more information about Google Fonts, see https://developers.google.com/fonts/faq and Google’s privacy policy: https://policies.google.com/privacy?hl=de.

Google Maps

This site uses the Google Maps service. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. With this service, we can embed map material on our website.

To use the features of Google Maps, it is necessary to store your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no control over this data transmission. If Google Maps is activated, Google may use Google Fonts to ensure uniform font representation. When accessing Google Maps, your browser loads the required web fonts into its browser cache to display texts and fonts correctly.

The use of Google Maps is in the interest of presenting our online offerings attractively and making it easy to find the locations we have specified on the website. This constitutes a legitimate interest under Art. 6 (1) lit. f GDPR. If explicit consent has been requested, processing will only occur based on Art. 6 (1) lit. a GDPR and § 25 (1) TDDG, provided the consent includes storing cookies or accessing information on the user’s device (e.g., device fingerprinting) as per TDDG. Consent can be withdrawn at any time.

Data transmission to the USA is based on the Standard Contractual Clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

For more information on how user data is handled, see Google’s privacy policy: https://policies.google.com/privacy?hl=de.

The company holds certification under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that ensures compliance with European data protection standards for data processing in the USA. Any company certified under the DPF commits to adhering to these standards. Further information is available from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

reCAPTCHA is used to check whether data entry on this website (e.g., in a contact form) is done by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the site. For the analysis, reCAPTCHA evaluates various information (e.g., IP address, duration of the website visitor’s stay on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analysis runs completely in the background. Website visitors are not informed that an analysis is taking place.

The storage and analysis of the data is based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in protecting their web offerings from abuse by automated scraping and SPAM. If consent has been requested, processing will only occur based on Art. 6 (1) lit. a GDPR and § 25 (1) TDDG, provided the consent includes storing cookies or accessing information on the user’s device (e.g., device fingerprinting) as per TDDG. Consent can be withdrawn at any time.

For more information on Google reCAPTCHA, see Google’s privacy policy and terms of use at the following links: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de.

The company holds certification under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that ensures compliance with European data protection standards for data processing in the USA. Any company certified under the DPF commits to adhering to these standards. Further information is available from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

7. eCommerce and Payment Providers

Processing of Customer and Contract Data

We collect, process, and use personal customer and contract data for the establishment, content specification, and modification of our contractual relationships. Personal data about the use of this website (usage data) is collected, processed, and used only to the extent necessary to enable the user to use the service or to bill. The legal basis for this is Art. 6 (1) lit. b GDPR.

The collected customer data will be deleted after the order is completed or the business relationship ends and after any applicable legal retention periods have expired. Legal retention periods remain unaffected.