January 24th, 2020
1. Who is responsible for the processing of my data?
triple A code GmbH is responsible for the processing of your data on this website. triple A code GmbH processes personal data in accordance with the provisions of the GDPR and the Federal Data Protection Act (“BDSG”).
You can contact the data protection officer of triple A code GmbH at the above-mentioned postal address, with the addition “To the data protection officer” or at the e-mail address: email@example.com.
2. What data is recorded?
When you visit the website, the accessing computer automatically collects information (hereinafter referred to as “access data”). This access data includes server log files, which usually consist of information about the browser type and browser version, the operating system, the Internet service provider, the date and time of use of the website, the previously visited websites and those newly accessed via the website, and the IP address of the computer. With the exception of the IP address, the server log files cannot be linked to a person. An IP address can be traced to a person if it is permanently assigned when the Internet connection is used and the Internet provider can match it with a person.
If you continue to use the services of the website, the data you enter on the website (e.g. for registration) will be processed.
Some of the website’s services require you to supply triple A code GmbH with personal data. In these cases, the data you supply will be used to provide the desired service or process the particular request. The following personal data is processed on the website:
User data such as e-mail address; details of name; phone number and country
Other personal data will not be collected unless you provide this information voluntarily.
3. What data is recorded for what purposes?
The purposes for which data is processed may result from technical, contractual or legal requirements and, where applicable, from consent given.
We use the data specified in Section 2 for the following purposes:
– to provide the website and ensure technical security, in particular to correct technical errors and to ensure that unauthorised persons do not gain access to the website’s systems;
– for reach assessments and web analyses in order to make the website more efficient and interesting for you, and to conduct market research;
– to provide you with important information on the site, modifications made to our ToU, give you instructions and/or other administrative information;
– to provide you with information that we believe may be of interest to you on products, programmes, services and promotional operations (subject to receiving your agreement on this matter)
– for communication;
– for sending newsletters by e-mail.
3.1 Technical provision of the website
3.1.1 Description and scope of data processing
For the functionality of the website, the performance of security analyses and the prevention of attacks, the server log files are automatically written on the computer server host when the website is accessed and used before they are stored for a short time as a component of the server access data defined in Section 2. The server log files are not stored together with other data. triple A code GmbH uses the server log files for statistical evaluations in order to analyse and remedy technical faults, fend off attacks and fraud attempts, and optimise the functionality of the website.
3.1.2 Purposes and legal basis of data processing
The legal basis for the recording of server log files is Art. 6 para. 1 letter f GDPR. The functionality of the website, the performance of security analyses, and the prevention of attacks are the legitimate interests of triple A code GmbH.
3.1.3 Duration of storage or criteria for determining this duration
After the websites have been accessed, the server log files are stored on the web server, and the IP address they contain is deleted after 7 days at the latest. The data is only evaluated during this storage period in the event of an attack.
3.1.4 Possibility of objection and erasure
You have the right to object to the processing of your data in the context of server logfiles, if there are reasons for this which arise from your particular situation. If you wish to exercise your right of objection, please contact us at the address given under Section 1.
3.2 E-mail and telephone contact
3.2.1 Description and scope of data processing
On the website you can contact triple A code GmbH via an e-mail address or a telephone number. If you do so, your e-mail address, your telephone number and your request will be transmitted to triple A code GmbH. Depending on your request (e.g. questions about the usage functionalities of the website, assertion of your rights as a data subject, e.g. access to information), your contact data will be processed further. If it is necessary for the processing of your request, your contact data may be forwarded to third parties (e.g. other organisations).
3.2.2 Purposes and legal basis of data processing
The legal basis for the processing of your contact data is Art. 6 para. 1 letter f GDPR. Our legitimate interests are the processing of your request and further communication. If the reason for your contacting us is to enter into a contract with triple A code GmbH, then the legal basis for the processing of your contact data is Art. 6 para. 1 letter b GDPR.
3.2.3 Duration of storage or criteria for determining this duration
After your request has been completely processed and further communication has ended, the contact data will be deleted, unless statutory retention periods prevent such deletion. The contact data will also not be deleted if your contacting us is aimed at concluding a contract with triple A code GmbH or if you assert your rights as a data subject, such as your right to access information. In this case, the data will be stored until the contractual and/or legal obligations have been fulfilled and statutory retention periods do not oppose deletion.
3.2.4 Possibility of objection and erasure
You have the right to object to the processing of your contact data, if there are reasons for this which arise from your particular situation. If you wish to exercise your right of objection, please contact us at the address given under Section 1. If you object, communication can no longer be continued. Other conditions apply if the storage of your contact data is necessary for the initiation of a contract, or fulfilment of a contract, or assertion of your rights as a data subject.
Services that optimize user-friendliness and measure the reach of the website are built into the website. Your access data (see Section 2) is recorded. Personal identification is generally not necessary for web-tracking, so that when your access data is recorded, the stored IP address is either not used or only used in truncated form, and pseudonymous user profiles are created. This data is not merged with other data and you have the possibility of revocation at any time. Personal user profiles are only created in exceptional cases and only if you have given your consent.
The web-tracking services are usually offered by service providers who process the data in accordance with the controller’s instructions only and not for their own purposes, as so-called processors. This is ensured by means of contracts for processing. If the service providers process your data outside of the European Union or the European Economic Area (hereinafter referred to as “EU or EEA”), a so-called third country transfer takes place. This is permissible if you have given your consent, triple A code GmbH has given guarantees for a level of data protection that meets European standards, or the EU Commission has classified the relevant third country as a safe third country. The third country transfer of the relevant service is identified below.
The individual web-tracking services of the website are described in more detail below.
3.3.1 Google Analytics
The website uses the services of Google Analytics. Google Analytics is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics creates a pseudonymous user profile to optimize the user-friendliness of the website. Pseudonymity is ensured by Google truncating your IP address prior to any further processing and storage of data, and it is not possible to draw any conclusions about you as a person. The pseudonymous user profile is evaluated after transmission in order to optimize user-friendliness. The data is not merged with any other Google data.
Through the use of Google Analytics, a third country transfer takes place. However, with its certification in accordance with the EU-US Privacy Shield, Google ensures that the third country transfer meets the European data protection standards.
More information about the ways in which Google Analytics collect and process your Personal Information can be found here: https://www.google.com/policies/privacy/partners.
220.127.116.11 Purposes and legal basis of data processing
The legal basis for the recording and evaluation of pseudonymous user profiles is Art. 6 para. 1 letter f GDPR. The legitimate interests of triple A code GmbH consist of optimizing the user-friendliness of the website and measuring its reach.
18.104.22.168 Duration of storage or criteria for determining this duration
As regards the use of Google Analytics on this website, the data is stored for a maximum of 14 months or until you object to its further use.
22.214.171.124 Possibility of objection and erasure
You can object to the use of the web-tracking services any time by changing your browser settings or by clicking the following link/s to download and install the available browser plug-ins:
You can prevent Google’s forwarding and processing the data generated by the cookie and relating to your use of the website (incl. your IP address) by downloading and installing the following browser add-on
Opt-out cookies will prevent your data from being recorded in the future when you visit this website.
To prevent the recording by Universal Analytics across different devices, the opt-out must be undertaken on all systems used. If you click here, the opt-out cookie will be installed: deactivate Google Analytics.
3.3.2 Facebook-Pixel, Custom Audiences und Facebook-Conversion
Due to our legitimate interests in the analysis, optimisation and economic operation of our online service, the so-called „Facebook pixel“ of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are resident in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland („Facebook“), is used within our online service.
Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
With the help of the Facebook pixel, Facebook is able to determine the visitors of our online offer as a target group for the presentation of ads (so-called „Facebook ads“). Accordingly, we use Facebook pixels to display Facebook ads placed by us only to Facebook users who have shown an interest in our online offering or who have certain features (e.g. interests in certain topics or products that are determined on the basis of the websites visited) that we transmit to Facebook (so-called „custom audiences“). Using Facebook pixels, we also want to ensure that our Facebook ads match the potential interest of users and are not annoying. Using Facebook pixels, we can also track the effectiveness of Facebook ads for statistical and market research purposes by seeing if users were referred to our website after clicking on a Facebook ad (known as „conversion“).
Facebook processes the data in accordance with Facebook’s data usage policy. Accordingly, general information on the presentation of Facebook ads in Facebook’s data usage policy: https://www.facebook.com/policy.php. Specific information and details about Facebook pixels and how they work can be found in the help section of Facebook: https://www.facebook.com/business/help/651294705016616.
You may opt out of Facebook pixel collection and use of your information to display Facebook ads. To control what types of ads you see within Facebook, you can go to the page set up by Facebook and follow the instructions on the settings for usage-based ads: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.
126.96.36.199 Web fonts
This website uses web fonts provided by Google in order to uniformly represent fonts. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. For this purpose, your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 para. 1 letter f GDPR. If your browser does not support web fonts, a standard font is used by your computer.
Further information about handling user data, can be found at https://developers.google.com/fonts/faq.
With the following information we inform you about the content of our newsletter as well as the registration, sending and statistical evaluation procedures as well as your right of refusal. By subscribing to our newsletter, you agree to the receipt and the procedures described.
Content of the newsletter: We send newsletters, e-mails and other electronic notifications with advertising information (hereinafter „newsletter“) only with the consent of the recipient or a legal permission. Insofar as the content of a newsletter is concretely described in the context of an application for the newsletter, it is decisive for the consent of the user. Incidentally, our newsletters contain information about our services and us.
Opt-in and logging: Registration for our newsletter is done in a so-called opt-in procedure. After registration, you will receive an e-mail to confirm your registration. The registration for the newsletter will be logged in order to prove the registration process according to the legal requirements. This includes the storage of the logon and the confirmation time, as well as the IP address. Likewise, changes to your data stored with the shipping service provider will be logged.
Credentials: To subscribe to the newsletter, it is sufficient to provide your e-mail address. Optionally, we ask you to give a name in the newsletter for personal address.
The dispatch of the newsletter and the related performance measurement are based on the consent of the recipient acc. Art. 6 para. 1 lit. a, Art. 7 GDPR, read in conjunction with § 7 para. 2 No. 3 German Unfair Competition Act (UWG) or if consent is not required, based on our legitimate interests in the direct marketing acc. Art. 6 para. 1 lt. F. GDPR, read in conjunction with § 7 para. 3 German Unfair Competition Act (UWG).
The logging of the registration process is based on our legitimate interests in accordance with. Art. 6 para. 1 lit. f GDPR. We are interested in using a user-friendly and secure newsletter system that serves our business interests as well as meeting the expectations of users and allows us to provide consent.
Termination / Withdrawal – You can terminate the receipt of our newsletter at any time, ie. Revoke your consent. A link to cancel the newsletter can be found at the end of each newsletter. We may save the submitted email addresses for up to three years based on our legitimate interests before we delete them to provide prior consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for cancellation is possible at any time, provided that at the same time the former existence of a consent is confirmed.
4. Google reCAPTCHA
On this website Google reCAPTCHA is integrated. Google reCAPTCHA is a CAPTCHA service which protects this website from spam and automated abuse by computer systems, e.g. bots.
Google reCAPTCHA is a service of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043 USA (in the following referred to as “Google.”)
Through this service, Google can determine from which website a request is sent and from which IP address you use the so-called reCAPTCHA input box. In addition to your IP address, additional information may be collected by Google, which is necessary for the offer and the guarantee of this service.
The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the security of our website and in the defense against unwanted, automated access in the form of spam or the like. Google provides further information on the general handling of your user data at https://policies.google.com/privacy.
5. Who will receive my data?
Within triple A code GmbH, those parties receive access to your data who need it for the purposes described in Section 3. In this case, triple A code GmbH also remains responsible for protecting your data. Service providers used by triple A code GmbH may also be given access to your data (so-called “processors”, e.g. computer centres, dispatch of newsletters, IT consultants, legal and/or financial advisors, customer services or debtor management). Contracts for processing ensure compliance with instructions, data security and confidential handling of your data by these service providers.
Data will be passed on to other recipients such as advertising partners, providers of social media services or credit institutions (so-called “third parties”) if required to do so by law or if you have given your consent. The following third parties may be forwarded data:
– providers of measurements and web analyses that measure the reach of websites and create user profiles for their own purposes,
– advertisers who show you interest-based advertisements,
– public authorities and institutions such as law enforcement authorities which receive your data based on compliance with legal or official obligations.
You will find more information about the forwarding of data to the respective third parties in Section 3, which specifies the individual purposes.
6. Will my data be processed outside the EU or the EEA (third country transfer)?
If the service providers and/or third parties outside of the EU or the EEA which are specified under Section 5 process your data for the purposes of Section 3, this may result in your data being transferred to a country where no data protection standard commensurate with that of the EU or the EEA can be guaranteed. However, such a data protection standard can be ensured with an appropriate guarantee. Suitable guarantees are, for example, standard contractual clauses provided by the EU Commission. By way of exception, guarantees may be dispensed with if you give your consent or if the transfer of data to a third country is necessary to achieve your purpose with triple A code GmbH. Also, the EU Commission has recognised certain third countries as safe third countries, so that here too appropriate guarantees on the part of triple A code GmbH can be dispensed with. The following service providers process your data outside of the EU or the EEA:
Web-tracking services are provided by service providers which have their computer centres in a third country or which can access the computer centres within the European Union or the EEA from a branch in a third country. With certification in line with the EU-US Privacy Shield, the services ensure that the third country transfer meets the European data protection standards.
For the dispatch of newsletters, service providers are employed which have their computer centres in a third country or which can access the computer centres within the European Union or the EEA from a branch in a third country. With certification in line with the EU-US Privacy Shield, the services ensure that the third country transfer meets the European data protection standards.
For the handling of customer enquiries, service providers are employed which have their computer centres in a third country or which can access the computer centres within the European Union or the EEA from a branch in a third country. With certification in line with the EU-US Privacy Shield, the services ensure that the third country transfer meets the European data protection standards.
7. What data privacy rights do I have?
You have the right to access, at any time, the personal data about you which we have stored. Should any data about your person be wrong or no longer up-to-date, you have the right to demand their correction. You also have the right to demand the erasure or restriction of the processing of your data in accordance with Art. 17 and Art. 18 GDPR. You may also have the right to have the data that you supplied released in a commonly used and machine-readable format (right to data portability).
If you have given your consent to the processing of personal data for certain purposes, you can withdraw your consent at any time with effect for the future. The declaration of withdrawal should be sent to triple A code GmbH at the contact address specified in Section 1.
Pursuant to Art. 21 GDPR you have the right, for reasons which arise from your particular situation, to object any time to the processing of your data which takes place on the legal basis of Art. 6 para. 1 letter f GDPR. You also have the right to object at any time to the processing of your personal data for the purposes of direct advertising. The same applies to the automated procedures that take place when some cookies are used, unless they are absolutely necessary for the provision of the website.
Moreover, you also have the option to approach a data protection authority and file a complaint there. The authority responsible for triple A code GmbH is
Berliner Beauftragte für Datenschutz und Informationsfreiheit
You may, however, also approach the data protection authority responsible for your place of residence.
8. From what source does the data stem?
All data is collected directly from the data subjects.
9. To what extent does an automated decision-making process exist?
For the purposes mentioned in Section 3, we do not use any fully automated decision-making processes.
10. Is profiling carried out?
Profiling as defined in Art. 22 (1) and (4) GDPR is not carried out.
11. Conclusion/details of version