Privacy Policy

1. General notes and mandatory information

a) Data protection

.

The operators of these pages take the protection of your data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations as well as this data protection declaration.

When you use this website, various personal data are collected. Personal data is data with which you can be personally identified. This Privacy Policy explains what information we collect and how we use it. It also explains how and for what purpose this is done.

We would like to point out, however, that data transmission on the internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

b) Note on the responsible body

.

The responsible party for data processing on this website is:

simplefox GmbH
Rathausstr. 4
24103 Kiel

Tel.: +49 431 88380187
E-mail: info@simplefox.de

Explanation: The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.)

2. Your rights

Under current data protection law, in particular the EU General Data Protection Regulation (GDPR), you have extensive data subject rights vis-à-vis the controller with regard to the processing of your personal data, which we would like to inform you about below. You have the right:

  • According to Art. 15 DSGVO, to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data, insofar as this has not been collected by us, as well as about the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;
  • .
  • in accordance with Art. 16 DSGVO, to demand the correction of incorrect or incomplete personal data stored by us without undue delay;
  • in accordance with Art. 17 DSGVO, to request the deletion of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
  • .
  • in accordance with Art. 18 DSGVO, to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing in accordance with Art. 21 DSGVO;
  • in accordance with Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller;
  • According to Art. 7 (3) DSGVO, you may revoke your consent at any time. This means that we may no longer process the data based on this consent in the future and
  • .
  • complain to a supervisory authority in accordance with Art. 77 DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence or place of work or our place of practice. A list of the supervisory authorities and their contact details can be found in the following link:
    https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
  • .
  • According to Art. 21 DSGVO, you have the right to object to the collection of data in special cases and to direct marketing:

Explanation of Art. 21 DSGVO:

If the data processing is based on Art. 6(1)(e) or (f) DSGVO, you have the right to object to the processing of your personal data at any time on grounds relating to your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims (objection under Article 21(1) of the GDPR).

If your personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data concerned for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing. If you object, your personal data will subsequently no longer be used for the purposes of direct advertising or profiling (objection pursuant to Art. 21 (2) DSGVO).

3. Data collection when visiting our website

.

a) Cookies

.

This website uses so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Some of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies enable us to recognise your browser the next time you visit our website.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited. Cookies that are required to carry out the electronic communication process or to provide certain functions desired by you are stored on the basis of Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in storing cookies for the technically error-free and optimised provision of its services. Insofar as other cookies (e.g. cookies to analyse your surfing behaviour) are stored, these will be dealt with separately in this data protection declaration.

b) Server log files

When you use our website for information purposes only, i.e. if you do not send us any other information, we only collect the personal data that your browser sends to our server (so-called server log files). When you visit our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure its stability and security:

We collect the following data, which is technically necessary for us to display our website to you and to ensure its stability and security.

  • IP address
  • The date and time of the request
  • .
  • Time zone difference from Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Quantity of data transferred
  • Website from which the request came
  • Browser
  • Operating system and its interface
  • Language and version of the browser software
  • .

The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest follows from the above-mentioned purposes of data collection. This data will not be merged with other data sources.

c) Registration/user account

The user has the option of registering on mukken and creating a user account. The data collected in the process (mobile phone number, user name, password, if applicable further user data which the user transmits when using mukken) are processed on the basis of the contract concluded and for its execution (Art. 6 para. 1 p. 1 lit. b DSGVO).

d) Contacting us by e-mail, telephone, fax or contact form

If you contact us by e-mail, telephone, fax or contact form, your enquiry including all resulting personal data (name, enquiry) will be stored and processed by us for the purpose of processing your request. Our e-mail servers are located exclusively in Germany and the retrieval of e-mails is exclusively encrypted. When using contact forms on this site, the data entered will not be stored separately, but will only be forwarded by e-mail. All enquiries to this website are SSL-encrypted.

The processing of this data is based on Art. 6 para. 1 lit. b DSGVO, if your request is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 para. 1 lit. a DSGVO) and / or on our legitimate interests (Art. 6 para. 1 lit. f DSGVO), as we have a legitimate interest in the effective processing of requests addressed to us.

The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular legal retention periods - remain unaffected.

e) Newsletter / Blog

We offer the possibility to subscribe to our blog on our website. This is done by entering your email address and confirming it afterwards (double-opt-in). In the double-opt-in process, we process the following data:

  • The page from which the page was requested (so-called referrer URL)
  • .
  • the date and time of the request
  • .
  • the description of the type of web browser used
  • .
  • the IP address of the requesting computer, which is shortened so that a personal reference can no longer be established
  • .
  • the e-mail address
  • the date and time of registration and confirmation
  • .

The legal basis for the processing of your personal data is your consent pursuant to Art. 6 para. 1 p. 1 lit. a) DSGVO. Your e-mail address will not be stored or processed in our systems. Further data is not required for this service. You can revoke your consent to receive the newsletter at any time and unsubscribe. You can declare your revocation by clicking on the link provided in every newsletter e-mail, by sending an e-mail to info@simplefox.com or by sending a message to the contact details given in the imprint.

.

f) Community/Forum

You have the possibility to write posts in our community under your user name, to communicate with other users, to read posts of other users and to comment on them. Posts in our community can be read without the need to register. There is no requirement to use a real name; pseudonymous use is possible.

In connection with the use of the community, mukken stores all the information you provide in the community, i.e. public posts, pinboard entries, friendships, private messages etc., in order to operate the forum, in addition to the registration data until you log out. The legal basis is Art. 6 para. 1 p. 1 lit. f DS-GVO.

If you delete your account, your public statements, especially contributions to the community, will remain visible to all readers, but your account will no longer be accessible and will be marked in the forum with "[Guest]". All other data will be deleted.

4. Matomo

Our website uses the web analytics service Matomo. Matomo is an open source solution. We use Matomo without cookies and on our own servers. The use of Matomo is based on Art. 6 para. 1 lit. f DSGVO. As the operator of this website, we have a legitimate interest in the anonymised analysis of user behaviour in order to optimise both our website and, where applicable, advertising. There is no disclosure of the information stored in the Matomo cookie about the use of this website.

4. External hosting

This website is hosted by an external service provider on servers in Europe (hoster). The hoster is Heroku, based in San Francisco, California, United States. The blog website is hosted by the hoster Raidboxes, based in Germany (Raidboxes GmbH, Hafenstraße 32, DE - 48153 Münster). Personal data collected on our website is stored on the hoster's servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact data, names, website accesses and other data generated via a website. The use of the hoster takes place on the basis of a contract processing agreement and serves the purpose of contract initiation or

fulfilment.

Fulfilment of the contract with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and is in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO). Our hoster will only process your data insofar as this is necessary for the fulfilment of its service obligations and will follow our instructions with regard to this data.

5. Our social media appearances

a) Social media data processing

.

We maintain publicly accessible profiles on social networks. The social networks used by us in detail can be found below. Social networks such as Facebook, Google+ etc. can generally comprehensively analyse your user behaviour when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). By visiting our social media presences, numerous data protection-relevant processing operations are triggered. In detail: If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your terminal device or by recording your IP address. With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the relevant social network, the interest-based advertising may be displayed on all devices on which you are or have been logged in. Please also note that we are not able to track all processing on the social media portals. Depending on the provider, further processing procedures may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portals.

b) Legal basis

Our social media sites are intended to ensure the broadest possible presence on the internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO. The analysis processes initiated by the social networks may be based on different legal grounds, which are to be stated by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a DSGVO).

c) Responsible party and assertion of rights

.

When you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both vis-à-vis us and vis-à-vis the operator of the respective social media portal (e.g. vis-à-vis Facebook). Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing procedures of the social media portals. Our options are largely determined by the corporate policy of the respective provider.

d) Storage period

The data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose for storing it no longer applies, you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal provisions - in particular retention periods - remain unaffected. We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

e) Shariff button

On this website, we only use privacy-friendly social media features! For the share buttons for social media, which you will find in some places, we exclusively use the privacy-friendly implementation "Shariff", developed by ct magazine. With this "two-click solution" - unlike with the normal share buttons - data is only transmitted to the social networks when they are actively clicked.

f) Social networks in detail

aa) Facebook

We have a profile on Facebook. The provider is Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA. We have concluded a joint processing agreement (Controller Addendum) with Facebook. This agreement specifies the data processing operations for which we or Facebook are responsible when you visit our Facebook page. You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum. You can adjust your advertising settings yourself in your user account. To do so, click on the following link and log in: https://www.facebook.com/settings?tab=ads. Details can be found in Facebook's privacy policy: https://www.facebook.com/about/privacy/. Data transfer to the US is based on EU standard contractual clauses: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381

.
bb) LinkedIn

We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies. If you would like to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/legal/privacy-policy. Details on how they handle your personal data can be found in LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy. Data transfer to the USA is based on EU standard contractual clauses: https://www.linkedin.com/legal/l/dpa and https://policies.google.com/privacy/frameworks?hl=de

.
dd) Twitter
.

We have a profile on Twitter. You can view the privacy policy for the social network Twitter, which is operated by Twitter, Inc. 1355 Market Street, Suite 900, San Francisco, CA 94103, at https://twitter.com/de/privacy. Data transfer to the US is based on EU standard contractual clauses: https://gdpr.twitter.com/en/controller-to-controller-transfers.html

.
ee) Pinterest

We have a profile on Pinterest. You can view the privacy policy for the social network Pinterest, which is operated by Pinterest Europe Ltd, Palmerston Hous, 2nd Floor, Fenian Street, Dublin 2, Ireland, at https://policy.pinterest.com/de/privacy-policy. The data transfer is based on EU standard contractual clauses.

ff) Instagram

We have a profile on Instagram. You can view the privacy policy for the social network Instagram, which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA, at https://help.instagram.com/155833707900388 Data transfer is based on EU standard contractual clauses: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381

7th payment service provider

.

a) Stripe

Payments may be processed on mukken via the payment service provider Stripe, Legal Process, 510,Townsend St., San Francisco, CA 94103 (Stripe). The legal basis is our legitimate interest in offering an efficient and secure payment method (Art. 6 para. 1 lit. f DSGVO). As far as necessary for the performance of the contract (Art. 6 para. 1 lit b. DSGVO), we share the following data with Stripe: 

.

Name of the cardholder, email address, customer number, order number, bank details, credit card details, credit card validity period, credit card verification number (CVC), date and time of the transaction, transaction number, name of the provider, location.

Payments cannot be made through Stripe without the submission of these.

Stripe has a dual role as controller and processor in data processing activities. As a controller, Stripe uses your submitted data to comply with regulatory obligations. This corresponds to Stripe's legitimate interest (pursuant to Art. 6 para. 1 lit. f DSGVO) and serves the performance of the contract (pursuant to Art. 6 para. 1 lit. b DSGVO). We have no influence on this process.

Stripe acts as a processor in order to be able to complete transactions within the payment networks. Within the scope of the order processing relationship, Stripe acts exclusively according to our instructions and has been contractually obligated to comply with the provisions of data protection law within the meaning of Art. 28 DSGVO.

The data transfer to the USA takes place on the basis of the EU standard contractual clauses: https://stripe.com/de/privacy

.

b) Paypal

.

Payments can be processed on mukken via the payment service provider PayPal (PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg). The legal basis is our legitimate interest in offering an efficient and secure payment method (Art. 6 para. 1 lit. f DSGVO). As far as necessary for the fulfilment of the contract (Art. 6 para. 1 lit b DSGVO), we pass on the following data to PayPal:

First name, last name, address, email address, telephone number

.

Without the transmission of these, payments via PayPal cannot be made.

PayPal carries out a credit check for various services such as payment by direct debit in order to ensure your willingness and ability to pay. This corresponds to PayPal's legitimate interest (pursuant to Art. 6 para. 1 lit. f DSGVO) and serves the execution of the contract (pursuant to Art. 6 para. 1 lit. b DSGVO). For this purpose, your data (name, address and date of birth, bank account details) are passed on to credit agencies. We have no influence on this process and only receive the result of whether the payment has been made or rejected or a check is pending.

.

You can find more information about objection and removal options vis-à-vis PayPal at: https://www.paypal.com/de/webapps/mpp/ua/privacy-fullData transfer to the USA is based on the EU standard contractual clauses: https://www.paypal.com/de/webapps/mpp/gdpr-readiness-requirements

8. Google Maps and Google API

On mukken, the user has the possibility to use functions of Google Maps. The Google API is also used for this purpose. Google Maps and API are operated by Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. If you use the Google Maps function, personal data will also be collected. By using the functions, you agree to the collection, processing and use of the automatically collected data and any additional data entered by you by Google or one of its representatives. You have the option to object to the use of this data by deactivating the JavaScript function of your browser. Please note, however, that in this case you will no longer be able to use the map display. We have concluded a joint responsibility agreement with Google in accordance with Art. 26 DSVGO.

The terms of use for Google Maps can be found at .

Data transfer to the US is based on the EU standard contractual clauses: https://policies.google.com/privacy/frameworks?hl=de

9. right of modification

Please note that we reserve the right to amend or modify this Privacy Policy from time to time in accordance with applicable laws. Last modified: 19/08/2021