Privacy Policy

1. Data Protection at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data which can be used to personally identify you. For more detailed information on data protection please refer to our privacy policy, which is provided below this text.

Analysis Tools and Third-Party Tools

When visiting our website your browsing behaviour may be statistically analysed. This is mainly done using cookies and what are known as analysis programmes. Your browsing behaviour is usually analysed anonymously; your browsing behaviour cannot be traced back to you. You can object to such analysis or prevent it by not using certain tools. You will find more detailed information on this in the following privacy policy.

You can object to such analysis. We shall inform you of the ways in which you can object in this privacy policy.

2. General Information and Mandatory Information

Data Protection

The operator of this site takes the protection of your personal data very seriously. We treat your personal data as confidential and handle it in accordance with the statutory data protection regulations and this privacy policy.

Personal data is data which can be used to personally identify you. This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose we do this.

Where personal data is concerned, we process it on the basis of our legitimate interest in providing you with a functioning, secure website (point (f) of Article 6(1) GDPR). This data is not merged with any other data sources. We reserve the right to examine this data at a later date if we become aware of any specific indications of unlawful use.

We would advise that the transfer of data on the Internet (e.g. when communicating by email) can present security risks. It is not possible to completely protect data from access by third parties.

Information on the Controller

The controller responsible for data processing on this website is:

BIG.Cube GmbH
Seitzstraße 8a // TH1
80538 Munich

Telephone: +49 89 52 03 2714
E-Mail: datenschutz@big-cube.de

The controller is the natural or legal person who, either alone or jointly with others, determines the purposes and methods of personal data processing (e.g. names, email addresses or similar).

SSL and TLS encryption

All personal data that you transmit to us during the surfing process in general and during the ordering process in particular are transmitted in encrypted form. Therefore, for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses a
SSL and TLS encryption You can recognise an encrypted connection because the address bar of the browser changes from ‘http://’ to ‘https://’ and there is a padlock symbol in your browser’s address bar.

When SSL or TLS encryption is enabled, the data that you transmit to us cannot be read by third parties.

Objection to Marketing Emails

We hereby object to the use of the contact details published in the mandatory legal notice for the purpose of sending promotional and informational materials which have not been expressly requested. The operator of the site expressly reserves the right to take legal measures in the event of the unsolicited sending of promotional materials, e.g. in spam emails.

3. Data Protection Officer

Legally required data protection officer

We have engaged an external data protection officer for our company. If you have any questions, you can contact the data protection officer at any time. 

Philipp Herold

Mein-Datenschutzbeauftragter.de
Hafenstraße 1a
23568 Lübeck 

Telefon: +49 451 16085213
E-Mail: datenschutz@big-cube.de

4. Collection and use of Non-Personal Data when using the Website

If you use this website without otherwise transmitting any data to us (e.g. by registering), we only collect the data necessary for technical reasons which is automatically transmitted to our server by your browser (e.g. browser type/browser version, operating system used, referrer URL, pages viewed, visit duration, IP address, date and time of request) or which is required by functional cookies or cookies necessary for technical reasons.

5. Data Collection on our Website

Cookies

The website sometimes uses what are known as cookies. Cookies do not damage your computer or contain any viruses. Cookies make our offering more user-friendly, effective and secure. Cookies are small text files that are placed on your computer and saved by your browser.

Most of the cookies that we use are what are known as ‘session cookies’. They are automatically deleted at the end of your visit. Other cookies remain stored on your terminal until you delete them. These cookies enable us to recognise your browser on your next visit.

You can configure your browser so that you are informed of the storage of cookies and to allow cookies only in certain cases, to reject the acceptance of cookies in specific cases or in general, and to enable the automatic deletion of cookies when you close the browser. This website’s functionality may be restricted if you disable cookies.

Cookies that are required for carrying out electronic communication processes or providing certain features desired by you (e.g. shopping cart feature) are stored on the basis of point (f) of Article 6(1) GDPR. The website operator has a legitimate interest in the storage of cookies to enable the optimal provision of its services, free from any technical defects. If other cookies (e.g. cookies used to analyse your browsing behaviour) are stored, these are addressed separately in this privacy policy.

Cookie overview

Essenziell

Essenzielle Cookies ermöglichen grundlegende Funktionen und sind für die einwandfreie Funktion der Website erforderlich.

Statistiken

Statistik Cookies erfassen Informationen anonym. Diese Informationen helfen uns zu verstehen, wie unsere Besucher unsere Website nutzen.

Marketing

Marketing-Cookies werden von Drittanbietern oder Publishern verwendet, um personalisierte Werbung anzuzeigen. Sie tun dies, indem sie Besucher über Websites hinweg verfolgen.

Externe Medien

Inhalte von Videoplattformen und Social-Media-Plattformen werden standardmäßig blockiert. Wenn Cookies von externen Medien akzeptiert werden, bedarf der Zugriff auf diese Inhalte keiner manuellen Einwilligung mehr.

Google Maps

NameGoogle Maps
ProviderGoogle Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
PurposeWird zum Entsperren von Google Maps-Inhalten verwendet.
Privacy Policyhttps://policies.google.com/privacy
Host(s).google.com
Cookie NameNID
Cookie Runtime6 Monate

Instagram

NameInstagram
ProviderMeta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
PurposeWird verwendet, um Instagram-Inhalte zu entsperren.
Privacy Policyhttps://www.instagram.com/legal/privacy/
Host(s).instagram.com
Cookie Namepigeon_state
Cookie RuntimeSitzung

OpenStreetMap

NameOpenStreetMap
ProviderOpenstreetmap Foundation, St John’s Innovation Centre, Cowley Road, Cambridge CB4 0WS, United Kingdom
PurposeWird verwendet, um OpenStreetMap-Inhalte zu entsperren.
Privacy Policyhttps://wiki.osmfoundation.org/wiki/Privacy_Policy
Host(s).openstreetmap.org
Cookie Name_osm_location, _osm_session, _osm_totp_token, _osm_welcome, _pk_id., _pk_ref., _pk_ses., qos_token
Cookie Runtime1-10 Jahre

Vimeo

NameVimeo
ProviderVimeo Inc., 555 West 18th Street, New York, New York 10011, USA
PurposeWird verwendet, um Vimeo-Inhalte zu entsperren.
Privacy Policyhttps://vimeo.com/privacy
Host(s)player.vimeo.com
Cookie Namevuid
Cookie Runtime2 Jahre

YouTube

NameYouTube
ProviderGoogle Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
PurposeWird verwendet, um YouTube-Inhalte zu entsperren.
Privacy Policyhttps://policies.google.com/privacy
Host(s)google.com
Cookie NameNID
Cookie Runtime6 Monate
Your cookie settings:
Server log files

The website provider automatically collects and stores information in what are called server log files, which your browser transmits to us automatically. This is:

  • Browser type and
    browser version
  • Operating system used
  • Referrer URL
  • Host name of the
    accessing computer
  • Time of server request
  • IP address

This data is not merged with other data sources.

The basis for the data processing is point (f) of Article 6(1) (f) of Article 6(1) GDPR, which permits data processing for the performance of a contract or to take steps prior to entering into a contract.

Contact Form

When you send us enquiries via the contact form, your details are forwarded to BIG.Cube using the GDPR-compliant API-based email delivery service provided by the German service provider sendinblue GmbH. We store the details you enter in the enquiry form, including the contact details you provide, in order to handle your enquiry and in case of any follow-up questions. We do not share this data without your consent.

The data entered in the contact form is thus processed exclusively on the basis of your consent (point (a) of Article 6(1) GDPR). You can withdraw this consent at any time. To do so, it is sufficient to send us an informal notification by email. The lawfulness of the data processing procedures carried out before your consent is withdrawn remains unaffected by such withdrawal.

We retain the data you have entered in the contact form until you ask us to erase it, until you withdraw your consent to its storage or until the purpose of the data storage ceases to apply (e.g. once handling of your enquiry is complete). Mandatory legal provisions — particularly retention periods — remain unaffected.

6. Analysis Tools

No analytics tools are currently used.

7. Integration of social media embeds

We provide social media embeds from the social media networks Instagram and YouTube on our website. Social media embeds are content from social media networks that we integrate into our website so that you do not have to leave it. It is therefore ‘embedded’. This involves the integration of posts, videos or other content from the companies Meta Platforms Ireland Ltd (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; however, personal data may also be processed by Meta Platforms Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA), Instagram LLC (1601 Willow Road Menlo Park, CA 94025, USA; however, Facebook is responsible for Instagram under data protection law, see above) and YouTube LLC (901 Cherry Ave., San Bruno, CA 94066, USA; however, Google Ireland Limited, Gordon House Barrow Street Dublin 4, D04E5W5, Ireland, is responsible for data protection and personal data may also be processed by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) on our website.

You can recognise the social media embeds by the relevant company logo next to an image, a post or other content that is clearly external. After activating these social media embeds, you can view the content from the relevant network that we have integrated into our website.

Before you click on the relevant ‘Display content’ button (‘activation button’), the privacy-friendly activation solution that we use prevents your personal data, such as your IP address, from being transmitted to the relevant social media network. Unless you click on the activation button in order to view content, you will not be visible to the operator of the relevant social media network

We use this privacy-friendly alternative (activation solution) to prevent social media networks from tracking and storing Internet activity without the user’s active input.

By clicking the activation button, you declare your consent to your personal data being collected by the relevant network. The relevant social media network is responsible for the data collection and processing that it then carries out, including the use of cookies and similar technologies. As a minimum, you should expect the following: Information on which of our sites you have visited and your IP address will be transmitted to the social media network, even if you do not have a profile/account with the relevant network or are not currently signed in. If you are a member of the social media networks and are signed in, the network attributes the information to your personal user account. We do not receive any of this information.

We therefore recommend that you read the relevant network’s privacy policy before clicking the activation button:

Facebook: https://de-de.facebook.com/policy.php
Instagram (Facebook): https://help.instagram.com/155833707900388
YouTube: https://policies.google.com/privacy?hl=de

8. Data Sharing

If we share your personal data, particularly within the context of the data processing described above, we have described this accordingly in this privacy policy. Generally, we also share your personal data as follows:

Processor

All personal data processed within the context of this website is processed by us or by our service providers. If necessary, we transmit your personal data to external service providers such as IT service providers and providers of website optimisation services, advertising agencies or analysis service providers to enable us to provide our services to you. We have selected these service providers carefully and concluded data processing agreements with them.

Third parties (known as recipients)

Contract partners

We share your personal data with other controllers that process the personal data for your own purposes when this is required for processing a contract or rendering a service. Our contract partners can only use the data transmitted in this way for the purpose for which it was transmitted.

Your personal data is shared for these purposes in order to perform a contract (point (b) of Article 6(1) GDPR) or on the grounds of our legitimate interests in organising our business efficiently (point (f) (f) of Article 6(1) GDPR).

Credit checks

In justifiable cases (e.g. direct debit procedures), we share data concerning your address and credit history with credit services companies for the purpose of credit checks. The service provider is only given access to the personal data that is required to carry out the relevant activity. The legal basis for this is point (f) of Article 6(1) (legitimate interest).

Legal obligation or enforcement of legal claims

Besides this, we only share your personal data with third parties if and to the extent that this is required or permitted by law, in order to enforce legal claims or in order to investigate or prevent suspected or actual unlawful activities. In such cases, we will inform you of the relevant data transfer, if and to the extent that this is required by law.

Website service providers

Some features of our website require the processing of your personal data by service providers, for which they are also responsible (e.g. in the case of social media interactions (see also the information on social plug-ins in Section 5 in this regard) and for website optimisation in the case of some services). Our contract partners can only use the data transmitted in this way for the purpose for which it was transmitted.

Your personal data is shared for these purposes on the basis of our legitimate interest in providing you with the relevant function. If your consent is required for sharing data with website service providers, we will inform you separately beforehand.

Transfer to third countries
If and when we transfer your personal data to countries outside the European Economic Area (EEA) or commission processors in such countries (e.g. in the USA), we implement the standards and security mechanisms required by law. We achieve this by agreeing what are known as EU standard contractual clauses, for example. Please contact us as described in Section 2 to find out more about the specific security mechanisms that we use.

9. Your rights

With regard to the personal data concerning you, you have the following statutory rights in relation to BIG.Cube GmbH, provided that the relevant conditions are met. Further information on your rights and the related conditions can be found on the website of the EU Commission athttps://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_de .

Right of access

As a data subject, you have the right to obtain confirmation as to whether we are processing personal data concerning you. Where that is the case, you have the right of access to this personal data as well as to further information, e.g. the purposes of the processing, the recipients and the envisaged storage period and/or the criteria used to determine this period.

Right to rectification and completion

As a data subject, you have the right to obtain without undue delay the rectification of inaccurate personal data. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed.

Right to erasure (‘right to be forgotten’)

As a data subject, you have the right to obtain erasure of your personal data if necessary. For example, that is the case if your personal data is no longer required for the original purposes, if you have withdrawn your declaration of consent under data protection law or if the personal data has been processed unlawfully.

Right to restriction of processing

As a data subject, you have the right to obtain restriction of processing in the legally prescribed cases.

Right to data portability

As a data subject, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format in the legally prescribed cases.

Right to object

As a data subject, you have the right to object to the processing of specific data concerning you for reasons relating to your particular situation at any time. In the event of direct marketing, you, as a data subject, have the right to object to the processing of personal data concerning you for the purpose of such marketing at any time; this also includes profiling to the extent that it is related to such direct marketing.

Right to withdraw your declaration of consent under data protection law

You have the right to revoke your consent to the processing of personal data at any time with effect for the future. The lawfulness of the processing carried out prior to withdrawal remains unaffected by this, however.

Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement if you consider the processing of personal data relating to you to infringe the GDPR.

The competent supervisory authority for BIG.Cube GmbH is the Data Protection Authority for the State of Bavaria (Bayerische Landesaufsicht für Datenschutz) (https://www.lda.bayern.de/de/kontakt.html).

10. Modifications

Our privacy policy and also the descriptions in our cookie consent solution may change from time to time. This also includes further developments due to changes in our business as well as adjustments due to a changed legal situation and/or due to the implementation of new technologies or services on the website. We will post any updates to the privacy policy on this page. In the event of significant changes, we will indicate this accordingly. If you have any further questions that our privacy policy could not answer, please write an e-mail to the following address: datenschutz@big.cube.de.

Version: June 2023