We, Summary Seven Healthcare Consulting GmbH (hereinafter jointly: “the company”, “we” or “us”) take the protection of your personal data seriously and would like to inform you at this point about data protection in our company.
Within the scope of our responsibility under data protection law, additional obligations have been imposed on us by the entry into force of the EU General Data Protection Regulation (Regulation (EU) 2016/679; hereinafter: “DS-GVO”) in order to ensure the protection of personal data of the person affected by a processing operation (we also address you as a data subject hereinafter with “customer”, “user”, “you”, “you” or “data subject”).
Insofar as we decide either alone or jointly with others on the purposes and means of data processing, this includes above all the obligation to inform you transparently about the nature, scope, purpose, duration and legal basis of the processing (cf. Articles 13 and 14 DS-GVO). With this statement (hereinafter: “Privacy Notice”), we inform you about the manner in which your personal data is processed by us.
Following the model of Art. 4 DS-GVO, this data protection notice is based on the following definitions:
– “Personal data” (Art. 4 No. 1 DS-GVO) means any information relating to an identified or identifiable natural person (“data subject”). A person is identifiable if he or she can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, an online identifier, location data or by means of information relating to his or her physical, physiological, genetic, mental, economic, cultural or social identity characteristics. The identifiability can also be given by means of a linkage of such information or other additional knowledge. The origin, form or embodiment of the information is irrelevant (photographs, video or sound recordings may also contain personal data).
– “Processing” (Art. 4 No. 2 GDPR) means any operation which involves the handling of personal data, whether or not by automated (i.e. technology-based) means. This includes, in particular, the collection (i.e. acquisition), recording, organization, arrangement, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment, combination, restriction, erasure or destruction of personal data, as well as the change of an objective or purpose on which a data processing was originally based.
– “Controller” (Art. 4 No. 7 DS-GVO) means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data.
– “Third party” (Art. 4 No. 10 DS-GVO) means any natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons who, under the direct responsibility of the controller or processor, are authorized to process the personal data; this also includes other group-affiliated legal entities.
– “Processor” (Art. 4 No. 8 DS-GVO) is a natural or legal person, authority, institution or other body that processes personal data on behalf of the controller, in particular in accordance with the controller’s instructions (e.g. IT service provider). In terms of data protection law, a processor is in particular not a third party.
– “Consent” (Art. 4 No. 11 DS-GVO) of the data subject means any voluntary expression of will in the form of a declaration or other unambiguous affirmative act, given in an informed and unambiguous manner for the specific case, by which the data subject indicates that he or she consents to the processing of personal data relating to him or her.
(2) Name and address of the responsible party
The responsible party of your personal data within the meaning of Art. 4 No. 7 DS-GVO is us:
Summary Seven Healthcare Consulting GmbH
Managing director authorized to represent: Frank Altmeyer
Phone +49 (0)251 59080670
Fax +49 (0)251 59080679
For further information on our company, please refer to the imprint details on our website http://summaryseven.de/impressum/.
(3) Contact details of the data protection officer
Our company data protection officer is available at all times to answer any questions you may have and to act as your contact person on the subject of data protection at our company. His contact details are:
Mr. Jakob Altmeyer
(4) Legal basis for data processing
By law, in principle, any processing of personal data is prohibited and only permitted if the data processing falls under one of the following justifications:
– Art. 6 (1) p. 1 lit. a DS-GVO (“consent”): if the data subject has voluntarily, in an informed manner and unambiguously indicated by means of a declaration or other unambiguous confirmatory act that he or she consents to the processing of personal data relating to him or her for one or more specific purposes;
– Art. 6 (1) p. 1 lit. b DS-GVO: If the processing is necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures taken at the data subject’s request;
– Art. 6 (1) p. 1 lit. c DS-GVO: If the processing is necessary for compliance with a legal obligation to which the controller is subject (e.g., a legal obligation to keep records);
– Art. 6 para. 1 p. 1 lit. d DS-GVO: If the processing is necessary to protect vital interests of the data subject or another natural person;
– Art. 6 (1) p. 1 lit. e DS-GVO: If the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; or
– Art. 6 (1) p. 1 lit. f DS-GVO (“Legitimate Interests”): if the processing is necessary to protect the legitimate (in particular legal or economic) interests of the controller or a third party, unless the conflicting interests or rights of the data subject override (in particular if the data subject is a minor).
For the processing operations carried out by us, we indicate below the applicable legal basis in each case. A processing operation may also be based on several legal bases.
(5) Data erasure and storage period
For the processing operations carried out by us, we indicate below in each case how long the data will be stored by us and when it will be deleted or blocked. If no explicit storage period is specified below, your personal data will be deleted or blocked as soon as the purpose or legal basis for the storage no longer applies. In principle, your data will only be stored on our servers in Germany, subject to any transfer that may take place in accordance with the regulations in A.(7).
However, storage may take place beyond the specified time in the event of a (threatened) legal dispute with you or other legal proceedings, or if storage is required by legal regulations to which we are subject as the responsible party (e.g. § 257 HGB, § 147 AO). If the storage period prescribed by the legal regulations expires, the personal data will be blocked or deleted unless further storage by us is necessary and there is a legal basis for this.
(6) Data security
We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties (e.g. TSL encryption for our website), taking into account the state of the art, implementation costs and the nature, scope, context and purpose of the processing, as well as the existing risks of a data breach (including its probability and impact) for the data subject. Our security measures are continuously improved in line with technological developments.
We will be happy to provide you with more detailed information on request. Please contact our data protection officer (see under A.(3)).
(7) Data transfer
We only pass on your personal data to third parties if:
a) You have given your express consent to this in accordance with Art. 6 (1) a) DS-GVO.
b) This is legally permissible and necessary according to Art. 6 para. 1 lit. b) DS-GVO for the fulfillment of a contractual relationship with you or the implementation of pre-contractual measures.
c) According to Art. 6 para. 1 lit. c) DS-GVO, there is a legal obligation for the transfer.
d) We are legally obligated to transfer data to state authorities, e.g. tax authorities, social insurance carriers, health insurance companies, supervisory authorities and law enforcement agencies.
e) The transfer according to Art. 6 para. 1 lit. f) DS-GVO is necessary for the protection of legitimate business interests, as well as for the assertion, exercise or defense of legal claims and there is no reason to believe that you have an overriding interest worthy of protection in the non-disclosure of your data.
f) In accordance with Art. 28 DS-GVO, we use external service providers, so-called order processors, who are obliged to handle your data with care.
We use such service providers in the areas of:
When transferring data to external bodies in third countries, i.e. outside the EU or EEA, we ensure that these bodies treat your personal data with the same care as within the EU or EEA. We only transfer personal data to third countries where the EU Commission has confirmed an adequate level of protection or where we ensure the careful handling of personal data through contractual agreements or other suitable guarantees.
(8) Your rights
You may assert your rights as a data subject regarding your processed personal data at any time by contacting us using the contact details provided at the beginning of A.(2). As a data subject, you have the right
– to request information about your data processed by us in accordance with Art. 15 DS-GVO. In particular, you can request information about the processing purposes, the category of data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;
– in accordance with Art. 16 DS-GVO, to demand the correction of incorrect data or the completion of your data stored by us without delay;
– pursuant to Art. 17 DS-GVO, to request the deletion of your data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims;
– pursuant to Art. 18 DS-GVO, to request the restriction of the processing of your data, insofar as the accuracy of the data is disputed by you or the processing is unlawful;
– pursuant to Art. 20 DS-GVO, to receive your data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller (“data portability”);
– object to the processing in accordance with Art. 21 DS-GVO, provided that the processing is based on Art. 6 (1) p. 1 lit. e or lit. f DS-GVO. This is particularly the case if the processing is not necessary for the performance of a contract with you. Unless it is an objection to direct marketing, when exercising such an objection, we ask you to explain the reasons why we should not process your data as we have done. In the event of your justified objection, we will review the merits of the case and either discontinue or adjust the data processing or show you our compelling legitimate grounds on the basis of which we will continue the processing;
– in accordance with Article 7 (3) of the GDPR, to revoke your consent given once (also before the GDPR came into force, i.e. before 25.5.2018) – i.e. your voluntary will, made understandable in an informed manner and unambiguously by means of a declaration or other unambiguous confirming act, that you agree to the processing of the personal data in question for one or more specific purposes – at any time vis-à-vis us, if you have given such consent. The consequence of this is that we may no longer continue the data processing based on this consent for the future and
– complain to a data protection supervisory authority about the processing of your personal data in our company in accordance with Art. 77 DS-GVO, such as the data protection supervisory authority responsible for us: State Commissioner for Data Protection and Freedom of Information of the State of North Rhine-Westphalia, P.O. Box 20 04 44, 40102 Düsseldorf, e-mail: firstname.lastname@example.org
(9) Changes to data protection information
As part of the further development of data protection law and technological or organizational changes, our data protection information is regularly reviewed to determine whether it needs to be adapted or supplemented. You will be informed of any changes, in particular on our German website at www.summaryseven.de. This data protection notice is current as of October 2020.
B. Visiting websites
You can obtain information about our company and the services we offer in particular at www.summaryseven.de together with the associated sub-pages (hereinafter collectively referred to as “websites”). When you visit our websites, personal data may be processed.
During the informative use of the websites, the following categories of personal data are collected, stored and processed by us:
(1) Server log files
When you visit our websites, a so-called log data record (so-called server log files) is stored temporarily and anonymously on our web server. This consists of:
– the page from which the page was requested (so-called referrer URL)
– the name and URL of the requested page
– the date and time of the request
– the description of the type, language and version of the web browser used
– the IP address of the requesting computer, which is shortened so that a personal reference can no longer be established
– the amount of data transferred
– the operating system
– the message whether the request was successful (access status/http status code)
– the GMT time zone difference
(2) Contact form
When contact forms are used, the data transmitted through them are processed (e.g. gender, surname and first name, address, company, e-mail address and the time of transmission).
In addition to the purely informational use of our website, we offer the subscription to our newsletter, with which we inform you about current developments and events. If you subscribe to our newsletter, the following “newsletter data” will be collected, stored and processed by us:
– the page from which the page was requested (so-called referrer URL)
– the date and time of the request
– the description of the type of web browser used
– the IP address of the requesting computer, which is shortened so that a personal reference can no longer be established
– the e-mail address
– the date and time of registration and confirmation.
We would like to point out that we evaluate your user behavior when sending the newsletter. For this evaluation, the e-mails sent contain so-called web beacons or tracking pixels, which are single-pixel image files stored on our website. For the evaluations, we link the aforementioned data and the web beacons with your e-mail address and an individual ID. Links contained in the newsletter also contain this ID. The data is collected exclusively pseudonymously, i.e. the IDs are not linked with your other personal data, a direct personal reference is excluded.
(4) Purpose and legal basis of data processing
We process the personal data described in more detail above in accordance with the provisions of the DS-GVO, the other relevant data protection regulations and only to the extent necessary. Insofar as the processing of personal data is based on Art. 6 (1) p. 1 lit. f DS-GVO, the aforementioned purposes also represent our legitimate interests.
The processing of log data serves statistical purposes and to improve the quality of our website, in particular the stability and security of the connection (legal basis is Art. 6 para. 1 p. 1 lit. f DS-GVO).
Contact form data is processed for the purpose of handling customer inquiries (legal basis is Art. 6 para. 1 p. 1 lit. b or lit. f DS-GVO).
Newsletter data is processed for the purpose of sending the newsletter. As part of the registration for our newsletter, you consent to the processing of your personal data (legal basis is Art. 6 para. 1 lit. a DS-GVO). For the registration to our newsletter, we use the so-called double opt-in procedure. This means that after your registration, we will send you an e-mail to the e-mail address you provided, in which we ask you to confirm that you wish to receive the newsletter. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data. You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare the revocation by clicking on the link provided in every newsletter e-mail, by e-mail to email@example.com or by sending a message to the contact details given in the imprint.
(5) Duration of data processing
Your data will only be processed for as long as is necessary to achieve the above-mentioned processing purposes; the legal bases specified in the context of the processing purposes apply accordingly. With regard to the use and storage duration of cookies, please refer to point A.(5) as well as point C.
Third parties used by us will store your data on their system for as long as is necessary in connection with the provision of services for us in accordance with the respective order.
You can find more details on the storage period under A.(5) and point C.
(6) Transfer of personal data to third parties; basis for justification
The following categories of recipients, which are usually order processors, may receive access to your personal data:
– Service providers for the operation of our website and the processing of data stored or transmitted by the systems (e.g. for data center services, payment processing, IT security). The legal basis for the transfer is then Art. 6 para. 1 p. 1 lit. b or lit. f DS-GVO, insofar as these are not order processors;
– Government agencies/authorities, insofar as this is necessary for the fulfillment of a legal obligation. The legal basis for the transfer is then Art. 6 para. 1 p. 1 lit. c DS-GVO;
– Persons employed to carry out our business operations (e.g. auditors, banks, insurance companies, legal advisors, supervisory authorities, parties involved in company acquisitions or the establishment of joint ventures). The legal basis for the disclosure is then Art. 6 para. 1 p. 1 lit. b or lit. f DS-GVO.
In addition, we will only disclose your personal data to third parties if you have given your express consent to do so in accordance with Art. 6 (1) sentence 1 lit. a DS-GVO
Temporary cookies/session cookies
So-called temporary cookies or session cookies are used on our website, which are automatically deleted as soon as you close your browser. This type of cookie makes it possible to record your session ID. This makes it possible to assign various requests from your browser to a common session and to recognize your terminal device during subsequent visits to the website.
So-called permanent cookies are used on our website. Permanent cookies are cookies that are stored in your browser for a longer period of time and can transmit information. The respective storage period differs depending on the cookie. You can delete permanent cookies independently via your browser settings.
We use analytical cookies to monitor anonymized user behavior on our website.
In addition, we use advertising cookies. These cookies allow us to track user behavior for advertising and targeted marketing purposes.
Social media cookies allow us to connect to your social networks and share content from our website within your networks.
Browser settings configuration
Most web browsers are preset to automatically accept cookies. However, you can configure your respective browser to only accept certain cookies or not to accept cookies at all. However, we would like to point out that you may then no longer be able to use all the functions of our website.
You can also delete cookies already stored in your browser via your browser settings. Furthermore, it is possible to set your browser to notify you before cookies are stored. Since the various browsers may differ in their respective modes of operation, we ask you to refer to the respective help menu of your browser for the corresponding configuration options.
(2) Legal basis
(3) Storage period
As soon as the data transmitted to us via the cookies is no longer required for the purposes described above, this information is deleted. Further storage may take place in individual cases if this is required by law.
D. Plugins and analysis tools
(1) Google Analytics
Insofar as you have given your consent, this website uses Google Analytics, a web analytics service provided by Google LLC. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
Scope of processing
We use the User ID function. With the help of the User ID, we can assign a unique, permanent ID to one or more sessions (and the activities within these sessions) and analyze user behavior across devices.
We use Google Signals. This allows Google Analytics to collect additional information about users who have enabled personalized ads (interests and demographics) and ads can be delivered to these users in cross-device remarketing campaigns.
We use the function ‘anonymizeIP’ (so-called IP masking): Due to the activation of IP anonymization on this website, your IP address will be truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.
During your website visit, the following data is collected, among other things:
– The pages you visit, your “click path”.
– achievement of “website goals” (conversions, e.g. newsletter sign-ups, downloads, purchases)
– Your user behavior (for example, clicks, dwell time, bounce rates)
– Your approximate location (region)
– Your IP address (in shortened form)
– Technical information about your browser and the end devices you use (e.g., language setting, screen resolution)
– your internet service provider
– the referrer URL (via which website/ via which advertising medium you came to this website)
Purposes of the processing
On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity. The reports provided by Google Analytics are used to analyze the performance of our website and the success of our marketing campaigns.
The recipient of the data is
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
as an order processor. We have concluded an order processing agreement with Google for this purpose. Google LLC, based in California, USA, and, if applicable, US authorities may access the data stored by Google.
Transmission to third countries
A transfer of data to the USA cannot be ruled out.
The data sent by us and linked to cookies are automatically deleted after 14 months. The deletion of data whose retention period has been reached takes place automatically once a month.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by
– not giving your consent to the setting of the cookie or
– downloading and installing the browser add-on to disable Google Analytics HERE.
You can also prevent the storage of cookies by selecting the appropriate settings on your browser software. However, if you configure your browser to refuse all cookies, you may experience limitations in functionality on this and other websites.
The legal basis and revocation option for this data processing is your consent, Art.6 para.1 p.1 lit.a DSGVO. You can revoke your consent at any time with effect for the future by calling up the cookie settings and changing your selection there.
(2) WordPress Stats
This website uses the WordPress tool Stats to statistically analyze visitor traffic. The provider is Automattic Inc, 60 29th Street #343, San Francisco, CA 94110-4929, USA.
“WordPress Stats” cookies remain on your terminal device until you delete them.
The storage of “WordPress Stats” cookies is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the anonymized analysis of user behavior in order to optimize both its web offering and its advertising.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. When deactivating cookies, the functionality of our website may be limited.
You can object to the collection and use of your data for the future by setting an opt-out cookie in your browser by clicking on this link: https://www.quantcast.com/opt-out/.
If you delete the cookies on your computer, you must set the opt-out cookie again.
(3) Google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
The purpose of reCAPTCHA is to verify whether data entry on our websites (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run completely in the background. Website visitors are not notified that an analysis is taking place.
The data processing is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in protecting its web offers from abusive automated spying and from SPAM.
This website uses the services of MailChimp for sending newsletters. The provider is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
MailChimp is a service with which, among other things, the sending of newsletters can be organized and analyzed. When you enter data for the purpose of receiving newsletters (e.g. e-mail address), this data is stored on MailChimp’s servers in the USA.
MailChimp has a certification according to the “EU-US Privacy Shield”. The “Privacy Shield” is an agreement between the European Union (EU) and the USA, which is intended to ensure compliance with European data protection standards in the USA.
With the help of MailChimp, we can analyze our newsletter campaigns. When you open an email sent with MailChimp, a file contained in the email (so-called web-beacon) connects to MailChimp’s servers in the USA. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked. In addition, technical information is recorded (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.
If you do not want any analysis by MailChimp, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. Furthermore, you can also unsubscribe from the newsletter directly on the website.
The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you have provided to us for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of MailChimp after you unsubscribe from the newsletter. Data that has been stored by us for other purposes (e.g. e-mail addresses for the member area) remains unaffected by this.
Conclusion of a data processing agreement
We have concluded a so-called “Data-Processing-Agreement” with MailChimp, in which we oblige MailChimp to protect the data of our customers and not to pass it on to third parties. This agreement can be viewed at the following link: https://mailchimp.com/legal/forms/data-processing-agreement/sample-agreement/.
Our website uses plugins from the YouTube site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.
When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited.
If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.
Our website uses plugins of the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.
When you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers is established. In the process, the Vimeo server is informed which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the USA.
If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account.
(7) Google Web Fonts
This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to Google’s servers. This enables Google to know that our website has been accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO.
If your browser does not support web fonts, a standard font will be used by your computer.
(8) Google Maps
This site uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission.
The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy location of the places indicated by us on the website. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.
E. Payment provider
On our website, we offer, among other things, payment via Stripe and related payment methods. The provider of these payment services is
Stripe Payments Europe Ltd.
1 Grand Canal Street Lower
Grand Canal Dock
If you select payment via Stripe, the payment data you enter will be transmitted to Stripe. Your data will only be transmitted for the purpose of processing payments with Stripe Payments Europe Ltd. and only to the extent necessary for this purpose.
The transfer of your data to Stripe is based on Art. 6 (1) a DSGVO (consent) and Art. 6 (1) b DSGVO (processing for the performance of a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the validity of past data processing operations.
You can find more information about Stripe’s data protection at the URL https://stripe.com/de/privacy.