0
Your Cart
0
Your Cart

Privacy

Last update: August 2024

Provision of information pursuant to Art 13 of the General Data Protection Regulation 2016/679/EU (“GDPR”) regarding the processing of personal data in the context of visiting and using the website https://theartofpele.com/ (“Website” or “Online Shop”) as well as in the context of interacting with our social media and third-party platform presences outlined under point 8.

Thank you for your interest in our website. The protection of your privacy is of high priority to us. Consequently, we only process your personal data on the basis of legal requirements set by the GDPR in conjunction with the Austrian Data Protection Act (Datenschutzgesetz) as well as other relevant legal provisions.

In general, you are not obligated to provide data due to statutory or contractual requirements. Data processed automatically when accessing the Website are either not personal data or are stored only for short periods (cf. point 6.1). However, if you decide to contact us via the contact options presented on the Website respectively in the course of this Data Protection Declaration, you have to provide us certain of your data being necessary for the processing of your respective request (cf. point 6.2). Furthermore, in cases where you wish to make purchases via our Online Shop, you have to provide us the necessary data for contract conclusion and execution. Should you refuse disclosure of your relevant data for the respective purpose, we may not be able to process your request or render our services to you. The individual processing activities in the context of accessing and using our Website are highlighted in detail under point 6.

Content

  1. Definitions
  2. Information on the controller and contact details
  3. Links to third-party sites
  4. Rights of the data subject
  5. Transfer of your data; recipients
  6. Data processing operations
    6.1 Processing of traffic data; server log files
    6.2 Contacting
    6.3 Purchases via the Online Shop; registering a customer account
    6.4 Web analysis and tracking 6.5 Legal retention and documentation obligations
  7. Cookies and similar technologies
    7.1 Cookies
    7.2 Local storage; session storage
    7.3 Tracking pixel
  8. Social media and third-party platform presences
    8.1 Instagram

1. Definitions

Data protection laws are generally relevant in case any processing of personal data is concerned. The terms used within the scope of this Data Protection Declaration are defined in and by the GDPR. As such, the broad definition of processing (Art 4 item 2 GDPR) of personal data means any operation or set of operations performed on personal data. Any information allowing us or third parties to potentially identify you in person can be considered your personal data, which makes you a data subject (Art 4 item 1 GDPR) within this context.

The following terms are particularly relevant for a better understanding of this Data Protection Declaration:

TermDefinitionRegulation
ControllerNatural or legal person or other body which has decisive influence on the processing of personal and is therefore subject to data protection obligations.Art 4 item 7 GDPR Art 24 GDPR
Joint ControllersControllers, which process personal data in common interest and have each at least partly a decisive influence on decisions made in this regard.Art 26 GDPR
ProcessorExternal service provider which processes personal data on behalf of the controller and is contractually bound to its instructions. The processor thereby acts as a kind of extended arm of the controller.Art 4 item 8 GDPR Art 28 GDPR
RecipientGenerally, every natural or legal person or other body outside of the organisation of the controller to which data being subject to the controller’s responsibility are disclosed.Art 4 item 9 GDPR
Legal basisCondition determined by law that constitutes an authorisation to lawfully process personal data.Art 6 para 1 GDPR
Transfer to third countriesTransfer of personal data to countries outside of the EU respectively EEA through which they are detracted from the sole control of the GDPR due to stronger ties to the legal system of such third country. This might take place where data are disclosed to a recipient that (i) has its seat/residency in such third country or (ii) maintains a server there on which personal data are processed.Chapter V GDPR
Adequacy decisionA resolution of the European Commission through which the adequacy of the data protection level in a third country is acknowledged, and consequently a transfer of data is possible without further restrictions.Art 45 GDPR

2. Information on the controller and contact details

Controller in the sense of Art 4 item 7 GDPR: Contact details: Coact Sportsconsulting GMBH (“we”) Am Kahlenberg 3/410 1190 Vienna Austria Email: info@theartofpele.com

3. Links to third-party sites

On our Website and in this Data Protection Declaration, we use links to websites of third parties, i.e., links to our presences in social networks. If you click on one of these links, you will be forwarded to the respective website. For the operators of these websites, it is only evident that you have accessed our Website beforehand. However, please be aware that accessing third-party sites results in additional processing of your data in the sphere of the respective third party! Accordingly, we refer you, in general, to the separate data protection declarations of these websites. For further information on our processing of your data in connection with our social media or third-party platform presences, please review point 8.

4. Rights of the data subject

You may decide to exercise any of the following rights concerning our processing of your personal data at any time free of charge by means of a notification being sent to one of the contact options outlined under point 2; we shall then answer your request as soon as possible and within one (1) month at the latest (in exceptional cases, restrictions on these rights are possible, for instance, if otherwise the rights of third parties would be affected):

  • access to and further information concerning your individual data processed by us (right of access, Art 15 GDPR);
  • rectification of wrongly recorded data or data that have become inaccurate or incomplete (right to rectification, Art 16 GDPR);
  • erasure of data which (i) are not necessary in light of the purpose of data processing, (ii) are processed unlawfully, (iii) must be erased due to a legal obligation or an objection to the processing (right to erasure, Art 17 GDPR);
  • temporary restriction of processing under certain circumstances (right to restriction of processing, Art 18 GDPR);
  • objection to any processing of your data being based on our legitimate interest (for definitions see point 6) on grounds relating to your particular situation or being executed for direct marketing purposes (right to object; Art 21 para 1 and 2 GDPR);
  • transfer of your personal data which are processed for the performance of a contract in a machine-readable format to you or directly to another controller upon request (right to data portability; Art 20 GDPR);
  • right to lodge a complaint with a supervisory authority in respect of our processing of your data; in Austria, a complaint has to meet the requirements laid out in § 24 Austrian Data Protection Act and has to be directed to the Austrian Data Protection Authority, Barichgasse 40–42, 1030 Vienna, email: dsb@dsb.gv.at, Phone: +43 1 52 152-0 (for the simplification of this process, the Austrian Data Protection Authority provides forms at: https://www.dsb.gv.at/dokumente [German only]).

5. Transfer of your data; recipients

For the purposes executing the data processing activities as indicated in the course of this Data Protection Declaration, we may transfer your personal data to the following recipients or make them available to them:

Within our organisation, your data will only be provided to those entities or employees who need them to fulfil their respectively our respective obligations.

Furthermore, (external) processors engaged by us receive your data if they need these data to provide their respective services (whereby the mere possibility to access personal data is sufficient).

Within the context of our Website, the following processors may have access to your personal data:

  • easyname GmbH, Canettistraße 5/10, 1100 Wien, Österreich (as our hosting provider – cf. point 6.1);
  • Stripe Payments Europe, Limited, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Irland (as our provider in regards to the execution of payments via the Online Shop – cf. point 6.3);
  • Aut O’Mattic A8C Ireland Ltd., Grand Canal Dock, 25 Herbert Pl, Dublin, D02 AY86, Irland (as provider of our analysis and tracking solution – cf. point 6.4).

Additionally, we may transfer your data to independent controllers, as far as this is deemed necessary, we are legally obliged to do so or you have provided your respective consent. This may include your credit card company (cf. point 6.3).

Lastly, we are joint controllers in the sense of Art 26 GDPR with the service providers described under point 8 when accessing and interacting with our respective social media or platform presences.

6. Data processing operations

In the subsequent section, data processing operations that may occur when accessing or using our Website are described in detail. Within this context, we provide you with information on the essential elements of each data processing operation, namely (a) type and extent (when and how), (b) purpose (why) as well as (c) the storage period of your data (how long).

Moreover, we inform you about the legal basis which we use to justify the respective data processing operation as required by the GDPR. The following chart provides you with a first overview of possible legal bases, which we use in this regard:

Legal basisDefinitionRegulation
Performance of a contractThe processing of your data is necessary for the performance of a contract concluded with you or to take steps prior to entering into a contract with you at your request.Art 6 para 1 lit b GDPR
Legal obligationThe processing of your data is necessary to comply with a legal obligation we are subject to.Art 6 para 1 lit c GDPR
Legitimate interestsThe processing of your data is (i) necessary for the purposes of legitimate interests pursued by us or a third party and (ii) we have considered your conflicting interests and fundamental rights and freedoms accordingly. (For the right to object to interest-based processing due to your particular situation, see point 4.)Art 6 para 1 lit f GDPR

6.1 Processing of traffic data; server log files 

  1. (a) Type and extent of data processing: You can visit our Website without providing any personal information. However, out of technical necessity, so-called “traffic data” are processed automatically when a website is accessed. 

Within this context, in particular, the following categories of traffic data can be transferred to the server that is requested to provide a respective website or file: 

  1. (i) implicit access data (automatic, inevitable and unsolicited transmission): IP address used, user agent (browser type/version used), accessed site (URL), previously visited website (referrer URL), time of the access request, language settings. 
  2. (ii) explicit access data (transmission where provided for in the source code of the respective service): screen resolution, colour depth, time zone, touchscreen support, browser plugins. 

Traffic data will be stored by us in so-called “server log files”. Hosting provider of our Website is easyname GmbH (cf. point 5). Traffic data may also be used for analysis and tracking purposes (cf. point 6.4). 

  1. (b) Legal basis and purpose: The purpose of this data processing operation is to establish and maintain technical security with regards to our Website. The processing is based on our legitimate interest (Art 6 para 1 lit f GDPR; for the “right to object”, see point 4) in achieving the mentioned purpose. 
  2. (c) Storage period: The server log files are, in general, only stored for a short period of time and erased when they are no longer necessary for achieving the above mentioned purposes. 

6.2 Contacting 

  1. (a) Type and extent of data processing: When contacting us via contact details provided on our Website (e.g., in the imprint) or in this Data Protection Declaration, we will use your data as indicated in order to process your contact request and deal with it. Certain additional information may be provided voluntarily. The data processing involved is necessary to issue a response in respect of your request. 
  2. (b) Legal basis and purpose: Purpose of the data processing is to enable us an exchange with users of the Website respectively customers of the Online Shop. We answer your request on the basis of our legitimate interest (Art 6 para 1 lit f GDPR; for the “right to object” see point 4) in maintaining a properly functioning contact system, which is a prerequisite for the provision of any services. As far as your request is based on an existing contractual relationship with us or you are interested in establishing said contractual relationship, the processing is based on the performance of the corresponding contract, or on taking steps prior to entering into a contract with you at your request (Art 6 para 1 lit b GDPR). 
  3. (c) Storage period: We delete your requests as well as your contact data if the request has been answered conclusively. Your data are, in general, stored for a period of three (3) months and subsequently erased if we do not receive follow-up requests and if the data must not be further processed for different purposes (e.g., for the fulfilment of our legal documentation obligations – cf. point 6.4). 

6.3 Purchases via the Online Shop; registering a customer account 

  1. (a) Type and extent of data processing: In case you wish to make use of our services (i.e., in particular, purchasing merchendise via the Online Shop), you have to provide us with certain details as indicated during the checkout process. You may register a customer account which is, however, not necessary to process your order. Necessary information is labelled accordingly; additional details may be provides to us voluntarily. 

Payments in regards to purchases via the Online Shop can be made in EUR using a credit card. Thus, you will have to provide your card details in the course of concluding your order. Your transaction will be secured by means of a 3-D Secure security layer. The payment transaction is carried out by the credit card company/financial institution and your card will be debited accordingly. Certain data are transferred and processed to the respective credit card company/financial institution. Please also review the credit card company’s data protection declaration and general terms and conditions. 

In order to realize payments, we engage Stripe Payments Europe, Limited (cf. point 5) as processor. An outsourcing of processing activities to third parties such as group companies may take place, wherefore a processing of your data in the US, in particular by Stripe, Inc. (California, USA) is possible; any such potential transfer is usually based on the adequacy decision of the 7/13 

EU Commission in the sense of Art 45 GDPR concerning the “EU-US Data Privacy Framework”. You may review the certification of Stripe, Inc. under: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000TQOUAA4&status=Active

  1. (b) Legal basis and purpose: Processing of your data in the course of making purchases via the Online Shop follows the purpose of realising our business activity and enabling us to render our services to customers; this is necessary for performance of the respective contract concluded with us respectively to take steps at your request prior to entering into a contract (Art 6 para 1 lit b GDPR). 

Any additional processing of data in the course of registering a customer account or due to voluntary provision of data serves the purpose of providing additional services or facilitating communication, and it is based on our legitimate interest in offering such additional services or in facilitating communications in line with the usual expectations towards our service range and the wishes the user expressed by voluntarily registering a customer account or indicating data (Art 6 para 1 lit f GDPR). (For the right to object interest-based processing, see point 4.) 

  1. (c) Storage period: Data in relation to purchases in the Online Shop will be kept, in principle, for a period of two (2) years; however certain data must be stored for longer periods due to legal retention and documentation obligations (cf. point 6.4); longer storage periods may also apply where we need your data in the course of the exercise or defence of legal claims. 

Data which we process in relation to the registration of a user account will be stored for the duration of existence of said account; at any time, you may request deletion of your user account by contacting us using the contact options indicated under point 2. 

6.4 Web analysis and tracking 

  1. (a) Type and extent of data processing: On our Website, we use the web analysis and tracking software “Jetpack Stats” (https://wordpress.com/support/stats/). This allows us to track when our Website is accessed, evaluate said accesses and generate statistical data within this context. As a result, we are able to gain certain knowledge about user behaviour. 

Jetpack Stats uses a tracking pixel (cf. point 7.3) and processes traffic data (cf. point 6.1), which are transferred automatically in case the Website is accessed. In particular, Jetpack Stats tracks and retains the following information about you: (i) page views, (ii) outbound link clicks, (iii) referring URLs and search engine terms, (iv) country. 

Jetpack Stats is provided to us by Aut O’Mattic A8C Ireland Ltd. (cf. point 5) as a processing service. Aut O’Mattic A8C Ireland Ltd. may outsource certain processing activities to third parties such as group companies, wherefore a processing of your data in the US, in particular by Automattic Inc. (California, USA) is possible; any such potential transfer is usually based on the adequacy decision of the EU Commission in the sense of Art 45 GDPR concerning the “EU-US Data Privacy Framework”. You may review the certification of Automattic Inc. under: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000CbqcAAC&status=Active. 

  1. (b) Legal basis and purpose: We use the collected data for the purpose of generating statistical information, which allows us to draw conclusions on the general use of our Website as well as to adapt our content accordingly. The processing of your data is based on our legitimate interest (Art 6 para 1 lit f GDPR), which consists of gaining insight to user behaviour on our Website; this provides us with essential information from an entrepreneurial perspective with the help of which we may improve our service offerings (for the “right to object”, see point 4).
  2. (c) Storage period: Jetpack Stats logs are retained for a period of twenty-eight (28) days. 

6.5 Legal retention and documentation obligations 

  1. (a) Type and extent of data processing: In general, we do not store your data for longer than absolutely necessary. However, in some cases, we are subject to legal obligations that do not allow us to erase your data immediately. This concerns, for instance, accounting data, which have to be stored by us, among other things, because of retention and documentation periods set by relevant fiscal and commercial law. 
  2. (b) Legal basis and purpose: We process your data in this context on the basis of Art 6 para 1 lit c GDPR (legal obligation). This processing of your data is conducted for the purpose of complying with our own statutory duties. 
  3. (c) Storage period: Due to legal retention and documentation obligations, which are arising under fiscal and commercial law, your data, where relevant in this regard, are generally stored for a period of seven (7) years. In case the data in question are relevant for a pending (tax) proceeding, they might be stored for longer. As a result of other legal requirements, storage periods may deviate for certain data. 

7. Cookies and similar technologies 

On our Website we us the following technologies for different purposes. If information is stored on your end device by doing so, they are called storage technologies, and are subject to particular data protection regulations. Additionally, we use other technology (such as tracking pixels) for similar purposes. 

7.1 Cookies 

We use so-called “cookies” on our Website. As far as those cookies are technically necessary and thus essential for the proper functioning of our Website (see below) and store personal data, we utilize them on the basis of our accompanying legitimate interest (Art 6 para 1 lit f GDPR; for the “right to object”, see point 4). In case we use cookies which are not technically necessary in that sense, we ask you for your prior consent (Art 6 para 1 lit a GDPR; for the “right to withdraw, see point 4). 

Cookies are small data sets that are stored on your end device by your respective browser. They are placed by a web server and sent back to it as soon as a new connection is established in order to recognise the user and his settings. In this sense a cookie assigns a specific identity consisting of numbers and letters to your end device. 

Cookies can fulfil different purposes, e.g., helping to maintain the functionality of websites with regard to state of the art functions and user experience. The actual content of a specific cookie is always determined by the website that created it. 

Cookies always contain the following information: 

  • name of the cookie; 
  • name of the server the cookie originates from; 
  • ID number of the cookie; 
  • an end date at the end of which the cookie is automatically deleted. 

Cookies can legally be differentiated according to type and purpose as follows:

Necessary cookies: Technically necessary (also: essential) cookies are required for the proper functioning of websites by enabling basic functions, such as site navigation and access to protected areas. Without such cookies, a website regularly fails to be fully functional. Necessary cookies are always first-party cookies. They can only be deactivated in the settings of your browser by rejecting all cookies without exception (see below) and are also used on our Website legally permissible without obtaining prior consent. 

Other types of cookies: Cookies not being technically necessary in the described manner can serve different purposes and be classified accordingly (e.g., “analytics cookies” to analyse user behaviour and create statistics, “marketing cookies” to track users across websites to display personalised advertisements, “plugin cookies” used in the course of embedding third-party services into a website). In case we utilize such cookies, we shall obtain your prior consent as outlined above.

With regard to the storage period cookies can be further differentiated as follows: 

Session cookies: Such cookies will be deleted without any action on your part as soon as you close your current browser session. 

Persistent cookies: Such cookies (e.g., to save your language settings) remain stored on your end device until a previously defined expiration date or until you have them manually removed. 

Furthermore, cookies may be differentiated by their subject of attribution: 

First-party cookies: Such cookies are used by ourselves and placed directly from our Website. Browsers generally do not make them accessible across domains which is why the user can only be recognised by the page from which the cookie originates. 

Third-party cookies: Such cookies are not placed by the website operator itself, but by third parties when visiting a specific website, in particular, for advertising purposes (e.g., to track surfing behaviour). They allow, for example, to evaluate different page views as well as their frequency.

Most browsers automatically accept cookies. Moreover, you have the option to customize your browser settings so that cookies are either generally declined or only allowed in certain ways (e.g., limiting refusal to third-party cookies). However, if you change your browser’s cookie settings, our Website may no longer be fully usable. Via the browser settings, you also have the option to delete the entirety of cookies already stored on your end device.

Specifically, we use the following cookies:

NameTypeDurationPurpose
wp_woocommerce_session_*Technically necessary first-party cookie2 daysUsed to realize the basic functionality of the Online Shop
woocommerce_cart_hashTechnically necessary first-party cookiesSessionUsed in connection with the shopping cart function of the Online Shop
woocommerce_items_in_cartTechnically necessary first-party cookiesSessionUsed in connection with the shopping cart function of the Online Shop
_stripe_midTechnically necessary first-party cookies1 yearUsed to realize payment functions of the Online Shop via “Stripe”
_stripe_sidTechnically necessary first-party cookies30 minutesUsed to realize payment functions of the Online Shop via “Stripe”
mTechnically necessary third-party cookie (m.stripe.com)1 yearUsed to realize payment functions of the Online Shop via “Stripe”

 7.2 Local storage; session storage 

In addition to cookies, we also use the so-called local storage or session storage to store certain data on your end device, whereby your browser software maintains a separate local storage or session storage for each domain. Besides yourself, only we are able to access the data we are processing in this context. If technically necessary for the functioning of our Website, certain information may be stored in the local storage or session storage without your consent. In contrast to “cookies”, this method is safer and faster because data are not transferred automatically to the respective server with every HTTP request, but stored by your browser software. Additionally, a greater volume of data (at least 5 megabytes) can be stored, whereas cookies have a maximum storage capacity of 4096 Bytes. 

Since their functionality is similar to that of cookies, point 7.1 applies correspondingly. Please be aware that information in the local storage does not have a predefined expiration date (similar with persistent cookies). In contrast, information in the session storage is stored only for the duration of respective browser session (similar to session cookies). 

The manual erasure of data from the local or session storage can be achieved similarly to the manual erasure of cookies through the browser settings of most browsers since common browsers combine settings for cookies, local storage and session storage, collectively referring to website data (e.g., “cookies and other website data”); therefore please review point 7.1 for the full picture. If cookies and other website data are combined accordingly by your browser software, disabling cookies also disables access to the local storage or session storage (which therefore can lead to usability limitations). Disabling JavaScript can also prevent websites from accessing the local or session storage. However, this may result in severe usability limitations. 

Specifically, we use the following local/session storage objects:

NameTypeDurationPurpose
wc_cart_hash_*Technically necessary first-party local storage objectPersistentUsed in connection with the shopping cart function of the Online Shop
wc_cart_createdTechnically necessary first-party session storage objectsSessionUsed in connection with the shopping cart function and to realize basic functionality of the Online Shop
wc_fragments_*Technically necessary first-party session storage objectsSessionUsed in connection with the shopping cart function and to realize basic functionality of the Online Shop
_ab, _mf, id, 1Technically necessary third-party session storage objects (m.stripe.network)SessionUsed to realize payment functions of the Online Shop via “Stripe”

7.3 Tracking pixel 

Apart from cookies, we also use so-called tracking pixels (also: pixel tags or web beacons) to collect certain data via our Website. Tracking pixels are transparent images which are practically invisible as they consist of a single pixel. The tracking pixel is placed on a server and loaded therefrom as soon as a respective subpage of our Website is accessed. They allow us to track that a subpage is accessed as well as any subsequent user activity on this page, in order to place targeted marketing. By means of the tracking pixel, in particular, the following information can be collected: (i) operating system used; (ii) browser type/version used; (iii) time of access; (iv) user behaviour on the visited page; (v) IP address and approximate location of the user. As a tracking pixel is merely an image loaded from a server, its lifetime is limited to your current browser session. 

8. Social media and third-party platform presences 

For the purpose of promoting our business activity and our service offer, we maintain presences in various social networks and similar platforms. The processing of your data in this context is based on our legitimate interest (Art 6 para 1 lit f GDPR; for the “right to object”, see point 4) in expanding our reach as well as providing additional information and means of communication to users of social networks and similar platforms. In order to reach said purposes at the best possible rate, we may utilise functions provided by the respective service provider to measure our reach in detail (access statistics, identification of returning users, etc.). 

In the course of accessing any of the online presences outlined subsequently, we process the general information being evident due to your profile in the respective network/platform as well as additional continuance, contact or content data, as far as you provide us with such data by interacting with our online presence and its contents. We do not store those data separately outside of the respective social network. 

Since we jointly decide with the relevant service provider (respectively entity expressly outlined as controller) upon purposes and means of data processing in the course of a respective online presence, we are to be considered joint controllers in the sense of Art 26 GDPR. The provider of each social network respectively platform mentioned shall act as the primary point of contact with regard to all general and technical questions in respect of our online presences; this also applies to fulfilling rights of the data subjects in the sense of point 4. However, in case of requests concerning the specific operation of our online presences, your interactions with them or information 12/13 

published/collected via such channels, we shall be the primary point of contact; point 4 as well as other stipulations in this Data Protection Declaration apply correspondingly. 

Some of the subsequent service providers are respectively their server landscape is located outside of the EU/EEA or they use processors to render their services to which this applies. Please be aware that we have no influence if or to which extent such transfers take place when using the respective network. You can find the relevant information on how each service provider handles third-country transfers (which might include data of you provided in the course of interacting with our social media presences) in the relevant data protection information of such service provider (cf. the respective links under each subsequent subsection). Mostly, those service providers utilise a certification according to the “EU-US Data Privacy Framework” pursuant to the respective adequacy decision of the EU Commission in the sense of Art 45 GDPR or standard data protection clauses in the sense of Art 46 para 2 lit c GDPR adopted by the European Commission in order to justify their transfers. 

You can review the most relevant certifications relating to group companies of the subsequently displayed providers under the following links: 

  • Meta Platforms, Inc. (re “Instagram”): https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC&status=Active; 

8.1 Instagram 

The social network “Instagram” is operated by Instagram Inc., 1601 Willow Road, Menlo Park, California 94025, USA, which is part of the Facebook group. Controller from a data protection point of view with regard to the EEA region is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Meta Ireland”). In respect of the operation of our Instagram account “The Art of Pele”, we are joint controllers in the sense of Art 26 GDPR with Meta Ireland. 

Please note that we have no influence on the programming and design of the social network; thus, we can only use the options provided by Instagram in order to personalise and maintain our Instagram account. Hence, please carefully review the terms which the service provider prescribes for the use of the social network (https://help.instagram.com/581066165581870?cms_id=581066165581870) as well as the separate data protection declaration (https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect) and consider the settings options in your Instagram account. In regards to any information provided by us via mechanisms made available by Instagram (postings, stories, etc.), we are naturally fully responsible.