Privacy Policy

Privacy Policy

The following privacy notices apply to our websites pos-cashservice.de, pos-zubehoer.de, and their subdomains. Should third-party offers be accessible via references (hyperlinks) from our site, our privacy notices do not apply to these linked offers.

The company listed in the imprint is responsible for the processing of your personal data as defined by data protection laws.

For questions regarding the processing of your personal data, please contact our Data Protection Officer at datenschutz@pos-cashservice.de.

Processing of Personal Data in the Context of Basic Website Functions

To enable you to access our websites at all, for the administration of the internet offer, and to ensure information security, usage data is automatically logged on the webserver (including IP address, time of access, file accessed, amount of data transferred, other connection data). To manage the internet connection during your visit and to provide features of our websites, we store the following cookies on your computer’s hard drive:

• Cookie Consent Capture, if you have given us consent for cookies (Cookie name: “CookieConsent”, deleted after one year)
• Technical Cookie to maintain the user’s state across all page requests (Cookie name: “CAKEPHP”, deleted after one day)
• Technical Cookie to differentiate between humans and bots for statistics (Cookie name: “__cf_bm”, deleted after one day)
• Technical Google Cookie to check if the user’s browser supports cookies (Cookie name: “test_cookie”, deleted after one day)
• Chat Functionality Basic (Cookie names: “uslk_s”, deleted after one year and “uslk_”, permanently stored)
• Login Function of Customer Portal (Cookie name: “refreshToken”, deleted after one day)
• Capture of Currency and Language on pos-zubehoer.de (Cookie names: “currency” and “language”, deleted after three months)

Some browsers already allow cookies by default. If you do not wish this, you can change the settings of your browser. For details on how to do this, please refer to your browser manufacturer’s information. If you decide against cookies, parts of our internet offer may not be usable.

In the aforementioned cases, we have a legitimate interest (Article 6 (1) (f) GDPR) in the processing of the data and storage of the cookies. Additionally, selected loggings from our legitimate interests (Article 6 (1) (f) GDPR) fulfill data protection proof obligations according to Article 5 (2) GDPR. We delete these connection and system logs one month after collection.

Input Forms

On some pages, you can enter personal data via forms and send them to us:

• For the purpose of corresponding with us (Data processing based on a legitimate interest Article 6 (1) (f) GDPR)
• Ordering process for ordering in our online shop (Data processing according to Article 6 (1) (b) GDPR)
• Use of features of our customer portal (see section “Customer Portal”)

All data is processed only for the purpose for which you have provided us the data. Any further processing is carried out in compliance with legal requirements, e.g., when commissioning subcontractors, transferring to government authorities, or other third parties.

We delete your related data when the purpose for which you provided us your data is fulfilled or completed. Furthermore, we are subject to various retention and documentation obligations, which may arise from the Commercial Code, the Fiscal Code, the Sales Tax Law, or the Civil Code. The defined retention periods are up to 10 years, although individual cases may deviate. After the reasons for storage no longer apply, we delete your data.

Customer Portal (login.pos-cashservice.de)

At login.pos-cashservice.de, you can log in with your customer data. Login data is sent to you upon contract conclusion. There, you can retrieve data and initiate selected business transactions.

In a customer profile within our customer portal, the following information can be retrieved or functions used:

• Customer master data / company details (e.g., name, contact details)
• Billing data
• Change orders
• Viewing of customer-specific transactions and export of transaction summaries

No usage data of the website is stored in any case. Your profiles are based solely on your information or your orders. Automated profile building by us based on your behavior or other information does not take place. Access to your respective profile is password-protected and only accessible to third parties if you initiate the transmission yourself.

The information and functions provided in the customer portal serve solely to execute your contracts with our company. They facilitate contract processing and support. The processing of your personal data is therefore legitimized under Article 6 (1) (b) GDPR for the purpose of contract execution.

Your customer profile is provided for the duration of your contract with our company. After the contract ends, your customer profile is deleted by us. You also have the option to request profile deletion during the contract term, as the related business transactions and information can also be obtained from our company through other means. If necessary, data subject to retention obligations are stored beyond the end of the contract. Among others, we are subject to various retention and documentation obligations arising from the Commercial Code, the Fiscal Code, the Sales Tax Law, or the Civil Code. The defined retention periods are up to 10 years, although individual cases may deviate. After the reasons for storage no longer apply, we delete your data.

Login Area on pos-zubehoer.de

On our website pos-zubehoer.de, you can also create a profile in a protected login area, store data there, and retrieve it if needed. This user profile facilitates the ordering process. For new orders, your profile data is directly available and does not need to be re-entered; additionally, you can track the order status, view previous orders, and edit personal data.

Your user profile is based solely on your information and the orders you have placed. Automated profile building by us based on your behavior on the website or other information does not take place. Access to your respective profile is password-protected.

When you create a profile on our website, a contract for the storage and provision of the respective profile is concluded between us. Furthermore, the user profile supports the ordering process as a pre-contractual measure. The processing of your personal data is therefore legitimized under Article 6 (1) (b) GDPR. We do not independently delete your personal data stored in a profile. However, you have the option at any time to change or delete individual data in your profile as well as to completely delete the profile created, thereby deleting all stored personal data.

For the technical operation of the login area, we store cookies on your computer to ensure functionality.

Application Form

With our application form on pos-cashservice.de, you can capture or upload data for applications via an input form and send it to us. Data processing takes place for the decision on the establishment of an employment relationship according to Article 6 (1) (b) GDPR in conjunction with §26 BDSG. Further information on the processing of your data in the application process will be sent to you upon receipt of your application.

Data Processing in the Context of User Chats

The website pos-cashservice.de uses Userlike, a live chat software from the company Userlike UG (limited liability).

Userlike uses “cookies”, text files stored on your computer, which enable a personal conversation in the form of a real-time chat on the website with you. Information on the functional cookies can be found in the section “Processing of Personal Data in the Context of Basic Functions of the Website”. In addition to the functional cookies, the cookie “loglevel:userlike” (permanently stored) can be set to recognize returning users. We only do this with your consent via the cookie banner in the “Preferences” category.

For support purposes, we can see which pages of our web presence you are on during the chat (applies only to our web presence and for the duration of the chat). The collected data is not used to personally identify the visitor of this website and is not merged with personal data about the bearer of the pseudonym.

Userlike UG also uses Amazon Web Services EMEA SARL in Luxembourg to provide the chat. As this is a US corporation, we cannot completely exclude data transmission to third countries. Therefore, Userlike has concluded so-called EU standard contractual clauses according to Art. 46 GDPR with Amazon to ensure an adequate level of data protection.

For more information on the service, please refer to the privacy policy of Userlike at https://www.userlike.com/de/terms#privacy-policy.

Data Processing for Advertising as well as Market and Opinion Research

By placing orders through our online shop, you will receive important information about the contract, special promotions, or other products from POS-cashservice GmbH at the email address provided in the order form in the future. You can object to the use for direct advertising at any time against POS-cashservice GmbH by email, phone, or mail. No other costs arise other than the transmission costs according to basic rates. Data processing takes place within the framework of legal requirements according to §7 (3) UWG in connection with a balancing of interests according to Art. 6 (1) (f) GDPR, to support the distribution of our products and services through targeted direct advertising.

Consents

Processing of your personal data beyond this privacy notice generally only takes place if you have given us your consent according to Art. 6 (1) (a) GDPR. On our website, you have the opportunity to give such explicit consent. In the context of consent, further information about the processing of your data is provided.

Google Analytics

We use Google Analytics for web analytics on pos-cashservice.de to make the website as optimal and user-friendly as possible. We only conduct web analytics if you have given your prior consent (Article 6 (1) lit a GDPR). We ask for your consent via a cookie banner in the “Statistics” section when you visit our website.

Google Analytics, a web analytics service provided by Google Inc. (“Google”), also stores the following “cookies”:

• Name: “_gat”, Storage duration: 1 day
• Name: “_gid”, Storage duration: 1 day
• Name: “_ga”, Storage duration: 2 years

The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. This website uses Google Analytics with the extension “_anonymizeIp()”. This means that IP addresses are shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before processing continues. This excludes direct personal reference in the further processing of the data. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide other services related to website and internet use to the website operator. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data.

You can prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.

The use of Google Analytics is carried out in accordance with the conditions agreed upon by the German data protection authorities with Google.

Third-party information:

Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.

Terms of use: http://www.google.com/analytics/terms/de.html

and the privacy policy: https://policies.google.com/privacy.

Google Marketing Tools

Google Ads Conversion

We use Google Ads Conversion to draw attention to our offers on external websites using advertising media (Google Ads). We can determine how successful the individual advertising measures are in relation to the data of the advertising campaigns. We pursue the interest of showing you advertising that is of interest to you, making our website more interesting for you, and achieving a fair calculation of advertising costs.

These advertising media are delivered by Google via so-called “ad servers”. For this purpose, we use ad server cookies, which can measure certain parameters for success measurement, such as the display of ads or clicks by users. If you reach our website via a Google ad, a cookie is stored on your end device by Google Ads. These cookies are not intended to personally identify you. Usually, the following analysis values are stored for this cookie: unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions), and opt-out information (marking that the user does not want to be addressed anymore).

These cookies enable Google to recognize your internet browser. If a user visits our websites and the cookie stored on their computer has not yet expired, Google and we can recognize that the user clicked on our ad and was redirected to our page. Each Ads client is assigned a different cookie. Cookies can therefore not be tracked across the websites of Ads clients. We ourselves do not collect and process any personal data in the mentioned advertising measures. We only receive statistical evaluations from Google. Based on these evaluations, we can identify which of the implemented advertising measures are particularly effective. We do not receive further data from the use of the advertising media; in particular, we cannot identify the users based on this information.

Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data collected by the use of this tool by Google and therefore inform you according to our level of knowledge: By integrating Ads Conversion, Google receives the information that you have accessed the corresponding part of our internet presence or clicked on an ad from us. If you are registered with a Google service, Google may associate the visit with your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider may obtain and store your IP address.

Google Ads Remarketing

We use the remarketing function within the Google Ads service. With the remarketing function, we can present interest-based advertisements to users of our website on other websites within the Google advertising network (in Google search or on YouTube, so-called “Google Ads” or on other websites). For this purpose, the interaction of users on our website is analyzed, e.g., for which offers the user has shown interest, in order to be able to display targeted advertising to users even after visiting our website on other pages. For this, Google stores a number in the browsers of users who visit certain Google services or websites in the Google Display Network. The visits of these users are recorded through this number referred to as “cookie”. This number serves to uniquely identify a web browser on a specific end device and not to identify a person; personal data is not stored.

You can prevent participation in this tracking process in various ways: a) by setting your browser software accordingly, in particular, the suppression of third-party cookies means that you will not receive advertisements from third-party providers; b) by installing the plug-in provided by Google at the following link: https://www.google.com/settings/ads/plugin; c) by deactivating the interest-based ads of the providers that are part of the self-regulation campaign “About Ads” via the link http://www.aboutads.info/choices, although this setting will be deleted when you delete your cookies; d) by permanent deactivation in your browsers Firefox, Internet Explorer, or Google Chrome under the link http://www.google.com/settings/ads/plugin, e) by means of the appropriate cookie setting. We point out that in this case you may not be able to fully use all the functions of this offer.

More information about privacy at Google can be found here: http://www.google.com/intl/en/policies/privacy and https://services.google.com/sitestats/en.html. Alternatively, you can visit the Network Advertising Initiative (NAI) website at http://www.networkadvertising.org.

Google Tag Manager

Our websites also use the Google Tag Manager tool, with which we can manage website tags via an interface. The tool itself (which implements the tags) is a cookie-less domain and does not collect any personal data. The tool ensures the triggering of other tags, which may collect data. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this remains in effect for all tracking tags implemented with Google Tag Manager.

Cookies Set by Google Marketing Tools

We only store cookies for the aforementioned Google marketing tools if you have given us your consent via our cookie banner (according to Article 6 (1) lit a GDPR). The cookies are grouped in the “Marketing” section:

• Name: “_gcl_au”. Used by Google AdSense to experiment with advertising efficiency on websites that use its services. Storage duration 3 months.
• Name: “pagead/landing”. Collects data on visitor behavior on multiple websites to present more relevant advertising – This also allows the website to limit the number of times the same ad is shown. Deleted at the end of the user session.
• Name: “ads/ga-audiences”. Used by Google AdWords to encourage users to revisit the website based on cross-website user activities. Deleted at the end of the user session.

Facebook Pixel

Our website uses the visitor action pixel from Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) for conversion measurement.

This allows the behavior of site visitors to be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This allows the effectiveness of Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized. Facebook also stores the cookie “_fbp” (storage duration 3 months) on your device.

The data collected is anonymous to us as the operator of this website; we cannot draw conclusions about the identity of the users. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, according to the Facebook data usage policy. This can allow Facebook to enable the placement of ads on pages of Facebook as well as outside of Facebook. We as the site operator cannot influence this use of the data.

The Facebook Pixel is only activated if you have given your prior consent (Article 6 (1) a GDPR). We ask for your consent via a pop-up window when you visit our website; this window also provides further information about the cookie. In the privacy policy of Facebook, you can find more information about protecting your privacy.

You can also deactivate the remarketing function “Custom Audiences” in the ad settings area under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You need to be logged in to Facebook to do this.

If you do not have a Facebook account, you can deactivate usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance.

Facebook

Our Facebook page is accessible via the platform of Facebook (www.facebook.com), which is operated in the European Union by:

Meta Platforms Ireland Ltd. (“Meta”), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

Independent Processing of Usage Data by Meta

When you visit our Facebook page, Meta collects usage data. For these data processing activities, Meta is primarily responsible for data protection.

Meta provides information on this in its data policy and cookie policy.

The data collected in this context are processed by Meta and may be transferred to countries outside the EU. What information Meta receives and how it is used is described by Meta in its data usage policies. There you will also find information about contact options for Facebook or Meta as well as the settings options for advertisements.

When accessing a Facebook page, the IP address assigned to your end device is transmitted to Meta. According to Meta, this IP address is anonymized. Meta also stores information about its users’ end devices (e.g., as part of the “login notification” function); thus, Meta may be able to associate IP addresses with individual users.

If you are currently logged in as a user on Facebook, a cookie with your Facebook ID is located on your end device. This enables Meta to track that you have visited the respective page and how you used it. This also applies to all other Facebook pages. Through Facebook buttons integrated into websites, Meta is able to record your visits to these websites and assign them to your Facebook profile. Based on this data, content or advertising can be tailored to you.

If you want to avoid this, you should log out of Facebook or disable the “stay logged in” function, delete the cookies present on your device, and restart your browser. This will delete Facebook information that can be used to directly identify you. Thus, you can use the Facebook Fanpage without revealing your Facebook ID. If you access interactive features of the page (like, comment, share, messages, etc.), a Facebook login mask will appear. After a possible login, you are again recognizable for Facebook as a user.

According to its own statements, Meta stores the data until they are no longer needed to provide its services and Facebook products, or until the respective user account is deleted, whichever comes first. This depends on the circumstances of the individual case, in particular, the type of data, why they were collected and processed, and the relevant legal or operational storage needs.

In connection with the aforementioned functions, Meta may also transfer the processed data to servers outside the EU, especially to Meta Platforms Inc. in the USA, if this is necessary to provide these services. For the USA, there is an adequacy decision of the EU Commission with the EU-U.S. Data Privacy Framework, which certifies an adequate level of data protection in the sense of the GDPR to certified companies. Meta Platforms Inc. is certified under the EU-U.S. Data Privacy Framework and is also listed in the U.S. Department of Commerce’s list (Data Privacy Framework List). When transferring data to servers of Meta Platforms Inc. in the USA, therefore, a consistently high level of data protection is ensured. If data is transferred to the USA, such a third-country transfer is based on Art. 45 (1) sentence 1 GDPR.

Processing of Usage Data in Joint Responsibility

When you visit our Facebook page, Meta uses certain usage data (e.g., whether you have marked certain posts with “like” or commented on them) to provide us with aggregated usage statistics (so-called “Page Insights”). Usage statistics do not allow conclusions to be drawn about the behavior of individual users but merely give us an overview of the use of the Facebook page (e.g., which posts were clicked on particularly frequently). We ourselves do not have access to the personal data processed for the creation of the statistics. What usage actions are logged by Facebook is determined solely by Meta and cannot be set up, changed, or otherwise influenced by us.

We receive usage statistics from Meta to improve the posts published on Facebook and to make them as interesting as possible for users.

For the processing of personal data for the creation of these usage statistics, Meta and we are jointly responsible according to Art. 26 GDPR.

The information from Facebook on Page Insights describes which data are processed in the context of joint responsibility and contains the “Page Insights Supplement,” in which Meta and we have contractually agreed who fulfills which obligations under the GDPR.

Processing Your Data When Communicating via Facebook

If you contact us via the Facebook page, e.g., by commenting on a post or sending us a message via Facebook Messenger, we process your related personal data (e.g., your name and communication content) to handle your request.

Instagram

Our Instagram page is accessible via the platform of Instagram (www.instagram.com), which is operated in the European Union by:

Meta Platforms Ireland Ltd. (“Meta”), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

Independent Processing of Usage Data by Meta

When you visit our Instagram page, Meta collects usage data. For these data processing activities, Meta is primarily responsible for data protection. Information on this is provided by Meta in its data policy and cookie policy.

The data collected in this context are processed by Meta and may be transferred to countries outside the EU. What information Meta receives and how it is used is described by Meta in its data usage policies. There you will also find information about contact options for Instagram or Meta as well as the settings options for advertisements.

When accessing an Instagram page, the IP address assigned to your end device is transmitted to Meta. According to Meta, this IP address is anonymized. Meta also stores information about its users’ end devices (e.g., as part of the “login notification” function); thus, Meta may be able to associate IP addresses with individual users.

If you are currently logged in as a user on Instagram, a cookie with your Instagram ID is located on your end device. This enables Instagram to track that you have visited the respective page and how you used it. This also applies to all other Instagram pages. Through Instagram buttons integrated into websites, Instagram is able to record your visits to these websites and assign them to your Instagram profile. Based on this data, content or advertising can be tailored to you.

If you want to avoid this, you should log out of Instagram or disable the “stay logged in” function, delete the cookies present on your device, and restart your browser. This will delete Instagram information that can be used to directly identify you. Thus, you can use the Instagram Fanpage without revealing your Instagram ID. If you access interactive features of the page (like, comment, share, messages, etc.), an Instagram login mask will appear. After a possible login, you are again recognizable for Instagram as a user.

According to its own statements, Meta stores the data until they are no longer needed to provide its services and Instagram products, or until the respective user account is deleted, whichever comes first. This depends on the circumstances of the individual case, in particular, the type of data, why they were collected and processed, and the relevant legal or operational storage needs.

In connection with the aforementioned functions, Meta may also transfer the processed data to servers outside the EU, especially to Meta Platforms Inc. in the USA, if this is necessary to provide these services. For the USA, there is an adequacy decision of the EU Commission with the EU-U.S. Data Privacy Framework, which certifies an adequate level of data protection in the sense of the GDPR to certified companies. Meta Platforms Inc. is certified under the EU-U.S. Data Privacy Framework and is also listed in the U.S. Department of Commerce’s list (Data Privacy Framework List). When transferring data to servers of Meta Platforms Inc. in the USA, therefore, a consistently high level of data protection is ensured. If data is transferred to the USA, such a third-country transfer is based on Art. 45 (1) sentence 1 GDPR.

Processing of Usage Data in Joint Responsibility

When you visit our Instagram page, Meta uses certain usage data (e.g., whether you have marked certain posts with “like” or commented on them) to provide us with aggregated usage statistics (so-called “Page Insights”). Usage statistics do not allow conclusions to be drawn about the behavior of individual users but merely give us an overview of the use of the Instagram page (e.g., which posts were clicked on particularly frequently). We ourselves do not have access to the personal data processed for the creation of the statistics. What usage actions are logged by Instagram is determined solely by Meta and cannot be set up, changed, or otherwise influenced by us.

We receive usage statistics from Meta to improve the posts published on Instagram and to make them as interesting as possible for users.

For the processing of personal data for the creation of these usage statistics, Meta and we are jointly responsible according to Art. 26 GDPR.

The information from Meta on Page Insights describes which data are processed in the context of joint responsibility and contains the “Page Insights Supplement,” in which Meta and we have contractually agreed who fulfills which obligations under the GDPR.

Processing Your Data When Communicating via Instagram

If you contact us via the Instagram page, e.g., by commenting on a post or sending us a message via the Instagram Messenger, we process your related personal data (e.g., your name and communication content) to handle your request.

Google Web Fonts

On www.pos-cashservice.de, external fonts, Google Fonts, are used. The integration of the fonts is carried out for a functional provision of the website from our legitimate interests according to Art. 6 Abs. 1f GDPR. Google Fonts is a service of Google Inc. (“Google”). The integration of these web fonts is done by a server call, usually a server of Google in the USA. This transmits to the server which of our internet pages you have visited. Also, the IP address of the browser of the end device of the visitor to these internet pages is stored by Google. More information can be found in Google’s privacy notices, which you can access here:

https://fonts.google.com/#AboutPlace:about

https://policies.google.com/privacy

Your Rights

According to Art. 15-20 GDPR, you have the right to access your personal data processed by us and rights to data portability, correction, deletion, and restriction of processing of your personal data. In addition, you have a right to lodge a complaint with a data protection supervisory authority according to Art. 77 GDPR in conjunction with §19 BDSG.

You have the right at any time to object to the processing of personal data concerning you, which is based on Article 6 (1) e GDPR (data processing in the public interest) and Article 6 (1) f GDPR (data processing on the basis of a balance of interests). You have the right to object at any time to the processing of personal data concerning you for the purposes of direct marketing; this also applies to profiling insofar as it is related to such direct marketing. You can also revoke consents given at any time.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is for the establishment, exercise, or defense of legal claims. The legality of the processing carried out on the basis of the consent until the revocation is not affected.

The assertion of all mentioned rights is generally free of charge for you and can be made informally. Please contact the company indicated in the imprint to exercise your rights.