1. Objectives and responsible body
2. Basic information on data processing
3. Processing of personal data
4. Collection of access data
5. Cookies & range measurement
6. Google Analytics
7. Google Re/Marketing Services
8. Facebook Social Plugins
9. Integration of third-party services and content
10. User rights and deletion
11. Changes to the Privacy Policy
1. Objectives and responsible body
This data protection declaration clarifies the type, scope and purpose of the processing (including collection, processing and use as well as obtaining consent) of personal data within our online offering and the websites, functions and content associated with it (hereinafter collectively referred to as “online offering”) “Website”). The data protection declaration applies regardless of the domains, systems, platforms and devices used (e.g. desktop or mobile) on which the online offering is run.
The provider of the online offer and the body responsible for data protection is ECKLA GmbH, Klaus Eckstein, Brunnenstr. 34, 74626 Bretzfeld-Schwabbach (hereinafter referred to as “Provider”, “we” or “us”). For contact options, please refer to our legal notice.
The term “user” includes all customers and visitors to our online offering. The terms used, such as “user”, are to be understood as gender-neutral.

2. Basic information on data processing
We only process users’ personal data in compliance with the relevant data protection regulations in accordance with the principles of data economy and data avoidance. This means that user data will only be processed if there is legal permission, in particular if the data is necessary for the provision of our contractual services and online services, or is required by law, or if consent is given.
We take organizational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of data protection laws are adhered to and to protect the data processed by us against accidental or intentional manipulation, loss, destruction or access by unauthorized persons protect.
If content, tools or other means from other providers (hereinafter collectively referred to as “third-party providers”) are used within the scope of this data protection declaration and whose headquarters are abroad, it can be assumed that data is transferred to the countries where the third-party providers are based . The transfer of data to third countries takes place either on the basis of legal permission, user consent or special contractual clauses that guarantee the security of the data as required by law.

3. Processing of personal data
In addition to the uses expressly stated in this data protection declaration, the personal data will be processed for the following purposes on the basis of legal permissions or consent of the users:
– The provision, execution, maintenance, optimization and security of our services, services and user services;
– Ensuring effective customer service and technical support.
We only transmit user data to third parties if this is necessary for billing purposes (e.g. to a payment service provider) or for other purposes if these are necessary to fulfill our contractual obligations to users (e.g. address notification to suppliers).
When you contact us (via contact form or email), the user’s information is stored for the purpose of processing the request and in the event that follow-up questions arise.
Personal data will be deleted provided that it has fulfilled its intended purpose and there are no retention obligations to prevent deletion.

4. Collection of access data
We collect data about every access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider .
We use the log data without assigning it to the user or other profiling in accordance with legal regulations only for statistical evaluations for the purpose of operation, security and optimization of our online offering. However, we reserve the right to subsequently check the log data if there is reasonable suspicion of unlawful use based on concrete evidence.

5. Cookies & range measurement
Cookies are information that is transmitted from our web server or third-party web servers to users’ web browsers and stored there for later retrieval. Users will be informed about the use of cookies as part of pseudonymous reach measurement in the context of this data protection declaration.
Viewing this online offer is also possible without cookies. If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Saved cookies can be deleted in the browser’s system settings. The exclusion of cookies can lead to functional restrictions of this online offer.
It is possible to set many online advertising cookies from companies via the US site or the EU site -choices/ to manage.

6. Google Analytics
We use Google Analytics, a web analysis service from Google Inc. (“Google”). Google uses cookies. The information generated by the cookie about users’ use of the online offering is usually transferred to a Google server in the USA and stored there.
Google will use this information on our behalf to evaluate the use of our online offering by users, to compile reports on the activities within this online offering and to provide us with other services related to the use of this online offering and internet usage. Pseudonymous user profiles can be created from the processed data.
We only use Google Analytics with IP anonymization activated. This means that the user’s IP address is shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
The IP address transmitted by the user’s browser is not merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; Users can also prevent Google from collecting the data generated by the cookie and relating to their use of the online offering and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://
Further information on Google’s use of data for advertising purposes, settings and objection options can be found on the Google websites: (“Use of data by Google when you use websites or apps from our partners”), (“Use of data for advertising purposes”), (“Manage information that Google used to show you advertising”) and (“Determine what advertising Google shows you”).

7. Google Re/Marketing Services
We use the marketing and remarketing services (“Google Marketing Services” for short) from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, (“Google”).
The Google marketing services allow us to display advertisements for and on our website in a more targeted manner in order to only show users advertisements that potentially match their interests. If, for example, users are shown ads for products that they were interested in on other websites, this is referred to as “remarketing”. For these purposes, when you visit our and other websites on which Google marketing services are active, Google directly executes a code from Google and so-called (re)marketing tags (invisible graphics or code, etc.) are inserted into the website referred to as “web beacons”) are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user’s device (comparable technologies can also be used instead of cookies). The cookies can be set by various domains, including,,,, or This file records which websites the user has visited, what content they are interested in and which offers they have clicked on, as well as technical information about the browser and operating system, referring websites, visiting time and other information about the use of the online offer. The user’s IP address is also recorded, although we inform Google Analytics that the IP address is shortened within member states of the European Union or in other contracting states to the Agreement on the European Economic Area and only in exceptional cases Transferred to servers by Google in the USA and shortened there. The IP address is not merged with the user’s data within other Google offerings. This information mentioned above may also be combined with such information from other sources. When the user then visits other websites, ads tailored to their interests can be shown to them.
User data is processed pseudonymously as part of Google marketing services. This means that Google does not store and process the user’s name or email address, for example, but rather processes the relevant cookie-related data within pseudonymous user profiles. This means that from Google’s perspective, the advertisements are not managed and displayed for a specifically identified person, but for the cookie holder, regardless of who the cookie holder is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymization. The information collected by “DoubleClick” about users is transmitted to Google and stored on Google’s servers in the USA.
The Google marketing services we use include the online advertising program “Google AdWords”. In the case of Google AdWords, each AdWords customer receives a different “conversion cookie”. Cookies cannot therefore be tracked via the websites of AdWords customers. The information collected using the cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers learn the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, you will not receive any information that can be used to personally identify users.
We integrate third-party advertisements based on the Google marketing service “DoubleClick”. DoubleClick uses cookies to enable Google and its partner websites to serve ads based on users’ visits to this website or other websites on the Internet.
We also integrate third-party advertisements based on the Google marketing service “AdSense”. AdSense uses cookies to enable Google and its partner websites to serve ads based on users’ visits to this website or other websites on the Internet.
Another Google marketing service we use is the “Google Tag Manager”, which can be used to integrate other Google analysis and marketing services into our website (e.g. “AdWords”, “DoubleClick” or “Google Analytics”) .
You can find out more information about Google’s use of data for marketing purposes on the overview page:, Google’s data protection declaration is at available.
If you would like to object to the collection by Google marketing services, you can use the settings and opt-out options provided by Google:

8. Facebook Social Plugins
Our online offering uses social plugins (“plugins”) from the social network, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). The plugins can be recognized by one of the Facebook logos (white “f” on a blue tile, the terms “Like”, “Like” or a “thumbs up” sign) or are marked with the addition “Facebook Social Plugin”. The list and appearance of the Facebook social plugins can be viewed here:
When a user accesses a function of this online offering that contains such a plugin, their device establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to the user’s device and integrated into the online offering. User usage profiles can be created from the processed data. We therefore have no influence on the amount of data that Facebook collects with the help of this plugin and therefore inform users according to our level of knowledge.
By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page of the online offering. If the user is logged in to Facebook, Facebook can assign the visit to their Facebook account. When users interact with the plugins, for example by clicking the Like button or leaving a comment, the corresponding information is transmitted from your device directly to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will find out and store their IP address. According to Facebook, only an anonymized IP address is stored in Germany.
The purpose and scope of data collection and the further processing and use of the data by Facebook as well as the related rights and setting options to protect the privacy of users can be found in Facebook’s data protection information: .
If a user is a Facebook member and does not want Facebook to collect data about them via this online offering and link it to their member data stored on Facebook, they must log out of Facebook and delete their cookies before using our online offering. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: or via the US website /choices/ or the EU site The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.

9. Integration of third-party services and content
It may happen that content or services from third-party providers, such as city maps or fonts from other websites, are integrated into our online offering. The integration of content from third-party providers always requires that the third-party providers perceive the user’s IP address, as without the IP address they would not be able to send the content to the user’s browser. The IP address is therefore required to display this content. Furthermore, the providers of third-party content can set their own cookies and process user data for their own purposes. User usage profiles can be created from the processed data. We will use this content as data-efficiently and as data-avoiding as possible and will choose reliable third-party providers with regard to data security.
The following presentation provides an overview of third-party providers and their content, along with links to their data protection declarations, which contain further information on the processing of data and, in some cases already mentioned here, objection options (so-called opt-out):
– External fonts from Google, Inc., (“Google Fonts”). The integration of Google Fonts occurs through a server call at Google (usually in the USA). Data protection declaration:, opt-out:
– Maps from the “Google Maps” service provided by the third-party provider Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration:, opt-out:
– Videos from the “YouTube” platform of the third-party provider Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration:, opt-out:

10. User rights and deletion of data
Users have the right, upon request, to receive information free of charge about the personal data that we have stored about them.
In addition, users have the right to correct incorrect data, revoke consent, block and delete their personal data, as well as the right to lodge a complaint with the responsible supervisory authority in the event that unlawful data processing is suspected.
The data we store will be deleted as soon as it is no longer required for its intended purpose and deletion does not conflict with any legal retention obligations.

11. Changes to the Privacy Policy
We reserve the right to change the data protection declaration in order to adapt it to changes in the legal situation or in the event of changes to the service or data processing. However, this only applies with regard to declarations on data processing. If consent from the users is required or components of the data protection declaration contain regulations of the contractual relationship with the users, the changes will only be made with the consent of the users.
Users are asked to regularly inform themselves about the content of the data protection declaration.

As of: May 27, 2018 6:28 p.m