Privacy Policy

Privacy Policy for Lipotype, last revised on May, 2018; Version:2.0

 Download Lipotype Privacy Policy

 


 

In A Nutshell

In general, our website (also the “Platform”) may be used anonymously. Providing personal data is purely voluntary and you will always be informed if and for what purpose we want to store your data. Personal data are data that enable us to identify you personally and/or to contact you, such as your name, address or e-mail address.
Here you can decide whether you allow us to statistically evaluate your visit to our website so that we can improve our services:

 


 

In Detail

Who We Are And How You Can Reach Us

The controller of the processing of personal data on this website is Lipotype GmbH, Tatzberg 47, 01307 Dresden, Germany, e-mail You may contact our data protection officer at the following address: Lipotype GmbH, Attn: Data Protection Officer, Tatzberg 47, 01307 Dresden, e-mail:

 
 

What Data We Do (Not) Process, For What Purpose, For How Long And On What Legal Basis

In general: If we intend to store data about you, we will always point this out to you and they will not be used for any purpose other than those expressly stated in this privacy policy.

 
 

Anonymous Use Of Our Website

You may use our website anonymously. When you visit our website, your web browser tells our web server your IP address so that communication is possible. Your IP address may be used to identify you. However, we do not store your IP address. You remain completely anonymous to us when visiting our website.

 
 

Data Processing Upon Contact

If you call us or send us a message, for example via the contact form or by e-mail, we need your e-mail address, your postal address or a telephone number if you want us to reply to you. You may also use a pseudonym instead of your name. We will use this data exclusively to handle your request. Your data will not be passed on to third parties. We will delete your data as soon as it is no longer needed for this purpose, i.e. usually three months after the last contact with you. If you have any further questions, please contact us again within three months. The legal basis for the data processing is Art. 6 para. 1 subpara. 1 letters b and f GDPR. The legitimate interest in processing on the basis of Art. 6 para. 1 subpara. 1 letter f GDPR is to fulfil your request.

Exceptions: We are required to retain business and commercial letters and other tax-relevant documents in order to fulfil our commercial and tax law archiving obligations; we will delete them by 31 March of the seventh calendar year following their creation, and in the case of booking receipts of the eleventh calendar year following their creation. The legal basis for tax law retention is Art. 6 Para. 1 Para. 1 Letter c GDPR in connection with sections 147 AO, 257 HGB. We will keep information on safety-related incidents and accidents or customer complaints for 31 years after the end of product distribution in order to comply with our product monitoring obligation and to assert or exercise legal claims or to defend against legal claims. The legal basis for data processing is Art. 6 para. 1 para. 1 letters b and f GDPR, in view of our product monitoring obligations also Art. 6 para. 1 para. 1 letter c GDPR in conjunction with the relevant jurisdiction. The legitimate interest in processing on the basis of Art. 6 para. 1 subpara. 1 letter f GDPR is to comply with our product monitoring obligations, as well as the exercise or pursuit of legal claims or the defence against legal claims.

If your request is for a special purpose (e.g. ordering, quotation request, newsletter order, expression of interest in our products or services), only the explanations in the respective section for that special purpose apply to data processing in this context.

 
 

Data Processing For Newsletters

If you subscribe to our newsletter, we need your e-mail address, otherwise we cannot send you the newsletter. All other information is voluntary. Your data will not be passed on to third parties, and we use it only for sending our newsletter and for customer care, in order to contact you individually (as far as this is legally permitted) – if necessary after researching further data – to present you offers and clarify your need for our services. You will first receive an email with a link you must click to confirm that you want to receive the newsletter (“Double-Opt-In”). This will prevent others from subscribing to the newsletter in your name. As described in your declaration of consent, we will analyze how you use our newsletter, namely when you open the newsletter with what browser and from which location and which links you click on. This data is used to improve our services and to make suggestions and offers tailored to your needs. In addition, we store your registration for the newsletter, if applicable your consent to the usage analysis and your confirmation to be able to prove that you have registered and agreed. For the purpose of sending the newsletter and analyzing its use, we will store your data until you revoke your consent or until the newsletter is permanently discontinued; for the purpose of customer service, we will delete your data as soon as you object or by 31 March of the fifth calendar year following your last order or enquiry or expression of interest; for the purpose of proof of consent by 31 March of the fourth calendar year following the last newsletter dispatch. If you do not confirm your newsletter subscription, we will delete your data after 24 hours. Please confirm your registration (“Double-Opt-In”) within 24 hours, otherwise you have to register again.

For the processing for the purpose of sending the newsletter and, if applicable, for the usage analysis, the legal basis is Art. 6 para. 1 para. 1 letter a GDPR. For processing for the purpose of proof of consent, the legal basis is Art. 6 para. 1 subpara. 1 letter c in connection with. Art. 5 para. 2 GDPR, Art. 7 para. 1 GDPR and Art. 24 para. 1 GDPR as well as Art. 6 para. 1 para. 1 letter f GDPR. For processing for the purpose of customer care, the legal basis is Art. 6 para. 1 subpara. 1 letter f GDPR. The legitimate interests in processing on the basis of Art. 6 para. 1 para. 1 letter f GDPR are the promotion of the sale of our products and services, corresponding advertising, and the proof of your consent, i.e. the defense against legal claims.

At present, we use “MailChimp” as our newsletter service provider: The Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. You can find MailChimp’s Privacy Policy here: https://mailchimp.com/legal/privacy/. We have concluded an agreement on commissioned data processing with MailChimp; an additional legal basis for the processing is Art. 6 Para. 1 UAbs. 1 lit. f GDPR, our legitimate interest is the provision of a high-quality newsletter dispatch including safe receipt. MailChimp may use the recipients’ pseudonomized data to optimize and improve its own services, in particular with regard to technical optimization of the newsletter service, however is not permitted to use the recipients’ data to contact them or to disclose the data to third parties.
The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield and thus offers an adequate level of data protection as decided by the EU Commission in an adequacy decision:
https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active

 
 

Data Processing For Whitepaper Downloads

If you choose to receive a whitepaper, we need your email address to send you the whitepaper or a link. All other information is voluntary. Your data will not be passed on to third parties, and we will use it only for sending the whitepaper or a link and for customer support, in order to contact you individually (as far as this is legally permitted) – if necessary after researching further data – to present you offers and clarify your need for our services. You can also optionally subscribe to our newsletter; for this, please note the corresponding information. Before we email you the whitepaper, you will first receive an email with a link to click to confirm that you want to receive the whitepaper (“Double-Opt-In”). This will prevent others from ordering the whitepaper on your behalf. We also save your whitepaper order and confirmation to prove that you ordered the whitepaper. For the purpose of sending the whitepaper or link, we will delete your data immediately after dispatch; for the purpose of customer service, we will delete your data as soon as you object or by 31 March of the fifth calendar year after your last order or request for quotation or expression of interest; for the purpose of proof of the order by 31 March of the fourth calendar year following dispatch. If you do not confirm a Double-Opt-In email, we will delete your data after 24 hours. Please confirm your order (“Double-Opt-In”) within 24 hours, otherwise you have to re-submit your order.
For processing for the purpose of sending the whitepaper, the legal basis is Art. 6 para. 1 subpara. 1 letter b GDPR. The legal basis for the processing for the purpose of proof of the order is Art. 6 para. 1 subpara. 1 letter c in connection with Art. 5 para. 2 GDPR and Art. 24 para. 1 GDPR as well as Art. 6 para. 1 subpara. 1 letter f GDPR. For processing for the purpose of customer care, the legal basis is Art. 6 para. 1 subpara. 1 letter f GDPR. The legitimate interest in processing on the basis of Art. 6 para. 1 para. 1 letter f GDPR are the promotion of the sale of our products and services, corresponding advertising, and the proof of your order, i.e. the defence against legal claims.

 
 

Data Processing For Orders, Information And Quotation Requests And Expression Of Interest

When you place an order or request information or a quotation or express your interest in our products or services, we require certain information from you depending on the type of product or service and delivery. The order or quotation form indicates what information is required and what information is voluntary; if you contact us informally and the necessary information is missing, we will get in touch with you or ask for it. Your data will not be passed on to third parties. We use your data only for handling your enquiry, processing orders and complaints, for customer service and, if permitted by law, to send you advertisements about similar goods and services from us (including customer satisfaction surveys) and to prove that we may send you such advertisements. We are also required to store your order and any related communication and payment data for tax and commercial law reasons; we will delete this data in the case of business and commercial letters and other tax-relevant documents by 31 March of the seventh calendar year after creation, and in the case of booking receipts of the eleventh calendar year after creation. For the purpose of order and complaint processing we will delete your data 27 months after delivery of your order or three months after expiry of the warranty period if the warranty period is longer than 24 months; for the purpose of customer service (including handling your inquiry), as soon as you object or by 31 March of the fifth calendar year following your last order, request for information or offer or expression of interest; for the purpose of advertising as soon as you object or we finally discontinue advertising activities; for the purpose of proving your order and the similarity of the advertised goods and services by March 31 of the fourth calendar year following the last advertising campaign.

The legal basis for data processing is Art. 6 para. 1 subpara. 1 letter b (for processing and handling your request or order) and f GDPR. For processing for the purpose of proof of your inquiry or order, the legal basis is Art. 6 para. 1 subpara. 1 letter c in connection with Art. 5 para. 2 GDPR and Art. 24 para. 1 GDPR as well as Art. 6 para. 1 subpara. 1 letter f GDPR. The legal basis for tax law retention is Art. 6 para. 1 subpara. 1 letter c GDPR in connection with sections 147 AO, 257 HGB. The legitimate interests in processing on the basis of Art. 6 para. 1 para. 1 letter f GDPR are the fulfilment of your request, the promotion of the sale of our products and services, the assertion or exercise of legal claims or the defence against legal claims.

 
 

Data Processing Upon Registration In Our Online Shop

When you create an account for our online shop, you will no longer need to enter your details for future orders, can view your order history, place new orders, accept orders and change previously entered information. In addition to your user name – which can also be your e-mail address or a pseudonym – you must also enter a password. The data that goes beyond the data already processed in the context of the order will only be used for the provision of the above convenience functions of our online shop and will be deleted when you delete your account.

The legal basis for data processing is Art. 6 para. 1 subpara. 1 letters a, b and for the processing of your contributions letter f GDPR. The legitimate interest in processing on the basis of Art. 6 para. 1 para. 1 letter f GDPR is the provision of services with user comments, in particular the publication of the comment at the request of the respective user.

 
 

Google Analytics

The Platform uses Google Analytics, a web analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Analytics uses “cookies”. The information generated by the cookie regarding your use of the Platform is normally transferred to a Google server in the USA, and is stored there. As the IP anonymize function is activated on the Platform, your IP address will, within Member States of the European Union or other contracting states of the Agreement on the European Economic Area, first be shortened by Google. Only in exceptional cases will Google transfer the full IP address to a Google server in the USA, and will shorten it there. On behalf of the operator of this Platform, Google will use this information in order to analyze your usage of our Platform, to compile reports on Platform activities, and to provide further services to Lipotype relating to the usage of the Platform and the internet. The IP address transferred by your browser within the framework of Google Analytics will not be combined by Google with other data.
You can prevent the storage of cookies by setting your browser software, however, in such case, you may possibly not be able to fully use all features on this Platform. Furthermore, you can prevent collection by Google of the data generated by the cookie and relating to your use of the Platform (including your IP address), as well as processing of these data by Google, by downloading and installing the browser plug-in provided under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
As an alternative to the browser plugin or within browsers on mobile devices, you can click this link:

Click here to opt-out

in order to opt-out from being tracked by Google Analytics within this Platform in the future (the opt-out applies only for the browser in which you set it and within this domain). An opt-out cookie will be stored on your device, which means that you’ll have to click this link again if you delete your cookies.
The legal basis for data processing is Art. 6 para. 1 subpara. 1 letter f GDPR. The legitimate interests in processing on the basis of Art. 6 para. 1 para. 1 letter f GDPR are our interest in the analysis, optimization and economical operation of our website and of our marketing and a better promotion of the sale of our products and services.
Google is certified under the Privacy Shield and thus offers an adequate level of data protection as decided by the EU Commission in an adequacy decision: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

 
 

Use Of Google AdWords Conversion Tracking

The Platform uses Google AdWords. This is an analysis service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). In the context of use, Google AdWords will place a cookie on your computer (“conversion cookie”) once you click on a Google advertisement and thereby access our Platform. These cookies will expire within 30 days. The cookies do not contain personal data and are thus not used for personal identification of the user. If you visit our Platform within this period Google and Lipotype will be informed of the fact that you have seen the advertisement provided by Google. As every AdWords customer is given a different cookie, cookies may not be traced via the websites of AdWords customers. The information gained with the help of the conversion cookie is used to compile conversion statistics for AdWords customers, who have opted-in to conversion tracking. AdWords customers learn how many users have clicked on their advertisement and have been redirected to a website provided with a conversion tracking tag. However, they do not obtain any information that could be used to identify any particular user. If you do not wish to participate in the tracking procedure you may reject the setting of the cookie required for the process – for example by deactivating the automatic setting of cookies in your browser settings. You may also deactivate cookies for conversion tracking by setting your browser to block cookies from the domain “www.googleadservices.com”. Google privacy policy for conversion tracking can be found at https://services.google.com/sitestats/de.html
The legal basis for data processing is Art. 6 para. 1 subpara. 1 letter f GDPR. The legitimate interests in processing on the basis of Art. 6 para. 1 para. 1 letter f GDPR are our interest in the analysis, optimization and economical operation of our marketing and a better promotion of the sale of our products and services.
Google is certified under the Privacy Shield and thus offers an adequate level of data protection as decided by the EU Commission in an adequacy decision: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

 
 

Use Of Google Remarketing Services

We use the marketing and remarketing services (“Google Marketing Services”) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
The Google Marketing Services allow us to target ads for our website in order to present users only with ads that potentially match their interests. When you visit a website that uses Google Marketing Services, (re)marketing tags (invisible graphics or code, also known as “web beacons”) are integrated into the website. With their help, an individual “cookie”, i.e. a small text file, will be stored in your web browser (comparable technologies can also be used instead of cookies). By using the cookie, Google will collect information about which websites you have visited, which contents you are interested in and which ads you have clicked on, as well as technical information about the browser and operating system, referring websites, visit times and other information about the use of the website. As mentioned in the context of Google Analytics, your IP address will be anonymized within the European Union or the European Economic Area and only in exceptional cases completely transferred to a Google server in the USA and anonymized there. The IP address transferred by your browser within the framework of Google Remarketing Services will not be combined by Google with other data. The above information may also be combined by Google with such information from other sources. If you then visit other websites, the ads tailored to your interests can be displayed.

Users’ data will be processed pseudonymously within the framework of Google Marketing Services. This means that Google does not store and process, for example, the names or e-mail addresses of users but processes the relevant data cookie-related within pseudonymous user profiles. This means that from Google’s point of view, the ads are not managed and displayed for a specifically identified person but for the web browser that has the cookie set, regardless of who is using that web browser. This does not apply if a user has expressly permitted Google to process the data without pseudonymization. The information collected by Google Marketing Services about users is transmitted to Google and stored on Google’s servers in the USA.

We use the Google Marketing Service “Google AdWords”. Each AdWords customer is given a different “conversion cookie”. Users can therefore not be tracked across the websites of more than one AdWords customer. The information collected with the help of the cookie is used to generate conversion statistics. We learn the total number of users who clicked on our ads and were redirected to a page with a conversion tracking tag but no information that identifies users.

Further information on Google’s use of data for marketing purposes can be found at https://www.google.com/policies/technologies/ads. Google’s Privacy Policy can be found at https://www.google.com/policies/privacy
You can object to interest-based advertising by Google marketing services by using the setting and opt-out options provided by Google at https://www.google.com/ads/preferences.
The legal basis for data processing is Art. 6 para. 1 subpara. 1 letter f GDPR. The legitimate interests in processing on the basis of Art. 6 para. 1 para. 1 letter f GDPR are our interest in the analysis, optimization and economical operation of our marketing and a better promotion of the sale of our products and services.

Google is certified under the Privacy Shield and thus offers an adequate level of data protection as decided by the EU Commission in an adequacy decision: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

 
 

Voluntary Provision Of Your Data

You are not obliged to provide us with personal data. If you do not provide us with certain information that we need to handle your request (for example a way to contact you if you want an answer from us), we may not be able to do so. In the context of special procedures (e.g. when you place an order or register for our newsletter) it may be necessary for you to provide us with certain information because otherwise we will not be able to process your order or send you the newsletter. However, we will always point this out to you in the specific situation.

 
 

Recipients Of The Data

Your personal data will remain in our area of responsibility. In certain cases, we may need to disclose your personal data to third parties so that you can obtain the desired service, in particular to vicarious agents such as banks and other payment service providers as well as postal and parcel service providers or forwarding companies.

If you choose to pay via PayPal, the payment itself will be processed by PayPal. We do not have access to your payment details, such as your bank account or credit card number. Please see PayPal’s privacy policy for details.

In certain areas, such as web hosting and e-mail hosting, we use specialized service providers, especially IundS AG (Germany) for email and webhosting, Google LLC (USA) for analytics, The Rocket Science Group LLC d/b/a MailChimp (USA) for newsletter services, Telekom Deutschland GmbH for providing user rights for the customer relationship management system Salesforce. These are strictly bound to our instructions by an agreement on commissioned data processing and may not process the data for their own purposes. Processing takes place only in Germany or in the USA; in the latter case, the processors are certified under the Privacy Shield (https://www.privacyshield.gov) and thus offer an adequate level of data protection as decided by the EU Commission in an adequacy decision.

 
 

Your Rights

If we process your personal data, for example because you write us a message, register, enroll for an event or transmit data for any other reason, you have a right of access, to rectification or erasure, restriction of processing, to object to processing and to data portability under the respective statutory preconditions with regard to the personal data concerning you. In particular, you have the right to object to the processing of your data for advertising purposes at any time without incurring costs other than the transmission costs according to the basic rates of your provider (e.g. the costs of an e-mail = usually none). This applies, for example, if you have ordered something from us and do not want to receive offers for similar goods and services. If you want to exercise these rights, you can simply write to or click on the unsubscribe link in any email to unsubscribe. If we call you, you can of course also tell us directly in the conversation.

You also have the right to complain to a data protection supervisory authority about our processing of your personal data, for example to the supervisory authority responsible for us: Sächsischer Datenschutzbeauftragter, Bernhard-von-Lindenau-Platz 1, 01067 Dresden, Germany, e-mail: If you have any questions or requests regarding data protection, please feel free to contact us at any time at

 
 

Right To Object

In particular, you can object to the future processing of the data concerning you in accordance with Art. 21 GDPR at any time. The objection may be lodged in particular against processing for direct marketing purposes.