Your cart is currently empty!
Privacy Policy
Information on the processing of personal data
(1) In the following, we inform you about the collection and processing of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behavior.
(2) The controller pursuant to Art. 4 (7) of the EU General Data Protection Regulation (GDPR) is handz.on as a Service GmbH & Co. KG, St.-Martin-Straße 64, 81541 Munich, Germany, [email protected] (see our Imprint). Hereinafter referred to as “handz.on” or “we”.
(3) You can contact our data protection officer as follows:
handz.on as a Service GmbH & Co. KG
St.-Martin-Straße 64
81541 Munich, Germany
(4) When you contact us by telephone, e-mail or via a website form on our website, the data you provide will be stored by us in order to answer your questions. The data transmitted in this way will be processed to process the contact request by the controller on the basis of Art. 6 para. 1 lit. b GDPR for contracts and pre-contractual measures such as offers and Art. 6 para. 1 lit. f GDPR for other inquiries. We delete the data arising in this context after storage is no longer necessary or restrict processing if there are statutory retention obligations. Your data may be stored in our CRM system.
(5) If we use contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail below about the respective processes and, if necessary, obtain your consent. We will also state the specified criteria for the storage period.
Your rights
(1) You have the following rights vis-à-vis us with regard to your personal data:
- Right to information,
- Right to rectification or completion,
- Right to erasure,
- Right to restriction of processing,
- Right to object to the processing,
- Right to data portability.
(2) If you are of the opinion that your personal data is not being processed in compliance with data protection laws, we kindly ask you to contact our data protection officer.
You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
Personal data that you transmit to us in the course of exercising data subject rights will be stored by us in accordance with Art. 6 para. 1 lit. f GDPR in the legitimate interest and deleted after three years. The legitimate interest lies in the verifiability of the proper processing of your request.
Processing of personal data when visiting our website
(1) When using the website for informational purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. When you view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure the stability of the connection and security of your data (legal basis is Art. 6 para. 1 lit. f GDPR). The data collected is stored and automatically deleted after 2 months at the latest.
- IP address (is immediately anonymized in the log files)
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request comes
- Browser
- Operating system and its interface
- Language and version of the browser software.
(2) In addition to the aforementioned data, we process cookie data on the basis of consent. Cookies are small text files that are stored on your hard disk assigned to the browser you are using and through which certain information flows to the body that sets the cookie (in this case us). Cookies cannot execute programs or transfer viruses to your computer. They are used to make the website more user-friendly and effective overall.
(3) Use of cookies
a) This website uses the following types of cookies, the scope and function of which are explained below:
- Transient cookies (see b)
- Persistent cookies (see c)
b) Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.
c) Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete the cookies at any time in the security settings of your browser.
d) When you visit our website for the first time, we display a cookie banner. In the cookie banner, you can accept all cookies, only allow essential cookies or only allow cookies from the categories used. By clicking on the “Individual data protection settings” button, you can also make a selective choice of individual cookies within the individual categories. If you do not accept cookies in the “Statistics” category, your usage behavior on our website cannot be evaluated. This does not result in any functional restrictions for you when using our website. If you have given your consent, the legal basis for the processing of your data is Art. 6 para. 1 lit. a GDPR. The cookie consent management procedure we use manages the cookies on our website as well as the consent and revocation by you as a website visitor.
| Provider | Cookie-Name | Validity | Description |
| Borlabs | borlabs-cookie | 182 days | Saves your cookie settings. Therefore it must always be set. |
| Google Ads | _gcl_au | 3 months | Measurement of the conversion rate. |
| WordPress | language | 365 Tage | Language setting for the store. |
| WordPress | wordpress_logged_in_* | Session | WordPress login detection. |
| WordPress | wordpress_test_cookie | Session | Checks whether cookies can be set. |
| WordPress | wp_lang | Session | Saves the language selected by the user. |
| WooCommerce | sbjs_current | Session | Current session campaign data |
| WooCommerce | sbjs_current_add | Session | Current visit data for statistics. |
| WooCommerce | sbjs_first | Session | First source of visits for marketing. |
| WooCommerce | sbjs_first_add | Session | Supplementary information on the first session. |
| WooCommerce | sbjs_migrations | Session | Version data for sbjs system. |
| WooCommerce | sbjs_session | Session | Session-based campaign data. |
| WooCommerce | sbjs_udata | Session | Visitor data such as IP and browser agent. |
| WooCommerce | tk_ai | Session | WooCommerce performance measurement. |
| WooCommerce | woocommerce_items_in_cart | Session | Temporary storage of the shopping cart count. |
| WooCommerce | woocommerce_cart_hash | Session | Checksum for the shopping cart. |
| WooCommerce | wp_woocommerce_session_* | 2 days | Individual WooCommerce-Session-ID. |
| CloudFlare1) | __cflb | Session | Cloudflare Loadbalancer Cookie. |
| Ingress | shop | Session | Load distribution with Sticky Session on store. |
| Ingress1) | webapp | Session | Load distribution with Sticky Session on web app. |
| Matomo | _pk_id.2.e247 | Session | Matomo cookie for visitor identification |
| web-app1) | SESSION | Session | Session ID for the web application. |
| web-app1) | XSRF-TOKEN | Session | Cross-site request forgery protection. |
| Authentication1) | AUTH_SESSION_ID | Session | Session ID for Keycloak authentication. |
| Authentication1) | KC_AUTH_SESSION_HASH | Session | Hash value for Keycloak session. |
| Authentication1) | KC_RESTART | Session | Resumption of authentication. |
| Authentication1) | KEYCLOAK_LOCALE | Session | Language setting for Keycloak. |
1) In these cases, we use purely technically necessary cookies, i.e. for the authentication and use of all services offered in the store. We do not offer the option of rejecting these cookies and you automatically accept them when you use the store or one of the services offered. If you refuse them by other technical means, we cannot guarantee that our services will function without errors.
In addition, other third-party cookies not known to us may be stored, e.g. Frisbii as a payment service. These third-party cookies are not listed here. However, if they are available from the provider, they will be referenced in the section “Use of third-party tools and services”.
f) If you do not wish to accept any cookies at all, you can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or all cookies or refuse all cookies in our cookie banner.
Where your data is processed
Your data will be processed within the EU and the EEA. To the extent permitted by law, data processing also takes place outside Europe.
Other functions and offers on our website.
Other functions and offers on our website
(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. These are, for example, registration to download certain content, registration to participate in webinars and other events or the presentation of vacancies in the team on handz.on. To register for events, you generally have to provide additional personal data that we use to provide the respective service and to which the aforementioned data processing principles apply.
(2) In some cases, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly monitored.
(3) Furthermore, we may pass on your personal data to third parties if we offer participation in promotions, competitions, contracts or similar services together with partners. You will receive more detailed information on this when you provide your personal data or in the description of the offer below.
(4) If our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you of the consequences of this circumstance in the description of the offer.
Revocation or objection to the processing of your data
(1) If you have given your consent to the processing of your data, you can withdraw this at any time. Such a revocation affects the permissibility of the processing of your personal data after you have given it to us.
(2) Insofar as we base the processing of your personal data on the balancing of interests, you can object to the processing. This is the case if, in particular, the processing is not necessary for the performance of a contract with you, which is described by us in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue the processing.
(3) Furthermore, we may pass on your personal data to third parties if we offer participation in promotions, competitions, contracts or similar services together with partners. You will receive more detailed information on this when you provide your personal data or in the description of the offer below.
Use of third-party tools and services
Frisbii (formerly Billwerk+)
(1) Our webshop uses Frisbii as a payment service. Frisbii uses so-called “cookies” and other related technologies (for the sake of simplicity, all technologies are referred to as “cookies”). Cookies are also set by third parties that Frisbii has commissioned to process data.
(2) The IP address transmitted by your browser is shortened and not merged with other data.
(3) You can prevent the storage of cookies by setting your browser software accordingly; a functional restriction of our website, especially with regard to the payment process in the store, cannot be excluded.
(4) We use Frisbii to carry out the payment process in our webshop. The legal basis for the use of Frisbii is Art. 6 para. 1 lit. b GDPR.
(5) Information from the third-party provider: https://frisbii.com/about-frisbii/.
Data protection information: https://frisbii.com/data-protection-notice/
Imprint: https://frisbii.com/imprint/
Cookie Policy (EU): https://frisbii.com/cookie-policy-eu/
Matomo
(1) This website uses Matomo, an open source web analysis service. Matomo uses so-called “cookies”, text files that are stored on your computer and enable your use of the website to be analyzed. The cookie is initially deactivated and is only set if you expressly agree to the use of Matomo in Cookie Consent Management. The information generated by the cookie about your use of this website is then transmitted to one of our servers and stored there.
(2) The IP address transmitted by your browser is shortened and not merged with other data.
(3) You can prevent the storage of cookies by setting your browser software accordingly; this does not result in a functional restriction of our website. You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your shortened IP address) and the processing of this data by us by rejecting the setting of the Matomo cookie in Cookie Consent Management.
(4) We use Matomo to analyze and regularly improve the use of our website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. The legal basis for the use of Matomo is Art. 6 para. 1 lit. a GDPR.
(5) Information from the third-party provider: https://matomo.org/about/.
Overview of data protection: https://matomo.org/gdpr-analytics/
Data protection information: https://matomo.org/privacy-policy/
Borlabs
We use the cookie consent management of the company Borlabs (Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany). The cookie plugin enables the GDPR-compliant setting of cookies according to the opt-in procedure (user must actively consent). For this purpose, cookies can be managed in groups and the user can decide which cookies they consent to. The cookie consent declaration can be configured for multiple languages. Consent data includes the following data: Date and time of the visit or consent / refusal. The data is processed for the purpose of compliance with legal obligations (obligation to provide evidence pursuant to Art. 7 para. 1 GDPR) and the associated documentation of consent and thus on the basis of Art. 6 para. 1 lit. c GDPR. Local storage is used to store the data. The consent data is stored for three years. The data is stored in the European Union.
Further information on the data collected and contact options can be found at https://usercentrics.com/privacy-policy/
Changes to the data protection information
handz.on as Service GmbH & Co. KG reserves the right to amend this data protection notice at any time in compliance with the applicable data protection regulations and other statutory provisions.
Status: 26.06.2025