Data Protection
The following data protection information provides you with details about the personal data (Art. 4 No. 1 GDPR) processed by Taxboutique by Julia David and Edda Vocke Steuerberatungsgesellschaft PartG mbB (hereinafter: Taxboutique) as the data controller (Art. 4 No. 7 GDPR) at https://www.stb-taxboutique.de/, as well as the purposes and legal bases on which this processing (Art. 4 No. 2 GDPR) takes place. With this information, Taxboutique also fulfills its data protection information obligations, which the controller is required to provide in accordance with Art. 12 and 13 GDPR when collecting data from the data subject, in this case, the visitor to the website https://www.stb-taxboutique.de/.
Cookies
This website uses cookies. You can select the exact settings here and change them later.
Change privacy settings Privacy settings history Withdraw consentInformation pursuant to Article 13 GDPR
Identity of the responsible party
For data collection under https://www.stb-taxboutique.de/, Taxboutique by Julia David and Edda Vocke Steuerberatungsgesellschaft PartG mbB is the controller within the meaning of Article 4 No. 7 GDPR. The contact details of the controller are:
Tax Boutique by Julia David and Edda Vocke Tax Consulting Company PartG mbB
Authorized representatives:
Julia David & Edda Christiane Vocke
Friedrich-Ebert-Anlage 35-37,
60327 Frankfurt am Main, Germany.
Telephone: +49 69 / 6 54 03 51 20.
Email: info@stb-taxboutique.de
Categories of personal data that are processed
Visitor data (user-agent string), name of the accessed website or file, date and time of access (timestamp), time zone difference to Greenwich Mean Time (GMT), amount of data transferred, message about successful access (access status/HTTP status code), browser type including version and language, operating system, referrer URL (previously visited page), IP address and the requesting provider.
- Contact details , such as information about salutation, title, name, first name, street, house number, postal code, city
- Communication data , such as information on landline number, mobile phone number, email address and other information required for addressing, which results from modern communication technologies, insofar as you direct appointment or other inquiries to the Tax Boutique.
- Persistent cookies , i.e., cookies that are stored on the visitor’s computer for a predefined period beyond the duration of their visit to our website.
- Session cookies , i.e., cookies that are deleted when the session ends, after a period of inactivity, or when the browser is closed.
Processing purposes
The collection and processing of personal data by Taxboutique serves the following purposes:
- Delivery, operation and optimization of the website
- Ensuring the functionality of the website and the security of the information technology systems
- Information regarding services offered by the tax boutique
- Fulfillment of legal information, notification, disclosure and retention obligations
- Defense and enforcement of claims for payment, performance, rescission and/or damages against visitors of the website
- Tax advisor-client communication
- Receiving messages via a contact form
- Providing information regarding the tax consulting services of the responsible party and its partners, such as the range of services offered, travel routes, etc.
- Cost-benefit analysis of internet advertising
- Statistical evaluations for the purpose of operation, security (threat prevention) and optimization of this website and reach analysis
Information on the data origin
Personal data is collected from the data subject (user of the website).
Legal basis for processing
The following legal bases for processing may be considered:
- The existence of consent pursuant to Art. 6 I lit a.) GDPR.
Insofar as consent exists, the data subject has the right to withdraw it at any time, without affecting the lawfulness of the processing carried out on the basis of the consent until its withdrawal. - Article 6(1)(b) GDPR
- Article 6(1)(c) GDPR
- Article 6 I lit. f) GDPR , insofar as it concerns the cost-benefit analysis of internet advertising and statistical evaluations for the purpose of the operation, security (risk prevention) and optimization of this website and reach analysis, ensuring the functionality of the website and the security of the information technology systems and/or the delivery, operation and optimization of the website, statistical evaluations for the purpose of the operation, security (risk prevention) and optimization of this website and reach analysis.
Criteria for storage duration
Personal data is processed until the purpose for which it was collected, or – in the case of further processing – the purpose of that further processing, has been fully achieved. Once the purpose has been fully achieved, the data is deleted. The data controller also has a review and deletion policy in place to ensure regular compliance with deletion obligations.
- Visitor data is deleted for a maximum period of 14 days after visiting the website.
- Session cookies are deleted when the session ends, after a period of inactivity, or when the browser is closed.
- Persistent cookies have a predefined expiration date, which we explain in detail in our cookie information when you visit our website. Please note that you also have the option to delete stored cookies from your systems manually or using appropriate software at any time.
Recipients of personal data
- Data processor of the controller
- Courts, authorities and/or enforcement bodies , if this is necessary in connection with the defense or enforcement of claims for payment, performance, contestation and/or damages against visitors of the website or to prove the fulfillment of legal obligations of the controller.
- Service providers of integrated additional services, specifically Google Analytics, Google Tag Manager, Meta Ads, Microsoft Ads, Microsoft Clarity (Heatmaps) and SEMrush (with the website visitor’s consent and permission to use them)
- Representatives of legal professions, if this is necessary in connection with the defense or assertion of payment, performance, contestation and/or damage claims against visitors of the website or to prove the fulfillment of legal obligations of the controller or in connection with the collection of receivables from a tax advisor contract
Information on the obligation to provide data by the data subject
The provision of personal data is partly required by law (e.g., tax law, anti-money laundering regulations). Furthermore, you may be obligated to provide us with the personal data necessary for establishing, executing, and terminating contractual relationships with us and fulfilling the associated contractual obligations. Without this data, we are generally unable to execute contracts with you and/or comply with our legal obligations. Mandatory information is required, for example, when you book appointments or wish to provide us with preliminary information. In the interest of maximum data protection transparency, we will inform you separately of any obligations to provide information in individual cases before the specific data collection process begins.
Your rights as a data subject
You have the following rights vis-à-vis the Taxboutique community and its shareholders pursuant to Articles 15 to 22 GDPR:
- Right to information, rectification, erasure, restriction of processing and data portability.
- Right to object to processing based on the legitimate interests of the controller or a third party (Art. 6 I lit. f. GDPR).
Right to lodge a complaint with a supervisory authority
- Pursuant to Article 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data is unlawful. The address of the supervisory authority responsible for the Taxboutique community and its partners is:
The Hessian Commissioner for Data Protection and Freedom of Information,
P.O. Box 3163,
65021 Wiesbaden, Germany
, Telephone: +49 611 1408-0,
poststelle@datenschutz.hessen.de
Information on special processing items
Analysis of user data
The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR.
Cookie Banner
To inform you as a user as easily as possible about the purpose of each instance of data processing on our website and to give you the option to allow or decline it, we operate a cookie consent service. This service stores your consent or rejection of cookies locally. This is necessary to comply with the relevant legal obligations.
The following information about your use of this website is collected, such as…
- Browser information
- Opt-in and opt-out data (consent or refusal to store data)
- Requesting URLs from the website
- Website page path
- Geographic location
- Device information
- Date and time of visit
The data is transferred and stored. No external company has access to this information. The consent data (consent and withdrawal of consent) is stored for 3 months and then deleted.
Use of cookies
The Taxboutique website uses cookies to save search queries and to tailor certain sections of the content to your interests. Cookies are text files that are stored locally in your internet browser’s cache. Cookies enable the browser to be recognized. Taxboutique does not collect any personal data via cookies, so all website functions can be accessed even without cookies. If you do not want Taxboutique to recognize your computer, configure your browser to block cookies, delete them directly from your hard drive, or at least warn you before cookies are stored. You can also install a browser plugin, such as the one available at tools.google.com/dlpage/gaoptout . The legal basis for the use of cookies, their processing, and transfer to third parties is Art. 6 para. 1 lit. a and f GDPR.
Google Ads
Taxboutique uses Google Ads to display advertisements. Consent is valid only for the stated purposes. The collected data may not be used or stored for any purpose other than those listed below.
The information generated by the cookie about your use of this website, such as
- Browser type/version,
- operating system used,
- Referrer URL (the previously visited page),
- Hostname of the accessing computer (IP address),
- Time of server request,
- Usage data
- Location information
- Cookie ID
The data will be transferred to and stored on a Google server in the USA. While the USA is a third country that does not offer an adequate level of data protection, appropriate safeguards in the form of EU Standard Contractual Clauses pursuant to Art. 46 para. 2 c) GDPR apply (available at: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A02010D0087-20161217 ). The data will be deleted as soon as it is no longer needed for processing. Log data and cookie information are anonymized after three months. The following companies have access to this information: Alphabet Inc., Google LLC, and Google Ireland Limited.
Name and address of the data processing company:
Google Ireland Limited
, Google Building Gordon House, 4 Barrow St, Dublin D04 E5W5, Ireland
If you do not want Google to store your cookie information, click this link: https://safety.google/privacy/privacy-controls/
Server log files
We collect and store the following data about you in so-called server log files, which your browser automatically transmits to us. This includes: browser type and version, operating system used, referrer URL (websites from which your system accessed our website), hostname of the accessing computer, time and date of the server request, and IP address.
We use this data only for statistical analysis for the purposes of operating, securing (preventing threats), and optimizing this website. However, we reserve the right to subsequently review the data if there is a legitimate suspicion of unlawful use based on concrete evidence. Data processing is carried out on the basis of Article 6 Paragraph 1 Letter f of the GDPR.
The data is stored until the purpose for which it was processed has been fulfilled. If data is solely required for providing the website, it is automatically deleted when the respective visit to the website ends. Other data in log files is deleted no later than seven days after collection. If data is stored in log files for a longer period, your IP address will be deleted or anonymized.
Inquiries via contact forms:
On our website, we offer users the option of contacting us via a contact form. If you wish to use this option, we collect the following structured data as mandatory information :
- name
- E-mail address
- Your specific message/question to us.
The mandatory information collected via the contact form will be used exclusively for the purpose of contacting the inquirer and answering specific inquiries.
Use of Google Analytics 4 on this website
This website uses Google Analytics 4 (GA4), a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). GA4 is the latest version of Google’s web analytics service and replaces the older Universal Analytics.
Google Analytics 4 allows us to statistically analyze the behavior of website visitors in order to continuously improve our online services. Data about your use of our website is collected, processed, and evaluated in anonymized or pseudonymized form.
What data is processed?
Google Analytics 4 collects and processes the following categories of personal data when you use our website:
Technical access data
- IP address (shortened/anonymized before storage)
- Browser type and version
- Operating system and device type
- Screen resolution
- Date and time of access
- Referrer URL (previously visited website)
Usage behavior
- Pages and subpages visited
- Time spent on individual pages
- Scroll depth and interactions
- Bounce rates
- Clicks on links and buttons
- Search terms (using the internal search function)
Origin data
- Geographic location (urban/rural level)
- Browser language settings
- Source channel (organic search, direct access, social media, etc.)
Google Signals (if enabled)
- If Google Signals is enabled in your GA4 account, additional data from signed-in Google users can be used for cross-device analysis. Please adjust this section according to your GA4 configuration.
What legal basis is the processing based on?
- The processing of your personal data by Google Analytics 4 is based on your explicit consent pursuant to Art. 6 para. 1 lit. a GDPR in conjunction with § 25 para. 1 TDDDG. You can withdraw your consent at any time without giving reasons with effect for the future.
Which cookies and tracking technologies are used?
- Google Analytics 4 uses cookies and similar tracking technologies in your browser to track and analyze your use of our website across multiple page views.
| Cookie name | Purpose | Storage duration | Provider |
| _ga | Differentiation of unique users | 2 years | |
| _ga_<container-id> | Saves session state | 2 years | |
| _gid | Differentiation of users | 24 hours | |
| _gat | Throttle response | 1 minute |
IP anonymization
- In Google Analytics 4, IP anonymization is enabled by default. The full IP address is not stored – Google shortens and anonymizes the IP address before storing it. Therefore, it is not possible to link the data to a specific individual. This process takes place within the EU/EEA before any data is transferred to the USA.
Data transfer to third countries (USA)
- Google Analytics 4 transmits data to Google LLC, which is based in the USA. This transmission is based on the EU Commission’s Standard Contractual Clauses (SCCs) pursuant to Art. 46 para. 2 lit. c GDPR and the EU-US Data Privacy Framework (DPF), to which Google has joined.
- Further information on Google’s data protection measures and standard contractual clauses can be found at:
- https://policies.google.com/privacy
- https://business.safety.google/adsprocessorterms/
Order processing
- We have concluded a data processing agreement with Google in accordance with Article 28 of the GDPR. Google processes the data on our behalf and is contractually obligated to process your data exclusively in accordance with our instructions and the requirements of the GDPR.
Storage duration
- The data collected by Google Analytics 4 will be automatically deleted after the following periods have expired:
| Usage data | 2 months (standard) to 14 months (configurable in GA4) |
| Cookie lifetime (_ga) | 2 years (can be adjusted) |
| Aggregated reports | Until the GA4 account is deleted |
You can configure the retention period yourself in your GA4 settings under Administration → Data settings → Data retention.
Objection and opt-out options
You can prevent or restrict the collection of your data by Google Analytics 4 in the following ways:
Revoke cookie consent
- You can withdraw your consent at any time via our cookie banner or the cookie settings on our website. To do this, visit our website and click on [Insert link/button to cookie manager].
Browser opt-out (Google Analytics opt-out)
- Google provides a browser add-on that allows you to disable Google Analytics tracking: https://tools.google.com/dlpage/gaoptout
Google Analytics opt-out cookie
- Alternatively, you can disable tracking for this browser by setting an opt-out cookie: [Insert opt-out link/button here]
Browser settings
- You can configure your browser to allow or delete all or specific cookies. Please note that disabling cookies may affect the functionality of our website.
Google account settings
- If you have a Google account, you can restrict the use of your data for personalized advertising via your account at https://myaccount.google.com/data-and-privacy.
Technical Implementation
- Google Analytics 4 is implemented on this website as follows:
| Implementation method | [Google Tag Manager / direct script tag / other] |
| Measurement ID | [G-XXXXXXXXXX] |
| IP anonymization | Enabled (default in GA4) |
| Anonymized reports | [activated / not activated] |
| Google Signals | [activated / not activated] |
| Remarketing | [activated / not activated] |
| Enhanced Measurement | [activated / not activated] |
| Data sharing with Google | [activated / not activated] |
Further information
Further information about Google Analytics 4 and Google’s privacy policy can be found at:
- Google Privacy Policy: https://policies.google.com/privacy
- Google Analytics Privacy Policy: https://support.google.com/analytics/answer/6004245
- Google Analytics Terms of Service: https://marketingplatform.google.com/about/analytics/terms/de/
- EU-US Data Privacy Framework: https://www.dataprivacyframework.gov/
Use of Microsoft Clarity on this website
What is Microsoft Clarity?
This website uses Microsoft Clarity, a free behavioral analytics service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA (“Microsoft”). Microsoft Clarity is represented in the EU by Microsoft Ireland Operations Ltd., One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland.
Microsoft Clarity allows us to understand how visitors interact with our website. This is achieved through session recordings (screen recordings of user sessions), heatmaps (visual representations of click, scroll, and mouse movement patterns), and funnel analysis. The goal is to improve the usability and user experience on our website.
| ⚠ Special Note: Session Recordings Unlike pure statistics tools, Microsoft Clarity records screen content. This may reveal sensitive data. Please ensure that password entries, credit card details, and other sensitive information are hidden using Clarity’s masking function. |
What data is processed?
Automatically collected technical data
- IP address (shortened/anonymized)
- Browser type, version and language setting
- Operating system and device type
- Screen resolution
- Date and time of access
- Referrer URL
- Visited pages and navigation
Behavioral and interaction data
- Mouse movements and click positions (heatmaps)
- Scrolling behavior and scrolling depth
- Session recordings
- Rage clicks and dead clicks (frustration signals)
- Page navigation and dwell time
- Form entries (without password fields – these are masked)
Session data
- Session ID (pseudonymized session identifier)
- Number of page views per session
- Entry and exit pages
Session Recordings – Special Notes
Microsoft Clarity records sessions to analyze user behavior at the page and element level. The following applies:
- Entries in password fields are automatically masked and not recorded.
- Other sensitive fields (e.g. credit card details, personal data) are additionally masked by our Clarity configuration.
- Recorded sessions are only viewed by authorized employees of our company for analysis purposes.
- The recordings will be automatically deleted after [X] days (according to your Clarity settings).
Legal basis for processing
Microsoft Clarity processes your data based on your explicit consent in accordance with Article 6 Paragraph 1 Letter a GDPR in conjunction with Section 25 Paragraph 1 TDDDG. You can withdraw your consent at any time with effect for the future.
Cookies and tracking technologies
Microsoft Clarity uses the following cookies and storage technologies:
| Cookie name | Purpose | Storage duration | type |
| _click | Unique user ID for Clarity | 1 year | Persistent |
| _clsk | Linking page views | 1 day | Session cookie |
| CLID | First-time Clarity identification | 1 year | Persistent |
| ANONCHK | Checking if tracking is allowed | 10 minutes | Session cookie |
| MR | Forwarding of requests | 7 days | Persistent |
| SM | MUID synchronization | meeting | Session cookie |
| MUID | Microsoft User ID | 1 year | Persistent |
IP anonymization
Microsoft Clarity anonymizes IP addresses before storing them. The full IP address is not permanently stored. Instead, only a truncated version is used for geographic mapping (at the city level).
Data transfer to third countries (USA)
Microsoft Clarity transfers data to Microsoft Corporation, which is based in the USA. This transfer is based on the EU Standard Contractual Clauses (SCCs) pursuant to Art. 46 para. 2 lit. c GDPR and on the basis of the EU-US Data Privacy Framework (DPF), to which Microsoft has joined.
Further information can be found at:
- Microsoft Privacy Statement: https://privacy.microsoft.com/de-de/privacystatement
- Microsoft EU Standard Contractual Clauses: https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA
Order processing
We have concluded a data processing agreement with Microsoft in accordance with Article 28 of the GDPR (Data Processing Addendum). Microsoft processes the data exclusively in accordance with our instructions and the requirements of the GDPR.
Storage duration
| Session Recordings | 13 months (configurable in Clarity) |
| Heatmap data | 13 months |
| Aggregated reports | Unlimited (until the account is deleted) |
| Cookie _clck | 1 year |
| Cookie _clsk | 1 day |
Objection and opt-out options
Revoke cookie consent
You can withdraw your consent at any time via our cookie banner or the cookie settings at the beginning of this page.
Microsoft privacy settings
Microsoft offers options for managing your privacy preferences at the following link:
- https://account.microsoft.com/privacy
Browser settings
You can disable or delete cookies in your browser settings. Please note that this may affect the functionality of our website.
Technical Implementation
| Clarity Project ID | [Your Clarity Project ID] |
| Implementation method | [Direct script / Google Tag Manager / other] |
| Masked fields | [List of masked form fields] |
| Session Recording | [activated / not activated] |
| Heatmaps | [activated / not activated] |
| IP anonymization | Enabled (default) |
Further information
- Microsoft Clarity Privacy Policy: https://docs.microsoft.com/en-us/clarity/setup-and-installation/privacy
- Microsoft Privacy Statement: https://privacy.microsoft.com/de-de/privacystatement
- Microsoft Compliance Center: https://www.microsoft.com/de-de/trust-center
(Use of Meta Pix) on this website
Shared responsibility with Meta
We have entered into a joint controllership agreement with Meta Platforms Ireland Ltd. pursuant to Article 26 GDPR (Addendum to the Meta Business Tools Terms of Service). A summary of this agreement is available at: https://www.facebook.com/legal/controller_addendum
| Facebook Pixel provider | Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland |
| Parent company | Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA |
| Data protection contact Meta | https://www.facebook.com/help/contact/540977946302970 |
What is the Facebook Pixel (Meta Pixel)?
The Facebook Pixel (officially: Meta Pixel) is a JavaScript code snippet that we have implemented on our website. It allows Meta (Facebook/Instagram) to track the behavior of website visitors and use this information for advertising purposes.
We use the Facebook Pixel for the following purposes:
- Conversion tracking: Measuring the effectiveness of our Facebook/Instagram ads by tracking user actions on our website (e.g., purchases, contact requests, newsletter sign-ups).
- Custom Audiences: Creating target groups from website visitors for targeted Facebook/Instagram advertising.
- Lookalike Audiences: Reaching new users who resemble our existing customers.
- Optimization of advertising campaigns: Automatic optimization of ad delivery through meta algorithms.
What data is processed?
Data automatically collected by the pixel
- HTTP headers: IP address, browser information, page location, document, referrer, user agent
- Pixel-specific data: Pixel ID, Facebook cookie data
- Button labels of displayed buttons
- Page names of the visited pages
- Date and time of server requests
Standard events (automatic, if enabled)
- PageView: Accessing a page
- ViewContent: Display of a product or content page
- AddToCart: Add an item to the shopping cart
- Purchase: Completion of a purchase (including order value and currency)
- Lead: Submission of a form
- Complete Registration: Completion of a registration
Enhanced Matching – if enabled
- Hashed email address (SHA-256)
- Hashed phone number (SHA-256)
- Hashed Name (SHA-256)
- Hashed home address (SHA-256)
- Date of birth (hashed)
- Gender (hashed)
Data from Facebook profiles (for logged-in users)
If a user is logged into Facebook and visits our website, Meta can link this data to the user’s Facebook account. This allows Meta to create a comprehensive profile.
Legal basis for processing
Your personal data is processed by the Facebook Pixel solely on the basis of your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with Section 25 para. 1 TDDDG. The Facebook Pixel is only activated after you have given your consent via our cookie consent management system. You can withdraw your consent at any time without giving reasons, with effect for the future.
Cookies and tracking technologies
| Cookie name | Purpose | Storage duration | domain |
| _fbp | Facebook Browser Pixel ID | 90 days | Your website |
| _fbc | Facebook Click ID (fbclid) | 90 days | Your website |
| fr | Deliver and measure ads | 90 days | facebook.com |
| datr | Security and browser ID | 2 years | facebook.com |
| sb | Browser identification | 2 years | facebook.com |
Data transfer to third countries (USA)
Meta Platforms Ireland Ltd. transfers data to its parent company, Meta Platforms, Inc., located in the USA. This transfer is based on the EU Standard Contractual Clauses (SCCs) pursuant to Art. 46 para. 2 lit. c GDPR and the EU-US Data Privacy Framework (DPF), to which Meta has acceded.
- Meta Privacy Policy: https://www.facebook.com/privacy/policy/
- Meta Business Tools Terms of Service: https://www.facebook.com/legal/terms/businesstools/
- EU-US Data Privacy Framework: https://www.dataprivacyframework.gov/
Data processing on behalf of a controller and joint responsibility
We have concluded both a data processing agreement pursuant to Article 28 GDPR and a joint controllership agreement pursuant to Article 26 GDPR with Meta Platforms Ireland Ltd. The key contents of the joint controllership agreement can be found at: https://www.facebook.com/legal/controller_addendum
Within the framework of joint responsibility, Meta is primarily responsible for:
- Responding to data subject requests regarding data processed by Meta
- Compliance with the GDPR for data processed on meta pages
We are primarily responsible for:
- Obtaining the necessary consents
- The provision of data protection information
- The pixel configuration complies with data protection requirements.
Storage duration
| Conversion data at Meta | Up to 90 days (with standard matching) |
| Conversion data (enhanced matching) | Up to 180 days |
| Cookie _fbp | 90 days |
| Cookie _fbc | 90 days (resets upon another click) |
| Aggregated reports in Meta Business Manager | Up to 37 months |
| Custom Audience Membership | Up to 180 days (configurable) |
Your rights as a data subject
As a data subject, you can assert your rights against both us and Meta Platforms Ireland Ltd.:
| Right of access (Art. 15 GDPR) | Towards us and towards Meta |
| Rectification (Art. 16 GDPR) | Correction of inaccurate data |
| Erasure (Art. 17 GDPR) | Deletion under certain conditions |
| Restriction (Art. 18 GDPR) | Restriction of processing |
| Right to object (Art. 21 GDPR) | Objection to the processing |
| Revocation of consent | At any time with effect for the future |
| Right to lodge a complaint (Art. 77 GDPR) | at a data protection supervisory authority |
| Inquiries to Meta | https://www.facebook.com/help/contact/540977946302970 |
Objection and opt-out options
Withdraw consent
You can withdraw your consent at any time via our cookie consent management tool at the top of this page. After withdrawal, the Facebook Pixel will no longer load.
Facebook ad settings
- Ad preferences on Facebook: https://www.facebook.com/ads/preferences/
- Facebook privacy settings: https://www.facebook.com/settings?tab=privacy
Industry-wide opt-out options
- Your Online Choices (EU): https://www.youronlinechoices.eu/
- Digital Advertising Alliance Opt-Out: https://optout.aboutads.info/
Delete cookies
You can delete the cookies set by Facebook Pixel at any time in your browser settings. Please note that a new cookie may be set after deletion if the pixel remains active.
Technical Implementation
| Pixel ID | [Your Facebook Pixel ID] |
| Implementation method | [Direct script / Google Tag Manager / other] |
| Consent-First Implementation | [Yes – Pixel will only be loaded after consent] |
| Enhanced Matching | [activated / not activated] |
| Standard Events | [List of used events] |
| Custom Events | [List of used custom events or “none”] |
| Conversions API (CAPI) | [activated / not activated] |
| Meta Business Suite / Ads Manager | [Link to your ad account] |
Conversions API (CAPI) – if enabled
In addition to the browser pixel, we use the Meta Conversions API (CAPI). This involves transferring conversion data directly from our web server to Meta on the server side. The data can include:
- Hashed user data (email, phone number, name, address) – if available
- Browser information (user agent, IP address, fbp cookie ID)
- Event data (conversion type, time, value)
The legal basis for the use of the Conversions API is also your consent in accordance with Art. 6 para. 1 lit. a GDPR.
Further information
- Meta Privacy Policy: https://www.facebook.com/privacy/policy/
- Meta Pixel Implementation Guide: https://developers.facebook.com/docs/meta-pixel
- Meta Business Tools Terms of Service: https://www.facebook.com/legal/terms/businesstools/
- Joint responsibility agreement: https://www.facebook.com/legal/controller_addendum
- EU-US Data Privacy Framework: https://www.dataprivacyframework.gov/
Real Cookie Banner
We use the “Real Cookie Banner” consent tool to manage the cookies and similar technologies (tracking pixels, web beacons, etc.) we employ and the associated consents. Details on how “Real Cookie Banner” works can be found at https://devowl.io/de/rcb/datenverarbeitung/ .
The legal basis for processing personal data in this context is Article 6(1)(c) GDPR and Article 6(1)(f) GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.
Providing your personal data is neither contractually required nor necessary for entering into a contract. You are not obligated to provide your personal data. If you do not provide your personal data, we will be unable to manage your consent.