Privacy

Data Protection Declaration

Status 06/2023
  1. Privacy statement for website and app

    We only process users’ personal data (hereinafter known as “data”) to the extent that is is necessary to provide an effective and convenient website, along with its contents and services.

    “Processing“ means the collection, use, transmission and/or storage. According to the General Data Protection Regulation (hereinafter called as GDPR) “personal data” is basically all data with which a natural person can be identified. The exact definitions of the terminology are laid down in Art. 4 of the GDPR.

    The following explanations are to provide you with information about the type, purpose, duration and legal basis of the processing of personal data, about the intentions and means of processing decided by us alone or with others, as well as about the components of third parties, processing data at their own responsibility, which we adopt for purposes of optimisation and quality of use:

    1. Information about the person/party responsible (controller)

      The controller (hereafter referred to as “supplier”) for the purpose of the GDPR and other national data protection laws of the member states, as well as any other legal data protection regulations is:

      JBL GmbH & Co. KG
      JBL GmbH & Co. KG
      Dieselstraße 3
      D-67141 Neuhofen
      Tel.: +49/ (0)6236/ 4180-0
      Fax: +49/ (0)6236/ 4180-999

      The data protection officer of the responsible party is:

      Killian Hedrich
      Killian Hedrich
      c/o DatCQ GbR
      Alexander F. Bräuer, Killian Hedrich
      und Frank Weiß
      Katharinenstraße 16
      73728 Esslingen
      Phone: +49 (0)711/ 93277955
      Fax: +49 (0)711/ 93277956
    2. Rights of the user

      In relation to the processing of their personal data by the supplier, expressed below, the user has the right

      1. to request confirmation as to whether the data concerning them are being processed and to receive precise information about this data as well as further information and copies of the data in accordance with Art. 15 GDPR
      2. to request the immediate rectification of inaccurate data concerning them or the completion of this data in accordance with Art. 16 GDPR
      3. to request that their data is promptly deleted according to Art. 17 GDPR, or, alternatively, if, for example, further processing according to Art. 17(3) GDPR is required, to demand a restriction of the processing of the data in accordance with Art. 18 GDPR
      4. to receive the data concerning them and provided by them in accordance with Art. 20 of the GDPR, and to request that they be communicated to other persons/parties responsible
      5. to file a complaint with the supervisory authority in accordance with Art. 77 GDPR, if the user believes that the processing of their data by the provider is in breach of the GDPR.
      6. In principle, the user is entitled at any time to object to the future processing of the data concerning them, which is carried out by a person/party responsible on the basis of Art. 6(1) point f GDPR in accordance with Art. 21 GDPR. The objection may in particular be made against processing for direct marketing purposes.
      7. The person/party responsible is also obliged to inform any recipient of the data to whom the data was disclosed, of any correction or deletion of the personal data or of any restriction of the processing that takes place on the basis of Article 16 GDPR, Article 17(1) GDPR and Article 18 GDPR. The obligation does not exist in the event that this communication proves to be impossible or involves a disproportionate effort. The user has the right to receive information regarding these recipients.
    3. Information about data processing

      If no detailed information is given about data after processing, the user’s data will be deleted or blocked, once processed by the supplier. This will happen as soon as the purpose of the storage ceases to apply, and provided its deletion is not in conflict with statutory storage obligations.

      • Server data

        For communication and security reasons the following data, amongst others, which the web browser of the user submits to the supplier or their webspace supplier (so-called server log files) are collected during their visit to the website:

        • browser type and version
        • operating system used
        • website, from where the user has visited the supplier’s website (referrer URL)
        • website visited by the user
        • date and time of the access
        • internet protocol (IP) address of the user.

        In addition the data is temporarily stored. The storage of this data together with other personal data of the user does not take place. Legal basis for the temporary storage is Art. 6(1) point f GDPR, based on the legitimate interest to improve the stability, statistics, functionality and the security of the website.

        The data will be deleted after seven days at the latest. Data stored beyond this for purposes of evidence is exempt from deletion until the incident has been finally clarified.

      • Cookies

        1. “Session” cookies

          The suppliers use so-called cookies on their websites. Cookies are small text files or other storage technologies which the user’s internet browser places and saves on the end device. These cookies to a specific extent process certain user information, such as browser and location data and IP address information.

          The processing allows the supplier to render their website more user-friendly, effective and reliable. Thus processing enables a viewing of the content in different languages or, if required, the use of a shopping cart function. If these cookies process personal data for the purpose of the initiation and execution of a contract, the legal basis of the processing is Art. 6(1) point b GDPR.

          Should the processing not aim to achieve the initiation and execution of a contract, it serves the supplier’s legitimate interest for the improvement of the website functionality and is derived by the legal basis of Art. 6(1) point f GDPR.

          These cookies will be deleted once the user closes the browser.

        2. Cookies of third-party suppliers

          Cookies from third-party suppliers may also be used on the website of the supplier. These third-party suppliers are partner companies which co-operate with the supplier for the purposes of advertising, analysis or the functionalities of the website. If this is the case the purposes and the legal basis of the corresponding processing are described in the following explanations.

        3. Deletion options

          The user can prevent or limit the installation of the cookies with their browser setting. Cookies that are already stored can also be deleted at any time. The settings required here are dependent on the respective browser. Flash cookies cannot be prevented with the browser setting, but through the respective setting of the Flash Player. If the user prevents or limits the installation of the cookies this can mean that not all functions of the website are fully usable.

      • Customer account/registration

        With each registration, the IP address, the date and the time of the registration will be saved. Legal basis here is Art. 6(1) point f GDPR. The legitimate interest of the supplier is the proof of a data protection compliant registration. The data is not passed on to third parties.

        1. General registration

          In addition to the registration purposes detailed below, the supplier offers additional services which are accessible after registration. The user data entered on this occasion during registration, which can vary on the basis of the purpose of registration (name, email address and when appropriate, additional address and telephone number), are only processed by the supplier for the purpose selected by the user.

          The legal basis for this is Art. 6(1) point a GDPR. In the consent wording the user is told the respective purpose of the processing. Based on Art. 7(3) GDPR the user can withdraw their given consent to this with a notification at any time.

        2. Contract processing

          If the user registers for the purpose of ordering goods, the data entered in the course of this registration (name, address, email address, telephone number) will in the first instance be used to form part of the contract processing.

          The legal basis for this is Art. 6(1) point b GDPR. The user data processed for this purpose will be deleted upon the expiry of the deadline in accordance with the corresponding retention periods of fiscal and commercial law.

          At the same time the data will be used to conclude future contracts and for general customer relations management (e.g. access to previous orders or memo function).

          The legal basis for this is Art. 6(1) point a GDPR. Based on Art. 7(3) GDPR the user can withdraw their given consent to have a customer account with a notification at any time.

        3. Product registration/guarantee extension

          If the user registers for the purpose of a guarantee extension, the data entered in the course of this registration (name, address, email address, telephone number, type of device, date of acquisition, vendor) will in the first instance be used for the future processing of a guarantee claim.

          The legal basis for this is Art. 6(1) point b GDPR. The user data processed for this purpose will be deleted upon the expiry of the guarantee in accordance with the corresponding retention periods of fiscal and commercial law.

        4. Newsletter

          If the user subscribes to the supplier’s free newsletter, the data (email address and name), requested in the registration mask, will be processed by the supplier in order to deliver the user’s chosen topic. In addition the IP address, the date and the time of registration will be saved. During the registration procedure the user's permission will be requested, and the contents will be clearly described. At the same time reference will be made to the data protection policy. The data collected this way will be exclusively used to dispatch the newsletter. The data will not be passed on to third parties.

          The legal basis for this is Art. 6(1) point a GDPR. In accordance with Art. 7(3) GDPR the user can withdraw their future consent through a notification to the supplier or use of the unsubscribe link in the newsletter at any time.

        5. Contact/ticket

          If the customer registers for the purpose of contacting the supplier or making a service request, the personal data of the user entered on this occasion (name, address, email address, telephone number) will be used to process the request. The data is required to reply to the request. Without it a reply is not, or only to a limited extent, possible. The legal basis for this use is Art. 6(1) point b GDPR. The user data will be deleted, provided that the user request has been answered conclusively and as long as statutory storage obligations or guarantee/defect claims do not require otherwise.

        6. Competition

          If the user takes part in a competition organised by the supplier and registers for this purpose, the data entered for participation by the user (name, address, email address, telephone number) will be used by the supplier without further consent for the sole purpose of conducting and concluding the competition/raffle.

          As part of the competition the user’s personal data will be transmitted to the forwarding company commissioned to deliver or to a financial service supplier, as far as this is necessary for the delivery or the payment of a prize.

          The legal basis for processing participation data is Art. 6(1) point b GDPR.

          The user data stored to participate in the competition will be deleted fourteen days after the draw, except the data of the winners, which will only be deleted upon the expiry of the deadline in accordance with the corresponding retention periods of fiscal and commercial law.

          If the participation takes place through “Facebook”, Facebook will also process certain data and the supplier’s and user’s member accounts will be linked. For that purpose we refer to Facebook’s privacy policy here: https://de-de.facebook.com/about/privacy

        7. Comments/posts

          Through the evaluation or comment function (posts) of the website, which is available after registration, the users have the opportunity to publish their requests, replies or opinions.

          In doing so the post, the post submission date and the name, stated by the user, will be processed and published by the supplier.

          The legal basis is Art. 6(1) point a GDPR. Based on Art. 7(3) GDPR the user can withdraw their future consent with a notification to the supplier at any time.

          In addition the IP address and the email address of the user will also be processed. The processing of the IP address takes place because of the legitimate interest of the supplier in the event that the contribution of the user interferes with the rights of third parties and/or that illegal contents are distributed.

          The legal basis is Art. 6(1) point f GDPR. The supplier’s legitimate interest arises from any necessary legal defence.

          While contacting of the user by email, the supplier uses the personal user data entered on this occasion to process the request. The data is required to reply to the request. Without it a reply is not, or only to a limited extent, possible. The legal basis for this is Art. 6(1) point b GDPR. The user data will be deleted, provided that the user request has been answered conclusively and as long as statutory storage obligations, such as a subsequent contract implementation etc., require otherwise.

      • Payment service provider Klarna

        The provider uses the payment service provider Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden, hereinafter referred to as "Klarna", for the payment processing of orders via the online shop.

        For this purpose, the provider has integrated Klarna's "check-out" on the final order page.

        The legal basis for the processing of personal data is Art. 6(1) point b GDPR (fulfilment of contract) and the legitimate interest of the provider in the offer of effective and secure payment options pursuant to Art. 6(1) point f GDPR.

        As a result of this integration, the user's browser loads the "check-out" page from a Klarna server during the order process. As a result, the following data of the user are transmitted to the server of Klarna without the user interacting with the "check-out" page:

        • browser type and version
        • operating system used
        • website, from where the user has visited the supplier’s website (referrer URL)
        • website visited by the user
        • date and time of the access
        • internet protocol (IP) address of the user.

        With the payment methods advance payment and PayPal the processing is limited without further consent of the user to the passing on of the payment data to the seller or PayPal.

        When selecting the payment methods purchase on account, installment purchase, immediate transfer, credit card or direct debit, the following personal data are processed by Klarna for payment and, in this connection, for identity and credit checks:

        • contact information such as first name, last name, address, date of birth, gender, email address, IP address, phone number, mobile phone number, etc.
        • information about processing the order, such as product type, product number, price, etc.
        • payment information, such as debit and credit card information (card number, expiry date and CCV code), billing information, account number, etc.
        • In the case of the choice of "purchase on account" or "installment purchase", Klarna collects and uses personal data and information about the user’s previous payment behaviour as well as probability values for the user’s payment behaviour in the future (so-called scoring). This is in order to decide whether the payment method can be offered to the user. The scoring calculation is carried out on the basis of scientifically recognised mathematical-statistical methods.

        Further information on the aforementioned processing by Klarna and the applicable data protection provisions of Klarna can be found under https://cdn.klarna.com/1.0/shared/content/policy/data/en_de/data_protection.pdf .

      • Contact requests via email

        In the event of an order completion by the user, data entries are made in the input mask of the "check-out" page and Klarna takes responsibility for payment processing.

      • Job applications

        With digital job applications we collect and process the application data electronically for the purpose of conducting the application procedure.

        The legal basis for the processing in order to carry out the application procedure is Art. 6(1) point b GDPR.

        If your application leads to an employment contract, the data submitted can be stored in the personnel file for the purpose of the usual organisational and administrative processes, in compliance with the relevant legal regulations.

        The legal basis for the processing for the purpose of the employment relationship is Art. 6(1) point. b GDPR and, in the event that the provider is legally obliged to process employee data, Art. 6 (1) point c GDPR.

        The deletion of the data submitted will occur automatically with the rejection of the job application two months after notification of the rejection. This does not apply if legal requirements (burden of proof under German general equal treatment law (AGG)) require a longer storage period of up to four months or until any legal proceedings are concluded.

        The legal basis for this is Art. 6(1) point f GDPR and § 24(1) no. 2 BDSG (Bundesdatenschutzgesetz = German privacy law). The legitimate interest of the supplier is the legal defence.

        If consent has explicitly been given to store the data longer in a database for interested parties, the data will be processed on the basis of the consent.

        The legal basis for this is Art. 6(1) point a GDPR. In accordance with Art. 7(3) GDPR any future consent given to this can be withdrawn at any time through a notification to the supplier.

      • Youtube

        The provider uses the YouTube API services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter "Google", on the website to display video sequences.

        The terms of use can be found at https://www.youtube.com/t/terms .

        The legal basis for this is Art. 6(1) point a GDPR. In accordance with Art. 7(3) GDPR, the user can revoke this consent for the future at any time by setting the cookies on the website. The provider uses YouTube with the "extended data protection mode" option offered by YouTube.

        If the user visits a page with an embedded video, a connection to the Google servers in the USA will be established and instructions issued to the user’s browser to enable the content to be shown on the website. For this purpose Google processes at least the IP address, the date, time and page visited by the user. This also leads to a connection to the Google “DoubleClick” advertising network. If the user is logged in to YouTube at the same time, the connection information is assigned to the user’s YouTube member account.

        However, according to the data protection supervisory authorities, the USA does not currently have an adequate level of data protection. There are, however, so-called standard contractual clauses between the provider and Google: https://privacy.google.com/businesses/compliance/#!#gdpr

        However, these are private law agreements and therefore have no direct impact on the access possibilities of the authorities in the USA.

        According to Google, no information about users is stored on the website in "enhanced privacy mode" unless they watch the embedded video.

        If the user wishes to prevent Google from assigning the information it has collected directly to their member account, they need to log out of YouTube before they visit the website. In addition it is possible to configure the user account accordingly.

        Google also uses permanent cookies for functionality and analysis.

        Should a user not agree to this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. Closer information about this can be found under “Cookies” (above).

        For further information about the collection and use of data by Google and about the user’s corresponding rights and ways of protecting their privacy, please refer to Google’s Privacy Policy: https://policies.google.com/privacy

      • Use of HERE Maps

        The supplier uses the component "HERE Maps" of the company HERE Global B.V, Kennedyplein 222-226, 5611 ZT Eindhoven, Netherlands, hereinafter referred to as "HERE", for the visual location display of the specialist dealers.

        To display the locations a connection to the server of HERE and a request by the component for the visitor’s IP address are necessary. The component will initially use the IP address solely to send appropriate information to the browser or visitor. The IP address is therefore required to display this feature. The connection enables HERE to identify the website from which an enquiry has been sent and the IP address to which the location display of the specialist dealers is to be transmitted.

        In addition, HERE will set a cookie to process user preferences and data when displaying the page and the associated features the "HERE Maps" component is integrated into.

        If the user does not agree with this processing, it is possible to prevent the installation of the cookie by setting the browser accordingly. More information on this can be found under "Cookies".

        The legal basis for this is Art. 6(1) point f GDPR. The legitimate interest of the supplier is the optimisation of its website functions.

        If the visitor consents, specifically through a browser setting or browser release, HERE will also use the visitor’s IP address to process their approximate location and display the nearest specialist dealer.

        The legal basis is Art. 6(1) point a GDPR. Future consent can be revoked at any time through the appropriate browser setting.

        HERE offers further information on the relevant data processing under the following link: https://legal.here.com/en-gb/privacy/policy

      • JBL ProScan APP

        Using application software (app) for mobile operating systems, the provider enables the user to analyse and diagnose their aquarium water. To do this the following data is collected from the provider and third parties:

        1. Downloading the app

          To use the app you need to install it on your mobile device. This can be done via the Google Play Store or the Apple App Store.

          Google Play Store is a service of Google LLC., 1600 Amphitheater Parkway, Mountain View, CA 94043 USA, hereinafter "Google."

          Google also collects, stores and processes data that may be required for the payment or function of the app. More about this: https://www.google.com/intl/en/policies/privacy/

          App Store is a service of Apple Inc. One Apple Park Way, Cupertino, Calif. 95014 USA, hereinafter "Apple".

          Apple also collects, stores and processes data that may be required for the payment or function of the app. More about this: https://www.apple.com/legal/privacy/en-ww/

        2. Information about any access(es) required

          For you to use its features, the app needs to access the following contents or features on your mobile device:

          Accounts: To run the app, it needs to save and confirm a user account on the customer's device. To do this, the app accesses the account authentication features of the account manager.

          Camera/photos: Access to the camera and photos also gives the app access to the memory of the mobile device while carrying out its functions. This allows the reading, saving, changing or deleting of photos in the memory. The contents are primarily images captured by the user via the app.

          Access to or retrieval of network connections: The app requires partial access to existing networks so that it can retrieve data over the Internet. As part of this function, the app will also review which mobile networks, such as LTE or Wi-Fi, are available, in order to optimise the transmission.

          The legal basis for the processing is Art. 6 para. 1 point b GDPR.

          The user-approved app authorisations can be changed under "Settings" of the device at any time. If the permissions are deactivated you may not be able to use all the features of the app.

          More information about the permissions of the settings:
          https://support.google.com/googleplay/answer/6270602?hl=en&ref_topic=6046245
          https://support.apple.com/en-en/HT207830

        3. Server log files

          For communication and security reasons, the following data on the mobile device is transmitted to the provider or their web space provider during use of the app (so-called server log files):

          • smartphone type
          • app version
          • operating system used
          • date and time of access
          • user ID
          • aquarium ID
          • internet protocol (IP) address of the user or the device and card identifiers.

          The legal basis for the processing is Art. 6(1) point b GDPR.

          Your personal data will be stored in an anonymous form afterwards for analysis purposes.

        4. Newsletter

          If the user signs up for the provider’s free newsletter ProScan, the email address will be processed by the supplier in order to deliver the newsletter. As part of the installation of the APP, the consent of the user is obtained and reference will be made to this privacy policy. The data collected this way will be used exclusively to dispatch the newsletter. The data will not be passed on to third parties.

          The legal basis for this is Art. 6(1) point a GDPR. In accordance with Art. 7(3) GDPR the user can withdraw their future consent through a notification to the supplier or use of the unsubscribe link in the newsletter at any time.

      • Google Tag Manager

        The provider uses the Google Tag Manager to integrate various functions on the website. The Google Tag Manager is a product of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter "Google".

        The sole function of the Google Tag Manager is to add certain content to the provider's website and to enable the provider to manage these functions on an interface provided by Google.

        When the website is called up, the functions are therefore loaded from a Google server, which may also be located in the USA. The server must process the IP address of the user in order to transmit the functions.

        The corresponding functions are listed at the end of the provider's privacy policy. Any consent not granted by the user for these functions will also be respected when using the Google Tag Manager.

        However, according to the data protection supervisory authorities, the USA does not currently have an adequate level of data protection. There are, however, so-called standard contractual clauses between the provider and Google:
        https://privacy.google.com/businesses/compliance/#!#gdpr
        However, these are private law agreements and therefore have no impact on the access possibilities of the authorities in the USA.

        The legal basis for this is Art. 6(1) point f GDPR. The legitimate interest of the provider is the optimisation and economic operation of the website.

      • Google Analytics

        This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter "Google".

        Google Analytics is used by the provider to analyse the use of the website and to measure marketing campaigns. The legal basis for this is Art. 6(1) point a GDPR. In accordance with Art. 7 (3) GDPR, the user can revoke the consent for this at any time for the future by setting the cookies on the website under the menu item "Cookie settings".

        Information such as time, place and frequency of website visits and interaction with the website, e.g.

        • click path
        • ads seen / clicked on
        • clicks on links
        • orders incl. sales and products

        by the user including his IP address, will be transmitted to a Google server in the USA and stored there for a maximum of 2 months.

        However, according to the data protection supervisory authorities, the USA does not currently have an adequate level of data protection. There are, however, so-called standard contractual clauses between the provider and Google:
        https://privacy.google.com/businesses/compliance/#!#gdpr
        However, these are private law agreements and therefore have no impact on the access possibilities of the authorities in the USA.

        Google also collects "demographic characteristics" and can use them to create statistics that allow statements to be made about the age, gender and interests of site visitors. This is done through the automated analysis of advertising and information from third-party providers.

        If the user has activated personalised ads in his Google account, Google may, subject to the user's consent to the use of Google Analytics, analyse usage behaviour across devices - in relation to all end devices that the user has linked to his Google account - and create database models, including on conversions across devices. The provider does not receive any personal data from Google for this purpose, but only statistics.

        If the user wishes to revoke this cross-device analysis, he or she can deactivate the " Personalised advertising" function in the settings of his or her Google account as follows: https://support.google.com/ads/answer/2662922?hl=de

        The provider uses Google Analytics with an anonymisation function. In this case, Google’s IP address is shortened by this add-on within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.

        Google will use the data thus collected to evaluate the user's visit to the website and to compile reports on website activity for the provider. In addition, the data will be used to provide other services related to the use of the website and the internet. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf.

        According to Google, the IP address of the user will never be linked to other Google data. Google provides further information, in particular on the possibilities of preventing the use of data, under the following link: https://www.google.com/intl/de/policies/privacy/partners

        If you do not agree with the data acquisition, you can prevent it with the one-time installation of the browser add-on to deactivate Google Analytics.

      • Facebook Pixel -Conversion Tracking

        The provider uses facebook’s “Visitor Action Pixel” on the website, a web analysis and conversion measurement service of the company Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland a subsidiary of Meta Platforms Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA, hereinafter "facebook".

        The facebook Visitor Action Pixel is used by the provider to analyse the use of the website and to advertise its services on the facebook platform. The legal basis for this is Art. 6(1) point a GDPR. In accordance with Art. 7(3) GDPR, the user can revoke the consent for this at any time for the future by setting the consent managers ("Cookie settings") on the website.

        The use of the Visitor Action Pixel results in a connection with the facebook server in the USA. Through this, the IP address and information about the user's browser is collected by facebook. In addition, facebook collects an individual pixel ID and the associated website activities of the user.

        However, according to the data protection supervisory authorities, the USA does not currently have an adequate level of data protection. There are, however, so-called standard contractual clauses between the provider and facebook. However, these are private law agreements and therefore have no direct impact on the access possibilities of the authorities in the USA.

        Based on this processing, it is possible for facebook to display personalised advertisements of the provider to the user on facebook or a third party website. The conversion measurement also enables the provider to record and evaluate the behaviour of users after they click on a facebook advertisement and are redirected to the provider's website. This enables the provider to optimise its facebook ads.

        More detailed information on the collection and use of data by facebook as well as on the rights and options for protecting the user's privacy in this regard can be found in facebook's privacy policy: https://www.facebook.com/policy.php

      • Microsoft - Bing Ads Universal Event Tracking

        This website uses "Bing Ads" for remarketing and completion tracking. "Bing Ads" is a product of Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521, Ireland, a subsidiary of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA, hereinafter "Microsoft" and uses the so-called Universal Event Tracking (UET).

        If the user clicks on an advertisement placed by the provider on the Bing search engine, a cookie is stored on the user's end device due to the integration of Microsoft's tracking technology. These so-called "tracking cookies" lose their validity after 180 days and do not serve to personally identify the user.

        If the user visits certain pages of the provider's website and the cookie has not yet expired, both Microsoft and the provider can recognise, in the event of the user's consent, that the user has clicked on one of the ads placed by the provider on Bing and was redirected to the provider's website. In addition, the length of time spent on the website, which areas of the website were accessed and via which ad the user reached the website are also recorded. Information on the identity of the user is not recorded. It cannot be ruled out that this information will be stored on servers in the USA.

        However, according to the data protection supervisory authorities, the USA does not currently have an adequate level of data protection. There are, however, so-called standard contractual clauses between the provider and Microsoft.
        However, these are private law agreements and therefore have no impact on the access possibilities of the authorities in the USA.

        The information obtained with the help of the "tracking cookies" is used by Microsoft to compile visit statistics for the provider. However, the provider or other advertisers via "Bing Ads" do not receive any information with which users can be personally identified.

        In addition, Microsoft may be able to track usage behaviour across multiple devices through so-called cross-device tracking and is thus able to display personalised advertising across devices.

        Should the user wish to object to his or her consent in relation to this processing, it is possible to block the installation of the cookies again by making the appropriate setting under "Cookie settings" on the website.

        In addition, the user can change the personalised advertising in his Microsoft account, if available, under http://choice.microsoft.com/de-de/opt-out .

        More information about Bing Ads: https://help.bingads.microsoft.com/#apex/3/de/53056/2

        Microsoft Privacy Policy: https://privacy.microsoft.com/de-de/privacystatement

      • Integration of social media

        The provider uses a link on the website to the social networks listed below.

        The plugins are integrated via a linked graphic. Only by clicking on the corresponding graphic is the user redirected to the service of the respective social network. After the customer has been forwarded, information about the user is collected by the respective network. This is initially data such as IP address, date, time and site visited. If the user is logged into his or her user account of the respective network during this time, the network operator may be able to assign the collected information of the user's specific visit to the user's personal account. If the user interacts via a "Share" button of the respective network, this information can be stored in the user's personal user account and possibly published. If the user wants to prevent the collected information from being directly assigned to his/her user account, the user must log out before clicking on the graphic. In addition, it is possible to configure the respective user account accordingly.

        The following social networks are linked by the provider:

        Facebook - Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland.
        Data Protection Declaration: https://www.facebook.com/policy.php

        Instagram - Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland.
        Data Protection Declaration: https://help.instagram.com/519522125107875

        Pinterest - Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.
        Data Protection Declaration: https://policy.pinterest.com/de/privacy-policy

        YouTube - Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland.
        Data Protection Declaration: https://policies.google.com/privacy

  2. Privacy policy for social media appearances

    To promote our products and services as well as to communicate with interested parties or customers, we use so-called social media platforms.

    In particular, the details below will inform you of the nature, scope, purpose, duration and legal basis of the processing of personal data when you visit or contact one of our company presentations on a social media platform or contact us via this platform.

    "Processing" is the collection, use, transfer and/or storage. According to the General Data Protection Regulation (hereinafter referred to as "GDPR"), "personal data" essentially includes all data with which a natural person can be identified. The exact definitions of the terms are defined in Art. 4 GDPR.

    1. Information about the jointly responsible persons/parties (controllers)

      For all social media platforms listed below,

      JBL GmbH & Co. KG
      JBL GmbH & Co. KG
      Dieselstraße 3
      D-67141 Neuhofen
      Tel.: +49/ (0)6236/ 4180-0
      Fax: +49/ (0)6236/ 4180-999

      - hereinafter referred to as "provider" -

      is jointly responsible with the platform operator named below within the meaning of Art. 26 GDPR.

      The external data protection officer of the provider is:

      Killian Hedrich
      Killian Hedrich
      c/o DatCQ GbR
      Alexander F. Bräuer, Killian Hedrich
      und Frank Weiß
      Katharinenstraße 16

      73728 Esslingen
      Phone: +49 (0)711/ 93277955
      Fax: +49 (0)711/ 93277956
      Facebook and Instagram

      On the social media platforms "facebook", and “Instagram” the provider is jointly responsible with

      Meta Platforms Ireland Limited
      4 Grand Canal Square
      Grand Canal Harbour
      Dublin 2 Ireland

      .

      The data protection officer of facebook can be reached via a contact form: https://www.facebook.com/help/contact/540977946302970

      The jointly responsible persons/parties have concluded an agreement on their respective obligations arising from the GDPR. This agreement can be accessed under the following link: https://www.facebook.com/legal/terms/page_controller_addendum

    2. Rights of the user

      Regardless of the details of the agreement, you may exercise your rights under the GDPR with and against each of the persons/parties responsible.

      The user has the right, with respect to the processing of his personal data reproduced below by the controllers, to

      1. to request confirmation as to whether the data concerning them are being processed and to receive precise information about this data as well as further information and copies of the data in accordance with Art. 15 GDPR
      2. to request the immediate rectification of inaccurate data concerning them or the completion of this data in accordance with Art. 16 GDPR
      3. to request that their data is promptly deleted according to Art. 17 GDPR, or, alternatively, if, for example, further processing according to Art. 17(3) GDPR is required, to demand a restriction of the processing of the data in accordance with Art. 18 GDPR
      4. to receive the data concerning them and provided by them in accordance with Art. 20 of the GDPR, as well as the further right to request their communication to other person/party responsible
      5. to file a complaint with the supervisory authority in accordance with Art. 77 GDPR, if the user believes that the processing of their data by the provider is in breach of the GDPR.
      6. In principle, the user is entitled at any time to object to the future processing of the data concerning them, which is carried out by a person/party responsible on the basis of Art. 6(1) point f GDPR in accordance with Art. 21 GDPR. The objection may in particular be made against processing for direct marketing purposes.
      7. The person/party responsible is also obliged to inform any recipient of the data to whom the data was disclosed, of any correction or deletion of the personal data or of any restriction of the processing that takes place on the basis of Article 16 GDPR, Article 17(1) GDPR and Article 18 GDPR. The obligation does not exist in the event that this communication proves to be impossible or involves a disproportionate effort. The user has the right to receive information regarding these recipients.
    3. Information about data processing

      To advertise its products and services as well as to communicate with any interested persons/parties or customers, the provider operates a company presence on the following platform(s).

      The legal basis for the processing of personal data resulting from this and subsequently reproduced for each platform is Article 6 (1) point f GDPR. The legitimate interest of the provider is in the analysis, communication, sales and promotion of its products and services.

      Legal basis may also be a consent of the user to the platform operator in accordance with Art. 6(1) point a GDPR. According to Art. 7(3) GDPR, the user can revoke this consent at any time by sending a message to the platform operator.

      Facebook and Instagram

      Visiting the provider's online presence on their “facebook” and “Instagram” platforms enables Meta Platforms Ireland Limited, as operator of both platforms in the EU, to process user data (e.g. personal information, IP address etc.).

      This user data gives the provider statistical information about the use of its company presence on “facebook” and “Instagram”. Meta Platforms Ireland Limited uses this data for market research and advertising purposes in particular, and also to create user profiles. On the basis of these profiles, Meta Platforms Ireland Limited is able, for example, to place advertising within and outside “facebook” and “Instagram” in an interest-based manner for the user. If the users are logged in to their Facebook account at the time, Meta Platforms Ireland Limited can also link the data to their respective user account.

      If the user contacts the provider through “Facebook” and “Instagram”, the personal data of the user entered on this occasion is used to process the request. The user's data will be deleted by the provider once the user's request has been concluded, provided that no legal storage obligations, such as for a subsequent contract, exist.

      Meta Platforms Ireland Limited may also set cookies to process the data.

      If the user does not agree with this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. Cookies that have already been saved can also be deleted at any time. The settings for this depend on the respective browser. In the case of Flash cookies, processing cannot be prevented using the browser settings, but with the corresponding setting of the Flash Player. If the user prevents or restricts the installation of cookies, this may mean that not all facebook features are fully usable.

      More details on the processing activities, their suppression and the deletion of the data processed by “Facebook” and “Instagram” can be found in the data policy of “Facebook” and “Instagram”:
      https://www.facebook.com/privacy/explanation
      https://help.instagram.com/519522125107875

      It cannot be ruled out that Meta Platforms Ireland Limited’s processing will also take place via Meta Platforms Inc, 1601 Willow Road, Menlo Park, California 94025 also in the USA.

  3. Privacy policy for contract processing

    1. Name and contact details of the person/party responsible (controller)

      JBL GmbH & Co. KG
      JBL GmbH & Co. KG
      Dieselstraße 3
      D-67141 Neuhofen
      Tel.: +49/ (0)6236/ 4180-0
      Fax: +49/ (0)6236/ 4180-999

      The external data protection officer of the person/party responsible (controller) is:

      Killian Hedrich
      Killian Hedrich
      c/o DatCQ GbR
      Alexander F. Bräuer, Killian Hedrich
      und Frank Weiß
      Katharinenstraße 16

      73728 Esslingen
      Phone: +49 (0)711/ 93277955
      Fax: +49 (0)711/ 93277956
    2. Collection and storage of personal data as well as nature and purpose and their use

      When you place an order with us or request a quote, we collect the following information:

      • title, first name, surname, email address, address, telephone number and bank details, when applicable
      • information required for contract processing

      The collection of this data takes place

      • to be able to identify you as our customer or prospect
      • to be able to carry out the order
      • to be able to serve you properly
      • for correspondence with you
      • for customer administration
      • for accounting purposes.

      The data processing takes place on the basis of your order or request for proposal and according to Art. 6(1) sentence 1 point b GDPR for the stated purposes necessary for the proper execution of the contract and for the mutual fulfilment of the contractual obligations.

      In addition, we reserve the right to use your data for direct marketing by email or by post pursuant to Art. 7 (3) UWG if you do not object to this use. Direct advertising exclusively includes offers for similar services as those already booked by you with us. The legal basis in this case is Art. 6(1) point f GDPR. Our legitimate interest lies in the economic interest of the sale of our services.

      The personal data collected by us for the commissioning will be stored until the end of the assignment and thereafter deleted, unless we are obliged under Article 6(1) sentence 1 point c GDPR to retain it for a longer period of time due to tax and commercial law or other statutory storage and documentation obligations (for example from HGB, StGB or AO), or you have consented to storage beyond that, according to Art. 6(1) sentence 1 point a GDPR.

    3. Disclosure of data to third parties

      A transfer of your personal data to third parties for purposes other than those listed below does not take place.

      Insofar as this is required in accordance with Art. 6(1) sentence 1 point b GDPR for the execution of the contract, your personal data will be passed on to third parties. This includes in particular the transfer of your data to financial service providers or transport companies, if this is necessary for the payment and delivery of the subject of the contract.

    4. Consent

      Any processing of your personal data outside the fulfilment of the contract can take place with your consent. Such consent must have been expressly given by you and can be revoked by you at any time for the future. If we ask you for such voluntary consent, we will inform you separately about the purpose.

      The legal basis for such processing is Art. 6(1) point a GDPR.

    5. Rights of the persons affected

      You have the right:

      • in accordance with Art. 7(3) GDPR, to revoke any consent you once gave to us at any time. As a result, we may no longer continue the data processing based on this consent in the future
      • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you may request information on the processing purposes, the category of the personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right of rectification, deletion, restriction of processing or objection, the existence of a right of complaint, the origin of your data, unless it has been collected from us, as well as the existence of an automated decision making process including profiling and, if applicable, meaningful information on its details
      • in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us
      • to demand the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims
      • to demand the restriction of the processing of your personal data in accordance with Art. 18 GDPR if you dispute the correctness of the data, if the processing is unlawful but you refuse its deletion and we no longer need the data but you need it to assert, exercise or defend legal claims
      • or if you have lodged an objection against the processing in accordance with Art. 21 GDPR
      • in accordance with Art. 20 GDPR, to receive the personal data you disclosed to us, in a structured, common and machine-readable format or to request the transfer to another responsible party, and
      • to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, workplace or our company headquarters.
    6. Right to object

      If your personal data is processed on the basis of legitimate interests in accordance with Art. 6(1) sentence 1 point f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, if there are reasons for doing so which arise from your particular situation. In particular, the objection may be lodged against the processing of your personal data for the purposes of direct advertising.

      If you wish to exercise your right of objection, simply send an email to: info@jbl.de

A word about cookies before we continue

The JBL Homepage also uses several types of cookies to provide you with full functionality and many services: We require technical and functional cookies to ensure that everything works when you visit this website. We also use cookies for marketing purposes. This ensures that we recognise you when you visit our extensive site again, that we can measure the success of our campaigns and that the personalisation cookies allow us to address you individually and directly, adapted to your needs - even outside our website. You can determine at any time - even at a later date - which cookies you allow and which you do not allow (more on this under "Change settings").

The JBL website uses several types of cookies to provide you with full functionality and many services: Technical and functional cookies are absolutely necessary so that everything works when you visit this website. In addition, we use cookies for marketing purposes. You can determine at any time - even at a later date - which cookies you allow and which you do not (more on this under "Change settings").

Our data protection declaration tells you how we process personal data and what purposes we use the data processing for. tells you how we process personal data and what purposes we use the data processing for. Please confirm the use of all cookies by clicking "Accept" - and you're on your way.

Are you over 16 years old? Then confirm the use of all cookies with "Noticed" and you are ready to go.

Choose your cookie settings

Technical and functional cookies, so that everything works when you visit our website.
Marketing cookies, so that we recognize you on our pages and can measure the success of our campaigns.
I accept the YouTube Terms of Service and confirm that I have read and understood the YouTube Terms of Service .

PUSH messages from JBL

What are PUSH messages? As part of the W3C standard, web notifications define an API for end-user notifications that are sent to the user's desktop and/or mobile devices via the browser. Notifications appear on the end devices as they are familiar to the end user from apps installed on the device (e.g. emails). Notifications appear on the end user’s device, just like an app (e.g. for emails) installed on the device.

These notifications enable a website operator to contact its users whenever they have a browser open - it doesn’t matter whether the user is currently visiting the website or not.

To be able to send web push notifications, all you need is a website with a web push code installed. This allows brands without apps to take advantage of many of the benefits of push notifications (personalised real-time communications at just the right moment).

Web notifications are part of the W3C standard and define an API for end user notifications. A notification makes it possible to inform the user about an event, such as a new blog post, outside the context of a website.

JBL GmbH & Co. KG provides this service free of charge, and it is easy to activate or deactivate.