Skip to content

The following legal notice and the following privacy policy apply to our social media presence:

Legal Notice

Responsible for this website according to § 5 TMG:

Planubo, Christoph Drechsler & Michael Tenzer GbR
Am Hirtengarten 2
77743 Neuried
Germany

Telephone: +49 7807 89089 75
E-Mail: info@planubo.com
Internet address: https://planubo.com

VAT ID according to Section 27a of the German VAT act:

DE327616070

Responsible for the content according to § 55 paragraph 2 RStV:

Planubo, Christoph Drechsler & Michael Tenzer GbR
Am Hirtengarten 2
77743 Neuried
Germany

Online Dispute Resolution

The European Commission provides an online dispute resolution platform for out-of-court online dispute resolution (OS Platform), available at http://ec.europa.eu/consumers/odr/ We don’t participate in dispute settlement procedures in front of a consumer arbitration service.

Disclaimer

In the case of direct or indirect references to external websites (“hyperlinks”), which are outside the author’s area of responsibility, a liability obligation would only come into force if the author had knowledge of the contents and it would be technically possible and reasonable for him to prevent the use in case of illegal contents. The author hereby expressly declares that at the time the links were created, no illegal content was discernible on the linked pages. The author has no influence on the current and future design, content or authorship of the linked pages. Therefore, the author hereby expressly distances himself from all contents of all linked/connected pages that were changed after the link was set. This statement applies to all links and references set within the author’s own Internet offer as well as to external entries in guest books, discussion forums, link directories, mailing lists and all other forms of databases, set up by the author, of which contents can be accessed and written to externally. For illegal, incorrect or incomplete contents and in particular for damages resulting from the use or non-use of such information, the provider of the page to which reference is made shall be solely liable, not the person who merely refers to the respective publication via links.

Copyright and trademark law

The layout and content of this website and the documents it contains are subject to German copyright law. Reproductions of any kind require the written permission of Planubo, Christoph Drechsler & Michael Tenzer GbR. The author endeavors to observe the copyrights of the images, graphics, sound documents, video sequences and texts used in all publications, to use images, graphics, sound documents, video sequences and texts created by himself or to use license-free graphics, sound documents, video sequences and texts. All brand names and trademarks mentioned within the Internet offer and possibly protected by third parties are subject without restriction to the provisions of the respective valid trademark law and the ownership rights of the respective registered owners. The mere mention of a trademark does not imply that it is not protected by third party rights! The copyright for published objects created by the author himself remains solely with the author of the pages. Any duplication or use of objects such as diagrams, sounds or texts in other electronic or printed publications is not permitted without the author’s written agreement.

Privacy policy for Planubo GbR’s social media presence

This privacy policy explains what personal data is collected when you visit our publicly accessible profiles on social networks (“social media profiles”) and for what purposes it is used.

I. Name and address of the responsible party

We generally operate our social media profiles jointly with the respective social network provider. The controller within the meaning of the General Data Protection Regulation (“GDPR”) and other national data protection laws of the member states as well as other data protection regulations is therefore, on the one hand:

Planubo GbR

Am Hirtengarten 2

77743 Neuried

Germany

Tel.: +49 7807 89089 76

Email: info@planubo.com

Website: https://planubo.com/

On the other hand, the operators of social media platforms are also responsible for the data processing that takes place within the social network. Information on the individual social network providers can be found below in Section III of this privacy policy.

II. General information on data processing when visiting social networks

  1. Description and scope of the processing of personal data

We have publicly accessible social media profiles on various social networks. The processing of personal data of the data subjects is generally only carried out to the extent necessary to provide our social media profiles and the content and services described therein. When you visit one of our social media profiles on a social network, various data processing operations take place. In order to use individual functions of our social media profiles, it may also be necessary for you to transmit personal data to us and/or social networks. Insofar as this is required by law, processing in individual cases will only take place with the consent of the visitor to our social media profiles. Exceptions apply in cases where the processing of personal data is already permitted by other legal provisions.

  1. Legal basis for the processing of personal data

If the consent of the data subject is obtained for the processing of personal data, we process the data on the basis of Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR, if special categories of personal data are processed. In the event of express consent to the transfer of personal data to third countries outside the EU/EEA, data processing is also carried out on the basis of Art. 49 (1) (a) GDPR. Insofar as the processing of personal data is necessary for the performance of a contract or for the implementation of pre-contractual measures , Art. 6 (1) (b) GDPR serves as the legal basis. If processing is necessary to safeguard a legitimate interest of our company or a third party and the interests, fundamental rights, and freedoms of the data subject do not outweigh this interest, Art. 6 (1) (f) GDPR serves as the legal basis for processing. The relevant legal basis for the respective data processing can be found in the following sections of this privacy policy.

  1. Duration of storage and obligation to delete data

We only store personal data of the data subjects for as long as is legally permissible. Therefore, the personal data of the data subjects will be deleted (or blocked) as soon as the respective purpose of storage no longer applies. Furthermore, storage may only take place if this has been provided for by European or national legislators in corresponding regulations, laws, or other provisions applicable to the respective controller. Personal data may also be deleted (or blocked) if a storage period or retention period prescribed by the aforementioned regulations ends, unless other legal reasons require further storage.

We would like to point out that we have no influence on the storage period of data stored by social network providers for their own purposes. For details, please contact the social network providers directly. Information on the data protection regulations and terms of use of the individual social media platforms can be found in Section III of this privacy policy.

  1. Transfer of personal data outside the EU/EEA

When visiting social media profiles on social networks, data processing may take place in third countries outside the member states of the European Union (EU) or signatory states to the Agreement on the European Economic Area (EEA). For this purpose, the EU Commission has issued an adequacy decision pursuant to Art. 45 (1) GDPR for some of these third countries, confirming under certain conditions that adequate protection for personal data exists in the respective country. The list of the currently valid adequacy decisions of the EU Commission can be found here: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en. The respective adequacy decisions may differ in their scope from country to country. For example, the adequacy decision for the United States of America (USA) only applies if the respective data recipient in the USA can provide evidence of certification under the EU-US Data Privacy Framework with the US Department of Commerce. Information on this can be found below from the respective operators of the social media platforms.

In cases where no adequacy decision has been made by the EU Commission, appropriate agreements are generally concluded with the respective social network providers, such as the conclusion of standard contractual clauses, which are intended to ensure, among other things, a level of data protection that is sufficient according to European standards. In addition, , further protective measures (e.g., encryption and additional contractual provisions on guarantees, etc.) are taken, insofar as required by the applicable data protection laws, to ensure an adequate level of protection for your personal data.

It is also possible that the operators of the social media platforms may obtain your consent when you visit the social media platforms and the social media profiles provided therein, as well as for the use of individual functionalities in accordance with Art. 49 (1) (a) GDPR, so that your data can be processed in a third country outside the EU/EEA. Details can also be found in section III. 7. of this privacy policy.

III. Data processing when visiting social networks in detail

  1. Description and scope of the processing of personal data

We have our own social media profiles on the following social networks:

  • Facebook: https://www.facebook.com/planubo/
  • Instagram: https://www.instagram.com/planubo/
  • X: https://x.com/planubo
  • LinkedIn: https://www.linkedin.com/company/planubo
  • YouTube: https://www.youtube.com/channel/UCaL5JTnmlKULN1rXwukDHkg
  • TikTok: https://www.tiktok.com/@planubo
  • Pinterest: https://www.pinterest.com/planubo/


When you visit one of these social networks, your personal data is processed not only by us, but also by the providers of the respective social network. This may also be the case if you do not have your own social media profile on the social network.

When you visit one of our social media profiles, we, as the operator of the social media profile, process your actions and interactions. This may include the content of your messages, inquiries, posts, or comments that you send to us or leave on our social media profile, or when you like or share our posts. We also process your publicly visible profile data (e.g., your name and profile picture). Which personal data from your profile is publicly visible depends on your profile settings, which you can adjust yourself on the respective social media platform.

If you have a social media profile on the respective social network and are logged into your social media account, the operator of the social media platform is able to assign your visit to our social media profile to your user account. It is possible that your personal data may also be collected if you are not logged into your user account. In this case, data processing is carried out, for example, via cookies, i.e., data records that are stored on your device, or by recording your IP address.

This enables social network providers to create user profiles that store your preferences and interests. In this way, can display interest-based advertising to you both within and outside the respective social network. If you have a user account with the respective social network, interest-based advertising may be displayed on all devices on which you are or have been logged in.

For information and details about how social networks process data, please refer to the following privacy policies and terms of use:

We ourselves can only view the information stored in your public profile, and only if you have such a social media profile and are logged into it while visiting our social media profile. Social network providers may provide us with anonymized usage statistics (so-called page insights data) for our social media profiles based on the actions and interactions of visitors. However, we do not have access to the usage data that the social network provider collects to compile these statistics.

For more information on the processing of your personal data by the operator of the respective social media platform in the context of the creation and processing of usage statistics, please refer to the information on the following websites of the respective social media platform:

  1. Joint responsibility with the respective social network

We may be jointly responsible with the operator of the social media platform for the data processing operations that take place when you visit one of our social media profiles. In this case, you are generally entitled to the rights listed in Section IV of this privacy policy both vis-à-vis us and vis-à-vis the operator of the respective social media platform, unless the controllers have agreed otherwise in their contract on joint responsibility. Please refer to the following information in this privacy policy for details.

However, we would like to point out that, despite our joint responsibility with the operators of social media platforms, we do not have full control over the data processing operations of social media platforms. In this respect, it may be that, for example, in the case of requests for information or the assertion of rights of the data subject, direct contact with the respective provider of the social network may be more effective. This is because, as a rule, only the provider of the respective social network has access to the data of the users and can take the appropriate measures and provide information. Of course, you also have the right to contact us. In this case, we will forward your request to the operator of the social media platform.

In the case of Facebook and Instagram, the social network provider has undertaken to us in accordance with Art. 26 GDPR to fulfill all obligations under the GDPR with regard to this data and to make the essential content of these obligations available to the persons concerned. Further information on this can be found at: https://www.facebook.com/legal/controller_addendum

LinkedIn shares responsibility with us for data protection with regard to data processing when using so-called Page Insights and the provision of aggregated data. LinkedIn has undertaken to fulfill all obligations under the GDPR with regard to this data and to inform the persons concerned about their processed data. Further information can be found in the addendum “Joint Controllers with regard to Page Insights” at: https://www.linkedin.com/legal/l/page-joint-controller-addendum.  

When using TikTok Analytics, we assume joint responsibility with TikTok for the evaluations created on the basis of this data regarding users’ interaction with content (so-called engagement data), which TikTok provides to us as aggregated data. TikTok has undertaken to fulfill all obligations under the GDPR with regard to this data and, in particular, to inform users and to protect the rights of data subjects. Further information can be found here: https://www.tiktok.com/legal/page/global/tiktok-analytics-joint-controller-addendum/en

  1. Purpose of processing personal data

We maintain social media profiles on social networks in order to provide information about us and our products and services and to draw attention to our products and services. Our social media profiles also serve to enable us to contact and communicate with customers and interested parties via social media platforms. In doing so, our social media profiles are intended to ensure the most comprehensive possible presence of our company on the internet.

If you use our social media profiles on social networks to contact us by creating posts and comments, responding to posts, or sending private messages via the social network, we process the data you provide exclusively for the purpose of contacting and communicating with you.

We use the anonymized usage statistics provided to us by social network providers to optimize and improve the user experience when visiting our social media profiles.

  1. Legal basis for the processing of personal data

The legal basis for maintaining our social media profiles on social networks is Art. 6 (1) (f) GDPR. In this respect, we have a legitimate interest in publishing information about ourselves and our products and services on the internet and in using the up-to-date and supportive information options offered by social networks for this purpose. We also have a legitimate interest in analyzing the success of measures based on anonymized usage statistics and tailoring our own offerings to the interests of social network users. It is not apparent that the interests, fundamental rights, and fundamental freedoms of the users and visitors of our social media profiles outweigh this interest.

If you use our social media profiles on social networks to contact us, the processing of personal data is based on Art. 6 (1) (a) GDPR if the user has given their consent. If your contact is aimed at concluding a contract or is related to the performance of a contract, the legal basis for the processing of personal data is Art. 6 (1) (b) GDPR. This also applies to the implementation of pre-contractual measures that may be necessary on the basis of establishing contact.

The analysis processes initiated by the social network providers may be based on different legal bases, which must be specified by the social network providers (e.g., on the basis of consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR). Details and information can be found in the respective providers’ privacy policies.

  1. Duration of storage and data deletion

The data processed and stored via our social media profiles will be deleted as soon as storage is no longer necessary. Mandatory legal provisions—in particular, statutory retention periods—remain unaffected by this. This means that the data collected directly by us via our social media profiles will be deleted from our systems, in particular, if the purpose for its storage no longer applies, if you request us to delete it, or if you revoke your consent to its storage.

We have no influence on the storage period of your data stored by social network providers for their own purposes. For details, please contact the social network providers directly. If cookies have been stored on your device as part of this data processing, they will remain on your device until you delete them. In this respect, there are various options for deactivating and deleting cookies from social network providers, which you can find in the following section of this privacy policy.

  1. Right to object and right to erasure

As already mentioned, the respective terms of use and privacy policies of the respective social network provider apply within the framework of social media platforms. Please note that we cannot influence all processing procedures in the respective social networks. You can restrict this data processing by managing your privacy and data protection settings accordingly. You can usually make changes yourself in your respective user account. You can also click on the following links and log in to the respective social network:


You can find the settings for your advertising preferences and further information on the processing of your personal data by the operators of social media platforms with regard to interest-based advertising at the following links for the respective social networks:

 

  1. Transfer of personal data to data processors in third countries

Social media platform providers may process some of the information collected outside the EU or the EEA in a so-called third country. To this end, social media platform providers use various transfer mechanisms to transfer personal data.  , in particular, has the option of basing the transfer on an adequacy decision or other safeguards, such as the conclusion of standard contractual clauses.

An adequacy decision is currently in place for the USA, which you can find here: https://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32023D1795. The respective data recipients in the USA must provide proof of certification under the EU-US Data Privacy Framework to the US Department of Commerce.

Below you will find information on the data recipients and the transfer mechanisms used by the individual platform providers.

  • Facebook and Instagram: Meta Platforms Ireland Ltd. transfers personal data to Meta Platforms, Inc., 1 Meta Way, Menlo Park, CA 94025, USA, on the basis of https://www.facebook.com/legal/EU_data_transfer_addendum approved by the European Commission. In addition, Meta Platforms, Inc. is certified under the EU-US Data Privacy Framework.
  • LinkedIn: LinkedIn transfers data to LinkedIn Corporation, 1000 W Maude Ave, Sunnyvale, CA 94085, USA, on the basis of standard contractual clauses approved by the European Commission (https://de.linkedin.com/legal/l/dpa). In addition, LinkedIn Corporation is certified under the EU-US Data Privacy Framework.
  • YouTube: YouTube transfers data to Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, on the basis of standard contractual clauses approved by the European Commission. Google LLC is also certified under the EU-US Data Privacy Framework.
  • X: X transfers data to X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, on the basis of standard contractual clauses approved by the European Commission (https://help.x.com/de/rules-and-policies/global-operations-and-data-transfer). X Corp. is also certified under the EU-US Data Privacy Framework.
  • TikTok: TikTok transfers data based on adequacy decisions and standard contractual clauses approved by the European Commission within its group of companies (https://www.tiktok.com/legal/page/eea/transferee-countries/de).
  • Pinterest: Pinterest transfers data based on standard contractual clauses approved by the European Commission to Pinterest Inc., located at 651 Brannan Street, San Francisco, CA 94107, USA (https://policy.pinterest.com/de/privacy-policy#section-transferring-your-information). Pinterest Inc. is also certified under the EU-US Data Privacy Framework.

 

IV. Rights of the data subject

If your personal data is processed, you are a data subject within the meaning of the GDPR. Within the framework of the legal provisions, you have the following rights vis-à-vis the controllers:

  1. Right to information under Art. 15 GDPR

Within the framework of the statutory provisions, you have the right to obtain information about your stored personal data free of charge at any time. In this respect, you can also request confirmation as to whether your personal data is being processed by us or the operators of the social media platforms.

  1. Right to rectification pursuant to Art. 16 GDPR

Within the framework of the statutory provisions, you have the right to have your personal data corrected and/or completed if the personal data processed by us or the operators of the social media platforms is incorrect or incomplete. The respective controller must make the correction immediately.

  1. Right to erasure pursuant to Art. 17 GDPR

Within the framework of the statutory provisions, you can request that your personal data be deleted immediately if

  • the purposes for which your personal data was collected or processed no longer exist;
  • you withdraw your consent on which the processing was based in accordance with Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR, and there is no other legal basis for the processing;
  • you object to the processing pursuant to Art. 21 GDPR;
  • your personal data has been processed unlawfully;
  • the erasure of your personal data is necessary to comply with a legal obligation under Union or Member State law to which the controller is subject;
  • your personal data has been collected in relation to information society services offered pursuant to Art. 8(1) GDPR.


The right to erasure does not apply if processing is still necessary for any of the following reasons:

  • to comply with a legal obligation which requires processing under Union or Member State law to which the controller is subject;
  • for the establishment, exercise, or defense of legal claims.

  1. Right to restriction of processing pursuant to Art. 18 GDPR

You have the right to request the restriction of the processing of your personal data in the following cases:

  • if you dispute the accuracy of your stored personal data, you may request the restriction of the processing of your personal data for the duration of the review;
  • if the processing is unlawful, you may request the restriction of processing instead of the erasure of your personal data;
  • if we no longer need the personal data for the purposes of processing, but you need it to assert, exercise, or defend legal claims, or
  • if you have lodged an objection to the processing pursuant to Art. 21 (1) GDPR and it is not yet clear whose legitimate interests prevail.


If the processing of your personal data has been restricted, this data may, with the exception of its storage, only be processed with your consent or for the assertion, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.

  1. Right to be informed pursuant to Art. 19 GDPR

If you have asserted your right to rectification, erasure, or restriction of processing against the controller, the controller is obliged to notify all recipients to whom your personal data has been disclosed of this rectification, erasure, or restriction of processing. This does not apply if this proves impossible or involves disproportionate effort. Within the framework of the statutory provisions, you may request to be informed about these recipients.

  1. Right to data portability pursuant to Art. 20 GDPR

Within the framework of the statutory provisions, you have the right to receive your personal data that you have provided in a structured, commonly used, and machine-readable format and to request the direct transfer of this data to another controller, provided that

  • the processing is based on consent pursuant to Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR or on a contract pursuant to Art. 6 (1) (b) GDPR, and
  • the processing is carried out using automated means.


The direct transfer of your personal data from one controller to another controller can only take place if this is technically feasible.

  1. Right to object pursuant to Art. 21 GDPR

If the processing of your personal data is based on Art. 6 para. 1 sentence 1 lit. e or f GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.

Insofar as we process your personal data for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing. If you object to processing for direct marketing purposes, your personal data will no longer be used for these purposes.

  1. Right to revoke the data protection consent form

If you give your prior consent to a data processing operation, you have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.

  1. Automated decision-making in individual cases, including profiling, pursuant to Art. 22 GDPR

Within the framework of the statutory provisions, you have the right not to be subject to a decision based solely on automated processing, including profiling, which has legal effect on you or similarly significantly affects you. This does not apply if the decision

  • is necessary for entering into, or performance of, a contract between you and the controller,
  • is authorized by Union or Member State law to which the controller is subject and that law provides for appropriate measures to safeguard your rights and freedoms and legitimate interests, or
  • is based on your explicit consent.


In this respect, these decisions shall not be based on special categories of personal data pursuant to Art. 9 (1) GDPR, unless Art. 9 (2) (a) or (g) GDPR applies and appropriate measures to safeguard your rights and freedoms and legitimate interests have been taken.

  1. Right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of your personal data infringes the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.

 

Status of the privacy policy: June 12, 2025