Legal Notice, Privacy Policy & Legal Information

Imprint

Legal provider identification:

Bergermann Floristik GmbH
Managing Director: Andreas Bergermann
Mittelweg 6
02736 Oppach
Germany

Phone: +49 (0) 35872 359 21 0
Email: verwaltung@bergermann-floristik.de
Website: www.moosmoos.de

VAT ID: DE360955008
Registered in the Commercial Register of the District Court of Dresden
Commercial Register Number: HRB 44035

We are neither willing nor obliged to participate in dispute resolution proceedings before consumer arbitration boards.

We have been a member of the “FairCommerce” initiative since August 21, 2017. For more information: www.haendlerbund.de/faircommerce

 

 

---

 

 

Privacy policy

1. Controller and Contact

Controller responsible for data processing within the meaning of the GDPR:

Bergermann Floristik GmbH
Managing Director: Andreas Bergermann
Mittelweg 6, 02736 Oppach, Germany
Phone: +49 (0) 35872 359 21 0
Email: verwaltung@bergermann-floristik.de

2. General Information on Data Processing

This privacy policy applies to the website moosmoos.de and all associated online presences and communication channels of Bergermann Floristik GmbH (brand MOOS•MOOS). A separate privacy policy applies to the online shop moosbild-shop.de.

In principle, we process personal data only insofar as this is necessary to provide a functional website as well as our content and services. Processing is always carried out in accordance with the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG), and the Telecommunications-Telemedia Data Protection Act (TTDSG).

Legal bases: Consent (Art. 6 para. 1 lit. a GDPR), performance of a contract (Art. 6 para. 1 lit. b GDPR), legal obligation (Art. 6 para. 1 lit. c GDPR), and legitimate interests (Art. 6 para. 1 lit. f GDPR).

3. Your Rights as a Data Subject

You have the following rights against us: right of access (Art. 15 GDPR), right to rectification (Art. 16 GDPR), right to erasure (Art. 17 GDPR), right to restriction of processing (Art. 18 GDPR), right to data portability (Art. 20 GDPR), and right to object (Art. 21 GDPR).

If data processing is based on your consent, you can revoke this at any time with effect for the future, without affecting the lawfulness of the processing carried out on the basis of the consent until revocation.

Competent supervisory authority: Saxon Data Protection and Transparency Commissioner, Devrientstraße 5, 01067 Dresden, Tel.: +49 351 85471101, Email: saechsdsb@slt.sachsen.de

4. Hosting and Server Log Files

Provider: ALL-INKL.COM – Neue Medien Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany.

Each time our website is accessed, information is automatically recorded in so-called server log files: IP address, page accessed, date and time of access, amount of data transferred, referrer URL, browser type, and operating system. This data is processed exclusively to ensure trouble-free operation and to improve our services.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in ensuring IT security). The data is deleted after 14 days at the latest.

5. Content Management System

System: WordPress with the Avada theme (self-hosted on the ALL-INKL.COM server).

WordPress itself does not collect any personal data. However, data processing may occur through used plugins and third-party services, which are explained in the following sections.

6. SSL/TLS Encryption

For security reasons, our website uses SSL/TLS encryption. This ensures that data you transmit to us is transmitted in encrypted form and cannot be read by third parties. You can recognize the encryption by the lock symbol in the browser bar and the “https://” in the URL.

7. Cookies and Consent Management

Consent tool: Borlabs Cookie (Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg).

Our website uses cookies. Technically necessary cookies are set on the basis of Section 25 para. 2 TTDSG in conjunction with Art. 6 para. 1 lit. f GDPR. For all other cookies (analysis, marketing), we obtain your consent via the Borlabs Cookie consent tool (Section 25 para. 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR). You can revoke your consent at any time.

Borlabs Privacy Policy: de.borlabs.io/datenschutz

8. Contacting Us

When you contact us by email, telephone, or contact form, we process the data you provide (name, email address, message content) to handle your inquiry. The legal basis is Art. 6 para. 1 lit. b GDPR (pre-contractual measures) or Art. 6 para. 1 lit. f GDPR (legitimate interest in responding to inquiries). The data will be deleted after processing is complete, subject to statutory retention periods.

9. HubSpot CRM System

Provider: HubSpot Inc., 25 First Street, Cambridge, MA 02141, USA / HubSpot Ireland Limited, 1 Sir John Rogerson’s Quay, Dublin 2, Ireland.

We use HubSpot as a CRM system to manage customer relationships, process inquiries via contact forms, manage our sales pipeline, and for telephony (via HubSpot-native numbers with 035872 area code). Contact data such as name, email address, telephone number, and communication history are stored.

Legal basis: Art. 6 para. 1 lit. b GDPR (performance of contract) and Art. 6 para. 1 lit. f GDPR (legitimate interest in professional customer management). HubSpot is certified under the EU-U.S. Data Privacy Framework (TADPF). A data processing agreement exists in accordance with Art. 28 GDPR.

HubSpot Privacy Policy: legal.hubspot.com/privacy-policy

10. Newsletter – MailerLite

Provider: MailerLite Limited, Ground Floor, 71 Lower Baggot Street, Dublin 2, D02 P593, Ireland.

We use MailerLite to send our newsletter. When you register for our newsletter, your email address and any other voluntarily provided data (name, company) are stored at MailerLite. Registration is carried out using the double opt-in procedure.

MailerLite uses tracking technologies (tracking pixels, links) to determine whether newsletters were opened and which links were clicked. This data is used for statistical evaluation and optimization of our newsletter campaigns.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent). You can revoke your consent at any time by using the unsubscribe link in the newsletter or by contacting us directly.

MailerLite Privacy Policy: www.mailerlite.com/legal/privacy-policy

11. Web Analysis

11.1 Google Analytics 4

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

We use Google Analytics 4 (GA4) to analyze user behavior on our website. GA4 uses cookies and similar technologies to collect information such as IP address (anonymized), page views, duration of stay, device information, and referrer URL.

Consent Mode v2 (advanced): We use the advanced implementation of Google Consent Mode. If consent is not granted, cookieless pings are transmitted to Google, which contain anonymized access information, among other things. Google uses this data to model usage trends.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent via Borlabs Cookie). Your data may be transmitted to the USA. Google is certified under the TADPF.

Google Privacy Policy: policies.google.com/privacy

11.2 Microsoft Clarity

Provider: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.

We use Microsoft Clarity to analyze user behavior. Clarity records mouse movements, scrolling behavior, and clicks to create heatmaps and session recordings. Your IP address is anonymized. Personal data is stored on Microsoft servers (Azure Cloud) in the USA.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent) or Art. 6 para. 1 lit. f GDPR (legitimate interest in user analysis). A data processing agreement exists.

Clarity Privacy Policy: docs.microsoft.com/en-us/clarity/faq

12. Google Tag Manager

Provider: Google Ireland Limited.

We use Google Tag Manager to centrally manage website tags. The Tag Manager itself does not store cookies or collect personal data. However, it enables the triggering of other tags that may collect data. These are explained in the respective sections of this privacy policy.

13. Online Marketing and Advertising

13.1 Google Ads Conversion Tracking

We use Google Ads with conversion tracking. When you click on a Google ad, a cookie is set on your device, which allows Google and us to track whether you have performed a desired action on our website. We receive statistical evaluations without personal identification. Advanced Consent Mode is used.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent). Google is certified under the TADPF.

13.2 Microsoft Advertising

Provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA.

We use Microsoft Advertising (formerly Bing Ads) for conversion tracking. A cookie is set when an ad is clicked. Microsoft is certified under the TADPF.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent).

13.3 Meta Pixel (Facebook Pixel)

Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

We use the Meta Pixel for remarketing and conversion tracking. When you visit our website, a connection to Meta’s servers is established and information about which pages you have visited is transmitted. Meta assigns this information to your Facebook user account, if available. We and Meta are joint controllers in accordance with Art. 26 GDPR.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent). Data transfer to the USA on the basis of standard contractual clauses and TADPF.

14. Social Media Plugins

Social media plugins from the following networks are integrated into our website: Instagram (Meta Platforms Ireland Limited), Pinterest (Pinterest Europe Ltd.), LinkedIn (LinkedIn Ireland Unlimited Company), Facebook (Meta Platforms Ireland Limited), and Xing (New Work SE, Hamburg). The plugins are only activated after your consent (two-click solution or via Borlabs Cookie).

Upon activation, a connection to the respective network is established, whereby your IP address and the page visited are transmitted. Legal basis: Art. 6 para. 1 lit. a GDPR (consent). Details can be found in the privacy policies of the respective providers.

15. Embedded Content

15.1 YouTube

We embed videos from YouTube (Google Ireland Limited) in enhanced privacy mode. Data is only transmitted to YouTube when a video is played. Legal basis: Art. 6 para. 1 lit. a GDPR. Google is TADPF-certified.

15.2 Vimeo

Provider: Vimeo Inc., 555 West 18th Street, New York, NY 10011, USA.

When accessing pages with embedded Vimeo videos, a connection to Vimeo servers is established. Vimeo is not certified under the TADPF; data transfer is based on standard contractual clauses. Legal basis: Art. 6 para. 1 lit. a GDPR.

15.3 Google Maps

We use Google Maps to display interactive maps. When the map is loaded, data (IP address, location data) is transmitted to Google. Legal basis: Art. 6 para. 1 lit. a GDPR. Google is TADPF-certified.

16. Fonts

16.1 Google Fonts

We use Google Fonts for the uniform display of fonts. When the page is accessed, a connection to Google servers is established, whereby your IP address and browser information are transmitted. Legal basis: Art. 6 para. 1 lit. a GDPR (consent). Google is TADPF-certified.

16.2 Adobe Fonts

Provider: Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland.

We use Adobe Fonts to display fonts. When the page is accessed, a connection to Adobe servers is established. Data may be transmitted to the USA and India. Adobe is TADPF-certified. Legal basis: Art. 6 para. 1 lit. a GDPR.

17. Security

17.1 Google reCAPTCHA

We use Google reCAPTCHA to protect our forms from automated abuse. IP address, browser information, and usage data are transmitted to Google. Legal basis: Art. 6 para. 1 lit. a GDPR (consent) and Art. 6 para. 1 lit. f GDPR (legitimate interest in securing the website). Google is TADPF-certified.

17.2 Wordfence

Provider: Defiant Inc., 800 5th Ave, Ste 4100, Seattle, WA 98104, USA.

We use the Wordfence security plugin to protect against viruses, malware, brute-force, and DDoS attacks. Wordfence sets cookies and stores IP addresses for classification as suspicious or harmless. Wordfence is not certified under the TADPF; data transfer is based on standard contractual clauses. Legal basis: Art. 6 para. 1 lit. a GDPR.

18. Icons – Font Awesome

Provider: Fonticons Inc., 307 S. Main St., Suite 202, Bentonville, AR 72712, USA.

We use Font Awesome to display icons. When the icons are loaded, a connection to Fonticons’ servers is established, whereby your IP address is transmitted. Legal basis: Art. 6 para. 1 lit. a GDPR (consent) and Art. 6 para. 1 lit. f GDPR (legitimate interest in visual design).

19. Reviews – Elfsight

Provider: Elfsight LLC.

We use Elfsight widgets to integrate customer reviews (Google Reviews, Trustpilot) on our website. When the widgets are loaded, a connection to Elfsight’s servers may be established. Legal basis: Art. 6 para. 1 lit. a GDPR (consent) and Art. 6 para. 1 lit. f GDPR (legitimate interest in displaying references).

20. Email Advertising / Direct Marketing

We use your email address, which we received in connection with the sale of a good or service, for the electronic transmission of advertising for our own similar goods or services, provided you have not objected to this use (Section 7 para. 3 UWG). Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in direct marketing). You can object to this use at any time.

21. Data Transfer to Third Countries

Some of the service providers we use are based in the USA. For the USA, there is an adequacy decision by the EU Commission in the form of the Trans-Atlantic Data Privacy Framework (TADPF). Service providers certified under the TADPF guarantee an adequate level of data protection. Insofar as service providers are not TADPF-certified, data transfer is based on standard contractual clauses (Art. 46 para. 2 and 3 GDPR).

22. Storage Duration

We store personal data only as long as necessary for the respective processing purpose or as required by statutory retention periods (in particular commercial and tax law retention periods of 6 or 10 years). After the retention periods have expired, the data is routinely deleted.

23. Timeliness and Amendment of this Privacy Policy

This privacy policy is current as of March 2026. We reserve the right to adapt this privacy policy if necessary to align it with changed legal situations or changes in our data processing. The current version can always be found on our website.

Status: March 2026