close
check Search in Collections
check Search in categories
check search in Products
not found
We have nothing for you, try another request
name
Buy
Rent
close
cookies
This website uses cookies to ensure you get the best experience on our website.

Privacy Policy

1. Who is responsible for data processing and whom can I contact?
beambar is an urban instant delivery service for activities and experiences. We aim to improve your free time by curating great activities on our platform that you can easily order to your home or to a live location of your choice. This way you will never again miss the moment until when you should have planned your free time. This means that you remain completely flexible and are always guaranteed to get the most out of your free time.
2. What do we process your data for and on what legal basis?
2.1 Data processing when using the beambar Services
We process personal data in accordance with the provisions of the European Data Protection Regulation (DSGVO) and the German Federal Data Protection Act (BDSG) for the following purposes: a) To fulfil contractual and pre-contractual obligations (Art. 6 para. 1 p. 1 lit. b DSGVO). The processing of personal data (Article 4 No. 2 DSGVO) is carried out for the provision of this website and the marketing of the products, in particular for the conclusion and processing of contracts, for invoicing, for the implementation of pre-contractual measures, for answering enquiries in connection with our business relationship and for all activities necessary with the operation and administration of the company.
The purposes of data processing primarily depend on the specific product. In particular, beambar processes the personal information that you as a user provide during registration, for contractual purposes or in the context of an enquiry. In particular, this involves the following data: Name, date of birth, e-mail address, address (billing address and, if applicable, different shipping address), order information, telephone number and bank details. In addition, beambar stores the password, which the user can freely choose. The password is not stored in plain text, but only a so-called hash value.b) Within the framework of the balancing of interests (Art. 6 para. 1 p. 1 lit. f DSGVO)
In addition, we process your data beyond the provision of the website and the actual fulfilment of the contract to protect legitimate interests of us or third parties, such as in particular in the following cases:
Answering your enquiries outside of a contract or pre-contractual measures;
Advertising or market and opinion research, insofar as you have not objected to the use of your data, this includes existing customer advertising;
Evaluation of our advertising measures, e.g. tracking of click and opening behaviour in e-mail campaigns.
Assertion of legal claims and defence in legal disputes;
Ensuring IT security and IT operations;
Prevention and investigation of criminal offences; including by verifying your identity;
Business management measures and further development of products.
Our legitimate interest is to optimally market our products and to further develop them and our company or to protect our company against impairments and dangers and to enforce its claims.
c) Based on your consent (Art. 6 para. 1 p. 1 lit. a DSGVO)
Insofar as you have given us consent to process personal data for certain purposes (e.g. evaluation or use of data for marketing purposes, receipt of advertising by e-mail), the lawfulness of this processing is based on your consent. Consent given can be revoked at any time. Please note that the revocation is only effective for the future.
d) On the basis of legal requirements (Art. 6 para. 1 p. 1 lit. c DSGVO).
e) Based on your explicit consent (Art. 9 (2) lit. a DSGVO) If you have given us your explicit consent to process personal data, including biometric data collected to verify your identity for the purposes of fraud prevention, risk assessment and identity verification, the lawfulness of this processing is based on your explicit consent. Your consent can be revoked at any time. Please note that the revocation will only take effect for the future.
In addition, we are subject to various legal obligations, i.e. statutory requirements (e.g. Money Laundering Act, tax laws), which require the processing of data.
2.2 Risk analysis and fraud prevention
For the decision on the establishment of a contractual relationship, we carry out our own analyses for abuse and fraud detection. In particular, we use the following data categories:

  • Customer characteristics (e.g. age, mobile phone provider, email provider).
  • Shopping cart data such as device categories
  • Behavioural data (e.g. number of orders and their status, behaviour on the website)
  • Payment data such as payment methods
  • Matching of account data with other user accounts in terms of matching data
  • Bank account data, in particular account balances, turnover and transaction data Data required to perform identity verification, including a scan of a photo ID (e.g. a passport, a driving licence or an identity card), a picture, a video including audio data and biometric facial recognition
  • Customer characteristics such as data from credit reports and mobile phone providers.

To detect/prevent fraudulent activity, we need to check whether the scan of a photo ID is genuine or fake by confirming that the photo/video matches the biometric features of the face in the photo of the document presented. Biometrics provide additional protection against stolen IDs and identity theft attacks. The legal basis for this data processing is your explicit consent pursuant to Art. 9 (2) lit. a DSGVO. We do not share this data with third parties unless required by law. You can revoke your consent at any time with effect for the future. The data processing that took place until the revocation remains lawful. For more information on retention periods, see “How long will my data be stored?” below.
Our own analyses for abuse and fraud detection may include probability values (score values), which are calculated on the basis of scientifically recognised mathematical-statistical procedures and in the calculation of which, among other things (but not exclusively), address data are included. The legal basis for this is Article 6(1)(f) DSGVO. The legitimate interest results from our interest in reducing the contract risk, in protection against bad debt losses and against the risk of misuse of our services by third parties. Your interests worthy of protection are taken into account in accordance with the legal provisions. In individual cases, we check the calculation or the calculation result manually. For the prevention of abuse and fraud and to avoid bad debts in current and future rental contracts of the customer, the longer-term storage (see 3.) of the data from our own analyses for abuse and fraud detection is necessary. The legal basis is Art. 6(1)(f) DSGVO. Our legitimate interest arises from our interest in recognising fraudulent behaviour or patterns, thus, reviewing and improving our risk management.
If the other legal requirements are met, we also transmit information on payment delays or any bad debts to credit agencies cooperating with us, such as Schufa Holding AG, Wiesbaden. The legal basis for this is Article 6 (1) (f) DSGVO. Our legitimate interest results from our interest and the interest of third parties in reducing contractual risks for future contracts.
3. What data do we process when you visit our website?
3.1 Usage data
When you visit our website, so-called usage data is temporarily evaluated on our web server for statistical purposes as a log in order to improve the quality of our website. This data record consists of
  • the name and address of the requested content,
  • the date and time of the request,
  • the amount of data transferred,
  • the access status (content transferred, content not found),
  • the description of the web browser and operating system used,
  • the referral link, which indicates the page from which you came to ours,
  • the IP address of the requesting computer, which is shortened so that a personal reference can no longer be established.
In addition, we store the IP address transmitted via your Internet browser solely for the purpose of investigating and preventing fraud and for your protection against fraudulent acts for as long as necessary in accordance with Article 6 (1) (f) of the DS-GVO. We may only disclose your IP address to third parties for this purpose. After the necessary period has expired, we delete or anonymise this data except for that which must be retained for evidentiary purposes.
3.2 Cookies and other technologies
3.2.1 Cookies and other technologies
We use cookies on our websites that are necessary for the use of our websites. Cookies are small text files that are stored on your terminal device and can be read. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session.
We do not use these necessary cookies for range analysis, tracking or advertising purposes. We use them to display our web pages, to provide our service and for the technical functions and third-party content mentioned below.
Calling up our pages leads to the content of the third-party provider being reloaded, who provides these functions and content. This provides the third-party provider with the information that you have accessed our site as well as the usage data technically required in this context.
In some cases, these cookies only contain information on certain settings and are not personally identifiable. They may also be necessary to enable user guidance, security and implementation of the site.
We use these cookies on the basis of Art. 6 para. 1 p. 1 lit. f DSGVO in the interest of making our site as appealing and informative as possible and to be able to provide our service without restriction.
We use these cookies on the basis of Art. 6 para. 1 p. 1 lit. f DSGVO in the interest of making our site as appealing and informative as possible and to be able to provide our service without restriction.
You can set your browser to inform you about the placement of cookies. This makes the use of cookies transparent for you. You can also delete cookies at any time via the corresponding browser setting and prevent the setting of new cookies. Please note that our websites may then not be displayed and some functions may no longer be technically available.
Provider = Free service (ask Dev)
  1. Provider = beambar
    Purpose: Country of origin detection for website customisation.
    Storage period: 1 year
  2. Provider = beambar
    Purpose: language preference detection to customise the website
    Storage period: 1 year
  3. Provider = beambar
    Purpose: recognition of logged-in users
    Storage period: 1 year
  4. Provider = beambar
    Purpose: Enabling orders
    Storage period: 1 year
3.2.2 Third-party tracking technologies for evaluating visitor statistics
We use web analytics tools to tailor our websites to your needs. This creates user profiles on the basis of pseudonyms. For this purpose, permanent cookies are stored on your terminal device and read by us. In addition, it is possible that we retrieve recognition features for your browser or end device (e.g. a so-called browser fingerprint or your unabbreviated IP address). In this way, we are able to recognise returning visitors and count them as such.
In addition, we use the following functions as part of visitor measurement:
We enrich the pseudonymous data with further data provided to us by third-party providers. In this way, we are able to record demographic characteristics of our visitors, e.g. statements on age, gender and place of residence.
We use a recognition method that allows us to record and subsequently evaluate the mouse pointer movement of our visitors.
The data processing is based on your consent pursuant to Art. 6 para. 1 p. 1 lit. a DSGVO or § 15 para. 3 p. 1 TMG, provided you have given your consent via our banners.
Which third-party providers do we use in this context?
In the following, we will name the third-party providers with whom we cooperate in connection with visitor measurement. Where data is processed outside the EU or EEA in this context, please note that there is a risk that authorities may access the data for security and monitoring purposes without you being informed or having any legal recourse. If we use providers in unsafe third countries and you consent, the transfer to a third country will be based on Art. 49(1)(a) DSGVO.

  1. Provider = Google LLC (USA)
    Maximum storage period: 2 years
    Adequate level of data protection: No adequate level of data protection. The transfer takes place on the basis of Art. 49 (1) lit. a DSGVO.
    Withdrawal of consent: If you wish to revoke your consent, please scroll to the bottom of our website, click on “Cookie settings” and make the appropriate setting via our banner.
  2. Provider = Hotjar Ltd. (Malta)
    Maximum storage period: 1 year
    Adequate level of data protection: No adequate level of data protection. The transfer takes place on the basis of Art. 49 (1) lit. a DSGVO
    Withdrawal of consent: If you wish to revoke your consent, please scroll to the bottom of our website, click on “Cookie settings” and make the appropriate setting via our banner.
3.2.3 Third-party tracking technologies for marketing purposes
We use cross-device tracking technologies so that you can be shown targeted advertising on other websites based on your visit to our websites and so that we can see how effective our advertising efforts have been.
We may also use affiliate marketing, which is done by embedding tracking links into the website.
When you click on a link for an affiliate partnership, a cookie is set in your browser to track any sales for commission payments. The purpose of storing this data is to process commission payments between the advertiser and us as an affiliate, which is done through the affiliate network.
The data processing is based on your consent pursuant to Art. 6 para. 1 p. 1 lit. a DSGVO or § 15 para. 3 p. 1 TMG, if you have given your consent via our banner. Your consent is voluntary and can be revoked at any time.
How does tracking work?
When you visit our websites, it is possible that the third-party providers mentioned below retrieve recognition features for your browser or end device (e.g. a so-called browser fingerprint), evaluate your IP address, store or read recognition features on your end device (e.g. cookies) or gain access to individual tracking pixels.
The individual features can be used by the third-party providers to recognise your terminal device on other websites. We can commission the relevant third-party providers to display advertising based on the pages visited on our site.
What does cross-device tracking mean?If you log in to the third-party provider with your own user data, the respective recognition features of different browsers and end devices can be linked with each other. If, for example, the third-party provider has created a separate feature for the laptop, desktop PC or smartphone or tablet you use, these individual features can be assigned to each other as soon as you use a service of the third-party provider with your login data. In this way, the third-party provider can also target our advertising campaigns across different end devices.
Which third-party providers do we use in this context?
Below we list the third-party providers with whom we work for advertising purposes. If the data is processed outside the EU or EEA in this context, please note that there is a risk that authorities may access the data for security and monitoring purposes without you being informed or being able to appeal. Where we use providers in unsafe third countries and you consent, the transfer to a third country will be based on Article 49(1)(a) of the GDPR.
Withdrawal of consent:
If you wish to revoke your consent, please scroll to the bottom of our website, click on “Cookie settings” and make the appropriate setting via our banner.
  1. Provider = Facebook (USA and/or Ireland)
    Maximum storage period: 3 months
    Adequate level of data protection: No adequate level of data protection. The transfer takes place on the basis of Art. 49 para. 1 lit. a DSGVO.
  2. Provider = Google LLC (USA)
    Maximum storage period: 2 years
    Adequate level of data protection: No adequate level of data protection. The transfer takes place on the basis of Art. 49 para. 1 lit. a DSGVO.
  3. Provider = TikTok (USA)
    Maximum storage period: 1 year
    Adequate level of data protection: No adequate level of data protection. The transfer takes place on the basis of Art. 49 para. 1 lit. a DSGVO.
3.3 Access-protected area
If you wish to use our access-protected area, prior registration is necessary.
We only collect the data required for registration. The processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. b DSGVO or on the basis of Art. 6 para. 1 lit. f DSGVO in the interest of providing you with the services and information of the access-protected area.
If we collect additional data, this is marked as voluntary and is based on your consent in accordance with Art. 6 (1) sentence 1 lit. a DSGVO.
4.Who is the recipient of my data?
Within the respective responsible company, those offices will receive access to your data that need it to fulfil our contractual and legal obligations.
We pass on your data to the recipients named below in this data protection declaration. Furthermore, we pass it on to the following categories of recipients if this is necessary for the fulfilment of a contractual relationship existing with you or for the implementation of pre-contractual measures (Art. 6 para. 1 sentence 1 lit. b DSGVO) or for the protection of legitimate interests (Art. 6 para. 1 sentence 1 lit. f DSGVO).
IT service providers, in particular software as a service, hosting, storage space and cloud computing providers.
Logistics service providers
Email marketing service providers and customer service providers who, among other things, create offers and invoices for us
Marketing service providers
Payment service providers and credit institutions for the collection of a fee or the provision of a payment service
Collection companies for the enforcement of claims
Insurance companies and legal service providers
Where processing is necessary to protect legitimate interests, such as when using IT services, our legitimate interest is to outsource functions.
In addition, your personal data will be forwarded or transmitted if this is required by law (Art. 6 para. 1 sentence 1 lit. c DSGVO) or if you have consented (Art. 6 para. 1 sentence 1 lit. a DSGVO).
5. Is my personal data processed outside the European Union?
We also use service providers located in third countries outside the European Union to process your data. These countries may have a different level of data protection than within the European Union.
6. How long will my data be stored?
Your data will be processed in accordance with the statutory regulations and deleted in accordance with the scheduled deletion periods.
To the extent necessary, we process and store your personal data in any case for the duration of our contractual relationship, which also includes, for example, the initiation and execution of a contract.
In the case of contractual relationships, but also in the case of other claims under civil law, the storage period also depends on the statutory limitation periods, which, for example, according to §§ 195 et seq. of the German Civil Code (BGB), are usually three years, but in certain cases can be up to thirty years.
In addition, we are subject to various storage and documentation obligations, which result from the German Commercial Code (HGB) and the German Fiscal Code (AO), among other things. The retention and documentation periods specified there are six years for correspondence in connection with the conclusion of a contract and 10 years for accounting vouchers and business letters (§§ 238, 257 para. 1 and 4 HGB, § 147 para. 1 and 3 AO).
Log files are generally deleted after the end of the respective browser session, at the latest after seven days, unless their further storage is exceptionally necessary and lawful. The storage period of cookies depends on the individual case and is usually between twelve and 24 months.
We generally delete customer data and your customer account five years after the end of your last rental contract or after your last login, whichever is later.
We generally delete the following customer data within the following shorter periods:
We delete or anonymise data from our own analyses for abuse and fraud detection (see above under 2.) five years after the end of your last tenancy agreement or after your last login, whichever is later. Data required to carry out identity checks, including a scan of a photo ID (e.g. a passport, driving licence or ID card), an image, we delete this data 6 months after the identity check has been completed.
7. What data protection rights do I have?
You have the right to information (Art. 15 DSGVO), the right to rectification (Art. 16 DSGVO), the right to erasure (Art. 17 DSGVO), the right to restriction of processing (Art. 18 DSGVO) and the right to data portability (Art. 20 DSGVO). With regard to the right to information and the right to erasure, the restrictions according to §§ 29 para. 1 sentence 2, 34 and 35 BDSG apply.
You also have the right to object to data processing by us (Art. 21 DSGVO).
Insofar as our processing of your personal data is based on consent (Art. 6 para. 1 sentence 1 lit. a DSG-VO), you may revoke this consent at any time; the lawfulness of the data processing carried out on the basis of the consent until revocation remains unaffected.
To assert all these rights and for further questions on the subject of personal data, you can contact our data protection officer or our contact details above at any time.
Irrespective of this, you have the right to lodge a complaint with a supervisory authority – in particular in the EU member state of your place of residence, your place of work or the place of the alleged infringement – if you believe that the processing of personal data concerning you violates the GDPR or other applicable data protection laws (Art. 77 DSGVO, Section 19 BDSG).