Data protection


We welcome you to our website and appreciate your interest in our company. We take the protection of your personal data very seriously. Our data protection provisions comply with applicable statutory regulations on the protection of personal data, in particular with the provisions of the EU General Data Protection Regulation (EU-GDPR), and are in line with the country-specific data protection provisions that apply to Zapf Creation AG. Therefore, please take a moment to familiarise yourself with our data protection information. It explains which data we collect on our website, what we use it for and what options are available to you.

Responsibility in terms of data protection law lies with Zapf Creation AG, postal address:

Mönchrödener Str. 13, 96472 Rödental, GERMANY.

Subject of data protection

Subject of data protection is personal data. In accordance with Art. 4 Para. 1 GDPR, personal data encompasses any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

This includes information such as name, postal address, email address or telephone number, but also usage data such as your IP address.

Data collection

In general, we do not ask for any personal data when you visit our websites. We only take note of information about the name of your internet service provider and the websites you access from us. Because we only use this information for statistical purposes (e.g. the number of times individual websites are accessed), you, the internet user, remain anonymous.

Any additional information, such as your name, postal address, telephone number and email address which you provide via email as part of a contact request or job application are only processed by us for these specific purposes.

The personal data transmitted to the person responsible for processing depends on the entry fields on the contact form or is limited to the data you share yourself in the email.

Contact form / Contacting us via email (Art. 6 Para. 1 lit. a, b GDPR)

Our website contains a contact form that can be used to contact us electronically. When you use the contact form to write us, we shall process your data provided in the contact form in order to contact you and respond to your questions and wishes.

In doing so, we observe the principle of data economy and data avoidance by requiring you to provide only the data we require for contacting you. This includes your email address and the message field itself. Your IP address will also be processed, as this is a technical necessity and required for legal protection. All other data submitted is optional (e.g. for a more individual response to your questions).

We implement appropriate security measures to provide the best possible protection and confidentiality for your data. Enquiries submitted via the contact form are not currently transmitted to us in encrypted form.


Zapf Creation AG uses cookies in various locations. These help to make our website more user-friendly, effective and secure. Cookies are small text files that are placed and saved on your end device.

These cookies enable us to analyse how users use our websites, so that we can design the website content to meet the users’ needs. The cookies also give us the opportunity to measure the effectiveness of a particular advertisement and to position it depending on the topics a user is interested in, for example. The legal basis for this is Art. 6 Para. 1 lit. a EU GDPR. You can revoke your consent at any time here.

We use the following cookies:

Own cookies:

This type of cookie is controlled directly by Zapf Creation AG. Depending on their purpose, they remain permanently saved, even after the end of the session (persistent cookies, e.g.  implementation of opt-out), or are deleted when the browser is closed (session cookies, only valid for a single browser session).

Third-party cookies:

This type of cookie is controlled by a third-party provider. A third-party provider is a provider who displays advertising banners on other websites specifically for Zapf Creation AG. They use cookies, for example, to transmit information that an advertising banner they displayed led to a purchase (e.g. conversion tracking).

This can be done using temporary/permanent cookies that are automatically deleted after the specified period (usually six months). These temporary or permanent cookies are saved on your end device and are deleted automatically after the specified period. Our partner companies’ cookies also only contain pseudonymised, or usually even anonymised, data. They enable our partners to trace which products you have viewed, whether anything was purchased, which products were searched for etc. Going beyond our website, some of our advertising partners also record information about which websites you visited before or which products you were particularly interested in. This makes it possible to display customised advertising. The pseudonymised data is never combined with your personal data.

Most web browsers accept cookies automatically. Of course, you can also deactivate, limit or delete cookies on your end device manually using the settings in your browser or specific software.

Please note: If you deactivate the placement of cookies, you may not be able to use all functions of our website in their full scope.

Google Fonts

This website uses external fonts, Google Fonts. Google Fonts is a service of Google Inc. (“Google”). These web fonts are integrated via a server request, generally to a Google server in the United States. During this, the server will receive information as to which of our web pages you have visited. The IP address of the browser of the end device used by the visitor to access this website will also be saved by Google. Google is certified under the Privacy Shield agreement, which guarantees adherence to European data protection law ( Further information can be found in the Google Privacy Policy, which is available here:

Google Fonts are used in order to display our website uniformly and attractively. This is a legitimate interest in accordance with Art. 6 Para. 1 Sentence 1 lit. f GDPR.

We use a content delivery network (CDN) provided by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA. Cloudflare is certified under the Privacy Shield agreement, which guarantees adherence to European data protection law ( A CDN is a service that enables content of our website, especially large media files such as graphics and scripts, to be delivered more quickly with the help of regional servers connected via the internet. User data is only processed for the aforementioned purposes and in order to maintain the security and function of the CDN. Use is based on the consent granted by you in accordance with Art. 6 Para. 1 lit. a EU-GDPR. You can find more information in the Cloudflare Security Policy:

Our website uses the Java Script add-on jQuery, which is downloaded via the website To do this, program libraries are accessed by StackPath servers. When you access a page, your browser loads the necessary program libraries into your browser cache. To do this, the browser you use must connect to the StackPath servers in the USA. The use of jQuery is based on the consent granted by you in accordance with Art. 6 Para. 1 lit. a GDPR. You can find more information on jQuery at and in the StackPath Privacy Statement

Google reCAPTCHA

We use the reCAPTCHA function from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, on this website. This function is predominantly used to determine whether an entry has been made by a natural person or improperly through automated machine processing.

The legal basis for this processing is Art. 6 Para. 1 lit. f EU-GDPR, based on our vital interest in the security of our website and in preventing misuse and spam.

The query includes transmission of the IP address and, if applicable, further data needed by Google for the reCAPTCHA service to Google. Your entry is transmitted to Google and used there for this purpose.

Google LLC, based in the USA, is certified for the US-EU Privacy Shield, which guarantees adherence to the level of data protection applicable in the EU (

You can view the Google terms of use at; additional, detailed information on data protection is available on the Google website (“Google Privacy Policy”):


Google Analytics

This website uses Google Analytics, a web analysis service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer to help the website to analyse how visitors use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. However, if IP anonymisation is activated on this website, Google will shorten your IP address before transmitting it within EU Member States or in other member states of the European Economic Area. Your full IP address will only be transmitted to a Google server in the USA and shortened there in exceptional cases. Google will not associate the IP address transmitted by your browser in relation to Google Analytics with any other data held by Google.

We have also deactivated Universal Analytics so that no user ID is created that would enable cross-device tracking.

Google will use this information on behalf of the website operator for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage. The legal basis for this is your consent in accordance with Art. 6 Para. 1 lit. a EU-GDPR. As we have also deactivated the Google Analytics audiences function, no target groups will be compiled that would enable website visitors to be classified and therefore allow certain targeted advertisements to be shown for the respective target group.

Google is certified under the Privacy Shield agreement, which guarantees adherence to European data protection law (

The personal data of the users is erased or anonymised after 14 months.

Further information on the terms of use and data protection can be found at and

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

Furthermore, you can prevent the collection of data generated by the cookie about your use of the website (including your IP address) and its processing by Google by downloading and installing the browser plug-in provided under this link [].