Data Privacy

Introduction and Overview

We have drafted this privacy policy (version 03/30/2023-122454004) to inform you according to the requirements of General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (hereinafter referred to as data) we, as the controller – and the processors commissioned by us (e.g., providers) – process, will process in the future, and what lawful options you have. The terms used are to be understood in a gender-neutral way.
In short: We will inform you comprehensively about data that we process about you.

Privacy policies usually sound very technical and use legal jargon. However, this privacy policy aims to describe the most important things to you as simply and transparently as possible. As far as it is conducive to transparency, technical User-friendly explanation of terms, links to further information are provided and Graphics put into use. We use this to inform in clear and simple language that we only process personal data within the scope of our business activities if there is a corresponding legal basis. This is certainly not possible if you provide explanations that are as brief, unclear, and legally technical as possible, as is often the standard on the internet when it comes to data protection. I hope you find the following explanations interesting and informative, and perhaps there is one or another piece of information that you did not already know.
If you still have questions, we kindly ask you to contact the responsible party mentioned below or in the imprint, follow the existing links, and view further information on third-party sites. You can, of course, also find our contact details in the imprint.

Scope of application

This privacy policy applies to all personal data processed by us within the company and to all personal data processed by companies commissioned by us (processors). By personal data, we mean information in the sense of Art. 4 No. 1 GDPR, such as a person's name, email address, and postal address. The processing of personal data ensures that we can offer and bill our services and products, whether online or offline. The scope of this privacy policy includes:

• all online presences (websites, online shops) that we operate
• Social Media Presence and Email Communication
• mobile Apps for smartphones and other devices

In short: The privacy policy applies to all areas where personal data is processed in a structured manner within the company through the aforementioned channels. Should we enter into a legal relationship with you outside of these channels, we will inform you separately if necessary.

Legal basis

In the following privacy policy, we provide you with transparent information about the legal principles and regulations, i.e., the legal bases of the General Data Protection Regulation, that enable us to process personal data.
Regarding EU law, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. You can, of course, find this EU General Data Protection Regulation online on EUR-Lex, the gateway to EU law, at https://eur-lex.europa.eu/legal-content/DE/ALL/?uri=celex%3A32016R0679 to read up on.

We only process your data if at least one of the following conditions applies:

1. Consent (Article 6(1)(a) GDPR): You have given us your consent to process data for a specific purpose. An example would be storing the data you entered into a contact form.
2. Contract (Article 6(1)(b) GDPR): We process your data in order to fulfill a contract or pre-contractual obligations with you. For example, if we conclude a purchase contract with you, we require personal information beforehand.
3. Legal obligation (Article 6(1)(c) GDPR): We process your data if we are subject to a legal obligation. For example, we are legally obliged to retain invoices for accounting purposes. These usually contain personal data.
4. Legitimate interests (Article 6(1)(f) GDPR): In cases of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to operate our website securely and economically efficiently. This processing is therefore a legitimate interest.

Further conditions such as the perception of recordings in the public interest and the exercise of public authority, as well as the protection of vital interests, generally do not arise. If such a legal basis should nevertheless apply, it will be indicated at the appropriate place.

In addition to the EU regulation, national laws also apply:

• In Austria Is this the Federal Act on the Protection of Natural Persons in the Processing of Personal Data (Data Protection Act, short DSG.
• In Germany Is this valid? Federal Data Protection Act, short BDSG.

If further regional or national laws apply, we will inform you in the following sections.

Contact details of the person in charge

If you have any questions about data protection or the processing of personal data, you will find the contact details of the person or body responsible below:
KOMDAT Data Protection LLC
Mr. Ronald Kopecky
www.komdat.at
Yes*********@****at.at

Email: Yes*********@****at.at

Imprint www.komdat.at

Storage duration

We generally adhere to the principle of storing personal data only for as long as it is absolutely necessary to provide our services and products. This means we delete personal data as soon as the reason for processing that data no longer exists. In some cases, we are legally obligated to retain certain data even after the original purpose has been fulfilled, for example, for bookkeeping purposes.

Should you wish for your data to be deleted or withdraw your consent to data processing, your data will be deleted as quickly as possible, provided there is no legal obligation to retain it.

We will inform you about the specific duration of the respective data processing below, provided we have further information on this.

Rights under the General Data Protection Regulation

In accordance with Articles 13 and 14 of the GDPR, we hereby inform you of the following rights that you are entitled to, to ensure fair and transparent data processing:

• Under Article 15 GDPR, you have a right to information about whether we process data about you. If this applies, you are entitled to receive a copy of the data and to be informed of the following:
  • for what purpose we carry out the processing;
  • the categories, meaning the types of data that are processed;
  • who receives this data and, if the data is transferred to third countries, how security can be guaranteed;
  • how long the data is stored;
  • the existence of the right to rectification, erasure or restriction of processing and the right to object to processing;
  • that you can complain to a supervisory authority (links to these authorities can be found below);
  • the origin of the data, if we did not collect it from you;
  • whether profiling is carried out, whether data is automatically evaluated to create a personal profile of you.
• According to Article 16 of the GDPR, you have a right to rectification of data, which means we must correct data if you find errors.
• Under Article 17 of the GDPR, you have the right to erasure (the „right to be forgotten“), which specifically means you can request the deletion of your data.
• You have the right to restrict processing according to Article 18 GDPR, which means we may only store your data but not use it further.
• According to Article 20 of the GDPR, you have the right to data portability, which means that upon request, we will provide you with your data in a common format.
• According to Article 21 of the GDPR, you have a right to object, which, once exercised, leads to a change in processing.
  • If the processing of your data is based on Article 6(1)(e) (public interest, exercise of official authority) or Article 6(1)(f) (legitimate interests), you may object to the processing. We will then review as quickly as possible whether we can legally comply with this objection.
  • If data is used for direct advertising, you can object to this type of data processing at any time. We may no longer use your data for direct marketing after that.
  • If data is used for profiling, you can object to this type of data processing at any time. After that, we may not use your data for profiling anymore.
• Under Article 22 of the GDPR, you may have the right not to be subject to a decision based solely on automated processing (for example, profiling).
• According to Article 77 of the GDPR, you have the right to lodge a complaint. This means you can complain to the data protection authority at any time if you believe that the processing of personal data violates the GDPR.

In short: You have rights – do not hesitate to contact the responsible entity listed above!

If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can complain to the supervisory authority. For Austria, this is the Data Protection Authority, whose website you can find at https://www.dsb.gv.at/ find. In Germany, there is a data protection officer for each federal state. For more information, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI) The following local data protection authority is responsible for our company:

Data processing security

To protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymize personal data. This makes it as difficult as possible for third parties to infer personal information from our data, within the scope of our capabilities.

Art. 25 GDPR speaks here of “data protection by design and by default” and means that security is always considered and appropriate measures are implemented for both software (e.g., forms) and hardware (e.g., access to the server room). We will address specific measures below, if necessary.

TLS encryption with HTTPS

TLS, encryption, and HTTPS sound very technical, and they are. We use HTTPS (which stands for Hypertext Transfer Protocol Secure) to transmit data over the internet securely, preventing eavesdropping.
This means that the complete transfer of all data from your browser to our web server is secured – no one can “eavesdrop.”.

With this, we have introduced an additional layer of security and are complying with data protection by design (Article 25(1) GDPRBy using TLS (Transport Layer Security), an encryption protocol for secure data transmission over the internet, we can ensure the protection of confidential data.
You can recognize the use of this data transmission security by the small lock symbol  top left in the browser, to the left of the internet address (e.g. examplesite.de) and the use of the https schema (instead of http) as part of our internet address.
If you would like to learn more about encryption, we recommend searching Google for “Hypertext Transfer Protocol Secure wiki” to find good links for further information.

Communication

Communication Summary 👥 Affected: Everyone who communicates with us by phone, email, or online form Processed data: e.g., phone number, name, email address, form data entered. You can find more details about this in the respective contact method used. Purpose: Handling communication with customers, business partners, etc. Storage duration: Duration of the business case and legal regulations Legal Basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(b) GDPR (Contract), Art. 6(1)(f) GDPR (Legitimate Interests)

When you contact us and communicate by phone, email, or online form, personal data may be processed.

The data will be processed for the handling and processing of your question and the related business transaction. The data will be stored for as long as necessary or as required by law.

Affected persons

All of the mentioned processes affect those who contact us through the communication channels we provide.

Telephone

When you call us, call data will be pseudonymized and stored on the respective terminal device and by the telecommunications provider used. Furthermore, data such as name and phone number can subsequently be sent by email and stored for answering inquiries. The data will be deleted as soon as the business case has been concluded and legal requirements permit.

Email

When you communicate with us via email, data may be stored on the respective end device (computer, laptop, smartphone, etc.) and data will be stored on the email server. The data will be deleted as soon as the business case has been concluded and legal requirements permit.

Online Forms

When you communicate with us via an online form, data is stored on our web server and may be forwarded to one of our email addresses. The data will be deleted as soon as the business transaction has been concluded and legal requirements permit.

Legal basis

The processing of the data is based on the following legal grounds:

• Art. 6(1)(a) GDPR (Consent): You give us your consent to store your data and use it for purposes related to the business case;
• Article 6(1)(b) GDPR (Contract): We need to process the data for the performance of a contract with you or a processor, such as a telephone provider, or we need to process the data for pre-contractual activities, such as preparing a quote;
• Article 6(1)(f) GDPR (Legitimate Interests): We want to conduct customer inquiries and business communication in a professional setting. To do this, certain technical facilities such as e-mail programs, Exchange servers, and mobile network providers are necessary to operate communication efficiently.

Cookies

Our Cookies

Cookie Summary 👥 Affected Parties: Website visitors 🤝 Purpose: Depends on the respective cookie. More details can be found below or with the software manufacturer that sets the cookie. Processed data: Depends on the cookie used. More details can be found below or with the manufacturer of the software that sets the cookie. 📅 Storage duration: depends on the specific cookie, can vary from hours to years Legal bases: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate interests)

What are cookies?

Our website uses HTTP cookies to store user-specific data.
The following explains what cookies are and why they are used, so that you can better understand the following privacy policy.

Whenever you surf the internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing is undeniable: cookies are truly useful helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are also other cookies for different applications. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically placed in the cookie folder, essentially the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data, such as language or personal page settings. When you visit our site again, your browser sends the „user-related“ information back to our site. Thanks to cookies, our website knows who you are and offers you the settings you are accustomed to. In some browsers, each cookie has its own file; in others, like Firefox, all cookies are stored in a single file.

The following diagram shows a possible interaction between a web browser like Chrome and a web server. The web browser requests a website and receives a cookie back from the server, which the browser reuses when another page is requested.

There are both first-party and third-party cookies. First-party cookies are created directly by our website, while third-party cookies are created by partner websites (e.g., Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. A cookie's expiration time also varies, from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans, or other „malware.“ Cookies also cannot access information on your PC.

For example, cookie data might look like this:

Name: _ga
Value GA1.2.1326744211.152122454004-9
Purpose of use Distinguishing website visitors
Expiration date after 2 years

These minimum sizes should be supported by a browser:

• At least 4096 bytes per cookie
• At least 50 cookies per domain
• At least 3000 cookies total

What types of cookies are there?

The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the privacy policy. Here we would like to briefly discuss the different types of HTTP cookies.

You can distinguish 4 types of cookies:

Essential Cookies
These cookies are necessary to ensure basic website functionality. For example, these cookies are needed when a user adds a product to their shopping cart, then browses other pages, and later proceeds to checkout. These cookies ensure that the shopping cart is not deleted, even if the user closes their browser window.

Functional Cookies
These cookies collect information about user behavior and whether the user receives any error messages. Additionally, these cookies are used to measure loading times and website behavior across different browsers.

Purpose-driven cookies
These cookies improve user-friendliness. For example, entered locations, font sizes, or form data are saved.

Advertising Cookies
These cookies are also called targeting cookies. They are used to deliver individually tailored advertising to the user. This can be very convenient, but also very annoying.

Usually, when you visit a website for the first time, you are asked which of these cookie types you want to allow. And of course, this decision is also stored in a cookie.

If you want to learn more about cookies and don't shy away from technical documentation, we recommend https://datatracker.ietf.org/doc/html/rfc6265, the Request for Comments from the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.

Purpose of processing via cookies

The purpose ultimately depends on the specific cookie. You can find more details about this below or from the manufacturer of the software that sets the cookie.

What data is processed?

Cookies are small helpers for a variety of tasks. Unfortunately, it's not possible to generalize what data is stored in cookies, but we will inform you about the data processed or stored within the scope of the following privacy policy.

Cookie storage duration

The storage duration depends on the specific cookie and is further specified below. Some cookies are deleted after less than an hour, while others can remain stored on a computer for several years.

You also have influence over the storage duration yourself. You can manually delete all cookies at any time via your browser (see also “Right to object” below). Furthermore, cookies based on consent will be deleted at the latest after you withdraw your consent, whereby the lawfulness of storage up to that point remains unaffected.

Right of objection – how can I delete cookies?

You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option to delete, disable, or only partially allow cookies. For example, you can block third-party cookies but allow all other cookies.

If you want to find out which cookies are stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, Enable, and Manage Cookies in Chrome

Safari: Managing Cookies and Website Data with Safari

Firefox: Delete cookies to remove data websites have stored on your computer

Internet Explorer: Delete and Manage Cookies

Microsoft Edge: Deleting and Managing Cookies

If you generally do not want cookies, you can set up your browser to always inform you when a cookie is to be set. This way, you can decide for each individual cookie whether you want to allow it or not. The procedure varies depending on the browser. It is best to search for instructions in Google with the search term “delete cookies Chrome” or “disable cookies Chrome” if you are using a Chrome browser.

Legal basis

Since 2009, there have been so-called „cookie policies.“ They stipulate that storing cookies is a Consent (Article 6(1)(a) GDPR) requires you to do so. However, there are still very different reactions to these guidelines within EU countries. In Austria, however, this directive was implemented in § 96 para. 3 of the Telecommunications Act (TKG). In Germany, the cookie guidelines were not implemented as national law. Instead, this directive was largely implemented in § 15 para. 3 of the Telemedia Act (TMG).

For absolutely necessary cookies, even if no consent has been given, legitimate interests (Article 6(1)(f) GDPR), which are in most cases economic in nature. We want to provide website visitors with a pleasant user experience, and certain cookies are often absolutely necessary for this.

Unless non-essential cookies are used, this will only happen with your consent. The legal basis for this is Art. 6(1)(a) GDPR.

In the following sections, you will be informed in more detail about the use of cookies, provided that the software used utilizes cookies.

Application data

Application Data Summary 👥 Affected Parties: Users who apply for a job with us Purpose: Handling an application process Processed data: Name, address, contact details, email address, phone number, qualification certificates (transcripts), possibly special category data. 📅 Storage duration: If the application is successful, data will be stored until the end of the employment relationship. Otherwise, data will be deleted after the application process or stored for a certain period with your consent. Legal bases: Art. 6(1)(a) GDPR (consent), legitimate interest (Art. 6(1)(f) GDPR), Art. 6(1)(b) GDPR (contract), Art. 9(2)(a) GDPR (processing of special categories)

What is application data?

You can apply for a position in our company via email, online form, or through a recruiting tool. All data that we receive and process from you as part of an application counts as application data. In doing so, you also always disclose personal data such as name, date of birth, address, and phone number.

Why do we process application data?

We process your data to conduct a proper selection process for the advertised position. Additionally, we are happy to keep your application documents in our applicant database. This is because it often happens that a collaboration for the advertised position doesn't work out for various reasons, but we are impressed by you and your application and can envision a future collaboration very well. If you give us your consent for this, we will archive your documents so that we can easily contact you for future roles in our company.

We guarantee that we will handle your data with particular care and will always process your data only within the legal framework. Even within our company, your data will only be forwarded to individuals who are directly involved with your application. In short: your data is in safe hands with us!

What data is processed?

If you apply to us by email, for example, we will also receive personal data, as mentioned above. Even an email address is considered personal data. However, in the course of an application process, only those data that are relevant to our decision on whether or not we want to welcome you to our team are processed.

The exact data processed depends primarily on the job advertisement. However, it usually includes names, date of birth, contact details, and proof of qualifications. If you submit your application via an online form, the data will be transmitted to us encrypted. If you send us your application by email, this encryption will not take place. Therefore, we cannot assume responsibility for the transmission method. However, once the data is on our servers, we are responsible for the lawful handling of your data.

During the application process, in addition to the data mentioned above, information about your health or ethnic origin may be requested so that we and you can exercise your rights regarding labor law, social security, and social protection, while also fulfilling corresponding obligations. This data is considered special category data.

Here is a list of possible data we may receive and process from you:

• Name
• Contact Address
• Email address
• Phone number
• Date of birth
• Information derived from cover letters and resumes
• Proof of qualification (e.g.) certificates
• Data of special categories (e.g., ethnic origin, health data, religious beliefs)
• Usage data (visited websites, access data, etc.)
• Metadata (IP address, device information)

How long is the data stored?

If we welcome you as a team member in our company, your data will be processed for the purpose of the employment relationship and stored with us at least until the termination of the employment relationship. All application documents will then be placed in your personnel file.

If we do not offer you the job, you decline our offer, or you withdraw your application, we may retain your data for up to 6 months after the completion of the application process due to our legitimate interest (Art. 6 para. 1 lit. f GDPR). Afterward, both your electronic data and all data from physical application documents will be completely deleted or destroyed. We retain your data, for example, so that we can answer any subsequent inquiries or so that we can provide evidence of the application in the event of a legal dispute. If a legal dispute arises and we may still need the data after the 6-month period has expired, we will only delete the data when there is no longer any reason for retention. If there are statutory retention obligations to be met, we will generally have to store the data for longer than 6 months.

Furthermore, we can store your data for a longer period if you have given your specific consent. We do this, for example, if we can envision a future collaboration with you. In this case, it is helpful to have your data archived so that we can contact you easily. In this scenario, your data will be added to our applicant pool. Of course, you can withdraw your consent for the longer storage of your data at any time. If no withdrawal is made and you do not provide new consent, your data will be deleted after 2 years at the latest.

Legal basis

The legal bases for processing your data are Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. b GDPR (contract or pre-contractual measures), Art. 6 para. 1 lit. f GDPR (legitimate interests), and Art. 9 para. 2 lit. a GDPR (processing of special categories).

If we include you in our applicant tool, this happens on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). We would like to point out that your consent to our applicant pool is voluntary, has no influence on the application process, and you have the option to withdraw your consent at any time. The lawfulness of the processing until the time of withdrawal remains unaffected.

In the case of protecting vital interests, data processing is carried out in accordance with Art. 9(2)(c) GDPR. For the purposes of healthcare, occupational medicine, medical diagnostics, provision or management of health or social care services, or for the administration of systems and services in the health or social care sector, the processing of personal data is carried out in accordance with Art. 9(2)(h) GDPR. If you voluntarily share special categories of data, processing is carried out based on Art. 9(2)(a) GDPR.

Customer data

Customer Data Summary 👥 Affected Parties: Customers and business/contractual partners 🤝 Purpose: Provision of services contractually or pre-contractually agreed upon, including related communication Processed data: Name, address, contact details, email address, phone number, payment information (such as invoices and bank details), contract data (such as term and subject of the contract), IP address, order data Storage period: Data will be deleted as soon as it is no longer required for the provision of our business purposes and there is no legal retention obligation. Legal Basis: Legitimate Interest (Art. 6(1)(f) GDPR), Contract (Art. 6(1)(b) GDPR)

What is customer data?

To provide our services and contractual performance, we also process data from our customers and business partners. This data always includes personal data. Customer data refers to all information processed based on a contractual or pre-contractual cooperation in order to deliver the services offered. Therefore, customer data encompasses all collected information that we gather and process about our customers.

Why do we process customer data?

There are many reasons why we collect and process customer data. The most important reason is that we need various data to provide our services. Sometimes your email address is enough for this, but if you purchase a product or service, for example, we also need data such as your name, address, banking details, or contract details. We also use the data for marketing and sales optimizations in order to improve our services for our customers overall. Another important point is our customer service, which is always very important to us. We want you to be able to contact us at any time with questions about our offerings, and for that we need at least your email address.

What data is processed?

At this point, it's only possible to provide a category-based overview of exactly what data is stored. This always depends on which services you receive from us. In some cases, you merely provide us with your email address so that we can contact you or answer your questions, for example. In other cases, you purchase a product or service from us, and for that, we need considerably more information, such as your contact details, payment details, and contract data.

Here is a list of possible data we may receive and process from you:

• Name
• Contact Address
• Email address
• Phone number
• Date of birth
• Payment details (invoices, bank details, payment history, etc.)
• Contract data (term, content)
• Usage data (visited websites, access data, etc.)
• Metadata (IP address, device information)

How long is the data stored?

Once we no longer need customer data to fulfill our contractual obligations and purposes, and the data is no longer necessary for potential warranty and liability claims, we will delete the corresponding customer data. This is the case, for example, when a business contract ends. The statute of limitations is generally 3 years thereafter, although longer periods may apply in individual cases. We naturally also comply with legal retention periods. Your customer data will most certainly not be passed on to third parties unless you have expressly consented to this.

Legal basis

The legal bases for processing your data are Article 6(1)(a) GDPR (consent), Article 6(1)(b) GDPR (contract or pre-contractual measures), Article 6(1)(f) GDPR (legitimate interests), and in special cases (e.g., for medical services) Article 9(2)(a) GDPR (processing of special categories).

In the case of protecting vital interests, data processing is carried out in accordance with Art. 9(2)(c) GDPR. For the purposes of healthcare, occupational medicine, medical diagnostics, provision or management of health or social care services, or for the administration of systems and services in the health or social care sector, the processing of personal data is carried out in accordance with Art. 9(2)(h) GDPR. If you voluntarily share special categories of data, processing is carried out based on Art. 9(2)(a) GDPR.

Registration

Registration Summary 👥 Affected Parties: All individuals who register, create an account, log in, and use the account. Recorded data: Email address, name, password, and other data collected during registration, login, and account usage. 🤝 Purpose: To provide our services. Communication with customers in connection with the services. Storage duration: As long as the company account associated with the texts exists and generally 3 years thereafter. Legal basis: Art. 6(1)(b) GDPR (contract), Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

When you register with us, personal data may be processed if you enter data related to individuals or if data such as your IP address is collected during processing. You can read more about what we mean by the rather cumbersome term “personal data” below.

Only enter data that we require for registration and for which you have third-party authorization if you are registering on behalf of a third party. If possible, use a secure password that you do not use anywhere else and an email address that you check regularly.

The following explains the exact nature of data processing, because we want you to feel comfortable with us!

What is a registration?

When you register, we collect certain data from you and allow you to easily log in online later and use your account with us. Having an account with us has the advantage that you don't have to enter everything again each time. It saves time and effort, and ultimately prevents errors in the provision of our services.

Why do we process personal data?

In short, we process personal data to enable the creation and use of an account with us.
If we didn't do this, you would have to enter all the data every time, wait for approval from us, and enter everything again. We and many, many customers wouldn't like that very much. How would you feel about that?

What data is processed?

All data you provided during registration, entered during login, or entered when managing your data in your account.

During registration, we process the following types of data: 

• First name
• Last name
• Email address
• Company Name
• Street + House Number
• Place of residence
• Postal code
• Land

During registration, we process the data you enter, such as username and password, as well as data collected in the background, such as device information and IP addresses.

When you use your account, we process data that you enter during account usage and that is generated as part of using our services.

Storage duration

We store the entered data at least for as long as the account linked to the data exists and is used by us, for as long as contractual obligations exist between us, and, if the contract ends, until the respective claims arising from it become time-barred. Furthermore, we store your data for as long and to the extent that we are subject to statutory storage obligations. After that, we will keep booking records (invoices, contracts, bank statements, etc.) related to the contract as well as other relevant business documents for the legally required period (usually a few years).

Right of objection

You have registered, entered data, and want to revoke processing? No problem. As you can read above, the rights according to the General Data Protection Regulation also apply during and after registration, login, or account creation with us. Contact the Data Protection Officer mentioned above to exercise your rights. If you already have an account with us, you can easily view or manage your data and texts within the account.

Legal basis

By completing the registration process, you approach us pre-contractually to conclude a usage agreement for our platform (although a payment obligation does not automatically arise). You invest time to enter data and register, and we offer you our services after registration in our system and access to your customer account. We also fulfill our contractual obligations. Finally, we must keep registered users informed of important changes via email. Therefore, Article 6(1)(b) GDPR (performance of pre-contractual measures, fulfillment of a contract) applies.

If necessary, we will also obtain your consent, e.g. if you voluntarily provide more data than absolutely necessary or if you allow us to send you advertising. Article 6(1)(a) GDPR (Consent) therefore applies.

We also have a legitimate interest in knowing who we are dealing with, so that we can contact them in certain cases. Furthermore, we need to know who is using our services and whether they are being used in accordance with our terms of use, which means Article 6(1)(f) GDPR (Legitimate Interests) applies.

Note: The following sections are to be checked by users (as needed):

Real name registration

Since we need to know who we are dealing with in business operations, registration is only possible with your real name (full name) and not with pseudonyms.

Registration with Pseudonyms

Pseudonyms can be used during registration, meaning you do not have to register with your real name. This ensures that your name cannot be processed by us. 

IP Address Storage

During registration, login, and account usage, we store your IP address in the background for security purposes to determine lawful use.

Public Profile

The user profiles are publicly visible, meaning parts of the profile can be seen on the internet without needing to provide a username and password.

2-Factor Authentication

Two-factor authentication (2FA) provides additional security during login, as it prevents logging in without a smartphone, for example. This technical measure to secure your account protects you from data loss or unauthorized access, even if your username and password are known. You will find out which 2FA is being used during registration, login, and in your account itself.

Web Hosting Introduction

Web Hosting Summary 👥 Affected Parties: Website visitors 🤝 Purpose: Professional website hosting and operational security Processed data: IP address, time of website visit, browser used, and other data. More details can be found below or with the respective web hosting provider. 📅 Storage duration: dependent on the provider, but usually 2 weeks Legal basis: Art. 6(1)(f) GDPR (Legitimate interests)

What is web hosting?

When you visit websites today, certain information – including personal data – is automatically created and stored, including on this website. This data should be processed as sparingly as possible and only with justification. By website, we mean the entirety of all web pages on a domain, i.e., everything from the start page (homepage) to the very last sub-page (like this one). By domain, we mean, for example, example.de or sample.com.

When you want to view a website on a computer, tablet, or smartphone, you use a program called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari. We refer to them briefly as browsers or web browsers.

To display the website, the browser must connect to another computer where the website's code is stored: the web server. Operating a web server is a complicated and labor-intensive task, which is why it's usually handled by professional providers, called hosts. They offer web hosting and thus ensure reliable and error-free storage of website data. A lot of technical terms, but please stick with it, it gets even better!

When connecting from your computer's browser (desktop, laptop, tablet, or smartphone) and during data transfer to and from the web server, personal data may be processed. On one hand, your computer stores data, and on the other hand, the web server must also store data for a period to ensure proper operation.

A picture is worth a thousand words, so the following graphic illustrates the interaction between the browser, the internet, and the hosting provider.

Why do we process personal data?

The purposes of data processing are:

1. Professional website hosting and operational security
2. to maintain operational and IT security
3. Anonymous evaluation of access behavior for the improvement of our services and, if applicable, for criminal prosecution or the assertion of claims.

What data is processed?

Even while you are visiting our website right now, our web server, which is the computer where this website is stored, typically automatically saves data such as

• the complete Internet address (URL) of the webpage that was accessed
• Browser and browser version (e.g., Chrome 87)
• the operating system used (e.g., Windows 10)
• the address (URL) of the previously visited page (referrer URL) (e.g. https://www.beispielquellsite.de/vondabinichgekommen/)
• the hostname and IP address of the device from which access is being made (e.g., COMPUTERNAME and 194.23.43.121)
• Date and time
• in files, so-called web server log files

How long is data stored?

As a rule, the data mentioned above are stored for two weeks and then automatically deleted. We do not pass this data on, but we cannot rule out that this data may be accessed by authorities in the event of unlawful behavior.

In short: Your visit is logged by our provider (the company that runs our website on special computers (servers)), but we will not share your data without consent!

Legal basis

The lawfulness of processing personal data in the context of web hosting is based on Art. 6(1)(f) GDPR (legitimate interests), as the use of professional hosting with a provider is necessary to present the company securely and user-friendly on the internet and to be able to pursue attacks and claims arising from this, if necessary.

There is generally a data processing agreement between us and the hosting provider pursuant to Art. 28 et seq. GDPR, which ensures compliance with data protection and guarantees data security.

Web Hosting Provider External Privacy Policy

Below you will find the contact details of our external hosting provider, where you can learn more about data processing in addition to the information above:

DIX Websolutions
Ing. Markus Kappe
Klosterneuburger Straße 25
2103 Langenzersdorf

More information about data processing by this provider can be found in the Privacy Policy.

Website Builders Introduction

Website Builder Privacy Policy Summary 👥 Affected Parties: Website visitors Purpose: Optimization of our service performance Processed Data: Data such as technical usage information like browser activity, clickstream activities, session heatmaps, as well as contact details, IP address, or your geographical location. You can find more details about this further down in this privacy policy and in the providers' privacy policies. Storage duration: depends on the provider Legal basis: Art. 6(1)(f) GDPR (Legitimate interests), Art. 6(1)(a) GDPR (Consent)

Website builders are systems that allow users to create websites without needing extensive knowledge of coding or web design. They typically offer a drag-and-drop interface, pre-designed templates, and a range of tools to add content, images, and other features.

We use a website builder system for our website. Website builders are special forms of a Content Management System (CMS). With a website builder, website operators can create a website very easily and without programming knowledge. In many cases, web hosts also offer website builders. By using a website builder, personal data can also be collected, stored, and processed. In this privacy text, we provide you with general information about data processing by website builders. You can find more detailed information in the provider's privacy policy.

Why do we use website builders for our website?

The greatest advantage of a modular system is its ease of use. We want to offer you a clear, simple, and well-organized website that we can easily operate and maintain ourselves – without external support. A modular system now offers many helpful functions that we can use even without programming knowledge. This allows us to design our web presence according to our wishes and offer you an informative and pleasant time on our website.

What data is stored by a modular system?

The exact data stored naturally depends on the website builder system used. Each provider processes and collects different data from website visitors. However, as a rule, technical usage information such as operating system, browser, screen resolution, language and keyboard settings, hosting provider, and the date of your website visit are collected. Furthermore, tracking data (e.g., browser activity, clickstream activities, session heatmaps, etc.) may also be processed. In addition, personal data can also be collected and stored. This usually includes contact details such as email address, phone number (if you have provided them), IP address, and geographical location data. You can find out exactly what data is stored in the provider's privacy policy.

How long and where will the data be stored?

We will inform you about the duration of data processing below in connection with the website builder system used, if we have further information on this. You will find detailed information about this in the provider's data protection declaration. In general, we only process personal data for as long as it is absolutely necessary for the provision of our services and products. It is possible that the provider stores data from you according to their own specifications, over which we have no influence.

Right of objection

You always have the right to access, rectify, and erase your personal data. If you have questions, you can also contact the responsible parties for the website builder system used at any time. You can find contact details either in our privacy policy or on the website of the respective provider.

You can delete, disable, or manage cookies used by providers for their functions in your browser. The exact procedure varies depending on the browser you use. Please note that some functions may no longer work as expected afterward.

Legal basis

We have a legitimate interest in using a website builder system to optimize our online service and present it to you efficiently and user-friendly. The legal basis for this is Art. 6 para. 1 lit. f GDPR (Legitimate Interests). Nevertheless, we will only use the website builder if you have given your consent.

To the extent that the processing of data is not absolutely necessary for the operation of the website, the data will only be processed based on your consent. This applies in particular to tracking activities. The legal basis for this is Article 6(1)(a) of the GDPR.

With this privacy policy, we have provided you with the most important general information regarding data processing. If you wish to obtain further information on this matter, you will find additional details – if available – in the following section or in the provider's privacy policy.

Joomla! Privacy Policy

We are using Joomla! for our website, a website builder system or Content Management System (CMS). The service provider is the German company J and Beyond Verein zur Förderung freier Content Management Systeme e.V. Brüsseler Ring 67, c/o Robert Deutz Business Solution, 52074 Aachen, Germany. You can find out more about the data processed by using Joomla! in the privacy policy at https://www.joomla.de/datenschutzerklaerung.

YOOtheme Privacy Policy

We use YOOtheme for our website, a Joomla!/WordPress theme and website builder. The service provider is the German company YOOtheme GmbH, Hongkongstraße 8, 20457 Hamburg, Germany. You can find more information about the data processed by using YOOtheme in the privacy policy at https://yootheme.com/privacy.

Web Analytics Introduction

Web Analytics Privacy Policy Summary 👥 Affected Parties: Website visitors Purpose: Evaluation of visitor information for optimizing the web offering. Processed Data: Access statistics that include data such as access locations, device data, access duration and time, navigation behavior, click behavior, and IP addresses. More details can be found with the respective web analytics tool used. Storage duration: depending on the web analytics tool used Legal basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate interests)

What is Web Analytics?

We use software on our website to analyze the behavior of website visitors, referred to as web analytics or web analysis. This involves collecting data that is stored, managed, and processed by the respective analytics tool provider (also called a tracking tool). With the help of this data, analyses of user behavior on our website are created and made available to us as the website operator. Additionally, most tools offer various testing options. For example, we can test which offers or content are most popular with our visitors. To do this, we show you two different offers for a limited period. After the test (so-called A/B test), we know which product or content our website visitors find more interesting. For such testing procedures, as well as for other analytics procedures, user profiles can also be created, and the data can be stored in cookies.

Why do we do web analytics?

Our website has a clear goal: we want to deliver the best web offering on the market for our industry. To achieve this goal, we want to offer the best and most interesting products on the one hand, and on the other hand, ensure that you feel completely comfortable on our website. With the help of web analytics tools, we can examine the behavior of our website visitors more closely and then improve our web offering accordingly for you and us. For example, we can see the average age of our visitors, where they come from, when our website is most visited, or which content or products are particularly popular. All this information helps us to optimize the website and thus adapt it to your needs, interests, and wishes in the best possible way.

What data is processed?

The exact data that is stored naturally depends on the analysis tools used. However, as a general rule, the following information is stored, for example: which content you view on our website, which buttons or links you click, when you access a page, which browser you use, which device (PC, tablet, smartphone, etc.) you use to visit the website, or which computer system you use. If you have agreed to the collection of location data, this can also be processed by the web analytics tool provider.

In addition, your IP address will also be saved. In accordance with the General Data Protection Regulation (GDPR), IP addresses are personal data. However, your IP address will generally be stored pseudonymously (i.e., in an unrecognizable and shortened form). For the purposes of testing, web analysis, and web optimization, direct data such as your name, age, address, or email address are generally not stored. All such data, if collected, will be stored pseudonymously. This means you cannot be identified as an individual.

The following example schematically shows how Google Analytics works as an example of client-based web tracking with JavaScript code.

How long specific data is stored always depends on the provider. Some cookies store data for only a few minutes or until you leave the website, while other cookies can store data for several years.

Duration of data processing

We will inform you about the duration of data processing below, provided we have further information on it. In general, we only process personal data for as long as it is absolutely necessary for the provision of our services and products. If, as is the case with accounting, for example, it is legally required, this retention period may also be exceeded.

Right of objection

You also have the right and the option to revoke your consent to the use of cookies or third parties at any time. This can be done either through our cookie management tool or through other opt-out functions. For example, you can also prevent data collection by cookies by managing, disabling, or deleting cookies in your browser.

Legal basis

The use of web analytics requires your consent, which we obtained with our cookie popup. This consent, according to Art. 6(1)(a) GDPR (Consent) the legal basis for the processing of personal data, as may occur when collected by web analytics tools.

In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors in order to technically and economically improve our offering. With the help of web analytics, we can identify website errors, detect attacks, and improve economic efficiency. The legal basis for this is Art. 6(1)(f) GDPR (Legitimate Interests). We only use the tools to the extent that they have given consent.

Since web analytics tools use cookies, we also recommend reading our general cookie policy. To find out exactly what data is stored and processed about you, you should read the privacy policies of the respective tools.

Information about special web analytics tools can be found in the following sections, if available.

Facebook Pixel Privacy Policy

We use Facebook's Facebook Pixel on our website. To do this, we have implemented a code on our website. The Facebook Pixel is a snippet of JavaScript code that loads a collection of functions that allow Facebook to track your user actions if you came to our website via Facebook Ads. For example, if you purchase a product on our website, the Facebook Pixel is triggered and stores your actions on our website in one or more cookies. These cookies allow Facebook to match your user data (customer data such as IP address, user ID) with the data from your Facebook account. Facebook then deletes this data again. The collected data is anonymous to us and cannot be viewed, and can only be used within the scope of advertising campaigns. If you are a Facebook user yourself and are logged in, your visit to our website will be automatically associated with your Facebook user account.

We only want to show our services or products to people who are genuinely interested in them. With the help of Facebook Pixels, our advertising measures can be better tailored to your wishes and interests. This way, Facebook users (provided they have allowed personalized advertising) will see relevant ads. Furthermore, Facebook uses the collected data for analysis purposes and its own advertisements.

Below, we show you the cookies that were set by embedding the Facebook pixel on a test page. Please note that these are just example cookies. Different cookies are set depending on user interaction on our website.

Name: _fbp
Value fb.1.1568287647279.257405483-6122454004-7
Purpose of use This cookie is used by Facebook to display advertising products.
Expiration date after 3 months

Name: To
Value 0aPf312HOS5Pboo2r..Bdeiuf…1.0.Bdeiuf.
Purpose of use This cookie is used to ensure the Facebook Pixel functions correctly.
Expiration date after 3 months

Name: comment_author_50ae8267e2bdf1137e22a431412a3318972527504-3
Value Author's name
Purpose of use This cookie stores the text and name of a user who, for example, leaves a comment.
Expiration date after 12 months

Name: comment_author_url_50ae8267e2bdf1253ec1a5769f48e062
Value httpswww.testpage… (Author's URL)
Purpose of use This cookie stores the URL of the website that the user enters into a text field on our website.
Expiration date after 12 months

Name: comment_author_email_50ae8267e2bdf1253ec1a5769f48e062
Value Author's email address
Purpose of use This cookie stores the user's email address if they have provided it on the website.
Expiration date after 12 months

Note: The cookies mentioned above relate to individual user behavior. Specifically with the use of cookies, changes by Facebook can never be ruled out.

If you are logged into Facebook, you can manage your ad preferences at https://www.facebook.com/adpreferences/advertisers/  change themselves. If you are not a Facebook user, you can at https://www.youronlinechoices.com/de/praferenzmanagement/?tid=122454004 Manage your usage-based online advertising. There you have the option to deactivate or activate providers.

Facebook processes data from you, including in the USA. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may involve various risks to the lawfulness and security of data processing.

Facebook uses so-called Standard Contractual Clauses (= Art. 46 (2) and (3) GDPR) as the basis for data processing by recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfers there. Standard Contractual Clauses (SCCs) are model clauses provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even when transferred to third countries (such as the USA) and stored there. Through these clauses, Facebook undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

You can find the Facebook Data Processing Addendum, which corresponds to the Standard Contractual Clauses, at https://www.facebook.com/legal/terms/dataprocessing.

If you want to learn more about Facebook's data privacy, we recommend the company's own data policies at https://www.facebook.com/policy.php.

Hotjar Privacy Policy

Hotjar Privacy Policy Summary 👥 Affected Parties: Website visitors Purpose: To evaluate visitor information for optimizing the user experience. Processed Data: Access statistics, which include data such as access locations, device data, access duration and time, navigation behavior, click behavior, and IP addresses. 📅 Storage duration: data will be deleted after one year Legal basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate interests)

What is Hotjar?

We use Hotjar from Hotjar Limited (Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta) on our website to statistically analyze visitor data. Hotjar is a service that analyzes your behavior and feedback as a user on our website through a combination of analysis and feedback tools. We receive reports and visual representations from Hotjar that show us where and how you “move” on our site. Personal data is automatically anonymized and never reaches Hotjar’s servers. This means you, as a website user, are not personally identified, and we still learn a great deal about your user behavior.

As mentioned in the section above, Hotjar helps us analyze the behavior of our website visitors. These tools that Hotjar offers include heatmaps, conversion funnels, visitor recordings, incoming feedback, feedback polls, and surveys (more information can be found at https://www.hotjar.com/This helps Hotjar offer you a better user experience and service. On the one hand, it provides good analysis of online behavior, and on the other hand, we also receive good feedback on the quality of our website. Because in addition to all the analytical aspects, we also simply want to know your opinion about our website. And the feedback tool makes exactly that possible.

Why do we use Hotjar on our website?

In recent years, the importance of user experience on websites has greatly increased. And for good reason. A website should be designed so that you, as a visitor, feel comfortable and can easily find your way around. Thanks to Hotjar's analysis and feedback tools, we can make our website and our offerings more attractive. Hotjar's heatmaps are particularly valuable to us. Heatmaps are a form of data visualization. Hotjar's heatmaps show us, for example, very precisely what you like to click, tap, and where you scroll.

What data does Hotjar store?

As you browse our website, Hotjar automatically collects information about your user behavior. To collect this information, we have implemented our own tracking code on our website. The following data can be collected about your computer or browser:

• Your computer's IP address (collected and stored in an anonymized format)
• Screen size
• Browser information (which browser, which version, etc.)
• Your location (country only)
• Your preferred language setting
• Visited Webpages (subpages)
• Date and time of access to one of our subpages (web pages)

Additionally, cookies also store data that is placed on your computer (mostly in your browser). No personal data is collected in them. Generally, Hotjar does not share collected data with third parties. However, Hotjar expressly points out that it is sometimes necessary to share data with Amazon Web Services. In that case, parts of your information will be stored on their servers. However, Amazon is bound by a confidentiality agreement not to disclose this data.

Only a limited number of individuals (Hotjar employees) have access to the stored information. Hotjar's servers are protected by firewalls and IP restrictions (access only from authorized IP addresses). Firewalls are security systems that protect computers from unwanted network access. They are intended to serve as a barrier between Hotjar's secure internal network and the internet. Furthermore, Hotjar also uses third-party companies for its services, such as Google Analytics or Optimizely. These companies may also store information that your browser sends to our website.

The following cookies are used by Hotjar. As we rely, among other things, on the cookie list from Hotjar's privacy policy at https://help.hotjar.com/hc/en-us/articles/115011789248-Hotjar-Cookies not all cookies have an example value. The list shows examples of Hotjar cookies used and does not claim to be exhaustive.

Nameajs_anonymous_id
Value 58832463-7cee-48ee-b346-a195f18b06c3122454004-5
Purpose of use The cookie is commonly used for analytics purposes and helps count visitors to our website by tracking whether you've been to this page before.
Expiration date after one year

Nameajs_group_id
Value 0
Purpose of use This cookie collects data about user behavior. This data can then be assigned to a specific visitor group based on commonalities among website visitors.
Expiration date after one year

Name: _hjid
Value 699ffb1c-4bfb-483f-bde1-22cfa0b59c6c
Purpose of use The cookie is used to retain a Hotjar User ID unique to the site on the browser, so that user behavior can be mapped to the same User ID on subsequent visits.
Expiration date after one year

Name: _hjMinimizedPolls
Value 462568122454004-8
Purpose of use Whenever you minimize a Feedback Poll widget, Hotjar sets this cookie. The cookie ensures that the widget stays minimized as you browse our pages.
Expiration date after one year

Name: _hjIncludedInSample
Value 1
Purpose of use This session cookie is set to inform Hotjar if you are part of the selected sample used for generating funnels.
Expiration date after one year

Name_hjClosedSurveyInvites
Purpose of use This cookie is set when you are shown an invitation to a feedback survey through a pop-up window. The cookie is used to ensure that this invitation only appears for you once.
Expiration date after one year

Name: hjDonePolls
Purpose of use Once you finish a feedback „question round“ with the so-called Feedback Poll Widget, this cookie is set in your browser. This prevents Hotjar from showing you the same surveys again in the future.
Expiration date after one year

Name: _hjDoneTestersWidgets
Purpose of use This cookie is used as soon as you enter your data in the „Recruit User Tester Widget“. We want to hire you as a tester with this widget. The cookie is used so that this form does not appear again and again.
Expiration date after one year

Name: _hjMinimizedTestersWidgets
Purpose of use So that the „Recruit User Tester“ truly remains minimized on all our pages once you have minimized it, this cookie will be set.
Expiration date after one year

Name: _hjShownFeedbackMessage
Purpose of use This cookie is set when you have minimized or complemented incoming feedback. This is to ensure that incoming feedback loads as minimized immediately when you navigate to another page where it is supposed to be displayed.
Expiration date after one year

How long and where will the data be stored?

We have integrated a tracking code on our website that is transmitted to Hotjar's servers in Ireland (EU). This tracking code contacts Hotjar's servers and sends a script to your computer or end device with which you access our site. The script collects certain data regarding your interaction with our website. This data is then sent to Hotjar's servers for processing. Hotjar has self-imposed a 365-day data retention period. This means all data collected by Hotjar that is older than one year will be automatically deleted.

How can I delete my data or prevent data storage?

Hotjar does not store personal data for analysis. The company even advertises with the slogan „We track behavior, not individuals.“ You also always have the option to prevent your data from being collected. To do so, you only need to click on the „Opt-out page“go and click on „Disable Hotjar.“ Please note that deleting cookies, using your browser's incognito mode, or using a different browser will result in data being collected again. Furthermore, you can also enable the „Do Not Track“ button in your browser. For example, in Chrome, you need to click on the three bars in the upper right corner and go to „Settings.“ There, in the „Privacy“ section, you will find the option „Send a “Do Not Track” request with your browsing traffic.” Now, simply activate this button, and Hotjar will no longer collect any data.

Legal basis

The use of Hotjar requires your consent, which we obtained with our cookie popup. This consent, according to Art. 6(1)(a) GDPR (Consent) the legal basis for the processing of personal data, as may occur when collected by web analytics tools.

In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors in order to technically and economically improve our offering. With the help of Hotjar, we can identify website errors, detect attacks, and improve profitability. The legal basis for this is Art. 6(1)(f) GDPR (Legitimate Interests). We only use Hotjar if you have given your consent.

More details on the privacy policy and what data is collected by Hotjar and how can be found at https://www.hotjar.com/legal/policies/privacy?tid=122454004.

Piwik PRO Privacy Policy

We use Piwik PRO on our website, a software for web analytics. The service provider is the German company Piwik PRO GmbH, Kurfürstendamm 21, 10719 Berlin, Germany. You can find out more about the data processed by using Piwik PRO in the Privacy Policy at https://piwikpro.de/datenschutz/ .

YouTube Analytics and Reporting API Privacy Policy

We use the YouTube Analytics and Reporting API web analytics tool on our website. The service provider is the American company YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

YouTube also processes data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This can be associated with various risks to the lawfulness and security of data processing.

For the basis of data processing by recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e., in particular the USA) or for data transfers there, YouTube uses standard contractual clauses approved by the EU Commission (= Art. 46 (2) and (3) GDPR). These clauses oblige YouTube to maintain the EU data protection level when processing relevant data, even outside the EU. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the clauses here, among other places: https://germany.representation.ec.europa.eu/index_de.

More information about Google's Standard Contractual Clauses can be found at https://business.safety.google/intl/de/adsprocessorterms/.

Since YouTube is a subsidiary of Google, there is a joint privacy policy. If you want to learn more about how your data is handled, we recommend the privacy policy at https://policies.google.com/privacy?hl=de.

Email Marketing Introduction

E-mail Marketing Summary 👥 Affected: Newsletter Subscribers 🤝 Purpose: Direct email marketing, notification of system-relevant events Processed data: Data entered during registration, but at least the e-mail address. For more details, please refer to the respective e-mail marketing tool used. Storage duration: Duration of subscription Legal Basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate Interests)

What is email marketing?

To keep you consistently informed, we also utilize e-mail marketing. If you have consented to receive our emails or newsletters, your data will be processed and stored. E-mail marketing is a sub-area of online marketing. In this process, news or general information about a company, products, or services is sent via e-mail to a specific group of interested individuals.

If you want to participate in our email marketing (mostly via newsletter), you usually just need to sign up with your email address. To do this, you fill out an online form and submit it. However, it is also possible that we might ask for your title and name so that we can address you personally.

Basically, signing up for newsletters works using the so-called „double opt-in procedure.“ After you sign up for our newsletter on our website, you will receive an email with which you confirm your newsletter subscription. This ensures that you own the email address and that no one has signed up with someone else's email address. We or a notification tool used by us log every single signup. This is necessary so that we can also prove the legally correct signup process. This typically involves saving the time of signup, the time of signup confirmation, and your IP address. Additionally, any changes you make to your stored data are also logged.

Why do we use email marketing?

We naturally want to stay in contact with you and always provide you with the most important news about our company. To do this, we use email marketing - often simply referred to as “newsletters” - as an essential part of our online marketing. If you agree to this or if it is permitted by law, we will send you newsletters, system e-mails or other notifications by e-mail. When we use the term „newsletter“ in the following text, we mainly mean regularly sent e-mails. Of course, we do not want to bother you in any way with our newsletters. That is why we make every effort to offer only relevant and interesting content. For example, you can find out more about our company, our services or products. As we are constantly improving our offers, you will always find out via our newsletter when there is news or when we are offering special, lucrative promotions. If we commission a service provider who offers a professional mailing tool for our email marketing, we do so in order to be able to offer you fast and secure newsletters. The purpose of our email marketing is basically to inform you about new offers and also to achieve our business goals.

What data is processed?

By subscribing to our newsletter via our website, you confirm your membership in an email list via email. In addition to your IP address and email address, your salutation, name, address, and phone number may also be stored. However, this will only happen if you consent to this data storage. The data marked as such is necessary for you to participate in the service offered. Providing this information is voluntary, but failure to do so will prevent you from using the service. Additionally, information about your device or your preferred content on our website may also be stored. More information about data storage when visiting a website can be found in the “Automatic Data Storage” section. We record your declaration of consent so that we can always prove compliance with our laws.

Duration of data processing

If you unsubscribe from our email/newsletter distribution list, we may store your address for up to three years based on our legitimate interests to demonstrate your former consent. We may only process this data if we need to defend ourselves against any claims.

However, if you confirm that you have given us consent to subscribe to the newsletter, you can submit an individual deletion request at any time. If you permanently object to the consent, we reserve the right to store your e-mail address in a blocklist. As long as you have voluntarily subscribed to our newsletter, we will of course also keep your e-mail address.

Right of objection

You can cancel your newsletter subscription at any time. To do so, simply withdraw your consent to receive newsletters. This usually only takes a few seconds or one or two clicks. You can usually find a link to unsubscribe from the newsletter directly at the bottom of each email. If you really cannot find the link in the newsletter, please contact us by email and we will cancel your newsletter subscription immediately.

Legal basis

We send our newsletter based on your consent (Article 6(1)(a) GDPR). This means we can only send you a newsletter if you have actively subscribed to it beforehand. We may also send you advertising messages if you have become our customer and have not objected to the use of your email address for direct advertising.

Information on special e-mail marketing services and how they process personal data can be found – if available – in the following sections.

Sendinblue Privacy Policy

Sendinblue Privacy Policy Summary 👥 Affected: Newsletter Subscribers 🤝 Purpose: Direct email marketing, notification of system-relevant events Processed data: Data entered during registration, but at least the email address. Storage duration: Duration of subscription Legal Basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate Interests)

What is Sendinblue?

You can sign up for our newsletter for free on our website. To make this possible, we use the email sending service Sendinblue for our newsletter. This is a service provided by the German company Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin. Sendinblue is an email marketing tool, among other things, that allows us to send you tailored newsletters. With Sendinblue, we don't need to install anything and can still draw from a pool of truly useful features. Below, we will discuss this email marketing service in more detail and inform you about the most important data protection-related aspects.

Why do we use Sendinblue?

The newsletter service also offers us helpful analysis options. This means that when we send out a newsletter, we find out, for example, if and when you opened the newsletter. The software also recognizes and records whether and which link you clicked on within the newsletter. This information helps enormously to adapt and optimize our service to your wishes and concerns. After all, we naturally want to offer you the best possible service. In addition to the data already mentioned above, data about your user behavior will also be stored.

What data is processed by Sendinblue?

We are naturally very pleased when you sign up for our newsletter. This allows us to always inform you about what is happening in our company in a timely and firsthand manner. However, you should know that during the newsletter signup process, all data you enter (such as your email address or your first and last name) will be stored and managed on our server and with Sendinblue. This also includes personal data. For example, in addition to the time and date of signup, your IP address will be stored. During the signup process, you also consent to us sending you the newsletter, and you will be referred to this privacy policy. Furthermore, data such as click behavior within the newsletter may also be processed.

How long and where will the data be stored?

The data for the newsletter tool is stored on servers in Germany. The data collected that identifies you as a person (i.e., personal data) is generally deleted by Sendinblue no later than two years after the termination of the contractual relationship with us. However, you can also request the deletion of your data at any time. Requests will be processed within 30 days. Data that we collect and send to Sendinblue will be deleted by us as soon as you unsubscribe from our newsletter.

Right of objection

You can unsubscribe from our newsletter at any time. To do so, you simply need to revoke your consent to receive our newsletter. This typically takes only a few seconds or one or two clicks. You will usually find a link to unsubscribe directly at the end of every email. If you cannot find the link in the newsletter, please contact us by email, and we will cancel your newsletter subscription immediately. After unsubscribing, your personal data will be deleted from our servers and from the Sendinblue servers, which are located in Germany. You have the right to free information about your stored data, and where applicable, you also have the right to deletion, blocking, or rectification.

Legal basis

The sending of our newsletter by Sendinblue is based on your Consent (Article 6(1)(a) GDPR). This means we may only send you a newsletter if you have actively subscribed to it beforehand. If consent is not necessary, then the newsletter will be sent out based on the legitimate interest in direct marketing (Article 6(1)(f)), provided this is legally permissible. We record your registration process so that we can always demonstrate that it complies with our laws.

If you want to obtain more information about data processing, we recommend the company's privacy policy at https://de.sendinblue.com/legal/privacypolicy/ and additionally the following information page at https://de.sendinblue.com/informationen-newsletter-empfaenger/

Social Media Introduction

Social Media Privacy Policy Summary 👥 Affected Parties: Website visitors Purpose: Presentation and optimization of our service performance, contact with visitors, prospects, etc., advertising Processed data: Data such as phone numbers, email addresses, contact details, user behavior data, information about your device, and your IP address. More details can be found in the respective social media tool used. Storage duration: dependent on the social media platforms used Legal basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate interests)

What is social media?

In addition to our website, we are also active on various social media platforms. This allows user data to be processed so that we can specifically target users who are interested in us through social networks. Furthermore, elements of a social media platform may also be directly embedded in our website. This is the case, for example, when you click on a so-called social button on our website and are directly redirected to our social media presence. Social media, or social networks, are websites and apps where registered members can produce content, exchange content openly or in specific groups, and connect with other members.

Why do we use social media?

For years, social media platforms have been the place where people communicate and connect online. With our social media presence, we can bring our products and services closer to interested parties. The social media elements embedded on our website allow you to switch to our social media content quickly and without complications.

The data stored and processed through your use of a social media channel primarily serves the purpose of conducting web analysis. The goal of these analyses is to develop more precise and personalized marketing and advertising strategies. Depending on your behavior on a social media platform, the evaluated data can be used to draw relevant conclusions about your interests and to create so-called user profiles. This also allows platforms to present you with tailored advertisements. Most often, cookies are set in your browser for this purpose, which store data about your user behavior.

We generally assume that we remain responsible for data protection even when using the services of a social media platform. However, the European Court of Justice has ruled that in certain cases, the operator of the social media platform may be jointly responsible with us within the meaning of Art. 26 GDPR. To the extent that this is the case, we will point this out separately and will operate based on a relevant agreement. The essential aspects of the agreement are then reproduced below under the respective platform.

Please note that when using the social media platforms or our embedded elements, data about you may also be processed outside the European Union, as many social media channels, such as Facebook or Twitter, are American companies. This may make it more difficult for you to assert or enforce your rights regarding your personal data.

What data is processed?

The exact data stored and processed depends on the respective social media platform provider. However, it typically includes data such as phone numbers, email addresses, data you enter into a contact form, user data such as which buttons you click, who you like or follow, when you visited which pages, information about your device, and your IP address. Most of this data is stored in cookies. Specifically, if you have your own profile on the social media channel you visit and are logged in, data can be linked to your profile.

All data collected via a social media platform is also stored on the provider's servers. Thus, only the providers have access to the data and can provide you with the appropriate information or make changes.

If you want to know precisely what data is stored and processed by social media providers and how you can object to data processing, you should carefully read the respective company's privacy policy. Even if you have questions about data storage and data processing or wish to assert your rights, we recommend contacting the provider directly.

Duration of data processing

We will inform you about the duration of data processing below, if we have further information on this. For example, the social media platform Facebook stores data until it is no longer needed for its own purpose. However, customer data that is matched with its own user data is deleted within two days. In general, we only process personal data for as long as it is absolutely necessary for the provision of our services and products. If, as is the case with accounting, for example, it is legally required, this storage period may also be extended.

Right of objection

You also have the right and the option at any time to revoke your consent to the use of cookies or third parties such as embedded social media elements. This can be done either through our cookie management tool or through other opt-out functions. For example, you can also prevent data collection by cookies by managing, disabling, or deleting cookies in your browser.

Since social media tools may use cookies, we also recommend our general cookie privacy policy. To find out exactly what data is stored and processed about you, you should read the privacy policies of the respective tools.

Legal basis

If you have consented to data about you being processed and stored by embedded social media elements, this consent is considered the legal basis for data processing. (Art. 6(1)(a) GDPR). In principle, your data will also be processed based on our legitimate interest, provided consent is given. (Art. 6(1)(f) GDPR) for quick and good communication with you or other customers and business partners. We only use the tools if you have given your consent. Most social media platforms also use cookies in your browser to store data. Therefore, we recommend that you read our data protection text on cookies carefully and consult the privacy policy or cookie policies of the respective service provider.

Information on special social media platforms can be found, if available, in the following sections.

Facebook Privacy Policy

Facebook Privacy Policy Summary 👥 Affected Parties: Website visitors Purpose: Optimization of our service performance Processed data: Data such as customer data, user behavior data, information about your device, and your IP address. More details can be found below in the privacy policy. Storage duration: until the data is no longer useful for Facebook's purposes Legal basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate interests)

What are Facebook tools?

We use selected tools from Facebook on our website. Facebook is a social media network operated by Meta Platforms Inc. or, for the European region, by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. These tools enable us to offer you and people interested in our products and services the best possible experience.

If data is collected from you and forwarded via our embedded Facebook elements or via our Facebook page (fan page), both we and Facebook Ireland Ltd. are responsible. Facebook alone is responsible for the further processing of this data. Our joint obligations were also laid down in a publicly accessible agreement at https://www.facebook.com/legal/controller_addendum anchored. This states, for example, that we must clearly inform you about the use of Facebook tools on our website. Furthermore, we are also responsible for ensuring that the tools are integrated into our website in a data protection-compliant manner. Facebook, on the other hand, is responsible for the data security of Facebook products, for example. If you have any questions about data collection and data processing by Facebook, you can contact the company directly. If you direct the question to us, we are obliged to forward it to Facebook.

Below we provide an overview of the various Facebook tools, what data is sent to Facebook, and how you can delete this data.

In addition to many other products, Facebook also offers what are known as “Facebook Business Tools.” This is Facebook's official designation. However, since the term is not widely known, we have decided to simply call them Facebook Tools. These include, among others:

• Facebook Pixel
• social plugins (such as the „Like“ or „Share“ button)
• Facebook Login
• Account Kit
• APIs (Application Programming Interface)
• SDKs (Software Development Kit)
• Platform Integrations
• Plugins
• Codes
• Specifications
• Documentation
• Technologies and Services

Through these tools, Facebook expands its services and gains the ability to obtain information about user activities outside of Facebook.

Why do we use Facebook tools on our website?

We want to show our services and products only to people who are truly interested in them. Using advertisements (Facebook Ads) allows us to reach exactly these people. For Facebook to show users relevant ads, however, it needs information about people's wishes and needs. This provides the company with information about user behavior (and contact details) on our website. Facebook then collects better user data and can show interested people relevant ads for our products or services. The tools thus enable tailor-made advertising campaigns on Facebook.

Facebook calls data about your behavior on our website „event data.“ This is also used for measurement and analysis services. Facebook can thus create „campaign reports“ on the effectiveness of our advertising campaigns on our behalf. Furthermore, through analysis, we gain a better insight into how you use our services, website, or products. With some of these tools, we optimize your user experience on our website. For example, with social plug-ins, you can share content directly from our site to Facebook.

What data is stored by Facebook tools?

By using individual Facebook tools, personal data (customer data) can be sent to Facebook. Depending on the tools used, customer data such as name, address, phone number, and IP address may be transmitted.

Facebook uses this information to match the data with the data it has on you itself (if you are a Facebook member). Before customer data is transmitted to Facebook, a so-called „hashing“ takes place. This means that a data set of any size is transformed into a string of characters. This also serves to encrypt data.

In addition to contact information, „event data“ is also transmitted. „Event data“ refers to the information we receive about you on our website. For example, which subpages you visit or which products you buy from us. Facebook does not share the information received with third parties (such as advertisers) unless the company has explicit permission or is legally obligated to do so. „Event data“ can also be linked with contact data. This allows Facebook to offer better personalized advertising. After the aforementioned matching process, Facebook deletes the contact data again.

To deliver ads optimally, Facebook uses event data only when it has been aggregated with other data (collected by Facebook in other ways). Facebook also uses this event data for security, protection, development, and research purposes. Much of this data is transferred to Facebook via cookies. Cookies are small text files used to store data or information in browsers. Depending on the tools used and whether you are a Facebook member, a varying number of cookies will be created in your browser. We will provide more details on individual Facebook cookies in the descriptions of each Facebook tool. General information about the use of Facebook cookies can also be found at https://www.facebook.com/policies/cookies.

How long and where will the data be stored?

Facebook generally stores data until it's no longer needed for its own services and products. Facebook has servers distributed worldwide where its data is stored. However, customer data is deleted within 48 hours after it has been matched with its own user data.

How can I delete my data or prevent data storage?

In accordance with the General Data Protection Regulation, you have the right to access, rectify, port, and erase your data.

Data will only be completely deleted if you permanently delete your Facebook account. Here's how to delete your Facebook account:

1) Click Settings on the right side of Facebook.

2) Next, click „Your Facebook Information“ in the left-hand column.

3) Now click “Deactivation and deletion”.

4) Now select „Delete account“ and then click „Continue to delete account“

5) Now enter your password, click „Next“, and then click „Delete Account“

The storage of data that Facebook receives about our site is done through cookies, among other things (e.g., with social plugins). In your browser, you can deactivate, delete, or manage individual or all cookies. Depending on the browser you use, this works in different ways. In the „Cookies“ section, you will find the corresponding links to the instructions for the most common browsers.

If you fundamentally do not want cookies, you can set up your browser to always inform you when a cookie is to be set. This way, you can decide for each individual cookie whether to allow it or not.

Legal basis

If you have consented to the processing and storage of your data by integrated Facebook tools, this consent is considered the legal basis for data processing. (Art. 6(1)(a) GDPR). Basically, your data will also be processed based on our legitimate interest (Art. 6(1)(f) GDPR) stored and processed for quick and good communication with you or other customers and business partners. We only use the tools to the extent that you have given your consent. Most social media platforms also set cookies in your browser to store data. Therefore, we recommend that you read our data protection text on cookies carefully and view the data protection declaration or the cookie policies of Facebook.

Facebook processes data from you, including in the USA. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may involve various risks to the lawfulness and security of data processing.

Facebook uses so-called Standard Contractual Clauses (= Art. 46 (2) and (3) GDPR) as the basis for data processing by recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfers there. Standard Contractual Clauses (SCCs) are model clauses provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even when transferred to third countries (such as the USA) and stored there. Through these clauses, Facebook undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

You can find the Facebook Data Processing Addendum, which corresponds to the Standard Contractual Clauses, at https://www.facebook.com/legal/terms/dataprocessing.

We hope we have provided you with the most important information about the use and data processing by Facebook's tools. If you want to learn more about how Facebook uses your data, we recommend the data policy on https://www.facebook.com/about/privacy/update.

Facebook Fan Page Privacy Policy

We also have a Facebook fan page for our website. The service provider is the American company Meta Platforms Inc. For the European region, the company Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) is responsible.

Facebook processes data from you, including in the USA. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may involve various risks to the lawfulness and security of data processing.

Facebook uses so-called Standard Contractual Clauses (= Art. 46 (2) and (3) GDPR) as the basis for data processing by recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfers there. Standard Contractual Clauses (SCCs) are model clauses provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even when transferred to third countries (such as the USA) and stored there. Through these clauses, Facebook undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Facebook Data Processing Addendum, which complies with the Standard Contractual Clauses, can be found at https://www.facebook.com/legal/terms/dataprocessing.

Learn more about the data processed through the use of Facebook in the Privacy Policy at https://www.facebook.com/about/privacy.

Instagram Privacy Policy

Instagram Privacy Policy Summary 👥 Affected Parties: Website visitors Purpose: Optimization of our service performance Processed data: Data such as user behavior data, information about your device, and your IP address. More details can be found below in the privacy policy. 📅 Storage duration: until Instagram no longer needs the data for its purposes Legal basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate interests)

What is Instagram?

We have integrated Instagram features on our website. Instagram is a social media platform of the company Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Instagram has been a subsidiary of Meta Platforms Inc. since 2012 and is among the Facebook products. Embedding Instagram content on our website is called embedding. This allows us to show you content such as buttons, photos, or videos from Instagram directly on our website. When you access pages on our website that have integrated an Instagram function, data is transmitted to, stored, and processed by Instagram. Instagram uses the same systems and technologies as Facebook. Your data will therefore be processed across all Facebook companies.

Hereinafter, we want to give you a more detailed insight into why Instagram collects data, what data it is, and how you can largely control data processing. Since Instagram belongs to Meta Platforms Inc., we are drawing our information on the one hand from Instagram's policies and on the other hand from Meta's privacy policies themselves.

Instagram is one of the best-known social media networks worldwide. Instagram combines the advantages of a blog with the advantages of audiovisual platforms like YouTube or Vimeo. You can upload photos and short videos on „Insta“ (as many users casually call the platform), edit them with various filters, and also share them on other social networks. And if you don't want to be active yourself, you can also just follow other interesting users.

Why do we use Instagram on our website?

Instagram is that social media platform that has really taken off in recent years. And of course, we've also reacted to this boom. We want you to feel as comfortable as possible on our website. That's why a varied presentation of our content is a matter of course for us. Through the embedded Instagram features, we can enrich our content with helpful, funny, or exciting content from the Instagram world. Since Instagram is a subsidiary of Facebook, the data collected can also be useful for personalized advertising on Facebook. This way, our advertisements only reach people who are truly interested in our products or services.

Instagram also uses the collected data for measurement and analysis purposes. We receive summarized statistics, giving us more insight into your wishes and interests. It is important to mention that these reports do not personally identify you.

What data is stored by Instagram?

If you visit one of our pages that incorporates Instagram features (such as Instagram images or plug-ins), your browser will automatically connect to Instagram's servers. Data will be sent to, stored, and processed by Instagram. This applies regardless of whether you have an Instagram account. This includes information about our website, your computer, purchases made, advertisements you see, and how you use our services. Furthermore, the date and time of your interaction with Instagram will also be stored. If you have an Instagram account or are logged in, Instagram will store significantly more data about you.

Facebook distinguishes between customer data and event data. We assume this is exactly the same for Instagram. Customer data includes, for example, name, address, phone number, and IP address. This customer data will only be transmitted to Instagram after it has been „hashed.“ Hashing means that a data record is transformed into a string of characters. This allows contact data to be encrypted. In addition, the „event data“ mentioned above will also be transmitted. Facebook - and consequently Instagram - understands „event data“ as data about your user behavior. It can also happen that contact data is combined with event data. The collected contact data is compared with the data Instagram already has from you.

Collected data is transmitted to Facebook via small text files (cookies) that are typically set in your browser. The amount of data stored depends on the Instagram features used and whether you have an Instagram account yourself.

We assume that data processing works the same way on Instagram as on Facebook. This means: if you have an Instagram account or www.instagram.com If you have visited, Instagram has at least set a cookie. If this is the case, your browser will send information to Instagram via the cookie as soon as you interact with an Instagram feature. At the latest, after 90 days (after reconciliation), this data will be deleted or anonymized again. Although we have dealt intensively with Instagram's data processing, we cannot say exactly what data Instagram collects and stores.

Below we show you cookies that are at least set in your browser when you click on an Instagram feature (such as a button or an Insta image). In our test, we assume that you do not have an Instagram account. If you are logged into Instagram, significantly more cookies will naturally be set in your browser.

These cookies were used in our test:

Name: csrftoken
Value “”
Purpose of use This cookie is most likely set for security reasons to prevent request forgery. However, we were unable to ascertain this definitively.
Expiration date after one year

Name: middle
Value “”
Purpose of use Instagram uses this cookie to optimize its services and offers both within and outside of Instagram. The cookie sets a unique user ID.
Expiration date after the session ends

Name: fbsr_122454004124024
Value No information
Purpose of use This cookie stores the login request for users of the Instagram app.
Expiration date after the session ends

Name: rur
Value ATN
Purpose of use This is an Instagram cookie that ensures functionality on Instagram.
Expiration date after the session ends

Name: urlgen
Value “{ ”194.96.75.33”: 1901 }:1iEtYv:Y833k2_UjKvXgYe122454004”
Purpose of use This cookie is for Instagram's marketing purposes.
Expiration date after the session ends

Note: We cannot claim completeness here. Which cookies are set in individual cases depends on the embedded functions and your use of Instagram.

How long and where will the data be stored?

Instagram shares the information received between Facebook companies, with external partners, and with people you connect with worldwide. Data processing is carried out in accordance with its own data policy. Your data is distributed across Facebook servers around the world, for security reasons among others. Most of these servers are located in the USA.

How can I delete my data or prevent data storage?

Thanks to the General Data Protection Regulation, you have the right to access, transfer, rectify, and erase your data. You can manage your data in Instagram's settings. If you want to completely delete your data on Instagram, you must permanently delete your Instagram account.

And here's how to delete your Instagram account:

First, open the Instagram app. On your profile page, scroll down and click on „Help Center.“ You will now be taken to the company's website. On the website, click on „Manage your account“ and then „Delete your account.“.

If you completely delete your account, Instagram will delete posts such as your photos and status updates. Information that other people have shared about you does not belong to your account and will therefore not be deleted.

As mentioned above, Instagram primarily stores your data via cookies. You can manage, disable, or delete these cookies in your browser. Depending on your browser, the management process always works a little differently. Under the „Cookies“ section, you will find the corresponding links to the specific instructions for the most popular browsers.

You can also generally configure your browser to always be informed when a cookie is to be set. Then you can always decide individually whether you want to allow the cookie or not.

Legal basis

If you have consented to data about you being processed and stored by embedded social media elements, this consent is considered the legal basis for data processing. (Art. 6(1)(a) GDPR). Basically, your data will also be processed based on our legitimate interest (Art. 6(1)(f) GDPR) stored and processed for quick and good communication with you or other customers and business partners. We use the integrated social media elements only if you have given your consent. Most social media platforms also set cookies in your browser to store data. Therefore, we recommend that you read our data protection text on cookies carefully and review the data protection policy or cookie guidelines of the respective service provider.

Instagram or Facebook processes data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This can be associated with various risks to the lawfulness and security of data processing.

As a basis for data processing by recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, and particularly in the USA) or for data transfer to these countries, Facebook uses Standard Contractual Clauses approved by the EU Commission (= Art. 46 (2) and (3) GDPR). These clauses oblige Facebook to maintain the EU data protection level when processing relevant data outside the EU. These clauses are based on an implementing decision of the EU Commission. You can find the decision as well as the clauses here, among other places: https://germany.representation.ec.europa.eu/index_de.

We have tried to provide you with the most important information about data processing by Instagram. On https://help.instagram.com/519522125107875
Can you delve deeper into Instagram's data policies?.

LinkedIn Privacy Policy

LinkedIn Privacy Policy Summary 👥 Affected Parties: Website visitors Purpose: Optimization of our service performance Processed data: Data such as user behavior data, information about your device, and your IP address. More details can be found below in the privacy policy. Storage duration: data will generally be deleted within 30 days Legal basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate interests)

What is LinkedIn?

We use social plug-ins from the social media network LinkedIn, operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA, on our website. The social plug-ins may include feeds, content sharing, or links to our LinkedIn page. The social plug-ins are clearly identifiable by the well-known LinkedIn logo and allow, for example, sharing interesting content directly from our website. For the European Economic Area and Switzerland, LinkedIn Ireland Unlimited Company, Wilton Place in Dublin, is responsible for data processing.

By embedding such plugins, data can be sent to, stored, and processed by LinkedIn. In this privacy policy, we want to inform you about what data is involved, how the network uses this data, and how you can manage or prevent data storage.

LinkedIn is the largest social network for business contacts. Unlike, for example, Facebook, the company focuses exclusively on building business connections. Companies can showcase services and products on the platform and establish business relationships. Many people also use LinkedIn to search for jobs or to find suitable employees for their own company. In Germany alone, the network has over 11 million members. In Austria, there are about 1.3 million.

Why do we use LinkedIn on our website?

We know how busy you are, and it's impossible to keep up with all social media channels individually. Even if it would be worthwhile, as in our case. We often post interesting news or reports that are worth sharing. That's why we've created a feature on our website to share interesting content directly on LinkedIn or link directly to our LinkedIn page. We consider built-in social plug-ins an extended service on our website. The data LinkedIn collects also helps us show potential advertising measures only to people who are interested in our offerings.

What data is stored by LinkedIn?

LinkedIn does not save personal data merely by integrating social plug-ins. LinkedIn calls this data generated by plug-ins „passive impressions.“ However, if you click on a social plug-in to share our content, for example, the platform saves personal data as so-called "active impressions." This is regardless of whether you have a LinkedIn account or not. If you are logged in, the data collected will be associated with your account.

Your browser establishes a direct connection to LinkedIn's servers when you interact with our plug-ins. The company thus logs various usage data. In addition to your IP address, this can include login data, device information, or details about your internet or mobile provider. If you access LinkedIn services via your smartphone, your location can also be determined (after you have allowed it). LinkedIn may also share this data in „hashed“ form with third-party advertisers. Hashing means that a data record is transformed into a string of characters. This allows the data to be encrypted in such a way that individuals can no longer be identified.

Most data about your user behavior is stored in cookies. These are small text files that are usually placed in your browser. Furthermore, LinkedIn may also use web beacons, pixel tags, ad tags, and other device identifiers.

Diverse tests also show which cookies are set when a user interacts with a social plug-in. The data found cannot claim to be complete and serves only as an example. The following cookies were set without being logged into LinkedIn:

Name: bcookie
Value =2&34aab2aa-2ae1-4d2a-8baf-c2e2d7235c16122454004-
Purpose of use The cookie is a so-called „browser ID cookie“ and therefore stores your identification number (ID).
Expiration date After 2 years

Name: language
Value v=2&lang=en-us
Purpose of use This cookie stores your preset or preferred language.
Expiration date after session end

Name: lidc
Value 1818367:t=1571904767:s=AQF6KNnJ0G122454004…
Purpose of use This cookie is used for routing. Routing records the paths you took to get to LinkedIn and how you navigate the website once you are there.
Expiration date after 24 hours

Name: Real-time communication
Value kt0lrv3NF3x3t6xvDgGrZGDKkX
Purpose of use No further information could be obtained about this cookie.
Expiration date after 2 minutes

Name: JSESSIONID
Value ajax:1224540042900777718326218137
Purpose of use This is a session cookie used by LinkedIn to maintain anonymous user sessions through the server.
Expiration date after session end

Name: bscookie
Value “v=1&201910230812…
Purpose of use This cookie is a security cookie. LinkedIn describes it as a secure browser ID cookie.
Expiration date after 2 years

Name: fid
Value AQHj7Ii23ZBcq
Purpose of use No further information could be found about this cookie.
Expiration date after 7 days

Note: LinkedIn also works with third parties. That's why we detected the two Google Analytics cookies _ga and _gat during our test.

How long and where will the data be stored?

LinkedIn generally retains your personal data for as long as the company deems it necessary to provide its services. However, LinkedIn deletes your personal data when you delete your account. In some exceptional cases, LinkedIn retains some data in summarized and anonymized form even after you delete your account. Once you delete your account, other people will not be able to see your data within one day. LinkedIn generally deletes the data within 30 days. However, LinkedIn retains data if it is necessary due to legal obligations. Data that can no longer be associated with individuals will remain stored even after the account is closed. The data is stored on various servers in America and presumably also in Europe.

How can I delete my data or prevent data storage?

You have the right to access and delete your personal data at any time. You can manage, modify, and delete your data within your LinkedIn account. Additionally, you can request a copy of your personal data from LinkedIn.

Here's how to access your account details in your LinkedIn profile:

Click on your profile icon in LinkedIn and select „Settings & Privacy.“ Now, click „Data Privacy“ and then, under the „How LinkedIn uses your data„ section, click “Change." In a short amount of time, you can download selected data about your web activity and account history.

You also have the option in your browser to prevent data processing by LinkedIn. As mentioned above, LinkedIn stores most data via cookies that are set in your browser. You can manage, disable, or delete these cookies. Depending on your browser, the management works slightly differently. In the „Cookies“ section, you will find the corresponding links to the respective instructions for the most common browsers.

You can also generally configure your browser to always inform you when a cookie is to be set. Then you can always individually decide whether you want to allow the cookie or not.

Legal basis

If you have consented to data about you being processed and stored by embedded social media elements, this consent is considered the legal basis for data processing. (Art. 6(1)(a) GDPR). Basically, your data will also be processed based on our legitimate interest (Art. 6(1)(f) GDPR) stored and processed for quick and good communication with you or other customers and business partners. We use the integrated social media elements only if you have given your consent. Most social media platforms also set cookies in your browser to store data. Therefore, we recommend that you read our data protection text on cookies carefully and review the data protection policy or cookie guidelines of the respective service provider.

LinkedIn processes data from you, including in the USA. We point out that, according to the European Court of Justice, there is currently no adequate level of data protection for data transfers to the USA. This may involve various risks to the lawfulness and security of data processing.

LinkedIn uses Standard Contractual Clauses (SCCs) as the basis for data processing by recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, and specifically in the USA) or for data transfers to such countries, pursuant to Art. 46(2) and (3) of the GDPR. Standard Contractual Clauses (SCCs) are model clauses provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even when it is transferred to and stored in third countries (such as the USA). Through these clauses, LinkedIn commits to adhering to European data protection levels when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses, among other places, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

More information on LinkedIn's Standard Contractual Clauses can be found at https://de.linkedin.com/legal/l/dpa or https://www.linkedin.com/legal/l/eu-sccs.

We have tried to provide you with the most important information about data processing by LinkedIn. On https://www.linkedin.com/legal/privacy-policy Learn even more about the data processing of the social media network LinkedIn.

Pinterest Privacy Policy

Pinterest Privacy Policy Summary 👥 Affected Parties: Website visitors Purpose: Optimization of our service performance Processed data: Data such as data on user behavior, information about your device, your IP address, and search terms. More details can be found below in the privacy policy. Storage duration: until Pinterest no longer needs the data for its purposes Legal basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate interests)

What is Pinterest?

We use buttons and widgets from the social media network Pinterest, from the company Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103, USA, on our website. For the European region, the Irish company Pinterest Europe Ltd. (Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland) is responsible for all data protection-relevant aspects.

Pinterest is a social network that specializes in visual representations or photographs. The name is a combination of the words „pin“ and „interest.“ Users can exchange information about various hobbies and interests via Pinterest and view profiles with pictures, either openly or in defined groups.

Why do we use Pinterest?

Pinterest has been around for several years now, and this social media platform continues to be one of the most visited and valued platforms. Pinterest is particularly suitable for our industry because the platform is primarily known for beautiful and interesting images. That's why we are naturally present on Pinterest and want to showcase our content accordingly, even beyond our website. The data collected can also be used for advertising purposes, allowing us to show advertising messages to precisely those people who are interested in our services or products.

What data does Pinterest process?

So-called log data can be stored. This includes information about your browser, IP address, the address of our website and the activities carried out on it (for example, when you click the Save or Pin button), search history, date and time of the request, and cookie and device data. If you interact with an embedded Pinterest function, cookies that store various data may also be set in your browser. For the most part, the log data mentioned above, default language settings, and clickstream data are stored in cookies. Pinterest understands clickstream data as information about your website behavior.

If you have a Pinterest account yourself and are logged in, the data collected through our page can be added to your account and used for advertising purposes. When you interact with our embedded Pinterest features, you will usually be redirected to the Pinterest page. Here you can see an exemplary selection of cookies that will then be set in your browser.

Name: _auth
Value 0
Purpose of use The cookie is used for authentication. It can store a value such as your “username.”. 
Expiration date after one year

Name: _pinterest_referrer
Value 1
Purpose of use The cookie stores that you arrived at Pinterest via our website. Therefore, the URL of our website is stored.
Expiration date after session end

Name: pinterest_sess
Value …9HRHZvVE0rQlUxdG89
Purpose of use The cookie is used for logging into Pinterest and contains user IDs, authentication tokens, and timestamps.
Expiration date after one year

Name: _routing_id
Value “8d850ddd-4fb8-499c-961c-77efae9d4065122454004-8”
Purpose of use The cookie contains an assigned value used to identify a specific routing destination.
Expiration date after a day

Name: cm_sub
Value denied
Purpose of use This cookie stores a user ID and a timestamp.
Expiration date after one year

Name: csrftoken
Value 9e49145c82a93d34fd933b0fd8446165122454004-1
Purpose of use This cookie is most likely set for security reasons to prevent request forgery. However, we were unable to ascertain this definitively.
Expiration date after one year

Name: sessionFunnelEventLogged
Value 1
Purpose of use We have not yet been able to gather any further information about this cookie.
Expiration date after a day

How long and where will the data be stored?

Pinterest generally stores the data collected until it is no longer needed for the company's purposes. Once data retention is no longer necessary, for example, to comply with legal requirements, the data will either be deleted or anonymized so that you can no longer be identified as a person. The data may also be stored on American servers.

Right of objection

You also have the right and the ability to revoke your consent to the use of cookies or third parties like Pinterest at any time. This can be done either through our cookie management tool or through other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating, or deleting cookies in your browser.

Since embedded Pinterest elements may use cookies, we also recommend our general cookie privacy policy. To learn exactly what data is stored and processed about you, you should read the privacy policies of the respective tools.

Legal basis

If you have consented to data about you being processed and stored by embedded social media elements, this consent is considered the legal basis for data processing. (Art. 6(1)(a) GDPR). Basically, your data will also be processed based on our legitimate interest (Art. 6(1)(f) GDPR) stored and processed for fast and good communication with you or other customers and business partners. We only use the tool to the extent that you have given your consent. Most social media platforms also use cookies in your browser to store data. Therefore, we recommend that you carefully read our privacy policy regarding cookies and consult the privacy policy or cookie policy of the respective service provider.

Pinterest processes data from you in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of data protection for data transfer to the USA. This can be associated with various risks to the lawfulness and security of data processing.

Pinterest uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR) as the basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or data transfer to these countries. Standard Contractual Clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, Pinterest undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de.

You can find more information on the standard contractual clauses at Pinterest at https://policy.pinterest.com/de/privacy-policy#section-residents-of-the-eea.

We've tried to give you the most important information about data processing by Pinterest. On https://policy.pinterest.com/de/privacy-policy Can you elaborate further on Pinterest's data policies?.

Audio & Video Introduction

Audio & Video Privacy Policy Summary 👥 Affected Parties: Website visitors Purpose: Optimization of our service performance Processed data: Data such as contact details, data on user behavior, information about your device, and your IP address may be stored. More details on this can be found in the corresponding privacy policy texts below. Storage duration: Data is generally stored as long as it is necessary for the purpose of the service Legal basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate interests)

What are audio and video elements?

We have embedded audio and video elements on our website so that you can watch videos or listen to music/podcasts directly on our website. The content is provided by service providers. Therefore, all content is also sourced from the respective providers' servers.

These are embedded functional elements from platforms such as YouTube, Vimeo, or Spotify. Using these portals is generally free, but paid content can also be published. With the help of these embedded elements, you can listen to or watch the respective content on our website.

When you use audio or video elements on our website, personal data about you may also be transmitted, processed, and stored by service providers.

Why do we use audio and video elements on our website?

Of course, we want to provide you with the best offer on our website. And we are aware that content can no longer be conveyed solely through text and static images. Instead of simply giving you a link to a video, we offer audio and video formats directly on our website that are entertaining or informative, and ideally both. This expands our service and makes it easier for you to access interesting content. Thus, in addition to our texts and images, we also offer video and/or audio content.

What data is stored by audio & video elements?

When you access a page on our website that has an embedded video, for example, your server connects to the server of the service provider. Your data is also transmitted to the third-party provider and stored there. Some data is collected and stored regardless of whether you have an account with the third-party provider or not. This usually includes your IP address, browser type, operating system and other general information about your end device. In addition, most providers also collect information about your web activity. This includes, for example, session duration, bounce rate, which button you clicked on or which website you used to access the service. All this information is usually stored using cookies or pixel tags (also known as web beacons). Pseudonymized data is usually stored in cookies in your browser. You can always find out exactly which data is stored and processed in the privacy policy of the respective provider.

Duration of data processing

You can find out exactly how long data is stored on third-party servers either further down in the privacy text of the respective tool or in the provider's privacy policy. In principle, personal data is always processed only as long as it is absolutely necessary for the provision of our services or products. This also generally applies to third parties. You can usually expect that certain data will be stored on third-party servers for several years. Data can be stored for varying lengths of time, especially in cookies. Some cookies are deleted after you leave the website, while others can be stored in your browser for several years.

Right of objection

You also have the right and the option to withdraw your consent to the use of cookies or third parties at any time. This can be done either through our cookie management tool or through other opt-out functions. For example, you can also prevent data collection by cookies by managing, disabling, or deleting cookies in your browser. The lawfulness of processing until withdrawal remains unaffected.

Since embedded audio and video features on our site often use cookies, you should also read our general privacy policy regarding cookies. You can find more information about how your data is handled and stored in the privacy policies of the respective third-party providers.

Legal basis

If you have consented to data being processed and stored by embedded audio and video elements, this consent is considered the legal basis for data processing. (Art. 6(1)(a) GDPR). Basically, your data will also be processed based on our legitimate interest (Art. 6(1)(f) GDPR) stored and processed for quick and good communication with you or other customers and business partners. We only use the embedded audio and video elements to the extent that you have given your consent.

YouTube Privacy Policy

YouTube Privacy Policy Summary 👥 Affected Parties: Website visitors Purpose: Optimization of our service performance Processed data: Data such as contact details, data on user behavior, information about your device, and your IP address may be stored. More details on this can be found further down in this privacy policy. Storage duration: Data is generally stored as long as it is necessary for the purpose of the service Legal basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate interests)

What is YouTube?

We have embedded YouTube videos on our website. This allows us to present interesting videos directly on our site. YouTube is a video portal that has been a subsidiary of Google since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page on our website that has an embedded YouTube video, your browser automatically connects to YouTube or Google servers. In the process, various data are transmitted (depending on your settings). Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all data processing within the European region.

Here, we will explain in more detail which data is processed, why we have embedded YouTube videos, and how you can manage or delete your data.

On YouTube, users can watch, rate, comment on, and upload videos for free. Over the past few years, YouTube has become one of the most important social media channels worldwide. To display videos on our website, YouTube provides a code snippet that we have incorporated into our site.

Why do we use YouTube videos on our website?

YouTube is the video platform with the most visitors and the best content. We strive to offer you the best possible user experience on our website. And of course, interesting videos should not be missing. With the help of our embedded videos, we provide you with additional helpful content alongside our texts and images. Furthermore, embedded videos make our website easier to find on the Google search engine. Even when we run advertisements through Google Ads, Google can – thanks to the collected data – show these ads only to people who are interested in our offers.

YouTube speichert verschiedene Daten, darunter: * **Nutzungsdaten:** Welche Videos Sie ansehen, wie lange Sie sie ansehen, welche Videos Sie mögen, nicht mögen oder teilen, welche Suchbegriffe Sie verwenden, welche Kanäle Sie abonnieren. * **Geräteinformationen:** IP-Adresse, Browser-Typ und -Einstellungen, Betriebssystem, Geräteeinstellungen, eindeutige Gerätekennungen, Mobilfunkanbieterinformationen. * **Speicherinformationen:** Protokolldaten, Cookies und ähnliche Technologien. * **Standortinformationen:** Wenn Sie dem zustimmen, kann YouTube Ihren ungefähren oder genauen Standort ermitteln. * **Demografische Informationen:** Alter, Geschlecht, Sprache (basierend auf Profilinformationen, Aktivitäten und Partnerinformationen). * **Interaktionen mit Anzeigen und anderen Nutzern:** Informationen, die Sie bei der Teilnahme an Umfragen, Quiz oder Live-Chats preisgeben. * **Von Ihnen bereitgestellte Informationen:** Wenn Sie ein Google-Konto haben, werden Ihre Informationen mit YouTube geteilt, einschließlich Name, E-Mail-Adresse, Telefonnummer und Aktivitäten auf anderen Google-Diensten. * **Inhaltsersteller-bezogene Daten:** Wenn Sie Inhalte hochladen, werden die Metadaten, Videoinhalte, Kommentare und andere Informationen, die Sie bereitstellen, gespeichert.

As soon as you visit one of our pages that has an embedded YouTube video, YouTube will set at least one cookie that stores your IP address and our URL. If you are logged into your YouTube account, YouTube can usually associate your interactions on our website with your profile using cookies. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution, or your internet provider. Further data may include contact details, any ratings, sharing content via social media, or adding to your favorites on YouTube.

If you are not signed in to a Google Account or a YouTube Account, Google will store data with a unique identifier associated with your device, browser, or app. For example, this will help maintain your preferred language settings. However, many interaction data cannot be saved because fewer cookies are being set.

In the following list, we show cookies that were set in a browser test. On the one hand, we show cookies that are set without a logged-in YouTube account. On the other hand, we show cookies that are set with a logged-in account. The list cannot claim completeness because user data always depends on interactions on YouTube.

Name: YSC
Value b9-CV6ojI5Y122454004-1
Purpose of use This cookie registers a unique ID to save statistics of the viewed video.
Expiration date after session end

Name: PREF
Value f1=50000000
Purpose of use This cookie also registers your unique ID. Google receives statistics via PREF on how you use YouTube videos on our website.
Expiration date after 8 months

Name: GPS
Value 1
Purpose of use This cookie registers your unique ID on mobile devices to track GPS location.
Expiration date after 30 minutes

Name: VISITOR_INFO1_LIVE
Value 95Chz8bagyU
Purpose of use This cookie attempts to estimate the user's bandwidth on our websites (with embedded YouTube video).
Expiration date after 8 months

Additional cookies that are set when you are logged in with your YouTube account:

Name: APISID
Value zILlvClZSkqGsSwI/AU1aZI6HY7122454004-
Purpose of use This cookie is used to create a profile of your interests. The data is used for personalized advertisements.
Expiration date after 2 years

Name: Consent
Value YES+AT.de+20150628-20-0
Purpose of use The cookie stores a user's consent status for the use of various Google services. CONSENT also serves for security purposes, to verify users and protect user data from unauthorized attacks.
Expiration date after 19 years

Name: HSID
Value AcRwpgUik9Dveht0I
Purpose of use This cookie is used to build a profile of your interests. This data helps to display personalized advertising.
Expiration date after 2 years

Name: LOGIN INFO
Value AFmmF2swRQIhALl6aL…
Purpose of use This cookie stores information about your login details.
Expiration date after 2 years

Name: SAPISID
Value 7oaPxoG-pZsJuuF5/AnUdDUIsJ9iJz2vdM
Purpose of use This cookie uniquely identifies your browser and device. It is used to build a profile of your interests.
Expiration date after 2 years

Name: SID
Value oQfNKjAsI122454004-
Purpose of use This cookie stores your Google account ID and your last login time in digitally signed and encrypted form.
Expiration date after 2 years

Name: SIDCC
Value AN0-TYuqub2JOcDTyL
Purpose of use This cookie stores information on how you use the website and what advertising you may have seen before visiting our site.
Expiration date after 3 months

How long and where will the data be stored?

The data that YouTube receives and processes from you is stored on Google servers. Most of these servers are located in America. Under https://www.google.com/about/datacenters/locations/?hl=de See exactly where the Google data centers are located. Your data is distributed across servers. This makes data retrievable faster and better protected against manipulation.

Google stores the data it collects for different lengths of time. Some data can be deleted by you at any time, other data is automatically deleted after a limited time, and still other data is stored by Google for longer periods. Some data (such as items from „My Activity,“ photos or documents, products) stored in your Google Account remain stored until you delete them. Even if you are not signed in to a Google Account, you can delete some data associated with your device, browser, or app.

How can I delete my data or prevent data storage?

In principle, you can manually delete data in your Google Account. With the automatic deletion function for location and activity data, introduced in 2019, information is stored for either 3 or 18 months, depending on your decision, and then deleted.

Regardless of whether you have a Google account or not, you can configure your browser to delete or disable Google cookies. The way this works varies depending on the browser you use. Under the „Cookies“ section, you will find links to the corresponding instructions for the most popular browsers.

If you fundamentally do not want cookies, you can set up your browser to always inform you when a cookie is to be set. This way, you can decide for each individual cookie whether to allow it or not.

Legal basis

If you have consented to your data being processed and stored by embedded YouTube elements, this consent is considered the legal basis for data processing. (Art. 6(1)(a) GDPR). Basically, your data will also be processed based on our legitimate interest (Art. 6(1)(f) GDPR) to a fast and good communication with you or other customers and business partners will be stored and processed. Nevertheless, we only use the embedded YouTube elements if you have given your consent. YouTube also sets cookies in your browser to store data. Therefore, we recommend that you read our data protection text on cookies carefully and view the data protection declaration or the cookie policies of the respective service provider.

YouTube also processes data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This can be associated with various risks to the lawfulness and security of data processing.

For the basis of data processing by recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e., in particular the USA) or for data transfers there, YouTube uses standard contractual clauses approved by the EU Commission (= Art. 46 (2) and (3) GDPR). These clauses oblige YouTube to maintain the EU data protection level when processing relevant data, even outside the EU. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the clauses here, among other places: https://germany.representation.ec.europa.eu/index_de.

Since YouTube is a subsidiary of Google, there is a joint privacy policy. If you want to learn more about how your data is handled, we recommend the privacy policy at https://policies.google.com/privacy?hl=de.

YouTube Subscribe Button Privacy Policy

We have embedded the YouTube Subscribe button on our website. You can usually recognize the button by the classic YouTube logo. The logo shows the words „Subscribe“ or „YouTube“ in white lettering on a red background, with the white „Play symbol“ to the left. However, the button can also be displayed in a different design.

Our YouTube channel offers you fun, interesting, or exciting videos time and time again. With the built-in „Subscribe button,“ you can subscribe to our channel directly from our website and don't have to navigate to the YouTube website separately. We aim to make accessing our comprehensive content as easy as possible for you. Please note that YouTube may store and process your data as a result.

If you see an embedded subscription button on our site, YouTube – according to Google – sets at least one cookie. This cookie stores your IP address and our URL. YouTube can also learn information about your browser, your approximate location, and your default language. During our test, the following four cookies were set without being logged into YouTube:

Name: YSC
Value b9-CV6ojI5122454004Y
Purpose of use This cookie registers a unique ID to save statistics of the viewed video.
Expiration date after session end

Name: PREF
Value f1=50000000
Purpose of use This cookie also registers your unique ID. Google receives statistics via PREF on how you use YouTube videos on our website.
Expiration date after 8 months

Name: GPS
Value 1
Purpose of use This cookie registers your unique ID on mobile devices to track GPS location.
Expiration date after 30 minutes

Name: VISITOR_INFO1_LIVE
Value 12245400495Chz8bagyU
Purpose of use This cookie attempts to estimate the user's bandwidth on our websites (with embedded YouTube video).
Expiration date after 8 months

Note: These cookies were set after a test and cannot claim to be exhaustive.

When you are signed in to your YouTube account, YouTube can store many of your actions/interactions on our website using cookies and associate them with your YouTube account. For example, YouTube receives information such as how long you browse our site, which browser type you use, which screen resolution you prefer, or what actions you perform.

YouTube uses this data to improve its own services and offerings, and also to provide analytics and statistics for advertisers (who use Google Ads).

Survey and Polling Systems Introduction

Survey and Questionnaire Systems Privacy Policy Summary 👥 Affected Parties: Website visitors Purpose: Website survey evaluation Processed data: Contact details, device data, duration and time of access, IP addresses. You can find more details about this in the respective survey and polling system used. Storage duration: dependent on the tool used Legal basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate interests)

What are survey and polling systems?

We also like to conduct various surveys and polls through our website. These are always evaluated anonymously. A survey or poll system is a tool integrated into our website that asks you questions (e.g., about our products or services) which you can answer if you choose to participate. Your answers will always be evaluated anonymously. However, with your consent to data processing, personal data may also be stored and processed.

Why do we use survey and polling systems?

We aim to offer you the best products and services in our industry. Through surveys, we get perfect feedback from you and learn what you expect from us and our services. Based on these anonymous analyses, we can best adapt our products and services to your wishes and ideas. Furthermore, the information also serves to focus our advertising and marketing measures more effectively on those individuals who are genuinely interested in our offerings.

What data is processed?

Personal data will only be processed if it is necessary for the technical implementation or if you have consented to personal data being processed. For example, your IP address will be stored so that the survey can be displayed in your browser, for instance. Cookies may also be used so that you can easily continue your survey at a later time.

If you have consented to data processing, in addition to your IP address, contact details such as your email address or phone number may be processed. Data that you enter into an online form, for example, is also stored and processed. Some providers also store information about the websites you visited (on our website), when you started and finished the survey, and various technical information about your computer.

How long is data stored?

How long data is processed and stored primarily depends on the tools we use. You can find out more about the data processing for each tool below. The providers' privacy policies usually state precisely which data is stored and processed, and for how long. In principle, personal data is only processed for as long as is necessary to provide our services. If data is stored in cookies, the storage duration varies significantly. The data can be deleted again immediately after leaving a website, but it can also be kept for several years. Therefore, you should look at each individual cookie in detail if you want to know more about data storage. In most cases, you will also find informative details about individual cookies in the providers' privacy policies.

Right of objection

You also have the right and the option to withdraw your consent to the use of cookies or embedded survey systems at any time. This can be done either through our cookie management tool or through other opt-out functions. For example, you can also prevent data collection by cookies by managing, disabling, or deleting cookies in your browser.

Since cookies may be used by survey systems, we also recommend our general privacy policy on cookies. To find out exactly what data is stored and processed about you, you should read the privacy policies of the respective tools.

Legal basis

The use of survey systems requires your consent, which we obtained with our cookie popup. This consent, according to Art. 6(1)(a) GDPR (Consent) the legal basis for the processing of personal data, as may occur during collection through survey and polling systems.

In addition to the consent, on our part there is a legitimate interest in conducting surveys on our topic. The legal basis for this is Art. 6(1)(f) GDPR (Legitimate Interests). We only use the tools to the extent that they have given consent.

Since cookies are used in survey systems, we also recommend that you read our general privacy policy on cookies. To find out exactly what data is stored and processed about you, you should read the privacy policies of the respective tools.

Information on the individual survey systems can be found in the following sections, if available.

Hotjar Surveys Privacy Policy

We also use the survey software Hotjar Surveys. The service provider is the Maltese company Hotjar Limited, Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian’s STJ 3141, Malta.

Learn more about the data processed by using Hotjar Surveys in the Privacy Policy at https://www.hotjar.com/legal/policies/privacy/.

Review Platforms Introduction

Rating Platforms Summary 👥 Affected Parties: Visitors to the website or a review platform Purpose: Feedback on our products and/or services Processed data: IP address, email address, name, among others. You can find more details below or on the respective review platforms used. Storage duration: depends on the respective platform Legal basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate interests),

What are review platforms?

You can rate our products or services on various review platforms. We participate in some of these platforms so that we can receive feedback from you and optimize our offerings. If you rate us through a review platform, the privacy policy and general terms and conditions of the respective review service apply. Very often, you also need to register to leave a review. Review technologies (widgets) may also be integrated into our website. By using such an integrated tool, data is also transferred to, processed, and stored by the respective provider.

Many of these integrated programs work on a similar principle. After you have ordered a product from us or used a service, you will be asked to submit a review via email or on our website. You will usually be redirected via a link to a review page where you can create a review easily and quickly. Some review systems also offer an interface to various social media channels to make the feedback accessible to a wider audience.

Why do we use review platforms?

Review platforms collect feedback and ratings about our offerings. Through your reviews, we quickly receive corresponding feedback and can improve our products and/or services much more efficiently. Consequently, the reviews serve us, on the one hand, for optimizing our offerings and, on the other hand, they give you and all our future customers a good overview of the quality of our products and services.

What data is processed?

With your consent, we transmit information about you and the services you have used to the corresponding evaluation platform. We do this to ensure that you have actually used one of our services. Only then can you provide genuine feedback. The transmitted data is only used for user recognition. Exactly which data is stored and processed depends, of course, on the providers used. In most cases, the review platforms are also provided with personal data such as IP address, e-mail address or your name. Order information, such as the order number of a purchased item, is also forwarded to the relevant platform after you have submitted your review. If your e-mail address is transmitted, this is done so that the review platform can send you an e-mail after you have purchased a product. So that we can also incorporate your review into our website, we also provide the providers with the information that you have accessed our site. The review platform used is responsible for the personal data collected.

How long and where will the data be stored?

You can find more details about the duration of data processing below in the respective privacy policy of the provider, if we have further information on this. In general, we only process personal data for as long as is absolutely necessary for the provision of our services and products. Personal data mentioned in a review is usually anonymized by employees of the platform used and is therefore only visible to company administrators. The data collected is stored on the providers' servers and deleted after the end of the order by most providers.

Right of objection

You also have the right and the option to revoke your consent to the use of cookies or third parties at any time. This can be done either through our cookie management tool or through other opt-out functions. For example, you can also prevent data collection by cookies by managing, disabling, or deleting cookies in your browser.

Legal basis

If you have consented to the use of a review platform, the legal basis for the corresponding data processing is this consent. According to Art. 6 para. 1 lit. a GDPR (Consent), this consent constitutes the legal basis for the processing of personal data, as may occur when collected by a review portal.

Furthermore, we have a legitimate interest in using a review platform to optimize our online service. The relevant legal basis for this is Art. 6 para. 1 lit. f GDPR (Legitimate Interests). Nevertheless, we only use a review platform if you have given your consent.

We hope we were able to provide you with the most important general information regarding the data processing of review platforms. You can find more detailed information below in the privacy texts or in the company's linked privacy policies.

Google Customer Reviews Privacy Policy

We also use the Google Customer Reviews platform for our website. The service provider is the American company Google Inc. For the European region, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. 

Google processes data from you, including in the USA. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This can be associated with various risks to the lawfulness and security of data processing.

Google uses standard contractual clauses (= Art. 46 para. 2 and 3 GDPR) as the basis for data processing by recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfers there. Standard Contractual Clauses (SCCs) are model clauses provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even when it is transferred to third countries (such as the USA) and stored there. Through these clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses, among other places, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Controller-Controller Data Protection Terms, which refer to the Standard Contractual Clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/

You can learn more about the data processed when using Google in the privacy policy at https://policies.google.com/privacy?hl=de.

Web Design Introduction

Web Design Privacy Policy Summary 👥 Affected Parties: Website visitors 🤝 Purpose: Improve user experience Processed Data: The data processed depends heavily on the services used. This usually includes the IP address, technical data, language settings, browser version, screen resolution, and browser name. You can find more details on this in the respective web design tools used. Storage duration: depends on the tools used Legal basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate interests)

What is web design?

We use various tools on our website that serve our web design. Web design is not, as is often assumed, just about making our website look pretty, but also about functionality and performance. But of course the right look of a website is also one of the major goals of professional web design. Web design is a branch of media design and deals with the visual as well as the structural and functional design of a website. The aim of web design is to improve your experience on our website. In web design jargon, this is referred to as user experience (UX) and usability. User experience refers to all impressions and experiences that website visitors have on a website. Usability is a sub-item of user experience. This is about the user-friendliness of a website. The main focus here is on ensuring that content, subpages or products are clearly structured and that you can find what you are looking for quickly and easily. In order to offer you the best possible experience on our website, we also use third-party web design tools. In this privacy policy, the category „web design“ therefore includes all services that improve the design of our website. These can be, for example, fonts, various plugins or other integrated web design functions.

Why do we use web design tools?

How you absorb information on a website depends heavily on the site's structure, functionality, and visual perception. Therefore, good and professional web design has become increasingly important for us as well. We are constantly working on improving our website and also see this as an extended service for you as a website visitor. Furthermore, an attractive and functional website also has economic advantages for us. After all, you will only visit us and use our services if you feel completely comfortable.

What data is stored by web design tools?

When you visit our website, web design elements may be integrated into our pages that can also process data. What kind of data is processed depends, of course, heavily on the tools used. Below you will see exactly which tools we use for our website. For more information on data processing, we also recommend reading the respective privacy policy of the tools used. Usually, you will find out there which data is processed, whether cookies are used, and how long the data is stored. Through fonts such as Google Fonts, for example, information such as language settings, IP address, browser version, browser screen resolution, and browser name are automatically transmitted to Google servers.

Duration of data processing

The length of time data is processed is highly individual and depends on the web design elements used. For example, if cookies are used, the retention period can range from just one minute to a few years. Please find out more about this. For this purpose, we recommend our general section on cookies as well as the privacy statements of the tools used. There, you will generally find out which cookies are used exactly and what information is stored in them. Google font files, for example, are stored for one year. This is intended to improve website loading times. Basically, data is always stored only as long as it is necessary for the provision of the service. Data may also be stored for longer periods due to legal requirements.

Right of objection

You also have the right and the option to withdraw your consent to the use of cookies or third parties at any time. This can be done either through our cookie management tool or through other opt-out functions. You can also prevent data collection by cookies by managing, disabling, or deleting cookies in your browser. However, there is also data in web design elements (mostly fonts) that cannot be deleted quite so easily. This is the case when data is automatically collected directly when a page is loaded and transmitted to a third party (such as Google). In such cases, please contact the support of the respective provider. In the case of Google, you can reach support at https://support.google.com/?hl=de.

Legal basis

If you have consented to the use of web design tools, the legal basis for the corresponding data processing is this consent. According to Art. 6(1)(a) GDPR (Consent), this consent forms the legal basis for processing personal data that may occur when captured by web design tools. Furthermore, we have a legitimate interest in improving the web design of our website. After all, only then can we provide you with an attractive and professional web offering. The corresponding legal basis for this is Art. 6(1)(f) GDPR (Legitimate Interests). Nevertheless, we only use web design tools to the extent that you have given your consent. We want to emphasize this again here in any case.

Information about special web design tools – if available – can be found in the following sections.

Google Fonts Local Privacy Policy

On our website, we use Google Fonts from Google Inc. For the European region, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible. We have integrated the Google fonts locally, i.e., on our web server – not on Google's servers. This means there is no connection to Google servers and therefore no data transmission or storage.

What are Google Fonts?

Google Fonts was formerly known as Google Web Fonts. It is an interactive directory of over 800 font families, Google provides it for free. With Google Fonts, you could use fonts without uploading them to your own server. However, to prevent any data transfer to Google servers in this regard, we have downloaded the fonts to our server. This way, we act in compliance with data protection regulations and do not send any data to Google Fonts.

Online Map Services Introduction

Online Map Services Privacy Policy Summary 👥 Affected Parties: Website visitors 🤝 Purpose: Improve user experience Processed Data: The data processed depends heavily on the services used. Usually, this includes IP address, location data, search queries, and/or technical data. More details can be found in the respective tools used. Storage duration: depends on the tools used Legal basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate interests)

Online map services are websites or applications that provide digital maps and geographic information to users. They allow users to explore different locations, get directions, find businesses and points of interest, and view satellite imagery.

We also use online map services on our website as an extended service. Google Maps is probably the service you are most familiar with, but there are also other providers that specialize in creating digital maps. Such services allow locations, route plans, or other geographical information to be displayed directly on our website. By embedding a map service, you no longer have to leave our website to view the route to a location, for example. To ensure the online map works on our website, map sections are embedded using HTML code. The services can then display street maps, the Earth's surface, or aerial or satellite images. When you use the embedded map service, data is also transferred to and stored by the tool used. This data may include personal data.

Why do we use online map services on our website?

Generally speaking, our aim is to provide you with an enjoyable experience on our website. And of course, your time is only enjoyable if you can easily navigate our website and quickly and easily find all the information you need. Therefore, we thought an online map system could be a significant optimization of our service on the website. Without leaving our website, you can easily view route descriptions, locations, or even points of interest with the help of the map system. It's also super practical, of course, that you can see at a glance where our company headquarters are located, so you can find your way to us quickly and safely. As you can see, there are simply many advantages, and we clearly consider online map services on our website to be part of our customer service.

What data is stored by online map services?

When you open a page on our website that has a built-in online map function, personal data may be transmitted to the respective service and stored there. In most cases, this is your IP address, which can also be used to determine your approximate location. In addition to the IP address, data such as search terms entered and longitude and latitude coordinates are also stored. If you enter an address for route planning, for example, this data is also stored. The data is not stored by us, but on the servers of the integrated tools. You can imagine it like this: You are on our website, but when you interact with a map service, this interaction actually happens on their website. In order for the service to function properly, at least one cookie is usually set in your browser. Google Maps, for example, also uses cookies to record user behaviour in order to optimize its own service and provide personalized advertising. You can find out more about cookies in our „Cookies“ section.

How long and where will the data be stored?

Every online map service processes different user data. If we have further information, we will inform you about the duration of data processing below in the respective sections for individual tools. In principle, personal data is always stored only for as long as is necessary for the provision of services. For example, Google Maps stores certain data for a specified period, while other data must be deleted by you yourself. With Mapbox, for instance, the IP address is stored for 30 days and then deleted. As you can see, each tool stores data for different lengths of time. Therefore, we recommend that you carefully review the privacy policies of the tools used.

The providers also use cookies to store data about your user behavior with the map service. You can find more general information about cookies in our „Cookies“ section, but the privacy policies of the individual providers will also tell you which cookies may be used. However, this is usually just an exemplary list and is not exhaustive.

Right of objection

You always have the option and the right to access your personal data and to object to its use and processing. You can also revoke your consent at any time. This is usually easiest to do via the cookie consent tool. However, there are also other opt-out tools you can use. You can also manage, delete, or disable potential cookies set by the providers used yourself with just a few mouse clicks. However, it is possible that some functions of the service may no longer work as usual. How you manage cookies in your browser also depends on the browser you are using. In the „Cookies“ section, you will also find links to instructions for the most common browsers.

Legal basis

If you have consented to the use of an online map service, the legal basis for the respective data processing is this consent. According to Art. 6 para. 1 lit. a GDPR (Consent), this consent forms the legal basis for the processing of personal data that may occur when collected by an online map service.

We also have a legitimate interest in using an online map service to optimize our service on our website. The legal basis for this is Art. 6 Paragraph 1 lit. f GDPR (Legitimate Interests). However, we only ever use an online map service if you have given your consent. We absolutely want to emphasize this again here.

Information about special online map services can be found in the following sections, if available.

Google Maps Privacy Policy

Google Maps Privacy Policy Summary 👥 Affected Parties: Website visitors Purpose: Optimization of our service performance Processed data: Data such as entered search terms, your IP address, and also latitude/longitude coordinates. More details on this can be found further down in this privacy policy. 📅 Storage duration: depends on the data stored Legal basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate interests)

What is Google Maps?

We use Google Maps from Google Inc. on our website. For the European region, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. With Google Maps, we can show you locations better and thus adapt our service to your needs. By using Google Maps, data is transferred to Google and stored on Google servers. Here we want to go into more detail about what Google Maps is, why we use this Google service, what data is stored, and how you can prevent this.

Google Maps is an Internet mapping service from Google. With Google Maps, you can search online via a PC, tablet, or app for precise locations of cities, attractions, accommodations, or businesses. If businesses are listed on Google My Business, additional company information will be displayed alongside the location. To show how to get there, map sections of a location can be embedded into a website using HTML code. Google Maps displays the Earth's surface as a street map or as an aerial or satellite image. Thanks to Street View images and high-quality satellite images, very accurate representations are possible.

Why do we use Google Maps on our website?

All our efforts on this page aim to provide you with a useful and meaningful time on our website. By integrating Google Maps, we can provide you with the most important information about various locations. You can see where our company headquarters are at a glance. The directions will always show you the best or fastest way to get to us. You can retrieve directions for routes by car, public transport, on foot, or by bicycle. For us, providing Google Maps is part of our customer service.

Google Maps stores information about your location history, search history, and the places you've reviewed or uploaded photos for. It also collects data from your device, such as device type, operating system, and unique device identifiers.

For Google Maps to provide its full service, the company must collect and store data from you. This includes, but is not limited to, search terms you enter, your IP address, and latitude/longitude coordinates. If you use the route planner function, the starting address you enter will also be saved. However, this data storage occurs on the Google Maps websites. We can only inform you about this and cannot influence it. Since we have integrated Google Maps into our website, Google sets at least one cookie (name: NID) in your browser. This cookie stores data about your user behavior. Google primarily uses this data to optimize its own services and to provide personalized advertising.

The following cookie is set in your browser due to the integration of Google Maps:

Name: NID
Value 188=h26c1Ktha7fCQTx8rXgLyATyITJ122454004-5
Purpose of use NID is used by Google to customize ads for your Google searches. With the help of the cookie, Google „remembers“ your most frequent search queries or your previous interactions with ads. This way, you always get tailored ads. The cookie contains a unique ID that Google uses to collect your personal preferences for advertising purposes.
Expiration date after 6 months

Note: We cannot guarantee the completeness of the stored data. Changes can never be ruled out, especially when using cookies. To identify the NID cookie, a dedicated test page was created that exclusively integrated Google Maps.

How long and where will the data be stored?

Google servers are located in data centers all over the world. However, most servers are in America. For this reason, your data will also be increasingly stored in the USA. You can read exactly where Google's data centers are located here: https://www.google.com/about/datacenters/locations/?hl=de

Google distributes data across various storage devices. This makes the data more readily accessible and better protected against any manipulation attempts. Each data center also has special emergency programs. For example, if there are problems with Google hardware or a natural disaster disables the servers, the data remains quite secure and protected.

Google stores some data for a specified period. For other data, Google only offers the option to delete it manually. Furthermore, the company also anonymizes information (such as advertising data) in server logs by deleting part of the IP address and cookie information after 9 or 18 months.

How can I delete my data or prevent data storage?

With the automatic deletion feature for location and activity data introduced in 2019, location and web/app activity information is stored for either 3 or 18 months, depending on your choice, and then deleted. Additionally, you can always manually delete this data from your history via your Google Account. If you want to prevent location tracking entirely, you must pause „Web & App Activity“ in your Google Account. Click on „Data & privacy“ and then on the „Activity controls“ option. Here you can turn activities on or off.

In your browser, you can also deactivate, delete, or manage individual cookies. Depending on the browser you are using, this always works a bit differently. In the „Cookies“ section, you will find the corresponding links to the respective instructions for the most popular browsers.

If you fundamentally do not want cookies, you can set up your browser to always inform you when a cookie is to be set. This way, you can decide for each individual cookie whether to allow it or not.

Legal basis

If you have consented to the use of Google Maps, the legal basis for the corresponding data processing is this consent. According to Art. 6(1)(a) GDPR (Consent) the legal basis for processing personal data, such as may occur when collected by Google Maps.

From our side, there is also a legitimate interest in using Google Maps to optimize our online service. The corresponding legal basis for this is Art. 6(1)(f) GDPR (Legitimate Interests). However, we only use Google Maps if you have given your consent.

Google processes data from you, including in the USA. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This can be associated with various risks to the lawfulness and security of data processing.

Google uses standard contractual clauses (= Art. 46 para. 2 and 3 GDPR) as the basis for data processing by recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfers there. Standard Contractual Clauses (SCCs) are model clauses provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even when it is transferred to third countries (such as the USA) and stored there. Through these clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses, among other places, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Processing Terms, which refer to the Standard Contractual Clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.

If you want to learn more about Google's data processing, we recommend the company's own privacy policy at https://policies.google.com/privacy?hl=de.

Miscellaneous Introduction

Miscellaneous Privacy Policy Summary 👥 Affected Parties: Website visitors 🤝 Purpose: Improve user experience Processed Data: The data that is processed depends heavily on the services used. Mostly, it involves the IP address and/or technical data. You can find more details about this in the specific tools used. Storage duration: depends on the tools used Legal basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate interests)

What falls under „Miscellaneous“?

Under the category „Other“ are those services that do not fit into any of the above categories. These are generally various plugins and embedded elements that enhance our website. Typically, these functions are obtained from third-party providers and integrated into our website. For example, these include web search services such as Algolia Place, Giphy, Programmable Search Engine, or online services for weather data such as OpenWeather.

Why do we use further third parties?

We aim to provide you with the best web offering in our industry through our website. A website has long been more than just a business card. Instead, it is a place that should help you find what you are looking for. To continuously make our website even more interesting and helpful for you, we use various services from third-party providers.

What data is processed?

Whenever elements are integrated into our website, your IP address is transmitted to the respective provider, stored and processed there. This is necessary because otherwise the content will not be sent to your browser and will therefore not be displayed accordingly. Service providers may also use pixel tags or web beacons. These are small graphics on websites that record a log file and can also create analyses of this file. Providers can use the information obtained to improve their own marketing measures. In addition to pixel tags, such information (such as which button you click or when you visit which page) can also be stored in cookies. In addition to analysis data on your web behavior, technical information such as your browser type or operating system can also be stored in cookies. Some providers may also link the data obtained with other internal services or with third-party providers. Each provider handles your data differently. We therefore recommend that you carefully read the data protection declarations of the respective services. As a matter of principle, we endeavor to only use services that handle the issue of data protection very carefully.

Duration of data processing

We will inform you about the duration of data processing below if we have further information. In general, we only process personal data for as long as it is absolutely necessary for the provision of our services and products.

Legal basis

If we ask for your consent and you also agree that we may use the service, this will be considered the legal basis for processing your data (Art. 6(1)(a) GDPR). In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors and thus improving our offering technologically and economically. The legal basis for this is Art. 6(1)(f) GDPR (Legitimate Interests). Nevertheless, we only use the tools to the extent that you have given your consent.

Information about the special tools can be found in the following sections, if available.

Matterport Privacy Policy

We use the 3D data platform Matterport for our website. The service provider is the American company Matterport, Inc., 352 E. Java Dr., Sunnyvale, CA 94089, USA.

Matterport processes data from you, including in the USA. We point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This can be associated with various risks for the lawfulness and security of data processing.

Matterport uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR) as the basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or data transfer to these countries. Standard Contractual Clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, Matterport undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

More information about the Standard Contractual Clauses for Matterport can be found at https://matterport.com/standard-contractual-clauses.

Learn more about the data processed by using Matterport in the privacy policy at https://matterport.com/de/node/44.

Explanation of Terms Used

We always strive to make our privacy policy as clear and understandable as possible. However, this is not always easy, especially with technical and legal topics. It often makes sense to use legal terms (such as personal data) or specific technical expressions (such as cookies, IP address). However, we do not want to use them without explanation. Below you will find an alphabetical list of important terms used that we may not have sufficiently addressed in the privacy policy so far. If these terms are taken from the GDPR and are definitions, we will also cite the GDPR texts here and, if necessary, add our own explanations.

Order processor

Definition of terms according to Article 4 of the GDPR

Within the meaning of this regulation, the term:

„Data processor“ a natural or legal person, authority, agency or other body which processes personal data on behalf of the controller;

Explanation: As the company and website owner, we are responsible for all data that we process from you. In addition to the controllers, there can also be so-called processors. This includes any company or person who processes personal data on our behalf. Processors can therefore include service providers such as tax advisors, but also hosting or cloud providers, payment or newsletter providers, or large companies such as Google or Microsoft.

Consent

Definition of terms according to Article 4 of the GDPR

Within the meaning of this regulation, the term:

„Consent“ the data subject's freely given, specific, informed and unambiguous expression of will in the form of a statement or a clear affirmative action by which the data subject signifies his or her agreement to the processing of personal data relating to him or her;

Explanation: As a rule, consent for websites is obtained through a cookie consent tool. You're likely familiar with this. Whenever you visit a website for the first time, you're usually asked via a banner if you consent to or agree with the data processing. You can often also make individual settings and decide for yourself which data processing you allow and which you do not. If you do not consent, then no personal data may be processed. In principle, consent can of course also be given in writing, i.e., not via a tool.

Health data

Definition of terms according to Article 4 of the GDPR

Within the meaning of this regulation, the term:

„Health data“ personal data relating to the physical or mental health of a natural person, including the provision of health care services, which reveal information about their health status;

Explanation: Health data therefore includes all stored information that concerns your own health. Often, this is data that is also recorded in a patient file. This includes, for example, which medications you use, X-ray images, your entire medical history, or usually your vaccination status.

Personal data

Definition of terms according to Article 4 of the GDPR

Within the meaning of this regulation, the term:

„personal data“ all information relating to an identified or identifiable natural person (hereinafter referred to as the „data subject“); a natural person shall be regarded as identifiable if he or she can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

Explanation: Personal data is therefore all data that can identify you as a person. This typically includes data such as:

• Name
• Address
• Email address
• Return address
• Phone number
• Date of birth
• Identification numbers such as social security number, tax identification number, national ID number, or student ID number
• Bank details such as account number, credit information, account balances, and more.

According to the European Court of Justice (ECJ), yours also counts IP address as personal data. IT experts can determine at least the approximate location of your device and therefore you as the owner of the connection using your IP address. Therefore, storing an IP address also requires a legal basis within the meaning of the GDPR. There are also so-called „special categories“ of personal data, which are also particularly worthy of protection. These include:

• Racial and ethnic origin
• political opinions
• Religious or philosophical beliefs
• Union membership
• Genetic data, such as data obtained from blood or saliva samples
• biometric data (which is information about the psychological, physical, or behavioral characteristics that can identify a person).
  Health data
• Data on sexual orientation or sex life

Profiling

Definition of terms according to Article 4 of the GDPR

Within the meaning of this regulation, the term:

„Profiling“ any form of automated processing of personal data consisting of evaluating personal data relating to a natural person, in particular in order to analyze or predict aspects concerning his or her performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements;

Explanation: Profiling involves gathering various pieces of information about a person to learn more about them. In the web sector, profiling is often used for advertising purposes or for credit checks. Web or advertising analysis programs, for example, collect data about your behavior and interests on a website. This results in a special user profile, which can be used to deliver targeted advertising to a specific audience.

Responsible Party

Definition of terms according to Article 4 of the GDPR

Within the meaning of this regulation, the term:

„Responsible person“ the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

Explanation: In our case, we are responsible for processing your personal data and are therefore the “controller.” If we transfer collected data to other service providers for processing, they are “processors.” A “Data Processing Agreement (DPA)” must be signed for this.

Processing

Definition of terms according to Article 4 of the GDPR

Within the meaning of this regulation, the term:

„Processing“ any operation or set of operations performed with or without the aid of automated procedures in connection with personal data such as collection, recording, organization, arrangement, storage, adaptation or modification, retrieval, query, use, disclosure by transmission, dissemination or other form of provision, matching or linking, restriction, deletion or destruction;

Note: When we refer to processing in our privacy policy, we mean any type of data processing. As mentioned above in the original GDPR statement, this includes not only collecting but also storing and processing data.

Closing remarks

Congratulations! If you are reading these lines, you have truly „battled“ your way through our entire privacy policy, or at least scrolled this far. As you can see from the length of our privacy policy, we do not take the protection of your personal data lightly.
It is important to us to inform you about the processing of personal data to the best of our knowledge and belief. However, we not only want to inform you about which data is processed, but also to explain the reasons for using various software programs. Data protection declarations usually sound very technical and legal. Since most of you are neither web developers nor lawyers, we wanted to take a different linguistic approach and explain the matter in simple and clear language. Of course, this is not always possible due to the subject matter. Therefore, the most important terms are explained in more detail at the end of the data protection declaration.
If you have any questions regarding data protection on our website, please do not hesitate to contact us or the responsible authority. We wish you a pleasant time and hope to welcome you back to our website soon.

All texts are protected by copyright