Privacy policy

With this privacy policy, we would like to inform you about the type, scope and purpose of the processing of personal data (hereinafter also referred to as “data”). Personal data is all data that has a personal reference to you, e.g. name, address, email address or your user behaviour. The privacy policy applies to all data processing operations carried out by us, both in the context of our core activities and for the online media we provide.

A. Who is responsible for data processing at our company

Responsible for data processing is:

B. Processing of your data as part of the core activities of our company

If you are our customer or business partner or are interested in our services, the type, scope and purpose of the processing of your data depends on the contractual or pre-contractual relationship existing between us. In this sense, the data processed by us includes all data that is or was provided by you for the purpose of utilising the contractual or pre-contractual services and that is required to process your enquiry or the contract concluded between us. Unless otherwise stated in the further information in this privacy policy, the processing of your data and its disclosure to third parties is limited to the data that is necessary and expedient to answer your enquiries and/or to fulfil the contract concluded between you and us, to protect our rights and to fulfil legal obligations. We will inform you which data is required for this before or during data collection. Insofar as we use third-party providers to provide our services, the data protection notices of the respective third-party providers also apply.

Data concerned:

• Inventory data (e.g. names, addresses)
• Payment data (e.g. bank details, invoices)
• Contact details (e.g. e-mail address, telephone number, postal address)
• Contract data (e.g. subject matter of the contract, duration of the contract)

Persons concerned: Interested parties, business and contractual partners and their respective contact persons

Processing purpose: Handling (pre-)contractual relationships, communication and answering contact enquiries, office and organisational procedures

Legal basis: Contract fulfilment and pre-contractual enquiries, Art. 6 para. 1 lit. b GDPR, legal obligation, Art. 6 para. 1 sentence 1 lit. c GDPR, legitimate interest, Art. 6 para. 1 sentence 1 lit. f GDPR (in particular for data of contact persons of companies)

F. Cookies

Our website uses cookies. Cookies are small text files consisting of a series of numbers and letters that are stored on the device you are using. Cookies are primarily used to exchange information between the device you are using and our website. This includes, for example, the language settings on a website, the login status or the location where a video was watched.

Two types of cookies are used when you visit our website:

• Temporary cookies (session cookies): These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. The session cookies are deleted when you log out or close your browser.
• Permanent cookies: Permanent cookies remain stored even after the browser is closed. This allows our website to recognise your computer when you return to our website. Information on language settings or log-in information, for example, is stored in these cookies. These cookies can also be used to document and store your surfing behaviour. This data can be used for statistical, marketing and personalisation purposes.

In addition to the above categorisation, cookies can also be differentiated according to their purpose:

• Necessary cookies: These are cookies that are absolutely necessary for the operation of our website in order to save logins or shopping baskets for the duration of your session or cookies that are set for security reasons.
• Statistical, marketing and personalisation cookies: These are cookies that are used for analytical purposes or to measure reach. Such “tracking” cookies can be used in particular to store information on search terms entered or the frequency of page views. In addition, the surfing behaviour of an individual user (e.g. viewing certain content, use of functions, etc.) can also be stored in a user profile. Such profiles are used to display content to users that corresponds to their potential interests. If we use services that store cookies on your end device for statistical, marketing and personalisation purposes, we will inform you about this separately in the following sections of our privacy policy or when obtaining your consent.

Data concerned:

• Usage data (e.g. access times, websites clicked on)
• Communication data (e.g. information about the device used, IP address).

Persons concerned: Users of our online services

Processing purpose: Displaying our Internet pages, security and ensuring the operation of our Internet pages, improving our Internet offering, communication and marketing

Legal basis:
Legitimate interest, Art. 6 para. 1 sentence 1 lit. f GDPR
If we do not obtain your consent to the setting of cookies, we base the processing of your data on our legitimate interest in improving the security, quality and user-friendliness of our website, in particular the content and functions. You have the option to object to the use of cookies set by us in the context of our legitimate interest via the security settings of your browser. There you can specify whether you do not accept cookies from the outset or only accept them on request, or whether you want cookies to be deleted every time you close your browser. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.

Consent, Art. 6 para. 1 sentence 1 lit. a GDPR
If we ask you to allow us to place certain cookies on your device before you visit our website (see cookie banner) and you consent to this, the legal basis is to be seen in the consent you have given. As part of your consent, we will inform you which cookies we place in detail. If you do not give this consent, only the so-called technically necessary cookies that are required for the proper operation of our website and its display in your browser will be set. If you have consented to the setting of cookies, you have the option to withdraw your consent at any time.

G. Online advertising

I. General information

We use services for the display of Internet advertising. Certain user data is collected via the services we use by means of a cookie or pixel (for more information on cookies, see point F). This includes, in particular, the information from which website you came to our website (so-called referrer), which pages of our website you accessed, how long you visited our pages and what interactions you made there. In addition, data on the browser, computer system and device type you use is collected. Demographic information, such as age or gender, can also be collected as pseudonymised values via such a service. If you have consented to the collection of your location data, this may also be processed, depending on the provider. In order to collect and store this data, the respective service places a cookie or a so-called counting pixel on the end device you are using, which also collects the IP address assigned to you. However, this is shortened using a so-called IP masking procedure so that the IP address can no longer be assigned to your visit to our website. In principle, no clear data such as names or e-mail addresses are stored when the respective service is used. This is only the case if you are a member of a social network that offers one of the services listed below and merges your profile with the aforementioned data.

The data is analysed by the services we use in order to produce a report with statistical statements about the number of visitors generated by the advertising and the success of the advertising measure. The reports include the total number of users who were redirected to our website via our adverts. The reports also contain information on the users' end devices and browsers, where the users were located and the times at which the adverts were clicked. However, the reports do not contain any information that could be used to personally identify you as a user of our website.

We would like to point out that, depending on the location of the service provider, the data collected via the service may be transferred and processed outside the European Economic Area. In this case, there is a risk that the level of data protection prescribed by the GDPR will not be complied with and that the enforcement of your rights will be difficult or impossible. Please note before giving your consent that individual services process your personal data in the USA. If you give us your consent, it also extends to the processing in this third country, Art. 49 para. 1 lit. a GDPR. As things stand at present, there is probably no adequate level of data protection in the USA without an adequacy decision and without suitable guarantees, as the regulations there do not comply with European law. In its ruling of 16 July 2020 (C-311/18), the European Court of Justice concluded, among other things, that the laws on the basis of which American security authorities can access personal data transferred to the USA do not restrict access to the personal data of non-Americans. The surveillance programmes based on the US legal provisions are not limited to what is absolutely necessary. Furthermore, non-Americans are not granted any enforceable rights against this access.

Data concerned:

• Usage data (e.g. access times, websites clicked on)
• Communication data (e.g. information about the device used, IP address)

Persons concerned: Users of our online services

Processing purpose: Reach measurement, campaign success monitoring, remarketing and interest- and behaviour-based marketing

Legal basis: If we have asked for your consent before using the respective service, this is the legal basis, Art. 6 para. 1 sentence 1 lit. a GDPR. We also use services on the basis of our legitimate interest in being able to continuously improve the functions, offers, user experience and security of our offers, Art. 6 para. 1 sentence 1 lit. f GDPR.

II. We use the following service providers for online advertising:

Facebook Pixel

We use the Facebook pixel from Facebook on our website. We have implemented a code for this on our website. The Facebook pixel is a snippet of JavaScript code that loads a collection of functions with which Facebook can track your user actions if you have come to our website via Facebook ads. For example, if you purchase a product on our website, the Facebook pixel is triggered and saves your actions on our website in one or more cookies. These cookies enable Facebook to match your user data (customer data such as IP address, user ID) with the data of your Facebook account. Facebook then deletes this data again. The data collected is anonymous and cannot be viewed by us and can only be used in the context of adverts. If you are a Facebook user and are logged in, your visit to our website is automatically assigned to your Facebook user account.

We only want to show our services and products to people who are really interested in them. With the help of Facebook pixels, our advertising measures can be better customised to your wishes and interests. This means that Facebook users (provided they have allowed personalised advertising) see suitable advertising. Facebook also uses the data collected for analysis purposes and its own adverts.

If you are logged in to Facebook, you can change your settings for adverts under https://www.facebook.com/adpreferences/advertisers/?entry_product=ad_settings_screen yourself. If you are not a Facebook user, you can click on https://www.youronlinechoices.com/de/praferenzmanagement/ manage your usage-based online advertising. There you have the option of deactivating or activating providers.

Facebook also processes your data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may entail various risks for the legality and security of data processing. Facebook uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR) as the basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfer there. Standard Contractual Clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, Facebook undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Facebook data processing conditions, which correspond to the standard contractual clauses, can be found at https://www.facebook.com/legal/terms/dataprocessing. If you want to find out more about Facebook's data protection, we recommend that you read the company's own data policy on https://www.facebook.com/policy.php.

Service provider: Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA
Registered office in Europe: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Website: https://www.facebook.com
Privacy policy: https://www.facebook.com/about/privacy
Opt-out option: https://www.facebook.com/settings?tab=ads

Google Analitics

We use the Google Analytics (GA) analysis tracking tool from the American company Google Inc. on our website. For the European region, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. Google Analytics collects data about your actions on our website. For example, when you click on a link, this action is stored in a cookie and sent to Google Analytics. The reports we receive from Google Analytics allow us to better customise our website and our service to your wishes. In the following, we will go into more detail about the tracking tool and inform you in particular about what data is stored and how you can prevent this. Google Analytics is a tracking tool that is used to analyse the traffic on our website.

For Google Analytics to work, a tracking code is built into the code of our website. When you visit our website, this code records various actions that you perform on our website. As soon as you leave our website, this data is sent to the Google Analytics servers and stored there.

Google processes the data and we receive reports on your user behaviour. These may include the following reports:

Target group reports: We use target group reports to get to know our users better and know more precisely who is interested in our service.

•  Display reports: Display reports make it easier for us to analyse and improve our online advertising.
• Acquisition reports: Acquisition reports provide us with helpful information on how we can get more people interested in our service.
• Behavioural reports: Here we learn how you interact with our website. We can track which route you take on our site and which links you click on.
• Conversion reports: Conversion is a process in which you perform a desired action as a result of a marketing message. For example, when you go from being just a website visitor to a buyer or newsletter subscriber. With the help of these reports, we learn more about how our marketing measures are received by you. This is how we want to increase our conversion rate.
• Real-time reports: Here we always know immediately what is happening on our website. For example, we can see how many users are currently reading this text.

If you click on the following Deactivation link you can prevent Google from recording further visits to this website. Please note: Deleting cookies, using the incognito/private mode of your browser or using a different browser will result in data being collected again. Deactivate Google Analytics.

Google Analytics IP anonymisation
We have implemented IP address anonymisation from Google Analytics on this website. This function was developed by Google so that this website can comply with the applicable data protection regulations and recommendations of the local data protection authorities if they prohibit the storage of the full IP address. The anonymisation or masking of the IP takes place as soon as the IP addresses arrive in the Google Analytics data collection network and before any storage or processing of the data takes place.

You can find more information on IP anonymisation at https://support.google.com/analytics/answer/2763052?hl=de.

Google Analytics data processing addendum
We have concluded a direct customer contract with Google for the use of Google Analytics by accepting the “Data Processing Addendum” in Google Analytics. You can find out more about the data processing addendum for Google Analytics here: https://support.google.com/analytics/answer/3379636?hl=de&utm_id=ad

Google Ads (Google AdWords) conversion tracking

Service provider: Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Registered office in Europe: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland
Website: https://ads.google.com/home/
Privacy policy: https://www.google.de/intl/de/policies/privacy

H. Advertising by e-mail, post or telephone

We process personal data for our advertising communication by e-mail, post or telephone. You can object at any time to receiving our advertising contradict or the previously given consent to receive our advertising communication at any time. revoked. In order to be able to prove that your consent was given even after your cancellation in case of doubt, we can store the relevant data for up to 4 years after your objection/revocation. We will no longer use your data for other purposes after your objection/revocation. If you want us to delete your data before then, we will do so after you have confirmed to us that you originally gave us your consent.

Data concerned:

• Contact details (e.g. e-mail, telephone number, postal address)
• Inventory data (e.g. names, addresses)

Persons concerned: Communication partner

Processing purpose: Direct advertising measures (marketing) by e-mail, post or telephone.
For our newsletter: see point K.

Legal basis: Consent, Art. 6 para. 1 sentence 1 lit. a GDPR, legitimate interest, Art. 6 para. 1 sentence 1 lit. f GDPR

YouTube

We use components from YouTube on this website in order to
videos on our Internet pages so that they can be viewed via your browser.
Internet browser can be played when you visit our Internet pages.
visit. During your visit to our website, both
YouTube as well as Google about which page or subpage
by sending your IP address to the external servers of
Google in the USA. This transmission of information
takes place regardless of whether the videos displayed are actually
are viewed or clicked on, or you are logged into your YouTube or Google
account are logged in. This information is collected and assigned to your
Google account, provided you are logged in there, if you
call up our Internet pages.

Two-click solution
We use the so-called two-
click solution. This means that when users visit the site, they are first
In principle, no personal data is transferred to the provider
passed on. Only if the user clicks on the marked field and it
activated, the provider receives the information that the
corresponding website of the online offer was called up.

Service provider: YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA
Website: https://www.youtube.com/
Privacy policy: https://policies.google.com/privacy
Opt-out option: https://tools.google.com/dlpage/gaoptout?hl=de

J. Our online presence on social networks

I. General information

What is social media? 
In addition to our website, we are also active on various social media platforms. User data may be processed so that we can target users who are interested in us via the social networks. In addition, elements of a social media platform may also be embedded directly in our website. This is the case, for example, if you click on a social button on our website and are forwarded directly to our social media presence. Social media refers to websites and apps through which registered members can produce content, share content openly or in specific groups and network with other members.

We would like to point out that, depending on the country of domicile of the provider named below, the data collected via its platform may be transferred and processed outside the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR will not be complied with and that the enforcement of your rights will be difficult or impossible.

Data concerned:

• Inventory and contact data (e.g. name, address, telephone number, e-mail address)
• Content data (e.g. posts, photos, videos)
• Usage data (e.g. access times, websites clicked on)
• Communication data (e.g. information about the device used, IP address).

Processing purpose: Communication and marketing, tracking and analysis of user behaviour, customer loyalty

Legal basis: Consent, Art. 6 para. 1 lit. a GDPR, legitimate interests Art. 6 para. 1 lit. f GDPR

Possibilities of objection: For the respective opt-out options, please refer to the information provided by the providers linked below.

II. We maintain online presences on the following social networks:

Facebook

We use selected tools from Facebook on our website. Facebook is a social media network of the company Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland. With the help of these tools, we can offer you and people who are interested in our products and services the best possible experience. If data is collected and forwarded from you via our embedded Facebook elements or via our Facebook page (fan page), both we and Facebook Ireland Ltd. are responsible for this. Facebook is solely responsible for the further processing of this data. Our joint obligations have also been set out in a publicly accessible agreement at https://www.facebook.com/legal/controller_addendum anchored. It states, for example, that we must clearly inform you about the use of Facebook tools on our website. Furthermore, we are also responsible for ensuring that the tools are securely integrated into our website in accordance with data protection law. Facebook, on the other hand, is responsible for the data security of Facebook products, for example. If you have any questions about data collection and data processing by Facebook, you can contact the company directly. If you address the question to us, we are obliged to forward it to Facebook. Below we provide an overview of the various Facebook tools, what data is sent to Facebook and how you can delete this data. In addition to many other products, Facebook also offers the so-called “Facebook Business Tools”. This is the official term used by Facebook. However, as the term is hardly known, we have decided to simply call them Facebook tools. These include, among others:

•  Facebook pixel
• social plug-ins (such as the „Like“ or „Share“ button)
• Facebook Login
• Account Kit
• APIs (programming interface)
• SDKs (collection of programming tools)
• Platform integrations
• Plugins
• Codes
• Specifications
• Documentations
• Technologies and services

Through these tools, Facebook is expanding its services and has the opportunity to obtain information about user activities outside of Facebook.

Why do we use Facebook tools on our website? 
We only want to show our services and products to people who are really interested in them. We can reach precisely these people with the help of adverts (Facebook ads). However, Facebook needs information about people's wishes and needs in order to show users suitable adverts. The company is therefore provided with information about user behaviour (and contact details) on our website. As a result, Facebook collects better user data and can show interested people suitable adverts about our products and services. The tools thus enable customised advertising campaigns on Facebook. Facebook calls data about your behaviour on our website „event data“. This is also used for measurement and analysis services. Facebook can thus create „campaign reports“ on our behalf about the impact of our advertising campaigns. Furthermore, analyses give us a better insight into how you use our services, website or products. This allows us to optimise your user experience on our website with some of these tools. For example, you can use the social plug-ins to share content on our site directly on Facebook.

What data is stored by Facebook tools? 
By using individual Facebook tools, personal data (customer data) can be sent to Facebook. Depending on the tools used, customer data such as name, address, telephone number and IP address may be sent. 

Facebook uses this information to match the data with the data it has about you (if you are a Facebook member). Before customer data is transmitted to Facebook, it is hashed. This means that a data set of any size is transformed into a character string. This also serves to encrypt data. 

In addition to the contact data, „event data“ is also transmitted. „Event data“ refers to the information we receive about you on our website. For example, which subpages you visit or which products you buy from us. Facebook does not share the information it receives with third parties (such as advertisers) unless the company has explicit authorisation or is legally obliged to do so. „Event data“ can also be linked to contact details. This allows Facebook to offer better personalised advertising. After the aforementioned matching process, Facebook deletes the contact data again. 

In order to optimise the delivery of advertisements, Facebook only uses the event data if it has been combined with other data (collected by Facebook in other ways). Facebook also uses this event data for security, protection, development and research purposes. Much of this data is transferred to Facebook via cookies. Cookies are small text files that are used to store data or information in browsers. Depending on the tools used and whether you are a Facebook member, different numbers of cookies are stored in your browser. We go into more detail about individual Facebook cookies in the descriptions of the individual Facebook tools. You can also find general information about the use of Facebook cookies at https://www.facebook.com/policies/cookies.

How long and where is the data stored? 
In principle, Facebook stores data until it is no longer needed for its own services and Facebook products. Facebook has servers all over the world where its data is stored. However, customer data is deleted within 48 hours after it has been compared with the company's own user data.

How can I delete my data or prevent data storage? 
In accordance with the General Data Protection Regulation, you have the right to access, rectification, portability and erasure of your data. Your data will only be completely deleted if you delete your Facebook account completely. Here's how to delete your Facebook account: 1) Click Settings on the right-hand side of Facebook. 2) Then click on „Your Facebook information“ in the left-hand column. 3) Now click on “Deactivation and deletion”. 4) Now select „Delete account“ and then click on „Continue and delete account“ 5) Now enter your password, click on „Continue“ and then on „Delete account“ The data that Facebook receives via our site is stored using cookies (e.g. for social plugins), among other things. You can deactivate, delete or manage individual or all cookies in your browser. Depending on which browser you use, this works in different ways. In the „Cookies“ section, you will find the relevant links to the instructions for the most popular browsers. If you do not want to have any cookies, you can set up your browser so that it always informs you when a cookie is to be set. This allows you to decide for each individual cookie whether you want to allow it or not.

Legal basis 
If you have consented to your data being processed and stored by integrated Facebook tools, this consent is the legal basis for data processing (Art. 6 para. 1 sentence 1 lit. a GDPR). In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the tools if you have given your consent. Most social media platforms also set cookies in your browser to store data. We therefore recommend that you read our data protection text on cookies carefully and take a look at Facebook's privacy policy or cookie guidelines. 

Facebook also processes your data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may entail various risks for the legality and security of data processing. 

Facebook uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR) as the basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or data transfer there. Standard Contractual Clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, Facebook undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de 

The Facebook data processing conditions, which correspond to the standard contractual clauses, can be found at https://www.facebook.com/legal/terms/dataprocessing. We hope we have provided you with the most important information about the use and data processing by Facebook tools. If you would like to find out more about how Facebook uses your data, we recommend that you read the data policy at https://www.facebook.com/about/privacy/update.

Service provider: Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA
Registered office in the EU: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Website: https://www.facebook.com/
Privacy policy: https://www.facebook.com/about/privacy/
Privacy policy for Facebook pages: https://www.facebook.com/legal/terms/information_about_page_insights_data

Instagram

We have integrated Instagram functions on our website. Instagram is a social media platform of the company Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Instagram has been a subsidiary of Facebook Inc. since 2012 and is a Facebook product. Embedding Instagram content on our website is called embedding. This allows us to show you content such as buttons, photos or videos from Instagram directly on our website. When you visit web pages on our website that have an Instagram function integrated, data is transmitted to Instagram, stored and processed. Instagram uses the same systems and technologies as Facebook. Your data is therefore processed across all Facebook companies. 

In the following, we want to give you a more detailed insight into why Instagram collects data, what data is involved and how you can largely control data processing. As Instagram belongs to Facebook Inc., we obtain our information from the Instagram guidelines on the one hand, but also from the Facebook data guidelines themselves on the other. 

Instagram is one of the most popular social media networks in the world. Instagram combines the advantages of a blog with the benefits of audiovisual platforms such as YouTube or Vimeo. You can upload photos and short videos to „Insta“ (as many users casually call the platform), edit them with various filters and also share them on other social networks. And if you don't want to be active yourself, you can also just follow other interesting users.

Why do we use Instagram on our website? 
Instagram is the social media platform that has really gone through the roof in recent years. And of course we have also responded to this boom. We want you to feel as comfortable as possible on our website. That's why a varied presentation of our content is a matter of course for us. The embedded Instagram functions allow us to enrich our content with helpful, funny or exciting content from the Instagram world. As Instagram is a subsidiary of Facebook, the data collected can also be useful to us for personalised advertising on Facebook. This means that only people who are genuinely interested in our products or services receive our adverts. Instagram also uses the collected data for measurement and analysis purposes. We receive summarised statistics and thus gain more insight into your wishes and interests. It is important to note that these reports do not identify you personally.

What data is stored by Instagram? 
When you visit one of our pages that has Instagram functions (such as Instagram images or plug-ins), your browser automatically connects to Instagram's servers. In the process, data is sent to Instagram, stored and processed. This happens regardless of whether you have an Instagram account or not. This includes information about our website, your computer, purchases made, adverts you see and how you use our website. The date and time of your interaction with Instagram is also stored. If you have an Instagram account or are logged in, Instagram stores significantly more data about you. 

Facebook distinguishes between customer data and event data. We assume that this is exactly the case with Instagram. Customer data includes, for example, name, address, telephone number and IP address. This customer data is only transmitted to Instagram once it has been hashed. Hashing means that a data record is converted into a character string. This allows the contact data to be encrypted. The „event data“ mentioned above is also transmitted. By „event data“, Facebook - and consequently Instagram - means data about your user behaviour. Contact data may also be combined with event data. The contact data collected is compared with the data that Instagram already has about you. 

The collected data is transmitted to Facebook via small text files (cookies), which are usually set in your browser. Depending on the Instagram functions used and whether you have an Instagram account yourself, different amounts of data are stored. 

We assume that Instagram processes data in the same way as Facebook. This means that if you have an Instagram account or www.instagram.com Instagram has at least set a cookie. If this is the case, your browser sends information to Instagram via the cookie as soon as you come into contact with an Instagram function. This data is deleted or anonymised after 90 days at the latest (after reconciliation). Although we have intensively analysed Instagram's data processing, we cannot say exactly what data Instagram collects and stores.

How long and where is the data stored? 
Instagram shares the information received between the Facebook companies with external partners and with people you connect with worldwide. Data processing is carried out in compliance with our own data policy. For security reasons, among others, your data is distributed on Facebook servers around the world. Most of these servers are located in the USA.

How can I delete my data or prevent data storage? 
Thanks to the General Data Protection Regulation, you have the right to access, portability, rectification and erasure of your data. You can manage your data in the Instagram settings. If you want to completely delete your data on Instagram, you must permanently delete your Instagram account. Here's how to delete your Instagram account: First open the Instagram app. On your profile page, go to the bottom and click on „Help“. You will now be taken to the company's website. On the website, click on „Manage your account“ and then on „Delete your account“. If you delete your account completely, Instagram will delete posts such as your photos and status updates. Information that other people have shared about you does not belong to your account and will therefore not be deleted. As mentioned above, Instagram stores your data primarily via cookies. You can manage, deactivate or delete these cookies in your browser. Depending on your browser, the management always works a little differently. In the „Cookies“ section, you will find the relevant links to the instructions for the most popular browsers. You can also set up your browser so that you are always informed when a cookie is to be set. Then you can always decide individually whether you want to allow the cookie or not.

Legal basis 
If you have consented to your data being processed and stored by integrated social media elements, this consent is the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the integrated social media elements if you have given your consent. Most social media platforms also set cookies in your browser to store data. We therefore recommend that you read our data protection text on cookies carefully and consult the privacy policy or cookie guidelines of the respective service provider. 

Instagram and Facebook also process data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may entail various risks for the legality and security of data processing. 

Facebook uses standard contractual clauses approved by the EU Commission (= Art. 46 para. 2 and 3 GDPR) as the basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or data transfer to these countries. These clauses oblige Facebook to comply with the EU level of data protection when processing relevant data outside the EU. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the clauses here: https://germany.representation.ec.europa.eu/index_de. We have tried to provide you with the most important information about data processing by Instagram. On https://help.instagram.com/519522125107875 you can take a closer look at Instagram's data policy.

Service provider: Instagram Inc, 1601 Willow Road, Menlo Park CA 94025, USA
Parent company: Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA
Registered office in the EU: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Website: https://www.instagram.com/
Privacy policy: http://instagram.com/about/legal/privacy

LinkedIn

We use social plug-ins from the social media network LinkedIn, LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA, on our website. The social plug-ins may be feeds, content sharing or links to our LinkedIn page. The social plug-ins are clearly labelled with the familiar LinkedIn logo and allow, for example, interesting content to be shared directly via our website. For the European Economic Area and Switzerland, LinkedIn Ireland Unlimited Company Wilton Place in Dublin is responsible for data processing. 

By embedding such plug-ins, data can be sent to LinkedIn, stored and processed there. In this privacy policy, we want to inform you about what data is involved, how the network uses this data and how you can manage or prevent data storage. 

LinkedIn is the largest social network for business contacts. Unlike Facebook, for example, the company focuses exclusively on establishing business contacts. Companies can present services and products on the platform and establish business relationships. Many people also use LinkedIn to look for jobs or to find suitable employees for their own company. In Germany alone, the network has over 11 million members. In Austria, there are around 1.3 million.

Why do we use LinkedIn on our website? 
We know how busy you are. You can't follow all your social media channels individually. Even if, as in our case, it would be worthwhile. Because we are always posting interesting news or reports that are worth sharing. That's why we have created the option on our website to share interesting content directly on LinkedIn or to link directly to our LinkedIn page. We regard integrated social plug-ins as an extended service on our website. The data that LinkedIn collects also helps us to show possible advertising measures only to people who are interested in our offer.

What data is stored by LinkedIn? 
LinkedIn does not store any personal data simply by integrating the social plug-ins. LinkedIn calls this data generated by plug-ins passive impressions. However, if you click on a social plug-in, for example to share our content, the platform stores personal data as so-called „active impressions“. This happens regardless of whether you have a LinkedIn account or not. If you are logged in, the data collected will be assigned to your account. Your browser establishes a direct connection to LinkedIn's servers when you interact with our plug-ins. In this way, the company logs various usage data. In addition to your IP address, this may include, for example, login data, device information or information about your internet or mobile phone provider. If you access LinkedIn services via your smartphone, your location can also be determined (after you have authorised this). LinkedIn can also pass this data on to third-party advertisers in hashed form. Hashing means that a data record is converted into a character string. This allows the data to be encrypted in such a way that individuals can no longer be identified. Most of the data on your user behaviour is stored in cookies. These are small text files that are usually set in your browser. LinkedIn can also use web beacons, pixel tags, display tags and other device recognisers.

How long and where is the data stored? 
In principle, LinkedIn retains your personal data for as long as the company considers it necessary to provide its own services. However, LinkedIn deletes your personal data when you delete your account. In some exceptional cases, LinkedIn retains some data in aggregated and anonymised form even after you delete your account. As soon as you delete your account, other people will no longer be able to see your data within one day. LinkedIn generally deletes the data within 30 days. However, LinkedIn retains data if it is required by law. Data that can no longer be assigned to a person remains stored even after the account has been closed. The data is stored on various servers in America and presumably also in Europe.

How can I delete my data or prevent data storage? 
You have the right to access and delete your personal data at any time. You can manage, change and delete your data in your LinkedIn account. You can also request a copy of your personal data from LinkedIn. 

How to access the account data in your LinkedIn profile: 
Click on your profile icon in LinkedIn and select the „Settings and privacy“ section. Now click on „Privacy“ and then on „Change„ in the “How LinkedIn uses your data" section. In just a short time, you can download selected data about your web activity and account history. 

You also have the option in your browser to prevent data processing by LinkedIn. As mentioned above, LinkedIn stores most of the data via cookies that are set in your browser. You can manage, deactivate or delete these cookies. Depending on which browser you have, the management works slightly differently. In the „Cookies“ section, you will find the relevant links to the instructions for the most popular browsers. 

You can also set up your browser so that you are always informed when a cookie is to be set. Then you can always decide individually whether you want to allow the cookie or not.

Legal basis 
If you have consented to your data being processed and stored by integrated social media elements, this consent is the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the integrated social media elements if you have given your consent. Most social media platforms also set cookies in your browser to store data. We therefore recommend that you read our data protection text on cookies carefully and consult the privacy policy or cookie guidelines of the respective service provider. 

LinkedIn also processes your data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may entail various risks for the legality and security of data processing.

 LinkedIn uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR) as the basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or data transfer to these countries. Standard Contractual Clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, LinkedIn undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de 

You can find more information on the standard contractual clauses at LinkedIn at https://de.linkedin.com/legal/l/dpa or https://www.linkedin.com/legal/l/eu-sccs. We have tried to provide you with the most important information about data processing by LinkedIn. On https://www.linkedin.com/legal/privacy-policy to find out more about the data processing of the social media network LinkedIn.

Service provider: LinkedIn Corporation, 1000 W Maude, Sunnyvale, CA 94085, USA
Registered office in Germany: LinkedIn, Hofstatt 4th Floor, Sendlinger Str. 12, 80331 Munich
Website: https://www.linkedin.com/?trk=nav_logo
Privacy policy: https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy

Twitter

We have integrated Twitter functions on our website. These are, for example, embedded tweets, timelines, buttons or hashtags. Twitter is a short message service and a social media platform of Twitter Inc, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland. 

To our knowledge, in the European Economic Area and Switzerland, no personal data or data on your web activities are transmitted to Twitter simply by integrating the Twitter function. Only when you interact with the Twitter functions, for example by clicking on a button, can data be sent to Twitter, stored there and processed. We have no influence on this data processing and bear no responsibility for it. In this privacy policy, we want to give you an overview of what data Twitter stores, what Twitter does with this data and how you can largely protect yourself from data transmission. 

For some, Twitter is a news service, for others a social media platform and still others refer to it as a microblogging service. All of these terms are justified and mean more or less the same thing. 

Both private individuals and companies use Twitter to communicate with interested parties via short messages. Twitter only allows 280 characters per message. These messages are called „tweets“. Unlike Facebook, for example, the service is not focussed on expanding a network for “friends”, but wants to be seen as a global and open news platform. You can also have an anonymous account on Twitter and tweets can be deleted by the company or by the users themselves.

Why do we use Twitter on our website? 
Like many other websites and companies, we try to offer our services and communicate with our customers via various channels. We have grown particularly fond of Twitter as a useful „little“ news service. We are constantly tweeting or retweeting exciting, funny or interesting content. We realise that you can't follow every channel separately. After all, you have other things to do as well. That's why we have also integrated Twitter functions on our website. You can experience our Twitter activity „on site“ or access our Twitter page via a direct link. By integrating Twitter, we want to improve our service and the user-friendliness of our website.

What data is stored by Twitter? 
You will find built-in Twitter functions on some of our subpages. If you interact with Twitter content, for example by clicking on a button, Twitter can collect and store data. Even if you do not have a Twitter account yourself. Twitter calls this data “log data”. This includes demographic data, browser cookie IDs, the ID of your smartphone, hashed email addresses, and information about which pages you have visited on Twitter and what actions you have taken. Twitter naturally stores more data if you have a Twitter account and are logged in. This data is usually stored via cookies. Cookies are small text files that are usually set in your browser and transmit different information to Twitter.

Twitter uses the data collected on the one hand to better understand user behaviour and thus improve its own services and advertising offers, and on the other hand the data is also used for internal security measures.

How long and where is the data stored? 
If Twitter collects data from other websites, it is deleted, summarised or otherwise concealed after a maximum of 30 days. The Twitter servers are located on various server centres in the United States. It can therefore be assumed that the data collected is collected and stored in America. After our research, we were unable to determine whether Twitter also has its own servers in Europe. In principle, Twitter can store the collected data until it is no longer useful to the company, you delete the data or there is a statutory deletion period.

How can I delete my data or prevent data storage? 
In its privacy policy, Twitter repeatedly emphasises that it does not store any data from external website visits if you or your browser are located in the European Economic Area or Switzerland. However, if you interact directly with Twitter, Twitter will of course also store data about you. If you have a Twitter account, you can manage your data by clicking on „More“ under the „Profile“ button. Then click on „Settings and privacy“. Here you can manage the data processing individually. If you do not have a Twitter account, you can go to twitter.com and then click on „Individualisation“. Under „Individualisation and data“ you can manage your collected data. As mentioned above, most of the data is stored via cookies, which you can manage, deactivate or delete in your browser. Please note that you can only “edit” the cookies in the browser you have selected. This means that if you use a different browser in the future, you will have to manage your cookies again according to your wishes. In the „Cookies“ section, you will find the relevant links to the instructions for the most popular browsers. You can also manage your browser so that you are informed about each individual cookie. You can then always decide individually whether to allow a cookie or not. Twitter also uses the data for personalised advertising within and outside Twitter. You can switch off personalised advertising in the settings under „Individualisation and data“. If you use Twitter on a browser, you can switch off personalised advertising under https://optout.aboutads.info/?c=2&lang=EN deactivate.

Legal basis 
If you have consented to your data being processed and stored by integrated social media elements, this consent is the legal basis for data processing (Art. 6 para. sentence 11 lit. a GDPR). In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the integrated social media elements if you have given your consent. Most social media platforms also set cookies in your browser to store data. We therefore recommend that you read our data protection text on cookies carefully and consult the privacy policy or cookie guidelines of the respective service provider. 

Twitter also processes your data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may entail various risks for the legality and security of data processing. 

Twitter uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR) as the basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or data transfer to these countries. Standard Contractual Clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, Twitter undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de 

You can find more information on the standard contractual clauses on Twitter at https://gdpr.twitter.com/en/controller-to-controller-transfers.html. We hope we have given you a basic overview of data processing by Twitter. We do not receive any data from Twitter and are not responsible for what Twitter does with your data. If you have any further questions on this topic, we recommend that you read the Twitter privacy policy at https://twitter.com/de/privacy.

Service provider: Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA
Website: https://twitter.com/?lang=de
Privacy policy: https://twitter.com/de/privacy

XING

We use social plugins from the social media network Xing, Xing SE, Dammtorstraße 30, 20354 Hamburg, Germany, on our website. These functions allow you, for example, to share content on Xing directly via our website, log in via Xing or follow interesting content. You can recognise the plug-ins by the company name or the Xing logo. When you visit a website that uses a Xing plug-in, data may be transmitted to the “Xing servers”, stored and analysed. In this privacy policy, we want to inform you about what data is involved and how you can manage or prevent this data storage. Xing is a social network with its headquarters in Hamburg. The company specialises in the management of professional contacts. This means that, unlike other networks, Xing is primarily about professional networking. The platform is often used for job searches or to find employees for one's own company. Xing also offers interesting content on various professional topics. Its global counterpart is the American company LinkedIn.

Service provider: New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany
Website: https://www.xing.com/
Privacy policy: https://privacy.xing.com/de/datenschutzerklaerung

Brevo / Newsletter provider

Service provider: Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin
Website: https://www.brevo.com
Privacy policy: https://www.brevo.com/de/legal/privacypolicy/

L. Your rights under the GDPR

According to the GDPR, you are entitled to the rights listed below,
which you can obtain at any time if the legal requirements are met from the
Controller named in section 1 of this privacy policy
can assert:

• Right to information: You have the right to request information from us as to whether and which of your data we process.
• Right to rectification: You have the right to request the correction of incorrect data or the completion of incomplete data.
• Right to cancellation: You have the right to request the deletion of your data.
• Right to restriction: In certain cases, you have the right to request that we only process your data to a limited extent.
• Right to data portability: You have the right
  to request that we provide you or another controller with your personal data
  Data in a structured, commonly used and machine-readable format
  transmit.
• Right of appeal: You have the right to contact
  to complain to a supervisory authority. The supervisory authority is responsible
  your usual place of residence, your place of work or our
  company headquarters.

Right of cancellation

You have the right to withdraw your consent to data processing at any time.

Right of objection

You have the right to object to the processing of your data at any time,
which we base on our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f
DSGVO to lodge an objection. If you object to your
right of objection, we ask you to explain the reasons for your objection.
Reasons. We will then no longer process your personal data.
unless we can prove to you that we are authorised to do so.
compelling legitimate grounds for the processing of your data your interests
and rights prevail. Irrespective of the above, you have the
right to object at any time to the processing of your personal data for the purposes of
purposes of advertising and data analysis.

Please address your objection to the contact address of the controller given above.

When do we delete your data?

We delete your data when we no longer need it for the stated purpose.
are no longer required or you specify this to us. This means that -
insofar as the individual data protection notices of this
data protection declaration - we delete your data,

• if the purpose of the data processing has ceased to exist and thus the
  the respective legal basis stated in the individual data protection notices
  no longer exists, e.g.
  • after termination of the existing (pre-)contractual relationship between us (Art. 6 para. 1 sentence 1 lit. b GDPR) or
  • after the cessation of our legitimate interest in the further
    Processing or storage of your data (Art. 6 para. 1 sentence 1 lit. f
    GDPR),
• if you make use of your right of cancellation and do not
  other legal basis for the processing 
  intervenes,
• if you make use of your right to object and there are no compelling legitimate grounds for erasure.

However, if we still use (certain parts of) your data for other purposes
purposes, for example because this is required by tax retention periods.
(generally 6 years for business correspondence and 10 years for
accounting documents) or the assertion, exercise or defence of legal claims.
legal claims arising from contractual relationships, or
the data to protect the rights of another natural or legal person
legal entity, we will delete (that part of) your (your) personal data.
data only after these deadlines have expired. Until the expiry of these deadlines
However, we limit the processing of this data to these purposes
(fulfilment of retention obligations).

M. Safety measures

You have the right to object at any time to the processing of your data, which we base on our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps. You can recognise whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the status bar of your browser. We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments. If you make use of your right to object, we ask you to explain the reasons. We will then no longer process your personal data unless we can prove to you that compelling legitimate grounds for data processing outweigh your interests and rights. Irrespective of the above, you have the right to object to the processing of your personal data for advertising and data analysis purposes at any time. Please address your objection to the contact address of the controller given above.

N. Up-to-dateness and amendment of this privacy policy

This privacy policy is currently valid and is dated February 2022. Due to changes in legal or official requirements, it may be necessary for us to adapt this privacy policy. We expressly reserve the right to make such amendments. Changes come into force with the publication of the revised privacy policy. Please therefore refer to the latest version of our privacy policy.

This privacy policy was created with the help of the SOS Recht data protection generator. SOS Recht is a service provided by Mueller.legal Rechtsanwälte Partnerschaft based in Berlin.

The additions were made with the Data protection generator created by AdSimple.