οƒ 

daksof@outlook.com

ο‘Ή

+49 15 20 45 85 268

οƒ 

daksof@outlook.com

ο‘Ή

+49 15 20 45 85 268

Privacy Policy

 

Table of Contents

Introduction and Overview

We have drafted this Privacy Policy (version 20.02.2026-313106413) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (hereinafter referred to as β€œdata”) we as the controller β€” and the processors commissioned by us (e.g., providers) β€” process, will process in the future, and what lawful options you have. The terms used are to be understood as gender-neutral.
In short: We provide you with comprehensive information about data that we process about you.

Privacy policies usually sound very technical and use legal terminology. This Privacy Policy, however, aims to describe the most important things to you as simply and transparently as possible. Wherever it promotes transparency, technical terms are explained in a reader-friendly way, links to further information are provided, and graphics are used. We therefore inform you in clear and simple language that we only process personal data within the scope of our business activities if a corresponding legal basis exists. This is certainly not possible if one provides explanations that are as brief, unclear, and legal-technical as those often standard on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative and that there may be some information included that you did not previously know.
If questions still remain, we kindly ask you to contact the responsible entity listed below or in the legal notice, to follow the available links, and to view further information on third-party websites. Our contact details can of course also be found in the legal notice.

Scope of Application

This Privacy Policy applies to all personal data processed by us within the company and to all personal data processed by companies commissioned by us (processors). By personal data, we mean information within the meaning of Art. 4 No. 1 GDPR, such as the name, email address, and postal address of a person. The processing of personal data ensures that we can offer and invoice our services and products, whether online or offline. The scope of this Privacy Policy includes:

  • all online presences (websites, online shops) operated by us
  • social media presences and email communication
  • mobile apps for smartphones and other devices

In short: The Privacy Policy applies to all areas in which personal data is processed in a structured manner within the company via the channels mentioned above. Should we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.

Legal Bases

In the following Privacy Policy, we provide you with transparent information about the legal principles and provisions, i.e., the legal bases of the General Data Protection Regulation, that enable us to process personal data.
As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016. You can of course read this General Data Protection Regulation online at EUR-Lex at:
https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016R0679&from=DE&tid=313106413

We only process your data if at least one of the following conditions applies:

  1. Consent (Article 6(1)(a) GDPR): You have given us your consent to process data for a specific purpose. An example would be storing the data you entered in a contact form.
  2. Contract (Article 6(1)(b) GDPR): In order to fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a purchase contract with you, we require personal information in advance.
  3. Legal obligation (Article 6(1)(c) GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally required to retain invoices for accounting purposes. These usually contain personal data.
  4. Legitimate interests (Article 6(1)(f) GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we must process certain data in order to operate our website securely and economically efficiently. This processing therefore represents a legitimate interest.

Further conditions such as the performance of tasks in the public interest and the exercise of official authority, as well as the protection of vital interests, generally do not apply to us. Should such a legal basis be relevant, it will be indicated at the appropriate place.

Contact Details of the Controller

If you have any questions about data protection or the processing of personal data, you will find below the contact details of the controller in accordance with Article 4(7) of the EU General Data Protection Regulation (GDPR):

Sole Proprietorship Daksof
Email: daksof@outlook.com
Phone: +4915204585268
Legal Notice: https://www.daksof.de/impressum/

Storage Period

The fact that we store personal data only for as long as is absolutely necessary for the provision of our services and products applies as a general criterion for us. This means that we delete personal data as soon as the reason for data processing no longer exists. In some cases, we are legally obliged to retain certain data even after the original purpose has ceased to exist, for example for accounting purposes.

If you wish to have your data deleted or withdraw your consent to data processing, the data will be deleted as quickly as possible and insofar as there is no obligation to retain it.

We will inform you below about the specific duration of the respective data processing, provided we have further information on this.

Rights under the General Data Protection Regulation

In accordance with Articles 13 and 14 of the GDPR, we inform you of the following rights to which you are entitled in order to ensure fair and transparent processing of data:

  • According to Article 15 GDPR, you have the right to obtain information about whether we process data about you. If this is the case, you have the right to receive a copy of the data and to obtain the following information:
    • the purpose of the processing;
    • the categories, i.e. the types of data processed;
    • who receives this data and, if the data is transferred to third countries, how security can be ensured;
    • how long the data is stored;
    • the existence of the right to rectification, erasure or restriction of processing and the right to object to processing;
    • that you can lodge a complaint with a supervisory authority (links to these authorities can be found below);
    • the origin of the data if we did not collect it from you;
    • whether profiling is carried out, i.e. whether data is automatically evaluated in order to create a personal profile of you.
  • According to Article 16 GDPR, you have the right to rectification of data, which means that we must correct data if you find errors.
  • According to Article 17 GDPR, you have the right to erasure (β€œright to be forgotten”), which specifically means that you may request the deletion of your data.
  • According to Article 18 GDPR, you have the right to restriction of processing, which means that we may only store the data but not use it further.
  • According to Article 20 GDPR, you have the right to data portability, which means that we will provide your data to you in a common format upon request.
  • According to Article 21 GDPR, you have the right to object, which, after enforcement, results in a change in processing.
    • If the processing of your data is based on Article 6(1)(e) (public interest, exercise of official authority) or Article 6(1)(f) (legitimate interest), you may object to the processing. We will then examine as quickly as possible whether we can legally comply with this objection.
    • If data is used for direct marketing, you may object to this type of data processing at any time. We may then no longer use your data for direct marketing.
    • If data is used for profiling, you may object to this type of data processing at any time. We may then no longer use your data for profiling.
  • According to Article 22 GDPR, you may have the right not to be subject to a decision based solely on automated processing (for example profiling).
  • According to Article 77 GDPR, you have the right to lodge a complaint. This means that you can lodge a complaint with the data protection authority at any time if you believe that the data processing of personal data violates the GDPR.

In short: You have rights – do not hesitate to contact the responsible entity listed above with us!

Data Transfer to Third Countries

We only transfer or process data in countries outside the scope of the GDPR (third countries) if you consent to this processing or if another legal permission exists. This particularly applies if processing is legally required or necessary for the fulfillment of a contractual relationship and in any case only insofar as it is generally permitted. Your consent is in most cases the most important reason for us to process data in third countries.

The processing of personal data in third countries such as the USA, where many software manufacturers provide services and have their server locations, may mean that personal data is processed and stored in unexpected ways.

We expressly point out that, in the opinion of the European Court of Justice, an adequate level of protection for data transfer to the USA currently exists only if a US company that processes personal data of EU citizens in the USA is an active participant in the EU-US Data Privacy Framework. You can find more information about this at: https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

Data processing by US services that are not active participants in the EU-US Data Privacy Framework may result in data not being processed and stored anonymously. Furthermore, US government authorities may gain access to individual data. In addition, collected data may be linked with data from other services of the same provider if you have a corresponding user account. Where possible, we try to use server locations within the EU if this is offered.

We inform you in more detail at the appropriate points in this Privacy Policy about data transfer to third countries where applicable.

Security of Data Processing

To protect personal data, we have implemented both technical and organizational measures. Wherever possible, we encrypt or pseudonymize personal data. In doing so, we make it as difficult as possible, within the scope of our capabilities, for third parties to infer personal information from our data.

Article 25 GDPR refers here to β€œdata protection by design and by default” and means that security is always considered and appropriate measures are implemented both in software (e.g., forms) and hardware (e.g., access to the server room). In the following, we will, where necessary, address specific measures in more detail.

TLS Encryption with https

TLS, encryption and https sound very technical β€” and they are. We use HTTPS (Hypertext Transfer Protocol Secure stands for β€œsecure hypertext transfer protocol”) to transmit data securely over the Internet.
This means that the complete transmission of all data from your browser to our web server is secured β€” no one can β€œlisten in.”

By doing so, we have introduced an additional layer of security and comply with data protection by design (Article 25(1) GDPR). Through the use of TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data.
You can recognize the use of this data transmission protection by the small lock symbol at the top left of your browser, to the left of the Internet address (e.g., beispielseite.de), and by the use of the scheme https (instead of http) as part of our Internet address.
If you would like to learn more about encryption, we recommend searching Google for β€œHypertext Transfer Protocol Secure wiki” to obtain good links to further information.

Communication

Communication Summary
πŸ‘₯ Data subjects: All those who communicate with us by telephone, email or online form
πŸ““ Processed data: e.g., telephone number, name, email address, entered form data. More details can be found under the respective type of contact used
🀝 Purpose: Handling communication with customers, business partners, etc.
πŸ“… Storage period: Duration of the business case and statutory provisions
βš–οΈ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(b) GDPR (contract), Art. 6(1)(f) GDPR (legitimate interests)

If you contact us and communicate by telephone, email or online form, personal data may be processed.

The data is processed for the handling and processing of your question and the related business transaction. The data is stored for as long as required for this purpose or as required by law.

Data Subjects

The above-mentioned processes affect all those who seek contact with us via the communication channels we provide.

Telephone

If you call us, the call data is pseudonymously stored on the respective end device and with the telecommunications provider used. In addition, data such as name and telephone number may subsequently be sent by email and stored for the purpose of responding to your inquiry. The data is deleted as soon as the business case has been completed and statutory requirements allow.

Email

If you communicate with us by email, data may be stored on the respective end device (computer, laptop, smartphone, etc.) and data storage takes place on the email server. The data is deleted as soon as the business case has been completed and statutory requirements allow.

Online Forms

If you communicate with us via online form, data is stored on our web server and, if necessary, forwarded to an email address of ours. The data is deleted as soon as the business case has been completed and statutory requirements allow.

Legal Bases

The processing of the data is based on the following legal bases:

  • Art. 6(1)(a) GDPR (consent): You give us your consent to store your data and use it further for purposes related to the business case;
  • Art. 6(1)(b) GDPR (contract): There is a necessity for the performance of a contract with you or a processor such as the telephone provider, or we must process the data for pre-contractual activities, such as preparing an offer;
  • Art. 6(1)(f) GDPR (legitimate interests): We want to handle customer inquiries and business communication in a professional manner. For this purpose, certain technical facilities such as email programs, exchange servers and mobile network operators are necessary in order to operate communication efficiently.

Data Processing Agreement (DPA)

In this section, we would like to explain what a Data Processing Agreement is and why it is needed. Because the word β€œData Processing Agreement” is quite a mouthful, we will often only use the acronym DPA in this text. Like most companies, we do not work alone but also make use of services provided by other companies or individuals. Due to the involvement of various companies or service providers, it may happen that we pass on personal data for processing. These partners then act as processors with whom we conclude a contract, the so-called Data Processing Agreement (DPA). The most important thing for you to know is that the processing of your personal data takes place exclusively in accordance with our instructions and must be regulated by the DPA.

Who are processors?

As a company and website owner, we are responsible for all data that we process from you. In addition to the controllers, there may also be so-called processors. This includes any company or person that processes personal data on our behalf. More precisely and according to the GDPR definition: any natural or legal person, authority, institution or other body that processes personal data on our behalf is considered a processor. Processors may therefore be service providers such as hosting or cloud providers, payment or newsletter providers, or large companies such as Google or Microsoft.

For better understanding of the terminology, here is an overview of the three roles in the GDPR:

Data subject (you as customer or interested party) β†’ Controller (we as company and client) β†’ Processor (service provider such as web host or cloud provider)

Content of a Data Processing Agreement

As mentioned above, we have concluded a DPA with our partners who act as processors. This primarily stipulates that the processor processes the data to be processed exclusively in accordance with the GDPR. The contract must be concluded in writing, although in this context electronic contract conclusion is also considered β€œwritten”. The processing of personal data only takes place on the basis of the contract. The contract must contain the following:

  • Commitment to us as controller
  • Obligations and rights of the controller
  • Categories of data subjects
  • Type of personal data
  • Nature and purpose of data processing
  • Subject matter and duration of data processing
  • Place of data processing

Furthermore, the contract contains all obligations of the processor. The most important obligations are:

  • to ensure data security measures
  • to take possible technical and organizational measures to protect the rights of the data subject
  • to maintain a data processing register
  • to cooperate with the data protection supervisory authority upon request
  • to carry out a risk analysis regarding the personal data received
  • Sub-processors may only be commissioned with written consent of the controller

Cookies

Cookies Summary
πŸ‘₯ Data subjects: Website visitors
🀝 Purpose: depends on the respective cookie. More details can be found below or from the manufacturer of the software that sets the cookie.
πŸ““ Processed data: Depends on the respective cookie used. More details can be found below or from the manufacturer of the software that sets the cookie.
πŸ“… Storage period: depends on the respective cookie, can vary from hours to years
βš–οΈ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What are cookies?

Our website uses HTTP cookies to store user-specific data.
Below we explain what cookies are and why they are used so that you can better understand the following Privacy Policy.

Whenever you browse the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing cannot be denied: cookies are really useful helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, since there are also other cookies for other areas of application. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically placed in the cookie folder, which is, so to speak, the β€œbrain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data about you, such as language or personal page settings. When you revisit our site, your browser transmits the β€œuser-related” information back to our site. Thanks to cookies, our website knows who you are and offers you the settings you are accustomed to. In some browsers, each cookie has its own file; in others, such as Firefox, all cookies are stored in a single file.

The following graphic shows a possible interaction between a web browser such as Chrome and the web server. The web browser requests a website and receives a cookie from the server, which the browser uses again as soon as another page is requested.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g., Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other β€œmalware.” Cookies also cannot access information on your PC.

For example, cookie data can look like this:

  • Name: _ga
  • Expiration time: 2 years
  • Use: Differentiation of website visitors
  • Example value: GA1.2.1326744211.152313106413

A browser should support the following minimum sizes:

  • At least 4096 bytes per cookie
  • At least 50 cookies per domain
  • At least 3000 cookies in total

What types of cookies are there?

The question of which cookies we specifically use depends on the services used and is clarified in the following sections of the Privacy Policy. At this point, we would like to briefly address the different types of HTTP cookies.

Four types of cookies can be distinguished:

Essential cookies
These cookies are necessary to ensure the basic functions of the website. For example, these cookies are needed when a user places a product in the shopping cart, then continues browsing on other pages and only later proceeds to checkout. These cookies ensure that the shopping cart is not deleted even if the user closes their browser window.

Functional cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are also used to measure loading times and the behavior of the website in different browsers.

Targeting cookies
These cookies ensure better user-friendliness. For example, entered locations, font sizes or form data are stored.

Advertising cookies
These cookies are also called targeting cookies. They serve to deliver individually tailored advertising to the user. This can be very practical, but also very annoying.

Usually, when you visit a website for the first time, you are asked which of these types of cookies you would like to allow. And of course, this decision is also stored in a cookie.

Purpose of processing via cookies

The purpose ultimately depends on the respective cookie. More details can be found below or from the manufacturer of the software that sets the cookie.

What data is processed?

Cookies are small helpers for many different tasks. Unfortunately, it is not possible to generalize which data is stored in cookies, but we will inform you within the scope of the following Privacy Policy about the processed or stored data.

Storage duration of cookies

The storage duration depends on the respective cookie and is specified further below. Some cookies are deleted after less than an hour, others can remain stored on a computer for several years.

You also have influence over the storage duration. You can manually delete all cookies at any time via your browser (see also β€œRight to object” below). Furthermore, cookies based on consent will be deleted at the latest after you revoke your consent, whereby the legality of storage up to that point remains unaffected.

Right to object – how can I delete cookies?

You decide how and whether you want to use cookies. Regardless of which service or website the cookies originate from, you always have the option to delete, deactivate or only partially allow cookies. For example, you can block cookies from third parties but allow all other cookies.

If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Clear cookies to remove data that websites have stored on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you generally do not want cookies, you can configure your browser so that it always informs you when a cookie is about to be set. This allows you to decide for each individual cookie whether you allow it or not. The procedure varies depending on the browser. The best way is to search for instructions in Google using the search term β€œdelete cookies Chrome” or β€œdisable cookies Chrome” in the case of a Chrome browser.

Legal basis

The so-called β€œCookie Directive” has existed since 2009. It states that the storage of cookies requires your consent (Article 6(1)(a) GDPR). However, there are still very different reactions to these directives within EU countries. In Germany, however, the Cookie Directive was not implemented as national law. Instead, this directive was largely implemented in Section 15(3) of the Telemedia Act (TMG), which has since been replaced by the Digital Services Act (DDG).

For absolutely necessary cookies, even if no consent is given, there are legitimate interests (Article 6(1)(f) GDPR), which in most cases are of an economic nature. We want to provide visitors to the website with a pleasant user experience and for this, certain cookies are often absolutely necessary.

If cookies that are not absolutely necessary are used, this only takes place with your consent. The legal basis in this respect is Art. 6(1)(a) GDPR.

In the following sections, you will be informed in more detail about the use of cookies, insofar as the software used employs cookies.

Web Hosting Introduction

Web Hosting Privacy Policy Summary
πŸ‘₯ Data subjects: Visitors to the website
🀝 Purpose: Professional hosting of the website and safeguarding operational security
πŸ““ Processed data: IP address, time of website access, browser used and other data. More details can be found below or from the respective hosting provider.
πŸ“… Storage period: depends on the respective provider, but usually 2 weeks
βš–οΈ Legal bases: Art. 6(1)(f) GDPR (legitimate interests)

What is web hosting?

When you visit websites today, certain information β€” including personal data β€” is automatically created and stored, including on this website. This data should be processed as sparingly as possible and only with justification.

By website, we mean the entirety of all web pages on a domain, i.e., everything from the homepage (start page) to the very last subpage (like this one here). By domain, we mean, for example, beispiel.de or musterseite.com.

If you want to view a website on a screen, you use a program called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox and Apple Safari.

This web browser must connect to another computer where the website’s code is stored: the web server. Operating a web server is a complex and time-consuming task, which is why this is usually handled by professional providers. These providers offer web hosting and thus ensure reliable and error-free storage of website data.

When the browser on your computer (desktop, laptop, tablet or smartphone) establishes a connection and during data transmission to and from the web server, personal data may be processed. On the one hand, your computer stores data; on the other hand, the web server must also store data for a certain period of time in order to ensure proper operation.

To illustrate:

Webhosting ErklΓ€rung

Why do we process personal data?

The purposes of data processing are:

  • Professional hosting of the website and safeguarding operational security
  • To maintain operational and IT security
  • Anonymous evaluation of access behavior to improve our offering and, if necessary, for criminal prosecution or the assertion of claims

What data is processed?

Even while you are currently visiting our website, our web server β€” this is the computer on which this website is stored β€” usually automatically stores data such as

  • the complete Internet address (URL) of the accessed website
  • browser and browser version (e.g., Chrome 87)
  • the operating system used (e.g., Windows 10)
  • the address (URL) of the previously visited page (referrer URL) (e.g., https://www.beispielquellseite.de/vondabinichgekommen/)
  • the hostname and IP address of the device from which access is made (e.g., COMPUTERNAME and 194.23.43.121)
  • date and time
  • in so-called web server log files

How long is data stored?

As a rule, the above-mentioned data is stored for two weeks and then automatically deleted. We do not pass this data on, but we cannot rule out that this data may be viewed by authorities in the event of unlawful behavior.

In short: Your visit is logged by our provider (company that operates our website on special computers (servers)), but we do not pass on your data without consent!

Legal basis

The legality of the processing of personal data in the context of web hosting results from Art. 6(1)(f) GDPR (protection of legitimate interests), as the use of professional hosting with a provider is necessary in order to present the company securely and user-friendly on the Internet and, if necessary, to be able to pursue attacks and claims arising from them.

As a rule, there is a contract for order processing in accordance with Art. 28 f. GDPR between us and the hosting provider, which ensures compliance with data protection and guarantees data security.

Website Builder Systems Introduction

Website Builder Systems Privacy Policy Summary
πŸ‘₯ Data subjects: Visitors to the website
🀝 Purpose: Optimization of our service performance
πŸ““ Processed data: IP address, technical usage information, contact data and location data
More details can be found below or from the respective provider of the website builder system.
πŸ“… Storage period: depends on the provider used
βš–οΈ Legal bases: Art. 6(1)(f) GDPR (legitimate interests), Art. 6(1)(a) GDPR (consent)

What are website builder systems?

We use a website builder system for our website. Builder systems are special forms of a content management system (CMS). With a builder system, website operators can create a website very easily and without programming knowledge. In many cases, web hosts also offer builder systems. By using a builder system, personal data may also be collected, stored and processed. In this privacy text, we provide you with general information about data processing by builder systems. You can find more detailed information in the privacy policies of the respective provider.

Why do we use website builder systems for our website?

The biggest advantage of a builder system is ease of use. We want to offer you a clear, simple and well-structured website that we can easily operate and maintain ourselves β€” without external support. A builder system now offers many helpful functions that we can use even without programming knowledge. This allows us to design our web presence according to our wishes and offer you an informative and pleasant time on our website.

What data is stored by a builder system?

Which data is stored depends of course on the website builder system used. Each provider processes and collects different data from the website visitor. However, as a rule, technical usage information such as operating system, browser, screen resolution, language and keyboard settings, hosting provider and the date of your website visit is collected. In addition, tracking data (e.g., browser activity, clickstream activities, session heatmaps, etc.) can also be processed. Furthermore, personal data can also be collected and stored. This usually includes contact data such as email address, telephone number (if you have provided it), IP address and geographical location data. You can find out exactly which data is stored in the privacy policy of the provider.

How long and where is the data stored?

We will inform you about the duration of data processing below in connection with the website builder system used, provided we have further information on this. You can find detailed information on this in the privacy policy of the provider. In general, we only process personal data for as long as is absolutely necessary for the provision of our services and products. It is possible that the provider stores data from you according to its own specifications, over which we have no influence.

Right to object

You always have the right to information, correction and deletion of your personal data. If you have any questions, you can also contact those responsible for the website builder system used at any time. You can find contact details either in our privacy policy or on the website of the respective provider.

You can delete, deactivate or manage cookies used by providers for their functions in your browser. Depending on which browser you use, this works in different ways. Please note, however, that not all functions may then work as usual.

Legal basis

We have a legitimate interest in using a website builder system to optimize our online service and present it efficiently and user-friendly for you. The corresponding legal basis for this is Art. 6(1)(f) GDPR (legitimate interests). Nevertheless, we only use the builder system if you have given your consent.

Insofar as the processing of data is not absolutely necessary for the operation of the website, the data will only be processed on the basis of your consent. This particularly applies to tracking activities. The legal basis in this respect is Art. 6(1)(a) GDPR.

With this privacy policy, we have provided you with the most important general information about data processing. If you would like to inform yourself even more precisely about this, you can find further information β€” if available β€” in the following section or in the privacy policy of the provider.

Web Analytics Introduction

Web Analytics Privacy Policy Summary
πŸ‘₯ Data subjects: Visitors to the website
🀝 Purpose: Evaluation of visitor information to optimize the web offering
πŸ““ Processed data: Access statistics containing data such as access locations, device data, access duration and time, navigation behavior, click behavior and IP addresses. More details can be found below or in the privacy policy of the respective web analytics tool.
πŸ“… Storage period: depends on the web analytics tool used
βš–οΈ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is web analytics?

We use software on our website to evaluate the behavior of website visitors, so-called web analytics or web analysis for short. In doing so, data is collected which the respective analytics tool provider (also called tracking tool) stores, manages and processes. With the help of the data, analyses of user behavior on our website are created and made available to us as website operators. In addition, most tools offer various testing options. For example, we can test which offers or content are most popular with our visitors. For this purpose, we show you two different offers for a limited period of time. After the test (so-called A/B test), we know which product or content our website visitors find more interesting. For such testing procedures, as well as for other analytics procedures, user profiles can also be created and the data stored in cookies.

Why do we use web analytics?

With our website, we have a clear goal in mind: we want to provide the best web offering on the market for our industry. To achieve this goal, we want to offer the best and most interesting content on the one hand and ensure that you feel completely comfortable on our website on the other. With the help of web analytics tools, we can take a closer look at the behavior of our website visitors and then improve our web offering accordingly for you and us. For example, we can recognize how old our visitors are on average, where they come from, when our website is most visited or which content or products are particularly popular. All this information helps us optimize the website and thus adapt it as best as possible to your needs, interests and wishes.

What data is processed?

Exactly which data is stored depends of course on the analytics tools used. As a rule, however, data such as which content you view on our website, which buttons or links you click on, when you access a page, which browser you use, which device (PC, tablet, smartphone, etc.) you use to visit the website or which computer system you use is stored. If you have consented to location data being collected, this may also be processed by the web analytics tool provider.

Your IP address is also stored. According to the General Data Protection Regulation (GDPR), IP addresses are personal data. However, your IP address is usually stored pseudonymously (i.e., in an unrecognizable and abbreviated form). For the purpose of testing, web analysis and web optimization, no direct data such as your name, age, address or email address is stored. All this data, if collected, is stored pseudonymously. Therefore, you cannot be identified as a person.

The following example schematically shows the functioning of Google Analytics as an example of client-based web tracking with JavaScript code.

Google Analytics Clientseitig

How long the respective data is stored always depends on the provider. Some cookies store data only for a few minutes or until you leave the website again, other cookies can store data for several years.

Duration of data processing

We will inform you below about the duration of data processing if we have further information on this. In general, we only process personal data for as long as it is absolutely necessary for the provision of our services and products. If it is required by law, as in the case of accounting, this storage period may also be exceeded.

Right to object

You also always have the right and the possibility to revoke your consent to the use of cookies or third-party providers. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser.

Legal basis

The use of web analytics requires your consent, which we have obtained with our cookie popup. According to Art. 6(1)(a) GDPR (consent), this consent represents the legal basis for the processing of personal data as may occur when collected by web analytics tools.

In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors and thus improving our offering technically and economically. With the help of web analytics, we detect errors on the website, can identify attacks and improve efficiency. The legal basis for this is Art. 6(1)(f) GDPR (legitimate interests). Nevertheless, we only use the tools if you have given consent.

Since web analytics tools use cookies, we also recommend that you read our general privacy policy on cookies. To find out exactly which of your data is stored and processed, you should read the privacy policies of the respective tools.

Information on specific web analytics tools can be found β€” if available β€” in the following sections.

Email Marketing Introduction

Email Marketing Privacy Policy Summary
πŸ‘₯ Data subjects: Newsletter subscribers
🀝 Purpose: Direct marketing via email
πŸ““ Processed data: Data entered during registration such as email address, possibly first name and last name.
More details can be found below or from the respective email marketing provider.
πŸ“… Storage period: Duration of the subscription
βš–οΈ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is email marketing?

To always keep you up to date, we also use the option of email marketing. If you have agreed to receive our emails or newsletters, your data will also be processed and stored. Email marketing is a sub-area of online marketing. In doing so, news or general information about a company, products or services is sent by email to a specific group of people who are interested in it.

If you would like to participate in our email marketing (usually via newsletter), you usually only have to register with your email address. For this purpose, you fill out an online form and send it off. However, it may also happen that we ask you for your title and your name so that we can also address you personally.

In principle, registration for newsletters works using the so-called β€œdouble opt-in procedure.” After you have registered for our newsletter on our website, you will receive an email confirming your newsletter registration. This ensures that the email address belongs to you and that no one has registered with someone else’s email address. We or a notification tool used by us logs every individual registration. This is necessary so that we can also prove the legally correct registration process. As a rule, the time of registration, the time of registration confirmation and your IP address are stored. In addition, it is also logged when you make changes to your stored data.

Why do we use email marketing?

We naturally want to stay in contact with you and always present you with the most important news about our company. For this purpose, we use email marketing β€” often simply referred to as β€œnewsletter” β€” as an essential part of our online marketing. If you agree to this or if it is permitted by law, we will send you newsletters, system emails or other notifications by email. When we use the term β€œnewsletter” in the following text, we primarily mean regularly sent emails. Of course, we do not want to bother you in any way with our newsletter. That is why we really only endeavor to offer relevant and interesting content. For example, you can find out more about our company, our services or products. Since we are also constantly improving our offerings, you will always find out via our newsletter when there is news or when we are currently offering special, lucrative promotions. If we commission a service provider who offers a professional dispatch tool for our email marketing, we do so in order to be able to offer you fast and secure newsletters. The purpose of our email marketing is basically to inform you about new offers and also to get closer to our business goals.

What data is processed?

If you become a subscriber to our newsletter via our website, you confirm your membership in an email list by email. In addition to your IP address and email address, your title, name, address and telephone number may also be stored. However, only if you agree to this data storage. The data marked as such is necessary so that you can participate in the offered service. The provision is voluntary, but non-provision means that you cannot use the service. In addition, information about your device or your preferred content on our website may also be stored. You can find more information about data storage when visiting a website in the section β€œAutomatic data storage.” We log your declaration of consent so that we can always prove that this complies with our laws.

Duration of data processing

If you unsubscribe your email address from our email/newsletter distribution list, we may store your address for up to three years on the basis of our legitimate interests so that we can still prove your consent at that time. We may only process this data if we have to defend ourselves against possible claims.

However, if you confirm to us that you have given us consent for the newsletter registration, you can submit an individual deletion request at any time. If you permanently object to the consent, we reserve the right to store your email address in a blacklist. As long as you have voluntarily subscribed to our newsletter, we will of course also store your email address.

Right to object

You have the option to cancel your newsletter subscription at any time. To do so, you only need to revoke your consent to the newsletter registration. This usually only takes a few seconds or one or two clicks. Most of the time, you will find a link directly at the end of each email to cancel the newsletter subscription. If you really cannot find the link in the newsletter, please contact us by email and we will cancel your newsletter subscription immediately.

Legal basis

The dispatch of our newsletter is based on your consent (Article 6(1)(a) GDPR). This means that we may only send you a newsletter if you have previously actively registered for it. If necessary, we may also send you advertising messages on the basis of Section 7(3) UWG, provided that you have become our customer and have not objected to the use of your email address for direct advertising.

Information about special email marketing services and how they process personal data can be found β€” if available β€” in the following sections.

Push Notifications Introduction

Push Notifications Privacy Policy Summary
πŸ‘₯ Data subjects: Subscribers to push notifications
🀝 Purpose: Notification about relevant events and offers
πŸ““ Processed data: IP address, browser data, device data, time of subscription
More details can be found below or from the respective push notification provider.
πŸ“… Storage period: As long as the push notification subscription exists
βš–οΈ Legal bases: Art. 6(1)(a) GDPR (consent)

What are push notifications?

We use push notifications on our website, which you can subscribe to. These are messages that appear directly on your device (smartphone, tablet, or desktop) even if you are not currently on our website. You will receive notifications, for example, about new content, updates or offers.

To receive push notifications, you must explicitly agree to their activation. This usually happens via a query in your browser. You can revoke this consent at any time in your browser settings.

Why do we use push notifications?

Push notifications allow us to inform you quickly and directly about important news and offers. Our aim is to provide you with relevant content and strengthen our communication with you.

What data is processed?

When you subscribe to push notifications, a unique subscription ID is created and stored. In addition, technical data such as your IP address, browser type, device type and the time of subscription may be processed.

We do not use push notifications to track your browsing behavior outside of our website.

Duration of data processing

Your data will be stored for as long as your push notification subscription is active. As soon as you unsubscribe, your data will be deleted, unless statutory retention obligations prevent this.

Right to object

You can revoke your consent to receive push notifications at any time via your browser settings. In addition, you can block or deactivate push notifications directly in your device settings.

Legal basis

The processing of your data in connection with push notifications is based exclusively on your consent in accordance with Art. 6(1)(a) GDPR.

Messenger & Communication Introduction

Messenger & Communication Privacy Policy Summary
πŸ‘₯ Data subjects: Users who communicate with us via messenger services
🀝 Purpose: Processing and responding to your inquiry
πŸ““ Processed data: Name, telephone number, email address, message content, time of communication, IP address and, if applicable, additional technical data
More details can be found below or from the respective messenger provider.
πŸ“… Storage period: Duration of the business case and statutory retention periods
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(b) GDPR (contract), Art. 6(1)(f) GDPR (legitimate interests)

What are messenger services?

We offer you the possibility to communicate with us via messenger services. Messenger services are digital communication tools that enable real-time exchange of messages between users. Well-known examples include WhatsApp, Facebook Messenger, Telegram or Signal. When you contact us via such a service, personal data may be processed.

Why do we use messenger services?

We use messenger services to offer you a simple and fast communication channel. Our goal is to respond to your inquiries as efficiently as possible and to provide you with up-to-date information about our services.

What data is processed?

When you contact us via a messenger service, the data you provide (such as your name, telephone number or email address and the content of your message) will be processed. In addition, technical data such as your IP address, device information, timestamps and usage data may also be processed by the respective provider.

Please note that we have no influence on the data processing procedures of the respective messenger provider. Further information can be found in the privacy policy of the provider.

Duration of data processing

We store your data for as long as it is necessary to process your inquiry and any subsequent communication, or as long as statutory retention periods require it.

Right to object

You have the right to revoke your consent to communication via messenger services at any time. You can also request information about your stored data or request its deletion, provided there are no statutory retention obligations preventing this.

Legal basis

The processing of your data takes place on the basis of your consent in accordance with Art. 6(1)(a) GDPR, for the fulfillment of a contract or pre-contractual measures in accordance with Art. 6(1)(b) GDPR, or on the basis of our legitimate interest in efficient communication in accordance with Art. 6(1)(f) GDPR.

Chatbots Introduction

Chatbots Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors who use the chatbot function
🀝 Purpose: Processing inquiries and improving our service
πŸ““ Processed data: Entered chat content, IP address, technical device information, time of interaction and, if applicable, contact details
More details can be found below or from the respective chatbot provider.
πŸ“… Storage period: Duration of the inquiry processing and statutory retention periods
βš–οΈ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(b) GDPR (contract), Art. 6(1)(f) GDPR (legitimate interests)

What are chatbots?

We use chatbots on our website. A chatbot is a software application that can communicate with you via text or voice messages. Chatbots can answer your questions, provide information or perform simple actions automatically. If you use our chatbot, personal data may be processed.

Why do we use chatbots?

We use chatbots to offer you quick and uncomplicated assistance. This enables us to answer frequently asked questions efficiently and to improve our service continuously.

What data is processed?

When you use the chatbot, the content of your messages as well as technical data such as your IP address, device type, browser information and timestamps are processed. If you provide contact details within the chat, these will also be processed.

Depending on the chatbot provider used, data may also be stored and analyzed to optimize the chatbot service. Further information can be found in the privacy policy of the respective provider.

Duration of data processing

Your data will be stored for as long as necessary to process your inquiry and to improve our chatbot services, or as long as statutory retention obligations apply.

Right to object

You have the right to revoke your consent to data processing via the chatbot at any time. You can also request information about your stored data or request its deletion, provided there are no statutory retention obligations preventing this.

Legal basis

The processing of your data takes place on the basis of your consent in accordance with Art. 6(1)(a) GDPR, for the fulfillment of a contract or pre-contractual measures in accordance with Art. 6(1)(b) GDPR, or on the basis of our legitimate interest in efficient customer communication in accordance with Art. 6(1)(f) GDPR.

Social Media Introduction

Social Media Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors and users of our social media channels
🀝 Purpose: Presentation of our services and communication with customers and interested parties
πŸ““ Processed data: Usage data, interaction data, IP address, contact details, content of messages
More details can be found below or in the privacy policy of the respective social media provider.
πŸ“… Storage period: Depends on the respective platform provider
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is social media?

In addition to our website, we are also active on various social media platforms. User data may be processed so that we can specifically address users who are interested in us via social networks. In addition, elements of a social media platform may also be integrated directly into our website. This is the case, for example, when you click a so-called social button on our website and are redirected directly to our social media presence. So-called social media refers to websites and apps through which registered members can produce content, exchange content openly or in specific groups, and network with other members.

Why do we use social media?

For years, social media platforms have been the place where people communicate and connect online. With our social media presences, we can bring our products and services closer to interested parties. The social media elements integrated on our website help you to switch to our social media content quickly and without complications.

The data stored and processed through your use of a social media channel primarily serves the purpose of carrying out web analyses. The goal of these analyses is to be able to develop more precise and personalized marketing and advertising strategies. Depending on your behavior on a social media platform, suitable conclusions about your interests can be drawn with the help of the evaluated data and so-called user profiles can be created. This also makes it possible for the platforms to present you with tailored advertisements. For this purpose, cookies are usually set in your browser that store data about your usage behavior.

As a rule, we assume that we remain responsible under data protection law even if we use services of a social media platform. However, the European Court of Justice has decided that in certain cases the operator of the social media platform may be jointly responsible with us within the meaning of Art. 26 GDPR. If this is the case, we point this out separately and work on the basis of an agreement related to this. The essential elements of the agreement are then reproduced below for the platform concerned.

Please note that when using social media platforms or our integrated elements, your data may also be processed outside the European Union, as many social media channels, for example Facebook or Twitter, are American companies. As a result, you may not be able to assert or enforce your rights with regard to your personal data as easily.

What data is processed?

Exactly which data is stored and processed depends on the respective provider of the social media platform. But usually it concerns data such as telephone numbers, email addresses, data that you enter in a contact form, user data such as which buttons you click, who you like or follow, when you visited which pages, information about your device and your IP address. Most of this data is stored in cookies. Especially if you yourself have a profile with the visited social media channel and are logged in, data can be linked to your profile.

All data collected via a social media platform is also stored on the providers’ servers. Thus, only the providers have access to the data and can provide you with the appropriate information or make changes.

If you want to know exactly which data is stored and processed by social media providers and how you can object to data processing, you should carefully read the respective company’s privacy policy. Even if you have questions about data storage and data processing or want to assert corresponding rights, we recommend that you contact the provider directly.

Duration of data processing

We will inform you below about the duration of data processing if we have further information on this. For example, the social media platform Facebook stores data until it is no longer needed for its own purposes. Customer data that is matched with its own user data is deleted within two days. In general, however, we only process personal data for as long as it is absolutely necessary for the provision of our services and products.

Right to object

You also have the right and the possibility to revoke your consent to the use of cookies or third-party providers such as embedded social media elements at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser.

Since social media tools may use cookies, we also recommend our general privacy policy on cookies. To find out exactly which of your data is stored and processed, you should read the privacy policies of the respective tools.

Legal basis

If you have consented to your data being processed and stored through integrated social media elements, this consent serves as the legal basis for data processing (Art. 6(1)(a) GDPR). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6(1)(f) GDPR) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the tools if you have given consent. Most social media platforms also set cookies in your browser to store data. Therefore, we recommend that you carefully read our privacy text about cookies and review the privacy policy or cookie policy of the respective service provider.

Information on specific social media platforms can be found β€” if available β€” in the following sections.

Online Marketing Introduction

Online Marketing Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors
🀝 Purpose: Evaluation of visitor behavior for the optimization of marketing measures
πŸ““ Processed data: Access statistics, interaction data, device information, IP address, possibly location data and user behavior
More details can be found below or in the privacy policy of the respective online marketing tool.
πŸ“… Storage period: depends on the tools used
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is online marketing?

Online marketing refers to all measures carried out online to achieve marketing objectives such as increasing brand awareness or concluding business transactions. Furthermore, our online marketing measures aim to draw people’s attention to our website. In order to be able to show our offer to many interested people, we therefore operate online marketing. In most cases, this involves online advertising, content marketing or search engine optimization (SEO). So that we can use online marketing efficiently and in a targeted manner, personal data is also stored and processed. The data helps us, on the one hand, to show our content only to those people who are actually interested in it, and on the other hand, we can measure the advertising success of our online marketing measures.

Why do we use online marketing tools?

We want to show our website to everyone who is interested in our offer. We are aware that this is not possible without deliberately set measures. That is why we engage in online marketing. There are various tools that make our online marketing work easier and also continuously provide suggestions for improvement through data. This enables us to target our campaigns more precisely to our target group. The purpose of these online marketing tools used is therefore ultimately the optimization of our offer.

What data is processed?

So that our online marketing works and the success of the measures can be measured, user profiles are created and data is stored in cookies (these are small text files), for example. With the help of this data, we can not only place advertising in the traditional sense, but also display our content directly on our website in the way you prefer. For this purpose, there are various third-party tools that offer these functions and accordingly also collect and store data from you. The named cookies store, for example, which web pages you visited on our website, how long you viewed these pages, which links or buttons you click or from which website you came to us. In addition, technical information can also be stored. For example, your IP address, which browser you use, from which end device you visit our website or the time when you accessed our website and when you left it again. If you have agreed that we may also determine your location, we can also store and process this.

Your IP address is stored in pseudonymized form (i.e., shortened). Unique data that directly identifies you as a person, such as name, address or email address, is also stored only in pseudonymized form within the scope of advertising and online marketing procedures. We can therefore not identify you as a person, but have only stored the pseudonymized information in the user profiles.

The cookies may also be used, analyzed and used for advertising purposes on other websites that work with the same advertising tools. The data can then also be stored on the servers of the advertising tool providers.

In exceptional cases, unique data (name, email address, etc.) can also be stored in the user profiles. This storage takes place, for example, if you are a member of a social media channel that we use for our online marketing measures and the network links previously received data with the user profile.

With all advertising tools used by us that store data from you on their servers, we always receive only summarized information and never data that makes you identifiable as an individual. The data only shows how well set advertising measures worked. For example, we see which measures prompted you or other users to come to our website and purchase a service or product there. Based on the analyses, our advertising offer can be improved in the future and adapted even more precisely to the needs and wishes of interested persons.

Duration of data processing

We will inform you below about the duration of data processing if we have further information on this. In general, we process personal data only for as long as it is absolutely necessary for the provision of our services and products. Data stored in cookies is stored for different lengths of time. Some cookies are deleted immediately after leaving the website, others can remain stored in your browser for several years. In the respective privacy policies of the individual providers, you will usually find precise information about the individual cookies used by the provider.

Right to object

You also have the right and the possibility to revoke your consent to the use of cookies or third-party providers at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser. The legality of the processing until revocation remains unaffected.

Since cookies can generally be used in online marketing tools, we also recommend our general privacy policy on cookies. To find out exactly which of your data is stored and processed, you should read the privacy policies of the respective tools.

Legal basis

If you have consented to the use of third-party providers, the legal basis for the corresponding data processing is this consent. According to Art. 6(1)(a) GDPR (consent), this consent represents the legal basis for the processing of personal data, as may occur when collected by online marketing tools.

Furthermore, we have a legitimate interest in measuring online marketing measures in anonymized form in order to optimize our offer and our measures with the help of the data obtained. The corresponding legal basis for this is Art. 6(1)(f) GDPR (legitimate interests). Nevertheless, we only use the tools if you have given consent.

Information about special online marketing tools can be found β€” if available β€” in the following sections.

Affiliate Programs Introduction

Affiliate Programs Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors
🀝 Purpose: Economic operation of our website through commission-based partnerships
πŸ““ Processed data: IP address, device information, click behavior, timestamps, possibly contract data
More details can be found below or from the respective affiliate provider.
πŸ“… Storage period: depends on the affiliate provider used
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What are affiliate programs?

We use affiliate programs on our website. Affiliate programs are partner programs of online companies through which a commission is offered to website operators or publishers for advertising products or services. When you click on an affiliate link on our website, you will be redirected to the offer of the respective partner. If you then carry out a certain action (for example a purchase), we receive a commission. For correct billing, it is necessary that the respective provider can trace that you came to the offer via our website. For this purpose, cookies or similar recognition technologies may be used.

Why do we use affiliate programs?

Affiliate programs enable us to generate income through our website. At the same time, we can present you with interesting products or services from partner companies that may also be relevant to you.

What data is processed?

When you click on an affiliate link, the affiliate provider receives information that you have accessed the offer via our website. This may include your IP address, device data, browser information, the time of the click and, if applicable, other technical information. If you subsequently conclude a contract with the partner company, further data necessary for contract processing will be processed by that company.

Please note that we have no influence on the data processing of the respective affiliate provider. Further information can be found in the privacy policy of the partner company.

Duration of data processing

We will inform you below about the duration of data processing if we have further information on this. In general, personal data is only processed for as long as it is necessary for the provision of our services and the processing of affiliate relationships. Storage periods of cookies can vary depending on the provider.

Right to object

You have the right to revoke your consent to the use of affiliate tracking technologies at any time. This works either via our cookie management tool or via the corresponding settings in your browser. The legality of the processing until revocation remains unaffected.

Legal basis

If you have consented to the use of affiliate cookies or tracking technologies, this consent is the legal basis for data processing in accordance with Art. 6(1)(a) GDPR.

In addition, we have a legitimate interest in the economic operation of our website and the analysis of affiliate measures. The corresponding legal basis for this is Art. 6(1)(f) GDPR (legitimate interests). Nevertheless, we only use affiliate programs if you have given consent.

Content Delivery Networks Introduction

Content Delivery Networks Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors
🀝 Purpose: Optimization of our service performance (faster loading times, increased security)
πŸ““ Processed data: IP address, browser data, device data, requested content, timestamps
More details can be found below or from the respective CDN provider.
πŸ“… Storage period: depends on the provider used
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is a Content Delivery Network?

We use a so-called Content Delivery Network (CDN) on our website. A CDN is a network of regionally distributed servers connected via the Internet. Through this network, content – especially very large files such as graphics, scripts or style sheets – can be delivered quickly and securely, even in the case of large load peaks.

Why do we use a Content Delivery Network?

A fast-loading website is part of our service. Of course, we know how annoying it is when a website loads at a snail’s pace. Often you even lose patience and leave the site before it has fully loaded. Naturally, we want to avoid that. Therefore, a fast-loading website is a natural part of our website offering. With a Content Delivery Network, our website loads significantly faster in your browser. The use of a CDN is particularly helpful when you are abroad, because the website is delivered from a server near you.

What data is processed?

When you request a website or content that is stored in a CDN, the CDN forwards the request to the server closest to you and this server delivers the content. Content Delivery Networks are structured in such a way that JavaScript libraries can be downloaded and hosted on so-called npm servers. Alternatively, with most CDNs, WordPress plugins can also be loaded if they are hosted on WordPress.org. Your browser may transmit personal data to the Content Delivery Network we use. This includes data such as IP address, browser type, browser version, which website is loaded or the time and date of the page visit. This data is collected and stored by the CDN. Whether cookies are used for data storage depends on the network used. Please read the privacy texts of the respective service.

Right to object

If you want to completely prevent this data transmission, you can install a JavaScript blocker (see for example https://noscript.net/) on your PC. Of course, our website will then no longer be able to offer the usual service (such as fast loading speed).

Legal basis

If you have consented to the use of a Content Delivery Network, the legal basis for the corresponding data processing is this consent. According to Art. 6(1)(a) GDPR (consent), this consent represents the legal basis for the processing of personal data, as may occur when collected by a Content Delivery Network.

In addition, we have a legitimate interest in using a Content Delivery Network to optimize and secure our online service. The corresponding legal basis for this is Art. 6(1)(f) GDPR (legitimate interests). Nevertheless, we only use the tool if you have given consent.

Information about special Content Delivery Networks can be found β€” if available β€” in the following sections.

Cookie Consent Management Platform Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors
🀝 Purpose: Obtaining and managing consent for cookies and similar technologies
πŸ““ Processed data: Consent status, IP address (possibly in anonymized form), browser data, device data, time of consent
More details can be found below or from the respective consent management provider.
πŸ“… Storage period: depends on the provider used and statutory retention obligations
βš– Legal bases: Art. 6(1)(c) GDPR (legal obligation), Art. 6(1)(a) GDPR (consent)

What is a cookie consent management platform?

We use a cookie consent management platform (CMP) on our website. The purpose of a CMP is to provide you and us with the ability to handle the use of cookies and tracking technologies correctly and securely. The software automatically creates a cookie pop-up, scans and controls all scripts and cookies, provides you with the legally required cookie consent and helps us and you to keep track of all cookies. With most cookie consent management tools, all existing cookies are identified and categorized. As a website visitor, you then decide for yourself whether and which scripts and cookies you allow or do not allow. The following graphic shows the relationship between browser, web server and CMP.

Cookie Consent Management Platform ErklΓ€rung

Why do we use a cookie management tool?

Our goal is to offer you the best possible transparency in the area of data protection. In addition, we are also legally obliged to do so. We want to inform you as comprehensively as possible about all tools and all cookies that can store and process your data. It is also your right to decide which cookies you accept and which you do not. In order to grant you this right, we must first know exactly which cookies have ended up on our website. Thanks to a cookie management tool that regularly scans the website for all existing cookies, we know about all cookies and can provide you with GDPR-compliant information about them. You can then accept or reject cookies via the consent system.

What data is processed?

Within the framework of our cookie management tool, you can manage each individual cookie yourself and have full control over the storage and processing of your data. The declaration of your consent is stored so that we do not have to query you again each time you visit our website and can also prove your consent if legally required. This storage takes place either in an opt-in cookie or on a server. The storage period of your cookie consent varies depending on the provider of the cookie management tool. Usually, this data (e.g., pseudonymous user ID, time of consent, details of cookie categories or tools, browser, device information) is stored for up to two years.

Duration of data processing

We will inform you below about the duration of data processing if we have further information on this. In general, we only process personal data for as long as it is absolutely necessary for the provision of our services and products. Data stored in cookies is stored for different lengths of time. Some cookies are deleted immediately after leaving the website, others can remain stored in your browser for several years. The exact duration of data processing depends on the tool used; in most cases, you should expect a storage period of several years. In the respective privacy policies of the individual providers, you will usually find precise information about the duration of data processing.

Right to object

You also have the right and the possibility to revoke your consent to the use of cookies at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser.

Legal basis

If you consent to cookies, personal data will be processed and stored via these cookies. If we may use cookies on the basis of your consent (Art. 6(1)(a) GDPR), this consent is also the legal basis for the use of cookies or the processing of your data. In order to be able to manage consent to cookies and enable you to grant consent, a cookie consent management platform software is used. The use of this software enables us to operate the website in a legally compliant manner efficiently, which represents a legitimate interest (Art. 6(1)(f) GDPR).

Information about specific cookie consent management platforms can be found β€” if available β€” in the following sections.

Security & Anti-Spam

Security & Anti-Spam Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors
🀝 Purpose: Protection of the website against malicious attacks and spam
πŸ““ Processed data: IP address, technical usage data, possibly form data and communication data
More details can be found below or from the respective security provider.
πŸ“… Storage period: depends on the provider used
βš– Legal bases: Art. 6(1)(f) GDPR (legitimate interests)

What are security and anti-spam services?

With the help of special security and anti-spam services, we can protect our website and ourselves from various unwanted or malicious activities. These services are used to fend off attacks such as DDoS attacks, brute-force attacks or spam messages. In this context, personal data such as IP addresses may also be processed.

Why do we use security and anti-spam services?

Our website is an important platform for presenting our services and communicating with interested parties. To ensure that our website remains functional and secure, we use security and anti-spam services. These services help us to protect our website from cyberattacks and misuse and thus also protect your data.

What data is processed?

Depending on the service used, various technical data may be processed. This can include IP address, browser information, device data, access times and communication data. In the case of spam protection for forms, the content of messages may also be checked automatically for suspicious patterns.

Further information about the specific data processed can be found in the privacy policy of the respective provider.

Duration of data processing

We will inform you below about the duration of data processing if we have further information on this. In general, personal data is only processed for as long as it is necessary to ensure the security and functionality of our website.

Right to object

You have the right to object to the processing of your personal data if this processing is based on Art. 6(1)(f) GDPR. In this case, we will examine whether compelling legitimate grounds for the processing exist that override your interests.

Legal basis

The use of security and anti-spam services is based on our legitimate interest in the secure and uninterrupted operation of our website in accordance with Art. 6(1)(f) GDPR.

Payment Providers Introduction

Payment Providers Privacy Policy Summary
πŸ‘₯ Data subjects: Customers
🀝 Purpose: Processing of payment transactions
πŸ““ Processed data: Name, address, bank details, credit card data, transaction data, IP address and, if applicable, other contract-related data
More details can be found below or from the respective payment provider.
πŸ“… Storage period: According to statutory retention obligations and depending on the respective payment provider
βš– Legal bases: Art. 6(1)(b) GDPR (contract), Art. 6(1)(c) GDPR (legal obligation)

What are payment providers?

We use online payment providers on our website to enable you to pay securely and conveniently. When you make a payment via our website, the data required for payment processing is transmitted to the respective payment service provider. Payment providers are companies that handle payment transactions between you and us and ensure that payments are processed securely.

Why do we use payment providers?

We want to offer you the most convenient and secure payment methods possible. For this purpose, we work together with various payment providers who ensure that your payment is processed reliably and in compliance with applicable security standards.

What data is processed?

In order to process a payment, personal data such as your name, address, bank details or credit card data must be processed. In addition, transaction data such as payment amount, date and time of the transaction and IP address may also be processed. The specific data processed depends on the payment method selected.

Please note that we have no influence on the data processing procedures of the respective payment provider. Further information can be found in the privacy policy of the respective provider.

Duration of data processing

We only store your data for as long as it is necessary to process the payment and fulfill contractual and legal obligations. Due to statutory retention obligations, certain data may need to be stored for several years.

Right to object

You have the right to request information about your stored data and to request correction or deletion of this data, provided that no statutory retention obligations prevent this.

Legal basis

The processing of your data in connection with payment processing takes place for the fulfillment of a contract in accordance with Art. 6(1)(b) GDPR and for the fulfillment of legal obligations in accordance with Art. 6(1)(c) GDPR.

Information about specific payment providers can be found β€” if available β€” in the following sections.

External Online Platforms Introduction

External Online Platforms Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors and users of external platforms
🀝 Purpose: Presentation of our services and communication via third-party platforms
πŸ““ Processed data: Usage data, contact data, content data, IP address, technical data
More details can be found below or in the privacy policy of the respective platform.
πŸ“… Storage period: depends on the respective platform provider
βš– Legal bases: Art. 6(1)(f) GDPR (legitimate interests), Art. 6(1)(a) GDPR (consent)

What are external online platforms?

We use external online platforms to present our services and to communicate with customers and interested parties. These platforms are websites or applications operated by third parties on which we maintain our own presence. Examples include online marketplaces, service portals or comparison platforms.

Why do we use external online platforms?

External online platforms enable us to reach additional target groups and make our services visible to a broader public. At the same time, they offer you the opportunity to obtain information about our services and contact us via the respective platform.

What data is processed?

If you interact with us via an external online platform, personal data may be processed. This can include, for example, your name, contact details, message content and technical data such as your IP address. The exact data processed depends on the respective platform and your interaction there.

Please note that we have no influence on the data processing procedures of the respective platform provider. Further information can be found in the privacy policy of the respective provider.

Duration of data processing

We will inform you below about the duration of data processing if we have further information on this. In general, personal data is only processed for as long as it is necessary for the fulfillment of our contractual and legal obligations.

Right to object

You have the right to request information about your stored data and to request correction or deletion of this data, provided that no statutory retention obligations prevent this.

Legal basis

The processing of your data takes place on the basis of our legitimate interest in presenting our services and communicating with customers in accordance with Art. 6(1)(f) GDPR. If consent is required, the processing takes place on the basis of Art. 6(1)(a) GDPR.

Information about specific external online platforms can be found β€” if available β€” in the following sections.

Credit Agencies Introduction

Credit Agencies Privacy Policy Summary
πŸ‘₯ Data subjects: Customers
🀝 Purpose: Assessment of creditworthiness and reduction of payment default risk
πŸ““ Processed data: Identification data, contact data, contract data, payment experience data
More details can be found below or from the respective credit agency.
πŸ“… Storage period: depends on statutory retention periods and the respective credit agency
βš– Legal bases: Art. 6(1)(f) GDPR (legitimate interests)

What are credit agencies?

We may work together with credit agencies to assess the creditworthiness of customers. Credit agencies are companies that collect and store data about the payment behavior of individuals and companies. On the basis of this data, they create creditworthiness assessments (so-called scoring values).

Why do we use credit agencies?

By obtaining credit information, we can reduce the risk of payment defaults and protect ourselves against financial losses. At the same time, this also serves to ensure fair and secure business transactions.

What data is processed?

In the context of a credit check, identification and contact data such as name, address and date of birth may be transmitted to a credit agency. The agency may also provide us with information about your payment behavior and creditworthiness. The exact data processed depends on the respective credit agency.

Please note that we have no influence on the data processing procedures of the respective credit agency. Further information can be found in the privacy policy of the respective provider.

Duration of data processing

We only store your data for as long as it is necessary to carry out the credit check and to fulfill contractual and legal obligations.

Right to object

You have the right to request information about your stored data and to request correction or deletion of this data, provided that no statutory retention obligations prevent this.

Legal basis

The processing of your data for the purpose of credit assessment takes place on the basis of our legitimate interest in safeguarding against payment defaults in accordance with Art. 6(1)(f) GDPR.

Credit Agencies Introduction

Credit Agencies Privacy Policy Summary
πŸ‘₯ Data subjects: Customers
🀝 Purpose: Assessment of creditworthiness and reduction of payment default risk
πŸ““ Processed data: Identification data, contact data, contract data, payment experience data
More details can be found below or from the respective credit agency.
πŸ“… Storage period: depends on statutory retention periods and the respective credit agency
βš– Legal bases: Art. 6(1)(f) GDPR (legitimate interests)

What are credit agencies?

We may work together with credit agencies to assess the creditworthiness of customers. Credit agencies are companies that collect and store data about the payment behavior of individuals and companies. On the basis of this data, they create creditworthiness assessments (so-called scoring values).

Why do we use credit agencies?

By obtaining credit information, we can reduce the risk of payment defaults and protect ourselves against financial losses. At the same time, this also serves to ensure fair and secure business transactions.

What data is processed?

In the context of a credit check, identification and contact data such as name, address and date of birth may be transmitted to a credit agency. The agency may also provide us with information about your payment behavior and creditworthiness. The exact data processed depends on the respective credit agency.

Please note that we have no influence on the data processing procedures of the respective credit agency. Further information can be found in the privacy policy of the respective provider.

Duration of data processing

We only store your data for as long as it is necessary to carry out the credit check and to fulfill contractual and legal obligations.

Right to object

You have the right to request information about your stored data and to request correction or deletion of this data, provided that no statutory retention obligations prevent this.

Legal basis

The processing of your data for the purpose of credit assessment takes place on the basis of our legitimate interest in safeguarding against payment defaults in accordance with Art. 6(1)(f) GDPR.

Audio & Video Introduction

Audio & Video Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors
🀝 Purpose: Integration and display of audio and video content
πŸ““ Processed data: IP address, browser data, device data, interaction data, possibly account data
More details can be found below or in the privacy policy of the respective audio or video provider.
πŸ“… Storage period: depends on the respective provider
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What are audio and video elements?

We have integrated audio and video elements on our website so that you can watch videos or listen to music/podcasts directly via our website. The content is provided by service providers. All content is therefore also obtained from the respective providers’ servers.

These are integrated functional elements from platforms such as YouTube, Vimeo or Spotify. The use of these portals is usually free of charge, but paid content may also be published. With the help of these embedded elements, you can listen to or watch the respective content via our website.

If you use audio or video elements on our website, personal data may also be transmitted to, processed and stored by the service providers.

Why do we use audio and video elements on our website?

Of course, we want to provide you with the best offer on our website. And we are aware that content is no longer conveyed only in text and static images. Instead of simply giving you a link to a video, we offer you audio and video formats directly on our website that are entertaining or informative and ideally both. This expands our service and makes it easier for you to access interesting content. Thus, in addition to our texts and images, we also offer video and/or audio content.

What data is stored by audio and video elements?

When you access a page on our website that has an embedded video, for example, your server connects to the server of the service provider. In doing so, data from you is also transmitted to the third-party provider and stored there. Some data is collected and stored independently of whether you have an account with the third-party provider. This usually includes your IP address, browser type, operating system and other general information about your device. Furthermore, most providers also collect information about your web activity. This includes, for example, session duration, bounce rate, which button you clicked or via which website you use the service. All this information is usually stored via cookies or pixel tags (also called web beacons). Pseudonymized data is usually stored in cookies in your browser. You can always find out exactly which data is stored and processed in the privacy policy of the respective provider.

Duration of data processing

You can find out exactly how long the data is stored on the servers of the third-party providers either below in the privacy text of the respective tool or in the provider’s privacy policy. In principle, personal data is always only processed for as long as it is absolutely necessary for the provision of our services or products. This usually also applies to third-party providers. In most cases, you can assume that certain data will be stored on the servers of third-party providers for several years. Data can be stored for different lengths of time, especially in cookies. Some cookies are deleted immediately after leaving the website, others can remain stored in your browser for several years.

Right to object

You also always have the right and the possibility to revoke your consent to the use of cookies or third-party providers at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser. The legality of the processing until revocation remains unaffected.

Since integrated audio and video functions on our site usually also use cookies, you should also read our general privacy policy on cookies. In the privacy policies of the respective third-party providers, you will learn more about the handling and storage of your data.

Legal basis

If you have consented to your data being processed and stored through integrated audio and video elements, this consent serves as the legal basis for data processing (Art. 6(1)(a) GDPR). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6(1)(f) GDPR) in a fast and good communication with you or other customers and business partners. Nevertheless, we only use the integrated audio and video elements if you have given consent.

Video Conferencing & Streaming Introduction

Video Conferencing & Streaming Privacy Policy Summary
πŸ‘₯ Data subjects: Participants in online meetings, video conferences or streams
🀝 Purpose: Conducting online meetings, webinars and live streams
πŸ““ Processed data: Name, contact details, communication content, video and audio data, IP address, device data
More details can be found below or in the privacy policy of the respective provider.
πŸ“… Storage period: depends on the provider used and statutory retention obligations
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(b) GDPR (contract), Art. 6(1)(f) GDPR (legitimate interests)

What are video conferencing and streaming services?

We use software programs that enable us to conduct video conferences, online meetings, webinars or live streams. In a video conference or stream, information is transmitted simultaneously via sound and moving images. With the help of such video conferencing or streaming tools, we can communicate with customers, business partners, clients and even employees quickly and easily via the Internet.

Of course, when using the service provider, we pay attention to the specified legal framework conditions. In principle, third-party providers can process data as soon as you interact with the software program. Third-party providers of video conferencing or streaming solutions use your data and metadata for different purposes. For example, the data helps to make the tool more secure and to improve the service. In most cases, the data may also be used for the provider’s own marketing purposes.

Why do we use video conferencing and streaming services on our website?

We want to communicate with you, our customers and business partners digitally, quickly and securely. This works best with video conferencing solutions that function very easily. Most tools also work directly via your browser and after just a few clicks you are in the middle of a video meeting. The tools also offer helpful additional functions such as a chat and screen sharing function or the ability to share content between meeting participants.

What data is processed?

If you participate in our video conference or stream, data about you will also be processed and stored on the servers of the respective service provider.

Exactly which data is stored depends on the solutions used. Each provider stores and processes different amounts of data. However, as a rule, your name, address, contact details such as your email address or telephone number and your IP address are stored. Furthermore, information about the device you use, usage data such as which websites you visit, when you visit a website or which buttons you click may also be stored. Data transmitted within the video conference (voice recordings, chat messages, shared files) may also be stored.

Duration of data processing

We will inform you below about the duration of data processing if we have further information on this. In general, we only process personal data for as long as it is absolutely necessary for the provision of our services and products. It may be that the provider stores data from you according to its own specifications, over which we then have no influence.

Right to object

You always have the right to information, correction and deletion of your personal data. If you have any questions, you can also contact those responsible for the video conferencing tool used at any time. Contact details can be found either in our specific privacy policy section or on the website of the respective provider.

You can delete, deactivate or manage cookies used by providers for their functions in your browser. Depending on which browser you use, this works in different ways. Please note, however, that not all functions may then work as usual.

Legal basis

If you have consented to your data being processed and stored through the video or streaming solution, this consent serves as the legal basis for data processing (Art. 6(1)(a) GDPR). In addition, we can also offer a video conference as part of our services if this has been agreed with you in advance (Art. 6(1)(b) GDPR). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6(1)(f) GDPR) in fast and good communication with you or other customers and business partners, but only if you have at least given consent.

Recruiting Tools Introduction

Recruiting Tools Privacy Policy Summary
πŸ‘₯ Data subjects: Applicants
🀝 Purpose: Processing of application procedures
πŸ““ Processed data: Contact details, application documents, qualifications, communication data, IP address, technical usage data
More details can be found below or in the privacy policy of the respective recruiting tool provider.
πŸ“… Storage period: Duration of the application process and statutory retention periods
βš– Legal bases: Art. 6(1)(b) GDPR (pre-contractual measures), Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What are recruiting tools?

We use software solutions to manage and process applications. Recruiting tools enable digital handling of application procedures, including the storage, organization and evaluation of applicant data.

Why do we use recruiting tools?

By using recruiting tools, we can process applications efficiently and in a structured manner. This allows us to respond quickly to applications and manage the recruitment process professionally.

What data is processed?

If you apply to us, we process the personal data you provide. This includes, for example, your name, address, contact details, CV, certificates and other information about your qualifications. In addition, technical data such as IP address and access time may also be processed.

Duration of data processing

Your data will be stored for the duration of the application process. If no employment relationship is established, your data will be deleted after completion of the procedure, unless statutory retention obligations or your consent allow longer storage.

Legal basis

The processing of applicant data takes place for the implementation of pre-contractual measures in accordance with Art. 6(1)(b) GDPR. If you have given consent for longer storage, processing takes place on the basis of Art. 6(1)(a) GDPR.

Single Sign-On Logins Introduction

Single Sign-On Privacy Policy Summary
πŸ‘₯ Data subjects: Registered users
🀝 Purpose: Simplified login via third-party providers
πŸ““ Processed data: Email address, profile data, authentication data, IP address
πŸ“… Storage period: depends on the respective provider
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(b) GDPR (contract)

We may offer you the possibility to log in via a third-party account (e.g., Google or Facebook). In this case, authentication takes place via the respective provider. Personal data may be transmitted to us in this context.

Survey and Questionnaire Systems Introduction

Survey Systems Privacy Policy Summary
πŸ‘₯ Data subjects: Participants in surveys
🀝 Purpose: Collection of feedback and improvement of our services
πŸ““ Processed data: Responses provided, IP address, technical usage data
πŸ“… Storage period: depends on the provider used
βš– Legal basis: Art. 6(1)(a) GDPR (consent)

We use survey systems to conduct online surveys and questionnaires. The data you provide will be processed for the purpose of evaluating and improving our services.

Review Platforms Introduction

Review Platforms Privacy Policy Summary
πŸ‘₯ Data subjects: Customers and website visitors
🀝 Purpose: Display and collection of reviews
πŸ““ Processed data: Name, review content, IP address, interaction data
πŸ“… Storage period: depends on the respective platform provider
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

We may integrate review platforms that allow users to rate our services. When you submit a review, personal data may be processed.

Web Design Introduction

Web Design Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors
🀝 Purpose: Attractive and technically optimized presentation of the website
πŸ““ Processed data: IP address, technical usage data
πŸ“… Storage period: depends on integrated services
βš– Legal basis: Art. 6(1)(f) GDPR (legitimate interests)

We use web design tools and frameworks to ensure a modern and user-friendly presentation of our website.

Online Map Services Introduction

Online Map Services Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors
🀝 Purpose: Display of geographical information and locations
πŸ““ Processed data: IP address, location data (if permitted), device and browser data
More details can be found below or in the privacy policy of the respective map provider.
πŸ“… Storage period: depends on the respective provider
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What are online map services?

We use online map services on our website to display geographical information visually. With the help of these services, you can view locations, plan routes or obtain further geographical details directly on our website.

Why do we use online map services?

We use map services to present our location and other relevant places clearly and user-friendly. This allows you to find us more easily and obtain further information about routes or surroundings.

What data is processed?

When you access a page that contains an integrated map, data such as your IP address and technical information about your device may be transmitted to the map service provider. If you have enabled location services on your device, your location data may also be processed.

Duration of data processing

The duration of data storage depends on the respective provider. Further details can be found in the privacy policy of the respective map service.

Legal basis

If you have consented to the use of the map service, the legal basis for data processing is Art. 6(1)(a) GDPR. In addition, we have a legitimate interest in presenting our location clearly and informatively (Art. 6(1)(f) GDPR).

Content Search Providers Introduction

Content Search Providers Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors
🀝 Purpose: Improvement of search functionality on our website
πŸ““ Processed data: Search queries, IP address, device data, interaction data
πŸ“… Storage period: depends on the provider used
βš– Legal basis: Art. 6(1)(f) GDPR (legitimate interests)

We use search services to improve the search functionality on our website. When you use the search function, search terms and technical data may be processed.

Online Booking Systems Introduction

Online Booking Systems Privacy Policy Summary
πŸ‘₯ Data subjects: Customers
🀝 Purpose: Processing of bookings and reservations
πŸ““ Processed data: Name, contact details, booking data, payment data, IP address
πŸ“… Storage period: according to statutory retention obligations
βš– Legal basis: Art. 6(1)(b) GDPR (contract)

We use online booking systems to enable you to book services or appointments directly via our website. For this purpose, personal data necessary for the booking process is processed.

Miscellaneous Introduction

We may use further services that are not explicitly listed in this privacy policy. If this is the case, we will inform you accordingly at the appropriate place and ensure compliance with applicable data protection regulations.

Explanation of Terms Used

We always strive to write our privacy policy as clearly and comprehensibly as possible. However, this is not always easy, especially when it comes to technical and legal topics. It often makes sense to use legal terms (such as personal data) or certain technical expressions (such as cookies, IP address). However, we do not want to use these terms without explanation. Below you will find an alphabetical list of important terms used, which we may not yet have sufficiently addressed in the previous privacy policy. If these terms have been taken from the GDPR and are definitions, we will also cite the GDPR texts here and, if necessary, add our own explanations.

Personal Data
According to Article 4 No. 1 GDPR, β€œpersonal data” means any information relating to an identified or identifiable natural person. A natural person is considered identifiable if they can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing
According to Article 4 No. 2 GDPR, β€œprocessing” means any operation or set of operations performed on personal data, whether or not by automated means. This includes, for example, collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Controller
According to Article 4 No. 7 GDPR, the β€œcontroller” is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data.

Processor
According to Article 4 No. 8 GDPR, the β€œprocessor” is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Final Remarks

We hope that we have been able to provide you with a clear overview of the processing of personal data on our website.

If you have any further questions about data protection, please feel free to contact us using the contact details provided above.

We reserve the right to adapt this privacy policy if necessary so that it always complies with current legal requirements or to implement changes to our services in the privacy policy, for example when introducing new services. The new privacy policy will then apply to your next visit.

All texts are protected by copyright.

We have many strengths, but actual programming is not one of our core competencies.

Nevertheless, we want to have a powerful and attractive website that we can also manage and maintain ourselves. With a website builder system or a content management system such as WordPress, this is exactly possible. With WordPress, we do not have to be programming experts to offer you a beautiful website. Thanks to WordPress, we can operate our website quickly and easily even without technical prior knowledge. If technical problems arise or if we have special requests for our website, we still have our specialists who feel at home in HTML, PHP, CSS and the like.

Thanks to the ease of use and the comprehensive functions of WordPress, we can design our web presence according to our wishes and offer you good user-friendliness.

What data is processed by WordPress?

Non-personal data includes technical usage information such as browser activity, clickstream activities, session heatmaps and data about your computer, operating system, browser, screen resolution, language and keyboard settings, Internet provider and date of the page visit.

In addition, personal data is also collected. These are primarily contact details (email address or telephone number, if you provide them), IP address or your geographical location.

WordPress may also use cookies to collect data. These often collect data about your behavior on our website. For example, it can be recorded which subpages you particularly like to view, how long you stay on individual pages, when you leave a page again (bounce rate) or which preferences (e.g. language selection) you have made. Based on this data, WordPress can also better adapt its own marketing measures to your interests and your user behavior. The next time you visit our website, our website will consequently be displayed to you as you previously configured it.

WordPress may also use technologies such as pixel tags (web beacons) in order to clearly identify you as a user and possibly offer interest-based advertising.

How long and where is the data stored?

How long the data is stored depends on various factors. It mainly depends on the type of stored data and the specific settings of the website. In principle, the data is deleted by WordPress when it is no longer needed for its own purposes. There are, of course, exceptions, especially if legal obligations prescribe longer retention of the data. Web server logs containing your IP address and technical data are deleted by WordPress or Automattic after 30 days. During this time, Automattic uses the data to analyze traffic on its own websites (for example, all WordPress pages) and to resolve possible problems. Deleted content on WordPress websites is also stored in the trash for 30 days to enable restoration; afterwards it may remain in backups and caches until they are deleted. The data is stored on American servers operated by Automattic.

How can I delete my data or prevent data storage?

You have the right and the possibility at any time to access your personal data and to object to the use and processing of it. You can also file a complaint with a governmental supervisory authority at any time.

In your browser, you also have the option to manage, delete or deactivate cookies individually. Please note, however, that deactivated or deleted cookies may have possible negative effects on the functions of our WordPress site. Depending on which browser you use, managing cookies works somewhat differently. Under the section β€œCookies” you will find the corresponding links to the respective instructions of the most well-known browsers.

BootstrapCDN Privacy Policy

BootstrapCDN Privacy Policy Summary
πŸ‘₯ Data subjects: Visitors to the website
🀝 Purpose: Optimization of our service performance (to make the website load faster)
πŸ““ Processed data: Data such as your IP address, browser type, browser version, which website is loaded or time and date of the page visit
πŸ“… Storage period: Most data is stored until it is no longer required for the provision of the service
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is BootstrapCDN?

In order to be able to deliver all our individual web pages (subpages of our website) quickly and securely on all devices, we use the Content Delivery Network (CDN) BootstrapCDN, an open-source service from jsdelivr.com of the Polish software company ProspectOne, KrΓ³lewska 65A/1, 30-081, KrakΓ³w, Poland. A Content Delivery Network (CDN) is a network of regionally distributed servers connected via the Internet. Through this network, content, especially very large files, can be delivered quickly even during high load peaks.

What data is processed by BootstrapCDN?

BootstrapCDN works by delivering so-called JavaScript libraries to your browser. When your browser downloads a file from BootstrapCDN, your IP address is transmitted during the connection to the BootstrapCDN server. Personal data may therefore also be transmitted and stored. BootstrapCDN may collect and store user data such as IP address, browser type, browser version, which website is loaded or time and date of the page visit. The privacy policy of BootstrapCDN or jsdelivr.com expressly states that the company does not use cookies or other tracking services.

Legal basis

If you have consented to the use of BootstrapCDN, the legal basis for the corresponding data processing is this consent. According to Art. 6(1)(a) GDPR (consent), this consent constitutes the legal basis for the processing of personal data as may occur when collected by BootstrapCDN.

We also have a legitimate interest in using BootstrapCDN to optimize and secure our online service. The corresponding legal basis is Art. 6(1)(f) GDPR (legitimate interests). Nevertheless, we only use BootstrapCDN if you have given your consent.

We point out that, according to the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. Data processing is essentially carried out by BootstrapCDN. This may result in data possibly not being processed and stored anonymously. Furthermore, US governmental authorities may gain access to individual data. It may also occur that this data is linked with data from other possible BootstrapCDN services where you have a user account.

etracker Privacy Policy

etracker Privacy Policy Summary
πŸ‘₯ Data subjects: Visitors to the website
🀝 Purpose: Evaluation of visitor information to optimize the web offering
πŸ““ Processed data: pseudonymized IP address, technical information about browser, operating system and device, duration of stay, interactions on the website
πŸ“… Storage period: depends on the web analytics tool used
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is etracker?

We use the analytics tracking tool etracker Analytics from the German company etracker GmbH, Erste Brunnenstraße 1, D-20459 Hamburg, on our website. etracker Analytics is software that collects and evaluates data about your actions on our website. We receive analysis reports about how you use our website and can thus continually adapt our offering better to your wishes.

What data is stored by etracker?

The following data is stored and processed when a page is accessed:

  • Your pseudonymized IP address
  • Technical information about your browser, operating system and device
  • Location information up to city level at most
  • The accessed URL including page title and optional information about page content
  • Referrer website
  • The subsequent page
  • Duration of stay
  • Interactions on the website

How long and where is the data stored?

The data center (servers) is located in Hamburg and the entire system administration also takes place in Hamburg. Thus, all data is stored exclusively on German servers. The data is stored by etracker until the contract with us as customer expires. Shortly after termination of the contract, all data is permanently deleted.

Legal basis

The use of etracker requires your consent, which we obtained with our cookie popup. According to Art. 6(1)(a) GDPR (consent), this consent constitutes the legal basis for the processing of personal data as may occur when collected by web analytics tools.

In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors in order to improve our offering technically and economically. The legal basis for this is Art. 6(1)(f) GDPR (legitimate interests). Nevertheless, we only use etracker if you have given consent.

LinkedIn Insight Tag Privacy Policy

LinkedIn Insight Tag Privacy Policy Summary
πŸ‘₯ Data subjects: Visitors to the website
🀝 Purpose: Evaluation of visitor information to optimize the web offering
πŸ““ Processed data: access statistics including location data, device data, access duration and time, navigation behavior, click behavior and IP addresses
πŸ“… Storage period: direct identifiers are removed within seven days
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is LinkedIn Insight Tag?

We use the conversion tracking tool LinkedIn Insight Tag on our website. The service provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. For data protection matters in the European Economic Area (EEA), the EU and Switzerland, LinkedIn Ireland Unlimited (Wilton Place, Dublin 2, Ireland) is responsible.

By embedding the tracking tool, data can be transmitted to LinkedIn, stored and processed there. In this privacy policy, we inform you about what data is involved, how LinkedIn uses this data and how you can manage or prevent data storage.

Why do we use LinkedIn Insight Tag?

We use LinkedIn Insight Tag to draw attention to our offer. The goal is that our advertising campaigns only reach those people who are interested in our offers. With LinkedIn Insight Tag, we can collect detailed information about your website behavior, provided that you are also a LinkedIn member. This allows us to calculate our cost-benefit factor, measure the success of individual advertising measures and consequently optimize our online marketing measures.

Cloudflare Privacy Policy

Cloudflare Privacy Policy Summary
πŸ‘₯ Data subjects: Visitors to the website
🀝 Purpose: Optimization of our service performance (to make the website load faster)
πŸ““ Processed data: Data such as IP address, contact and log information, security fingerprints and performance data for websites
More details can be found below in this privacy policy.
πŸ“… Storage period: Most data is stored for less than 24 hours
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is Cloudflare?

We use Cloudflare from Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA) on this website to make our website faster and more secure. Cloudflare uses cookies and processes user data. Cloudflare, Inc. is an American company that provides a content delivery network and various security services. These services are located between the user and our hosting provider.

A Content Delivery Network (CDN), such as the one provided by Cloudflare, is nothing more than a network of connected servers. Cloudflare has distributed such servers all over the world in order to bring websites to your screen faster. Simply put, Cloudflare creates copies of our website and places them on its own servers. When you now visit our website, a load balancing system ensures that the largest parts of our website are delivered from the server that can display our website to you the fastest. The data transmission path to your browser is significantly shortened by a CDN. Thus, the content of our website is delivered to you by Cloudflare not only from our hosting server but from servers all over the world.

Cloudflare also offers various security services such as DDoS protection and a web application firewall. By setting the β€œI’m Under Attack Mode,” further attacks can be mitigated according to Cloudflare by displaying a JavaScript computational task that must be solved before a user can access a website. Overall, this makes our website significantly more powerful and less susceptible to spam or other attacks.

What data is processed by Cloudflare?

Cloudflare generally only forwards data that is controlled by website operators. The content is therefore not determined by Cloudflare but always by the website operator itself. In addition, Cloudflare may collect certain information about the use of our website and process data that is sent by us or for which Cloudflare has received appropriate instructions. In most cases, Cloudflare receives data such as IP address, contact and log information, security fingerprints and website performance data. Log data helps Cloudflare, for example, to detect new threats. In this way, Cloudflare can ensure a high level of security protection for our website.

Cloudflare processes this data within the framework of the services in compliance with applicable laws. This of course includes the General Data Protection Regulation (GDPR). Cloudflare also works with third parties. They may only process personal data under the instruction of Cloudflare and in accordance with the data protection guidelines and other confidentiality and security measures. Cloudflare does not pass on any personal data without our explicit consent.

How long and where is the data stored?

Cloudflare stores your information primarily in the USA and in the European Economic Area. Cloudflare may transfer and access the information described above from all over the world. In general, Cloudflare stores user-level data for domains in the Free, Pro and Business versions for less than 24 hours. For Enterprise domains that have Cloudflare Logs (formerly Enterprise LogShare or ELS) activated, the data may be stored for up to 7 days. However, if IP addresses trigger security warnings at Cloudflare, there may be exceptions to the storage duration mentioned above.

How can I delete my data or prevent data storage?

Cloudflare only retains data logs for as long as necessary and in most cases this data is deleted within 24 hours. Cloudflare also does not store personal data such as your IP address permanently. However, there is information that Cloudflare stores as part of its permanent logs for an indefinite period in order to improve the overall performance of Cloudflare Resolver and to detect possible security risks.

You can completely prevent the collection and processing of your data by Cloudflare by deactivating the execution of script code in your browser or by integrating a script blocker into your browser.

Legal basis

If you have consented to the use of Cloudflare, the legal basis for the corresponding data processing is this consent. According to Art. 6(1)(a) GDPR (consent), this consent constitutes the legal basis for the processing of personal data as may occur when collected by Cloudflare.

We also have a legitimate interest in using Cloudflare to optimize and secure our online service. The corresponding legal basis is Art. 6(1)(f) GDPR (legitimate interests). Nevertheless, we only use Cloudflare if you have given your consent.

Cloudflare processes data from you, among other things, in the USA. Cloudflare is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA.

In addition, Cloudflare uses so-called Standard Contractual Clauses (Art. 46(2) and (3) GDPR). Standard Contractual Clauses (SCC) are template contracts provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there.

Konodrac Privacy Policy

We use Konodrac for our website, an advertising tool for CTV and TV. The service provider is the Spanish company KONODRAC, Ronda del General Mitre, 126, 6a Planta, 08021 Barcelona, Spain.

You can find out more about the data processed through the use of Konodrac in the privacy policy at https://www.konodrac.com/privacy-policy/.

Lead Forensics Privacy Policy

We use Lead Forensics on our website, a lead generation software. The service provider is the British company Lead Forensics, 4 Old Park Lane, Mayfair, London, United Kingdom.

You can find out more about the data processed through the use of Lead Forensics in the privacy policy at https://www.leadforensics.com/cookie-policy/.

LifeStreet Privacy Policy

We use the mobile marketing platform LifeStreet for our website. The service provider is the American company LifeStreet Inc., 981 Industrial Rd, Suite D, San Carlos, CA 94070, USA.

We point out that, according to the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. Data processing is essentially carried out by LifeStreet. This may result in data possibly not being processed and stored anonymously. Furthermore, US governmental authorities may gain access to individual data. It may also occur that this data is linked with data from other LifeStreet services where you have a user account.

You can find out more about the data processed through the use of LifeStreet in the privacy policy at https://lifestreet.com/privacy/.

What data is stored by LinkedIn Insight Tag?

As already mentioned above, we have integrated a conversion tracking tag or code snippet on our website in order to better analyze certain user actions. If you click on one of our LinkedIn ads, a cookie may be stored on your computer (usually in the browser) or mobile device. LinkedIn generally processes data using a combination of cookies and server-side functions.

When you perform an action on our website, LinkedIn recognizes the cookie and stores your action as a so-called conversion. As long as you browse our website and the LinkedIn cookie has not yet expired, we and LinkedIn recognize that you found us via our LinkedIn ad. The cookie is read and the conversion data is sent back to LinkedIn.

The following data may be processed:

  • IP address
  • Device and browser characteristics
  • Timestamp
  • Page views

How long and where is the data stored?

LinkedIn does not share personal data with us but only provides aggregated reports on website audience and ad performance. LinkedIn also offers retargeting for website visitors. With the help of this data, we can show targeted advertising outside our website without identifying you as a person.

Direct identifiers are removed within seven days. The remaining pseudonymized data is then deleted within 180 days.

Right to object

You have the right at any time to request information, correction and deletion of your personal data. You can also object to the processing of your personal data.

You can prevent the use of LinkedIn Insight Tag by adjusting your browser settings or by using opt-out options provided by LinkedIn.

Legal basis

If you have consented to the use of LinkedIn Insight Tag, the legal basis for the corresponding data processing is this consent. According to Art. 6(1)(a) GDPR (consent), this consent constitutes the legal basis for the processing of personal data as may occur when collected by LinkedIn Insight Tag.

We also have a legitimate interest in using LinkedIn Insight Tag in order to optimize our online service and our marketing measures. The corresponding legal basis is Art. 6(1)(f) GDPR (legitimate interests). Nevertheless, we only use LinkedIn Insight Tag if you have given your consent.

LinkedIn processes data from you, among other things, in the USA. We point out that, according to the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may involve various risks for the legality and security of data processing.

As a basis for data processing for recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, especially in the USA) or for data transfer there, LinkedIn uses so-called Standard Contractual Clauses (Art. 46(2) and (3) GDPR). Standard Contractual Clauses (SCC) are template contracts provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there.

Amazon Personalize Privacy Policy

Amazon Personalize Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors
🀝 Purpose: Evaluation of visitor information to optimize the web offering.
πŸ““ Processed data: Access statistics containing data such as access locations, device data, access duration and time, navigation behavior, click behavior and IP addresses. More details can be found further below and in the Amazon Personalize privacy policy.
πŸ“… Storage period: In principle, data is stored for as long as it is necessary for business purposes.
βš–οΈ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is Amazon Personalize?

We use the real-time personalization program Amazon Personalize on our website. The service provider is the American company Amazon Web Services, Inc., 410 Terry Avenue North, Seattle WA 98109, USA.

The Amazon Personalize service is provided by Amazon Web Service (AWS) and is a machine learning service to offer personalized advertising or recommendations of our services and products. Amazon Personalize uses modern machine learning algorithms to analyze your individual behavior on our website. On the basis of these analyses, recommendations tailored specifically to you can then be generated.

Why do we use Amazon Personalize?

Our goal is to offer you the best possible experience on our website. We are convinced of our offers and want our website to be a helpful and useful place for you. To do this, we have to adapt our website as well as possible to your wishes and concerns. With a web analytics tool like Amazon Personalize and the resulting data, we can significantly improve our specific offering for you. The data can also help us to design advertising and marketing measures more individually. With all these web analyses, however, the protection of personal data is still important to us. If we can make you tailor-made offers, this of course also helps us to achieve our economic goals.

Which data is stored by Amazon Personalize?

Amazon Personalize stores and analyzes data that we provide to the tool. This can include information about your user interaction (such as button clicks, product purchases, time spent on a subpage, etc.), but also personal data that you actively provide to us. This includes user data such as name, address or demographic information such as gender and age. In addition, so-called catalog data such as item IDs and metadata about ordered items is also made available to Amazon.

On the basis of this data, Amazon trains and creates a model that generates individual recommendations for interested people.

How long and where is the data stored?

Amazon has servers distributed all over the world, therefore the data can also be stored, for example, in the USA. The collected data records are not linked with other Amazon accounts.

In principle, Amazon stores the data for as long as business purposes require it and Amazon is contractually and legally obliged to do so. Unfortunately, at this point we cannot specify exact retention periods because these also depend on the individual configurations.

How can I delete my data or prevent data storage?

You have the right and the possibility at any time to access your personal data and to object to the use and processing of it. You can also file a complaint with a governmental supervisory authority at any time.
In your browser, you also have the option to manage, delete or deactivate cookies individually. Please note, however, that deactivated or deleted cookies may have possible negative effects on the functions of our website. Depending on which browser you use, managing cookies works somewhat differently. Under the section β€œCookies” you will find the corresponding links to the respective instructions of the most well-known browsers.

Legal basis

The use of Amazon Personalize requires your consent, which we obtained with our consent management tool (popup). According to Art. 6(1)(a) GDPR (consent), this consent constitutes the legal basis for the processing of personal data as may occur when collected by web analytics tools.

In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors and thus improving our offering technically and economically. With the help of web analytics, we detect errors on the website, can identify attacks and improve efficiency. The legal basis for this is Art. 6(1)(f) GDPR (legitimate interests). Nevertheless, we only use the tools if you have given consent.

Amazon processes data from you, among other things, in the USA. Amazon is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

In addition, Amazon uses so-called Standard Contractual Clauses (= Art. 46(2) and (3) GDPR). Standard Contractual Clauses (Standard Contractual Clauses – SCC) are template contracts provided by the EU Commission and are intended to ensure that your data also complies with European data protection standards when it is transferred to third countries (such as the USA) and stored there. Through the EU-US Data Privacy Framework and through the Standard Contractual Clauses, Amazon undertakes to maintain the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses, among other places, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

You can find the Amazon data processing conditions (AWS GDPR DATA PROCESSING), which correspond to the Standard Contractual Clauses, at https://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf.

You can find out more about the data processed through the use of Amazon Personalize in the Privacy Policy at https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice_German_2020-08-15.pdf.

Firebase Privacy Policy

Firebase Privacy Policy Summary
πŸ‘₯ Data subjects: Users of Firebase applications
🀝 Purpose: depends on the specific application and the Firebase functions used
πŸ““ Processed data: depends on the specific application and the Firebase functions used
πŸ“… Storage period: depends on individual configurations of the Firebase applications
βš–οΈ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is Firebase?

We also use the app development platform Firebase for our business. The service provider is the American company Google Inc. For the European area, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.

The company was founded as early as 2011 by Andrew Lee and James Tamplin and in 2014 it was acquired by Google. In the early days, the company primarily focused on real-time database functions that enabled developers to synchronize data in real time between users. Through the acquisition by Google, the range of tools and functions became significantly larger. Today, Firebase offers, for example, databases, hosting, authentications, cloud messaging and analytics functions that are helpful in developing your own apps. Here you can find an overview of all services that Firebase offers: https://firebase.google.com/terms/

Why do we use Firebase?

With our web or mobile applications, we naturally want to provide you with a useful service. For the development of these applications, we make use of the services and functions of Firebase. The developer platform makes our work easier and saves resources because it greatly simplifies backend development in particular, since the necessary infrastructure is already available through services such as hosting, database and authentication. In addition, Firebase also offers powerful analytics functions that help us to better understand your user behavior. With the help of this data, we can adapt our offering to your needs and consequently optimize our service.

Google Analytics Privacy Policy

Google Analytics Privacy Policy Summary
πŸ‘₯ Data subjects: Visitors to the website
🀝 Purpose: Evaluation of visitor information to optimize the web offering.
πŸ““ Processed data: Access statistics containing data such as access locations, device data, access duration and time, navigation behavior, click behavior and IP addresses. More details can be found further below in this privacy policy.
πŸ“… Storage period: depends on the properties used
βš–οΈ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is Google Analytics?

We use the tracking analysis tool Google Analytics (GA) from the American company Google Inc. on our website. For the European area, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. Google Analytics collects data about your actions on our website. For example, when you click on a link, this action is stored in a cookie and sent to Google Analytics. With the help of the reports that we receive from Google Analytics, we can better adapt our website and our service to your wishes. In the following, we will go into more detail about the tracking tool and inform you above all about what data is stored and how you can prevent this.

Why do we use Google Analytics on our website?

Our goal with this website is clear: we want to offer you the best possible service. Statistics and data from Google Analytics help us to achieve this goal.

The statistically evaluated data shows us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimize our site so that it can be found more easily on Google by interested people. On the other hand, the data helps us to better understand you as a visitor. We therefore know very precisely what we need to improve on our website in order to offer you the best possible service. The data also helps us to carry out our advertising and marketing measures more individually and cost-effectively. After all, it only makes sense to show our products and services to people who are interested in them.

What data is stored by Google Analytics?

Google Analytics creates a random, unique ID with the help of a tracking code that is linked to your browser cookie. This way, Google Analytics recognizes you as a new user. When you visit our site the next time, you are recognized as a β€œreturning” user. All collected data is stored together with this user ID. This makes it possible in the first place to evaluate pseudonymous user profiles.

In order to be able to analyze our website with Google Analytics, a property ID must be inserted into the tracking code. The data is then stored in the corresponding property. For every newly created property, the Google Analytics 4 property is standard. Alternatively, you can also still create the Universal Analytics property. Depending on the property used, data is stored for different lengths of time.

Identifiers such as cookies and app instance IDs measure interactions on our website. Interactions are all types of actions that you carry out on our website. If you also use other Google systems (such as a Google account), data generated via Google Analytics can be linked with third-party cookies. Google does not pass on Google Analytics data unless we as website operator approve it. Exceptions may occur if required by law.

The following cookies are used by Google Analytics:

  • _ga
  • _gid
  • _gat

In addition, Google Analytics can also collect the following data:

  • IP address
  • Technical information about your browser and end devices
  • Your Internet provider
  • The referrer URL (the previously visited website)
  • Date and time of the server request
  • Screen resolution
  • Language settings

How long and where is the data stored?

Google has distributed its servers all over the world. Most servers are located in America and therefore your data is mostly stored on American servers. Here you can read exactly where Google data centers are located: https://www.google.com/about/datacenters/inside/locations/?hl=en

Your data is distributed across various physical data carriers. This has the advantage that the data can be accessed more quickly and is better protected against manipulation. Every Google data center has appropriate emergency programs for your data. If, for example, hardware at Google fails or natural disasters paralyze servers, the risk of a service interruption at Google still remains low.

The retention period of the data depends on the properties used. When using the newer Google Analytics 4 properties, the retention period of your user data is set to 14 months. For other so-called event data, we have the option to choose a retention period of 2 months or 14 months.

How can I delete my data or prevent data storage?

You always have the right to information, correction and deletion of your personal data. In addition, you can also revoke your consent to the use of cookies or web analytics tools at any time.

You can generally prevent the collection of your data by Google Analytics by using a browser plugin for deactivating Google Analytics. You can download this at: https://tools.google.com/dlpage/gaoptout?hl=en

Legal basis

The use of Google Analytics requires your consent, which we obtained with our cookie popup. According to Art. 6(1)(a) GDPR (consent), this consent constitutes the legal basis for the processing of personal data as may occur when collected by web analytics tools.

In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors and thus improving our offering technically and economically. With the help of Google Analytics, we detect errors on the website, can identify attacks and improve efficiency. The legal basis for this is Art. 6(1)(f) GDPR (legitimate interests). Nevertheless, we only use Google Analytics if you have given consent.

Google processes data from you, among other things, in the USA. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA.

In addition, Google uses so-called Standard Contractual Clauses (Art. 46(2) and (3) GDPR). Standard Contractual Clauses (SCC) are template contracts provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there.

Google Optimize Privacy Policy

Google Optimize Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors
🀝 Purpose: Improvement of user experience and optimization of the website
πŸ““ Processed data: Usage data, IP address, device and browser information, interaction data
πŸ“… Storage period: depends on the tool configuration used
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is Google Optimize?

We use Google Optimize on our website, a service for website optimization. The service provider is the American company Google Inc. For the European area, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.

Google Optimize is a testing and optimization tool that helps us analyze the behavior of website visitors and improve our website accordingly. For example, we can test different versions of our website (A/B tests) to see which design or content is better received by users.

Why do we use Google Optimize?

Our goal is to offer you the best possible user experience on our website. By testing different versions of our website, we can determine which content, design or structure is most helpful for you. This enables us to continuously improve our website and tailor it even more precisely to your needs.

What data is processed?

Google Optimize works together with Google Analytics. Therefore, data collected through Google Analytics may also be processed by Google Optimize. This may include IP address, device information, browser type, duration of stay, click behavior and other usage data.

Legal basis

The use of Google Optimize requires your consent, which we obtained via our cookie management tool. According to Art. 6(1)(a) GDPR (consent), this consent constitutes the legal basis for the processing of personal data.

In addition, we have a legitimate interest in optimizing our website and improving our offering. The corresponding legal basis is Art. 6(1)(f) GDPR (legitimate interests). Nevertheless, we only use Google Optimize if you have given your consent.

Mailjet Privacy Policy

Mailjet Privacy Policy Summary
πŸ‘₯ Data subjects: Newsletter subscribers
🀝 Purpose: Sending newsletters and email communication
πŸ““ Processed data: Email address, name, usage data, IP address, time of registration and confirmation
πŸ“… Storage period: For the duration of the subscription
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is Mailjet?

We use the email marketing service Mailjet for sending newsletters and transactional emails. The service provider is the French company Mailjet SAS, 13-13 bis, rue de l’Aubrac, 75012 Paris, France.

Mailjet enables us to manage newsletter subscriptions, send emails and analyze user behavior related to our email campaigns.

Why do we use Mailjet?

We use Mailjet to communicate with you via email and to provide you with relevant information about our products and services. The analysis functions help us to understand whether our newsletters are opened and which content is of particular interest.

What data is processed?

When you subscribe to our newsletter, your email address and, if provided, your name are stored. In addition, technical data such as IP address, time of registration and confirmation (double opt-in) may be processed.

Mailjet may also collect information about whether and when emails are opened and which links are clicked. This data is used to statistically evaluate and optimize our email campaigns.

Legal basis

The sending of newsletters takes place on the basis of your consent in accordance with Art. 6(1)(a) GDPR. You can revoke your consent at any time by unsubscribing from the newsletter.

In addition, we have a legitimate interest in analyzing the use of our newsletter to optimize our communication measures in accordance with Art. 6(1)(f) GDPR.

MailPoet Privacy Policy

MailPoet Privacy Policy Summary
πŸ‘₯ Data subjects: Newsletter subscribers
🀝 Purpose: Sending newsletters directly via WordPress
πŸ““ Processed data: Email address, name, IP address, subscription data
πŸ“… Storage period: Until unsubscription
βš– Legal basis: Art. 6(1)(a) GDPR (consent)

What is MailPoet?

We use the WordPress plugin MailPoet to manage and send newsletters directly from our website. MailPoet is provided by Wysija SARL, 6 rue DieudΓ©, 13006 Marseille, France.

What data is processed?

If you subscribe to our newsletter, the data you provide (such as email address and name) will be stored and processed for the purpose of sending the newsletter.

MailPoet may also store technical information such as IP address and time of subscription in order to document the consent given.

Legal basis

The processing of your data for sending the newsletter takes place on the basis of your consent in accordance with Art. 6(1)(a) GDPR. You can revoke your consent at any time.

SendGrid Privacy Policy

SendGrid Privacy Policy Summary
πŸ‘₯ Data subjects: Email recipients
🀝 Purpose: Sending emails and transactional messages
πŸ““ Processed data: Email address, communication data, IP address, usage data
πŸ“… Storage period: Depends on contractual requirements
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(b) GDPR (contract), Art. 6(1)(f) GDPR (legitimate interests)

What is SendGrid?

We use SendGrid to send transactional and marketing emails. The service provider is Twilio Inc., 375 Beale Street, Suite 300, San Francisco, CA 94105, USA.

What data is processed?

SendGrid processes email addresses and communication data to ensure reliable email delivery. In addition, usage data such as IP addresses and interaction data (e.g. opening and click behavior) may be processed.

Legal basis

The processing of data takes place on the basis of your consent (Art. 6(1)(a) GDPR), for the fulfillment of contractual obligations (Art. 6(1)(b) GDPR) or on the basis of our legitimate interests (Art. 6(1)(f) GDPR) in efficient communication.

ManyChat Privacy Policy

ManyChat Privacy Policy Summary
πŸ‘₯ Data subjects: Users interacting via chat
🀝 Purpose: Automated communication and marketing via chat platforms
πŸ““ Processed data: Chat content, user ID, device data, IP address
πŸ“… Storage period: Depends on the configuration and usage
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is ManyChat?

We use ManyChat for automated communication via chat platforms. The service provider is ManyChat Inc., 535 Mission St, San Francisco, CA 94105, USA.

What data is processed?

When you interact with us via chat, the data you provide (such as messages and interaction data) may be processed. Technical information such as IP address and device data may also be collected.

Legal basis

The processing of your data via ManyChat is based on your consent (Art. 6(1)(a) GDPR) or on our legitimate interest in efficient communication (Art. 6(1)(f) GDPR).

TikTok Pixel Privacy Policy

TikTok Pixel Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors
🀝 Purpose: Conversion tracking and optimization of advertising campaigns
πŸ““ Processed data: IP address, device data, browser information, interaction data, website activity
πŸ“… Storage period: Depends on TikTok’s specifications
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is TikTok Pixel?

We use the TikTok Pixel on our website, a tracking tool for measuring the effectiveness of our advertising campaigns. The service provider for the European area is TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland.

The TikTok Pixel is a JavaScript code snippet that allows us to understand and measure the behavior of visitors who come to our website via TikTok advertisements.

What data is processed?

The TikTok Pixel may collect and process data such as your IP address, device information, browser type, pages visited, time spent on the website and interactions such as clicks or purchases.

Legal basis

The use of the TikTok Pixel requires your consent in accordance with Art. 6(1)(a) GDPR. In addition, we have a legitimate interest in optimizing our marketing measures in accordance with Art. 6(1)(f) GDPR. Nevertheless, we only use the TikTok Pixel if you have given your consent.

Meta Conversions API Privacy Policy

Meta Conversions API Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors and customers
🀝 Purpose: Measurement and optimization of advertising campaigns
πŸ““ Processed data: Contact data, interaction data, device data, IP address, event data
πŸ“… Storage period: Depends on Meta’s specifications
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is Meta Conversions API?

We use the Meta Conversions API to measure and optimize our advertising activities. The service provider for the European area is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

The Meta Conversions API enables the transmission of event data from our server directly to Meta in order to improve ad performance measurement.

What data is processed?

The processed data may include contact details, device information, IP address, browser information and event data (e.g., purchases or form submissions).

Legal basis

The use of the Meta Conversions API requires your consent pursuant to Art. 6(1)(a) GDPR. In addition, we have a legitimate interest in effective marketing and analysis in accordance with Art. 6(1)(f) GDPR. We only use this service if you have given your consent.

Pinterest Web Analytics Privacy Policy

Pinterest Web Analytics Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors
🀝 Purpose: Analysis of user behavior and optimization of Pinterest campaigns
πŸ““ Processed data: IP address, device data, interaction data, usage data
πŸ“… Storage period: According to Pinterest’s specifications
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is Pinterest Web Analytics?

We use Pinterest Web Analytics to measure and optimize our marketing activities on Pinterest. The service provider for the European area is Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.

Pinterest Web Analytics enables us to understand how visitors interact with our website after clicking on Pinterest ads.

What data is processed?

The data processed may include IP address, browser information, device information, pages visited and interactions such as clicks or purchases.

Legal basis

The processing of personal data by Pinterest Web Analytics is based on your consent in accordance with Art. 6(1)(a) GDPR. In addition, we have a legitimate interest in optimizing our advertising campaigns in accordance with Art. 6(1)(f) GDPR.

Outbrain Privacy Policy

Outbrain Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors
🀝 Purpose: Display of personalized recommendations and advertisements
πŸ““ Processed data: IP address, device information, browser data, interaction data, usage data
πŸ“… Storage period: According to Outbrain’s specifications
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What is Outbrain?

We use Outbrain to display personalized content recommendations and advertisements. The service provider for the European area is Outbrain UK Ltd., 5 New Bridge Street, London EC4V 6JA, United Kingdom.

Outbrain analyzes user behavior in order to display relevant recommendations based on interests.

What data is processed?

The processed data may include IP address, device and browser information, visited pages, interaction data and referral URLs.

Legal basis

The use of Outbrain requires your consent pursuant to Art. 6(1)(a) GDPR. In addition, we have a legitimate interest in optimizing our marketing measures pursuant to Art. 6(1)(f) GDPR. Nevertheless, we only use Outbrain if you have given your consent.

PayPal Marketing Solutions Privacy Policy

PayPal Marketing Solutions Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors and customers
🀝 Purpose: Marketing analysis and optimization of advertising campaigns
πŸ““ Processed data: Contact data, transaction data, device data, IP address, interaction data
πŸ“… Storage period: According to PayPal’s specifications
βš– Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

What are PayPal Marketing Solutions?

We use PayPal Marketing Solutions to better understand customer behavior and optimize our marketing activities. The service provider for the European area is PayPal (Europe) S.Γ  r.l. et Cie, S.C.A., 22–24 Boulevard Royal, L-2449 Luxembourg.

What data is processed?

Processed data may include transaction data, device information, IP address, interaction data and other information related to purchases and website usage.

Legal basis

The processing is based on your consent pursuant to Art. 6(1)(a) GDPR or on our legitimate interest in effective marketing pursuant to Art. 6(1)(f) GDPR.

OpenWeather Privacy Policy

OpenWeather Privacy Policy Summary
πŸ‘₯ Data subjects: Website visitors
🀝 Purpose: Display of weather information
πŸ““ Processed data: IP address, location data, device data
πŸ“… Storage period: According to OpenWeather’s specifications
βš– Legal basis: Art. 6(1)(f) GDPR (legitimate interests)

What is OpenWeather?

We use OpenWeather to display current weather data on our website. The service provider is OpenWeather Ltd., 17th Floor, 1 Ropemaker Street, London EC2Y 9HT, United Kingdom.

What data is processed?

When accessing pages that integrate OpenWeather, your IP address and technical data such as device and browser information may be transmitted to OpenWeather.

Legal basis

The integration of OpenWeather is based on our legitimate interest in providing additional useful information pursuant to Art. 6(1)(f) GDPR.