Privacy policy

Privacy policy

The protection of your personal rights and data is very important to us. We protect your data with appropriate technical and organizational measures and take the legal provisions on data protection very seriously, in particular the EU General Data Protection Regulation and the Federal Data Protection Act. Below you will find information on what data is collected in connection with your visit to this website and how it is used.

Legal basis for data processing

According to Art. 13 DSGVO, you should be informed about the legal basis of our data processing. If the legal basis is not mentioned in this privacy notice, the following applies:

The legal basis for data processing based on consent is Art. 6(1)(a) and Art. 7 DSGVO, the legal basis for processing for the performance of our services and implementation of contractual measures and answering inquiries is Art. 6(1)(b) DSGVO, the legal basis for processing for the performance of our legal obligations is Art. 6(1)(c) DSGVO, and the legal basis for processing based on our legitimate interests is Art. 6(1)(f) DSGVO. If, on one occasion, vital interests of a data subject or another natural person make data processing of personal data necessary, we base this data processing on Art. 6 (1) lit. d DSGVO.

Disclosure of data to third parties and third-party providers

We only share your data with third parties (other persons or companies) if you consent to this or if this is otherwise permitted by law. This may be the case, for example, if this is necessary in the context of contract initiation or for the performance of a contractual obligation, Art. 6 para. 1 lit. b DSGVO, we comply with a legal obligation under Art. 6 para. 1 lit. c DSGVO or if the transfer serves our legitimate interests in accordance with Art. 6 para. 1 lit. f DSVGO in an economic and effective business operation.

If we involve subcontractors in the processing of your data, we ensure through legal precautions and appropriate technical and organizational measures that your data is protected and the relevant legal requirements are met. If we commission third parties with the processing of data on the basis of a so-called “order processing agreement”, this is done on the basis of Art. 28 DSGVO.

Should a subcontractor carry out data processing outside the European Union or the European Economic Area, the data will only be transferred there if an appropriate level of data protection is ensured at the location of the data processing, you have expressly consented to this, or other legal permission exists.

Data transfer to third countries

In some cases, data is also processed by our service providers in so-called third countries. These are countries outside the European Union (EU) or the European Economic Area (EEA). This happens either to fulfill our (pre)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. However, such processing only takes place if the specific requirements of Art. 44 DSGVO are met. In these cases, too, an adequate level of data protection is ensured. This is because in these third countries there are either appropriate guarantees that a level of data protection comparable to the EU exists (e.g. for the USA through the “EU-US Privacy Shield”) or we involve our service providers via special contractual obligations that ensure this level of data protection (so-called “EU standard contractual clauses”).

Deletion of data

We delete or restrict the processing of personal data in accordance with Articles 17 and 18 of the GDPR. Stored data is generally deleted when it is no longer needed for your purpose, unless the deletion conflicts with legal retention obligations. We restrict data processing if the data cannot be deleted because it is to be used for other and legally permissible purposes. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law.

In Germany, data is retained in particular for 6 years in accordance with Section 257 (1) of the German Commercial Code (HGB) (commercial books, inventories, opening balances, annual financial statements, commercial letters, accounting vouchers, etc.) and for 10 years in accordance with Section 147 (1) of the German Fiscal Code (AO) (books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.).

Insofar as you are expressly informed in our data protection information when data will be deleted, this specific statement on the deletion date will of course apply.

SSL encryption

On our websites, we use SSL encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

Automatically collected data

Personal data is any data that can be assigned to an identified or identifiable person. In principle, you can visit our websites without telling us who you are. For technical reasons, however, your IP address is always processed when you call up a website. Only in this way can the respective website be delivered to your browser.

Access data/server log files

We – or our hosting service provider on our behalf – automatically collect and store information in so-called server log files, which your browser automatically transmits to us when you access our website. These are: The name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type along with version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.

We carry out this data processing on the basis of our legitimate interests (Art. 6 para. 1 lit. f DSGVO). The collection of this data serves IT security and protection against unauthorized use. In this respect, we reserve the right to check this data subsequently if we become aware of concrete indications of unlawful use. This data will not be merged with other data sources. This data is deleted within a maximum of 7 days after data collection, unless your continued storage is necessary until a specific incident is clarified.

Data collection in cookies

On our website we use so-called cookies. Cookies are small text files that are stored on your computer and saved by your browser. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer.

We use so-called session cookies. The use of these cookies is technically necessary to enable you, for example, to set your language. However, no further data collection takes place as a result. The cookies are usually deleted as soon as you close your browser.

We also use “persistent” or “permanent” cookies on our websites. These cookies remain stored until their expiration date passes or you delete them prematurely. These cookies allow us to recognize your browser when you visit our website again. We use these types of cookies, for example, for reach analysis.

You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general, as well as activate the automatic deletion of cookies when closing the browser. If you disable all cookies, the functionality of the websites may be limited.

Data that you consciously transmit to us – contacting us

If you contact us (e.g. by e-mail or telephone), your data will be processed for the purpose of handling the contact request and its processing.

This means that if personal data (such as your name or e-mail address) is collected when you contact us, this is because you are interested in our services, for example, or because you provide us with data to establish, define the content of or amend a contractual relationship between you and us (Art. 6 (1) lit. b DS-GVO) or have another request. In the latter case, we carry out the data processing on the basis of our legitimate interest in an effective external contact (Art. 6 para. 1 lit. f DS-GVO).

The personal data transmitted when contacting us will be stored, processed and deleted if it is no longer required for these purposes and further storage or processing for other legitimate interests does not take place and no legal retention obligations prevent deletion.

Hosting

The hosting services used by us serve to provide the following services: Operation of the websites, computing capacity, storage space and database services.

Data that you enter in a web form on our website is transmitted directly to us by the hosting provider or kept available for us.

Our hosting provider processes contact data, inventory and content data, usage data, meta data and communication data of customers, interested parties and visitors on our website on our behalf. This is done on the basis of our legitimate interests in an efficient and secure provision of our websites pursuant to Art. 6 para. 1 lit. f DS-GVO in conjunction with. Art. 28 DS-GVO (order processing contract).

Hotjar

We use Hotjar to better understand the needs of our users and optimize the experience on this website.  Using Hotjar’s technology, we get a better understanding of our users’ experiences (e.g., how much time users spend on which pages, which links they click on, what they like and don’t like, etc.) and this helps us tailor our offerings based on our users’ feedback. Hotjar works with cookies and other technologies to collect information about our users’ behavior and about their devices (in particular, device IP address (collected and stored only in anonymized form), screen size, device type (unique device identifiers), information about the browser used, location (country only), language preferred to view our website). Hotjar stores this information in a pseudonymized user profile. The information is neither used by Hotjar nor by us to identify individual users nor is it merged with other data about individual users. The legal basis is Art. 6 para. 1 p. 1 lit. f DSGVO. You can find more information in Hotjar’s privacy policy: https://www.hotjar.com/legal/policies/privacy

You can object to the storage of a user profile and information about your visit to our website by Hotjar as well as the setting of Hotjar tracking cookies on other websites via this link: https://www.hotjar.com/legal/compliance/opt-out

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website (including IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

This website uses Google Analytics with the extension “_anonymizeIp()”. This means that IP addresses are processed in a shortened form, thus excluding the possibility of personal references. As far as the data collected about you a personal reference, this is excluded immediately and the personal data is deleted immediately.

We use Google Analytics to analyze and regularly improve the use of our website. The statistics obtained allow us to improve our offer and make it more interesting for you as a user. The legal basis is Art. 6 para. 1 p. 1 lit. f DSGVO.

Google has signed up to the EU-US Privacy Shield (www.privacyshield.gov). More information about the handling of user data at Google Analytics can be found in Google’s privacy policy (https://support.google.com/analytics/answer/6004245?hl=de).

Google Fonts

On our websites, we use external fonts, so-called web fonts, which are provided by Google Inc. for the uniform display of fonts: https://www.google.com/fonts (“Google Fonts”).

When you access the website, your browser loads the required web fonts into your browser cache so that the texts and fonts can be displayed correctly. The integration of Google Fonts is done by a server call at Google (usually in the USA). To make this technically possible, Google processes your IP address. Google records which fonts are loaded in your browser for statistical evaluation. Beyond that, however, no cookie is set that would store personal data.

If your browser does not support web fonts, a standard font from your computer will be used.

You can find more information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.

You can also object to Google processing your data for advertising purposes by opting out at http://www.google.de/settings/ads (“Manage the information Google uses to serve you ads”).

Google also processes your personal data in the US, but is certified under the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Rights of access, blocking and deletion

You have the right to request information about whether and how data concerning you is processed, further information and a copy of the data in accordance with Art. 15 DSGVO.

You have the right, in accordance with Art. 16 DSGVO, to request the completion of the data concerning you or the correction of incorrect data concerning you.

In accordance with Art. 17 of the GDPR, you have the right to demand that your data be deleted without delay or, alternatively, to demand restriction of the processing of the data in accordance with Art. 18 of the GDPR.

Right to data portability

According to Art. 20 DSGVO, you have the right to have data that we process automatically on the basis of your consent or in performance of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

Right of appeal to the competent supervisory authority

If you assume unlawful data processing, you are free to file a complaint with the competent supervisory authority. The competent supervisory authority in data protection matters is the state data protection commissioner of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

Right to revoke your consent to data processing

You can revoke a declared consent at any time with effect for the future. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right of objection

You can also object to the processing of your personal data at any time in accordance with the legal requirements. The objection can be made in particular against the processing for purposes of direct advertising. Insofar as we provide you with an opt-out option in this data protection declaration, you can simply exercise your right of objection in this way.

Changes to the privacy policy

The privacy policy informs you about the current data processing on our websites. If there are changes to our services or this data processing, or if the legal situation changes, we must adapt this data protection notice accordingly. However, this only applies with regard to this information on data processing. If your consent was required or parts of the data protection declaration concern our contractual relationship with you, we will of course not make any changes to this without your consent. Please inform yourself regularly about the content of this privacy policy.

Current valid status
19/01/2022

Cookies - grab 'em!

We use cookies to improve the user experience on our website.