Privacy policy

Introduction and overview


We have written this privacy statement (version 06.04.2022-311993327) in order to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (data for short) we as the controller - and the processors (e.g. providers) commissioned by us - process, will process in the future and what lawful options you have. The terms used are to be understood as gender-neutral.
In short, we provide you with comprehensive information about data we process about you.

Privacy statements usually sound very technical and use legal terminology. This privacy statement, on the other hand, is intended to describe the most important things to you as simply and transparently as possible. To the extent that it is conducive to transparency, technical terms are explained in a reader-friendly manner, links to further information are provided and graphics are used. In this way, we inform you in clear and simple language that we only process personal data in the course of our business activities if there is a corresponding legal basis. This is certainly not possible by providing the most concise, unclear and legalistic explanations possible, as is often standard practice on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative and perhaps there is one or the other piece of information that you did not know yet.

If you still have questions, we would like to ask you to contact the responsible office mentioned below or in the imprint, to follow the existing links and to look at further information on third party sites. Our contact details can of course also be found in the imprint.

Scope


This data protection declaration applies to all personal data processed by us in the company and to all personal data processed by companies commissioned by us (order processors). By personal data, we mean information within the meaning of Art. 4 No. 1 DSGVO, such as a person's name, e-mail address and postal address. The processing of personal data ensures that we can offer and invoice our services and products, whether online or offline. The scope of this privacy policy includes:
  • all online presences (websites, online stores) that we operate
  • Social media appearances and e-mail communication
  • mobile apps for smartphones and other devices.

In short, the privacy policy applies to all areas in which personal data is processed in a structured manner within the company via the aforementioned channels. If we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.

Legal basis


In the following privacy policy, we provide you with transparent information on the legal principles and regulations, i.e. the legal basis of the General Data Protection Regulation, which enable us to process personal data.

As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016. You can, of course, read this EU General Data Protection Regulation online on EUR-Lex, the gateway to EU law, at https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=celex%3A32016R0679.
We only process your data if at least one of the following conditions applies:

  1. Consent (Article 6(1) lit. a DSGVO): You have given us your consent to process data for a specific purpose. An example would be the storage of your entered data of a contact form.
  2. Contract (Article 6(1) lit. b DSGVO): In order to fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a purchase contract with you, we need personal information in advance.
  3. Legal obligation (Article 6(1) lit. c DSGVO): If we are subject to a legal obligation, we process your data. For example, we are legally obliged to keep invoices for accounting purposes. These usually contain personal data.
  4. Legitimate interests (Article 6(1) lit. f DSGVO): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to operate our website in a secure and economically efficient manner. This processing is therefore a legitimate interest.

Further conditions such as the performance of recordings in the public interest and the exercise of official authority as well as the protection of vital interests do not generally occur with us. If such a legal basis should be relevant, it will be indicated at the appropriate place.In addition to the EU regulation, national laws also apply:

  • In Austria, this is the Federal Act on the Protection of Individuals with regard to the Processing of Personal Data (Data Protection Act), or DSG for short.
  • In Germany, the Federal Data Protection Act, or BDSG for short, applies.If other regional or national laws apply, we will inform you about them in the following sections.

Contact details of the responsible person


If you have any questions about data protection or the processing of personal data, you will find the contact details of the responsible person or office below:

Dietz Consultants GmbH
Dipl.-Ing. Winfried Dietz
Eichendorff Street 4
49134 Wallenhorst
Germany

Email: info@dietz-consultants.com
Phone: 05407/818640
Imprint: https://www.dietz-academy.com/de/impressum

Storage duration


The fact that we only store personal data for as long as is absolutely necessary for the provision of our services and products applies as a general criterion at our company. This means that we delete personal data as soon as the reason for processing the data no longer exists. In some cases, we are required by law to store certain data even after the original purpose has ceased to exist, for example for accounting purposes.

Should you wish your data to be deleted or revoke your consent to data processing, the data will be deleted as soon as possible and insofar as there is no obligation to store it.

We will inform you about the specific duration of the respective data processing below, provided that we have further information on this.

Rights under the General Data Protection Regulation


According to Article 13 of the GDPR, you have the following rights to ensure fair and transparent processing of data:

According to Article 15 of the GDPR, you have the right to know whether we are processing data about you. If this is the case, you have the right to receive a copy of the data and the following information:

  • for which purpose we carry out the processing;
  • the categories, that is, the types of data that are processed;
  • who receives this data and, if the data is transferred to third countries, how security can be guaranteed;
  • how long the data will be stored;
  • the existence of the right to rectification, erasure or restriction of processing and the right to object to processing;
  • that you can complain to a supervisory authority (links to these authorities can be found below);
  • the origin of the data if we have not collected it from you;
  • whether profiling is carried out, i.e. whether data is automatically evaluated in order to arrive at a personal profile of you.

You have a right to rectify data according to Article 16 of the GDPR, which means that we must correct data if you find errors.

According to Article 17 of the GDPR, you have the right to erasure ("right to be forgotten"), which specifically means that you may request the deletion of your data.

According to Article 18 of the GDPR, you have the right to restriction of processing, which means that we may only store the data but not use it any further.

According to Article 19 of the GDPR, you have the right to data portability, which means that we will provide you with your data in a common format upon request.

According to Article 21 of the GDPR, you have a right to object, which, once enforced, entails a change in processing.

  • If the processing of your data is based on Article 6(1)(e) (public interest, exercise of official authority) or Article 6(1)(f) (legitimate interest), you may object to the processing. We will then check as soon as possible whether we can legally comply with this objection.
  • If data is used to conduct direct marketing, you may object to this type of data processing at any time. We may not use your data for direct marketing thereafter.
  • If data is used to perform profiling, you can object to this type of data processing at any time. We may not use your data for profiling thereafter.

According to Article 22 of the GDPR, you may have the right not to be subject to a decision based solely on automated processing (for example, profiling).

In short, you have rights - do not hesitate to contact the responsible party listed above with us!If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can complain to the supervisory authority. For Austria, this is the data protection authority, whose website can be found at https://www.dsb.gv.at/. In Germany, there is a data protection officer for each federal state. For more information, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI). The following local data protection authority is responsible for our company:

Lower Saxony Data Protection Authority


State Commissioner for Data Protection: Barbara Thiel
Address: Prinzenstraße 5, 30159 Hanover
Telephone no.: 05 11/120-45 00
Email address: poststelle@lfd.niedersachsen.de
Website: https://lfd.niedersachsen.de/startseite/

Data transfer to third countries
We only transfer or process data in countries outside the scope of the GDPR (third countries) if you consent to this processing or if there is otherwise legal permission. This is particularly the case if the processing is legally required or necessary to fulfill a contractual relationship and in any case only as far as this is generally permitted. Your consent is in most cases the most important reason that we have data processed in third countries. The processing of personal data in third countries such as the USA, where many software manufacturers offer services and have their server locations, can mean that personal data are processed and stored in unexpected ways.

We expressly point out that, in the opinion of the European Court of Justice, an adequate level of protection for data transfer to the USA currently only exists if a US company that processes personal data of EU citizens in the USA is an active participant in the EU-US Data Privacy Framework. More information can be found at: https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en

Data processing by US services that are not active participants in the EU-US Data Privacy Framework can lead to data possibly not being processed and stored anonymously. Furthermore, US government agencies may have access to individual data. It can also happen that collected data are linked with data from other services of the same provider, if you have a corresponding user account. Where possible, we try to use server locations within the EU, provided this is offered. We inform you at the appropriate places in this privacy policy more precisely about data transfer to third countries, if this applies.

Data processing security


To protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymize personal data. In this way, we make it as difficult as possible for third parties to infer personal information from our data.Article 25 of the GDPR speaks here of "data protection through technical design and through data protection-friendly default settings" and thus means that both software (e.g., forms) and hardware (e.g., access to the server room) should always be designed with security in mind and that appropriate measures should be taken. If necessary, we will go into more detail on specific measures below.

TLS encryption with https


TLS, encryption and https sound very technical and they are. We use HTTPS (the Hypertext Transfer Protocol Secure stands for "secure hypertext transfer protocol") to transfer data over the Internet in a tap-proof way.This means that the complete transmission of all data from your browser to our web server is secured - no one can "listen in".

In this way, we have introduced an additional layer of security and fulfill data protection through technology design Article 25(1) DSGVO). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data.

You can recognize the use of this data transmission protection by the small lock symbol at the top left of the browser, to the left of the Internet address (e.g. examplepage.de) and the use of the https scheme (instead of http) as part of our Internet address.

If you would like to know more about encryption, we recommend doing a Google search for "Hypertext Transfer Protocol Secure wiki" to get good links to more in-depth information.

Communication


When you contact us and communicate by phone, e-mail or online form, personal data may be processed.

The data will be processed for the handling and processing of your question and the related business transaction. The data is stored for as long as it is required by law.

Affected persons
All those who seek contact with us via the communication channels provided by us are affected by the aforementioned processes.

Telephone
When you call us, the call data is stored pseudonymously on the respective terminal device and with the telecommunications provider used. In addition, data such as name and telephone number may subsequently be sent by e-mail and stored for the purpose of responding to inquiries. The data is deleted as soon as the business case has been terminated and legal requirements permit.

E-mail
If you communicate with us by e-mail, data may be stored on the respective end device (computer, laptop, smartphone,...) and data is stored on the e-mail server. The data is deleted as soon as the business case has been terminated and legal requirements allow it.

Online forms
If you communicate with us using an online form, data is stored on our web server and, if necessary, forwarded to an e-mail address of ours. The data is deleted as soon as the business case has been terminated and legal requirements permit.

Legal basis
The processing of the data is based on the following legal bases:

  • Art. 6 para. 1 lit. a DSGVO (consent): You give us your consent to store your data and to use it for purposes related to the business case;
  • Art. 6 para. 1 lit. b DSGVO (contract): There is a need for the performance of a contract with you or a processor such as the telephone provider or we need to process the data for pre-contractual activities, such as the preparation of an offer;
  • Art. 6 para. 1 lit. f DSGVO (Legitimate Interests): We want to operate customer inquiries and business communication in a professional framework. For this purpose, certain technical facilities such as e-mail programs, exchange servers and mobile operators are necessary in order to be able to operate the communication efficiently.

Cookies


What are cookies?

Our website uses HTTP cookies to store user-specific data. In the following, we explain what cookies are and why they are used, so that you can better understand the following privacy policy.

Whenever you surf the internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing is undeniable: Cookies are really useful helpers. Almost all websites use cookies. More precisely, these are HTTP cookies, as there are also other cookies for other areas of application. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically placed in the cookie folder, essentially the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data from you, such as language or personal page settings. When you visit our site again, your browser sends the “user-related” information back to our site. Thanks to the cookies, our website knows who you are and offers you the setting you are used to. In some browsers, each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.

The following graphic shows a possible interaction between a web browser such as Chrome and the web server. The web browser requests a website and receives a cookie back from the server, which the browser uses again as soon as another page is requested.

HTTP Cookie interaction between browser and web server

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g., Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, trojans, or other “pests”. Cookies also cannot access information on your PC.

For example, cookie data can look like this:

Name: _ga

Value: GA1.2.1326744211.152311993327-9
Purpose: Differentiation of website visitors
Expiration date: after 2 years
A browser should be able to support these minimum sizes:

  • At least 4096 bytes per cookie
  • At least 50 cookies per domain
  • At least 3000 cookies in total

What types of cookies are there?
The question of which cookies we specifically use depends on the services used and will be clarified in the following sections of the privacy policy. At this point, we would like to briefly discuss the different types of HTTP cookies.

You can distinguish 4 types of cookies:

Essential Cookies
These cookies are necessary to ensure the basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues surfing on other pages and later goes to the checkout. Through these cookies, the shopping cart is not deleted, even if the user closes their browser window.

Functional Cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, with the help of these cookies, the loading time and the behavior of the website on different browsers are also measured.

Targeted Cookies
These cookies ensure better user-friendliness. For example, entered locations, font sizes, or form data are saved.

Advertising Cookies
These cookies are also called targeting cookies. They serve to deliver individually adapted advertising to the user. This can be very practical, but also very annoying.

Usually, you are asked which of these types of cookies you would like to allow when you visit a website for the first time. And of course, this decision is also stored in a cookie.

If you want to know more about cookies and do not shy away from technical documentation, we recommend https://datatracker.ietf.org/doc/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.

Purpose of processing via cookies
The purpose ultimately depends on the respective cookie. You can find more details on this further below or from the manufacturer of the software that sets the cookie.

What data is processed?
Cookies are small helpers for many different tasks. Unfortunately, it is not possible to generalize what data is stored in cookies, but we will inform you about the processed or stored data in the context of the following privacy policy.

Storage duration of cookies
The storage duration depends on the respective cookie and is specified further below. Some cookies are deleted after less than an hour, others can be stored on a computer for several years.

You also have influence on the storage duration. You can manually delete all cookies at any time via your browser (see also below “Right to object”). Furthermore, cookies that are based on consent are deleted at the latest after revocation of your consent, whereby the legality of the storage remains unaffected until then.

Right to object - how can I delete cookies?
How and whether you want to use cookies is up to you. Regardless of which service or which website the cookies come from, you always have the option to delete, deactivate or only partially allow cookies. For example, you can block cookies from third parties, but allow all other cookies.

If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, enable, and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have placed on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you fundamentally do not want any cookies, you can set up your browser so that it always informs you when a cookie is to be set. This way, you can decide for each individual cookie whether you want to allow the cookie or not. The procedure varies depending on the browser. It is best to search for the instructions in Google with the search term “delete cookies Chrome” or “disable cookies Chrome” in the case of a Chrome browser.

Legal basis
Since 2009, there have been the so-called “Cookie Guidelines”. It is stated therein that the storage of cookies requires your consent (Article 6 (1) (a) GDPR). However, there are still very different reactions to these guidelines within the EU countries. In Austria, however, this directive was implemented in § 165 para. 3 of the Telecommunications Act (2021). In Germany, the Cookie Guidelines were not implemented as national law. Instead, this directive was largely implemented in § 15 para. 3 of the Telemedia Act (TMG).

For absolutely necessary cookies, even if no consent is given, there are legitimate interests (Article 6 (1) (f) GDPR), which in most cases are of an economic nature. We want to give visitors to the website a pleasant user experience and for this certain cookies are often absolutely necessary.

As far as not absolutely necessary cookies are used, this only happens in the case of your consent. The legal basis is Art. 6 para. 1 lit. a GDPR in this respect.

In the following sections, you will be informed more precisely about the use of cookies, provided that the software used employs cookies.

Web hosting introduction


What is Web Hosting?
When you visit websites nowadays, certain information - including personal data - is automatically created and stored, including on this website. This data should be processed as sparingly as possible and only with justification. By the way, by website we mean the totality of all web pages on a domain, i.e. everything from the home page (homepage) to the very last subpage (like this one). By domain, we mean, for example, example.de or sampleexample.com.

When you want to view a website on a screen, you use a program called a web browser to do it. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari. This web browser must connect to another computer where the website's code is stored: the web server. Operating a web server is a complicated and costly task, which is why this is usually done by professional providers, the providers. These offer web hosting and thus ensure reliable and error-free storage of website data.When the browser on your computer (desktop, laptop, smartphone) connects and during data transfer to and from the web server, personal data may be processed. On the one hand, your computer stores data, on the other hand, the web server must also store data for a while to ensure proper operation.

Why do we process personal data?
The purposes of data processing are:

  1. Professional hosting of the website and securing the operationto maintain operational and IT security.
  2. Anonymous evaluation of access behavior to improve our offer and, if necessary, for law enforcement or prosecution of claims.

What data is processed?
Even while you are visiting our website right now, our web server, which is the computer on which this website is stored, usually automatically stores data such as

  • the complete Internet address (URL) of the accessed web page.
  • Browser and browser version (e.g. Chrome 87)
  • the operating system used (e.g. Windows 10)
  • the address (URL) of the previously visited page (referrer URL) (e.g. https://www.beispielquellsite.de/vondabinichgekommen.html/)
  • the hostname and IP address of the device being accessed from (e.g. COMPUTERNAME and 194.23.43.121)
  • Date and time
  • in files called web server log files.

How long is data stored?
As a rule, the above data is stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot exclude the possibility that this data may be viewed by authorities in the event of unlawful conduct.

In short, your visit is logged by our provider (company that runs our website on special computers (servers)), but we do not share your information without consent!

Legal basis
The lawfulness of the processing of personal data in the context of web hosting results from Art. 6 para. 1 lit. f DSGVO (protection of legitimate interests), because the use of professional hosting with a provider is necessary to present the company on the Internet in a secure and user-friendly manner and to be able to pursue attacks and claims from this if necessary.

As a rule, there is a contract between us and the hosting provider for commissioned processing pursuant to Art. 28 f. DSGVO, which ensures compliance with data protection and guarantees data security.

Introduction to Web Analytics


What is web analytics?
We use software to evaluate visitor behavior on our website. The use of such software for this purpose is called web analytics or web analysis for short. By doing so, data is collected that the respective analytic tool provider (also called tracking tool) stores, manages and processes. The data is used to analyze user behavior on our website and provide us, as the website operator, with analyses concerning such user behavior. Furthermore, most tools offer various testing options. For example, we can test which offers or content are best received by our visitors. In order to accomplish this, we will display two different offers for a limited period of time to you. After the test is completed (so-called A/B testing), we will know which product or content our website visitors find more interesting. User profiles can also be created and the associated data can be stored in cookies for the purposes of such testing procedures and for other analytical procedures.

Why do we use web analytics?
We operate our website with a clear goal in mind: we want to deliver the best web offering on the market for our industry. In order to achieve this goal, we want to not only offer the best and most interesting offers, but we also want to make sure that you feel completely comfortable on our website. By using web analysis tools, we are able to take a closer look at visitor behavior and improve our web offering for both you and us accordingly. For example, we can see how old our visitors are on average, where they come from, when our website is most visited, or which content or products are particularly popular. We use all this information to optimize the website and best adapt it to your needs, interests and wishes.

What data is processed?
The exact data that is stored depends on the analysis tools used. Generally, however, the following is stored and processed: the content that you view on our website, the buttons or links that you click on, the time that you access a page, the browser that you use, the device that you use (PC, tablet, smartphone, etc.) to visit the website, and/or the computer system that you use. If you agreed to the collection of location data, this data may also be processed by the web analytics tool provider.

Furthermore, your IP address is also stored. Pursuant to the General Data Protection Regulation (GDPR), IP addresses are considered personal data. However, your IP address is usually stored pseudonymously (i.e. in an unrecognizable and truncated form). No personally identifiable data, such as your name, age, address or e-mail address are stored for the purposes of testing, web analysis and web optimization. If collected, all this data is stored pseudonymously. This way you cannot be personally identified.

The duration for which the respective data is stored always depends on the provider. Some cookies store data only for a few minutes or until you leave the website. Other cookies can store data for up to several years.

Duration of data processing
We will inform you about the duration of the data processing below, provided that we have further information on this matter. We normally process personal data for only as long as it is absolutely necessary for the provision of our services and products. If it is required by law, as in the case of accounting, for example, this storage period may also be exceeded.

Right to object
You also have the right to revoke your consent to the use of cookies or third-party providers at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent the collection of data by disabling or deleting cookies in your browser.

Legal basis
The use of web analytics requires your consent, which we have obtained through our cookie pop-up. According to Art. 6Ppara. 1 lit. a GDPR (consent), your consent constitutes the legal basis for the processing of your personal data, as may be the case when your personal data is collected by web analytics tools.

In addition to your consent, there is a legitimate interest on our part in analyzing the behavior of the visitors of our website and using said analyses to improve our offering in a technical and economical manner. With the help of web analytics, we can find and fix website errors, identify attacks and improve economic viability. The legal basis for this is Art. 6 Para. 1 lit. f GDPR (legitimate interests). However, these tools are only used to the extent that consent has been given for their use.

Since web analytics tools use cookies, we also recommend that you read the cookies section of our Privacy Policy. If you wish to find out exactly what data is stored and processed, please read the privacy policies of each respective tools.

Information concerning specific web analytics tools, if any information is available, is provided below.

Google Analytics Privacy Policy


What is Google Analytics?
We use on our website the analysis tracking tool Google Analytics in the version Google Analytics 4 (GA4) of the American company Google Inc. For the European area the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. Google Analytics collects data about your actions on our website. However, through the combination of various technologies such as cookies, device IDs and login information, you as a user can be identified across different devices. This also allows your actions to be analyzed across platforms.

For example, when you click on a link, this event is stored in a cookie and sent to Google Analytics. With the help of the reports we receive from Google Analytics, we can better adapt our website and service to your wishes. In the following, we will go into more detail about the tracking tool and, in particular, inform you about what data is processed and how you can prevent this.

Google Analytics is a tracking tool used for traffic analysis of our website. The basis of these measurements and analyses is a pseudonymous user identification number. This number does not contain any personal data such as name or address, but is used to assign events to an end device. GA4 uses an event-based model that captures detailed information on user interactions such as page views, clicks, scrolling, conversion events. In addition, various machine learning features have also been incorporated into GA4 to better understand user behavior and certain trends. GA4 relies on modeling with the help of machine learning functions. This means that on the basis of the collected data, missing data can also be extrapolated in order to optimize the analysis and also to be able to make forecasts.

For Google Analytics to work in principle, a tracking code is built into the code of our website. When you visit our website, this code records various events that you perform on our website. GA4's event-based data model allows us, as website operators, to define and track specific events to obtain analytics of user interactions. Thus, in addition to general information such as clicks or page views, we can also track specific events that are important for our business. Such specific events can be, for example, the submission of a contact form or the purchase of a product.
As soon as you leave our website, this data is sent to the Google Analytics servers and stored there.

Google processes the data and we receive reports about your user behavior. These reports may include, but are not limited to, the following:

  • Target group reports: Through target group reports we get to know our users better and know more precisely who is interested in our service.
  • Ad reports: Ad reports help us analyze and improve our online advertising.
  • Acquisition reports: Acquisition reports give us helpful information on how to get more people interested in our service.[Behavioral reports: This tells us how you interact with our website. We can track which path you take on our site and which links you click.
  • Conversion reports: Conversion is the name given to a process in which you perform a desired action as a result of a marketing message. For example, when you go from being just a website visitor to a buyer or newsletter subscriber. These reports help us learn more about how our marketing efforts are working for you. This is how we aim to increase our conversion rate.
  • Real-time reports: Here we always find out immediately what is happening on our website. For example, we can see how many users are reading this text.

In addition to the analytics reports mentioned above, Google Analytics 4 also offers the following features, among others:

  • Event-based data model: This model captures very specific events that can take place on our website. For example, playing a video, purchasing a product, or subscribing to our newsletter.
  • Advanced analytics: These features allow us to better understand your behavior on our website or certain general trends. For example, we can segment user groups, make comparative analyses of target groups or track your path or path on our website.
  • Predictive modeling: Based on collected data, machine learning can extrapolate missing data that predicts future events and trends. This can help us develop better marketing strategies.
  • Cross-platform analysis: Data can be collected and analyzed from both websites and apps. This gives us the opportunity to analyze user behavior across platforms, provided of course that you have consented to the data processing.

Why do we use Google Analytics on our website?
Our goal with this website is clear: we want to provide you with the best possible service. The statistics and data from Google Analytics help us achieve this goal.

The statistically evaluated data gives us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimize our site so that it is found more easily by interested people on Google. On the other hand, the data helps us to better understand you as a visitor. We thus know exactly what we need to improve on our website in order to provide you with the best possible service. The data also helps us to carry out our advertising and marketing measures in a more individual and cost-effective way. After all, it only makes sense to show our products and services to people who are interested in them.

What data is stored by Google Analytics?
Google Analytics uses a tracking code to create a random, unique ID associated with your browser cookie. This is how Google Analytics recognizes you as a new user and assigns you a user ID. The next time you visit our site, you will be recognized as a "returning" user. All collected data is stored together with this user ID. This makes it possible to evaluate pseudonymous user profiles.

To be able to analyze our website with Google Analytics, a property ID must be inserted into the tracking code. The data is then stored in the corresponding property. For each newly created property, the Google Analytics 4 property is default. Depending on the property used, data is stored for different lengths of time.

Through identifiers such as cookies, app instance IDs, user IDs or, for example, custom event parameters, your interactions are measured across platforms if you have consented. Interactions are all types of actions you take on our website. If you also use other Google systems (such as a Google account), data generated through Google Analytics may be linked to third-party cookies. Google does not share Google Analytics data unless we, as the website operator, authorize it. Exceptions may occur if required by law.

According to Google, no IP addresses are logged or stored in Google Analytics 4. However, Google uses the IP address data to derive location data and deletes it immediately afterwards. All IP addresses collected from users in the EU are therefore deleted before the data is stored in a data center or on a server.

Since Google Analytics 4 focuses on event-based data, the tool uses significantly fewer cookies compared to previous versions (like Google Universal Analytics). Nevertheless, there are some specific cookies that are used by GA4. These include, for example:
Name: _ga
Wert: 2.1326744211.152311993327-5
Intended use: By default, analytics.js uses the _ga cookie to store the user ID. Basically, it is used to distinguish the website visitors.
Expiration date: after 2 years

Name: _gid
Wert: 2.1687193234.152311993327-1
Purpose: The cookie is also used to distinguish the website visitors
Expiration date: after 24 hours

Name: _gat_gtag_UA_
Value: 1
Purpose: Used to lower the request rate. When Google Analytics is deployed via Google Tag Manager, this cookie is named _dc_gtm_ .
Expiration date: after 1 minute

Note: This list cannot claim to be complete, as Google also changes the choice of its cookies again and again. The goal of GA4 is also to improve data protection. Therefore, the tool offers some options to control the data collection. For example, we can set the storage duration ourselves and also control the data collection.

Here we show you an overview of the main types of data collected with Google Analytics:
Heatmaps: Google creates so-called heatmaps. Heatmaps allow you to see exactly those areas that you click on. This provides us with information about where you are "on the move" on our site.
Session duration: Google defines session duration as the time you spend on our site without leaving. If you have been inactive for 20 minutes, the session ends automatically.
Bounce rate: A bounce is when you view only one page on our website and then leave our website again.
Account creation: When you create an account or place an order on our website, Google Analytics collects this data.
Location: IP addresses are not logged or stored in Google Analytics. However, shortly before the IP address is deleted, derivations are used for location data.
Technical information: Technical information may include your browser type, Internet service provider, or screen resolution.
Source of origin: Google Analytics respectively we are of course also interested in which website or which advertisement you came to our site from.

Other data include contact details, any ratings, playing media (e.g., when you play a video via our site), sharing content via social media, or adding to your favorites. The enumeration does not claim to be complete and only serves as a general orientation of the data storage by Google Analytics.

How long and where is the data stored?
Google has their servers spread all over the world. You can read exactly where Google's data centers are located here: https://www.google.com/about/datacenters/locations/?hl=de
Your data is distributed on different physical data carriers. This has the advantage that the data can be retrieved more quickly and is better protected against manipulation. In every Google data center, there are corresponding emergency programs for your data. If, for example, the hardware at Google fails or natural disasters paralyze servers, the risk of a service interruption at Google still remains low.

The retention period of the data depends on the properties used. The retention period is always defined for each individual property. Google Analytics offers us four options to control the retention period:

  • 2 months: this is the shortest storage period.
  • 14 months: by default, GA4 keeps the data for 14 months.
  • 26 months: you can also save the data for 26 months.
  • Data will be deleted only when we delete it manually

In addition, there is also the option that data will only be deleted if you no longer visit our website within the period we have selected. In this case, the retention period is reset each time you visit our website again within the specified period.

Once the specified period has expired, the data is deleted once a month. This retention period applies to your data associated with cookies, user recognition and advertising IDs (e.g. DoubleClick domain cookies). Reporting results are based on aggregated data and are stored separately from user data. Aggregated data is a merging of individual data into a larger unit.

How can I delete my data or prevent the data storage?
Under European Union data protection law, you have the right to access, update, delete, or restrict your data. Using the browser add-on to disable Google Analytics JavaScript (analytics.js, gtag.js), you can prevent Google Analytics 4 from using your data. You can download and install the browser add-on at https://tools.google.com/dlpage/gaoptout?hl=de. Please note that this add-on only disables data collection by Google Analytics.

If you basically want to disable, delete or manage cookies, you can find the corresponding links to the respective instructions of the most popular browsers under the section "Cookies".

Legal basis
The use of Google Analytics requires your consent, which we have obtained with our cookie popup. According to Art. 6 para. 1 lit. a DSGVO (consent), this consent constitutes the legal basis for the processing of personal data as it may occur during the collection by web analytics tools.

In addition to the consent, there is a legitimate interest on our part to analyze the behavior of website visitors and thus to improve our offer technically and economically. With the help of Google Analytics, we detect website errors, can identify attacks and improve the economic efficiency. The legal basis for this is Art. 6 para. 1 lit. f DSGVO (Legitimate Interests). Nevertheless, we only use Google Analytics if you have given your consent.

Google also processes data from you in the USA, among other places. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the USA. You can find more information about this at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

In addition, Google uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through the EU-US Data Privacy Framework and through the standard contractual clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the US. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Processing Terms, which refer to the standard contractual clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.
We hope we have been able to provide you with the most important information about Google Analytics data processing. If you want to learn more about the tracking service, we recommend these two links: https://marketingplatform.google.com/about/analytics/terms/de/ and https://support.google.com/analytics/answer/6004245?hl=de.

If you want to learn more about data processing, use the Google Privacy Policy at https://policies.google.com/privacy?hl=de.

Email marketing introduction


What is email marketing?
In order to keep you always up to date, we also use the possibility of e-mail marketing. If you have agreed to receive our e-mails or newsletters, your data will also be processed and stored. E-mail marketing is a sub-area of online marketing. It involves sending news or general information about a company, products or services by e-mail to a specific group of people who are interested in them.

If you want to participate in our e-mail marketing (mostly via newsletter), you usually just have to register with your e-mail address. To do this, you fill out an online form and send it off. However, it may also happen that we ask you for your salutation and name, for example, so that we can also write to you personally.

Basically, the registration for newsletters works with the help of the so-called "double opt-in procedure". After you have registered for our newsletter on our website, you will receive an e-mail via which you confirm the newsletter registration. This ensures that the e-mail address belongs to you and that no one has registered with a third-party e-mail address. We or a notification tool we use logs each individual subscription. This is necessary so that we can also prove the legally correct registration process. As a rule, the time of registration, the time of the registration confirmation and your IP address are stored. In addition, it is also logged when you make changes to your stored data.

Why do we use email marketing?
Of course, we want to stay in touch with you and always present you with the most important news about our company. To do this, we use, among other things, e-mail marketing - often just referred to as "newsletters" - as an essential part of our online marketing. Provided you agree to this or it is legally permitted, we will send you newsletters, system e-mails or other notifications by e-mail. When we use the term "newsletter" in the following text, we mainly mean regularly sent e-mails. Of course, we do not want to bother you in any way with our newsletters. That's why we really always try to provide only relevant and interesting content. For example, you will learn more about our company, our services or products. Since we are always improving our offers, our newsletter will also tell you when there is news or when we are offering special, lucrative promotions. If we use a service provider that offers a professional mailing tool for our e-mail marketing, we do so in order to be able to offer you fast and secure newsletters. The purpose of our email marketing is basically to inform you about new offers and also to get closer to our business goals.

What data are processed?
When you become a subscriber to our newsletter via our website, you confirm by e-mail that you are a member of an e-mail list. In addition to IP address and e-mail address, your title, name, address and telephone number may also be stored. However, only if you agree to this data storage. The data marked as such are necessary for you to participate in the service offered. Providing this information is voluntary, but failure to provide it will result in you not being able to use the service. In addition, information about your device or your preferred content on our website may be stored. You can find out more about the storage of data when you visit a website in the section "Automatic data storage". We record your declaration of consent so that we can always prove that this complies with our laws.

Duration of the data processing
If you unsubscribe your e-mail address from our e-mail/newsletter distribution list, we may store your address for up to three years based on our legitimate interests so that we can still prove your consent at that time. We may only process this data if we need to defend ourselves against any claims.

However, if you confirm that you have given us your consent to subscribe to the newsletter, you can submit an individual deletion request at any time. If you permanently object to the consent, we reserve the right to store your e-mail address in a blacklist. As long as you have voluntarily subscribed to our newsletter, we will of course also keep your e-mail address.

Right of objectionYou have the option to cancel your newsletter subscription at any time. All you have to do is revoke your consent to the newsletter subscription. This usually takes only a few seconds or one or two clicks. Most of the time, you will find a link to cancel your newsletter subscription right at the end of each email. If you really can't find the link in the newsletter, please contact us by mail and we will cancel your newsletter subscription immediately.

Legal basis
The sending of our newsletter is based on your consent (Article 6 para. 1 lit. a DSGVO). This means that we may only send you a newsletter if you have actively registered for it beforehand. If applicable, we may also send you advertising messages, provided that you have become our customer and have not objected to the use of your email address for direct advertising.

Information about specific email marketing services and how they process personal data, if any, is provided in the following sections.

Sendinblue Privacy Policy
You can sign up for our newsletter for free on our website. To make this work, we use the email delivery service Sendinblue for our newsletter. This is a service of the German company Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin.

We are of course very pleased if you subscribe to our newsletter. This way we can always keep you up to date and inform you first hand about what is going on in our company. However, you should know that during the registration process for the newsletter, all data that you enter (such as your e-mail address or your first and last name) is stored and managed on our server and at Sendinblue. This also involves personal data. For example, in addition to the time and date of registration, your IP address is also stored. In the course of registration, you also agree that we can send you the newsletter and it is further referred to this privacy policy.The newsletter service also offers us helpful analysis options. This means that when we send out a newsletter, we learn, for example, whether and when the newsletter was opened by you. Also whether and on which link you click in the newsletter is detected and recorded by the software. This information helps enormously to adapt and optimize our service to your wishes and concerns.After all, we naturally want to offer you the best possible service. So, in addition to the data already mentioned above, we also store such data about your user behavior.
You can revoke your consent to this data processing at any time. For example, if you click on the unsubscribe link directly in the newsletter. After unsubscribing, the personal data will be deleted from our server and from the Sendinblue servers, which are located in Germany. You have a right to free information about your stored data and, if applicable, also a right to deletion, blocking or correction.

If you wish to obtain more detailed information on data processing, we recommend that you read the company's privacy policy at https://de.sendinblue.com/legal/privacypolicy/ and also the following information page at https://de.sendinblue.com/informationen-newsletter-empfaenger/.

Social media introduction


What is social media?
In addition to our website, we are also active on various social media platforms. In this context, user data may be processed so that we can target users who are interested in us via the social networks. In addition, elements of a social media platform may also be embedded directly in our website. This is the case, for example, when you click on a so-called social button on our website and are redirected directly to our social media presence. So-called social media or social media are websites and apps through which registered members can produce content, share content openly or in specific groups, and network with other members.

Why do we use social media?
For years, social media platforms have been the place where people communicate and get in touch online. Our social media presences enable us to bring our products and services closer to prospective customers. The social media elements embedded on our website help you switch to our social media content quickly and without complications.

The data that is stored and processed through your use of a social media channel is primarily for the purpose of being able to perform web analyses. The aim of these analyses is to be able to develop more precise and personalized marketing and advertising strategies. Depending on your behavior on a social media platform, appropriate conclusions can be drawn about your interests with the help of the evaluated data and so-called user profiles can be created. This also enables the platforms to present you with tailored advertisements. In most cases, cookies are set in your browser for this purpose, which store data about your usage behavior.

We generally assume that we remain responsible under data protection law, even if we use services of a social media platform. However, the European Court of Justice has ruled that in certain cases the operator of the social media platform may be jointly responsible with us within the meaning of Art. 26 DSGVO. Insofar as this is the case, we point this out separately and work on the basis of an agreement in this regard. The essence of the agreement is then reproduced below for the platform concerned.

Please note that when using the social media platforms or our built-in elements, data of you may also be processed outside the European Union, as many social media channels, for example Facebook or Twitter, are American companies. This may make it less easy for you to claim or enforce your rights regarding your personal data.

What data is processed?
Exactly what data is stored and processed depends on the provider of the social media platform. But usually it is data such as phone numbers, email addresses, data you enter in a contact form, user data such as which buttons you click, who you like or follow, when you visited which pages, information about your device and your IP address. Most of this data is stored in cookies. Especially if you yourself have a profile on the visited social media channel and are logged in, data can be linked to your profile.All data collected via a social media platform is also stored on the servers of the providers. Thus, only the providers have access to the data and can give you the appropriate information or make changes.

If you want to know exactly what data is stored and processed by the social media providers and how you can object to the data processing, you should carefully read the respective privacy policy of the company. Also, if you have questions about data storage and data processing or want to assert corresponding rights, we recommend that you contact the provider directly.

Duration of data processing
We will inform you about the duration of data processing below, provided we have further information on this. For example, the social media platform Facebook stores data until it is no longer needed for its own purpose. However, customer data that is matched with our own user data is already deleted within two days. In general, we only process personal data for as long as is absolutely necessary for the provision of our services and products. If it is required by law, for example in the case of accounting, this storage period may be exceeded.

Right of objectionYou also have the right and the possibility to revoke your consent to the use of cookies or third-party providers such as embedded social media elements at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection through cookies by managing, disabling or deleting cookies in your browser.Since social media tools may use cookies, we also recommend that you read our general privacy policy on cookies. To find out exactly which of your data is stored and processed, you should read the privacy statements of the respective tools.

Legal basis
If you have consented that data from you can be processed and stored by integrated social media elements, this consent is considered the legal basis of the data processing (Art. 6 para. 1 lit. a DSGVO). In principle, if consent is given, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 (1) (f) DSGVO) in fast and good communication with you or other customers and business partners.
Nevertheless, we only use the tools insofar as you have given your consent. Most social media platforms also set cookies in your browser to store data. That is why we recommend that you read our privacy text about cookies carefully and view the privacy policy or cookie policy of the respective service provider.Information on specific social media platforms - if available - can be found in the following sections.

Facebook privacy policy


What are Facebook tools?
We use selected tools from Facebook on our website. Facebook is a social media network of the company Meta Platforms Inc. or for the European area of the company Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. With the help of these tools, we can offer you and people who are interested in our products and services the best possible offer.

If data is collected from you and forwarded via our embedded Facebook elements or via our Facebook page (Fanpage), both we and Facebook Ireland Ltd. are responsible for this. Facebook is solely responsible for the further processing of this data. Our joint obligations have also been set out in a publicly available agreement at https://www.facebook.com/legal/controller_addendum. This states, for example, that we must clearly inform you about the use of Facebook tools on our site. Furthermore, we are also responsible for ensuring that the tools are securely integrated into our website in accordance with data protection law. Facebook, on the other hand, is responsible for the data security of Facebook products, for example. If you have any questions about data collection and data processing by Facebook, you can contact the company directly. If you direct the question to us, we are obliged to forward it to Facebook.
Below we provide an overview of the different Facebook tools, what data is sent to Facebook and how you can delete this data.
Among many other products, Facebook also offers the so-called "Facebook Business Tools". This is the official name of Facebook. However, since the term is hardly known, we have decided to simply call them Facebook Tools. Among them are:

  • Facebook Pixel
  • social plug-ins (such as the "Like" or "Share" button).
  • Facebook Login
  • Account Kit
  • APIs (programming interface)
  • SDKs (collection of programming tools)
  • Platform integrations
  • Plugins
  • Codes
  • Specifications
  • Documentaries
  • Technologies and services

Through these tools, Facebook extends services and has the ability to obtain information about user activity outside of Facebook.

Why do we use Facebook tools on our website?
We want to show our services and products only to people who are really interested in them. With the help of advertisements (Facebook ads), we can reach precisely these people. However, in order to show users suitable ads, Facebook needs information about people's wishes and needs. Thus, information about user behavior (and contact data) on our website is made available to the company. As a result, Facebook collects better user data and can show interested people the appropriate advertising about our products or services. The tools thus enable tailored advertising campaigns on Facebook.

Data about your behavior on our website is called "event data" by Facebook. This is also used for measurement and analysis services. Facebook can thus create "campaign reports" on our behalf about the impact of our advertising campaigns. Furthermore, analytics give us better insight into how you use our services, website or products. As a result, we use some of these tools to optimize your user experience on our website. For example, social plug-ins allow you to share content on our site directly on Facebook.

What data is stored by Facebook tools?
By using individual Facebook tools, personal data (customer data) can be sent to Facebook. Depending on the tools used, customer data such as name, address, phone number and IP address may be sent.

Facebook uses this information to match the data with the data it itself has from you (if you are a Facebook member). Before customer data is transmitted to Facebook, a so-called "hashing" takes place. This means that a data record of any size is transformed into a character string. This also serves to encrypt data.

In addition to contact data, "event data" is also transmitted. Event data" refers to the information that we receive about you on our website. For example, which subpages you visit or which products you buy from us. Facebook does not share the information it receives with third parties (such as advertisers) unless it has explicit permission or is legally required to do so. "Event data" may also be associated with contact information. This allows Facebook to offer better personalized advertising. After the matching process already mentioned, Facebook deletes the contact data again.

In order to deliver ads in an optimized manner, Facebook uses Event Data only when it has been aggregated with other data (collected by Facebook in other ways). Facebook also uses this event data for security, protection, development, and research purposes. Much of this data is transferred to Facebook via cookies. Cookies are small text files used to store data or information in browsers. Depending on the tools you use and whether you are a Facebook member, different numbers of cookies are created in your browser. We go into more detail about individual Facebook cookies in the descriptions of each Facebook tool. General information about the use of Facebook cookies can also be found at https://www.facebook.com/policies/cookies.

How long and where is the data stored?
Basically, Facebook stores data until it is no longer needed for its own services and Facebook products. Facebook has servers all over the world where its data is stored. However, customer data is deleted within 48 hours after it has been compared with its own user data.

How can I delete my data or prevent the data storage?
In accordance with the Basic Data Protection Regulation, you have the right to information, correction, transferability and deletion of your data.
A complete deletion of the data will only occur if you delete your Facebook account completely. And this is how deleting your Facebook account works:
1) Click Settings on the right side of Facebook.
2) Then click "Your Facebook information" in the left column.
3) Now click "Deactivation and deletion".
4) Now select "Delete account" and then click "Next and delete account".
5) Now enter your password, click "Next" and then click "Delete account".

The storage of data that Facebook receives via our site takes place, among other things, via cookies (e.g. for social plugins). In your browser, you can deactivate, delete or manage individual or all cookies. Depending on which browser you use, this works in different ways. Under the section "Cookies" you will find the corresponding links to the respective instructions of the most popular browsers.
If you do not want to have cookies in principle, you can set up your browser so that it always informs you when a cookie is to be set. This way, you can decide for each individual cookie whether you allow it or not.

Legal basis
If you have consented that data from you can be processed and stored by integrated Facebook tools, this consent is considered the legal basis of the data processing (Art. 6 para. 1 lit. a DSGVO). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the tools insofar as you have given your consent. Most social media platforms also set cookies in your browser to store data. That is why we recommend that you read our privacy text about cookies carefully and view Facebook's privacy policy or cookie policy.

Facebook also processes data from you in the USA, among other places. Facebook or Meta Platforms is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the USA. You can find more information about this at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

In addition, Facebook uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through the EU-US Data Privacy Framework and through the standard contractual clauses, Facebook undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the US. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Facebook Data Processing Term, which references the Standard Contractual Clauses, can be found at https://www.facebook.com/legal/terms/dataprocessing.

We hope we have brought you closer to the most important information about the use and data processing by Facebook tools. If you want to learn more about how Facebook uses your data, we recommend that you read the data policies at https://www.facebook.com/privacy/policy/.

XING Privacy Policy


What is Xing?
We use social plugins of the social media network Xing, of the company Xing SE, Dammtorstraße 30, 20354 Hamburg, Germany, on our website. Through these functions, you can, for example, share content on Xing directly via our website, log in via Xing or follow interesting content. You can recognize the plug-ins by the company name or the Xing logo. If you call up a website that uses a Xing plug-in, data may be transmitted to the "Xing servers", stored and analyzed. In this privacy policy, we want to inform you about what data is involved and how you can manage or prevent this data storage.Xing is a social network with its headquarters in Hamburg. The company specializes in managing professional contacts. That is, unlike other networks, Xing is primarily about professional networking. The platform is often used for job searches or to find employees for one's own company. In addition, Xing offers interesting content on various professional topics. The global counterpart is the American company LinkedIn.

Why do we use Xing on our website?
There is now a flood of social media channels and we are well aware that your time is very precious. Not every company's social media channel can be scrutinized closely. That's why we want to make your life as easy as possible, so you can share or follow interesting content directly from our website on Xing. With such "social plug-ins" we expand our service on our website. In addition, the data collected by Xing helps us to carry out targeted advertising measures on the platform. This means that our service is only shown to people who are really interested in it.

What data is stored by Xing?
Xing offers the share button, the follow button, and the log-in button as plug-ins for websites. As soon as you open a page where a social plug-in from Xing is installed, your browser connects to servers in a data center used by Xing. In the case of the share button, no data is to be stored - according to Xing - that could infer a direct reference to a person. In particular, Xing does not store your IP address. Furthermore, no cookies are set in connection with the share button. Thus, no evaluation of your user behavior takes place. You can find more information about this at https://dev.xing.com/plugins/share_button/privacy_policy.For the other Xing plug-ins, cookies are only set in your browser when you interact with the plug-in or click on it. Here, personal data such as your IP address, browser data, date and time of your page view on Xing may be stored. If you have a XING account and are logged in, collected data will be assigned to your personal account and the data stored therein.
The following cookies are set in your browser when you click on the follow or log-in button and are not yet logged in to Xing. Please keep in mind that this is an exemplary list and we cannot claim completeness:

Name: AMCVS_0894FF2554F733210A4C98C6%40AdobeOrg
Value: 1
Intended use: This cookie is used to create and store website visitor identifiers.
Expiration date: after end of session

Name: c_
Value: 157c609dc9fe7d7ff56064c6de87b019311993327-8
Intended use: We were unable to find out any more detailed information about this cookie.
Expiration date: after one day

Name: prevPage
Value: wbm%2FWelcome%2Flogin
Purpose: This cookie stores the URL of the previous web page you visited.
Expiration date: after 30 minutes

Name: s_cc
Value: true
Purpose: This Adobe Site Catalyst cookie determines whether cookies are generally enabled in the browser.
Expiration date: after end of session

Name: s_fid
Value: 6897CDCD1013221C-39DDACC982217CD1311993327-2
Purpose: This cookie is used to identify a unique visitor.
Expiration date: after 5 years

Name: visitor_id
Value: fe59fbe5-e9c6-4fca-8776-30d0c1a89c32
Purpose: The visitor cookie contains a unique visitor ID and the unique identifier for your account.
Expiration date: after 2 years

Name:_session_id
Value: 533a0a6641df82b46383da06ea0e84e7311993327-2
Purpose: This cookie creates a temporary session ID that is used as an in-session user ID. The cookie is absolutely necessary to provide the features of Xing.
Expiration date: after end of session

As soon as you are logged in to Xing or become a member, further personal data is definitely collected, processed and stored. Xing also discloses personal data to third parties if this is necessary for the fulfillment of its own business purposes, if you have given your consent, or if there is a legal obligation.

How long and where is the data stored?
Xing stores the data on various servers in various data centers. The company stores this data until you delete the data or until a user account is deleted. Of course, this only affects users who are already Xing members.

How can I delete my data or prevent data storage?
You have the right to access and also delete your personal data at any time. Even if you are not a Xing member, you can use your browser to prevent possible data processing or manage it according to your wishes. Most data is stored via cookies. Depending on which browser you have, the management works slightly differently. Under the section "Cookies" you will find the corresponding links to the respective instructions of the most popular browsers.

You can also basically set up your browser so that you are always informed when a cookie is to be set. Then you can always decide individually whether you want to allow the cookie or not.

Legal basis
If you have consented that data from you can be processed and stored by integrated social media elements, this consent is considered the legal basis for data processing (Art. 6 para. 1 lit. a DSGVO). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the integrated social media elements insofar as you have given your consent. Most social media platforms also set cookies in your browser to store data. That is why we recommend that you read our privacy text about cookies carefully and view the privacy policy or cookie policy of the respective service provider.
We have tried to bring you closer to the most important information about data processing by Xing. At https://privacy.xing.com/de/datenschutzerklaerung you can learn even more about the data processing of the social media network Xing.

Payment provider introduction


What is a payment processor?
We use online payment systems on our website that allow us and you a secure and smooth payment process. Among other things, personal data may be sent to the respective payment provider, stored and processed there. Payment providers are online payment systems that allow you to place an order via online banking. In this case, the payment processing is carried out by the payment provider you have chosen. We then receive information about the payment made. This method can be used by any user who has an active online banking account with PIN and TAN. There are hardly any banks left that do not offer or accept such payment methods.

Why do we use payment providers on our website?
Of course, we want to offer the best possible service with our website and our integrated online store, so that you feel comfortable on our site and use our offers. We know that your time is precious and especially payment processes must work quickly and smoothly. For these reasons we offer you various payment providers. You can choose your preferred payment provider and pay in the usual way.

What data is processed?
Exactly which data is processed depends, of course, on the respective payment provider. But basically, data such as name, address, bank data (account number, credit card number, passwords, TANs, etc.) are stored. These are necessary data to be able to carry out a transaction at all. In addition, any contractual data and user data, such as when you visit our website, what content you are interested in or which sub-pages you click on, may also be stored. Your IP address and information about the computer you are using are also stored by most payment providers.

The data is usually stored and processed on the servers of the payment providers. We as the website operator do not receive this data. We are only informed whether the payment has worked or not. For identity and credit checks, it may happen that payment providers forward data to the appropriate body. For all payment transactions, the business and data protection principles of the respective provider always apply. Therefore, please always take a look at the general terms and conditions and the privacy policy of the payment provider. You also have the right to have data deleted or corrected at any time. Please contact the respective service provider regarding your rights (right of revocation, right to information and right to be affected).

Duration of data processing
We will inform you about the duration of data processing below if we have further information on this. In general, we process personal data only as long as it is absolutely necessary for the provision of our services and products. If it is required by law, for example in the case of accounting, this storage period may be exceeded. For example, we keep accounting documents relating to a contract (invoices, contract documents, account statements, etc.) for 10 years (§ 147 AO) and other relevant business documents for 6 years (§ 247 HGB) after they are created.

Right of objection
You always have the right to information, correction and deletion of your personal data. If you have any questions, you can also contact responsible persons of the payment provider used at any time. You can find contact details either in our specific privacy policy or on the website of the corresponding payment provider.

You can delete, disable, or manage cookies that payment providers use for their functions in your browser. Depending on which browser you use, this works in different ways. Please note, however, that the payment process may then no longer work.

Legal basis
We therefore offer other payment service providers in addition to the traditional banking/credit institutions for the processing of contractual or legal relationships (Art. 6 para. 1 lit. b DSGVO). The privacy statements of the individual payment providers (such as Amazon Payments, Apple Pay or Discover) will provide you with a detailed overview of data processing and data storage. In addition, you can always contact the responsible parties if you have any questions about data protection-related topics.

Information on the specific payment providers - if available - can be found in the following sections.

American Express Privacy Policy


We use American Express on our website, a globally operating financial service provider. The service provider is the American company American Express Company. For the European area, the company American Express Europe S.A. (Avenida Partenón 12-14, 28042, Madrid, Spain) is responsible.

American Express processes data from you, among other things, also in the USA. We would like to point out that, according to the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks for the legality and security of data processing.

As a basis for data processing at recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, especially in the USA) or a data transfer there, American Express uses so-called standard contractual clauses (= Art. 46. Para. 2 and 3 GDPR). Standard contractual clauses (Standard Contractual Clauses - SCC) are templates provided by the EU Commission and are intended to ensure that your data also comply with European data protection standards when they are transferred to third countries (such as the USA) and stored there. Through these clauses, American Express commits to maintaining the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

You can find out more about the data processed through the use of American Express in the Privacy Policy at https://www.americanexpress.com/de-de/firma/legal/datenschutz-center/online-datenschutzerklarung/.

PayPal Privacy Policy


What is PayPal?
We use the online payment service PayPal on our website. The service provider is the American company PayPal Inc. For the European area, the company PayPal Europe (S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg) is responsible.

With PayPal, all users can send and receive money electronically. The company was founded in 1998 and now, with over 325 million active customers, it is one of the most well-known and largest online payment service providers worldwide.

Why do we use PayPal for our website?
There are various reasons why we use PayPal and offer it on our website. Since PayPal is one of the most well-known online payment providers, many of our website visitors also use and trust this service. PayPal also offers high security standards for digital money transfers. The service uses various encryption methods to protect your personal data as best as possible. We also appreciate the simple usability of PayPal and the possibility of international payments in different currencies. Transactions usually go very quickly, which is another advantage for both us and you as a customer.

What data is processed by PayPal?
PayPal distinguishes in their privacy policy different categories of personal data that can be processed through the use of the service. These include registration and contact data, identification and signature data, payment information, information on imported contacts, data from your account profile, device data such as your IP address, location data and so-called derived data. Derived data is understood to mean information that can be derived from transactions or other data. This can be purchase habits, behavioral patterns, creditworthiness or personal preferences.

Then there are also personal data that are collected by third parties (such as identity checkers, fraud detection providers or your bank). These data include information from credit agencies, transaction data, information on legal regulations, technical usage data, location data and again derived data.

PayPal and their partners also use tracking technologies such as cookies, pixel tags, web beacons and widgets to recognize you as a user, customize content and perform analyses for interest-based advertising.

How long and where is the data stored?
In principle, PayPal stores the data as long as it is necessary to fulfill their obligations and within the scope of the purpose. Personal data that is necessary for the customer relationship is stored up to 10 years after the end of the relationship. If PayPal is subject to a legal obligation, the storage duration of the personal data is according to the respective law (e.g. insolvency law). PayPal also stores personal data as long as necessary if the storage is advisable in view of legal disputes.

Since PayPal is a globally operating company, the service also has data centers worldwide where your data can be stored. This means that your data can also be stored outside your country and also outside the scope of the GDPR on PayPal servers.

How can I delete my data or prevent data storage?
You have the right to information, correction or deletion and restriction of the processing of your personal data at any time. You can also revoke your consent to the processing of data at any time.

If you want to deactivate, delete or manage cookies in general, you will find the corresponding links to the instructions of the most well-known browsers under the section “Cookies”.

Legal basis
We have a legitimate interest in integrating PayPal, an external payment service, and thus making our offer more attractive and improving it technically and economically. The legal basis for this is Art. 6 para. 1 lit. f DSGVO (Legitimate Interests). We would like to point out that you can only use PayPal if you enter into a contractual relationship with PayPal. It may be necessary to provide further data protection and contractual declarations (e.g. consent).

PayPal also processes data from you in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks for the legality and security of data processing.

As a basis for data processing at recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, especially in the USA) or a transfer of data to these countries, PayPal uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data also comply with European data protection standards when they are transferred to third countries (such as the USA) and stored there. Through these clauses, PayPal commits itself to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

You can find more information about the standard contractual clauses and the data processed by using PayPal in the privacy policy at https://www.paypal.com/webapps/mpp/ua/privacy-full.

Visa Privacy Policy


We use Visa, a global payment provider, on our website. The service provider is the American company Visa Inc. The company responsible for the European region is Visa Europe Services Inc. (1 Sheldon Square, London W2 6TT, United Kingdom) is responsible for Europe.

Visa also processes data from you in the USA, among other places. We would like to point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may be associated with various risks for the legality and security of data processing.

Visa uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO) as the basis for data processing with recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data comply with European data protection standards even if they are transferred to and stored in third countries (such as the USA). Through these clauses, Visa undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the US. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=deMore information on Visa's standard contractual clauses can be found at https://www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung/mitteilung-zu-zustandigkeitsfragen-fur-den-ewr.html.

To learn more about the data processed through the use of Visa, please see the Privacy Policy at https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.


Audio & Video Introduction

What are audio and video elements?

We have included audio or video elements on our website so that you can watch videos or listen to music/podcasts directly via our website. The content is provided by service providers. All content is therefore also obtained from the corresponding servers of the providers.

These are embedded functional elements of platforms such as YouTube, Vimeo or Spotify. The use of these portals is usually free of charge, but paid content can also be published. With the help of these embedded elements, you can listen to or view the respective content via our website.

When you use audio or video elements on our website, personal data about you may also be transmitted to, processed and stored by the service providers.

Why do we use audio & video elements on our website?

Of course, we want to provide you with the best offer on our website. And we realize that content is no longer conveyed merely in text and static images. Instead of just giving you a link to a video, we offer audio and video formats directly on our website that are entertaining or informative and ideally even both. This expands our service and makes it easier for you to access interesting content. Thus, in addition to our text and images, we also offer video and/or audio content.

What data is stored by audio & video elements?

When you access a page on our website that has an embedded video, for example, your server connects to the service provider's server. In the process, data from you is also transferred to the third-party provider and stored there. Some data is collected and stored quite independently of whether or not you have an account with the third-party provider. This usually includes your IP address, browser type, operating system, and other general information about your terminal device. Furthermore, most providers also collect information about your web activity. This includes session duration, bounce rate, which button you clicked on, or which website you used to access the service. All this information is usually stored via cookies or pixel tags (also called web beacons). Pseudonymized data is mostly stored in cookies in your browser. You can always find out exactly what data is stored and processed in the privacy policy of the respective provider.

Duration of the data processing

You can find out exactly how long the data is stored on the servers of the third-party providers either below in the data protection text of the respective tool or in the privacy policy of the provider. In principle, personal data is only processed for as long as is absolutely necessary for the provision of our services or products. As a rule, this also applies to third-party providers. In most cases, you can assume that certain data will be stored on the servers of third-party providers for several years. Data can be stored for different lengths of time specifically in cookies. Some cookies are already deleted after leaving the website, others can be stored in your browser for several years.

Right of objection

You also have the right and the possibility to revoke your consent to the use of cookies or third-party providers at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection through cookies by managing, disabling or deleting cookies in your browser. The lawfulness of the processing until the revocation remains unaffected.

Since the integrated audio and video functions on our site usually also use cookies, you should also read our general privacy policy on cookies. In the privacy statements of the respective third-party providers, you can learn more about the handling and storage of your data.

Legal basis

If you have consented that data from you can be processed and stored by integrated audio and video elements, this consent is considered the legal basis for data processing (Art. 6 para. 1 lit. a DSGVO). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the integrated audio and video elements if you have given your consent.

YouTube privacy policy


What is YouTube?
We have incorporated YouTube videos on our website. This way we can present you interesting videos directly on our site. YouTube is a video portal that has been a subsidiary of Google since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you call up a page on our website that has a YouTube video embedded, your browser automatically connects to the YouTube or Google servers. In the process, various data are transferred (depending on the settings). Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all data processing in the European area.

In the following, we would like to explain in more detail what data is processed, why we have embedded YouTube videos and how you can manage or delete your data.

On YouTube, users can watch, rate, comment on and upload videos for free. Over the last few years, YouTube has become one of the most important social media channels in the world. In order for us to display videos on our website, YouTube provides a code snippet that we have built into our site.

Why do we use YouTube videos on our website?
YouTube is the video platform with the most visitors and the best content. We are committed to providing you with the best possible user experience on our website. And of course, we can't do without interesting videos. With the help of our embedded videos, we provide you with other helpful content in addition to our text and images. In addition, the embedded videos make our website easier to find on the Google search engine. Also, when we run ads via Google Ads, Google - thanks to the collected data - can really only show these ads to people who are interested in our offers.

What data is stored by YouTube?
As soon as you visit one of our pages that has a YouTube video embedded, YouTube sets at least one cookie that stores your IP address and our URL. If you are logged into your YouTube account, YouTube can usually assign your interactions on our website to your profile using cookies. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution or your internet provider. Other data may include contact details, any ratings, sharing of content via social media or adding to your favorites on YouTube.

If you are not signed in to a Google Account or YouTube account, Google stores data with a unique identifier associated with your device, browser, or app. For example, your preferred language setting is retained. But a lot of interaction data can't be stored because fewer cookies are set.

In the following list, we show cookies that were set in a test in the browser. On the one hand, we show cookies that are set without a logged-in YouTube account. On the other hand, we show cookies that are set with a logged-in account. The list cannot claim to be complete, because the user data always depends on the interactions on YouTube.

Name: YSC
Wert: b9-CV6ojI5Y311993327-1
Purpose: This cookie registers a unique ID to store statistics of the watched video.
Expiration date: after end of session

Name: PREF
Value: f1=50000000
Purpose: This cookie also registers your unique ID. Google gets statistics about how you use YouTube videos on our website via PREF.
Expiration date: after 8 months

Name: GPS
Value: 1
Intended use: This cookie registers your unique ID on mobile devices to track GPS location.
Expiration date: after 30 minutes

Name: VISITOR_INFO1_LIVE
Value: 95Chz8bagyU
Intended use: This cookie attempts to estimate the user's bandwidth on our web pages (with embedded YouTube video).
Expiration date: after 8 months

Other cookies that are set when you are logged in with your YouTube account:

Name: APISID
Wert: zILlvClZSkqGsSwI/AU1aZI6HY7311993327-
Purpose: This cookie is used to create a profile about your interests. The data is used for personalized advertisements.
Expiration date: after 2 years

Name: CONSENT
Wert: YES+AT.de+20150628-20-0
Purpose: The cookie stores the status of a user's consent to use various Google services. CONSENT is also used for security purposes to verify users and protect user data from unauthorized attacks.
Expiration date: after 19 years

Name: HSID
Value: AcRwpgUik9Dveht0I
Purpose: This cookie is used to create a profile about your interests. This data helps to display personalized advertising.
Expiration date: after 2 years

Name: LOGIN_INFO
Value: AFmmF2swRQIhALl6aL...
Purpose: This cookie stores information about your login data.
Expiration date: after 2 years

Name: SAPISID
Value: 7oaPxoG-pZsJuuF5/AnUdDUIsJ9iJz2vdM
Intended use: This cookie works by uniquely identifying your browser and device. It is used to create a profile about your interests.
Expiration date: after 2 years

Name: SID
Wert: oQfNKjAsI311993327-
Purpose: This cookie stores your Google account ID and your last login time in digitally signed and encrypted form.
Expiration date: after 2 years

Name: SIDCC
Value: AN0-TYuqub2JOcDTyL
Purpose: This cookie stores information about how you use the website and what advertisements you may have seen before visiting our site.
Expiration date: after 3 months

How long and where is the data stored?
The data that YouTube receives from you and processes is stored on Google servers. Most of these servers are located in America. You can see exactly where Google data centers are located at https://www.google.com/about/datacenters/locations/?hl=de. Your data is distributed on the servers. This means that the data can be accessed more quickly and is better protected against manipulation.

Google stores the collected data for different lengths of time. Some data you can delete at any time, others are automatically deleted after a limited time, and still others are stored by Google for a longer period of time. Some data (such as items from "My Activity", photos or documents, products) stored in your Google Account will remain stored until you delete them. Even if you are not signed into a Google account, you can delete some data associated with your device, browser, or app.

How can I delete my data or prevent the data storage?
Basically, you can delete data in Google Account manually. With the automatic deletion function of location and activity data introduced in 2019, information is stored depending on your decision - either 3 or 18 months and then deleted.

Whether you have a Google account or not, you can configure your browser to delete or disable cookies from Google. Depending on which browser you use, this works in different ways. Under the section "Cookies" you will find the corresponding links to the respective instructions of the most popular browsers.

If you do not want to have cookies in principle, you can set up your browser so that it always informs you when a cookie is to be set. This way, you can decide for each individual cookie whether you allow it or not.

Legal basis
If you have consented that data from you can be processed and stored by embedded YouTube elements, this consent is considered the legal basis for data processing (Art. 6 para. 1 lit. a DSGVO). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the embedded YouTube elements insofar as you have given your consent. YouTube also sets cookies in your browser to store data. That is why we recommend that you read our privacy text about cookies carefully and view the privacy policy or cookie policy of the respective service provider.

Youtube also processes data from you in the USA, among other places. Youtube or Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the USA. You can find more information about this at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

In addition, Google uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through the EU-US Data Privacy Framework and through the standard contractual clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the US. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Processing Terms, which refer to the standard contractual clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.

Since YouTube is a subsidiary of Google, there is a joint privacy policy. If you want to learn more about how your data is handled, we recommend the privacy policy at https://policies.google.com/privacy?hl=de.

All texts are protected by copyright.
Source: Created with the Privacy Generator by AdSimple

Processing of personal data in the company


We process personal data that we receive from you in the context of an inquiry, the initiation of business or our business relationship. We further process, to the extent necessary for the performance of the contract, personal data that we have permissibly received from other companies or from other third parties (e.g. for the execution of orders, for the performance of contracts or on the basis of consent given by you). Relevant personal data are personal details (name, address and other contact details, birthday, etc.). In addition, this may also include order data, data from the fulfillment of our contractual obligations, advertising and sales data, documentation data, as well as other data comparable to the categories mentioned.

1. purposes and legal bases of the processing
The purposes of the processing are primarily based on the service you have commissioned or requested.

1.1 Processing is necessary for the performance of a contract or for the implementation of pre-contractual measures ((Art. 6 para. 1 letter b DSGVO).- The processing of personal data is carried out for the initiation and/or conclusion of a contract with our company (inquiries, orders, contract, etc.).

1.2 The processing takes place within the framework of the balancing of interests (Art. 6 para. 1 letter f DSGVO). To the extent necessary, we process your data beyond the actual performance of the contract to protect legitimate interests of us or third parties.- Advertising or market and opinion research, insofar as you have not objected to the use of your data.- Assertion of legal claims and defense in legal disputes- Ensuring IT security- Prevention and investigation of criminal offences- Measures for business management and further development of services and products.

1.3 You have given your consent to the processing of personal data concerning you for one or more specific purposes (Art. 6 para. 1 letter A DSGVO).- Insofar as you have given us consent to process personal data for specific purposes (e.g. advertising, newsletter mailing), the lawfulness of this processing is based on your consent.- Consent given can be revoked at any time.- The revocation shall only apply with effect for the future. Processing that took place before the revocation is not affected by this.

2. recipients or categories of recipients of the data (if a data transfer takes place)

2.1 Within the company, those departments will receive your data that need it to fulfill our contractual and legal obligations. Processors used by us (Art. 28 DS-GVO) may also receive data for these purposes. These are companies in the categories of IT services, printing services, telecommunications, advice and consulting, and sales and marketing.

2.2 Outside the company may receive your data, if necessary, companies that require it to fulfill our contractual obligations. Under these conditions, recipients of personal data may be, for example:- Tax advisors, auditors, consultants- Lawyers (disputes, debt collection, etc.)- Banks/savings banks- Transport and/or logistics companies

3. storage period or criteria for determining the period
To the extent necessary, we process and store your personal data for the duration of our business relationship, which includes, for example, the initiation and execution of a contract. In addition, we are subject to various retention and documentation obligations, which are mainly based on the German Commercial Code (HGB) and the German Fiscal Code (AO). The retention and documentation periods specified there are six to ten years.

Finally, the storage period is also assessed according to the statutory limitation periods, which, for example, according to §§ 195 ff. of the German Civil Code (BGB), are generally 3 years; if it is necessary to preserve evidence, for example in the context of legal proceedings, the limitation periods of the German Civil Code (BGB) can be up to 30 years if a legal title exists.

After termination of the contractual relationship, the data will be deleted after expiry of the statutory retention periods.
The storage period of the data for the newsletter dispatch takes place until the data subject objects to the sending of the newsletter with effect for the future.

4. Voluntariness and obligation to provide personal data
Within the scope of our business relationship, those personal data must be provided that are necessary for the establishment and implementation of a business relationship and the fulfillment of the associated contractual obligations or that we are legally obligated to collect. Without this data, we are not able to conclude a contract or carry it out.

5. Automated decision-making including profiling
For the establishment and implementation of the business relationship, we generally do not use exclusively automated decision-making in the sense of Art. 22 DSGVO.

Changes to this privacy policy


We reserve the right to adjust the above data protection provisions from time to time in accordance with future changes regarding the collection and processing of personal data.