DE

SSL and TLS encryption

Whenever you enter your data on websites, place online orders or send emails over the Internet, you must always expect that unauthorized third parties may access your data. There is no complete protection against such access. However, we do everything we can to protect your data as effectively as possible and to close security gaps to the extent possible for us.

An important protection mechanism is the SSL or TLS encryption of our website, which ensures that data you transmit to us cannot be read by third parties. You can recognize the encryption by the lock icon shown in your browser in front of the Internet address you entered and by the fact that our Internet address begins with https:// and not with http://.

Transfer of data to the USA

We also use tools on our website from companies that transfer your data to the USA and store it there and may process it further where applicable. The European Commission has adopted an adequacy decision for the EU-US Data Privacy Framework. This establishes that the USA ensures an adequate level of protection for personal data from the EU that is transferred to US companies. This decision is based on new guarantees and measures introduced by the USA to meet data protection requirements. The adequacy decision includes, among other things, restrictions and safeguards regarding access to the data by US intelligence services. Binding safeguards have been introduced to limit access by US intelligence services to what is necessary and proportionate for the protection of national security. In addition, enhanced oversight of the activities of US intelligence services has been established to ensure that the restrictions on surveillance activities are complied with. An independent redress mechanism has also been established to handle and resolve complaints from European citizens regarding access to their data. The EU-US Data Privacy Framework thus enables European companies to transfer data to certified US companies without having to introduce additional data protection safeguards. You can view a list of all certified companies at the following link: https://www.dataprivacyframework.gov/s/participant-search

A change to the European Commission’s decision cannot be ruled out.

Hosting and Content Delivery Networks (CDN)

External hosting

Our website is hosted on a server of the following Internet service provider (host):

Has a data processing agreement been concluded with the host or are Standard Contractual Clauses (SCC) used?

Yes

How do we process your data?

The host stores all data of our website. This also includes all personal data that is collected automatically or through your input. In particular, this may include: your IP address, pages accessed, names, contact details and inquiries, as well as meta and communication data. In processing data, our host follows our instructions and processes the data only to the extent necessary to fulfil its obligations to us.

On what legal basis do we process your data?

Since we address potential customers via our website and maintain contact with existing customers, the data processing by our host serves the initiation and performance of contracts and is therefore based on Article 6(1)(b) GDPR. In addition, it is our legitimate interest as a company to provide a professional Internet presence that meets the necessary requirements for security, speed and efficiency. In this respect, we also process your data on the basis of Article 6(1)(f) GDPR.

Use of cookies

Our website places cookies on your device. These are small text files used for various purposes. Some cookies are technically necessary for the website to function at all (necessary cookies). Others are needed to perform certain actions or functions on the site (functional cookies). For example, without cookies it would not be possible to use the advantages of a shopping cart in an online shop. Still other cookies serve to analyse user behaviour or optimise advertising measures. If we use third-party services on our website, e.g. to process payment transactions, these companies may also place cookies on your device when you access the website (so-called third-party cookies).

How do we process your data?

Session cookies are stored on your device only for the duration of a session. As soon as you close the browser, they disappear automatically. Persistent cookies, on the other hand, remain on your device unless you delete them yourself. This can, for example, lead to your user behaviour being analysed on an ongoing basis. You can influence how your browser handles cookies via your browser settings:

• Would you like to be informed when cookies are set?
• Would you like to generally exclude cookies or exclude them in specific cases?
• Would you like cookies to be deleted automatically when you close the browser?

If you disable or do not allow cookies, the functionality of the website may be restricted.

If we use cookies from other companies or for analysis purposes, we inform you about this within the scope of this Privacy Policy. We also request your consent in this regard when you access our website.

On what legal basis do we process your data?

We have a legitimate interest in ensuring that our online services can be used by visitors without technical problems and that all desired functions are available. The storage of necessary and functional cookies on your device is therefore based on Article 6(1)(f) GDPR. We use all other cookies on the basis of Article 6(1)(a) GDPR, provided that you give us your consent. You can withdraw this consent at any time with effect for the future. If you have consented to the placement of necessary and functional cookies when your consent was requested, the storage of these cookies is also based exclusively on your consent.

Cookie consent with Complianz

What is Complianz?

Consent Management Provider (CMP) for obtaining, processing and forwarding GDPR-compliant consents

Who processes your data?

Complianz is a locally integrated tool; processing is carried out directly by the controller. The provider of Complianz is Complianz B.V., Kalmarweg 14-5, 9723 JG Groningen, Netherlands

How do we process your data?

We use Complianz to obtain your consent for storing cookies on your device and to document it in a GDPR-compliant manner. If you visit our website and close the cookie window of Complianz with the consent request, the following data is stored:

• Your IP address (from which your country is also determined)
• the browser used
• the language used
• the website accessed

In addition, Complianz stores various cookies in your browser in order to be able to assign the consents given or their withdrawal to your browser. All collected data is stored for as long as the cookies are needed, until you delete the Complianz cookies or you request us to delete the data. This does not apply only if we are legally obliged to retain the data. No connection to third-party servers is established.

On what legal basis do we process your data?

We are legally obliged to obtain the consent of our website visitors for the use of certain cookies. To fulfil this obligation, we use Complianz. The legal basis for data processing is therefore Article 6(1)(c) GDPR.

Contact form

You can send us a message via the contact form on this website.

How do we process your data?

We store your message and the information from the form in order to process your inquiry, including follow-up questions. This also includes the contact details you provide. We do not pass the data on to other persons without your consent.

How long do we store your data?

We delete your data as soon as one of the following occurs:

• Your inquiry has been conclusively processed.
• You request that we delete the data.
• You withdraw your consent to the storage.

This does not apply only if we are legally obliged to retain the data.

On what legal basis do we process your data?

If your inquiry is related to our contractual relationship or serves the implementation of pre-contractual measures, we process your data on the basis of Article 6(1)(b) GDPR. In all other cases, it is our legitimate interest to process inquiries addressed to us effectively. The legal basis for data processing is therefore Article 6(1)(f) GDPR. If you have consented to the storage of your data, Article 6(1)(a) GDPR is the legal basis. In this case, you can withdraw your consent at any time with effect for the future.

Inquiry by email, telephone or fax

You can send us a message by email or fax, or you can call us.

How do we process your data?

We store your message as well as the contact details you provide yourself or the transmitted telephone number in order to process your inquiry, including follow-up questions. We do not pass the data on to other persons without your consent.

How long do we store your data?

We delete your data as soon as one of the following occurs:

• Your inquiry has been conclusively processed.
• You request that we delete the data.
• You withdraw your consent to the storage.

This does not apply only if we are legally obliged to retain the data.

On what legal basis do we process your data?

If your inquiry is related to our contractual relationship or serves the implementation of pre-contractual measures, we process your data on the basis of Article 6(1)(b) GDPR. In all other cases, it is our legitimate interest to process inquiries addressed to us effectively. The legal basis for data processing is therefore Article 6(1)(f) GDPR. If you have consented to the storage of your data, Article 6(1)(a) GDPR is the legal basis. In this case, you can withdraw your consent at any time with effect for the future.

Analytics tools and advertising

We use the following tools to analyse the behaviour of our website visitors and to show you advertising.

Google Tag Manager

What is Google Tag Manager?

Tag management system for integrating tracking codes and conversion pixels provided by Google Ireland Ltd.

Who processes your data?

Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland

Where can you find further information about data protection at Google Tag Manager?

https://policies.google.com/privacy

On what basis do we transfer your data to the United States?

On the basis of the adequacy decision of the European Commission and the corresponding certification of the company.

How do we process your data?

We use Google Tag Manager. This tool helps us to integrate tracking codes and conversion pixels into our website, to manage them and to deploy them. Google Tag Manager itself does not create user profiles, does not place cookies on your device, and does not analyze your behavior as a user. However, it does collect your IP address and transmits it to Google servers in the United States.

On what legal basis do we process your data?

We have a legitimate interest in the fast and uncomplicated integration and management of various tools on our website. The use of Google Tag Manager is therefore lawful pursuant to Art. 6(1)(f) GDPR. If you have consented to the transfer of your IP address, we process your data exclusively on the basis of Art. 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future.

IONOS WebAnalytics

What is IONOS WebAnalytics?

Tool for analysing user behaviour

Who processes your data?

1&1 IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany

Where can you find further information about data protection at IONOS WebAnalytics?

https://www.ionos.de/terms-gtc/index.php?id=6

How do we process your data?

We are always interested in optimising our web offering for users and placing advertising in an optimal way. IONOS WebAnalytics helps us with this. The tool records how many people visit our website and how they behave, from which website they came to our website, where they are located and which browser and operating system versions they use. In particular, the following data is stored:

• referrer (previously visited website)
• requested website or file
• browser type and browser version
• operating system used
• device type used
• time of access
• IP address in anonymised form (used only to determine the location of access)

According to IONOS WebAnalytics, all data is collected completely anonymously. You therefore cannot be identified. No cookies are placed on your device either.

On what legal basis do we process your data?

As the website operator, we have a legitimate interest in the anonymised analysis of user behaviour for the purpose of optimising our web offering and the advertising placed there. The data processing is therefore lawful under Article 6(1)(f) GDPR. In the event that you have consented to data processing by IONOS WebAnalytics, Article 6(1)(a) GDPR is exclusively the legal basis. You can withdraw your consent at any time with effect for the future.

Google Ads

What is Google Ads?

Online advertising program of Google Ireland Ltd.

Who processes your data?

Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland

Where can you find further information about data protection at Google Ads?

https://policies.google.com/privacy?hl=de&gl=de

On what basis do we transfer your data to the USA?

On the basis of the European Commission’s adequacy decision and the company’s corresponding certification.

How do we process your data?

We use Google Ads. Google’s advertising program enables us to display advertisements in the Google search engine or on third-party websites when visitors to our website enter certain search terms on Google (keyword targeting). Furthermore, we can place targeted advertisements based on user data available at Google (e.g. location data and interests) (audience targeting). We evaluate the collected data quantitatively by analysing, for example, which search terms led to our advertisements being displayed and how many advertisements led to corresponding clicks.

On what legal basis do we process your data?

As the website operator, we have a legitimate interest in placing and evaluating advertisements. The data processing is therefore lawful under Article 6(1)(f) GDPR. In the event that you have, for example, consented to the storage of cookies or otherwise consented to data processing by Google, Article 6(1)(a) GDPR is exclusively the legal basis. You can withdraw your consent at any time with effect for the future.

Google Conversion Tracking

What is Google Conversion Tracking?

Tool for analyzing user behavior provided by Google Ireland Ltd.

Who processes your data?

Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland

Where can you find further information about data protection at Google Conversion Tracking?

https://www.google.de/intl/de/policies/privacy/

On what basis do we transfer your data to the United States?

On the basis of the adequacy decision of the European Commission and the corresponding certification of the company.

How do we process your data?

We are always interested in optimizing our website for users and placing advertising in the most effective manner. For this purpose, we also use Google Conversion Tracking. With its help, we can determine whether and how often visitors to our website have clicked on certain buttons and which products were viewed and purchased particularly frequently (conversion statistics). In the course of data collection and storage, we do not receive any information that enables us to personally identify individual visitors. Google itself uses cookies or comparable recognition technologies for identification purposes.

On what legal basis do we process your data?

As the website operator, we have a legitimate interest in analyzing user behavior for the purpose of optimizing our website and the advertising placed on it. The data processing is therefore lawful pursuant to Art. 6(1)(f) GDPR. In the event that you have, for example, consented to the storage of cookies or otherwise consented to data processing by Google Conversion Tracking, Art. 6(1)(a) GDPR shall be the sole legal basis. You may withdraw your consent at any time with effect for the future.

Plugins and tools

Google Fonts (local hosting)

We use fonts from the US company Google on our website. We have installed the fonts locally so that no connection to Google’s servers is established when you visit our website.

Further information about Google Fonts can be found at https://developers.google.com/fonts/faq and in Google’s Privacy Policy: https://policies.google.com/privacy?hl=de.

Wordfence

What is Wordfence?

Firewall and security scanner for WordPress websites

Who processes your data?

Defiant Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA

Where can you find further information about data protection at Wordfence?

https://www.wordfence.com/privacy-policy/

On what basis do we transfer your data to the USA?

On the basis of Standard Contractual Clauses of the European Commission (see https://www.wordfence.com/help/general-data-protection-regulation/)

How do we process your data?

To protect our website from malicious traffic, we use the Wordfence plugin. It identifies and blocks data that contains malicious code or content and checks core files, themes and plugins for malware, malicious URLs, backdoors, SEO spam, malicious redirects and code injections. In order for these measures to be carried out, our website is permanently connected to the servers of Defiant Inc. in the USA. Accesses to our website are compared on those servers with data that Wordfence has stored in its database and are blocked where applicable.

On what legal basis do we process your data?

As the website operator, we have a legitimate interest in protecting ourselves from malicious traffic. The data processing is therefore lawful under Article 6(1)(f) GDPR.

If you have consented to the data processing, we process your data exclusively on the basis of Article 6(1)(a) GDPR. You can withdraw your consent at any time. From the time of withdrawal, we may no longer process your data.

OneDrive

What is OneDrive?

Cloud storage

Who processes your data?

Microsoft Corp., One Microsoft Way, Redmond, WA 98052-6399, USA

Where can you find further information about data protection at OneDrive?

https://privacy.microsoft.com/de-de/privacystatement

On what basis do we transfer your data to the USA?

On the basis of the European Commission’s adequacy decision and the company’s corresponding certification.

How do we process your data?

You can upload files on our website. For this purpose, we use the OneDrive cloud storage. The files are stored on the servers of the US company Microsoft. When you visit our website, a connection to OneDrive is also established. The cloud storage thus records that our website was accessed via your IP address.

On what legal basis do we process your data?

We have a legitimate interest in offering a reliable upload area on our website. The processing of your data is therefore based on Article 6(1)(f) GDPR. If you have consented to the data processing, we process your data exclusively on the basis of Article 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future.

Audio and video conferences

As a company, we are in contact with many people: customers, business partners, service providers, etc. For this exchange, in addition to other means of communication, we also use so-called online conference tools. Information relevant under data protection law about the provider(s) of the tools we use can be found at the end of this section. If you communicate with us via such a tool, not only we, but in particular the provider of the respective tool processes your personal data.

How do we process your data?

Online conference tools collect and store various personal data in order to enable participation in an online conference and its smooth execution. In addition to registration, conference and technical data, this also concerns certain communication content.

• Registration data: your email address and/or telephone number and, where applicable, further data that you provide when registering for the conference.
• Conference data: start, end and duration of your participation in the conference, the number of participants and other metadata relating to the conference.
• Technical data: IP address, MAC address, device ID, device type, operating system and version, client version, camera type, microphone or speaker, and the type of connection.
• Communication content: cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards and other information shared while using the service.

Please refer to the privacy policies of the respective conference tool provider for details on data processing.

How long do we store your data?

We, as your communication partner, delete your data from our systems as soon as one of the following occurs:

• The purpose of the data processing no longer applies.
• You request that we delete the data.
• You withdraw your consent to the storage.

This does not apply only if we are legally obliged to retain the data.

Cookies remain on your device until you delete them.

The providers of conference tools also store your data for their own purposes. Please ask the providers directly what this means for the duration of storage of your data.

On what legal basis do we process your data?

If we are already contractually connected or you would like to conclude a contract with us, we use conference tools to fulfil the contract or to inform you about our services or products. In this respect, the data processing is based on Article 6(1)(b) GDPR. Otherwise, the use of conference tools serves simple and fast communication without which we could not run our company efficiently. We therefore also have a legitimate interest in data processing pursuant to Article 6(1)(f) GDPR. Another legal basis may be your consent. In this case, Article 6(1)(a) GDPR is relevant. This basis ceases to apply for the future if you withdraw your consent.

Which online conference tools do we use?

Microsoft Teams

What is Microsoft Teams?

Communication platform for collaboration in teams

Who processes your data?

Microsoft Corp., One Microsoft Way, Redmond, WA 98052-6399, USA

Where can you find further information about data protection at Microsoft Teams?

https://privacy.microsoft.com/de-de/privacystatement

On what basis do we transfer your data to the USA?

On the basis of the European Commission’s adequacy decision and the company’s corresponding certification.

Webex

What is Webex?

Communication platform for video conferences and cloud-based telephony

Who processes your data?

Webex Communications Deutschland GmbH, Hansaallee 249 c/o Cisco Systems GmbH, 40549 Düsseldorf, Germany

Where can you find further information about data protection at Webex?

https://www.cisco.com/c/de_de/about/legal/privacy-full.html

On what basis do we transfer your data to the USA?

On the basis of the European Commission’s adequacy decision and the company’s corresponding certification.

Data processing on social media

What is social media?

By social media we mean the social networks on which we have created publicly accessible profiles. Which social networks these are specifically can be found below.

Who processes your data?

The respective operating companies of the social networks. You will find the individual operators below for the respective networks.

How is your data processed?

The operators of social networks are generally able to collect and evaluate extensive data about the behaviour of visitors and users of the network. We are not able to track all processing operations in the social networks we use, which means that further processing operations not listed here may be carried out by the operators of the social networks. You can find further information in the terms of use and privacy policies of the respective social networks.

The processing of your data may be triggered by you visiting the website of the social network or our profile page there. Even if you access a website that uses certain content of the network, e.g. like or share buttons, data may already be transmitted to the operators of the social network. If you are yourself a user of the social network and are logged into your user account, your visit to our profile page can be assigned by the operator of the social network to your account. Even if you have not registered a user account yourself or are not logged in, it is possible that the operator of the network still collects your personal data, e.g. by collecting your IP address or setting cookies. Using this data, the operators can create user profiles adapted to your behaviour and interests and show you interest-based advertising inside and outside the network. If you are a registered user of the network, interest-based advertising can also be displayed on all devices on which you are logged in or have been logged in.

On what legal basis is your data processed?

Our profiles in the social networks are intended to ensure the broadest possible presence of our company on the Internet. We have a legitimate interest in this as a company. The data processing is therefore lawful under Article 6(1)(f) GDPR.

Data processing operations and analyses carried out by the operators of the social networks themselves may be based on other legal bases. These must be stated by the operators of the social networks.

Who is responsible for processing your data and how can you exercise your rights?

If you visit one of our profiles in the social networks, we are jointly responsible with the operator of the respective network for the data processing operations triggered by this visit. You can generally exercise your rights both against us and against the operator of the respective network.

Despite the joint responsibility with the operators of the social networks, our influence on the data processing operations of the respective operator is limited and is primarily based on the operator’s specifications.

How long is your data stored?

If we collect data via our profiles in the social networks, this data will be deleted from our systems as soon as the purpose for its storage no longer applies, you request us to delete it or you withdraw your consent to storage. Stored cookies remain on your device until you delete them. Mandatory statutory provisions – in particular retention periods – remain unaffected.

We have no influence on how long the operators of the social networks store your data that they collect for their own purposes. For information on this, please contact the operator of the respective social network directly, e.g. in the respective privacy policy.

Which social media do we use?

LinkedIn

What is LinkedIn?

A social network for business contacts

Who processes your data?

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

Is your data transferred to third countries?

Yes

Where can you find further information about data protection at LinkedIn?

https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy

Where can you, as a user, adjust your privacy settings?

As a registered LinkedIn user, you can adjust your privacy settings in your user account. Click the following link and log in:
https://www.linkedin.com/psettings/

Xing

What is Xing?

A social network for professional contacts

Who processes your data?

New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany

Is your data transferred to third countries?

Yes, for the performance of the contract with Xing, if you have given consent, if it is necessary for the establishment, exercise or defence of legal claims, or if an adequacy decision pursuant to Article 45 GDPR or appropriate safeguards pursuant to Article 46 GDPR exist.

Where can you find further information about data protection at Xing?

https://privacy.xing.com/de/datenschutzerklaerung/druckversion

Where can you, as a user, adjust your privacy settings?

As a registered Xing user, you can adjust your privacy settings in your user account. Click the following link and log in:
https://www.xing.com/settings/privacy