Introduction and overview

We have prepared this privacy policy (version 22.09.2022-312137656) in order to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (data for short) we as the controller – and the processors commissioned by us (e.g. providers) – process, will process in the future and what lawful options you have. The terms used are to be understood as gender-neutral.
In short, we provide you with comprehensive information about the data we process about you. Data protection declarations usually sound very technical and use technical legal terms. This privacy policy, on the other hand, is intended to describe the most important things to you as simply and transparently as possible. Where it is conducive to transparency, technical terms are explained in a reader-friendly way, links to further information are provided and graphics are used. We thus inform you in clear and simple language that we only process personal data as part of our business activities if there is a corresponding legal basis. This is certainly not possible by providing explanations that are as concise, unclear and legally technical as possible, as is often standard on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative and perhaps there is one or two pieces of information that you did not yet know. If you still have any questions, we would ask you to contact the responsible body named below or in the legal notice, follow the links provided and look at further information on third-party websites. Our contact details can of course also be found in the legal notice.

Area of application

This privacy policy applies to all personal data processed by us in the company and to all personal data processed by companies commissioned by us (processors). By personal data, we mean information within the meaning of Art. 4 No. 1 GDPR, such as a person’s name, email address and postal address. The processing of personal data ensures that we can offer and bill our services and products, whether online or offline. The scope of application of this privacy policy includes: all online presences (websites, online stores) that we operate social media presences and email communication mobile apps for smartphones and other devices
In short: the privacy policy applies to all areas in which personal data is processed in a structured manner in the company via the aforementioned channels Company processes personal data in a structured manner via the aforementioned channels. If we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.

Contact details of the person responsible

If you have any questions about data protection or the processing of personal data
you will find the contact details of the person or body responsible below:
Eco Containertrans GmbH
Hegenheimer Straße 3
79576 Weil am Rhein
E-Mail: info@eco-containertrans.de
Telefon: +49 7621/709500
Impressum: https://www.eco-containertrans.de/impressum/

Legal basis

In the following privacy policy, we provide you with transparent information on the legal principles and regulations, i.e. the legal bases of the General Data Protection Regulation, which enable us to process personal data. As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. You can of course access this EU General Data Protection Regulation online on EUR-Lex, the gateway to EU law,unter https://eur-lex.europa.eu/legal-content/DE/ALL/?uri=celex%3A32016R0679 nachlesen.

We only process your data if at least one of the following conditions applies:

for a specific purpose. An example would be the storage of your data entered in a contact form.

2. contract (Article 6(1)(b) GDPR): In order to fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a purchase contract with you, we need personal information in advance.

3. legal obligation (Article 6(1)(c) GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally obliged to keep invoices for accounting purposes. These usually contain personal data.

4. legitimate interests (Article 6(1)(f) GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to operate our website securely and efficiently. This processing is therefore a legitimate interest.

Other conditions such as recording in the public interest, the exercise of official authority and the protection of vital interests do not generally apply to us. If such a legal basis is relevant, it will be indicated at the appropriate point.

In addition to the EU Regulation, national laws also apply: In Austria, this is the Federal Act on the Protection of Natural Persons with regard to the Processing of Personal Data (Data Protection Act), or DSG for short. In Germany, the Federal Data Protection Act (BDSG) applies. If other regional or national laws apply, we will inform you about them in the following sections.

Storage duration

It is a general criterion for us that we only store personal data for as long as is absolutely necessary for the provision of our services and products. This means that we delete personal data as soon as the reason for the data processing no longer exists. In some cases, we are legally obliged to store certain data even after the original purpose has ceased to exist, for example for accounting purposes. If you wish your data to be deleted or revoke your consent to data processing, the data will be deleted as quickly as possible, provided there is no obligation to store it. We will inform you below about the specific duration of the respective data processing if we have further information on this.

Rights under the General Data Protection Regulation

In accordance with Articles 13, 14 GDPR, we inform you of the following rights to which you are entitled in order to ensure fair and transparent processing of data: In accordance with Article 15 GDPR, you have a right of access to information as to whether we process data about you. If this is the case, you have the right to receive a copy of the data and the following information the purpose for which we are processing; the categories, i.e. the types of data being processed; who receives this data and, if the data is transferred to third countries, how security can be guaranteed; how long the data will be stored; the existence of the right to rectification, erasure or restriction of processing and the right to object to processing; that you can lodge a complaint with a supervisory authority (links to these authorities can be found below); the origin of the data if we have not collected it from you; whether profiling is carried out, i.e. whether data is automatically evaluated in order to create a personal profile of you.

According to Article 16 GDPR, you have a right to rectification of data, which means that we must correct data if you find errors. According to Article 17 GDPR, you have the right to erasure (“right to be forgotten”), which specifically means that you may request the erasure of your data. According to Article 18 GDPR, you have the right to restriction of processing, which means that we may only store the data but not use it any further. According to Article 20 GDPR, you have the right to data portability, which means that we will provide you with your data in a commonly used format upon request. According to Article 21 GDPR, you have a right to object, which, once enforced, entails a
entails a change in processing. If the processing of your data is based on Article 6 para. 1 lit. e (public interest, exercise of official authority) or Article 6 para. 1 lit. f (legitimate interest),
you can object to the processing. We will then check as quickly as possible whether we can legally comply with this objection. If data is used for direct marketing purposes, you can object to this type of data processing at any time. We may then no longer use your data for direct marketing. If data is used for profiling, you can object to this type of data processing at any time. We may then no longer use your data for profiling.

Under Article 22 GDPR, you may have the right not to be subject to a decision based solely on automated processing (e.g. profiling).
According to Article 77 GDPR, you have the right to lodge a complaint. This means that you can lodge a complaint with the data protection authority at any time if you believe that the processing of personal data is in breach of the GDPR. In short: you have rights – do not hesitate to contact the controller listed above! If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any other way, you can complain to the supervisory authority. For Austria, this is the data protection authority, whose website can be found at https://www.dsb.gv.at/. In Germany, there is a data protection officer for each federal state. For more information, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).

The following local data protection authority is responsible for our company:

Baden-Württemberg Datenschutzbehörde
Landesbeauftragter für Datenschutz: Dr. Stefan Brink
Adresse: Königstraße 10a, 70173 Stuttgart
Telefonnr.: 07 11/61 55 41-0
E-Mail-Adresse: poststelle@lfdi.bwl.de
Website: https://www.baden-wuerttemberg.datenschutz.de/

Data transfer to third countries

We only transfer or process data to countries outside the EU (third countries) if you consent to this processing, if this is required by law or contract and in any case only to the extent that this is generally permitted. In most cases, your consent is the most important reason for us to process data in third countries. The processing of personal data in third countries such as the USA, where many software manufacturers offer services and have their server locations, may mean that personal data is processed and stored in unexpected ways. We expressly point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. Data processing by US services (such as Google Analytics) may result in data not being processed and stored anonymously. Furthermore, US government authorities may be able to access individual data. In addition, data collected may be linked to data from other services of the same provider if you have a corresponding user account. Where possible, we try to use server locations within the EU if this is offered. We will inform you in more detail about data transfer to third countries, if applicable, in the appropriate sections of this privacy policy.

Security of data processing

In order to protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymize personal data. In this way, we make it as difficult as possible for third parties to infer personal information from our data. Art. 25 GDPR refers to “data protection by design and by default”, meaning that we always think about security and take appropriate measures for both software (e.g. forms) and hardware (e.g. access to the server room). If necessary, we will discuss specific measures below..

TLS encryption with https
TLS, encryption and https sound very technical – and they are. We use HTTPS (the Hypertext Transfer Protocol Secure stands for “secure hypertext transfer protocol”) to transmit data tap-proof on the Internet. This means that the complete transmission of all data from your browser to our web server is secured – nobody can “listen in”. We have thus introduced an additional layer of security and comply with data protection by design (Article 25(1) GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this data transmission security by the small lock symbol at the top left of the browser, to the left of the Internet address (e.g. examplepage.com) and the use of the https scheme (instead of http) as part of our Internet address. If you would like to know more about encryption, we recommend a Google search for “Hypertext Transfer Protocol Secure wiki” to find good links to further information.

Communication

Communication summary
Data subjects: Anyone who communicates with us by telephone, email or online form
Data processed: e.g. telephone number, name, email address, form data entered. You can find more details on this in the respective contact type used
Purpose: Processing communication with customers, business partners, etc.
Storage duration: Duration of the business case and the statutory provisions
Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. b GDPR
(contract), Art. 6 para. 1 lit. f GDPR (legitimate interests)

Wenn Sie mit uns Kontakt aufnehmen und per Telefon, E-Mail oder Online-Formular kommunizieren, kann es zur Verarbeitung personenbezogener Daten kommen. Die Daten werden für die Abwicklung und Bearbeitung Ihrer Frage und des damit zusammenhängenden Geschäftsvorgangs verarbeitet. Die Daten während eben solange gespeichert bzw. solange es das Gesetz vorschreibt.

Betroffene Personen
Von den genannten Vorgängen sind alle betroffen, die über die von uns bereit gestellten Kommunikationswege den Kontakt zu uns suchen.

Telefon
Wenn Sie uns anrufen, werden die Anrufdaten auf dem jeweiligen Endgerät und beim eingesetzten Telekommunikationsanbieter pseudonymisiert gespeichert. Außerdem können Daten wie Name und Telefonnummer im Anschluss per E-Mail versendet und zur Anfragebeantwortung gespeichert werden. Die Daten werden gelöscht, sobald der Geschäftsfall beendet wurde und es gesetzliche Vorgaben erlauben.

E-Mail
Wenn Sie mit uns per E-Mail kommunizieren, werden Daten gegebenenfalls auf dem jeweiligen Endgerät (Computer, Laptop, Smartphone,…) gespeichert und es kommt zur Speicherung von Daten auf dem E-Mail-Server. Die Daten werden gelöscht, sobald der Geschäftsfall beendet wurde und es gesetzliche Vorgaben erlauben.

Online Formulare
Wenn Sie mit uns mittels Online-Formular kommunizieren, werden Daten auf unserem Webserver gespeichert und gegebenenfalls an eine E-Mail-Adresse von uns weitergeleitet. Die Daten werden gelöscht, sobald der Geschäftsfall beendet wurde und es gesetzliche Vorgaben erlauben.

 Rechtsgrundlage
Die Verarbeitung der Daten basiert auf den folgenden Rechtsgrundlagen:

Art. 6 Abs. 1 lit. a DSGVO (Einwilligung): Sie geben uns die Einwilligung Ihre Daten zu speichern und weiter für den Geschäftsfall betreffende Zwecke zu verwenden;

Art. 6 Abs. 1 lit. b DSGVO (Vertrag): Es besteht die Notwendigkeit für die Erfüllung eines Vertrags mit Ihnen oder einem Auftragsverarbeiter wie z. B. dem Telefonanbieter oder wir müssen die Daten für vorvertragliche Tätigkeiten, wie z. B. die Vorbereitung eines Angebots, verarbeiten;

Art. 6 Abs. 1 lit. f DSGVO (Berechtigte Interessen): Wir wollen Kundenanfragen und geschäftliche Kommunikation in einem professionellen Rahmen betreiben. Dazu sind gewisse technische Einrichtungen wie z. B. E-Mail-Programme, Exchange-Server und Mobilfunkbetreiber notwendig, um die Kommunikation effizient betreiben zu können.

Cookies

Cookies summary

Affected parties: Visitors to the website Purpose: depending on the cookie. More details can be found below or from the manufacturer of the software that sets the cookie.
Processed data: Depending on the cookie used. You can find more details on this below or from the manufacturer of the software that sets the cookie. Storage duration: depending on the cookie, can vary from hours to years Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit.f GDPR (legitimate interests) What are cookies?
Our website uses HTTP cookies to store user-specific data. Below we explain what cookies are and why they are used so that you can better understand the following privacy policy. Whenever you surf the internet, you use a browser. Well-known browsers are Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge, for example. Most websites store small text files in your browser. These files are called cookies. One thing cannot be denied: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are also other cookies for other areas of application. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder, the “brain” of your browser, so to speak. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified. Cookies store certain user data about you, such as language or personal page settings.

When you visit our site again, your browser transmits the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you the settings you are used to. In some browsers, each cookie has its own file; in others, such as Firefox, all cookies are stored in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “malware”. Cookies also cannot access information on your PC.

This is what cookie data can look like, for example:

Name: _ga
Value: GA1.2.1326744211.152312137656-9
Purpose: Differentiation of website visitors
Expiry date: after 2 years
A browser should be able to support these minimum sizes:
At least 4096 bytes per cookie
At least 50 cookies per domain
At least 3000 cookies in total What types of cookies are there?
The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the privacy policy. At this point we would like to briefly discuss the different types of HTTP cookies.

There are 4 types of cookies:

Essential cookies
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues browsing on other pages and only later goes to the checkout These cookies ensure that the shopping cart is not deleted even if the user closes their browser window.

Purposeful cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and behavior of the website on different browsers.

Targeted cookies
These cookies ensure better user-friendliness. For example, entered locations, font sizes or form data are saved.

Advertising cookies
These cookies are also called targeting cookies. They are used to deliver individually tailored advertising to the user. This can be very practical , but can also be very annoying. Usually, when you visit a website for the first time, you will be asked which of these types of cookies you would like to accept. And of course, this decision will also be saved in a cookie.

If you would like to know more about cookies and are not afraid of technical documentation, we recommend https://datatracker.ietf.org/doc/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism” .

Purpose of processing via cookies
The purpose ultimately depends on the respective cookie. You can find more details below or from the manufacturer of the software that sets the cookie.

What data is processed? Cookies are small helpers for many different tasks. Which Unfortunately, it is not possible to generalize about the data stored in cookies, but we will inform you about the data processed or stored in the following data protection declaration.

Storage period of cookies
The storage period depends on the respective cookie

Registration

Registration Summary
Affected persons: All persons who register, create an account, log in and use the
account.
Data processed: Email address, name, password and other data collected during registration, login and account use.
Purpose: Provision of our services. Communication with customers in connection with the services.
Storage period: As long as the company account linked to the texts exists and then usually 3 years.
Legal basis: Art. 6 Para. 1 lit. b GDPR (contract), Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests)
If you register with us, personal data may be processed if you enter data with personal reference or data such as the IP address is recorded during the
processing. You can read what we mean by the rather cumbersome term “personal data” below. Please only enter data that we need for registration and for which you have the approval of a third party if you are registering on behalf of a third party. If possible, use a secure password that you do not use anywhere else and an email address that you check regularly. Below we will inform you about the exact type of data processing, because we want you to feel comfortable with us! What is registration? When you register, we receive certain data from you and then enable you to easily log in online and use your account with us. An account with us has the advantage that you do not have to enter everything again every time. Saves time, effort and ultimately prevents errors in the provision of our services. Why do we process personal data? In short, we process personal data to enable the creation and use of an account with us. If we did not do this, you would have to enter all the data every time, wait for approval from us and enter everything again. We and many, many customers would not like that. How would you feel about that? Which data is processed?
All data that you provided during registration, enter when logging in or enter as part of managing your data in the account.
When registering, we process the following types of data:
First name
Last name
Email address
Company name
Street + house number
Place of residence
Postal code
Country
When registering, we process the data that you enter when logging in, such as user name and password, and data collected in the background, such as device information and IP addresses. When using the account, we process data that you enter while using the account and which is created when using our services. Storage period We store the data entered at least for as long as the account linked to the data exists and is used with us, as long as contractual obligations exist between us and, when the contract ends, until the respective claims arising from it have expired. In addition, we store your data as long as and to the extent that we are subject to legal obligations to store it. We then keep accounting documents (invoices, contract documents, bank statements, etc.) belonging to the contract for 10 years (§ 147 AO) and other relevant business documents for 6 years (§ 247 HGB) after they have been incurred.

Right of objection
Have you registered, entered data and would like to revoke the processing? No problem. As you can read above, the rights according to the General Data Protection Regulation
also apply during and after registration, login or account with us. Contact the person responsible for data protection above to exercise your rights. If
you already have an account with us, you can easily view or manage your data and texts in the account. Legal basis By completing the registration process, you approach us pre-contractually to conclude a user agreement via our platform (although a payment obligation does not automatically arise). You invest time to enter data and register and we offer you our services after logging into our system and viewing your customer account. We also fulfill our contractual obligations. Finally, we must keep registered users informed of important changes by email. This means that Art. 6 (1) (b) GDPR (implementation of pre-contractual measures, fulfillment of a contract) applies. If necessary, we will also obtain your consent, e.g. if you voluntarily provide more data than is absolutely necessary or if we are allowed to send you advertising. Art. 6 (1) (a) GDPR (consent) therefore applies. We also have a legitimate interest in knowing who we are dealing with in order to get in touch in certain cases. We also need to know who is using our services and whether they are being used as specified in our terms of use, so Art. 6 Paragraph 1 Letter f of GDPR (Legitimate Interests) applies.
Note: the following sections must be checked by users (as required):
Registration with real name
Since we need to know who we are dealing with in business operations, registration is only possible with your real name (real name) and not with pseudonyms.
Registration with pseudonyms Pseudonyms can be used when registering, i.e. you do not have to register with us with your real name. This ensures that we cannot process your name. Storage of the IP address During registration, login and account use, we store the IP address in the background for security reasons in order to be able to determine lawful use. Public profile The user profiles are publicly visible, i.e. parts of the profile can be seen on the Internet without specifying a user name and password. 2-factor authentication (2FA) Two-factor authentication (2FA) offers additional security when logging in, as it
prevents people from logging in without a smartphone, for example. This technical measure to secure your account protects you from the loss of data or unauthorized access
even if your user name and password are known. You will find out which 2FA is used when you register, log in and in the account itself.

Application data

Application data

Application data summary
Affected parties: Users who apply for a job with us
Purpose: Processing an application process
Data processed: Name, address, contact details, email address, telephone number, proof of qualifications (certificates), possibly data of special categories.
Storage period: if the application is successful, until the end of the employment relationship. Otherwise, the data will be deleted after the application process or stored for a certain period of time with your consent.
Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), legitimate interest (Art. 6 Para. 1 lit. f GDPR), Art. 6 Para. 1 lit. b GDPR (contract), Art. 9 Para. 2 lit. a. GDPR (processing of special categories)

What are application data?
You can apply for a job in our company by email, online form or via a recruiting tool. All data that we receive and process from you as part of an application is considered application data. In doing so, you always disclose personal data such as name, date of birth, address and telephone number.

Why do we process application data?

We process your data so that we can conduct a proper selection process for the advertised position. In addition, we are also happy to keep your application documents in our application archive. It often happens that a collaboration for the advertised position does not work out for a variety of reasons, but we are impressed by you and your application and can very well imagine working together in the future. If you give us your consent, we will archive your documents so that we can easily contact you for future tasks in our company. We guarantee that we will handle your data with particular care and only process your data within the legal framework. Within our company, too, your data will only be passed on to people who are directly involved with your application. In short: your data is safe with us!

What data is processed?
If, for example, you apply to us by email, we will of course also receive personal data, as mentioned above. Even the email address is considered personal data. However, only the data that is relevant to our decision as to whether or not we want to welcome you to our team is processed during the application process. The exact data that is processed depends primarily on the job advertisement. However, this usually includes names, dates of birth, contact details and proof of qualifications. If you submit your application using an online form, the data will be sent to us in encrypted form. If you send us your application by email, this encryption will not take place. We cannot therefore accept any responsibility for the method of transmission. However, as soon as the data is on our servers, we are responsible for the lawful handling of your data. During an application process, in addition to the data mentioned above, information about your health or ethnic origin may also be requested so that we and you can exercise the rights in relation to employment law, social security and social protection and at the same time comply with the corresponding obligations. This data
is special category data.
Here is a list of possible data that we receive and process from you:
Name
Contact address
Email address
Telephone number
Date of birth
Information from cover letters and CV
Evidence of qualifications (e.g.) Certificates
Special category data (e.g. ethnic origin, health data, religious
beliefs)
Usage data (websites visited, access data, etc.)
Metadata (IP address, device information)
How long is the data stored?
If we take you on as a team member in our company, your data will be further processed for the purpose of the employment relationship and will be kept with us at least until the employment relationship ends. All application documents will then be placed in your employee file.
If we do not offer you the job, you reject our offer or withdraw your application, we can retain your data for up to 6 months after the application process has been completed due to legitimate interest (Art. 6 Para. 1 lit. f GDPR). After that, both your electronic data and all data from physical application documents will be completely deleted or destroyed. We retain your data, for example, so that we can answer any queries or so that we can provide evidence of the application in the event of a legal dispute. If a legal dispute arises and we may still need the data after the 6 months have expired, we will retain your data for you.

, we will only delete the data when there is no longer any reason to retain it. If there are statutory retention periods to be met, we must generally store the data for longer than 6 months. We can also store your data for longer if you have given your special consent. We do this, for example, if we can imagine working with you in the future. Then it is helpful to have your data archived so that we can reach you easily. In this case, the data will be added to our applicant pool. Of course, you can revoke your consent to the longer storage of your data at any time. If you do not revoke your consent and do not give your new consent, your data will be deleted after 2 years at the latest.

The legal basis for the processing of your data is Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. b GDPR (contract or pre-contractual measures), Art. 6 Para. 1 lit. f GDPR (legitimate interests) and Art. 9 Para. 2 lit. a. GDPR (processing of special categories).
If we include you in our application tool, this is done on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). We would like to point out that your consent to our application pool is voluntary, has no influence on the application process and you have the option of revoking your consent at any time. The legality of the processing up to the time of revocation remains unaffected. In the event of the protection of vital interests, data processing takes place in accordance with Art. 9 Para. 2 lit. c. GDPR. For the purposes of healthcare, occupational medicine, medical diagnostics, care or treatment in the health or social sector or for the administration of systems and services in the health or social sector, personal data is processed in accordance with Art. 9 Para. 2 lit. h. GDPR. If you voluntarily provide data from special categories, processing takes place on the basis of Art. 9 Para. 2 lit. a. GDPR.

Webhosting Introduction

Web hosting summary

Affected parties: visitors to the website
Purpose: professional hosting of the website and securing operations Data processed: IP address, time of website visit, browser used and other data. You can find more details below or from the web hosting provider used.
Storage period: depends on the respective provider, but usually 2 weeks
Legal basis: Art. 6 Para. 1 lit.f GDPR (legitimate interests)

What is web hosting?
When you visit websites these days, certain information – including personal data – is automatically created and stored, including on this website. This data should be processed as sparingly as possible and only with justification. By website we mean the totality of all web pages on a domain, i.e. everything from the start page (homepage) to the very last subpage (like this one). By domain we mean example.de or musterbeispiel.com, for example. If you want to view a website on a computer, tablet or smartphone, you use a program called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox and Apple Safari. We call them browsers or web browsers for short. In order to display the website, the browser must connect to another computer where the website code is stored: the web server. Operating a web server is a complicated and time-consuming task, which is why it is usually done by professional providers. They offer web hosting and thus ensure that website data is stored reliably and error-free. A whole lot of technical terms, but please stay tuned, it gets even better! When the browser connects to your computer (desktop, laptop, tablet or smartphone) and during data transfer to and from the web server, personal data may be processed. On the one hand, your computer stores data, on the other hand, the web server also has to store data for a while to ensure proper operation.

Why do we process personal data?

The purposes of data processing are:
1. Professional hosting of the website and securing operations
2. To maintain operational and IT security
3. Anonymous evaluation of access behavior to improve our offering and, if necessary, to prosecute or pursue claims

What data is processed? Even while you are currently visiting our website, our web server, which is the computer on which this website is stored, usually automatically saves data such as the complete Internet address (URL) of the website accessed, browser and browser version (e.g. Chrome 87), the operating system used (e.g. Windows 10), the address (URL) of the previously visited page (referrer URL) (e.g. https://www.beispielquellsite.de/vondabinichgekommen/), the host name and IP address of the device from which access is made (e.g. COMPUTERNAME and 194.23.43.121), date and time
in files, the so-called web server log files

How long is data stored?
The above data is usually stored for two weeks and then automatically deleted. We do not pass this data on, but cannot rule out that this data will be viewed by authorities in the event of illegal behavior. In short: your visit is logged by our provider (company that runs our website on special computers (servers)), but we do not pass on your data without your consent!

Legal basis
The legality of the processing of personal data in the context of web hosting arises from Art. 6 Paragraph 1 Letter f of GDPR (protection of legitimate interests), because the use of professional hosting with a provider is necessary in order to present the company on the Internet in a secure and user-friendly manner and to be able to pursue attacks and claims arising from this if necessary. There is usually a contract for order processing between us and the hosting provider in accordance with Art. 28 f. GDPR, which ensures compliance with data protection and guarantees data security.

World4You data protection declaration
We use World4You, among other things a web hosting provider, for our website. The service provider is the Austrian company World4You Internet Services GmbH, Hafenstrasse 35, 4020 Linz, Austria.
You can find out more about the data processed through the use of World4You in the privacy policy at https://www.world4you.com/de/unternehmen/datenschutzerklaerung.html.

Website Modular Systems Introduction

Website modular systems data protection declaration

Summary
Affected parties: Visitors to the website
Purpose: Optimization of our service
Data processed: Data such as technical usage information such as browser activity, clickstream activities, session heatmaps as well as contact details, IP address or your geographical location. You can find more details about this further down in this data protection declaration and in the data protection declaration of the providers.
Storage period: depends on the provider Legal basis: Art. 6 Para. 1 lit. f GDPR (legitimate interests), Art. 6 Para. 1 lit. a GDPR (consent)

What are website modular systems?
We use a website modular system for our website. Modular systems are special forms of a content management system (CMS). With a modular system, website operators can create a website very easily and without any programming knowledge. In many cases, web hosts also offer modular systems. By using a modular system, personal data can also be collected, stored and processed from you. In this data protection text we give you general information about data processing by modular systems. You can find more information in the provider’s privacy policy.

Why do we use website construction kit systems for our website?

The biggest advantage of a construction kit system is its ease of use. We want to offer you a clear, simple and well-organized website that we can easily operate and maintain ourselves – without external support. A construction kit system now offers many helpful functions that we can use even without programming knowledge. This allows us to design our web presence according to our wishes and offer you an informative and pleasant time on our website.

What data is stored by a construction kit system?
Of course, which data is stored exactly depends on the website construction kit system used. Each provider processes and collects different data from website visitors. However, technical usage information such as operating system, browser, screen resolution, language and keyboard settings, hosting provider and the date of your website visit are usually collected. Tracking data (e.g. browser activity, clickstream activities, session heatmaps, etc.) can also be processed. Personal data can also be collected and stored. This usually involves contact details such as email address, telephone number (if you have provided this), IP address and geographical location data. You can find out exactly which data is stored in the provider’s privacy policy.

How long and where is the data stored?

We will inform you about the duration of data processing below in connection with the website modular system used, provided we have further information about it. You can find detailed information about this in the provider’s privacy policy. In general, we only process personal data for as long as it is absolutely necessary to provide our services and products. The provider may store data about you according to its own specifications, over which we have no influence.

Right of objection
You always have the right to information, correction and deletion of your personal data. If you have any questions, you can also contact the person responsible for the website modular system used at any time. You can find contact details either in our privacy policy or on the website of the relevant provider. You can delete, deactivate or manage cookies that providers use for their functions in your browser. Depending on which browser you use, this works in different ways. Please note, however, that not all functions may then work as usual.

Legal basis
We have a legitimate interest in using a website modular system to optimize our online service and to present it to you in an efficient and user-friendly manner. The legal basis for this is Art. 6 Para. 1 lit. f GDPR (legitimate interests). However, we only use the modular system if you have given your consent. If the processing of data is not absolutely necessary for the operation of the website, the data will only be processed on the basis of your consent. This particularly applies to tracking activities. The legal basis in this respect is Art. 6 Para. 1 lit. a GDPR. With this data protection declaration, we have provided you with the most important general information about data processing. If you would like to find out more about this, you will find further information – if available – in the following section or in the provider’s data protection declaration.

WordPress.com Dat

Declaration of privacy
We use WordPress.com, a website construction system, for our website. The service provider is the American company Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA. WordPress processes your data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can entail various risks for the legality and security of data processing. WordPress uses so-called standard contractual clauses (= Art. 46. Para. 2 and 3 GDPR) as the basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries (such as the USA). Through these clauses, WordPress undertakes to comply with European data protection standards when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de The data processing agreements, which correspond to the standard contractual clauses, can be found at https://wordpress.com/support/data-processing-agreements/. You can find out more about the data processed through the use of WordPress.com in the privacy policy at https://automattic.com/de/privacy/.

Audio & Video Introduction

Audio & Video Data Protection Statement Summary
Affected parties: Visitors to the website
Purpose: Optimization of our service
Data processed: Data such as contact details, data on user behavior, information about your device and your IP address can be stored. You can find more details about this below in the corresponding data protection texts.
Storage period: Data is generally stored as long as it is necessary for the purpose of the service
Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests)

What are audio and video elements?
We have integrated audio and video elements on our website so that you can watch videos or listen to music/podcasts directly via our website. The content is provided by service providers. All content is therefore also obtained from the relevant
servers of the providers. These are integrated functional elements from platforms such as YouTube, Vimeo or Spotify. The use of these portals is usually free of charge, but paid content can also be published. With the help of these integrated elements, you can listen to or watch the respective content on our website. If you use audio or video elements on our website, your personal data may also be transmitted to the service providers, processed and stored.

Why do we use audio & video elements on our website?
Of course we want to give you the best offer on our website. And we are aware that content is no longer just conveyed in text and static images. Instead of simply giving you a link to a video, we offer you audio and video formats directly on our website that are entertaining or informative and ideally even both. This expands our service and makes it easier for you to access interesting content. In addition to our texts and images, we also offer video and/or audio content.

What data is stored by audio & video elements?

When you access a page on our website that has an embedded video, for example, your server connects to the service provider’s server. Your data is also transferred to the third-party provider and stored there. Some data is collected and stored regardless of whether you have an account with the third-party provider or not. This usually includes your IP address, browser type, operating system, and other general information about your device. Most providers also collect information about your web activity. This includes session duration, bounce rate, which button you clicked on, or which website you used to use the service. All of this information is usually stored via cookies or pixel tags (also known as web beacons). Pseudonymized data is usually stored in cookies in your browser. You can always find out exactly which data is stored and processed in the privacy policy of the respective provider.

Duration of data processing
You can find out exactly how long the data is stored on the third-party providers’ servers either further down in the privacy text of the respective tool or in the provider’s privacy policy. In principle, personal data is only processed for as long as it is absolutely necessary to provide our services or products. This usually also applies to third-party providers. You can usually assume that certain data will be stored on the third-party providers’ servers for several years. Data can be stored for different lengths of time, especially in cookies. Some cookies are deleted as soon as you leave the website, others can be stored in your browser for several years.

Right of objection
You also have the right and the option to revoke your consent to the use of cookies or third-party providers at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection through cookies by managing, deactivating or deleting cookies in your browser. The legality of the processing until revocation remains unaffected. Since the integrated audio and video functions on our site usually also use cookies, you should also read our general data protection declaration on cookies. In the data protection declarations of the respective third-party providers you can find out more about how your data is handled and stored.

Legal basis
If you have consented that your data can be processed and stored through integrated audio and video elements, this consent is the legal basis for data processing (Art. 6 Para. 1 lit. a GDPR).

In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 Para. 1 lit. f GDPR) in fast and good communication with you or other customers and business partners. However, we only use the integrated audio and video elements if you have given your consent.

YouTube data protection declaration
YouTube data protection declaration summary
Affected parties: Visitors to the website
Purpose: Optimization of our service
Data processed: Data such as contact details, data on user behavior, information about your device and your IP address can be stored. You can find more details about this further down in this data protection declaration.
Storage period: Data is generally stored as long as it is necessary for the purpose of the service
Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR
(legitimate interests)

What is YouTube?
We have integrated YouTube videos on our website. This allows us to present you with interesting videos directly on our site. YouTube is a video portal that has been a subsidiary of Google since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page on our website that has an embedded YouTube video, your browser automatically connects to the YouTube or Google servers. Various data is transferred (depending on the settings). Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all data processing in Europe. Below we want to explain in more detail which data is processed, why we have embedded YouTube videos and how you can manage or delete your data. On YouTube, users can watch, rate, comment on and upload videos themselves for free. Over the last few years, YouTube has become one of the most important social media channels in the world. So that we can display videos on our website, YouTube provides a code snippet that we have integrated into our site.

Why do we use YouTube videos on our website?

YouTube is the video platform with the most visitors and the best content. We strive to offer you the best possible user experience on our website. And of course, interesting videos are a must. With the help of our embedded videos, we provide you with other helpful content in addition to our texts and images. In addition, our website is easier to find on the Google search engine thanks to the embedded videos. Even if we place advertisements via Google Ads, Google can – thanks to the data collected – only show these ads to people who are interested in our offers.

What data is stored by YouTube?

As soon as you visit one of our pages that has a YouTube video embedded, YouTube sets at least one cookie that stores your IP address and our URL. If you are logged into your YouTube account, YouTube can usually assign your interactions on our website to your profile using cookies. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution or your internet provider. Other data can be contact details, any ratings, sharing content via social media or adding it to your favorites on YouTube. If you are not logged into a Google account or a YouTube account, Google stores data with a unique identifier that is linked to your device, browser or app. For example, your preferred language setting is retained. But a lot of interaction data cannot be saved because fewer cookies are set. In the following list we show cookies that were set in a test in the browser. On the one hand, we show cookies that are set without a logged-in YouTube account. On the other hand, we show cookies that are set with a logged-in account. The list cannot claim to be complete because the user data always depends on the interactions on YouTube.
Name: YSC
Value: b9-CV6ojI5Y312137656-1
Purpose: This cookie registers a unique ID in order to save statistics about the video you have watched.
Expiry date: after the end of the session
Name: PREF
Value: f1 = 50000000
Purpose: This cookie also registers your unique ID. Google receives statistics about how you use YouTube videos on our website via PREF.
Expiry date: after 8 months
Name: GPS
Value: 1
Purpose: This cookie registers your unique ID on mobile devices in order to track the
GPS location.
Expiry date: after 30 minutes
Name: VISITOR_INFO1_LIVE
Value: 95Chz8bagyU
Purpose: This cookie attempts to increase the user’s bandwidth on our websites (with
built-in You

Tube video).
Expiry date: after 8 months
Other cookies that are set when you are logged in with your YouTube account:
Name: APISID
Value: zILlvClZSkqGsSwI/AU1aZI6HY7312137656-
Purpose: This cookie is used to create a profile of your interests. The data is used for personalized advertisements.
Expiry date: after 2 years
Name: CONSENT
Value: YES+AT.de+20150628-20-0
Purpose: The cookie stores the status of a user’s consent to use various Google services. CONSENT is also used for security purposes to verify users and protect user data from unauthorized attacks.
Expiry date: after 19 years
Name: HSID
Value: AcRwpgUik9Dveht0I
Purpose: This cookie is used to create a profile of your interests. This data helps to display personalized advertising.
Expiry date: after 2 years
Name: LOGIN_INFO
Value: AFmmF2swRQIhALl6aL…
Purpose: This cookie stores information about your login data.
Expiry date: after 2 years
Name: SAPISID
Value: 7oaPxoG-pZsJuuF5/AnUdDUIsJ9iJz2vdM
Purpose: This cookie works by uniquely identifying your browser and device. It is used to create a profile of your interests.
Expiry date: after 2 years
Name: SID
Value: oQfNKjAsI312137656-
Purpose: This cookie stores your Google account ID and your last login time in digitally signed and encrypted form.
Expiry date: after 2 years
Name: SIDCC
Value: AN0-TYuqub2JOcDTyL
Purpose: This cookie stores information about how you use the website and what advertising you may have seen before visiting our site.
Expiry date: after 3 months
How long and where is the data stored?
The data that YouTube receives and processes from you is stored on Google servers. Most of these servers are located in America. At https://www.google.com/about/datacenters/locations/?hl=de you can see exactly where the Google data centers are located. Your data is distributed across the servers. This means that the data can be accessed more quickly and is better protected against manipulation. Google stores the data collected for different lengths of time. You can delete some data at any time, others are automatically deleted after a limited time, and others are stored by Google for a longer period of time. Some data (such as items from “My Activity”, photos or documents, products) that are stored in your Google account remain stored until you delete it. Even if you are not logged into a Google account, you can delete some data associated with your device, browser or app.

How can I delete my data or prevent data storage?
In principle, you can delete data in your Google account manually. With the automatic deletion function for location and activity data introduced in 2019, information is stored for either 3 or 18 months and then deleted, depending on your decision. Regardless of whether you have a Google account or not, you can configure your browser to delete or deactivate cookies from Google. Depending on which browser you use, this works in different ways. Under the “Cookies” section you will find the relevant links to the respective instructions for the most popular browsers. If you do not want cookies at all, you can set up your browser so that it always informs you when a cookie is to be set. This way you can decide for each individual cookie whether to allow it or not.
Legal basis If you have consented that your data can be processed and stored by embedded YouTube elements, this consent is the legal basis for data processing (Art. 6 Para. 1 lit. a GDPR). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 Para. 1 lit. f GDPR) in fast and effective communication with you or other customers and business partners. However, we only use the embedded YouTube elements if you have given your consent. YouTube also sets cookies in your browser to store data. We therefore recommend that you read our privacy policy on cookies carefully and view the privacy policy or cookie guidelines of the respective service provider. YouTube also processes data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can involve various risks for the legality and security of data processing. The basis for data processing for recipients located in third countries (outside the European Union, Iceland, Liechtenstein in, Norway, i.e. in particular in the USA) or data is transferred there, YouTube uses standard contractual clauses approved by the EU Commission (= Art. 46. Para. 2 and 3 GDPR). These clauses oblige YouTube to comply with the EU data protection level when processing relevant data outside the EU. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the clauses here, among other places: https://germany.representation.ec.europa.eu/index_de. Since YouTube is a subsidiary of Google, there is a joint data protection declaration. If you would like to find out more about how your data is handled, we recommend that you read the data protection declaration at https://policies.google.com/privacy?hl=de.

Web Analytics

Web Analytics Einleitung

Web Analytics Datenschutzerklärung Zusammenfassung
Betroffene: Besucher der Website
Zweck: Auswertung der Besucherinformationen zur Optimierung des Webangebots.
Verarbeitete Daten: Zugriffsstatistiken, die Daten wie Standorte der Zugriffe, Gerätedaten, Zugriffsdauer und Zeitpunkt, Navigationsverhalten, Klickverhalten und IP-Adressen enthalten. Mehr Details dazu finden Sie beim jeweils eingesetzten Web Analytics Tool.
Speicherdauer: abhängig vom eingesetzten Web-Analytics-Tool
Rechtsgrundlagen: Art. 6 Abs. 1 lit. a DSGVO (Einwilligung), Art. 6 Abs. 1 lit. f DSGVO (Berechtigte Interessen)

Was ist Web Analytics?
Wir verwenden auf unserer Website Software zur Auswertung des Verhaltens der WebsiteBesucher, kurz Web Analytics oder Web-Analyse genannt. Dabei werden Daten gesammelt, die der jeweilige Analytic-Tool-Anbieter (auch Trackingtool genannt) speichert, verwaltet und verarbeitet. Mit Hilfe der Daten werden Analysen über das Nutzerverhalten auf unserer Website erstellt und uns als Websitebetreiber zur Verfügung gestellt. Zusätzlich bieten die meisten Tools verschiedene Testmöglichkeiten an. So können wir etwa testen, welche Angebote oder Inhalte bei unseren Besuchern am besten ankommen. Dafür zeigen wir Ihnen für einen begrenzten Zeitabschnitt zwei verschiedene Angebote. Nach dem Test (sogenannter A/B-Test) wissen wir, welches Produkt bzw.
welcher Inhalt unsere Websitebesucher interessanter finden. Für solche Testverfahren, wie auch für andere Analytics-Verfahren, können auch Userprofile erstellt werden und die Daten in Cookies gespeichert werden.

Warum betreiben wir Web Analytics?
Mit unserer Website haben wir ein klares Ziel vor Augen: wir wollen für unsere Branche das beste Webangebot auf dem Markt liefern. Um dieses Ziel zu erreichen, wollen wir einerseits das beste und interessanteste Angebot bieten und andererseits darauf achten, dass Sie sich auf unserer Website rundum wohlfühlen. Mit Hilfe von Webanalyse-Tools können wir das Verhalten unserer Websitebesucher genauer unter die Lupe nehmen und dann entsprechend unser Webangebot für Sie und uns verbessern. So können wir beispielsweise erkennen wie alt unsere Besucher durchschnittlich sind, woher sie kommen, wann unsere Website am meisten besucht wird oder welche Inhalte oder Produkte besonders beliebt sind. All diese Informationen helfen uns die Website zu optimieren und somit bestens an Ihre Bedürfnisse, Interessen und Wünsche anzupassen.

Welche Daten werden verarbeitet?
Welche Daten genau gespeichert werden, hängt natürlich von den verwendeten Analyse-Tools ab. Doch in der Regel wird zum Beispiel gespeichert, welche Inhalte Sie auf unserer Website ansehen, auf welche Buttons oder Links Sie klicken, wann Sie eine Seite aufrufen, welchen Browser sie verwenden, mit welchem Gerät (PC, Tablet, Smartphone usw.) Sie die Website besuchen oder welches Computersystem Sie verwenden. Wenn Sie damit einverstanden waren, dass auch Standortdaten erhoben werden dürfen, können auch diese durch den Webanalyse-Tool-Anbieter verarbeitet werden. Zudem wird auch Ihre IP-Adresse gespeichert. Gemäß der Datenschutz-Grundverordnung (DSGVO) sind IP-Adressen personenbezogene Daten. Ihre IP-Adresse wird allerdings in der Regel pseudonymisiert (also in unkenntlicher und gekürzter Form) gespeichert. Für den Zweck der Tests, der Webanalyse und der Weboptimierung werden grundsätzlich keine direkten Daten, wie etwa Ihr Name, Ihr Alter, Ihre Adresse oder Ihre E-Mail-Adresse gespeichert. All diese Daten werden, sofern sie erhoben werden, pseudonymisiert gespeichert. So können Sie als Person nicht identifiziert werden.

Wie lange die jeweiligen Daten gespeichert werden, hängt immer vom Anbieter ab. Manche Cookies speichern Daten nur für ein paar Minuten bzw. bis Sie die Website wieder verlassen, andere Cookies können Daten über mehrere Jahre speichern.

Dauer der Datenverarbeitung
Über die Dauer der Datenverarbeitung informieren wir Sie weiter unten, sofern wir weitere Informationen dazu haben. Generell verarbeiten wir personenbezogene Daten nur so lange wie es für die Bereitstellung unserer Dienstleistungen und Produkte unbedingt notwendig ist. Wenn es, wie zum Beispiel im Fall von Buchhaltung, gesetzlich vorgeschrieben ist, kann diese Speicherdauer auch überschritten werden.

Widerspruchsrecht
Sie haben auch jederzeit das Recht und die Möglichkeit Ihre Einwilligung zur Verwendung von Cookies bzw. Drittanbietern zu widerrufen. Das funktioniert entweder über unser CookieManagement-Tool oder über andere Opt-Out-Funktionen. Zum Beispiel können Sie auch die Datenerfassung durch Cookies verhindern, indem Sie in Ihrem Browser die Cookies verwalten, deaktivieren oder löschen.

Rechtsgrundlage
Der Einsatz von Web-Analytics setzt Ihre Einwilligung voraus, welche wir mit unserem Cookie Popup eingeholt haben. Diese Einwilligung stellt laut Art. 6 Abs. 1 lit. a DSGVO (Einwilligung) die Rechtsgrundlage für die Verarbeitung personenbezogener Daten, wie sie bei der Erfassung durch Web-Analytics Tools vorkommen kann, dar.  Zusätzlich zur Einwilligung besteht von unserer Seite ein berechtigtes Interesse daran, das Verhalten der Websitebesucher zu analysieren und so unser Angebot technisch und wirtschaftlich zu verbessern. Mit Hilfe von Web-Analytics erkennen wir Fehler der Website, können Attacken identifizieren und die Wirtschaftlichkeit verbessern. Die Rechtsgrundlage dafür ist Art. 6 Abs. 1 lit. f DSGVO (Berechtigte Interessen). Wir setzen die Tools gleichwohl nur ein, soweit sie eine Einwilligung erteilt haben. Da bei Web-Analytics-Tools Cookies zum Einsatz kommen, empfehlen wir Ihnen auch das Lesen unserer allgemeinen Datenschutzerklärung zu Cookies. Um zu erfahren, welche Daten von Ihnen genau gespeichert und verarbeitet werden, sollten Sie die Datenschutzerklärungen der jeweiligen Tools durchlesen. Informationen zu speziellen Web-Analytics-Tools, erhalten Sie – sofern vorhanden  – in den folgenden Abschnitten.

Google Analytics Datenschutzerklärung

Google Analytics Datenschutzerklärung Zusammenfassung
Betroffene: Besucher der Website
Zweck: Auswertung der Besucherinformationen zur Optimierung des Webangebots.
Verarbeitete Daten: Zugriffsstatistiken, die Daten wie Standorte der Zugriffe, Gerätedaten, Zugriffsdauer und Zeitpunkt, Navigationsverhalten, Klickverhalten und IP-Adressen enthalten. Mehr Details dazu finden Sie weiter unten in dieser Datenschutzerklärung.
Speicherdauer: abhängig von den verwendeten Properties
Rechtsgrundlagen: Art. 6 Abs. 1 lit. a DSGVO (Einwilligung), Art. 6 Abs. 1 lit. f DSGVO (Berechtigte Interessen)

Was ist Google Analytics?
Wir verwenden auf unserer Website das Analyse-Tracking Tool Google Analytics (GA) des amerikanischen Unternehmens Google Inc. Für den europäischen Raum ist das Unternehmen Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Irland) für alle Google-Dienste verantwortlich. Google Analytics sammelt Daten über Ihre Handlungen auf unserer Website. Wenn Sie beispielsweise einen Link anklicken, wird diese Aktion in einem Cookie gespeichert und an Google Analytics versandt. Mithilfe der Berichte, die wir von Google Analytics erhalten, können wir unsere Website und unser Service besser an Ihre Wünsche anpassen. Im Folgenden gehen wir näher auf das Tracking-Tool ein und informieren Sie vor allem darüber, welche Daten gespeichert werden und wie Sie das verhindern können. Google Analytics ist ein Trackingtool, das der Datenverkehrsanalyse unserer Website dient. Damit Google Analytics funktioniert, wird ein Tracking-Code in den Code unserer Website eingebaut. Wenn Sie unsere Website besuchen, zeichnet dieser Code verschiedene Handlungen auf, die Sie auf unserer Website ausführen. Sobald Sie unsere Website verlassen, werden diese Daten an die Google-Analytics-Server gesendet und dort gespeichert. Google verarbeitet die Daten und wir bekommen Berichte über Ihr Userverhalten. Dabei kann es sich unter anderem um folgende Berichte handeln:
Zielgruppenberichte: Über Zielgruppenberichte lernen wir unsere User besser kennen und wissen genauer, wer sich für unser Service interessiert.
Anzeigeberichte: Durch Anzeigeberichte können wir unsere Onlinewerbung leichter analysieren und verbessern.
Akquisitionsberichte: Akquisitionsberichte geben uns hilfreiche Informationen darüber, wie wir mehr Menschen für unser Service begeistern können.
Verhaltensberichte: Hier erfahren wir, wie Sie mit unserer Website interagieren. Wir können nachvollziehen welchen Weg Sie auf unserer Seite zurücklegen und welche Links Sie anklicken.
Conversionsberichte: Conversion nennt man einen Vorgang, bei dem Sie aufgrund einer Marketing-Botschaft eine gewünschte Handlung ausführen. Zum Beispiel, wenn Sie von einem reinen Websitebesucher zu einem Käufer oder Newsletter-Abonnent werden. Mithilfe dieser Berichte erfahren wir mehr darüber, wie unsere Marketing-Maßnahmen bei Ihnen ankommen. So wollen wir unsere Conversionrate steigern.
Echtzeitberichte: Hier erfahren wir immer sofort, was gerade auf unserer Website passiert. Zum Beispiel sehen wir wie viele User gerade diesen Text lesen.

Warum verwenden wir Google Analytics auf unserer Website?

Unser Ziel mit dieser Website ist klar: Wir wollen Ihnen das bestmögliche Service bieten. Die Statistiken und Daten von Google Analytics helfen uns dieses Ziel zu erreichen. Die statistisch ausgewerteten Daten zeigen uns ein klares Bild von den Stärken und Schwächen unserer Website. Einerseits können wir unsere Seite so optimieren, dass sie von interessierten Menschen auf Google leichter gefunden wird. Andererseits helfen uns die Daten, Sie als Besucher besser zu verstehen. Wir wissen somit sehr genau, was wir an unserer Website verbessern müssen, um Ihnen das bestmögliche Service zu bieten. Die Daten dienen uns auch, unsere Werbe- und Marketing-Maßnahmen individueller und kostengünstiger durchzuführen. Schließlich macht es nur Sinn, unsere Produkte und Dienstleistungen Menschen zu zeigen, die sich dafür interessieren.

Welche Daten werden von Google Analytics gespeichert?
Google Analytics erstellt mithilfe eines Tracking-Codes eine zufällige, eindeutige ID, die mit Ihrem Browser-Cookie verbunden ist. So erkennt Sie Google Analytics als neuen User. Wenn Sie das nächste Mal unsere Seite besuchen, werden Sie als „wiederkehrender“ User erkannt. Alle gesammelten Daten werden gemeinsam mit dieser User-ID gespeichert. So ist es überhaupt erst möglich pseudonyme Userprofile auszuwerten. Um mit Google Analytics unsere Website analysieren zu können, muss eine Property-ID in den Tracking-Code eingefügt werden. Die Daten werden dann in der entsprechenden Property gespeichert. Für jede neu angelegte Property ist die Google Analytics 4-Property standardmäßig. Alternativ kann man aber auch noch die Universal Analytics Property erstellen. Je nach verwendeter Property werden Daten unterschiedlich lange gespeichert. Durch Kennzeichnungen wie Cookies und App-Instanz-IDs werden Ihre Interaktionen auf unserer Website gemessen. Interaktionen sind alle Arten von Handlungen, die Sie auf unserer Website ausführen. Wenn Sie auch andere Google-Systeme (wie z.B. ein Google-Konto) nützen, können über Google Analytics generierte Daten mit Drittanbieter-Cookies verknüpft werden. Google gibt keine Google Analytics-Daten weiter, außer wir als Websitebetreiber genehmigen das. Zu Ausnahmen kann es kommen, wenn es gesetzlich erforderlich ist.
Folgende Cookies werden von Google Analytics verwendet:
Name: _ga
Wert: 2.1326744211.152312137656-5
Verwendungszweck: Standardmäßig verwendet analytics.js das Cookie _ga, um die User-ID zu speichern. Grundsätzlich dient es zur Unterscheidung der Webseitenbesucher.
Ablaufdatum: nach 2 Jahren
Name: _gid
Wert: 2.1687193234.152312137656-1
Verwendungszweck: Das Cookie dient auch zur Unterscheidung der Webseitenbesucher
Ablaufdatum: nach 24 Stunden
Name: _gat_gtag_UA_<property-id>
Wert: 1
Verwendungszweck: Wird zum Senken der Anforderungsrate verwendet. Wenn Google Analytics über den Google Tag Manager bereitgestellt wird, erhält dieser Cookie den Namen _dc_gtm_<property-id>.
Ablaufdatum: nach 1 Minute
Name: AMP_TOKEN
Wert: keine Angaben
Verwendungszweck: Das Cookie hat einen Token, mit dem eine User ID vom AMP-Client-ID-Dienst abgerufen werden kann. Andere mögliche Werte weisen auf eine Abmeldung, eine Anfrage oder einen Fehler hin.
Ablaufdatum: nach 30 Sekunden bis zu einem Jahr
Name: __utma
Wert: 1564498958.1564498958.1564498958.1
Verwendungszweck: Mit diesem Cookie kann man Ihr Verhalten auf der Website verfolgen und die Leistung messen. Das Cookie wird jedes Mal aktualisiert, wenn Informationen an Google Analytics gesendet werden.
Ablaufdatum: nach 2 Jahren
Name: __utmt
Wert: 1
Verwendungszweck: Das Cookie wird wie _gat_gtag_UA_<property-id> zum Drosseln der Anforderungsrate verwendet.
Ablaufdatum: nach 10 Minuten
Name: __utmb
Wert: 3.10.1564498958
Verwendungszweck: Dieses Cookie wird verwendet, um neue Sitzungen zu bestimmen. Es wird jedes Mal aktualisiert, wenn neue Daten bzw. Infos an Google Analytics gesendet werden.
Ablaufdatum: nach 30 Minuten
Name: __utmc
Wert: 167421564
Verwendungszweck: Dieses Cookie wird verwendet, um neue Sitzungen für wiederkehrende Besucher festzulegen. Dabei handelt es sich um ein Session-Cookie und wird nur solange gespeichert, bis Sie den Browser wieder schließen.
Ablaufdatum: Nach Schließung des Browsers
Name: __utmz
Wert: m|utmccn=(referral)|utmcmd=referral|utmcct=/
Verwendungszweck: Das Cookie wird verwendet, um die Quelle des Besucheraufkommens auf unserer Website zu identifizieren. Das heißt, das Cookie speichert, von wo Sie auf unsere Website gekommen sind. Das kann eine andere Seite bzw. eine Werbeschaltung gewesen sein.
Ablaufdatum: nach 6 Monaten
Name: __utmv
Wert: keine Angabe
Verwendungszweck: Das Cookie wird verwendet, um benutzerdefinierte Userdaten zu speichern.
Es wird immer aktualisiert, wenn Informationen an Google Analytics gesendet werden. Ablaufdatum: nach 2 Jahren
Anmerkung: Diese Aufzählung kann keinen Anspruch auf Vollständigkeit erheben, da Google die Wahl ihrer Cookies immer wieder auch verändert.
Hier zeigen wir Ihnen einen Überblick über die wichtigsten Daten, die mit Google Analytics erhoben werden:
Heatmaps: Google legt sogenannte Heatmaps an. Über Heatmaps sieht man genau jene Bereiche, die Sie anklicken. So bekommen wir Informationen, wo Sie auf unserer Seite „unterwegs“ sind.
Sitzungsdauer: Als Sitzungsdauer bezeichnet Google die Zeit, die Sie auf unserer Seite verbringen, ohne die Seite zu verlassen. Wenn Sie 20 Minuten inaktiv waren, endet die Sitzung automatisch.
Absprungrate (engl. Bouncerate): Von einem Absprung ist die Rede, wenn Sie auf unserer Website nur eine Seite ansehen und dann unsere Website wieder verlassen.
Kontoerstellung: Wenn Sie auf unserer Website ein Konto erstellen bzw. eine Bestellung machen, erhebt Google Analytics diese Daten.
IP-Adresse: Die IP-Adresse wird nur in gekürzter Form dargestellt, damit keine eindeutige Zuordnung möglich ist.
Standort: Über die IP-Adresse kann das Land und Ihr ungefährer Standort bestimmt werden. Diesen Vorgang bezeichnet man auch als IP- Standortbestimmung.
Technische Informationen: Zu den technischen Informationen zählen unter anderem Ihr Browsertyp, Ihr Internetanbieter oder Ihre Bildschirmauflösung.
Herkunftsquelle: Google Analytics beziehungsweise uns interessiert natürlich auch über welche Website oder welche Werbung Sie auf unsere Seite gekommen sind. Weitere Daten sind Kontaktdaten, etwaige Bewertungen, das Abspielen von Medien (z. B. wenn Sie ein Video über unsere Seite abspielen), das Teilen von Inhalten über Social Media oder das Hinzufügen zu Ihren Favoriten. Die Aufzählung hat keinen Vollständigkeitsanspruch und dient nur zu einer allgemeinen Orientierung der Datenspeicherung durch Google Analytics.

Wie lange und wo werden die Daten gespeichert?
Google hat ihre Server auf der ganzen Welt verteilt. Die meisten Server befinden sich in Amerika und folglich werden Ihre Daten meist auf amerikanischen Servern gespeichert. Hier können Sie genau nachlesen wo sich die Google-Rechenzentren befinden: https://www.google.com/about/datacenters/locations/?hl=de Ihre Daten werden auf verschiedenen physischen Datenträgern verteilt. Das hat den Vorteil, dass die Daten schneller abrufbar sind und vor Manipulation besser geschützt sind. In jedem GoogleRechenzentrum gibt es entsprechende Notfallprogramme für Ihre Daten. Wenn beispielsweise die Hardware bei Google ausfällt oder Naturkatastrophen Server lahmlegen, bleibt das Risiko einer Dienstunterbrechung bei Google dennoch gering. Die Aufbewahrungsdauer der Daten hängt von den verwendeten Properties ab. Bei der Verwendung der neueren Google Analytics 4-Properties ist die Aufbewahrungsdauer Ihrer Userdaten auf 14 Monate fix eingestellt. Für andere sogenannte Ereignisdaten haben wir die Möglichkeit eine Aufbewahrungsdauer von 2 Monaten oder 14 Monaten zu wählen. Bei Universal Analytics-Properties ist bei Google Analytics eine Aufbewahrungsdauer Ihrer Userdaten von 26 Monaten standardisiert eingestellt. Dann werden Ihre Userdaten gelöscht. Allerdings haben wir die Möglichkeit, die Aufbewahrungsdauer von Nutzdaten selbst zu wählen.
Dafür stehen uns fünf Varianten zur Verfügung:
Löschung nach 14 Monaten
Löschung nach 26 Monaten
Löschung nach 38 Monaten
Löschung nach 50 Monaten
Keine automatische Löschung
Zusätzlich gibt es auch die Option, dass Daten erst dann gelöscht werden, wenn Sie innerhalb des von uns gewählten Zeitraums nicht mehr unsere Website besuchen. In diesem Fall wird die Aufbewahrungsdauer jedes Mal zurückgesetzt, wenn Sie unsere Website innerhalb des festgelegten Zeitraums wieder besuchen. Wenn der festgelegte Zeitraum abgelaufen ist, werden einmal im Monat die Daten gelöscht. Diese Aufbewahrungsdauer gilt für Ihre Daten, die mit Cookies, Usererkennung und Werbe-IDs (z.B. Cookies der DoubleClick-Domain) verknüpft sind. Berichtergebnisse basieren auf aggregierten Daten und werden unabhängig von Nutzerdaten gespeichert. Aggregierte Daten sind eine Zusammenschmelzung von Einzeldaten zu einer größeren Einheit.

Wie kann ich meine Daten löschen bzw. die Datenspeicherung verhindern? 
Nach dem Datenschutzrecht der Europäischen Union haben Sie das Recht, Auskunft über Ihre Daten zu erhalten, sie zu aktualisieren, zu löschen oder einzuschränken. Mithilfe des Browser-Addons zur Deaktivierung von Google Analytics-JavaScript (ga.js, analytics.js, dc.js) verhindern Sie, dass Google Analytics Ihre Daten verwendet. Das Browser-Add-on können Sie unter https://tools.google.com/dlpage/gaoptout?hl=de runterladen und installieren. Beachten Sie bitte, dass durch dieses Add-on nur die Datenerhebung durch Google Analytics deaktiviert wird. Falls Sie grundsätzlich Cookies deaktivieren, löschen oder verwalten wollen, finden Sie unter dem Abschnitt „Cookies“ die entsprechenden Links zu den jeweiligen Anleitungen der bekanntesten Browser.

Rechtsgrundlage
Der Einsatz von Google Analytics setzt Ihre Einwilligung voraus, welche wir mit unserem Cookie Popup eingeholt haben. Diese Einwilligung stellt laut Art. 6 Abs. 1 lit. a DSGVO (Einwilligung) die Rechtsgrundlage für die Verarbeitung personenbezogener Daten, wie sie bei der Erfassung durch Web-Analytics Tools vorkommen kann, dar. Zusätzlich zur Einwilligung besteht von unserer Seite ein berechtigtes Interesse daran, dass Verhalten der Websitebesucher zu analysieren und so unser Angebot technisch und wirtschaftlich zu verbessern. Mit Hilfe von Google Analytics erkennen wir Fehler der Website, können Attacken identifizieren und die Wirtschaftlichkeit verbessern. Die Rechtsgrundlage dafür ist Art. 6 Abs. 1 lit. f DSGVO (Berechtigte Interessen). Wir setzen Google Analytics gleichwohl nur ein, soweit Sie eine Einwilligung erteilt haben. Google verarbeitet Daten von Ihnen u.a. auch in den USA. Wir weisen darauf hin, dass nach Meinung des Europäischen Gerichtshofs derzeit kein angemessenes Schutzniveau für den Datentransfer in die USA besteht. Dies kann mit verschiedenen Risiken für die Rechtmäßigkeit und Sicherheit der Datenverarbeitung einhergehen. Als Grundlage der Datenverarbeitung bei Empfängern mit Sitz in Drittstaaten (außerhalb der Europäischen Union, Island, Liechtenstein, Norwegen, also insbesondere in den USA) oder einer Datenweitergabe dorthin verwendet Google sogenannte Standardvertragsklauseln (= Art. 46. Abs. 2 und 3 DSGVO). Standardvertragsklauseln (Standard Contractual Clauses – SCC) sind von der EU Kommission bereitgestellte Mustervorlagen und sollen sicherstellen, dass Ihre Daten auch dann den europäischen Datenschutzstandards entsprechen, wenn diese in Drittländer (wie beispielsweise in die USA) überliefert und dort gespeichert werden. Durch diese Klauseln verpflichtet sich Google, bei der Verarbeitung Ihrer relevanten Daten, das europäische Datenschutzniveau einzuhalten, selbst wenn die Daten in den USA gespeichert, verarbeitet und verwaltet werden. Diese Klauseln basieren auf einem Durchführungsbeschluss der EU-Kommission. Sie finden den Beschluss und die entsprechenden Standardvertragsklauseln u.a. hier: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
Die Google Ads Datenverarbeitungsbedingungen (Google Ads Data Processing Terms), welche auf die Standardvertragsklauseln verweisen, finden Sie unter https://business.safety.google/intl/de/adsprocessorterms/.
Wir hoffen, wir konnten Ihnen die wichtigsten Informationen rund um die Datenverarbeitung von Google Analytics näherbringen. Wenn Sie mehr über den Tracking-Dienst erfahren wollen, empfehlen wir diese beiden Links: https://marketingplatform.google.com/about/analytics/terms/de/ und https://support.google.com/analytics/answer/6004245?hl=de.

Google Analytics Berichte zu demografischen Merkmalen und Interessen
Wir haben in Google Analytics die Funktionen für Werbeberichte eingeschaltet. Die Berichte zu demografischen Merkmalen und Interessen enthalten Angaben zu Alter, Geschlecht und Interessen. Damit können wir uns – ohne diese Daten einzelnen Personen zuordnen zu können – ein besseres Bild von unseren Nutzern machen. Mehr über die Werbefunktionen erfahren Sie auf https://support.google.com/analytics/answer/3450482?hl=de_AT&utm_id=ad. Sie können die Nutzung der Aktivitäten und Informationen Ihres Google Kontos unter “Einstellungen für Werbung” auf https://adssettings.google.com/authenticated per Checkbox beenden.

Google Analytics im Einwilligungsmodus
Abhängig von Ihrer Einwilligung werden im sogenannten Einwilligungsmodus (bzw. „Consent Mode“) personenbezogene Daten von Ihnen durch Google Analytics verarbeitet. Sie können wählen, ob Sie Google-Analytics-Cookies zustimmen oder nicht. Damit wählen Sie auch, welche Daten Google Analytics von Ihnen verarbeitet darf. Diese erhobenen Daten werden hauptsächlich dafür verwendet, Messungen über das Userverhalten auf der Website durchzuführen, zielgerichtete Werbung auszuspielen und uns Web-Analyseberichte zu liefern. In der Regel willigen Sie der Datenverarbeitung durch Google über ein Cookie-Consent-Tool ein. Wenn Sie der Datenverarbeitung nicht einwilligen, werden nur aggregierte Daten erfasst und verarbeitet. Das bedeutet, Daten können einzelnen Usern nicht zugeordnet werden und es entsteht somit kein Userprofil von Ihnen. Sie können auch nur der statistischen Messung zustimmen. Dabei werden keine personenbezogenen Daten verarbeitet und folglich nicht für Werbungen oder Werbemesserfolge verwendet.

Google Analytics IP-Anonymisierung
Wir haben auf dieser Webseite die IP-Adressen-Anonymisierung von Google Analytics implementiert. Diese Funktion wurde von Google entwickelt, damit diese Webseite die geltenden Datenschutzbestimmungen und Empfehlungen der lokalen Datenschutzbehörden einhalten kann, wenn diese eine Speicherung der vollständigen IP-Adresse untersagen. Die Anonymisierung bzw. Maskierung der IP findet statt, sobald die IP-Adressen im Google AnalyticsDatenerfassungsnetzwerk eintreffen und bevor eine Speicherung oder Verarbeitung der Daten stattfindet. Mehr Informationen zur IP-Anonymisierung finden Sie auf https://support.google.com/analytics/answer/2763052?hl=de.

E-Mail-Marketing

E-mail marketing summary
Affected parties: Newsletter subscribers
Purpose: Direct advertising by e-mail, notification of system-relevant events
Data processed: Data entered during registration, but at least the e-mail address. You can find more details on this in the e-mail marketing tool used.
Storage period: Duration of the subscription
Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR
(legitimate interests)

What is e-mail marketing?
In order to keep you up to date, we also use the option of e-mail marketing. If you have agreed to receive our e-mails or newsletters, your data will also be processed and stored. E-mail marketing is a sub-area of ​​online marketing. News or general information about a company, products or services is sent by e-mail to a specific group of people who are interested in them. If you want to participate in our email marketing (usually via newsletter), you normally just have to register with your email address. To do this, you fill out an online form and send it off. However, we may also ask you for your title and name so that we can write to you personally. Basically, registering for newsletters works using the so-called “double opt-in process”. After you have registered for our newsletter on our website, you will receive an email confirming your newsletter registration. This ensures that the email address belongs to you and that no one has registered with someone else’s email address. We or a notification tool we use logs every single registration. This is necessary so that we can prove that the registration process was legally correct. The time of registration, the time of registration confirmation and your IP address are usually saved. In addition, it is also logged if you make changes to your stored data.

Why do we use email marketing?

We naturally want to stay in touch with you and always present you with the most important news about our company. To do this, we use email marketing – often just called a “newsletter” – as an essential part of our online marketing. If you agree to this or it is legally permitted, we will send you newsletters, system emails or other notifications by email. When we use the term “newsletter” in the following text, we mainly mean emails that are sent regularly. Of course, we do not want to bother you in any way with our newsletter. That is why we really always try to only offer relevant and interesting content. For example, you can find out more about our company, our services or products. Since we are always improving our offers, you will always find out about any news or special, lucrative promotions via our newsletter. If we commission a service provider who offers a professional shipping tool for our email marketing, we do this so that we can offer you fast and secure newsletters. The purpose of our email marketing is basically to inform you about new offers and to get closer to our business goals.

Which data is processed?

If you become a subscriber to our newsletter via our website, you will confirm your membership in an email list by email. In addition to your IP address and email address, your title, name, address and telephone number can also be saved. However, only if you agree to this data storage. The data marked as such is necessary so that you can participate in the service offered. Providing this information is voluntary, but failure to provide it will mean that you cannot use the service. In addition, information about your device or your preferred content can also be stored on our website. You can find out more about how data is stored when you visit a website in the “Automatic data storage” section. We record your declaration of consent so that we can always prove that it complies with our laws.

Duration of data processing
If you remove your email address from our email/newsletter mailing list, we may store your address for up to three years on the basis of our legitimate interests so that we can still prove that you gave your consent at the time. We may only process this data if we have to defend ourselves against any claims. However, if you confirm that you have given us your consent to subscribe to the newsletter, you can submit an individual deletion request at any time. If you object to the inclusion

consent permanently, we reserve the right to save your email address in a block list. As long as you have voluntarily subscribed to our newsletter, we will of course also keep your email address.

Right of objection
You have the option to cancel your newsletter subscription at any time. To do this, you simply have to revoke your consent to the newsletter subscription. This usually only takes a few seconds or one or two clicks. You will usually find a link to cancel your newsletter subscription right at the end of every email. If you really cannot find the link in the newsletter, please contact us by email and we will cancel your newsletter subscription immediately.

Legal basis
Our newsletter is sent on the basis of your consent (Article 6 Paragraph 1 Letter a of GDPR). This means that we may only send you a newsletter if you have previously actively registered for it. If necessary, we may also send you advertising messages based on Section 7 Paragraph 3 of the Unfair Competition Act, provided that you have become our customer and have not objected to the use of your email address for direct advertising. Information on special email marketing services and how they process personal data can be found – if available – in the following sections.

Social Media

Social Media Introduction

Social Media Data Protection Statement Summary
Affected parties: Visitors to the website
Purpose: Presentation and optimization of our service, contact with visitors, interested parties, etc., advertising
Data processed: Data such as telephone numbers, email addresses, contact details, data on user behavior, information about your device and your IP address. You can find more details on this in the social media tool used.
Storage period: depends on the social media platforms used
Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests)

What is social media?
In addition to our website, we are also active on various social media platforms. User data can be processed so that we can specifically address users who are interested in us via social networks. In addition, elements of a social media platform can also be embedded directly in our website. This is the case, for example, if you click on a so-called social button on our website and are redirected directly to our social media presence. So-called social media or social media refers to websites and apps through which registered members can produce content, exchange content openly or in certain groups and network with other members.

Why do we use social media?

For years, social media platforms have been the place where people communicate and get in touch online. With our social media presence, we can bring our products and services closer to interested parties. The social media elements integrated into our website help you to switch to our social media content quickly and without complications. The data that is stored and processed through your use of a social media channel primarily serves the purpose of being able to carry out web analyses. The aim of these analyses is to be able to develop more precise and personalized marketing and advertising strategies. Depending on your behavior on a social media platform, the evaluated data can be used to draw appropriate conclusions about your interests and create so-called user profiles. This also enables the platforms to present you with tailored advertisements. Cookies are usually placed in your browser for this purpose, which store data on your usage behavior. We generally assume that we remain responsible for data protection, even if we use the services of a social media platform. However, the European Court of Justice has ruled that in certain cases the operator of the social media platform can be jointly responsible with us within the meaning of Art. 26 GDPR. If this is the case, we will point this out separately and work on the basis of an agreement to this effect. The essence of the agreement is then reproduced below for the platform in question.
Please note that when using the social media platforms or our built-in elements, your data may also be processed outside the European Union, as many social media channels, such as Facebook or Twitter, are American companies. This may mean that you can no longer easily demand or enforce your rights with regard to your personal data.

What data is processed?
Exactly which data is stored and processed depends on the respective provider of the social media platform. But usually it is data such as telephone numbers, email addresses, data that you enter in a contact form, user data such as which buttons you click, who you like or follow, when you visited which pages, information about your device and your IP address. Most of this data is stored in cookies. Especially if you have a profile on the social media channel you visit and are logged in, data can be linked to your profile. All data collected via a social media platform is also stored on the providers’ servers. This means that only the providers have access to the data and can give you the appropriate information or make changes. If you want to know exactly which data is stored and processed by the social media providers and how you can object to data processing, you should read the respective company’s data protection declaration carefully. If you have any questions about data storage and data processing or want to assert corresponding rights, we recommend that you contact the provider directly.

Duration of data processing
We will inform you about the duration of data processing below, provided we have further information about it. For example,

The social media platform Facebook stores data until it is no longer needed for its own purposes. Customer data that is compared with your own user data is deleted within two days. In general, we only process personal data for as long as it is absolutely necessary to provide our services and products. If it is required by law, as in the case of accounting, for example, this storage period can also be exceeded.

Right of objection
You also have the right and the option to revoke your consent to the use of cookies or third-party providers such as embedded social media elements at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection through cookies by managing, deactivating or deleting cookies in your browser. Since cookies can be used with social media tools, we also recommend our general privacy policy on cookies. To find out exactly which of your data is stored and processed, you should read the privacy policies of the respective tools.

Legal basis
If you have consented that your data can be processed and stored by integrated social media elements, this consent is the legal basis for data processing (Art. 6 Para. 1 lit. a GDPR). In principle, if you have given your consent, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 Para. 1 lit. f GDPR) in fast and good communication with you or other customers and business partners. However, we only use the tools if you have given your consent. Most social media platforms also set cookies in your browser to store data. We therefore recommend that you read our privacy policy text about cookies carefully and view the privacy policy or cookie guidelines of the respective service provider. Information about specific social media platforms – if available – can be found in the
following sections.

Facebook privacy policy

Facebook privacy policy summary
Affected parties: Visitors to the website
Purpose: Optimizing our service
Data processed: Data such as customer data, data on user behavior,
Information about your device and your IP address. You can find more details about this further down in the privacy policy.
Storage period: until the data is no longer useful for Facebook’s purposes
Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests)

What are Facebook tools?
We use selected tools from Facebook on our website. Facebook is a social media network of the company Meta Platforms Inc. or, for the European area, of the company Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. With the help of these tools, we can offer you and people who are interested in our products and services the best possible offer. If data is collected and forwarded from you via our embedded Facebook elements or via our Facebook page (fan page), both we and Facebook Ireland Ltd. are responsible for this. Facebook is solely responsible for the further processing of this data. Our joint obligations have also been anchored in a publicly accessible agreement at https://www.facebook.com/legal/controller_addendum. This states, for example, that we must clearly inform you about the use of Facebook tools on our site. We are also responsible for ensuring that the tools are securely integrated into our website in accordance with data protection law. Facebook, on the other hand, is responsible for the data security of Facebook products, for example. If you have any questions about data collection and processing by Facebook, you can contact the company directly. If you address the question to us, we are obliged to forward it to Facebook. Below we provide an overview of the various Facebook tools, which data is sent to Facebook and how you can delete this data. In addition to many other products, Facebook also offers the so-called “Facebook Business Tools”. This is the official name of Facebook. However, since the term is hardly known, we have decided to simply call them Facebook tools. These include:
Facebook pixel
Social plug-ins (such as the “Like” or “Share” button)
Facebook login
Account kit
APIs (application programming interfaces)
SDKs (collection of programming tools)
Platform integrations
Plugins
Codes
Specifications
Documentation
Technologies and services

Through the

These tools extend Facebook services and have the ability to obtain information about user activities outside of Facebook.

Why do we use Facebook tools on our website?

We only want to show our services and products to people who are really interested in them. With the help of advertisements (Facebook ads) we can reach exactly these people. In order to show users suitable advertising, however, Facebook needs information about people’s wishes and needs. The company is provided with information about user behavior (and contact details) on our website. This allows Facebook to collect better user data and show interested people the right advertising about our products or services. The tools thus enable customized advertising campaigns on Facebook. Facebook calls data about your behavior on our website “event data”. This is also used for measurement and analysis services. Facebook can thus create “campaign reports” on our behalf about the impact of our advertising campaigns. Furthermore, analyses give us a better insight into how you use our services, website or products. This means that we use some of these tools to optimize your user experience on our website. For example, you can use the social plug-ins to share content on our site directly on Facebook.

By using individual Facebook tools, personal data (customer data) can be sent to Facebook. Depending on the tools used, customer data such as name, address, telephone number and IP address can be sent.

Facebook uses this information to compare the data with the data it has about you (if you are a Facebook member). Before customer data is sent to Facebook, a process known as “hashing” takes place. This means that a data set of any size is transformed into a character string. This also serves to encrypt data. In addition to contact data, “event data” is also transmitted. “Event data” refers to the information that we receive about you on our website. For example, which subpages you visit or which products you buy from us. Facebook does not share the information it receives with third parties (such as advertisers) unless the company has explicit permission or is legally obliged to do so. “Event data” can also be linked to contact data. This enables Facebook to offer better personalized advertising. After the matching process mentioned above, Facebook deletes the contact data again. In order to be able to deliver advertisements in an optimized manner, Facebook only uses the event data if it has been combined with other data (which was collected by Facebook in another way). Facebook also uses this event data for security, protection, development and research purposes. Much of this data is transferred to Facebook via cookies. Cookies are small text files that are used to store data or information in browsers. Depending on the tools used and whether you are a Facebook member, different numbers of cookies are created in your browser. In the descriptions of the individual Facebook tools, we go into more detail about individual Facebook cookies. You can also find general information about the use of Facebook cookies at https://www.facebook.com/policies/cookies.

How long and where is the data stored?

Basically, Facebook stores data until it is no longer needed for its own services and Facebook products. Facebook has servers distributed all over the world where its data is stored. However, customer data is deleted within 48 hours after it has been compared with your own user data.

How can I delete my data or prevent data storage?

In accordance with the General Data Protection Regulation, you have the right to information, correction,

portability and deletion of your data. The data will only be completely deleted if you completely delete your Facebook account.

And this is how you delete your Facebook account:

1) Click on Settings on the right side of Facebook.

2) Then click on “Your Facebook information” in the left column.

3) Now click “Deactivation and deletion”.

4) Now select “Delete account” and then click on “Continue and delete account”

5) Now enter your password, click on “Continue” and then on “Delete account”

The data that Facebook receives via our site is stored using cookies (e.g. social plugins). You can deactivate, delete or manage individual or all cookies in your browser. Depending on which browser you use, this works in different ways. Under the A

In the “Cookies” section you will find the relevant links to the respective instructions for the most popular browsers. If you do not want cookies at all, you can set up your browser so that it always informs you when a cookie is to be set. This way you can decide for each individual cookie whether to allow it or not.

Legal basis
If you have consented to your data being processed and stored by integrated Facebook tools, this consent is the legal basis for data processing (Art. 6 Para. 1 lit. a GDPR). In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 Para. 1 lit. f GDPR) in fast and good communication with you or other customers and business partners. However, we only use the tools if you have given your consent. Most social media platforms also set cookies in your browser to store data. We therefore recommend that you read our data protection text about cookies carefully and view Facebook’s privacy policy or cookie guidelines. Facebook processes your data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can entail various risks for the legality and security of data processing. Facebook uses so-called standard contractual clauses (= Art. 46. Para. 2 and 3 GDPR) as the basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfer there. Standard contractual clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, Facebook undertakes to comply with European data protection standards when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places:
https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de The Facebook data processing conditions, which correspond to the standard contractual clauses, can be found at https://www.facebook.com/legal/terms/dataprocessing. We hope we have given you the most important information about the use and data processing by the Facebook tools. If you want to find out more about how Facebook uses your data, we recommend that you read the data guidelines at https://www.facebook.com/about/privacy/update.

Facebook Login Privacy Policy
We have integrated the practical Facebook Login on our site. This means you can easily log in with your Facebook account without having to create another user account. If you decide to register using the Facebook Login, you will be redirected to the social media network Facebook. There you log in using your Facebook user data. Through this login process, data about you or your user behavior is stored and sent to Facebook. Facebook uses various cookies to store the data. Below we show you the most important cookies that are set in your browser or already exist when you log in to our site using the Facebook login:

Name: fr
Value: 0jieyh4c2GnlufEJ9..Bde09j…1.0.Bde09j
Purpose: This cookie is used to ensure that the social plugin on our website
works as well as possible.
Expiry date: after 3 months
Name: datr
Value: 4Jh7XUA2312137656SEmPsSfzCOO4JFFl
Purpose: Facebook sets the “datr” cookie when a web browser accesses facebook.com, and the cookie helps identify login activities and protect users.
Expiry date: after 2 years
Name: _js_datr
Value: deleted
Purpose: Facebook sets this session cookie for tracking purposes, even if you do not have a Facebook account or are logged out.
Expiry date: after the end of the session
Note: The cookies listed are only a small selection of the cookies that are available to Facebook. Other cookies include _ fbp, sb or wd. A complete list is not possible because Facebook has a large number of cookies and uses them variably.
On the one hand, the Facebook login offers you a quick and easy registration process, and on the other hand it gives us the opportunity to share data with Facebook. This enables us to improve our offer and our advertising activities.

ons to better suit your interests and needs. Data that we receive from Facebook in this way is public data such as
Your Facebook name
Your profile picture
A stored email address
Friend lists
Button details (e.g. “Like” button)
Date of birthday
Language
Place of residence
In return, we provide Facebook with information about your activities on our website. This includes information about the device you use, which subpages you visit on our website or which products you have purchased from us. By using Facebook Login, you consent to data processing. You can revoke this agreement at any time. If you would like to find out more information about data processing by Facebook, we recommend that you read the Facebook privacy policy at https://www.facebook.com/policy.php?tid=312137656. If you are logged in to Facebook, you can change your ad settings yourself at https://www.facebook.com/adpreferences/advertisers/?entry_product=ad_settings_screen.
Facebook Social Plug-ins Privacy Policy
So-called social plug-ins from the company Meta Platforms Inc. are built into our website. You can recognize these buttons by the classic Facebook logo, such as the “Like” button (the hand with the thumb raised) or by a clear “Facebook plug-in” label. A social plug-in is a small part of Facebook that is integrated into our site. Each plug-in has its own function. The most commonly used functions are the well-known “Like” and “Share” buttons. The following social plug-ins are offered by Facebook:
“Save” button
“Like” button, share, send and quote
Page plug-in
Comments
Messenger plug-in
Embedded posts and video players
Group plug-in
You can find more information on how the individual plug-ins are used at https://developers.facebook.com/docs/plugins. We use social plug-ins to offer you a better user experience on our site and because they enable Facebook to optimize our advertisements. If you have a Facebook account or have already visited https://www.facebook.com/, Facebook has already set at least one cookie in your browser. In this case, your browser sends information to Facebook via this cookie as soon as you visit our site or interact with social plug-ins (e.g. the “Like” button). The information received is deleted or anonymized within 90 days. According to Facebook, this data includes your IP address, which website you visited, the date, time and other information relating to your browser. To prevent Facebook from collecting a lot of data during your visit to our website and linking it to Facebook data, you must log out of Facebook while visiting the website. If you are not logged in to Facebook or do not have a Facebook account, your browser will send less information to Facebook because you have fewer Facebook cookies. However, data such as your IP address or which website you visit can be transferred to Facebook. We would like to expressly point out that we do not know the exact contents of the data. However, we will try to inform you as best as possible about data processing based on our current level of knowledge. You can also read how Facebook uses the data in the company’s data guidelines at https://www.facebook.com/about/privacy/update. The following cookies are set in your browser at least when you visit a website with social plug-ins from Facebook:
Name: dpr
Value: not specified
Purpose: This cookie is used so that the social plug-ins on our
website work.
Expiry date: after end of session
Name: fr
Value: 0jieyh4312137656c2GnlufEJ9..Bde09j…1.0.Bde09j
Purpose: The cookie is also necessary for the plug-ins to work properly.
Expiry date: after 3 months
Note: These cookies were set after a test, even if you are not a Facebook member.
If you are logged in to Facebook, you can change your ad settings yourself at
https://www.facebook.com/adpreferences/advertisers/. If you are not a Facebook user, you can generally manage your usage-based online advertising at https://www.youronlinechoices.com/de/praferenzmanagement/?tid=312137656. There you have the option of deactivating or activating providers. If you would like to find out more about Facebook’s data protection, we recommend that you read the company’s own data guidelines at https://www.facebook.com/policy.php?tip=312137656.

Instagram privacy policy

Instagram privacy policy summary
Affected parties: Visitors to the website
Purpose: Optimizing our

the service
Data processed: Data such as data on user behavior, information about your device and your IP address.

You can find more details about this below in the privacy policy.
Storage period: until Instagram no longer needs the data for its purposes
Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR
(legitimate interests)

What is Instagram?
We have built Instagram functions into our website. Instagram is a social media platform of the company Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Instagram has been a subsidiary of Meta Platforms Inc. since 2012 and is one of the Facebook products. Embedding Instagram content on our website is called embedding. This allows us to show you content such as buttons, photos or videos from Instagram directly on our website. When you visit websites on our website that have an integrated Instagram function, data is transmitted to Instagram, stored and processed. Instagram uses the same systems and technologies as Facebook. Your data is therefore processed across all Facebook companies. Below we want to give you a more detailed insight into why Instagram collects data, what data it is and how you can largely control data processing. Since Instagram belongs to Meta Platforms Inc., we get our information from the Instagram guidelines on the one hand, but also from the Meta privacy guidelines themselves on the other. Instagram is one of the most well-known social media networks in the world. Instagram combines the advantages of a blog with the advantages of audiovisual platforms such as YouTube or Vimeo. You can upload photos and short videos to “Insta” (as many users casually call the platform), edit them with various filters and also share them on other social networks. And if you don’t want to be active yourself, you can just follow other interesting users.

Why do we use Instagram on our website?

Instagram is the social media platform that has really taken off in recent years. And of course we have also responded to this boom. We want you to feel as comfortable as possible on our website. That’s why we take it for granted that our content is varied. The embedded Instagram functions allow us to enrich our content with helpful, funny or exciting content from the Instagram world. Since Instagram is a subsidiary of Facebook, the data collected can also be useful for personalized advertising on Facebook. This means that our ads are only shown to people who are really interested in our products or services. Instagram also uses the data collected for measurement and analysis purposes. We get summarized statistics and thus more insight into your wishes and interests. It is important to mention that these reports do not identify you personally.

What data is stored by Instagram?

When you come across one of our pages that has Instagram functions (such as Instagram images or plugins) built in, your browser automatically connects to Instagram’s servers. Data is sent to Instagram, stored and processed. Regardless of whether you have an Instagram account or not. This includes information stored on our Instagram website, on your computer, on purchases made, on advertisements you see and how you use our service. The date and time of your interaction with Instagram are also stored. If you have an Instagram account or are logged in, Instagram stores significantly more data about you. Facebook differentiates between customer data and event data. We assume that this is exactly the case with Instagram. Customer data includes name, address, telephone number and IP address. This customer data will only be transmitted to Instagram if it has been “hashed” beforehand. Hashing means that a data set is converted into a character string. This allows the contact details to be encrypted. The “event data” mentioned above is also transmitted. Facebook – and consequently Instagram – understands “event data” to mean data about your user behavior. It can also happen that contact details are combined with event data. The contact details collected are compared with the data that Instagram already has about you. The collected data is transmitted to Facebook via small text files (cookies), which are usually placed in your browser. Depending on the Instagram functions used and whether you have an Instagram account yourself, different amounts of data are stored. We assume that data processing on Instagram works in the same way as on Facebook.

This means that if you have an Instagram account or have visited www.instagram.com, Instagram has set at least one cookie. If this is the case, your browser sends information to Instagram via the cookie as soon as you come into contact with an Instagram function. This data is deleted or anonymized after 90 days at the latest (after comparison). Although we have looked intensively into Instagram’s data processing, we cannot say exactly which data Instagram collects and stores. Below we show you cookies that are at least set in your browser when you click on an Instagram function (such as a button or an Insta image). In our test, we assume that you do not have an Instagram account. If you are logged in to Instagram, significantly more cookies will of course be set in your browser.
These cookies were used in our test:
Name: csrftoken
Value: “”
Purpose: This cookie is most likely set for security reasons
to prevent requests from being forged. However, we were unable to find out more about this.
Expiry date: after one year
Name: mid
Value: “”
Purpose: Instagram sets this cookie to optimize its own services and offers on and off Instagram. The cookie sets a unique user ID.
Expiry date: after the end of the session
Name: fbsr_312137656124024
Value: no information
Purpose: This cookie stores the log-in request for users of the Instagram app.
Expiry date: after the end of the session
Name: rur
Value: ATN
Purpose: This is an Instagram cookie that ensures functionality on Instagram. Expiry date: after the end of the session
Name: urlgen
Value: “{”194.96.75.33”: 1901}:1iEtYv:Y833k2_UjKvXgYe312137656”
Purpose: This cookie is used for Instagram’s marketing purposes.
Expiry date: after the end of the session
Note: We cannot claim to be complete here. Which cookies are set in individual cases depends on the embedded functions and your use of Instagram.

How long and where is the data stored?

Instagram shares the information received between the Facebook companies with external partners and with people you connect with around the world. The data processing is carried out in compliance with its own data policy. Your data is distributed on Facebook servers around the world, among other things for security reasons. Most of these servers are located in the USA.

How can I delete my data or prevent data storage?
Thanks to the General Data Protection Regulation, you have the right to information, portability, correction and deletion of your data. You can manage your data in the Instagram settings. If you want to completely delete your data on Instagram, you must permanently delete your Instagram account.

This is how you delete your Instagram account:
First, open the Instagram app. On your profile page, go down and click on “Help section”. This will take you to the company’s website. On the website, click on “Manage your account” and then on “Delete your account”. If you delete your account completely, Instagram will delete posts such as your photos and status updates. Information that other people have shared about you does not belong to your account and is therefore not deleted. As already mentioned above, Instagram primarily stores your data via cookies. You can manage, deactivate or delete these cookies in your browser. Depending on your browser, the management always works a little differently. Under the “Cookies” section you will find the corresponding links to the respective instructions for the most popular browsers. You can also generally set up your browser so that you are always informed when a cookie is to be set. Then you can always decide individually whether you want to accept the cookie or not.

Legal basis
If you have consented that your data can be processed and stored by integrated social media elements, this consent is the legal basis for data processing (Art. 6 Para. 1 lit. a GDPR). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 Para. 1 lit. f GDPR) in fast and good communication with you or other customers and business partners. However, we only use the integrated social media elements if you have given your consent. Most social media platforms also set cookies in your browser to store data. We therefore recommend that you read our data protection text about cookies carefully and view the data protection declaration or cookie guidelines of the respective service provider. Instagram or Facebook also processes data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can entail various risks for the legality and security of data processing. Facebook uses standard contractual clauses approved by the EU Commission (= Art. 46. Para. 2 and 3 GDPR) as the basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfer there. These clauses oblige Facebook to comply with the EU data protection level when processing relevant data outside the EU. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the clauses here, among other places: https://germany.representation.ec.europa.eu/index_de. We have tried to give you the most important information about data processing by Instagram. You can find out more about Instagram’s data policies at https://help.instagram.com/519522125107875.

Blogs and publication media

Blogs and publication media Introduction

Blogs and publication media Data protection declaration Summary

Affected parties: Visitors to the website
Purpose: Presentation and optimization of our service as well as communication between website visitors, security measures and administration
Data processed: Data such as contact details, IP address and published content. You can find more details in the tools used.
Storage period: depends on the tools used
Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests), Art. 6 Para. 1 S. 1 lit. b. GDPR (contract)

What are blogs and publication media?
We use blogs or other means of communication on our website with which we can communicate with you on the one hand and you with us on the other. We may also store and process your data. This may be necessary so that we can display content accordingly, communication works and security is increased. In our privacy policy text, we generally explain which of your data can be processed. Exact details on data processing always depend on the tools and functions used. You can find precise information about data processing in the privacy policy of the individual providers.

Why do we use blogs and publication media?

Our greatest concern with our website is to offer you interesting and exciting content, and at the same time, your opinions and content are important to us. That is why we want to create a good interactive exchange between us and you. With various blogs and publication options, we can achieve exactly that. For example, you can write comments on our content, comment on other comments or, in some cases, write posts yourself.

What data is processed?

Exactly which data is processed always depends on the communication functions we use. Very often, IP address, user name and the published content are stored. This is done primarily to ensure security protection, prevent spam and to be able to take action against illegal content. Cookies can also be used to store data. These are small text files that are stored with information in your browser. You can find more information about the data collected and stored in our individual sections and in the privacy policy of the respective provider.

Duration of data processing
We will inform you about the duration of data processing below, provided we have further information about it. For example, post and comment functions store data until you revoke the data storage. In general, personal data is only stored for as long as it is absolutely necessary to provide our services.

Right of objection
You also have the right and the option to revoke your consent to the use of cookies or third-party communication tools at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection through cookies by managing, deactivating or deleting cookies in your browser. Since cookies can also be used in publication media, we also recommend our general privacy policy on cookies. To find out exactly which of your data is stored and processed, you should read the privacy policies of the respective tools.

Legal basis
We use the means of communication mainly on the basis of our legitimate interests (Art. 6 Para. 1 lit. f GDPR) in fast and good communication with you or other customers, business partners and visitors. Insofar as the use serves the processing of contractual relationships or their initiation, the legal basis is also Art. 6 Para. 1 S. 1 lit. b. GDPR. Certain processing, in particular the use of cookies and the use of comment or message functions, require your consent. If and to the extent that you have consented that your data can be processed and stored by integrated publication media, this consent is considered the legal basis for data processing (Art. 6 Para. 1 lit. a GDPR). Most of the communication functions we use set cookies in your browser to store data. We therefore recommend that you read our data protection text about cookies carefully and view the data protection declaration or the cookie guidelines of the respective service provider. Information about special tools – if available – can be found in the following sections.

Webdesign

Web design introduction

Web design data protection declaration summary
Affected parties: Visitors to the website
Purpose: Improving the user experience
Data processed: Which data is processed depends heavily on the services used. This usually includes IP address, technical data, language settings, browser version, screen resolution and name of the browser. You can find more details about this in the web design tools used.
Storage period: depends on the tools used
Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests)

What is web design?
We use various tools on our website that serve our web design. Web design is not, as is often assumed, just about making our website look pretty, but also about functionality and performance. But of course the right look of a website is also one of the major goals of professional web design. Web design is a sub-area of ​​media design and deals with both the visual and the structural and functional design of a website. The aim is to improve your experience on our website with the help of web design. In web design jargon, this is referred to as user experience (UX) and usability. User experience refers to all the impressions and experiences that the website visitor experiences on a website. A sub-point of user experience is usability. This is about the user-friendliness of a website. The main emphasis here is on ensuring that content, subpages or products are clearly structured and that you can find what you are looking for quickly and easily. In order to offer you the best possible experience on our website, we also use so-called web design tools from third parties. In this data protection declaration, the category “web design” therefore includes all services that improve the design of our website. These can be, for example, fonts, various plugins or other integrated web design functions.

Why do we use web design tools?

How you absorb information on a website depends very much on the structure, functionality and visual perception of the website. That is why good and professional web design has become increasingly important for us too. We are constantly working on improving our website and see this as an extended service for you as a website visitor. Furthermore, a beautiful and functioning website also has economic advantages for us. After all, you will only visit us and use our services if you feel completely comfortable.

What data is stored by web design tools?

When you visit our website, web design elements can be integrated into our pages that can also process data. The exact data involved depends, of course, largely on the tools used. Below you can see exactly which tools we use for our website. For more information about data processing, we recommend that you read the respective data protection declaration of the tools used. This is usually where you can find out which data is processed, whether cookies are used and how long the data is stored. Fonts such as Google Fonts, for example, also automatically transfer information such as language settings, IP address, browser version, browser screen resolution and browser name to the Google servers.

Duration of data processing
How long data is processed is very individual and depends on the web design elements used. If cookies are used, for example, the retention period can be as short as a minute, but also as long as a few years. Please do your research on this. We recommend that you read our general text section on cookies and the privacy statements of the tools used. There you will usually find out which cookies are used exactly and what information is stored in them. Google font files, for example, are stored for a year. This is intended to improve the loading time of a website. In principle, data is only ever stored for as long as it is necessary to provide the service. If required by law, data can also be stored for longer.

Right of objection
You also have the right and the option to revoke your consent to the use of cookies or third-party providers at any time. This works either via our CookieManagement tool or via other opt-out functions. You can also prevent data collection through cookies by managing, deactivating or deleting cookies in your browser. However, there is also data under web design elements (mostly fonts) that cannot be deleted quite so easily. This is the case if

Data is automatically collected when a page is accessed and sent to a third-party provider (such as Google). Please contact the support of the relevant provider. In the case of Google, you can reach support at https://support.google.com/?hl=de.

Legal basis
If you have consented to the use of web design tools, the legal basis for the corresponding data processing is this consent. According to Art. 6 Para. 1 lit. a GDPR (consent), this consent represents the legal basis for the processing of personal data as it may occur when data is collected using web design tools. We also have a legitimate interest in improving the web design on our website. After all, we can only provide you with a beautiful and professional web offering if this is the case. The legal basis for this is Art. 6 Para. 1 lit. f GDPR (legitimate interests). However, we only use web design tools if you have given your consent. We would like to emphasize this again here. Information on special web design tools can be found in the following sections – if available.

Adobe Fonts Privacy Policy
We use Adobe Fonts, a web font hosting service, on our website. The service provider is the American company Adobe Inc. The Irish company Adobe Systems Software Ireland Companies, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland, is responsible for the European area. Adobe processes your data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can entail various risks for the legality and security of data processing. Adobe uses so-called standard contractual clauses (= Art. 46. Para. 2 and 3 GDPR) as the basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfer there. Standard Contractual Clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries (such as the USA). Through these clauses, Adobe undertakes to comply with European data protection standards when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de More information about the data processed and the standard contractual clauses at Adobe can be found at https://www.adobe.com/de/privacy/eudatatransfers.html.

Texts

All texts are protected by copyright.
Source: Created with the data protection generator from AdSimple