PRIVACY POLICY

  1. An over­view of data protec­tion

General infor­ma­tion

The following infor­ma­tion will provide you with an easy to navi­gate over­view of what will happen with your personal data when you visit this website. The term “personal data” comprises all data that can be used to perso­nally iden­tify you. For detailed infor­ma­tion about the subject matter of data protec­tion, please consult our Data Protec­tion Decla­ra­tion, which we have included beneath this copy.

Data recording on this website

Who is the respon­sible party for the recording of data on this website (i.e., the “controller”)?

The data on this website is processed by the operator of the website, whose contact infor­ma­tion is avail­able under section “Infor­ma­tion about the respon­sible party (referred to as the “controller” in the GDPR)” in this Privacy Policy.

How do we record your data?

We collect your data as a result of your sharing of your data with us. This may, for instance be infor­ma­tion you enter into our contact form.

Other data shall be recorded by our IT systems auto­ma­ti­cally or after you consent to its recording during your website visit. This data comprises prima­rily tech­nical infor­ma­tion (e.g., web browser, opera­ting system, or time the site was accessed). This infor­ma­tion is recorded auto­ma­ti­cally when you access this website.

What are the purposes we use your data for?

A portion of the infor­ma­tion is gene­rated to guarantee the error free provi­sion of the website. Other data may be used to analyze your user patterns.

What rights do you have as far as your infor­ma­tion is concerned?

You have the right to receive infor­ma­tion about the source, reci­pi­ents, and purposes of your archived personal data at any time without having to pay a fee for such disclo­sures. You also have the right to demand that your data are recti­fied or eradi­cated. If you have consented to data proces­sing, you have the option to revoke this consent at any time, which shall affect all future data proces­sing. Moreover, you have the right to demand that the proces­sing of your data be restricted under certain circum­s­tances. Further­more, you have the right to log a comp­laint with the compe­tent super­vi­sing agency.

Please do not hesi­tate to contact us at any time if you have ques­tions about this or any other data protec­tion related issues.

Analysis tools and tools provided by third parties

There is a possi­bi­lity that your brow­sing patterns will be statis­ti­cally analyzed when your visit this website. Such analyses are performed prima­rily with what we refer to as analysis programs.

For detailed infor­ma­tion about these analysis programs please consult our Data Protec­tion Decla­ra­tion below.

  1. Hosting and Content Deli­very Networks (CDN)

External Hosting

This website is hosted by an external service provider (host). Personal data collected on this website are stored on the servers of the host. These may include, but are not limited to, IP addresses, contact requests, meta­data and commu­ni­ca­tions, contract infor­ma­tion, contact infor­ma­tion, names, web page access, and other data gene­rated through a web site.

The host is used for the purpose of fulfil­ling the contract with our poten­tial and exis­ting custo­mers (Art. 6(1)(b) GDPR) and in the inte­rest of secure, fast, and effi­cient provi­sion of our online services by a profes­sional provider (Art. 6(1)(f) GDPR). If appro­priate consent has been obtained, the proces­sing is carried out exclu­si­vely on the basis of Art. 6 (1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to infor­ma­tion in the user’s end device (e.g., device finger­prin­ting) within the meaning of the TTDSG. This consent can be revoked at any time.

Our host will only process your data to the extent necessary to fulfil its perfor­mance obli­ga­tions and to follow our inst­ruc­tions with respect to such data.

We are using the following host:

Site­Ground Spain S.L.

Calle de Prim 19,

28004 Madrid,

Spain

Data proces­sing

We have concluded a data proces­sing agree­ment (DPA) with the above-mentioned provider. This is a contract mandated by data privacy laws that guaran­tees that they process personal data of our website visi­tors only based on our inst­ruc­tions and in compli­ance with the GDPR.

Cloud­flare

We use the “Cloud­flare” service provided by Cloud­flare Inc., 101 Town­send St., San Fran­cisco, CA 94107, USA. (herein­after referred to as “Cloud­flare”).

Cloud­flare offers a content deli­very network with DNS that is avail­able world­wide. As a result, the infor­ma­tion transfer that occurs between your browser and our website is tech­ni­cally routed via Cloudflare’s network. This enables Cloud­flare to analyze data tran­sac­tions between your browser and our website and to work as a filter between our servers and poten­ti­ally mali­cious data traffic from the Internet. In this context, Cloud­flare may also use cookies or other tech­no­lo­gies deployed to reco­gnize Internet users, which shall, however, only be used for the herein described purpose.

The use of Cloud­flare is based on our legi­ti­mate inte­rest in a provi­sion of our website offe­rings that is as error free and secure as possible (Art. 6(1)(f) GDPR).

Data trans­mis­sion to the US is based on the Stan­dard Contrac­tual Clauses (SCC) of the Euro­pean Commis­sion. Details can be found here: https://www.cloudflare.com/privacypolicy/.

For more infor­ma­tion on Cloudflare’s secu­rity precau­tions and data privacy poli­cies, please follow this link: https://www.cloudflare.com/privacypolicy/.

Data proces­sing

We have concluded a data proces­sing agree­ment (DPA) with the above-mentioned provider. This is a contract mandated by data privacy laws that guaran­tees that they process personal data of our website visi­tors only based on our inst­ruc­tions and in compli­ance with the GDPR.

  1. General infor­ma­tion and manda­tory infor­ma­tion

Data protec­tion

The opera­tors of this website and its pages take the protec­tion of your personal data very seriously. Hence, we handle your personal data as confi­den­tial infor­ma­tion and in compli­ance with the statu­tory data protec­tion regu­la­tions and this Data Protec­tion Decla­ra­tion.

Whenever you use this website, a variety of personal infor­ma­tion will be collected. Personal data comprises data that can be used to perso­nally iden­tify you. This Data Protec­tion Decla­ra­tion explains which data we collect as well as the purposes we use this data for. It also explains how, and for which purpose the infor­ma­tion is collected.

We here­with advise you that the trans­mis­sion of data via the Internet (i.e., through e-mail commu­ni­ca­tions) may be prone to secu­rity gaps. It is not possible to comple­tely protect data against third-party access.

Infor­ma­tion about the respon­sible party (referred to as the “controller” in the GDPR)

The data proces­sing controller on this website is:

Scho­l­ar­book GmbH
Simon Stützel
Käthe-Koll­witz-Straße 45
76227 Karls­ruhe

Phone: +49 721 98414683
E-mail: simon@scholarbook.net

The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the proces­sing of personal data (e.g., names, e-mail addresses, etc.).

Storage dura­tion

Unless a more specific storage period has been speci­fied in this privacy policy, your personal data will remain with us until the purpose for which it was collected no longer applies. If you assert a justi­fied request for dele­tion or revoke your consent to data proces­sing, your data will be deleted, unless we have other legally permis­sible reasons for storing your personal data (e.g., tax or commer­cial law reten­tion periods); in the latter case, the dele­tion will take place after these reasons cease to apply.

General infor­ma­tion on the legal basis for the data proces­sing on this website

If you have consented to data proces­sing, we process your personal data on the basis of Art. 6(1)(a) GDPR or Art. 9 (2)(a) GDPR, if special cate­go­ries of data are processed according to Art. 9 (1) DSGVO. In the case of explicit consent to the transfer of personal data to third coun­tries, the data proces­sing is also based on Art. 49 (1)(a) GDPR. If you have consented to the storage of cookies or to the access to infor­ma­tion in your end device (e.g., via device finger­prin­ting), the data proces­sing is addi­tio­nally based on § 25 (1) TTDSG. The consent can be revoked at any time. If your data is required for the fulfill­ment of a contract or for the imple­men­ta­tion of pre-contrac­tual measures, we process your data on the basis of Art. 6(1)(b) GDPR. Further­more, if your data is required for the fulfill­ment of a legal obli­ga­tion, we process it on the basis of Art. 6(1)(c) GDPR. Further­more, the data proces­sing may be carried out on the basis of our legi­ti­mate inte­rest according to Art. 6(1)(f) GDPR. Infor­ma­tion on the rele­vant legal basis in each indi­vi­dual case is provided in the following para­graphs of this privacy policy.

Desi­gna­tion of a data protec­tion officer

We have appointed a data protec­tion officer for our company.

Die Daten­schutz­kon­zept GmbH
Floß­straße 3
53359 Rhein­bach

www.datenschutzkonzept.com

Phone: +49 2225 9953 9950
E-mail: info@datenschutzkonzept.com

Infor­ma­tion on data transfer to the USA and other non-EU coun­tries

Among other things, we use tools of compa­nies domic­iled in the United States or other from a data protec­tion perspec­tive non-secure non-EU coun­tries. If these tools are active, your personal data may poten­ti­ally be trans­ferred to these non-EU coun­tries and may be processed there. We must point out that in these coun­tries, a data protec­tion level that is compa­rable to that in the EU cannot be guaran­teed. For instance, U.S. enter­prises are under a mandate to release personal data to the secu­rity agen­cies and you as the data subject do not have any liti­ga­tion options to defend yourself in court. Hence, it cannot be ruled out that U.S. agen­cies (e.g., the Secret Service) may process, analyze, and perma­nently archive your personal data for surveil­lance purposes. We have no control over these proces­sing acti­vi­ties.

Revo­ca­tion of your consent to the proces­sing of data

A wide range of data proces­sing tran­sac­tions are possible only subject to your express consent. You can also revoke at any time any consent you have already given us. This shall be without preju­dice to the lawful­ness of any data collec­tion that occurred prior to your revo­ca­tion.

Right to object to the collec­tion of data in special cases; right to object to direct adver­ti­sing (Art. 21 GDPR)

IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCES­SING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUA­TION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVI­SIONS. TO DETER­MINE THE LEGAL BASIS, ON WHICH ANY PROCES­SING OF DATA IS BASED, PLEASE CONSULT THIS DATA PROTEC­TION DECLA­RA­TION. IF YOU LOG AN OBJEC­TION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSI­TION TO PRESENT COMPEL­LING PROTEC­TION WORTHY GROUNDS FOR THE PROCES­SING OF YOUR DATA, THAT OUTWEIGH YOUR INTE­RESTS, RIGHTS AND FREE­DOMS OR IF THE PURPOSE OF THE PROCES­SING IS THE CLAI­MING, EXER­CISING OR DEFENCE OF LEGAL ENTI­T­LE­MENTS (OBJEC­TION PURSUANT TO ART. 21(1) GDPR).

IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVER­TI­SING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCES­SING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVER­TI­SING AT ANY TIME. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFI­LIATED WITH SUCH DIRECT ADVER­TI­SING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSE­QUENTLY NO LONGER BE USED FOR DIRECT ADVER­TI­SING PURPOSES (OBJEC­TION PURSUANT TO ART. 21(2) GDPR).

Right to log a comp­laint with the compe­tent super­vi­sory agency

In the event of viola­tions of the GDPR, data subjects are enti­tled to log a comp­laint with a super­vi­sory agency, in parti­cular in the member state where they usually main­tain their domicile, place of work or at the place where the alleged viola­tion occurred. The right to log a comp­laint is in effect regard­less of any other admi­nis­tra­tive or court procee­dings avail­able as legal recourses.

Right to data porta­bi­lity

You have the right to demand that we hand over any data we auto­ma­ti­cally process on the basis of your consent or in order to fulfil a contract be handed over to you or a third party in a commonly used, machine read­able format. If you should demand the direct transfer of the data to another controller, this will be done only if it is tech­ni­cally feasible.

SSL and/or TLS encryp­tion

For secu­rity reasons and to protect the trans­mis­sion of confi­den­tial content, such as purchase orders or inqui­ries you submit to us as the website operator, this website uses either an SSL or a TLS encryp­tion program. You can reco­gnize an encrypted connec­tion by checking whether the address line of the browser swit­ches from “http://” to “https://” and also by the appearance of the lock icon in the browser line.

If the SSL or TLS encryp­tion is acti­vated, data you transmit to us cannot be read by third parties.

Infor­ma­tion about, recti­fi­ca­tion and eradi­ca­tion of data

Within the scope of the appli­cable statu­tory provi­sions, you have the right to at any time demand infor­ma­tion about your archived personal data, their source and reci­pi­ents as well as the purpose of the proces­sing of your data. You may also have a right to have your data recti­fied or eradi­cated. If you have ques­tions about this subject matter or any other ques­tions about personal data, please do not hesi­tate to contact us at any time.

Right to demand proces­sing restric­tions

You have the right to demand the impo­si­tion of restric­tions as far as the proces­sing of your personal data is concerned. To do so, you may contact us at any time. The right to demand restric­tion of proces­sing applies in the following cases:

  • In the event that you should dispute the correct­ness of your data archived by us, we will usually need some time to verify this claim. During the time that this inves­ti­ga­tion is ongoing, you have the right to demand that we restrict the proces­sing of your personal data.
  • If the proces­sing of your personal data was/is conducted in an unlawful manner, you have the option to demand the restric­tion of the proces­sing of your data in lieu of deman­ding the eradi­ca­tion of this data.
  • If we do not need your personal data any longer and you need it to exer­cise, defend or claim legal enti­t­le­ments, you have the right to demand the restric­tion of the proces­sing of your personal data instead of its eradi­ca­tion.
  • If you have raised an objec­tion pursuant to Art. 21(1) GDPR, your rights and our rights will have to be weighed against each other. As long as it has not been deter­mined whose inte­rests prevail, you have the right to demand a restric­tion of the proces­sing of your personal data.

If you have restricted the proces­sing of your personal data, these data – with the excep­tion of their archi­ving – may be processed only subject to your consent or to claim, exer­cise or defend legal enti­t­le­ments or to protect the rights of other natural persons or legal enti­ties or for important public inte­rest reasons cited by the Euro­pean Union or a member state of the EU.

Rejec­tion of unso­li­cited e-mails

We here­with object to the use of contact infor­ma­tion published in conjunc­tion with the manda­tory infor­ma­tion to be provided in our Site Notice to send us promo­tional and infor­ma­tion mate­rial that we have not expressly requested. The opera­tors of this website and its pages reserve the express right to take legal action in the event of the unso­li­cited sending of promo­tional infor­ma­tion, for instance via SPAM messages.

  1. Recording of data on this website

Consent with Borlabs Cookie

Our website uses the Borlabs consent tech­no­logy to obtain your consent to the storage of certain cookies in your browser or for the use of certain tech­no­lo­gies and for their data privacy protec­tion compliant docu­men­ta­tion. The provider of this tech­no­logy is Borlabs GmbH, Rüben­kamp 32, 22305 Hamburg, Germany (herein­after referred to as Borlabs).

Whenever you visit our website, a Borlabs cookie will be stored in your browser, which archives any decla­ra­tions or revo­ca­tions of consent you have entered. These data are not shared with the provider of the Borlabs tech­no­logy.

The recorded data shall remain archived until you ask us to eradi­cate them, delete the Borlabs cookie on your own or the purpose of storing the data no longer exists. This shall be without preju­dice to any reten­tion obli­ga­tions mandated by law. To review the details of Borlabs’ data proces­sing poli­cies, please visit https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

We use the Borlabs cookie consent tech­no­logy to obtain the decla­ra­tions of consent mandated by law for the use of cookies. The legal basis for the use of such cookies is Art. 6(1)(c) GDPR.

Contact form

If you submit inqui­ries to us via our contact form, the infor­ma­tion provided in the contact form as well as any contact infor­ma­tion provided therein will be stored by us in order to handle your inquiry and in the event that we have further ques­tions. We will not share this infor­ma­tion without your consent.

The proces­sing of these data is based on Art. 6(1)(b) GDPR, if your request is related to the execu­tion of a contract or if it is necessary to carry out pre-contrac­tual measures. In all other cases the proces­sing is based on our legi­ti­mate inte­rest in the effec­tive proces­sing of the requests addressed to us (Art. 6(1)(f) GDPR) or on your agree­ment (Art. 6(1)(a) GDPR) if this has been requested; the consent can be revoked at any time.

The infor­ma­tion you have entered into the contact form shall remain with us until you ask us to eradi­cate the data, revoke your consent to the archi­ving of data or if the purpose for which the infor­ma­tion is being archived no longer exists (e.g., after we have concluded our response to your inquiry). This shall be without preju­dice to any manda­tory legal provi­sions, in parti­cular reten­tion periods.

Request by e-mail, tele­phone, or fax

If you contact us by e-mail, tele­phone or fax, your request, inclu­ding all resul­ting personal data (name, request) will be stored and processed by us for the purpose of proces­sing your request. We do not pass these data on without your consent.

These data are processed on the basis of Art. 6(1)(b) GDPR if your inquiry is related to the fulfill­ment of a contract or is required for the perfor­mance of pre-contrac­tual measures. In all other cases, the data are processed on the basis of our legi­ti­mate inte­rest in the effec­tive hand­ling of inqui­ries submitted to us (Art. 6(1)(f) GDPR) or on the basis of your consent (Art. 6(1)(a) GDPR) if it has been obtained; the consent can be revoked at any time.

The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after comple­tion of your request). Manda­tory statu­tory provi­sions – in parti­cular statu­tory reten­tion periods – remain unaf­fected.

Hubspot CRM

We use Hubspot CRM on this website. The provider is Hubspot Inc. 25 Street, Cambridge, MA 02141 USA (here­after Hubspot CRM).

Hubspot CRM enables us, among other things, to manage exis­ting and poten­tial custo­mers and customer contacts, to commu­ni­cate with you and to plan and execute marke­ting acti­vi­ties in line with your inte­rests. Hubspot CRM enables us to capture, sort and analyze customer inter­ac­tions via email, social media, or phone across multiple chan­nels. The personal data collected in this way can be evaluated and used for commu­ni­ca­tion with the poten­tial customer or marke­ting measures (e.g., news­letter mailings). Hubspot CRM also enables us to collect and analyze the user beha­vior of our contacts on our website.

The use of Hubspot CRM is based on Art. 6(1)(f) GDPR. The website operator has a legi­ti­mate inte­rest in the most effi­cient customer manage­ment and customer commu­ni­ca­tion. If appro­priate consent has been obtained, the proces­sing is carried out exclu­si­vely on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to infor­ma­tion in the user’s end device (e.g., device finger­prin­ting) within the meaning of the TTDSG. This consent can be revoked at any time.

For details, please refer to Hubspot’s privacy policy: https://legal.hubspot.com/de/privacy-policy.

Data trans­mis­sion to the US is based on the stan­dard contrac­tual clauses of the EU Commis­sion. Details can be found here: https://www.hubspot.de/data-privacy/privacy-shield.

Data proces­sing

We have concluded a data proces­sing agree­ment (DPA) with the above-mentioned provider. This is a contract mandated by data privacy laws that guaran­tees that they process personal data of our website visi­tors only based on our inst­ruc­tions and in compli­ance with the GDPR.

Regis­tra­tion with Face­book Connect

Instead of regis­tering directly on this website, you also have the option to register using Face­book Connect. The provider of this service is Meta Plat­forms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s state­ment the collected data will be trans­ferred to the USA and other third-party coun­tries too.

If you decide to register via Face­book Connect and click on the “Login with Facebook”/„Connect with Face­book” button, you will be auto­ma­ti­cally connected to the Face­book plat­form. There, you can log in using your user­name and pass­word. As a result, your Face­book profile will be linked to this website or our services. This link gives us access to the data you have archived with Face­book. These data comprise prima­rily the following:

  • Face­book name
  • Face­book profile photo and cover photo
  • Face­book cover photo
  • E-mail address archived with Face­book
  • Face­book-ID
  • Face­book friends lists
  • Face­book Likes (“Likes” infor­ma­tion)
  • Date of birth
  • Gender
  • Country
  • Language

This infor­ma­tion will be used to set up, provide and custo­mize your account.

The regis­tra­tion via Face­book Connect and the affi­liated data proces­sing tran­sac­tions are imple­mented on the basis of your consent (Art. 6(1)(a) GDPR). You may revoke this consent at any time, which shall affect all future tran­sac­tions there­after.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Face­book, we and Meta Plat­forms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly respon­sible for this data proces­sing (Art. 26 DSGVO). The joint respon­si­bi­lity is limited exclu­si­vely to the collec­tion of the data and its forwar­ding to Face­book. The proces­sing by Face­book that takes place after the onward transfer is not part of the joint respon­si­bi­lity. The obli­ga­tions incum­bent on us jointly have been set out in a joint proces­sing agree­ment. The wording of the agree­ment can be found under: https://www.facebook.com/legal/controller_addendum. According to this agree­ment, we are respon­sible for provi­ding the privacy infor­ma­tion when using the Face­book tool and for the privacy-secure imple­men­ta­tion of the tool on our website. Face­book is respon­sible for the data secu­rity of Face­book products. You can assert data subject rights (e.g., requests for infor­ma­tion) regar­ding data processed by Face­book directly with Face­book. If you assert the data subject rights with us, we are obliged to forward them to Face­book.

Data trans­mis­sion to the US is based on the Stan­dard Contrac­tual Clauses (SCC) of the Euro­pean Commis­sion. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendumhttps://de-de.facebook.com/help/566994660333381 and https://www.facebook.com/policy.php.

For more infor­ma­tion, please consult the Face­book Terms of Use and the Face­book Data Privacy Poli­cies. Use these links to access this infor­ma­tion: https://www.facebook.com/about/privacy/ and https://www.facebook.com/legal/terms/.

Proven­Ex­pert

We have included evalua­tion seals from Proven­Ex­pert on this website. The provider is Expert Systems AG, Qued­lin­burger Str. 1, 10589 Berlin, https://www.provenexpert.com.

The Proven­Ex­pert seal enables us to display on our website customer reviews that have been submitted to Proven­Ex­pert about our company. When you visit our website, a connec­tion to Proven­Ex­pert is estab­lished so that Proven­Ex­pert can deter­mine that you have visited our website. Further­more, Proven­Ex­pert records your language settings to display the seal in the chosen language.

The use of Proven­Ex­pert is based on Art. 6(1)(f) GDPR. The website operator has a legi­ti­mate inte­rest in the most compre­hen­sible presen­ta­tion of customer reviews. If appro­priate consent has been obtained, the proces­sing is carried out exclu­si­vely on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to infor­ma­tion in the user’s end device (e.g., device finger­prin­ting) within the meaning of the TTDSG. This consent can be revoked at any time.

  1. Analysis tools and adver­ti­sing

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

The Google Tag Manager is a tool that allows us to inte­grate tracking or statis­tical tools and other tech­no­lo­gies on our website. The Google Tag Manager itself does not create any user profiles, does not store cookies, and does not carry out any inde­pen­dent analyses. It only manages and runs the tools inte­grated via it. However, the Google Tag Manager does collect your IP address, which may also be trans­ferred to Google’s parent company in the United States.

The Google Tag Manager is used on the basis of Art. 6(1)(f) GDPR. The website operator has a legi­ti­mate inte­rest in the quick and uncom­pli­cated inte­gra­tion and admi­nis­tra­tion of various tools on his website. If appro­priate consent has been obtained, the proces­sing is carried out exclu­si­vely on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to infor­ma­tion in the user’s end device (e.g., device finger­prin­ting) within the meaning of the TTDSG. This consent can be revoked at any time.

Google Analy­tics

This website uses func­tions of the web analysis service Google Analy­tics. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analy­tics enables the website operator to analyze the beha­vior patterns of website visi­tors. To that end, the website operator receives a variety of user data, such as pages accessed, time spent on the page, the utilized opera­ting system and the user’s origin. This data is assi­gned to the respec­tive end device of the user. An assign­ment to a device-ID does not take place.

Google Analy­tics uses tech­no­lo­gies that make the reco­gni­tion of the user for the purpose of analy­zing the user beha­vior patterns (e.g., cookies or device finger­prin­ting). The website use infor­ma­tion recorded by Google is, as a rule trans­ferred to a Google server in the United States, where it is stored.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.

Data trans­mis­sion to the US is based on the Stan­dard Contrac­tual Clauses (SCC) of the Euro­pean Commis­sion. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

IP anony­miz­a­tion

On this website, we have acti­vated the IP anony­miz­a­tion func­tion. As a result, your IP address will be abbre­viated by Google within the member states of the Euro­pean Union or in other states that have rati­fied the Conven­tion on the Euro­pean Economic Area prior to its trans­mis­sion to the United States. The full IP address will be trans­mitted to one of Google’s servers in the United States and abbre­viated there only in excep­tional cases. On behalf of the operator of this website, Google shall use this infor­ma­tion to analyze your use of this website to gene­rate reports on website acti­vi­ties and to render other services to the operator of this website that are related to the use of the website and the Internet. The IP address trans­mitted in conjunc­tion with Google Analy­tics from your browser shall not be merged with other data in Google’s posses­sion.

Browser plug-in

You can prevent the recording and proces­sing of your data by Google by down­loading and instal­ling the browser plugin avail­able under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

For more infor­ma­tion about the hand­ling of user data by Google Analy­tics, please consult Google’s Data Privacy Decla­ra­tion at: https://support.google.com/analytics/answer/6004245?hl=en.

Contract data proces­sing

We have executed a contract data proces­sing agree­ment with Google and are imple­men­ting the strin­gent provi­sions of the German data protec­tion agen­cies to the fullest when using Google Analy­tics.

Google Ads

The website operator uses Google Ads. Google Ads is an online promo­tional program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display ads in the Google search engine or on third-party websites, if the user enters certain search terms into Google (keyword targe­ting). It is also possible to place targeted ads based on the user data Google has in its posses­sion (e.g., loca­tion data and inte­rests; target group targe­ting). As the website operator, we can analyze these data quan­ti­ta­tively, for instance by analy­zing which search terms resulted in the display of our ads and how many ads led to respec­tive clicks.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.

Data trans­mis­sion to the US is based on the Stan­dard Contrac­tual Clauses (SCC) of the Euro­pean Commis­sion. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.

Google Remar­ke­ting

This website uses the func­tions of Google Analy­tics Remar­ke­ting. The provider of these solu­tions is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Remar­ke­ting analyzes your user patterns on our website (e.g., clicks on specific products), to allo­cate a certain adver­ti­sing target groups to you and to subse­quently display matching online offers to you when you visit other online offers (remar­ke­ting or retar­ge­ting).

Moreover, it is possible to link the adver­ti­sing target groups gene­rated with Google Remar­ke­ting to device encom­pas­sing func­tions of Google. This makes it possible to display inte­rest-based custo­mized adver­ti­sing messages, depen­ding on your prior usage and brow­sing patterns on a device (e.g., cell phone) in a manner tailored to you as well as on any of your devices (e.g., tablet or PC).

If you have a Google account, you have the option to object to perso­na­lized adver­ti­sing under the following link: https://www.google.com/settings/ads/onweb/.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.

For further infor­ma­tion and the perti­nent data protec­tion regu­la­tions, please consult the Data Privacy Poli­cies of Google at: https://policies.google.com/technologies/ads?hl=en.

Google Conver­sion-Tracking

This website uses Google Conver­sion Tracking. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

With the assi­s­tance of Google Conver­sion Tracking, we are in a posi­tion to reco­gnize whether the user has completed certain actions. For instance, we can analyze the how frequently which buttons on our website have been clicked and which products are reviewed or purchased with parti­cular frequency. The purpose of this infor­ma­tion is to compile conver­sion statis­tics. We learn how many users have clicked on our ads and which actions they have completed. We do not receive any infor­ma­tion that would allow us to perso­nally iden­tify the users. Google as such uses cookies or compa­rable reco­gni­tion tech­no­lo­gies for iden­ti­fi­ca­tion purposes.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.

For more infor­ma­tion about Google Conver­sion Tracking, please review Google’s data protec­tion policy at: https://policies.google.com/privacy?hl=en

Google Double­Click

This website uses features of Google Double­Click. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland, (herein­after “Double­Click”).

Double­Click is used to show you inte­rest-based ads across the Google Network. Adver­ti­se­ments can be tailored to the inte­rests of the viewer using Double­Click. For example, our ads may appear in Google search results or in banners asso­ciated with Double­Click.

To be able to display inte­rest adequate promo­tional content to users, Double­Click must reco­gnize the respec­tive visitor so that it can allo­cate the websites visited, the clicks and other user pattern infor­ma­tion to the user. To do this, Double­Click deploys cookies or compa­rable reco­gni­tion tech­no­lo­gies (e.g., device finger­prin­ting). The recorded infor­ma­tion is conso­li­dated into a pseud­onym user profile so that the respec­tive user can be shown inte­rest adequate adver­ti­sing.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.

For further infor­ma­tion on how to object to the adver­ti­se­ments displayed by Google, please see the following links: https://policies.google.com/technologies/ads and https://adssettings.google.com/authenticated.

Face­book Pixel

To measure conver­sion rates, this website uses the visitor acti­vity pixel of Face­book. The provider of this service is Meta Plat­forms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s state­ment the collected data will be trans­ferred to the USA and other third-party coun­tries too.

This tool allows the tracking of page visi­tors after they have been linked to the website of the provider after clicking on a Face­book ad. This makes it possible to analyze the effec­ti­ve­ness of Face­book ads for statis­tical and market rese­arch purposes and to opti­mize future adver­ti­sing campaigns.

For us as the opera­tors of this website, the collected data is anony­mous. We are not in a posi­tion to arrive at any conclu­sions as to the iden­tity of users. However, Face­book archives the infor­ma­tion and processes it, so that it is possible to make a connec­tion to the respec­tive user profile and Face­book is in a posi­tion to use the data for its own promo­tional purposes in compli­ance with the Face­book Data Usage Policy. This enables Face­book to display ads on Face­book pages as well as in loca­tions outside of Face­book. We as the operator of this website have no control over the use of such data.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.

Data trans­mis­sion to the US is based on the Stan­dard Contrac­tual Clauses (SCC) of the Euro­pean Commis­sion. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum und https://de-de.facebook.com/help/566994660333381.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Face­book, we and Meta Plat­forms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly respon­sible for this data proces­sing (Art. 26 DSGVO). The joint respon­si­bi­lity is limited exclu­si­vely to the collec­tion of the data and its forwar­ding to Face­book. The proces­sing by Face­book that takes place after the onward transfer is not part of the joint respon­si­bi­lity. The obli­ga­tions incum­bent on us jointly have been set out in a joint proces­sing agree­ment. The wording of the agree­ment can be found under: https://www.facebook.com/legal/controller_addendum. According to this agree­ment, we are respon­sible for provi­ding the privacy infor­ma­tion when using the Face­book tool and for the privacy-secure imple­men­ta­tion of the tool on our website. Face­book is respon­sible for the data secu­rity of Face­book products. You can assert data subject rights (e.g., requests for infor­ma­tion) regar­ding data processed by Face­book directly with Face­book. If you assert the data subject rights with us, we are obliged to forward them to Face­book.

In Facebook’s Data Privacy Poli­cies, you will find addi­tional infor­ma­tion about the protec­tion of your privacy at: https://www.facebook.com/about/privacy/.

You also have the option to deac­ti­vate the remar­ke­ting func­tion “Custom Audi­ences” in the ad settings section under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you first have to log into Face­book.

If you do not have a Face­book account, you can deac­ti­vate any user-based adver­ti­sing by Face­book on the website of the Euro­pean Inter­ac­tive Digital Adver­ti­sing Alli­ance: http://www.youronlinechoices.com/de/praferenzmanagement/.

Face­book Custom Audi­ences

We use Face­book Custom Audi­ences. The provider of this service is Meta Plat­forms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

Whenever you visit or use our website and apps, utilize our port­folio (e.g., parti­ci­pa­tion in sweep­stakes), transfer data to us or interact with the Face­book content of our company, we record related personal data. In the event that you have given us your consent to the use of Face­book Custom Audi­ences, we will share these data with Face­book to put Face­book in a posi­tion to send you compa­tible ads. These data may also be used to defined target audi­ences (Looka­like Audi­ences).

Face­book processes these data as our contract processor. For details, please consult the user agree­ment of Face­book: https://www.facebook.com/legal/terms/customaudience.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.

The transfer of date to the USA is based on the stan­dard contract clauses of the EU Commis­sion. For details please see: https://www.facebook.com/legal/terms/customaudience and https://www.facebook.com/legal/terms/dataprocessing.

  1. News­letter

News­letter data

If you would like to subscribe to the news­letter offered on this website, we will need from you an e-mail address as well as infor­ma­tion that allow us to verify that you are the owner of the e-mail address provided and consent to the receipt of the news­letter. No further data shall be collected or shall be collected only on a volun­tary basis. We shall use such data only for the sending of the requested infor­ma­tion and shall not share such data with any third parties.

The proces­sing of the infor­ma­tion entered into the news­letter subscrip­tion form shall occur exclu­si­vely on the basis of your consent (Art. 6(1)(a) GDPR). You may revoke the consent you have given to the archi­ving of data, the e-mail address, and the use of this infor­ma­tion for the sending of the news­letter at any time, for instance by clicking on the “Unsub­scribe” link in the news­letter. This shall be without preju­dice to the lawful­ness of any data proces­sing tran­sac­tions that have taken place to date.

The data depo­sited with us for the purpose of subscribing to the news­letter will be stored by us until you unsub­scribe from the news­letter or the news­letter service provider and deleted from the news­letter distri­bu­tion list after you unsub­scribe from the news­letter or after the purpose has ceased to apply. We reserve the right to delete or block e-mail addresses from our news­letter distri­bu­tion list at our own discre­tion within the scope of our legi­ti­mate inte­rest in accordance with Art. 6(1)(f) GDPR.

Data stored for other purposes with us remain unaf­fected.

After you unsub­scribe from the news­letter distri­bu­tion list, your e-mail address may be stored by us or the news­letter service provider in a black­list, if such action is necessary to prevent future mailings. The data from the black­list is used only for this purpose and not merged with other data. This serves both your inte­rest and our inte­rest in complying with the legal requi­re­ments when sending news­let­ters (legi­ti­mate inte­rest within the meaning of Art. 6(1)(f) GDPR). The storage in the black­list is inde­fi­nite. You may object to the storage if your inte­rests outweigh our legi­ti­mate inte­rest.

  1. Plug-ins and Tools

YouTube with expanded data protec­tion inte­gra­tion

Our website embeds videos of the website YouTube. The website operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in the expanded data protec­tion mode. According to YouTube, this mode ensures that YouTube does not store any infor­ma­tion about visi­tors to this website before they watch the video. Nevertheless, this does not necessa­rily mean that the sharing of data with YouTube part­ners can be ruled out as a result of the expanded data protec­tion mode. For instance, regard­less of whether you are watching a video, YouTube will always estab­lish a connec­tion with the Google Double­Click network.

As soon as you start to play a YouTube video on this website, a connec­tion to YouTube’s servers will be estab­lished. As a result, the YouTube server will be noti­fied, which of our pages you have visited. If you are logged into your YouTube account while you visit our site, you enable YouTube to directly allo­cate your brow­sing patterns to your personal profile. You have the option to prevent this by logging out of your YouTube account.

Further­more, after you have started to play a video, YouTube will be able to place various cookies on your device or compa­rable tech­no­lo­gies for reco­gni­tion (e.g. device finger­prin­ting). In this way YouTube will be able to obtain infor­ma­tion about this website’s visi­tors. Among other things, this infor­ma­tion will be used to gene­rate video statis­tics with the aim of impro­ving the user friend­li­ness of the site and to prevent attempts to commit fraud.

Under certain circum­s­tances, addi­tional data proces­sing tran­sac­tions may be trig­gered after you have started to play a YouTube video, which are beyond our control.

The use of YouTube is based on our inte­rest in presen­ting our online content in an appe­aling manner. Pursuant to Art. 6(1)(f) GDPR, this is a legi­ti­mate inte­rest. If appro­priate consent has been obtained, the proces­sing is carried out exclu­si­vely on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to infor­ma­tion in the user’s end device (e.g., device finger­prin­ting) within the meaning of the TTDSG. This consent can be revoked at any time.

For more infor­ma­tion on how YouTube handles user data, please consult the YouTube Data Privacy Policy under: https://policies.google.com/privacy?hl=en.

Google Web Fonts (local embed­ding)

This website uses so-called Web Fonts provided by Google to ensure the uniform use of fonts on this site. These Google fonts are locally installed so that a connec­tion to Google’s servers will not be estab­lished in conjunc­tion with this appli­ca­tion.

For more infor­ma­tion on Google Web Fonts, please follow this link: https://developers.google.com/fonts/faq and consult Google’s Data Privacy Decla­ra­tion under: https://policies.google.com/privacy?hl=en.

Google Maps

This website uses the mapping service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To enable the use of the Google Maps features, your IP address must be stored. As a rule, this infor­ma­tion is trans­ferred to one of Google’s servers in the United States, where it is archived. The operator of this website has no control over the data transfer. In case Google Maps has been acti­vated, Google has the option to use Google web fonts for the purpose of the uniform depic­tion of fonts. When you access Google Maps, your browser will load the required web fonts into your browser cache, to correctly display text and fonts.

We use Google Maps to present our online content in an appe­aling manner and to make the loca­tions disc­losed on our website easy to find. This consti­tutes a legi­ti­mate inte­rest as defined in Art. 6(1)(f) GDPR. If appro­priate consent has been obtained, the proces­sing is carried out exclu­si­vely on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to infor­ma­tion in the user’s end device (e.g., device finger­prin­ting) within the meaning of the TTDSG. This consent can be revoked at any time.

Data trans­mis­sion to the US is based on the Stan­dard Contrac­tual Clauses (SCC) of the Euro­pean Commis­sion. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

For more infor­ma­tion on the hand­ling of user data, please review Google’s Data Privacy Decla­ra­tion under: https://policies.google.com/privacy?hl=en.

Google reCAP­TCHA

We use “Google reCAP­TCHA” (herein­after referred to as “reCAP­TCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

The purpose of reCAP­TCHA is to deter­mine whether data entered on this website (e.g., infor­ma­tion entered into a contact form) is being provided by a human user or by an auto­mated program. To deter­mine this, reCAP­TCHA analyzes the beha­vior of the website visi­tors based on a variety of para­me­ters. This analysis is trig­gered auto­ma­ti­cally as soon as the website visitor enters the site. For this analysis, reCAP­TCHA evaluates a variety of data (e.g., IP address, time the website visitor spent on the site or cursor move­ments initiated by the user). The data tracked during such analyses are forwarded to Google.

reCAP­TCHA analyses run enti­rely in the back­ground. Website visi­tors are not alerted that an analysis is underway.

Data are stored and analyzed on the basis of Art. 6(1)(f) GDPR. The website operator has a legi­ti­mate inte­rest in the protec­tion of the operator’s websites against abusive auto­mated spying and against SPAM. If appro­priate consent has been obtained, the proces­sing is carried out exclu­si­vely on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to infor­ma­tion in the user’s end device (e.g., device finger­prin­ting) within the meaning of the TTDSG. This consent can be revoked at any time.

For more infor­ma­tion about Google reCAP­TCHA please refer to the Google Data Privacy Decla­ra­tion and Terms Of Use under the following links: https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en.

Word­fence

We have included Word­fence on this website. The provider is Defiant Inc, Defiant, Inc, 800 5th Ave Ste 4100, Seattle, WA 98104, USA (herein­after “Word­fence”).

Word­fence is desi­gned to protect our website from unwanted access or mali­cious cyber­at­tacks. To accom­plish this, our website estab­lishes a perma­nent connec­tion with Wordfence’s servers, which check and block their data­bases against access to our website.

The use of Word­fence is based on Art. 6(1)(f) GDPR. The website operator has a legi­ti­mate inte­rest in the most effec­tive protec­tion of his website against cyber­at­tacks. If appro­priate consent has been obtained, the proces­sing is carried out exclu­si­vely on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to infor­ma­tion in the user’s end device (e.g., device finger­prin­ting) within the meaning of the TTDSG. This consent can be revoked at any time.

Data trans­mis­sion to the USA is based on the stan­dard contrac­tual clauses of the EU Commis­sion. Details can be found here: https://www.wordfence.com/help/general-data-protection-regulation/.

Data proces­sing

We have concluded a data proces­sing agree­ment (DPA) with the above-mentioned provider. This is a contract mandated by data privacy laws that guaran­tees that they process personal data of our website visi­tors only based on our inst­ruc­tions and in compli­ance with the GDPR.

  1. eCom­merce and payment service provi­ders

Proces­sing of Customer and Contract Data

We collect, process, and use personal customer and contract data for the estab­lish­ment, content arran­ge­ment and modi­fi­ca­tion of our contrac­tual rela­ti­ons­hips. Data with personal refe­rences to the use of this website (usage data) will be collected, processed, and used only if this is necessary to enable the user to use our services or required for billing purposes. The legal basis for these processes is Art. 6(1)(b) GDPR.

The collected customer data shall be deleted upon comple­tion of the order or termi­na­tion of the busi­ness rela­ti­onship and upon expi­ra­tion of any exis­ting statu­tory archi­ving periods. This shall be without preju­dice to any statu­tory archi­ving periods.

  1. Online-based Audio and Video Confe­rences (Confe­rence tools)

Data proces­sing

We use online confe­rence tools, among other things, for commu­ni­ca­tion with our custo­mers. The tools we use are listed in detail below. If you commu­ni­cate with us by video or audio confe­rence using the Internet, your personal data will be collected and processed by the provider of the respec­tive confe­rence tool and by us. The confe­ren­cing tools collect all infor­ma­tion that you provide/access to use the tools (email address and/or your phone number). Further­more, the confe­rence tools process the dura­tion of the confe­rence, start and end (time) of parti­ci­pa­tion in the confe­rence, number of parti­ci­pants and other “context infor­ma­tion” related to the commu­ni­ca­tion process (meta­data).

Further­more, the provider of the tool processes all the tech­nical data required for the proces­sing of the online commu­ni­ca­tion. This includes, in parti­cular, IP addresses, MAC addresses, device IDs, device type, opera­ting system type and version, client version, camera type, micro­phone or loud­speaker and the type of connec­tion.

Should content be exch­anged, uploaded, or other­wise made avail­able within the tool, it is also stored on the servers of the tool provider. Such content includes, but is not limited to, cloud record­ings, chat/ instant messages, voice­mail uploaded photos and videos, files, white­boards, and other infor­ma­tion shared while using the service.

Please note that we do not have complete influ­ence on the data proces­sing proce­dures of the tools used. Our possi­bi­li­ties are largely deter­mined by the corpo­rate policy of the respec­tive provider. Further infor­ma­tion on data proces­sing by the confe­rence tools can be found in the data protec­tion decla­ra­tions of the tools used, and which we have listed below this text.

Purpose and legal bases

The confe­rence tools are used to commu­ni­cate with prospec­tive or exis­ting contrac­tual part­ners or to offer certain services to our custo­mers (Art. 6(1)(b) GDPR). Further­more, the use of the tools serves to gene­rally simplify and acce­le­rate commu­ni­ca­tion with us or our company (legi­ti­mate inte­rest in the meaning of Art. 6(1)(f) GDPR). Insofar as consent has been requested, the tools in ques­tion will be used on the basis of this consent; the consent may be revoked at any time with effect from that date.

Dura­tion of storage

Data collected directly by us via the video and confe­rence tools will be deleted from our systems immedia­tely after you request us to delete it, revoke your consent to storage, or the reason for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Manda­tory legal reten­tion periods remain unaf­fected.

We have no influ­ence on the dura­tion of storage of your data that is stored by the opera­tors of the confe­rence tools for their own purposes. For details, please directly contact the opera­tors of the confe­rence tools.

Confe­rence tools used

We employ the following confe­rence tools:

Zoom

We use Zoom. The provider of this service is Zoom Commu­ni­ca­tions Inc, San Jose, 55 Almaden Boule­vard, 6th Floor, San Jose, CA 95113, USA. For details on data proces­sing, please refer to Zoom’s privacy policy: https://zoom.us/en-us/privacy.html.

Data trans­mis­sion to the US is based on the Stan­dard Contrac­tual Clauses (SCC) of the Euro­pean Commis­sion. Details can be found here: https://zoom.us/de-de/privacy.html.

Data proces­sing

We have concluded a data proces­sing agree­ment (DPA) with the above-mentioned provider. This is a contract mandated by data privacy laws that guaran­tees that they process personal data of our website visi­tors only based on our inst­ruc­tions and in compli­ance with the GDPR.

  1. Custom Services

Hand­ling appli­cant data

We offer website visi­tors the oppor­tu­nity to submit job appli­ca­tions to us (e.g., via e-mail, via postal services on by submit­ting the online job appli­ca­tion form). Below, we will brief you on the scope, purpose and use of the personal data collected from you in conjunc­tion with the appli­ca­tion process. We assure you that the collec­tion, proces­sing, and use of your data will occur in compli­ance with the appli­cable data privacy rights and all other statu­tory provi­sions and that your data will always be treated as strictly confi­den­tial.

Scope and purpose of the collec­tion of data

If you submit a job appli­ca­tion to us, we will process any affi­liated personal data (e.g., contact and commu­ni­ca­tions data, appli­ca­tion docu­ments, notes taken during job inter­views, etc.), if they are required to make a decision concer­ning the estab­lish­ment or an employ­ment rela­ti­onship. The legal grounds for the afore­men­tioned are § 26 GDPR according to German Law (Nego­tia­tion of an Employ­ment Rela­ti­onship), Art. 6(1)(b) GDPR (General Contract Nego­tia­tions) and – provided you have given us your consent – Art. 6(1)(a) GDPR. You may revoke any consent given at any time. Within our company, your personal data will only be shared with indi­vi­duals who are involved in the proces­sing of your job appli­ca­tion.

If your job appli­ca­tion should result in your recruit­ment, the data you have submitted will be archived on the grounds of § 26 GDPR and Art. 6(1)(b) GDPR for the purpose of imple­men­ting the employ­ment rela­ti­onship in our data proces­sing system.

Data Archi­ving Period

If we are unable to make you a job offer or you reject a job offer or with­draw your appli­ca­tion, we reserve the right to retain the data you have submitted on the basis of our legi­ti­mate inte­rests (Art. 6(1)(f) GDPR) for up to 6 months from the end of the appli­ca­tion proce­dure (rejec­tion or with­drawal of the appli­ca­tion). After­wards the data will be deleted, and the physical appli­ca­tion docu­ments will be destroyed. The storage serves in parti­cular as evidence in the event of a legal dispute. If it is evident that the data will be required after the expiry of the 6-month period (e.g., due to an impen­ding or pending legal dispute), dele­tion will only take place when the purpose for further storage no longer applies.

Longer storage may also take place if you have given your agree­ment (Article 6(1)(a) GDPR) or if statu­tory data reten­tion requi­re­ments preclude the dele­tion.

Admis­sion to the appli­cant pool

If we do not make you a job offer, you may be able to join our appli­cant pool. In case of admis­sion, all docu­ments and infor­ma­tion from the appli­ca­tion will be trans­ferred to the appli­cant pool in order to contact you in case of suitable vacan­cies.

Admis­sion to the appli­cant pool is based exclu­si­vely on your express agree­ment (Art. 6(1)(a) GDPR). The submis­sion agree­ment is volun­tary and has no rela­tion to the ongoing appli­ca­tion proce­dure. The affected person can revoke his agree­ment at any time. In this case, the data from the appli­cant pool will be irre­vo­cably deleted, provided there are no legal reasons for storage.

The data from the appli­cant pool will be irre­vo­cably deleted no later than two years after consent has been granted.

Our social media appearances

Data proces­sing through social networks

We main­tain publicly avail­able profiles in social networks. The indi­vi­dual social networks we use can be found below.

Social networks such as Face­book, Twitter etc. can gene­rally analyze your user beha­vior compre­hen­si­vely if you visit their website or a website with inte­grated social media content (e.g., like buttons or banner ads). When you visit our social media pages, nume­rous data protec­tion-rele­vant proces­sing opera­tions are trig­gered. In detail:

If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circum­s­tances, your personal data may also be recorded if you are not logged in or do not have an account with the respec­tive social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.

Using the data collected in this way, the opera­tors of the social media portals can create user profiles in which their prefe­rences and inte­rests are stored. This way you can see inte­rest-based adver­ti­sing inside and outside of your social media presence. If you have an account with the social network, inte­rest-based adver­ti­sing can be displayed on any device you are logged in to or have logged in to.

Please also note that we cannot retrace all proces­sing opera­tions on the social media portals. Depen­ding on the provider, addi­tional proces­sing opera­tions may there­fore be carried out by the opera­tors of the social media portals. Details can be found in the terms of use and privacy policy of the respec­tive social media portals.

Legal basis

Our social media appearances should ensure the widest possible presence on the Internet. This is a legi­ti­mate inte­rest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on diver­gent legal bases to be speci­fied by the opera­tors of the social networks (e.g., consent within the meaning of Art. 6 (1) (a) GDPR).

Respon­si­bi­lity and asser­tion of rights

If you visit one of our social media sites (e.g., Face­book), we, toge­ther with the operator of the social media plat­form, are respon­sible for the data proces­sing opera­tions trig­gered during this visit. You can in principle protect your rights (infor­ma­tion, correc­tion, dele­tion, limi­ta­tion of proces­sing, data porta­bi­lity and comp­laint) vis-à-vis us as well as vis-à-vis the operator of the respec­tive social media portal (e.g., Face­book).

Please note that despite the shared respon­si­bi­lity with the social media portal opera­tors, we do not have full influ­ence on the data proces­sing opera­tions of the social media portals. Our options are deter­mined by the company policy of the respec­tive provider.

Storage time

The data collected directly from us via the social media presence will be deleted from our systems as soon as you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Manda­tory statu­tory provi­sions – in parti­cular, reten­tion periods – remain unaf­fected.

We have no control over the storage dura­tion of your data that are stored by the social network opera­tors for their own purposes. For details, please contact the social network opera­tors directly (e.g., in their privacy policy, see below).

  1. Indi­vi­dual social networks

Face­book

We have a profile on Face­book. The provider of this service is Meta Plat­forms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (herein­after Meta). According to Meta’s state­ment the collected data will also be trans­ferred to the USA and to other third-party coun­tries.

We have signed an agree­ment with Meta on shared respon­si­bi­lity for the proces­sing of data (Controller Addendum). This agree­ment deter­mines which data proces­sing opera­tions we or Meta are respon­sible for when you visit our Face­book Fanpage. This agree­ment can be viewed at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.

You can custo­mize your adver­ti­sing settings inde­pendently in your user account. Click on the following link and log in: https://www.facebook.com/settings?tab=ads.

Data trans­mis­sion to the US is based on the Stan­dard Contrac­tual Clauses (SCC) of the Euro­pean Commis­sion. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

Details can be found in the Face­book privacy policy: https://www.facebook.com/about/privacy/.