Privacy Policy

Introduction and Overview

We have drafted this Privacy Policy (version 09/08/2021-321293269) to explain to you, in accordance with the requirements of Regulation (EU) 2016/679 and applicable national laws, which personal data (hereinafter referred to as “data”) we, as the controller, and the processors commissioned by us (e.g. providers), process, will process in the future, and what lawful options you have. The terms used are to be understood as gender-neutral.

In short: We provide you with comprehensive information about the data we process about you.

Privacy policies usually sound very technical and use legal terminology. This Privacy Policy, however, is intended to explain the most important aspects to you as simply and transparently as possible. Where it serves transparency, technical terms are explained in a reader-friendly way, links to further information are provided, and graphics are used. We hereby inform you in clear and simple language that, within the scope of our business activities, we only process personal data where there is an appropriate legal basis. This would not be possible if we provided explanations that are as brief, unclear, and legally technical as those often found on the internet when it comes to data protection. We hope you find the following explanations interesting and informative, and perhaps you will come across some information that was new to you.

If you still have any questions, we kindly ask you to contact the responsible party listed below or in the legal notice, to follow the available links, and to consult further information on third-party websites. Our contact details can, of course, also be found in the legal notice.

Scope of Application

This Privacy Policy applies to all personal data processed by us within our company and to all personal data processed by companies commissioned by us (processors). By personal data, we mean information within the meaning of Art. 4(1) GDPR, such as, for example, a person’s name, email address, and postal address. The processing of personal data enables us to offer and invoice our services and products, whether online or offline. The scope of this Privacy Policy includes:

  • all online presences (websites, online shops) that we operate  
  • social media presences and email communication  
  •  mobile apps for smartphones and other devices

In short: This Privacy Policy applies to all areas in which personal data is systematically processed within the company via the channels mentioned above. Should we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.

Legal Bases

In the following Privacy Policy, we provide you with transparent information about the legal principles and regulations, i.e. the legal bases under the General Data Protection Regulation, which allow us to process personal data.

With regard to EU law, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016.

This EU General Data Protection Regulation can of course be accessed online on EUR-Lex, the access point to EU law, at https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=celex%3A32016R0679 consult.

We only process your data if at least one of the following conditions applies:

  1. Consent (Article 6(1)(a) GDPR): You have given us your consent to process data for a specific purpose. One example would be the storage of the data you enter in a contact form.
  2. Contract (Article 6(1)(b) GDPR): In order to fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a purchase contract with you, we require personal information in advance.
  3. Legal obligation (Article 6(1)(c) GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally required to retain invoices for accounting purposes. These usually contain personal data.
  4. Legitimate interests (Article 6(1)(f) GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to operate our website securely and efficiently. This processing therefore constitutes a legitimate interest.

Other conditions, such as processing for the performance of a task carried out in the public interest or in the exercise of official authority, as well as the protection of vital interests, generally do not apply in our case. Should such a legal basis nevertheless be relevant, it will be indicated at the appropriate point.

In addition to the EU regulation, national laws also apply:

  •  In Austria, this is the Federal Act on the Protection of Natural Persons with regard to the Processing of Personal Data (Data Protection Act), in short the DSG.
  •  In Germany, the Federal Data Protection Act applies, in short the BDSG.

If any additional regional or national laws apply, we will inform you in the following sections.

Contact Details of the Controller

If you have any questions regarding data protection, you will find the contact details of the responsible person or entity below:


Storage Period

We only store personal data for as long as it is strictly necessary for the provision of our services and products. This is a general principle we apply. This means that we delete personal data as soon as the reason for processing it no longer exists. In some cases, we are legally obliged to retain certain data even after the original purpose no longer applies, for example for accounting purposes.

If you request the deletion of your data or withdraw your consent to data processing, the data will be deleted as quickly as possible, provided there is no legal obligation to retain it.

We will inform you below about the specific duration of the respective data processing, provided we have further information on this.

Rights under the General Data Protection Regulation

Under Article 13 GDPR, you are entitled to the following rights to ensure fair and transparent data processing:

  •  Under Article 15 GDPR, you have the right to obtain information about whether we process data about you. If this is the case, you have the right to receive a copy of the data and to obtain the following information:
  •  for what purpose we carry out the processing;
  •  the categories, i.e. the types of data being processed;
  •  who receives this data and, if the data is transferred to third countries, how its security can be ensured;
  •  how long the data will be stored;
  •  the existence of the right to rectification, erasure, or restriction of processing, as well as the right to object to processing;
  •  that you can lodge a complaint with a supervisory authority (links to these authorities can be found below);
  •  the source of the data, if we did not collect it from you;
  •  whether profiling is carried out, i.e. whether data is automatically evaluated to create a personal profile of you.
  •  Under Article 16 GDPR, you have the right to rectification of your data, which means that we must correct the data if you identify any errors.
  •  Under Article 17 GDPR, you have the right to erasure (“right to be forgotten”), which means that you may request the deletion of your data.
  •  Under Article 18 GDPR, you have the right to restriction of processing, which means that we are only allowed to store the data but no longer use it.
  •  Under Article 19 GDPR, you have the right to data portability, which means that we must provide your data to you in a commonly used format upon request.
  •  Under Article 21 GDPR, you have the right to object, which, once exercised, results in a change in the processing of your data.
  •  If the processing of your data is based on Article 6(1)(e) (public interest, exercise of official authority) or Article 6(1)(f) (legitimate interests), you may object to the processing. We will then review as quickly as possible whether we can comply with this objection under the law.
  •  If data is used for direct marketing purposes, you may object to this type of data processing at any time. We may then no longer use your data for direct marketing.
  •  If data is used for profiling, you may object to this type of data processing at any time. We may then no longer use your data for profiling.
  •  Under Article 22 GDPR, you may have the right not to be subject to a decision based solely on automated processing (for example, profiling).

In short: You have rights – do not hesitate to contact the responsible party listed above!

If you believe that the processing of your data violates data protection law or that your data protection rights have been infringed in any other way, you can lodge a complaint with the supervisory authority. In Austria, this is the Data Protection Authority, whose website you can find at [https://www.dsb.gv.at/](https://www.dsb.gv.at/). In Germany, each federal state has its own data protection authority. For further information, you may contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI). The following local data protection authority is responsible for our company:


North Rhine-Westphalia Data Protection Authority

State Commissioner for Data Protection: Bettina Gayk

Address: Kavalleriestraße 2-4, 40213 Düsseldorf

Phone number.: 02 11/384 24-0

E-Mail: poststelle@ldi.nrw.de

Website: https://www.ldi.nrw.de/


Security of Data Processing

To protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymize personal data. In doing so, we make it as difficult as possible, within our capabilities, for third parties to infer personal information from our data.

Article 25 GDPR refers to “data protection by design and by default,” meaning that both software (e.g. forms) and hardware (e.g. access to the server room) must always take security into account, and appropriate measures must be implemented. In the following, we will, where necessary, also address specific measures in more detail.

TLS encryption with HTTPS

TLS, encryption, and HTTPS sound very technical—and they are. We use HTTPS (Hypertext Transfer Protocol Secure) to transmit data securely over the internet, protecting it from being intercepted.

This means that the entire transmission of all data from your browser to our web server is secured – no one can “listen in.”

This provides us with an additional layer of security and ensures compliance with data protection by design (Article 25(1) GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission over the internet, we can ensure the protection of confidential data.

You can recognize the use of this data transmission security by the small padlock symbol. in the top left of your browser, next to the internet address (e.g. example.com) and by the use of the https scheme (instead of http) as part of our website address.

If you would like to learn more about encryption, we recommend using Google to search for “Hypertext Transfer Protocol Secure wiki” to find useful links with further information.

Communication

Communication Summary

👥 Data subjects: Anyone who communicates with us via telephone, email, or online form.

📓 Processed data: e.g. telephone number, name, email address, data entered in forms. You can find more details in the respective type of contact used.

🤝 Purpose: Handling communication with customers, business partners, etc.

📅 Retention period: Duration of the business case and statutory requirements.

⚖️ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(b) GDPR (contract), Art. 6(1)(f) GDPR (legitimate interests).

If you contact us and communicate via telephone, email, or online form, this may result in the processing of personal data.

The data are processed for handling and processing your inquiry and the associated business transaction. The data are stored for as long as necessary or as long as required by law.


Data Subjects

All individuals who seek contact with us via the communication channels provided by us are affected by the above-mentioned processes.

Phone

If you call us, the call data is stored in a pseudonymized form on the respective device and by the telecommunications provider used. In addition, data such as name and telephone number may subsequently be sent by email and stored for the purpose of responding to the inquiry. The data are deleted as soon as the business case has been completed and legal requirements permit it.

E-Mail

If you communicate with us by email, data may be stored on the respective end device (computer, laptop, smartphone, etc.) and on the email server. The data are deleted as soon as the business case has been completed and legal requirements permit it.

Online Forms

If you communicate with us via an online form, data are stored on our web server and may be forwarded to one of our email addresses. The data are deleted as soon as the business case has been completed and legal requirements permit it.

Legal Bases

The processing of the data is based on the following legal bases:

  •  Art. 6(1)(a) GDPR (consent): You give us your consent to store your data and to use it further for purposes related to the business case;
  •  Art. 6(1)(b) GDPR (contract): It is necessary to fulfil a contract with you or a processor such as the telephone provider, or we must process the data for pre-contractual activities, such as preparing a quotation;
  •  Art. 6(1)(f) GDPR (legitimate interests): We aim to handle customer inquiries and business communication in a professional manner. For this purpose, certain technical systems such as email programs, exchange servers, and mobile network operators are necessary in order to ensure efficient communication.

Webhosting

Web Hosting Summary

👥 Data subjects: Website visitors

🤝 Purpose: professional hosting of the website and ensuring secure operation.

📓Processed data: IP address, time of website visit, browser used, and other data. You can find more details below or with the respective web hosting provider used.

📅 Retention period: depends on the respective provider, but usually 2 weeks.

⚖️ Legal basis: Art. 6(1)(f) GDPR (legitimate interests).

What's Webhosting?

When you visit websites today, certain information – including personal data – is automatically generated and stored, and this is also the case on this website. These data should be processed as sparingly as possible and only with justification. By website, we mean the entirety of all web pages under a domain, i.e. everything from the homepage to the very last subpage (like this one). By domain, we mean, for example, example.com or sampleexample.com.

If you want to view a website on a screen, you use a program called a web browser. You are probably familiar with some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari.

This web browser must connect to another computer where the website’s code is stored: the web server. Operating a web server is a complex and demanding task, which is why it is usually handled by professional providers. These providers offer web hosting and ensure reliable and error-free storage of website data.

When your browser on your computer (desktop, laptop, smartphone) connects to the web server and during data transmission to and from the web server, personal data may be processed. On the one hand, your computer stores data, and on the other hand, the web server must also temporarily store data to ensure proper operation. For illustration, see the following image:

Why do we process personal data?

The purposes of data processing are:

  •  Professional hosting of the website and ensuring secure operation.
  •  to maintain operational and IT security
  •  Anonymous analysis of access behavior to improve our services and, if necessary, for law enforcement or assertion of claims.

Which data are processed?

  •  the complete internet address (URL) of the accessed webpage (e.g. [https://www.beispielwebsite.de/beispielunterseite.html?tid=321293269](https://www.beispielwebsite.de/beispielunterseite.html?tid=321293269))
  •  browser and browser version (e.g. Chrome 87)
  •  the operating system used (e.g. Windows 10)
  •  the address (URL) of the previously visited page (referrer URL) (e.g. [https://www.beispielquellsite.de/vondabinichgekommen.html/](https://www.beispielquellsite.de/vondabinichgekommen.html/))
  •  the hostname and the IP address of the device from which access is made (e.g. COMPUTERNAME and 194.23.43.121)
  •  Date and Time
  •  in files, known as web server log files

How long is data stored?

As a rule, the data mentioned above is stored for two weeks and then automatically deleted. We do not share this data, but cannot rule out that it may be accessed by authorities in the event of unlawful behavior.

In short: your visit is logged by our provider (the company that runs our website on special computers (servers)), but we do not share your data without consent.



Legal Basis

The lawfulness of processing personal data in the context of web hosting arises from Art. 6(1)(f) GDPR (legitimate interests), because using professional hosting from a provider is necessary to present the company on the internet in a secure and user-friendly way and to be able to detect and, if necessary, pursue attacks and related claims.


Cookies


Cookies summary

👥 Data subjects: Website visitors

🤝 Purpose: depends on the respective cookie. You can find more details below or from the software provider that sets the cookie.

📓 Processed data: depends on the respective cookie used. You can find more details below or from the software provider that sets the cookie. .

📅 Storage duration: depends on the respective cookie and can vary from hours to years.

⚖️ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests).

What are cookies?

Our website uses HTTP cookies to store user-specific data. In the following, we explain what cookies are and why they are used so that you can better understand the privacy policy below.

Whenever you browse the internet, you use a browser. Common browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing cannot be denied: cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are also other types of cookies for different applications. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically placed in the cookie folder, essentially the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more additional attributes must also be specified.

Cookies store certain user data about you, such as language or personal page settings. When you visit our site again, your browser sends this “user-related” information back to our website. Thanks to cookies, our website knows who you are and provides you with the settings you are used to. In some browsers, each cookie has its own file; in others, such as Firefox, all cookies are stored in a single file.

The following graphic shows a possible interaction between a web browser such as Chrome and the web server. The web browser requests a website and receives a cookie from the server, which the browser then uses again when another page is requested.



 

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our website, while third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies, ranging from a few minutes to several years. Cookies are not software programs and do not contain viruses, trojans, or other “malware.” Cookies also cannot access information on your PC.

This is what cookie data can look like, for example:

Name: _ga

Value : GA1.2.1326744211.152321293269-9

Purpose: distinguishing website visitors

Expiration date: after 2 years

A browser should be able to support at least the following minimum sizes:

  • At least 4096 Bytes pro Cookie
  • At least 50 Cookies pro Domain
  • At least 3000 Cookies insgesamt

What types of cookies are there?

Four types of cookies can be distinguished:

Essential cookies

These cookies are necessary to ensure the basic functions of the website. For example, they are needed when a user adds a product to the shopping cart, continues browsing other pages, and only goes to checkout later. Thanks to these cookies, the shopping cart is not deleted even if the user closes the browser window.

Functional cookies: These cookies collect information about user behavior and whether the user receives any error messages. They are also used to measure loading times and how the website behaves in different browsers.

Targeted cookies: These cookies improve user-friendliness. For example, entered locations, font sizes, or form data are stored.

Advertising cookies: These cookies are also called targeting cookies. They are used to deliver individually tailored advertising to the user. This can be very useful, but also quite annoying.

Usually, when you visit a website for the first time, you are asked which of these types of cookies you would like to allow. And of course, this decision is also stored in a cookie.

If you would like to learn more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, dem Request for Comments der Internet Engineering Task Force (IETF) namens “HTTP State Management Mechanism”.

Purpose of processing via cookies

The purpose ultimately depends on the respective cookie. You can find more details below or from the software provider that sets the cookie.

Which data are processed?

Storage duration of cookies

You also have control over the storage duration yourself. You can manually delete all cookies at any time via your browser (see also “Right to object” below). Furthermore, cookies based on consent are deleted at the latest after you withdraw your consent, whereby the lawfulness of storage up to that point remains unaffected.



Right to object – how can I delete cookies?

You decide how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option to delete, deactivate, or only partially allow cookies. For example, you can block third-party cookies while allowing all other cookies.

If you want to find out which cookies are stored in your browser, or if you want to change or delete cookie settings, you can do so in your browser settings:

If you generally do not want cookies, you can set your browser so that it always notifies you when a cookie is about to be set. This allows you to decide for each individual cookie whether to allow it or not. The procedure varies depending on the browser. It is best to look up instructions on Google using the search terms “delete cookies Chrome” or “disable cookies Chrome” in the case of the Chrome browser.



Legal Basis

Since 2009, the so-called “cookie directives” have existed. They state that storing cookies requires your consent (Article 6(1)(a) GDPR). However, within EU countries there are still very different approaches to these directives. In Austria, this directive was implemented in Section 96(3) of the Telecommunications Act (TKG). In Germany, the cookie directive was not implemented as national law. Instead, it was largely implemented in Section 15(3) of the Telemedia Act (TMG).

For strictly necessary cookies, even where no consent has been given, there are legitimate interests (Article 6(1)(f) GDPR), which are in most cases of an economic nature. We want to provide website visitors with a pleasant user experience, and for this purpose certain cookies are often absolutely necessary.

To the extent that non-essential cookies are used, this only takes place with your consent. The legal basis in this case is Art. 6(1)(a) GDPR.

In the following sections, you will be informed in more detail about the use of cookies, insofar as the software used employs cookies.

Amazon Web Services (AWS) Privacy policy

We use Amazon Web Services (AWS) for our website, among other things as a web hosting provider. The service provider is the American company Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98109, USA.

We would like to point out that, according to the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. Data processing is primarily carried out by Amazon Web Services (AWS). This may result in data not being processed and stored anonymously in some cases. Furthermore, US government authorities may potentially gain access to individual data. It may also happen that this data is linked with data from other Amazon services for which you hold a user account.

You can find more information about the data processed through the use of Amazon Web Services (AWS) in the privacy policy at https://aws.amazon.com/de/privacy/ .

Facebook-Pixel Privacy policy


We use the Facebook Pixel from Facebook on our website. For this purpose, we have implemented a code on our website. The Facebook Pixel is a piece of JavaScript code that loads a set of functions that allow Facebook to track your user actions, provided you arrived at our website via Facebook ads. For example, if you purchase a product on our website, the Facebook Pixel is triggered and stores your actions on our website in one or more cookies. These cookies enable Facebook to match your user data (customer data such as IP address, user ID) with the data of your Facebook account. Facebook then deletes this data again. The collected data is anonymous to us and not accessible, and is only used for displaying advertisements. If you are a Facebook user and logged in, your visit to our website is automatically assigned to your Facebook user account.

We want to show our services and products only to people who are genuinely interested in them. With the help of the Facebook Pixel, our advertising measures can be better tailored to your wishes and interests. This way, Facebook users (provided they have allowed personalized advertising) are shown relevant ads. In addition, Facebook uses the collected data for analysis purposes and its own advertising campaigns.

Below we show you the cookies that were set on a test page through the integration of the Facebook Pixel. Please note that these are only example cookies. Depending on your interaction with our website, different cookies may be set.


Name: _fbp

Value : fb.1.1568287647279.257405483-6321293269-7

Purpose: This cookie is used by Facebook to display advertising products.

Expiration date: after 3 months

Name: fr

Value: 0aPf312HOS5Pboo2r..Bdeiuf…1.0.Bdeiuf.

Purpose: This cookie is used to ensure that the Facebook Pixel functions properly.

Expiration date: after 3 months

Name: comment_author_50ae8267e2bdf1253ec1a5769f48e062321293269-3

Value: name of the author

Purpose: This cookie stores the text and name of a user who, for example, leaves a comment.

Ablaufdatum: nach 12 Monaten  

Name: comment_author_url_50ae8267e2bdf1253ec1a5769f48e062

Value: https%3A%2F%2Fwww.testseite…%2F (URL des Autors)

Purpose: This cookie stores the URL of the website that the user enters into a text field on our website.

Ablaufdatum: nach 12 Monaten  

Name: comment_author_email_50ae8267e2bdf1253ec1a5769f48e062

Value: email address of the author

Purpose: This cookie stores the user’s email address, if they have provided it on the website.

Ablaufdatum: nach 12 Monaten  

Note: The cookies listed above relate to individual user behavior. In particular, when using cookies, changes by Facebook cannot be ruled out at any time.

If you are logged in to Facebook, you can manage your ad preferences under… https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen …adjust them yourself. If you are not a Facebook user, you can go to… http://www.youronlinechoices.com/de/praferenzmanagement/ manage your usage-based online advertising in general. There you have the option to enable or disable providers.

We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the United States. Data processing is carried out primarily through the Facebook Pixel. This may result in data not being processed and stored in an anonymized form in certain cases. Furthermore, U.S. government authorities may, where applicable, gain access to individual data. It may also occur that this data is linked with data from other Facebook services in which you hold a user account.

If you would like to learn more about Facebook’s data protection practices, we recommend the company’s own privacy policy at… https://www.facebook.com/policy.php.

Google Analytics Privacy Policy


Google Analytics privacy policy summary
👥 Affected individuals: website visitors
🤝 Purpose: Evaluation of visitor information to optimize the website offering.
📓 Processed data: access statistics that include data such as access locations, device data, duration and time of access, navigation behavior, click behavior, and IP addresses. More details can be found further below in this privacy policy. .
📅 Retention period: depends on the properties used.
⚖️ Legal basis: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)  

What is Google Analytics?

We use the analysis tracking tool Google Analytics (GA) from the American company Google LLC on our website. For the European region, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all Google services. Google Analytics collects data about your actions on our website. For example, if you click on a link, this action is stored in a cookie and sent to Google Analytics. Using the reports we receive from Google Analytics, we can better adapt our website and services to your needs. Below, we explain the tracking tool in more detail and inform you in particular about which data is stored and how you can prevent this.

Google Analytics is a tracking tool used to analyze the traffic on our website. For Google Analytics to work, a tracking code is embedded in the code of our website. When you visit our website, this code records various actions you take on our website. As soon as you leave our website, this data is sent to the Google Analytics servers and stored there.


Google processes the data, and we receive reports about your user behavior. These reports may include, among others:

  •  Audience reports: Through audience reports, we get to know our users better and gain a more precise understanding of who is interested in our service.
  •  Advertising reports: Advertising reports allow us to more easily analyze and improve our online advertising.
  •  Acquisition reports: Acquisition reports provide us with useful information about how we can attract more people to our service.
  •  Behavior reports: Here we learn how you interact with our website. We can track the path you take on our site and which links you click.
  •  Conversion reports: A conversion is a process in which you perform a desired action as a result of a marketing message. For example, when you change from a mere website visitor into a buyer or newsletter subscriber. With the help of these reports, we learn more about how our marketing measures are received by you. In this way, we aim to increase our conversion rate.
  •  Real-time reports: Here we can immediately see what is happening on our website at any given moment. For example, we can see how many users are currently reading this text.

Why do we use Google Analytics on our website?

The statistically analyzed data gives us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimize our site so that it is more easily found by interested people on Google. On the other hand, the data helps us better understand you as a visitor. This allows us to know very precisely what we need to improve on our website in order to provide you with the best possible service. The data also helps us carry out our advertising and marketing measures in a more individual and cost-effective way. Ultimately, it only makes sense to show our products and services to people who are interested in them.

Which data is stored by Google Analytics?

In order to analyze our website with Google Analytics, a property ID must be inserted into the tracking code. The data is then stored in the corresponding property. For each newly created property, the Google Analytics 4 property is the default. Alternatively, the Universal Analytics property can also be created. Depending on the property used, data is stored for different lengths of time.

Your interactions on our website are measured using identifiers such as cookies and app instance IDs. Interactions include all types of actions you perform on our website. If you also use other Google systems (such as a Google account), data generated via Google Analytics may be linked with third-party cookies. Google does not share Google Analytics data unless we, as the website operator, authorize it. Exceptions may occur if this is required by law.

The following cookies are used by Google Analytics:

Name: _ga

Value: 2.1326744211.152321293269-5

Purpose: By default, analytics.js uses the _ga cookie to store the user ID. It is generally used to distinguish website visitors.

Expiration date: after 2 years

Name: _gid

Value: 2.1687193234.152321293269-1

Purpose: The cookie is also used to distinguish website visitors.

Expiration date : After 24 Hours

Name: _gat_gtag_UA_<property-id>

Value: 1

Purpose: Used to reduce the request rate. If Google Analytics is provided via Google Tag Manager, this cookie is named *dc_gtm*<property-id>.

Expiration date: after 1 minute

Name: AMP_TOKEN

Value: no information provided

Purpose: The cookie contains a token used to retrieve a user ID from the AMP Client ID service. Other possible values indicate a logout, a request, or an error.

Expiration date: from 30 seconds up to one year.

Name: __utma

Value: 1564498958.1564498958.1564498958.1

Purpose: This cookie can be used to track your behavior on the website and measure performance. The cookie is updated each time information is sent to Google Analytics.

Expiration date: after 2 years

Name: __utmt

Value: 1

Purpose: This cookie is used, like *gat_gtag_UA*<property-id>, to throttle the request rate.

Expiration date: after 10 minutes

Name: __utmb

Value: 3.10.1564498958

Purpose: This cookie is used to determine new sessions. It is updated every time new data or information is sent to Google Analytics.

Expiration date: after 30 minutes

Name: __utmc

Value: 167421564

Purpose: This cookie is used to define new sessions for returning visitors. It is a session cookie and is only stored until you close your browser.

Expiration date: when the browser is closed.

Name: __utmz

Value: m|utmccn=(referral)|utmcmd=referral|utmcct=/

Purpose: This cookie is used to identify the source of traffic to our website. In other words, the cookie stores where you came from to reach our website. This may have been another site or an advertisement.

Expiration date : after 6 months

Name: __utmv

Value: no information provided

Purpose: This cookie is used to store custom user data. It is updated whenever information is sent to Google Analytics.

Expiration date: after 2 years

Note: This list cannot claim to be exhaustive, as Google regularly changes its choice of cookies.



Here we provide you with an overview of the most important data collected with Google Analytics:

Heatmaps: Google creates so-called heatmaps. Heatmaps show exactly which areas you click on. This allows us to see where you “move” on our website.

Session duration: Google defines session duration as the time you spend on our site without leaving it. If you are inactive for 20 minutes, the session ends automatically.

Bounce rate: A bounce occurs when you view only one page on our website and then leave our website again.

Account creation: If you create an account on our website or place an order, Google Analytics collects this data.

IP address: The IP address is only displayed in a shortened form so that no unique assignment is possible.

Location: The country and your approximate location can be determined via the IP address. This process is also referred to as IP-based geolocation.

Technical information: Technical information includes, among other things, your browser type, your internet service provider, or your screen resolution.

Source of origin: Google Analytics, and of course we are also interested in which website or which advertisement you came to our site from.

Other data includes contact details, any ratings, playback of media (e.g. if you play a video on our site), sharing of content via social media, or adding items to your favorites. This list does not claim to be exhaustive and is intended only as a general overview of data storage by Google Analytics.



How long and where is the data stored?

Google LLC has its servers distributed around the world. Most servers are located in the United States, and consequently your data is usually stored on American servers. Here you can read exactly where the Google data centers are located: [https://www.google.com/about/datacenters/inside/locations/?hl=de](https://www.google.com/about/datacenters/inside/locations/?hl=de)

Your data is distributed across various physical storage devices. This has the advantage that the data can be accessed more quickly and is better protected against manipulation. Each Google data center has appropriate emergency programs for your data. For example, if Google’s hardware fails or natural disasters take servers offline, the risk of service interruption at Google nevertheless remains low.

The retention period of the data depends on the properties used. When using the newer Google Analytics 4 properties, the retention period of your user data is set to 14 months. For other so-called event data, we have the option to choose a retention period of 2 months or 14 months.

For Universal Analytics properties, Google Analytics has a standardized retention period of 26 months for your user data. After that, your user data is deleted. However, we have the option to choose the retention period for user data ourselves. Five options are available to us for this:

  •  Deletion after 14 months
  •  Deletion after 26 months
  • Deletion after 38 months
  •  Deletion after 50 months
  •  No automatic deletion

Additionally, there is also the option for data to be deleted only when you no longer visit our website within the period we have selected. In this case, the retention period is reset each time you visit our website again within the defined period.

Once the defined period has expired, the data is deleted once per month. This retention period applies to your data that is linked to cookies, user recognition, and advertising IDs (e.g. cookies from the DoubleClick domain). Report results are based on aggregated data and are stored independently of user data. Aggregated data is a combination of individual data into a larger unit.



How can I delete my data or prevent data storage?

Under the data protection law of the European Union, you have the right to access your data, update it, delete it, or restrict its processing. By using the browser add-on to disable Google Analytics JavaScript (ga.js, analytics.js, dc.js), you can prevent Google Analytics from using your data. You can download and install the browser add-on at [https://tools.google.com/dlpage/gaoptout?hl=de](https://tools.google.com/dlpage/gaoptout?hl=de). Please note that this add-on only disables data collection by Google Analytics.

If you want to generally disable, delete, or manage cookies (regardless of Google Analytics), each browser provides its own instructions:

Chrome: Cookies in Chrome delete, enable, and manage

Safari: Managing Cookies and Website Data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer. Cookies löschen, um Daten zu entfernen, die Websites auf Ihrem Computer abgelegt haben

Internet Explorer: Deleting and managing Cookies

Microsoft Edge: Deleting and managing Cookies


Legal Basis

The use of Google Analytics requires your consent, which we have obtained via our cookie pop-up. According to Art. 6(1)(a) of the GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as may occur in the collection carried out by web analytics tools.

In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors in order to improve our website both technically and economically. With the help of Google Analytics, we can identify website errors, detect attacks, and improve efficiency. The legal basis for this is Art. 6(1)(f) GDPR (legitimate interests). However, we only use Google Analytics if you have given your consent.

Google also processes data in the United States, among other locations. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of data protection for data transfers to the USA. This may be associated with various risks regarding the legality and security of data processing.

As a basis for data processing with recipients located in third countries (outside the European Union, Iceland, Liechtenstein, and Norway, in particular in the USA) or for data transfers to such countries, Google uses Standard Contractual Clauses approved by the European Commission (Art. 46(2) and (3) GDPR). These clauses oblige Google to comply with the EU data protection level when processing relevant data outside the EU as well. These clauses are based on an implementing decision of the European Commission. You can find the decision and the clauses here, among other places: https://ec.europa.eu/germany/news/20210604-datentransfers-eu_de.

We hope we have been able to provide you with the most important information regarding Google Analytics data processing. If you would like to learn more about this tracking service, we recommend the following two links: http://www.google.com/analytics/terms/de.html und https://support.google.com/analytics/answer/6004245?hl=de.



Google Analytics IP anonymization

We have implemented IP anonymization for Google Analytics on this website. This function was developed by Google to help this website comply with applicable data protection regulations and recommendations from local data protection authorities, in cases where the storage of full IP addresses is not permitted. The anonymization or masking of the IP address takes place as soon as the IP addresses enter the Google Analytics data collection network and before any storage or processing of the data occurs. You can find more information about IP anonymization at: [https://support.google.com/analytics/answer/2763052?hl=en](https://support.google.com/analytics/answer/2763052?hl=en)

Google Analytics reports on demographic characteristics and interests

We have enabled advertising reporting features in Google Analytics. The reports on demographic characteristics and interests include information about age, gender, and interests. This allows us—without being able to assign this data to individual persons—to gain a better understanding of our users. You can learn more about the advertising features at: https://support.google.com/analytics/answer/3450482?hl=de_AT&utm_id=ad.

You can control the use of the activities and information associated with your Google account under “Ad Settings” at: https://adssettings.google.com/authenticated by opting out via a checkbox.

Google Analytics addendum to data processing

We have concluded a direct customer contract with Google for the use of Google Analytics by accepting the “Data Processing Addendum” in Google Analytics. You can find more information about the Google Analytics Data Processing Addendum here: https://support.google.com/analytics/answer/3379636?hl=de&utm_id=ad

Google Tag Manager Privacy Policy

Google Tag Manager Privacy Policy – Summary:

👥 Affected persons: website visitors

🤝 Purpose: management and organization of individual tracking tools.

📓 Processed data: Google Tag Manager itself does not store any data. The data is collected by the tags of the web analytics tools used.

📅 Retention period: depends on the web analytics tool used.

Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests).

What is Google Tag Manager?

For our website, we use the Google Tag Manager provided by Google. For the European region, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all Google services. This Tag Manager is one of many useful marketing products from Google. With Google Tag Manager, we can centrally integrate and manage code snippets from various tracking tools that we use on our website.

In this privacy policy, we would like to explain in more detail what Google Tag Manager does, why we use it, and in what form data is processed.

Google Tag Manager is an organization tool that allows us to integrate and manage website tags centrally via a user interface. Tags are small code snippets that, for example, record (track) your activities on our website. For this purpose, JavaScript code snippets are inserted into the source code of our site. The tags often come from Google’s own products such as Google Ads or Google Analytics, but tags from other companies can also be integrated and managed via the Tag Manager. These tags perform various tasks. They can collect browser data, supply marketing tools with data, embed buttons, set cookies, and also track users across multiple websites.


Why do we use Google Tag Manager for our website?

As the saying goes: organisation is half the battle! And of course, this also applies to maintaining our website. In order to design our website as well as possible for you and for everyone interested in our products and services, we use various tracking tools such as Google Analytics. The data collected by these tools shows us what interests you most, where we can improve our services, and which people we should show our offers to. To make this tracking work, we need to integrate corresponding JavaScript codes into our website. In principle, we could insert each code snippet of the individual tracking tools separately into our source code. However, this takes quite a lot of time and it is easy to lose track. That is why we use Google Tag Manager. We can easily integrate the required scripts and manage them from one place. In addition, Google Tag Manager offers an easy-to-use interface and does not require any programming knowledge. This helps us keep order in our tag jungle.



What data is stored by Google Tag Manager?

The Tag Manager itself is a domain that does not set cookies and does not store any data. It functions merely as a “manager” of the implemented tags. The data is collected by the individual tags of the various web analytics tools. The data is essentially passed through Google Tag Manager to the individual tracking tools and is not stored.

Things look quite different, however, with the integrated tags of the various web analytics tools, such as Google Analytics. Depending on the analytics tool, various data about your web behavior is usually collected, stored, and processed with the help of cookies. For more information, please refer to our privacy policy texts for the individual analysis and tracking tools we use on our website.

In the Tag Manager account settings, we have allowed Google to receive anonymized data from us. However, this only relates to the use and operation of our Tag Manager and not to your data that is collected via the code snippets. We enable Google and others to receive selected data in anonymized form. We therefore consent to the anonymous transfer of our website data. Which aggregated and anonymized data is specifically transmitted could not be determined by us, despite extensive research. In any case, Google removes all information that could identify our website. Google combines the data with hundreds of other anonymized website datasets and uses it to create user trends as part of benchmarking measures. Benchmarking involves comparing one’s own results with those of competitors. Based on the collected information, processes can be optimized.



How long and where are the data stored?

How long and where is the data stored? If Google stores data, it is stored on Google’s own servers. These servers are distributed around the world. Most of them are located in America. Under https://www.google.com/about/datacenters/inside/locations/?hl=de you can read in detail where the Google servers are located.

How long the individual tracking tools store your data can be found in our individual privacy policy texts for each tool.



How can I delete my data or prevent data storage?

Google Tag Manager itself does not set cookies; it manages tags from various tracking services. In our privacy policy texts for the individual tracking tools, you will find detailed information on how you can delete or manage your data.

Please note that when using this tool, your data may also be stored and processed outside the EU. Most third countries — including the USA — are currently considered not secure under European data protection law. Data may therefore not simply be transferred to, stored and processed in such insecure third countries unless appropriate safeguards, such as EU Standard Contractual Clauses, exist between us and the non-European service provider.  


Legal basis

The use of Google Tag Manager requires your consent, which we have obtained via our cookie pop-up. According to Art. 6(1)(a) GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as may occur in the collection by web analytics tools.

In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors in order to improve our offering both technically and economically. With the help of Google Tag Manager, we can improve efficiency. The legal basis for this is Art. 6(1)(f) GDPR (legitimate interests). However, we only use Google Tag Manager if you have given your consent.

Google also processes data in the United States, among other locations. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of data protection for data transfers to the USA. This may be associated with various risks regarding the legality and security of data processing.

As a basis for data processing with recipients located in third countries (outside the European Union, Iceland, Liechtenstein, and Norway, in particular the USA) or for data transfers to such countries, Google uses Standard Contractual Clauses approved by the European Commission (Art. 46(2) and (3) GDPR). These clauses oblige Google to comply with the EU data protection level when processing relevant data outside the EU. These clauses are based on an implementing decision of the European Commission. You can find the decision and the clauses here, among other places: https://ec.europa.eu/germany/news/20210604-datentransfers-eu_de.

If you would like to learn more about Google Tag Manager, we recommend the FAQs at https://www.google.com/intl/de/tagmanager/faq.html.



Google Analytics Google Signals Privacy Policy

We have enabled Google Signals in Google Analytics. This updates the existing Google Analytics features (advertising reporting, remarketing, cross-device reports, and reports on interests and demographic characteristics) to receive aggregated and anonymized data from you, provided that you have allowed personalized ads in your Google account.

The special feature of this is that it involves cross-device tracking. This means your data can be analyzed across multiple devices. By activating Google Signals, data is collected and linked to your Google account. This allows Google, for example, to recognize when you view a product on our website via a smartphone and later purchase the product using a laptop. Thanks to the activation of Google Signals, we can run cross-device remarketing campaigns that would otherwise not be possible in this form. Remarketing means that we can also display our offers to you on other websites.

In Google Analytics, Google Signals also collects additional visitor data such as location, search history, YouTube history, and data about your actions on our website. This provides us with better advertising reports from Google and more useful information about your interests and demographic characteristics. This includes your age, the language you speak, where you live, or your gender. In addition, social criteria such as your occupation, marital status, or income may also be included. All of these characteristics help Google Analytics define groups of people or target audiences.

These reports also help us better understand your behavior, wishes, and interests. This allows us to optimize and tailor our services and products for you. This data expires by default after 26 months. Please note that this data collection only takes place if you have enabled personalized advertising in your Google account. The data is always aggregated and anonymized and never relates to individual persons. You can manage or delete this data in your Google account.

E-Mail-Marketing

Email marketing summary:

👥 Data subjects: newsletter subscribers

🤝 Purpose: direct advertising via email, notification about system-relevant events.

📓 Processed data: data entered during registration, but at least the email address. More details can be found in the respective email marketing tool used.

📅 Retention period: duration of the subscription.

⚖️ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests).


What is email marketing?

To keep you up to date at all times, we also use email marketing. In this process, provided that you have agreed to receive our emails or newsletters, data from you is also processed and stored. Email marketing is a sub-area of online marketing. It involves sending news or general information about a company, products, or services by email to a specific group of people who are interested in them.

If you would like to participate in our email marketing (usually via newsletter), you normally only need to register with your email address. To do so, you fill out an online form and submit it. However, it may also happen that we ask for your salutation and name so that we can address you personally.

In principle, subscribing to newsletters works using the so-called “double opt-in procedure”. After you have registered for our newsletter on our website, you will receive an email in which you must confirm your newsletter subscription. This ensures that the email address belongs to you and that no one has registered with a third-party email address. We or a notification tool used by us log each individual registration. This is necessary in order to be able to prove a legally correct registration process. In doing so, the time of registration, the time of confirmation of registration, and your IP address are usually stored. In addition, any changes you make to your stored data are also logged.



Why do we use email marketing?

We naturally want to stay in contact with you and regularly present you with the most important news about our company. For this purpose, we use email marketing—often referred to simply as a “newsletter”—as an essential part of our online marketing. Provided that you have consented or where legally permitted, we send you newsletters, system emails, or other email notifications. When we use the term “newsletter” in the following text, we mainly refer to regularly sent emails. Of course, we do not want to bother you with our newsletters in any way. That is why we always strive to provide only relevant and interesting content. For example, you can learn more about our company, our services, or our products. Since we are constantly improving our offerings, our newsletter also keeps you informed about new developments or special, attractive promotions. If we commission a service provider that offers a professional email dispatch tool for our email marketing, we do so in order to provide you with fast and secure newsletters. The purpose of our email marketing is generally to inform you about new offers and also to move closer to our business goals.



Which data is processed?  

If you subscribe to our newsletter via our website, you confirm your membership in an email list by email. In addition to your IP address and email address, your title, name, address, and telephone number may also be stored. However, this only happens if you consent to this data storage. The data marked as such is necessary for you to participate in the service offered. Providing it is voluntary, but if you do not provide it, you will not be able to use the service. In addition, information about your device or your preferred content on our website may also be stored. For more information about data storage when visiting a website, please refer to the section “Automatic Data Storage.” We record your consent declaration so that we can always prove that it complies with legal requirements.



Duration of data processing  

If you unsubscribe your email address from our email/newsletter distribution list, we may store your address for up to three years on the basis of our legitimate interests in order to be able to prove your prior consent. We are only permitted to process this data if we need to defend ourselves against any claims.

However, if you confirm that you have given us your consent to subscribe to the newsletter, you can submit an individual deletion request at any time. If you permanently withdraw your consent, we reserve the right to store your email address on a blocklist. As long as you voluntarily subscribe to our newsletter, we will of course retain your email address.



Right to object

You can cancel your newsletter subscription at any time. To do so, you simply need to withdraw your consent to receive the newsletter. This usually takes only a few seconds or one or two clicks. In most cases, you will find a link at the end of each email to unsubscribe from the newsletter. If you cannot find the link in the newsletter, please contact us by email and we will immediately cancel your newsletter subscription.



Legal basis

The sending of our newsletter is based on your consent (Article 6(1)(a) GDPR). This means we are only permitted to send you a newsletter if you have previously actively subscribed to it. In certain cases, we may also send you advertising messages on the basis of Section 7(3) of the German Unfair Competition Act (UWG), provided you have become our customer and have not objected to the use of your email address for direct marketing.

Information on specific email marketing services and how they process personal data can be found—where available—in the following sections.

Push notifications

Push notifications – summary:

👥Data subjects: push notification subscribers.

🤝 Purpose: notification of system-relevant and interesting events.

📓 Processed data: data entered during registration, usually also location data. More details can be found in the respective push notification tool used.

📅 Retention period: data is usually stored for as long as necessary to provide the services.

⚖️ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(b) GDPR (contract).


What are push notifications?

We also use so-called push notification services on our website to keep our users up to date at all times. This means that if you have consented to the use of such push notifications, we can send you short news messages using a software tool. Push notifications are a form of text message that appears directly on your smartphone or other devices such as tablets or PCs if you have subscribed to them. You receive these messages even when you are not on our website or actively using our service. In this process, data about your location and usage behavior may also be collected and stored.



Why do we use push notifications?

On the one hand, we use push notifications to be able to fully provide the services we have contractually agreed with you. On the other hand, the messages also serve our online marketing. With the help of these notifications, we can present our services or products to you in more detail. Especially when there are new developments in our company, we can inform you about them immediately. We aim to get to know the preferences and habits of all our users as well as possible in order to continuously improve our offering.



Which data is processed?  

In order for you to receive push notifications, you must also confirm that you wish to receive these messages. The data collected during the consent process is also stored, managed, and processed. This is necessary to prove and verify that a user has agreed to receive push notifications. For this purpose, a so-called device token or push token is stored in your browser. As a rule, data about your location or the location of your device is also stored.

In order to ensure that we always send interesting and relevant push notifications, the handling of these messages is also evaluated statistically. For example, we can see whether and when you open a message. With the help of these insights, we can adapt our communication strategy to your wishes and interests. Although these stored data can be assigned to you, we do not intend to evaluate you as an individual. Rather, we are interested in the aggregated data of all our users so that we can make improvements. Which specific data is stored can be found in the privacy policies of the respective service providers.



Duration of data processing  

The duration for which data is processed and stored primarily depends on the tool we use. Further below, you will find more information about the data processing of the individual tools. The providers’ privacy policies usually state exactly which data is stored and for how long it is processed. In general, personal data is only processed for as long as is necessary to provide our services. If data is stored in cookies, the retention period can vary greatly. The data may be deleted immediately after leaving a website, but it may also be stored for several years. Therefore, if you want more detailed information about data storage, you should look at each individual cookie. In most cases, you will also find detailed information about the individual cookies in the providers’ privacy policies.



Legal basis

It is also possible that push notifications are necessary in order to fulfil certain obligations set out in a contract. For example, to inform you about technical or organizational updates. In this case, the legal basis is Art. 6(1)(b) GDPR.

If this is not the case, push notifications are sent solely on the basis of your consent. Our push notifications may, in particular, contain promotional content. Push notifications may also be sent depending on your location as indicated by your device. The analytical evaluations mentioned above are also based on your consent to receive such messages. The legal basis for this is Art. 6(1)(a) GDPR. Of course, you can revoke your consent or change various settings at any time in your settings.

Online-Marketing

Online marketing privacy policy – summary:

👥 Affected persons: website visitors

🤝 Purpose: analysis of visitor information to optimize the website offering.

📓 Processed data: access statistics, which include data such as access locations, device data, duration and time of access, navigation behavior, click behavior, and IP addresses. Personal data such as name or email address may also be processed. More details can be found in the respective online marketing tool used.

📅 Retention period: depends on the online marketing tools used.

⚖️ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests).

What is online marketing?

Online marketing refers to all measures carried out online to achieve marketing goals such as increasing brand awareness or completing a business transaction. Furthermore, our online marketing activities aim to draw people’s attention to our website. In order to present our offering to as many interested people as possible, we therefore engage in online marketing. This usually includes online advertising, content marketing, or search engine optimization. To use online marketing efficiently and in a targeted manner, personal data is also stored and processed. On the one hand, this data helps us show our content only to those people who are actually interested in it, and on the other hand, we can measure the success of our online marketing measures.



Why do we use online marketing tools?

We want to show our website to everyone who is interested in our offer. We are aware that this is not possible without deliberately implemented measures. That is why we engage in online marketing. There are various tools that make it easier for us to carry out our online marketing activities and also continuously provide improvement suggestions based on data. This allows us to tailor our campaigns more precisely to our target audience. The purpose of these online marketing tools is therefore ultimately the optimization of our offering.



Which data is processed?  

In order for our online marketing to work and for the success of our measures to be measured, user profiles are created and data is stored, for example in cookies (small text files). With the help of this data, we can not only display advertising in the traditional sense, but also present our content on our website in a way that best suits you. For this purpose, various third-party tools are used that provide these functions and also collect and store data from you. The cookies mentioned may store, for example, which pages you have visited on our website, how long you viewed them, which links or buttons you clicked, or from which website you arrived at ours. In addition, technical information may also be stored, such as your IP address, the browser you are using, the device you use to access our website, or the time when you accessed and left our website. If you have consented to us determining your location, we may also store and process this information.

Your IP address is stored in pseudonymized form (i.e. in a shortened format). Unique data that directly identifies you as a person, such as your name, address, or email address, is also stored only in pseudonymized form within advertising and online marketing processes. This means we cannot identify you as a person; we only have access to the pseudonymized information stored in the user profiles.

The cookies may also, in some cases, be used, analyzed, and utilized for advertising purposes on other websites that work with the same advertising tools. The data may also be stored on the servers of the advertising tool providers.

In exceptional cases, unique data (such as name, email address, etc.) may also be stored in user profiles. This may occur, for example, if you are a member of a social media channel that we use for our online marketing activities and the network links previously collected data with the user profile.

For all advertising tools we use that store data about you on their servers, we only ever receive aggregated information and never data that would make you identifiable as an individual. The data merely shows how effective the advertising measures were. For example, we can see which measures led you or other users to visit our website and purchase a service or product there. Based on these analyses, we can improve our advertising in the future and tailor it more precisely to the needs and wishes of interested users.

Duration of data processing  

We will inform you about the duration of data processing further below, where we have additional information available. In general, we only process personal data for as long as it is strictly necessary to provide our services and products. Data stored in cookies is retained for varying periods of time. Some cookies are deleted immediately after you leave the website, while others may remain stored in your browser for several years. In the respective privacy policies of the individual providers, you will usually find detailed information about the specific cookies used by the provider.



Right to object

You also have the right and the option to withdraw your consent to the use of cookies or third-party providers at any time. This can be done either via our cookie management tool or through other opt-out functions. For example, you can also prevent data collection through cookies by managing, disabling, or deleting cookies in your browser. The lawfulness of processing carried out up to the time of withdrawal remains unaffected.

Since online marketing tools generally use cookies, we also recommend our general privacy policy on cookies. To find out exactly which data about you is stored and processed, you should read the privacy policies of the respective tools.



Legal basis

If you have consented to the use of third-party providers, the legal basis for the corresponding data processing is this consent. According to Art. 6(1)(a) GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as may occur in the collection by online marketing tools.

On our part, there is also a legitimate interest in measuring online marketing measures in anonymized form in order to optimize our services and actions using the data obtained. The corresponding legal basis for this is Art. 6(1)(f) GDPR (legitimate interests). However, we only use the tools if you have given your consent.

Information on specific online marketing tools can be found—where available—in the following sections.



Facebook Conversions API privacy policy

We use Facebook Conversions API on our website, a server-side event tracking tool. The service provider is the US company Facebook Inc. For the European region, Facebook Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) is responsible.

Facebook Conversions API also processes data in the United States, among other locations. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of data protection for data transfers to the USA. This may be associated with various risks regarding the legality and security of data processing.

As a basis for data processing with recipients located in third countries (outside the European Union, Iceland, Liechtenstein, and Norway, in particular the USA) or for data transfers to such countries, Facebook Conversions API uses Standard Contractual Clauses approved by the EU Commission (Art. 46(2) and (3) GDPR). These clauses oblige Facebook Conversions API to comply with the EU data protection level when processing relevant data outside the EU. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the clauses here, among other sources: [https://ec.europa.eu/germany/news/20210604-datentransfers-eu_de](https://ec.europa.eu/germany/news/20210604-datentransfers-eu_de).

You can learn more about the data processed through the use of the Facebook Conversions API in the Privacy Policy at [https://www.facebook.com/about/privacy](https://www.facebook.com/about/privacy).



Facebook Custom Audiences Privacy Policy

We use Facebook Custom Audiences on our website, a server-side event tracking tool. The service provider is the American company Facebook Inc. For the European region, Facebook Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) is responsible.

Facebook also processes data in the USA, among other countries. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may entail various risks regarding the lawfulness and security of data processing.

As the basis for data processing by recipients located in third countries — outside the European Union, Iceland, Liechtenstein and Norway, in particular in the USA — or for data transfers to such countries, Facebook uses Standard Contractual Clauses approved by the European Commission (= Art. 46(2) and (3) GDPR). These clauses require Facebook to comply with the EU level of data protection when processing relevant data, even outside the EU. These clauses are based on an implementing decision by the European Commission. You can find the decision and the clauses, among other places, here: https://ec.europa.eu/germany/news/20210604-datentransfers-eu_de.

You can learn more about the data processed through the use of Facebook Custom Audiences in the Privacy Policy at https://www.facebook.com/about/privacy

Microsoft Advertising Privacy Policy

Microsoft Advertising Privacy Policy Summary:

👥 Affected persons: website visitors

🤝 Purpose: commercial success and the optimization of our service performance.

📓 Data processed: access statistics containing data such as access locations, device data, duration and time of access, navigation behavior, click behavior and IP addresses. Personal data such as name or email address may also be processed.

📅Storage period: Microsoft stores the data until it is no longer required to fulfill the purposes.

⚖️ Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests).

What is Microsoft Advertising?

For our online marketing measures, we also use the Microsoft Advertising program provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. With the help of Microsoft Advertising, we aim to draw many people’s attention to the high quality of our products and/or services. For this purpose, we use a technology — a conversion tracking tool — from Microsoft on our website, which also stores data about you. In this Privacy Policy, we explain this service in more detail, show you which data is stored, managed and processed, and explain how you can prevent this data storage.

You may be more familiar with Microsoft Advertising by its former name, “Bing Ads”. It is an advertising program from Microsoft based on a pay-per-click system. This means that advertisers can place ads via the Bing and Yahoo! search engines and only pay when a user clicks on the ad.



Why do we use Microsoft Advertising?

We are convinced of our offers and naturally want to present them to a broad audience. With Microsoft Advertising, we can introduce our products or services specifically to those people who are genuinely interested in them. We do not want to present our products only on the well-known Google search engine, but also on Bing and Yahoo! With Microsoft Advertising, we also have the option of placing ads in the so-called “Microsoft Audience Network”. For example, this also allows us to place advertisements on LinkedIn. Through conversion tracking, we can learn, for example, which ad led you to us, which subpages you particularly like, and which actions you perform on our website. This data enables us to adapt our website, our advertisements and our offers much better to your needs.



What data is stored by Microsoft Advertising?

We have integrated a conversion tracking tag — a small code snippet — from Microsoft Advertising into our website. This is the so-called Universal Event Tracking (UET) tag. When you access our website via a Microsoft advertisement, we can use this tracking tool to learn more about your user behavior on our website. For example, we can see which keyword or ad brought you to us, what you click on our website, how many people visit our website via Microsoft Ads, and how long you stay on our website. All of this data relates to user behavior and not to personal data. This means that we only receive data or analyses regarding your web behavior, but no personal information. Microsoft uses the data to optimize its own advertising services and other services. If you have a Microsoft account yourself, the collected data may be linked to your account. It may therefore also be possible for Microsoft to recognize and store your IP address. In order to store all this data about your user behavior, the following cookie is set in your browser after you have accessed our website via a Microsoft advertisement:

Name: MUIDB

Value: 08A53CA3313F6255044C307E353F61CD

Purpose: This cookie is set by our embedded Microsoft tag — UET tag — and is used for synchronization across various Microsoft websites. This allows users to be recognized across different domains.

Expiry date: after one year

However, if you access our website via a Bing ad, other cookies may also be set in your browser. Here we show you a selection of additional cookies:

Name: ABDEF

Value: V=0&ABDV=0&MRNB=1594294373452&MRB=0321293269-7

Purpose: We were unable to obtain more detailed information about this cookie.

Expiry date: after one year

Name: SRCHD

Value: AF=NOFORM

Verwendungszweck: Dieses Cookie ist für die Funktionalität des Trackings bzw. der Website verantwortlich.

Expiry date: after one year

Name: SRCHHPGUSR

Value: WTS=63729889193&HV=1594294374&CW=1920&CH=937&DPR=1&UTC=120&DM=0

Verwendungszweck: Dieses Cookie verfolgt und speichert Ihr Nutzerverhalten auf unserer Website und die Interaktion der Bing-Map-Schnittstelle.

Expiry date: after one year

Name: SRCHUID

Value: V=2&GUID=157B20CCF36A43F3A4AE9790346EB7A7&dmnchg=1

Purpose: This cookie tracks and stores your user behavior on our website and your interaction with the Bing Maps API.

Expiry date: after one year

Name: _EDGE_S

Value: mkt=de-at&SID=2EE7002D956A61511D280F2F9474607321293269-2

Purpose: This cookie collects and stores your user behavior across multiple websites. The purpose of targeting is to better adapt advertising measures to the interests of our target audience.

Expiry date: after the end of the browser session.

Name: _SS

Value: SID=2EE7002D956A61511D280F2F94746077321293269-9

Purpose: Among other things, this cookie is used to recognize how you, as a user, accessed our website — that is, which advertisement directed you to our website.

Expiry date: after one year


How long and where are the data stored?

We have no influence over how Microsoft further uses the collected user data. Microsoft operates its own servers worldwide. Most of them are located in the United States, which means that your data may also be stored, managed and processed on American servers. Microsoft stores data — especially personal data — for as long as it is necessary to provide its own services or products, or for legal purposes. Microsoft also states that the actual retention period varies greatly and depends on the respective product.

For search queries via Bing, Microsoft deletes your stored search queries after 6 months by deleting your IP address. Cookie IDs, such as those generated via the MUID cookie, are anonymized after 18 months.



How can I delete my data or prevent data storage?

You have the option at any time not to participate in Microsoft Ads conversion tracking. If you do not want interest-based advertisements from Microsoft Advertising to be displayed to you, you can use...  https://account.microsoft.com/privacy/ad-settings/signedout disable this function. In addition, you can also disable, manage or delete all cookies in your browser. This works slightly differently in each browser. You can find instructions for the most common browsers here:

Chrome:   Delete,enable and manage cookies in Chrome

Safari:   Managing cookies and website data in Safari

Firefox:  Delete cookies to remove data that websites have stored on your Computer.

Internet Explorer:   Delete and manage cookies

Microsoft Edge:   Delete and manage cookies


Legal basis

If you have consented to the use of Microsoft Advertising, the legal basis for the corresponding data processing is this consent. According to Art. 6(1)(a) GDPR — consent — this consent constitutes the legal basis for the processing of personal data, as may occur when data is collected through Microsoft Advertising.

We also have a legitimate interest in using Microsoft Advertising in order to optimize our online service and marketing measures. The corresponding legal basis for this is Art. 6(1)(f) GDPR — legitimate interests. Nevertheless, we only use Microsoft Advertising if you have given your consent.

Microsoft also processes data in the USA, among other countries. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may entail various risks regarding the lawfulness and security of data processing.

As the basis for data processing by recipients located in third countries — outside the European Union, Iceland, Liechtenstein and Norway, in particular in the USA — or for data transfers to such countries, Microsoft uses Standard Contractual Clauses approved by the European Commission (= Art. 46(2) and (3) GDPR). These clauses require Microsoft to comply with the EU level of data protection when processing relevant data, even outside the EU. These clauses are based on an implementing decision by the European Commission. You can find the decision and the clauses, among other places, here: https://ec.europa.eu/germany/news/20210604-datentransfers-eu_de.

We hope we have provided you with an overview of data processing through Microsoft Ads conversion tracking. Of course, it is always possible that Microsoft’s privacy policies may change. For more information and to stay up to date, we also recommend Microsoft’s Privacy Statement at https://privacy.microsoft.com/de-de/privacystatement.

Cookiebot Privacy Policy

Cookiebot Privacy Policy Summary:

👥 Affected persons: website visitors

🤝 Purpose: obtaining consent for certain cookies and therefore for the use of certain tools.

📓 Data processed: data used to manage the selected cookie settings, such as IP address, time of consent, type of consent and individual consents. You can find more details in the respective tool used.

📅 Storage period: the data is deleted after one year.

⚖️ Legal bases: Art. 6(1)(a) GDPR — consent; Art. 6(1)(f) GDPR — legitimate interests.

What is Cookiebot?

We use functions provided by Cookiebot on our website. Cookiebot is operated by Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark. Among other things, Cookiebot enables us to provide you with a comprehensive cookie notice — also referred to as a cookie banner or cookie notice. By using this function, data about you may be sent to Cookiebot or Cybot, stored and processed. In this Privacy Policy, we inform you why we use Cookiebot, which data is transferred, and how you can prevent this data transfer.

Cookiebot is a software product provided by the company Cybot. The software automatically creates a GDPR-compliant cookie notice for our website visitors. In addition, the technology behind Cookiebot scans, controls and evaluates all cookies and tracking measures on our website.



Why do we use Cookiebot on our website?

We take data protection very seriously. We want to show you exactly what happens on our website and which of your data is stored. Cookiebot helps us obtain a clear overview of all our cookies — first-party and third-party cookies. This enables us to inform you precisely and transparently about the use of cookies on our website. You always receive an up-to-date and data protection-compliant cookie notice and can decide for yourself which cookies you allow and which you do not.



What data is stored by Cookiebot?

If you allow cookies, the following data is transferred to Cybot, stored and processed.

  • IP address — in anonymized form; the last 3 digits are set to 0.
  • Date and time of your consent.
  • our website URL
  • technical browser data
  • encrypted, anonymous key
  • the cookies you have allowed — as proof of consent.

The following cookies are set by Cookiebot if you have consented to the use of cookies:

Name: CookieConsent

Value: {stamp:’P7to4eNgIHvJvDerjKneBsmJQd9321293269-2

Purpose: Your consent status is stored in this cookie. This allows our website to read and follow the current status during future visits as well.

Expiry date: after one year

Name: CookieConsentBulkTicket

Value: kDSPWpA%2fjhljZKClPqsncfR8SveTnNWhys5NojaxdFYBPjZ2PaDnUw%3d%3321293269-6

Purpose: This cookie is set if you allow all cookies and therefore activate “bulk consent”. The cookie then stores its own random and unique ID.

Expiry date: after one year

Note: Please bear in mind that this is an exemplary list and that we cannot claim it to be complete. In the Cookie Declaration at https://www.cookiebot.com/de/cookie-declaration/ you can see which other cookies may be used.

According to Cybot’s Privacy Policy, the company does not sell personal data. However, Cybot does share data with trusted third parties or subcontractors that help the company achieve its own business objectives. Data is also shared when this is legally required.



How long and where are the data stored?

All collected data is transferred, stored and forwarded exclusively within the European Union. The data is stored in an Azure data center — the cloud provider is Microsoft. On https://azure.microsoft.com/de-de/global-infrastructure/regions/ you can learn more about all “Azure regions”. All user data is deleted by Cookiebot after 12 months from registration — cookie consent — or immediately after termination of the Cookiebot service.



How can I delete my data or prevent data storage?

You have the right to access and delete your personal data at any time. You can prevent data collection and storage, for example, by rejecting the use of cookies via the cookie notice. Your browser also provides another way to prevent data processing or manage it according to your preferences. Cookie management works slightly differently depending on the browser. Here you can find the instructions for the currently most popular browsers:

Chrome:   Delete,enable and manage cookies in Chrome

Safari:   Managing cookies and website data in Safari

Firefox:  Delete cookies to remove data that websites have stored on your Computer.

Internet Explorer:   Delete and manage cookies

Microsoft Edge:   Delete and manage cookies


Legal basis

If you consent to cookies, personal data about you is processed and stored via these cookies. If we are permitted to use cookies based on your consent — Art. 6(1)(a) GDPR — this consent also serves as the legal basis for the use of cookies and the processing of your data. Cookiebot is used in order to manage cookie consent and to enable you to give your consent. The use of this software allows us to operate the website efficiently and in compliance with the law, which constitutes a legitimate interest — Art. 6(1)(f) GDPR.

If you would like to learn more about the privacy policy of “Cookiebot” or the company behind it, Cybot, we recommend the Privacy Policy at: https://www.cookiebot.com/de/privacy-policy/ to read.

Social Media

Social Media Privacy Policy Summary:

👥 Data subjects: Website visitors

🤝 Purpose: presentation and optimization of our service performance, contact with visitors, interested parties and others, advertising.

📓 Data processed: data such as telephone numbers, email addresses, contact details, data on user behavior, information about your device and your IP address.

You can find more details in the respective social media tool used.

📅 Storage period: depending on the social media platforms used.

⚖️ Legal bases: Art. 6(1)(a) GDPR — consent; Art. 6(1)(f) GDPR — legitimate interests.

What is social media?

In addition to our website, we are also active on various social media platforms. In this context, user data may be processed so that we can specifically address users who are interested in us via social networks. In addition, elements of a social media platform may also be embedded directly into our website. This is the case, for example, if you click on a so-called social button on our website and are redirected directly to our social media presence. So-called social media refers to websites and apps through which registered members can create content, share content publicly or within specific groups, and connect with other members.



Why do we use social media?

For years, social media platforms have been the place where people communicate and connect online. Through our social media profiles, we can present our products and services to interested parties. The social media elements integrated into our website help you switch to our social media content quickly and easily.

The data stored and processed through your use of a social media channel primarily serves the purpose of enabling web analyses. The aim of these analyses is to develop more precise and personalized marketing and advertising strategies. Depending on your behavior on a social media platform, the evaluated data may be used to draw appropriate conclusions about your interests and to create so-called user profiles. This also enables the platforms to present you with tailored advertisements. In most cases, cookies are set in your browser for this purpose, which store data about your user behavior.

As a rule, we assume that we remain responsible under data protection law, even when we use services of a social media platform. However, the European Court of Justice has ruled that, in certain cases, the operator of the social media platform may be jointly responsible with us within the meaning of Art. 26 GDPR. Where this is the case, we will point this out separately and work on the basis of a corresponding agreement. The essential elements of the agreement are then set out below for the respective platform.

Please note that when using social media platforms or our integrated elements, your data may also be processed outside the European Union, as many social media channels, such as Facebook or X, are American companies. As a result, you may no longer be able to exercise or enforce your rights regarding your personal data as easily.



Which data are processed?

The exact data stored and processed depends on the respective provider of the social media platform. However, it usually includes data such as telephone numbers, email addresses, data you enter into a contact form, user data such as which buttons you click, who you like or follow, when you visited which pages, information about your device and your IP address. Most of this data is stored in cookies. Especially if you have your own profile with the social media channel you visit and are logged in, data may be linked to your profile.

All data collected via a social media platform is also stored on the providers’ servers. Therefore, only the providers have access to the data and can provide you with the relevant information or make changes.

If you want to know exactly which data is stored and processed by social media providers and how you can object to the data processing, you should carefully read the respective company’s Privacy Policy. We also recommend contacting the provider directly if you have any questions about data storage and data processing or if you wish to exercise corresponding rights.



Duration of data processing

We will inform you about the duration of data processing below, provided that we have further information on this. For example, the social media platform Facebook stores data until it is no longer needed for its own purposes. However, customer data that is matched with its own user data is deleted within two days. In general, we process personal data only for as long as is absolutely necessary to provide our services and products. Where required by law, for example in the case of accounting, this storage period may also be exceeded.



Right to object

You also have the right and the option to withdraw your consent to the use of cookies or third-party providers, such as embedded social media elements, at any time. This can be done either via our cookie management tool or through other opt-out functions. For example, you can also prevent data collection through cookies by managing, disabling or deleting cookies in your browser.

Since cookies may be used by social media tools, we also recommend reading our general Privacy Policy on cookies. To find out exactly which data about you is stored and processed, you should read the Privacy Policies of the respective tools.



Legal Basis

If you have consented to data about you being processed and stored through integrated social media elements, this consent serves as the legal basis for data processing — Art. 6(1)(a) GDPR. In principle, where consent has been given, your data is also stored and processed on the basis of our legitimate interest — Art. 6(1)(f) GDPR — in fast and effective communication with you or other customers and business partners. Nevertheless, we only use these tools if you have given your consent. Most social media platforms also set cookies in your browser in order to store data. We therefore recommend that you carefully read our privacy text on cookies and review the Privacy Policy or Cookie Policy of the respective service provider.

Information on specific social media platforms can be found — where available — in the following sections.

Google Maps Privacy Policy

Google Maps Privacy Policy Summary:

👥 Affected persons: website visitors

🤝 Purpose: optimization of our service performance.

📓 Data processed: data such as search terms entered, your IP address, and latitude and longitude coordinates.

You can find more details below in this Privacy Policy.

📅Storage period: depending on the data stored.

Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests).

What is  Google Maps?

We use Google Maps by Google Inc. on our website. For the European region, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all Google services. With Google Maps, we can show you locations more effectively and adapt our service to your needs. By using Google Maps, data is transferred to Google and stored on Google servers. We would now like to explain in more detail what Google Maps is, why we use this Google service, which data is stored, and how you can prevent this.

Google Maps is an online map service provided by Google. With Google Maps, you can search online for exact locations of cities, sights, accommodations or businesses using a PC, tablet or app. If companies are listed on Google My Business, additional information about the company is displayed alongside the location. To show directions, map sections of a location can be embedded into a website using HTML code. Google Maps displays the earth’s surface as a road map or as an aerial or satellite image. Thanks to Street View images and high-quality satellite images, very detailed representations are possible.

Why do we use Google Maps on our website?

All our efforts on this site are aimed at providing you with a useful and meaningful experience on our website. By integrating Google Maps, we can provide you with the most important information about various locations. You can see at a glance where our company headquarters are located. The directions always show you the best or fastest route to us. You can retrieve directions for routes by car, public transport, on foot or by bicycle. For us, providing Google Maps is part of our customer service.



What data is stored by Google Maps?

In order for Google Maps to provide its service in full, the company must collect and store data about you. This includes, among other things, the search terms entered, your IP address, and latitude and longitude coordinates. If you use the route planner function, the entered starting address is also stored. However, this data storage takes place on the websites of Google Maps. We can only inform you about this and have no influence over it. Since we have integrated Google Maps into our website, Google sets at least one cookie — name: NID — in your browser. This cookie stores data about your user behavior. Google primarily uses this data to optimize its own services and to provide you with individual, personalized advertising.

The following cookie is set in your browser due to the integration of Google Maps:

Name: NID

Value: 188=h26c1Ktha7fCQTx8rXgLyATyITJ321293269-5

Purpose: NID is used by Google to tailor advertisements to your Google searches. With the help of this cookie, Google “remembers” your most frequently entered search queries or your previous interaction with advertisements. This allows you to receive tailored advertisements. The cookie contains a unique ID that Google uses to collect your personal settings for advertising purposes.

Expiry date: after 6 months

Note: We cannot guarantee the completeness of the information regarding the data stored. Changes can never be ruled out, especially when cookies are used. In order to identify the NID cookie, a separate test page was created where only Google Maps was integrated.


How long and where are the data stored?

Google’s servers are located in data centers around the world. However, most servers are located in the United States. For this reason, your data is increasingly stored in the USA as well. You can read exactly where Google’s data centers are located here: https://www.google.com/about/datacenters/inside/locations/?hl=de 

Google distributes the data across different storage devices. This makes the data faster to access and better protected against possible attempts at manipulation. Each data center also has special emergency programs. For example, if there are problems with Google hardware or a natural disaster disables the servers, the data is still very likely to remain protected.

Google stores some data for a fixed period of time. For other data, Google only offers the option to delete it manually. In addition, the company anonymizes information — such as advertising data — in server logs by deleting part of the IP address and cookie information after 9 and 18 months respectively.



How can I delete my data or prevent data storage?

With the automatic deletion function for location and activity data introduced in 2019, location information and web/app activity are stored for either 3 or 18 months — depending on your decision — and then deleted. You can also manually delete this data from your history at any time via your Google Account. If you want to completely prevent location tracking, you must pause the “Web & App Activity” section in your Google Account. Click on “Data & Personalization” and then on the “Activity controls” option. Here you can turn activities on or off.

You can also disable, delete or manage individual cookies in your browser. This works slightly differently depending on which browser you use. The following instructions show you how to manage cookies in your browser:

Chrome:   Delete,enable and manage cookies in Chrome

Safari:   Managing cookies and website data in Safari

Firefox:  Delete cookies to remove data that websites have stored on your Computer.

Internet Explorer:   Delete and manage cookies

Microsoft Edge:   Delete and manage cookies

If you generally do not want to allow cookies, you can set up your browser so that it always informs you whenever a cookie is about to be set. This allows you to decide for each individual cookie whether you want to allow it or not.

Please note that when using this tool, your data may also be stored and processed outside the EU. Most third countries — including the USA — are currently considered not secure under European data protection law. Data may therefore not simply be transferred to, stored and processed in such insecure third countries unless appropriate safeguards, such as EU Standard Contractual Clauses, exist between us and the non-European service provider.  



Legal basis

If you have consented to the use of Google Maps, the legal basis for the corresponding data processing is this consent. According to Art. 6(1)(a) GDPR — consent — this consent constitutes the legal basis for the processing of personal data, as may occur when data is collected through Google Maps.

We also have a legitimate interest in using Google Maps in order to optimize our online service. The corresponding legal basis for this is Art. 6(1)(f) GDPR — legitimate interests. Nevertheless, we only use Google Maps if you have given your consent.

Google also processes data in the United States, among other locations. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of data protection for data transfers to the USA. This may be associated with various risks regarding the legality and security of data processing.

As a basis for data processing with recipients located in third countries (outside the European Union, Iceland, Liechtenstein, and Norway, in particular the USA) or for data transfers to such countries, Google uses Standard Contractual Clauses approved by the European Commission (Art. 46(2) and (3) GDPR). These clauses oblige Google to comply with the EU data protection level when processing relevant data outside the EU. These clauses are based on an implementing decision of the European Commission. You can find the decision and the clauses here, among other places: https://ec.europa.eu/germany/news/20210604-datentransfers-eu_de.

If you would like to learn more about data processing by Google, we recommend the company’s own Privacy Policy at: https://policies.google.com/privacy?hl=de.

All texts are protected by copyright. Source: Created with the Datenschutz Generator von AdSimple