The use of our site is possible without providing any personal data. You do not have to register for the offer.
We collect and utilize our users’ personal data only insofar as this is necessary for provision of an operational site and of our content and services. Collection and utilization of our users’ personal data is only undertaken periodically with the user’s consent. An exception applies in those cases where prior consent cannot be obtained for legal or factual reasons and the processing of the data is permitted by law.
Types of data processed
- Content data (e.g. text input, photographs, videos).
- Usage data (e.g. visited websites, interest in content, access times).
- Meta/communication data (e.g. device information, IP addresses).
Processing of special categories of data (Art. 9 (1) GDPR)
No special categories of data are processed.
Categories of data subjects
- Customers, interested parties, visitors and users of the online offer, business partners (hereinafter also referred to as “users” in summary).
Purpose of the processing
- Provision of the online offer, its contents and functionality.
- Provision of contractual services, service and customer care.
- Answering of contacts requests and communication with users.
- Marketing, advertising and market research.
- Security measures.
In accordance with Art. 13 GDPR, we inform you of the legal basis of our data processing.
- The legal basis for the collection of consent is Art. 6 (1) (a) and Art. 7 GDPR.
- The legal basis for processing for the fulfilment of our services and the execution of contractual measures as well as for replying to enquiries is Art. 6 (1) (b) GDPR.
- The legal basis for processing to fulfil our legal obligations is Art. 6 (1) (c) GDPR.
- If processing is necessary to safeguard the legitimate interests of our company or a third party, and if the interests, fundamental rights, and freedoms of the data subject do not prevail over the first interest, Art. 6 (1) (f) GDPR is the legal basis for processing.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) (d) GDPR applies as the legal basis.
We shall take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk, in accordance with Art. 32 GDPR, taking into account the state of the art, implementation costs and the nature, scope, circumstances and purposes of processing and the different likelihood and severity of the risk to the rights and freedoms of natural persons; the measures shall include in particular safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, transmission, security of availability and its separation. Furthermore, we have established procedures that guarantee the exercise of data subject rights, deletion of data and reaction to data risks. Furthermore, we already consider the protection of personal data during the development or selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and data protection-friendly presettings (Art. 25 GDPR).
The security measures include in particular the encrypted transmission of data between your browser and our server.
Cooperation with contract processors and third parties
If we disclose data to other persons and companies (contract processors or third parties) within the scope of our processing, transmit the data to them or otherwise grant them access to the data, this shall only take place on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as payment service providers, in accordance with Art. 6 (1) (b) GDPR is required for contract fulfilment), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).
If we commission third parties with the processing of data on the basis of a so-called “order processing contract”, this is done on the basis of Art. 28 GDPR.
Transfers to third countries
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of the use of third-party services or disclosure or transfer of data to third parties, this only takes place if it occurs for the fulfilment of our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or leave the data in a third country only in the presence of the special requirements of Art. 44 (ff) GDPR. This means, for example, processing is carried out on the basis of special guarantees, such as the officially recognized determination of a data protection level corresponding to the EU (e.g. for the USA by the “Privacy Shield”) or compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”).
Rights of the data subjects
You have the right to request confirmation as to whether the data concerned are being processed and to request information about these data as well as further information and a copy of the data in accordance with Art. 15 GDPR.
- According to Art. 16 GDPR, you have the right to request the completion of data concerning you or the correction of inaccurate data concerning you.
- In accordance with Art. 17 GDPR, you have the right to demand that relevant data be deleted immediately or, alternatively, to demand a restriction on the processing of the data in accordance with Art. 18 GDPR.
- You have the right to request that the data concerning you that you have provided to us be received in accordance with Art. 20 GDPR and to request their transmission to other persons responsible.
- According to Art. 77 GDPR, you have the further right to lodge a complaint with the competent supervisory authority.
You have the right to revoke your consent according to Art. 7 (3) GDPR with effect for the future.
You can object to the future processing of the data concerning you in accordance with Art. 21 GDPR at any time. The objection may be lodged in particular against processing for direct marketing purposes.
Cookies and right of objection for direct advertising
Deletion of data
Our website contains information that enables a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties. Summary:
- When contacting us (via contact form or e-mail), the user’s details for the processing of the contact request and its handling according to the terms and conditions of this agreement are stored. Art. 6 (1) (b) GDPR.
- User information can be stored in our Customer Relationship Management System (“CRM System”) or comparable request organization.
- We delete the enquiries if they are no longer necessary.
Collection of access data and log files
- We collect on the basis of our legitimate interests as defined in Art. 6 (1) (f) GDPR regarding each access to the server on which this service is located (known as server log files). Access data includes the name of the requested website, file, date and time of access, amount of data transferred, notification of successful retrieval, browser type along with version, the operating system of the user, referrer URL (previously visited), IP address, and the requesting provider.
- Log file information is stored for a maximum of seven days for security reasons (e.g. to investigate misuse or fraud) and then deleted. Data whose further storage is required for evidentiary purposes are excluded from deletion until the respective incident has been finally clarified.
Online social media presence
- We maintain online presences within social networks and platforms in order to communicate with active customers, interested parties and users and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply.
Cookies & range measurement
- Cookies are information that is transferred from our web server or third party web servers to the user’s web browser and stored there for later retrieval. Cookies can be small files or other types of information storage.
- Some of the cookies we use are so-called “session cookies”, which are only stored on our website for the duration of your current visit (e.g. to enable the storage of your login status or the language and thus the use of our website). A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. A cookie also contains information about its origin and the storage period. These cookies cannot store any other data. Session cookies are deleted when you have finished using our online offer and log out or close your browser, for example.
- Cookies with longer durations than the session enable us to recognize your browser on your next visit (persistent cookies). We use these cookies exclusively to provide a better user experience.
- If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Cookies already saved can be deleted in the system settings of the browser at any time. The exclusion of cookies can lead to functional restrictions of this online offer.
- Google has become subject to the Privacy Shield agreement, thereby offering a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
- On our behalf, Google will use this information to evaluate the use of our online offering by the user, to compile reports on the activities within this online offering and to provide us with other services related to the use of this online offering and the internet. Pseudonymous usage profiles of users may be created from the processed data in this respect.
- We use Google Analytics only with activated IP anonymization. This means that the IP address of the user is shortened by Google within the member states of the European Union or in other countries that are party to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there.
Opt-out cookies prevent the future collection of your data when you visit this website. To prevent Universal Analytics from collecting data across different devices, you must opt-out on all systems used. If you click here, the opt-out cookie will be set:
Deactivate Google Analytics
- For further information on data usage by Google, setting and objection options, please see the Google website: https://www.google.com/intl/de/policies/privacy/partners (“Data usage by Google when using websites or apps of our partners”), https://policies.google.com/technologies/ads (“Use of data for advertising purposes”), https://adssettings.google.com/authenticated (“Manage information Google uses to show you advertisements”).
- The following notes are about our newsletter, its content and procedures regarding registration, distribution and statistical evaluation. They also explain your right to appeal. By subscribing to our newsletter, you agree to receive it and to the procedures described.
- Content of the newsletter: We send newsletters, e-mails and other electronic notifications containing advertising information (hereinafter “newsletters”) only with the express consent of the recipient or their permission in legal terms. If registration for the newsletter involves a concrete description of its content, then this description is the basis on which the user agrees to receive the newsletter.
- Double opt-in and registration recording: Subscription to our newsletter takes place using a process known as double opt-in. This means that upon registration, you will receive an e-mail requesting confirmation of the subscription. The confirmation is required to ensure that no one else can subscribe using your e-mail address. A record of subscriptions to the newsletter is kept to fulfill the legal requirements for recording the subscription process. The record contains the time of subscription and confirmation as well as the relevant IP address. Any changes of data registered with MailChimp will also be recorded.
- E-mail marketing service provider: The newsletter is sent via “aweber”, a newsletter dispatch platform by US provider Rocket AWeber Systems Inc. Communications, 1100 Manor Drive Chalfont, PA 18914, USA. The data protection regulations of the e-mail marketing service provider can be viewed here: https://www.aweber.com/privacy.htm. AWeber Systems Inc. has become subject to the Privacy Shield agreement, thereby offering a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TNN8AAO&status=Active).
- Furthermore, the e-mail marketing service provider can use this data in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. for technical optimization of the dispatch and presentation of the newsletter or for statistical purposes in order to determine from which countries the recipients come. However, the service does not use the data of our newsletter to approach recipients directly nor do they pass the information on to third parties.
- Registration data: To subscribe to the newsletter, simply enter your e-mail address.
- Performance measurement: The newsletters contain a so-called “web beacon”, i.e. a pixel-sized file, which is retrieved from the e-mail marketing server when opening the newsletter. During the download, technical information such as your browser and operating system as well as your IP address and the time of the download are collected. This information is used for technical improvement of the service, as technical data or target group data can be analyzed according to their reading behavior, their download locations (identifiable through IP addresses) or download times. Statistical data collection also includes an analysis of when the newsletters are opened and which links are clicked upon. Although this information technically allows the tracking of individual newsletter recipients, we are not interested in watching the behavior of individual users. Data analysis is used to recognize patterns in the reading behavior of users and adapt contents accordingly or send different content according to the interests of our users.
Integration of services and content from third parties
- Within the framework of our online offers, we use so-called social plugins (“plugins”) provided by the social network Facebook, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), 1 lit. f. GDPR), we include content or service offerings of third parties so that we can incorporate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”). This always presupposes that the third-party providers of this content can see the IP address of users, since without the IP address they would not be able to send the content to the users’ browsers. The IP address is therefore necessary in order to display this content. We strive only to use content from providers who use the IP address to deliver content and for nothing else. Third-party providers may also use “pixel tags” (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” enable the analysis of information such as the traffic of visitors on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may include technical information about the browser and operating system, referring websites, visiting time and other information about the use of our online offering. It may also be linked to such information from other sources.
- The following presentation offers an overview of third-party providers and their content in addition to links to their privacy statements, which contain further references to the processing of data and, already mentioned here in part, possibilities to object (so-called opt-out):
We operate on the basis of our legitimate interests (i.e. interest in the economic operation of our online offer within the meaning of Art. 6 (1) (f) GDPR) with affiliate programs. To this end, we use tracking cookies on our website to correctly record sales and/or leads with partners. Cookies are small text files that are stored on your computer when you visit our website. These tracking cookies do not store any personal data. Rather, only our identification number at the partner’s site as well as the order number of the advertising material clicked on by the website visitor are recorded. This information is required for payment processing between us and the advertiser. When a transaction is concluded, the partner identification number is used to assign the commission to be paid to the referring partner.