DATA PROTECTION

Table of contents

• Intro­duc­tion and overview
• Area of appli­ca­tion
• Legal basis
• Con­tact details of the per­son respon­si­ble
• Stor­age dura­tion
• Rights under the Gen­er­al Data Pro­tec­tion Reg­u­la­tion
• Data trans­fer to third coun­tries
• Secu­ri­ty of data pro­cess­ing
• Com­mu­ni­ca­tion
• Cook­ies
• Web­host­ing intro­duc­tion
• Web­site mod­u­lar sys­tems Intro­duc­tion
• Web Ana­lyt­ics Intro­duc­tion
• Cook­ie Con­sent Man­age­ment Plat­form Intro­duc­tion
• Secu­ri­ty & Anti-Spam
• Audio & Video Intro­duc­tion
• Online map ser­vices Intro­duc­tion
• Oth­er Intro­duc­tion
• Expla­na­tion of terms used

Introduction and overview

We have drawn up this pri­va­cy pol­i­cy (ver­sion 28.11.2023–112009279) in order to inform you in accor­dance with the require­ments of the Daten­schutz-Grund­verord­nung (EU) 2016/679 and applic­a­ble nation­al laws, which per­son­al data (data for short) we as the con­troller — and the proces­sors com­mis­sioned by us (e.g. providers) — process, will process in the future and what law­ful options you have. The terms used are to be under­stood as gen­der-neu­tral
In short: We pro­vide you with com­pre­hen­sive infor­ma­tion about the data we process about you.

Data pro­tec­tion dec­la­ra­tions usu­al­ly sound very tech­ni­cal and use legal ter­mi­nol­o­gy. This pri­va­cy pol­i­cy, on the oth­er hand, is intend­ed to describe the most impor­tant things to you as sim­ply and trans­par­ent­ly as pos­si­ble. Tech­ni­cal terms are explained in a read­er-friend­ly way, links to fur­ther infor­ma­tion are pro­vid­ed and graph­ics are used where this is con­ducive to trans­paren­cy. We thus inform you in clear and sim­ple lan­guage that we only process per­son­al data as part of our busi­ness activ­i­ties if there is a cor­re­spond­ing legal basis. This is cer­tain­ly not pos­si­ble if you make the most con­cise, unclear and legal-tech­ni­cal state­ments pos­si­ble, as is often stan­dard on the Inter­net when it comes to data pro­tec­tion. I hope you find the fol­low­ing expla­na­tions inter­est­ing and infor­ma­tive and per­haps there is one or two pieces of infor­ma­tion that you did not yet know.
If you still have any ques­tions, please con­tact the respon­si­ble body named below or in the imprint, fol­low the links pro­vid­ed and view fur­ther infor­ma­tion on third-par­ty web­sites. Our con­tact details can of course also be found in the imprint

Area of application

This pri­va­cy pol­i­cy applies to all per­son­al data processed by us in the com­pa­ny and to all per­son­al data processed by com­pa­nies com­mis­sioned by us (proces­sors). By per­son­al data, we mean infor­ma­tion with­in the mean­ing of Art. 4 No. 1 GDPR, such as a per­son­’s name, email address and postal address. The pro­cess­ing of per­son­al data ensures that we can offer and bill our ser­vices and prod­ucts, whether online or offline. The scope of this pri­va­cy pol­i­cy includes

• all online pres­ences (web­sites, online stores) that we oper­ate
• Social media pres­ences and e‑mail com­mu­ni­ca­tion­mo­bile apps
• for smart­phones and oth­er devices

In short, the pri­va­cy pol­i­cy applies to all areas in which per­son­al data is processed in the com­pa­ny in a struc­tured man­ner via the chan­nels men­tioned. If we enter into a legal rela­tion­ship with you out­side of these chan­nels, we will inform you sep­a­rate­ly if nec­es­sary.

Legal basis

In the fol­low­ing pri­va­cy pol­i­cy, we pro­vide you with trans­par­ent infor­ma­tion on the legal prin­ci­ples and reg­u­la­tions, i.e. the legal basis of the Gen­er­al Data Pro­tec­tion Reg­u­la­tion, which enable us to process per­son­al data. As far as EU law is con­cerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016. You can of course access this EU Gen­er­al Data Pro­tec­tion Reg­u­la­tion online on EUR-Lex, the gate­way to EU law, at https://eur-lex.europa.eu/legal-content/DE/ALL/?uri=celex%3A32016R0679 read more.

We only process your data if at least one of the fol­low­ing con­di­tions applies:

1. Con­sent (Arti­cle 6(1)(a) GDPR): You have giv­en us your con­sent to process data for a spe­cif­ic pur­pose. An exam­ple would be the stor­age of the data you entered in a con­tact form.
2. Con­tract (Arti­cle 6(1)(b) GDPR): In order to ful­fil a con­tract or pre-con­trac­tu­al oblig­a­tions with you, we process your data. For exam­ple, if we con­clude a pur­chase con­tract with you, we need per­son­al infor­ma­tion in advance..
3. Legal oblig­a­tion (Arti­cle 6(1)© GDPR): If we are sub­ject to a legal oblig­a­tion, we process your data. For exam­ple, we are legal­ly oblig­ed to keep invoic­es for account­ing pur­pos­es. These usu­al­ly con­tain per­son­al data
4. Legit­i­mate inter­ests (Arti­cle 6(1)(f) GDPR): In the case of legit­i­mate inter­ests that do not restrict your fun­da­men­tal rights, we reserve the right to process per­son­al data. For exam­ple, we need to process cer­tain data in order to oper­ate our web­site secure­ly and effi­cient­ly. This pro­cess­ing is there­fore a legit­i­mate inter­est.

Oth­er con­di­tions such as the ful­fil­ment of record­ing in the pub­lic inter­est and the exer­cise of offi­cial author­i­ty as well as the pro­tec­tion of vital inter­ests do not gen­er­al­ly arise for us. If such a legal basis is rel­e­vant, it will be indi­cat­ed at the appro­pri­ate point.

In addi­tion to the EU reg­u­la­tion, nation­al laws also apply:

• In Aus­tria, this is the Fed­er­al Act on the Pro­tec­tion of Nat­ur­al Per­sons with regard to the Pro­cess­ing of Per­son­al Data (Data Pro­tec­tion Act), or DSG for short.
• In Ger­many, the Fed­er­al Data Pro­tec­tion Act (BDSG) applies.

If oth­er region­al or nation­al laws apply, we will inform you of this in the fol­low­ing sec­tions.

Contact details of the person responsible

If you have any ques­tions about data pro­tec­tion or the pro­cess­ing of per­son­al data, you will find the con­tact details of the per­son or body respon­si­ble below: M‑A-S Maschi­nen- und Anla­gen­bau Schulz GmbH Hobel­weg 1 A‑4055 Puck­ing

E‑Mail: office@mas-austria.com
Tele­fon: +43 (0) 7229 / 789 99 0
Impres­sum: https://mas-tech.com/datenschutz

Storage duration

It is a gen­er­al cri­te­ri­on for us that we only store per­son­al data for as long as is absolute­ly nec­es­sary for the pro­vi­sion of our ser­vices and prod­ucts. This means that we delete per­son­al data as soon as the rea­son for the data pro­cess­ing no longer exists. In some cas­es, we are legal­ly oblig­ed to store cer­tain data even after the orig­i­nal pur­pose has ceased to exist, for exam­ple for account­ing purposes.Rights under the Gen­er­al Data Pro­tec­tion Reg­u­la­tion

In accor­dance with Arti­cles 13 and 14 GDPR, we inform you of the fol­low­ing rights to which you are enti­tled in order to ensure fair and trans­par­ent pro­cess­ing of data:

• Accord­ing to Arti­cle 15 GDPR, you have a right to infor­ma­tion about whether we process your data. If this is the case, you have the right to receive a copy of the data and the fol­low­ing infor­ma­tion:
  
  • the pur­pose for which we car­ry out the pro­cess­ing;
  • the cat­e­gories, i.e. the types of data that are processed;
  • who receives this data and, if the data is trans­ferred to third coun­tries, how secu­ri­ty can be guar­an­teed;
  • how long the data will be stored;
  • the exis­tence of the right to rec­ti­fi­ca­tion, era­sure or restric­tion of pro­cess­ing and the right to object to pro­cess­ing;
  • that you can lodge a com­plaint with a super­vi­so­ry author­i­ty (links to these author­i­ties can be found below);
  • the ori­gin of the data if we have not col­lect­ed it from you;
  • whether pro­fil­ing is car­ried out, i.e. whether data is auto­mat­i­cal­ly analysed in order to cre­ate a per­son­al pro­file of you.
• Accord­ing to Arti­cle 16 GDPR, you have a right to rec­ti­fi­ca­tion of data, which means that we must cor­rect data if you find errors.
• Accord­ing to Arti­cle 17 GDPR, you have the right to era­sure (“right to be for­got­ten”), which specif­i­cal­ly means that you may request the era­sure of your data..
• Accord­ing to Arti­cle 18 GDPR, you have the right to restric­tion of pro­cess­ing, which means that we may only store the data but not use it any fur­ther.
• Accord­ing to Arti­cle 20 GDPR, you have the right to data porta­bil­i­ty, which means that we will pro­vide you with your data in a com­mon­ly used for­mat upon request.
• Accord­ing to Arti­cle 21 GDPR, you have the right to object, which will result in a change in the pro­cess­ing after enforce­ment.
  
  • If the pro­cess­ing of your data is based on Arti­cle 6(1)(e) (pub­lic inter­est, exer­cise of offi­cial author­i­ty) or Arti­cle 6(1)(f) (legit­i­mate inter­est), you can object to the pro­cess­ing. We will then check as quick­ly as pos­si­ble whether we can legal­ly hon­our this objec­tion.
  • If data is used for direct mar­ket­ing pur­pos­es, you can object to this type of data pro­cess­ing at any time. We may then no longer use your data for direct mar­ket­ing.
  • If data is used for pro­fil­ing pur­pos­es, you can object to this type of data pro­cess­ing at any time. We may then no longer use your data for pro­fil­ing.
• Under Arti­cle 22 GDPR, you may have the right not to be sub­ject to a deci­sion based sole­ly on auto­mat­ed pro­cess­ing (e.g. pro­fil­ing).
• Accord­ing to Arti­cle 77 GDPR, you have the right to lodge a com­plaint. This means that you can lodge a com­plaint with the data pro­tec­tion author­i­ty at any time if you believe that the pro­cess­ing of your per­son­al data is in breach of the GDPR.

In short: You have rights — do not hes­i­tate to con­tact the respon­si­ble office list­ed above!

If you believe that the pro­cess­ing of your data vio­lates data pro­tec­tion law or that your data pro­tec­tion rights have been vio­lat­ed in any oth­er way, you can lodge a com­plaint with the super­vi­so­ry author­i­ty. For Aus­tria, this is the data pro­tec­tion author­i­ty, whose web­site you can find at https://www.dsb.gv.at/ find. In Ger­many, there is a data pro­tec­tion offi­cer for each fed­er­al state. For more infor­ma­tion, you can con­tact the Bun­des­beauf­tragte für den Daten­schutz und die Infor­ma­tions­frei­heit (BfDI) find. In Ger­many, there is a data pro­tec­tion offi­cer for each fed­er­al state. For more infor­ma­tion, you can con­tact the

Austria Data Protection Authority

Lei­t­erin: Mag. Dr. Andrea Jelinek
Adresse: Barich­gasse 40–42, 1030 Wien
Tele­fon­nr.: +43 1 52 152–0
E‑Mail-Adresse: dsb@dsb.gv.at
Web­site: https://www.dsb.gv.at/

Data transfer to third countries

Data pro­cess­ing by US ser­vices that are not active par­tic­i­pants in the EU-US Data Pri­va­cy Frame­work may result in data not being processed and stored in anonymised form. Fur­ther­more, US gov­ern­ment author­i­ties may be able to access indi­vid­ual data. In addi­tion, data col­lect­ed may be linked to data from oth­er ser­vices of the same provider if you have a cor­re­spond­ing user account. Where pos­si­ble, we endeav­our to use serv­er loca­tions with­in the EU if this is offered. We will inform you in more detail about data trans­fer to third coun­tries, if applic­a­ble, in the appro­pri­ate sec­tions of this pri­va­cy pol­i­cy.

Security of data processing

TLS encryption with https

TLS, encryp­tion and https sound very tech­ni­cal — and they are. We use HTTPS (the Hyper­text Trans­fer Pro­to­col Secure stands for “secure hyper­text trans­fer pro­to­col”) to trans­mit data tap-proof on the Inter­net.

This means that the com­plete trans­mis­sion of all data from your brows­er to our web serv­er is secured — nobody can “eaves­drop” (Artikel 25 Absatz 1 DSGVO). By using TLS (Trans­port Lay­er Secu­ri­ty), an encryp­tion pro­to­col for secure data trans­mis­sion on the Inter­net, we can ensure the pro­tec­tion of con­fi­den­tial data.

You can recog­nise the use of this data trans­mis­sion pro­tec­tion by the small lock sym­bol at the top left of the brows­er, to the left of the Inter­net address (e.g. examplepage.com) and the use of the https scheme (instead of http) as part of our Inter­net address. If you would like to know more about encryp­tion, we rec­om­mend a Google search for “Hyper­text Trans­fer Pro­to­col Secure wiki” to get good links to fur­ther infor­ma­tion.

Communication

When you con­tact us and com­mu­ni­cate by tele­phone, e‑mail or online form, per­son­al data may be processed. The data is processed for the han­dling and pro­cess­ing of your enquiry and the asso­ci­at­ed busi­ness trans­ac­tion. The data will be stored for as long as required by law.Betroffene Per­so­n­en

The above-men­tioned process­es affect every­one who con­tacts us via the com­mu­ni­ca­tion chan­nels we pro­vide.

Phone

When you call us, the call data is stored pseu­do­nymised on the respec­tive end device and with the telecom­mu­ni­ca­tions provider used. In addi­tion, data such as your name and tele­phone num­ber may sub­se­quent­ly be sent by e‑mail and stored for the pur­pose of respond­ing to your enquiry. The data is delet­ed as soon as the busi­ness trans­ac­tion has been com­plet­ed and legal require­ments per­mit.

E‑Mail

If you com­mu­ni­cate with us by email, data may be stored on the respec­tive end device (com­put­er, lap­top, smart­phone, etc.) and data may be stored on the email serv­er. The data is delet­ed as soon as the busi­ness trans­ac­tion has been com­plet­ed and legal require­ments per­mit.

Online forms

If you com­mu­ni­cate with us using an online form, data is stored on our web serv­er and may be for­ward­ed to one of our e‑mail address­es. The data will be delet­ed as soon as the busi­ness trans­ac­tion has been com­plet­ed and legal require­ments per­mit.

Legal basis

The pro­cess­ing of the data is based on the fol­low­ing legal bases:

• Art. 6 para. 1 lit. a GDPR (con­sent): You give us your con­sent to store your data and to use it for pur­pos­es relat­ing to the busi­ness trans­ac­tion;
• Art. 6 para. 1 lit. b GDPR (con­tract): It is nec­es­sary for the ful­fil­ment of a con­tract with you or a proces­sor, such as the tele­phone provider, or we need to process the data for pre-con­trac­tu­al activ­i­ties, such as the prepa­ra­tion of an offer;
• Art. 6 para. 1 lit. f GDPR (legit­i­mate inter­ests): We want to han­dle cus­tomer enquiries and busi­ness com­mu­ni­ca­tion in a pro­fes­sion­al man­ner. This requires cer­tain tech­ni­cal facil­i­ties such as email pro­grammes, exchange servers and mobile net­work oper­a­tors in order to oper­ate com­mu­ni­ca­tion effi­cient­ly.

Cookies

What are cookies?

Our web­site uses HTTP cook­ies to store user-spe­cif­ic data.
Below, we explain what cook­ies are and why they are used so that you can bet­ter under­stand the fol­low­ing pri­va­cy pol­i­cy.

When­ev­er you surf the inter­net, you use a brows­er. Com­mon browsers include Chrome, Safari, Fire­fox, Inter­net Explor­er, and Microsoft Edge. Most web­sites store small text files in your brows­er. These files are called cook­ies.

One thing is unde­ni­able: cook­ies are tru­ly use­ful lit­tle helpers. Almost all web­sites use cook­ies. To be more pre­cise, they are HTTP cook­ies, as there are oth­er cook­ies for oth­er pur­pos­es. HTTP cook­ies are small files that our web­site stores on your com­put­er. These cook­ie files are auto­mat­i­cal­ly stored in the cook­ie fold­er, the “brain” of your brows­er. A cook­ie con­sists of a name and a val­ue. When defin­ing a cook­ie, one or more attrib­ut­es must also be spec­i­fied.

Cook­ies store cer­tain user data from you, such as lan­guage or per­son­al page set­tings. When you vis­it our site again, your brows­er sends the “user-relat­ed” infor­ma­tion back to our site. Thanks to cook­ies, our web­site knows who you are and offers you the set­tings you are used to. In some browsers, each cook­ie has its own file; in oth­ers, such as Fire­fox, all cook­ies are stored in a sin­gle file.

The fol­low­ing graph­ic shows a pos­si­ble inter­ac­tion between a web brows­er, such as Chrome, and the web serv­er. The web brows­er requests a web­site and receives a cook­ie back from the serv­er, which the brows­er uses again when­ev­er anoth­er page is request­ed.

There are both first-par­ty and third-par­ty cook­ies. First-par­ty cook­ies are cre­at­ed direct­ly by our site, while third-par­ty cook­ies are cre­at­ed by part­ner web­sites (e.g., Google Ana­lyt­ics). Each cook­ie must be eval­u­at­ed indi­vid­u­al­ly, as each cook­ie stores dif­fer­ent data. The expi­ra­tion time of a cook­ie also varies from a few min­utes to a few years. Cook­ies are not soft­ware pro­grams and do not con­tain virus­es, Tro­jans, or oth­er “mal­ware.” Cook­ies also can­not access infor­ma­tion on your PC.

For exam­ple, cook­ie data might look like this:

Name: _ga
Val­ue: GA1.2.1326744211.152112009279–9
Pur­pose of use: Dif­fer­en­ti­a­tion of web­site vis­i­tors
Expi­ra­tion date: after 2 years

A brows­er should be able to sup­port these min­i­mum sizes:

• At least 4096 bytes per cook­ie
• At least 50 cook­ies per domain
• At least 3000 cook­ies in total

What types of cookies are there?

The spe­cif­ic cook­ies we use depend on the ser­vices used and are explained in the fol­low­ing sec­tions of this pri­va­cy pol­i­cy. At this point, we would like to briefly dis­cuss the dif­fer­ent types of HTTP cook­ies.

There are four types of cook­ies:

Essen­tial cook­ies These cook­ies are nec­es­sary to ensure basic web­site func­tions. For exam­ple, these cook­ies are need­ed when a user adds a prod­uct to their shop­ping cart, then con­tin­ues brows­ing to oth­er pages and only pro­ceeds to check­out lat­er. These cook­ies ensure that the shop­ping cart is not delet­ed even when the user clos­es their brows­er win­dow.

Pur­pose­ful cook­ies These cook­ies col­lect infor­ma­tion about user behav­ior and whether the user receives any error mes­sages. These cook­ies also mea­sure the load­ing time and behav­ior of the web­site in dif­fer­ent browsers.

Tar­get­ed cook­ies These cook­ies improve user expe­ri­ence. For exam­ple, entered loca­tions, font sizes, or form data are saved.

Werbe-Cook­ies
These cook­ies improve user expe­ri­ence. For exam­ple, entered loca­tions, font sizes, or form data are saved.

Typ­i­cal­ly, when you first vis­it a web­site, you will be asked which of these cook­ie types you wish to accept. And, of course, this deci­sion will also be saved in a cook­ie.

If you would like to know more about cook­ies and are not afraid of tech­ni­cal doc­u­men­ta­tion, we rec­om­mend https://datatracker.ietf.org/doc/html/rfc6265, the Request for Com­ments from the Inter­net Engi­neer­ing Task Force (IETF) called “HTTP State Man­age­ment Mech­a­nism”.

Purpose of processing via cookies

The pur­pose ulti­mate­ly depends on the spe­cif­ic cook­ie. You can find more details below or con­tact the man­u­fac­tur­er of the soft­ware that sets the cook­ie.

What data is processed?

Cook­ies are small helpers for a vari­ety of tasks. Unfor­tu­nate­ly, it’s not pos­si­ble to gen­er­al­ize what data is stored in cook­ies, but we will inform you about the data processed and stored in the fol­low­ing pri­va­cy pol­i­cy.

Storage period of cookies

The stor­age peri­od depends on the respec­tive cook­ie and is fur­ther spec­i­fied below. Some cook­ies are delet­ed after less than one hour, oth­ers can remain stored on a com­put­er for sev­er­al years.

You also have con­trol over the stor­age peri­od. You can man­u­al­ly delete all cook­ies via your brows­er at any time (see also “Right of objec­tion” below). Fur­ther­more, cook­ies based on con­sent will be delet­ed at the lat­est after your con­sent has been revoked, although the legal­i­ty of their stor­age remains unaf­fect­ed until then.

Right of objection – how can I delete cookies?

You decide how and whether you want to use cook­ies. Regard­less of the ser­vice or web­site from which the cook­ies orig­i­nate, you always have the option to delete, dis­able, or only par­tial­ly accept cook­ies. For exam­ple, you can block third-par­ty cook­ies but allow all oth­er cook­ies.

If you want to find out which cook­ies have been stored in your brows­er, or if you want to change or delete cook­ie set­tings, you can do so in your brows­er set­tings:

Chrome: Cook­ies in Chrome löschen, aktivieren und ver­wal­ten

Safari: Ver­wal­ten von Cook­ies und Web­site­dat­en mit Safari

Fire­fox: Cook­ies löschen, um Dat­en zu ent­fer­nen, die Web­sites auf Ihrem Com­put­er abgelegt haben

Inter­net Explor­er: Löschen und Ver­wal­ten von Cook­ies

Microsoft Edge: Löschen und Ver­wal­ten von Cook­ies

If you don’t want cook­ies at all, you can set your brows­er to always noti­fy you when a cook­ie is about to be set. This allows you to decide for each indi­vid­ual cook­ie whether or not to accept it. The process varies depend­ing on your brows­er. The best way to find instruc­tions is to search for “delete cook­ies in Chrome” or “dis­able cook­ies in Chrome” in the case of a Chrome brows­er.

Legal basis

The so-called “Cook­ie Guide­lines” have been in exis­tence since 2009. They state that the stor­age of cook­ies is a Ein­willi­gung (Arti­cle 6 (1) (a) GDPR). How­ev­er, reac­tions to these guide­lines vary con­sid­er­ably across EU coun­tries. In Aus­tria, how­ev­er, this direc­tive was imple­ment­ed in Sec­tion 96 (3) of the Telecom­mu­ni­ca­tions Act (TKG). In Ger­many, the cook­ie guide­lines were not imple­ment­ed as nation­al law. Instead, this direc­tive was large­ly imple­ment­ed in Sec­tion 15 (3) of the Tele­me­dia Act (TMG).

For strict­ly nec­es­sary cook­ies, even if no con­sent has been giv­en,berechtigte Inter­essen

(Arti­cle 6 (1) (f) GDPR), which in most cas­es are of an eco­nom­ic nature. We want to pro­vide web­site vis­i­tors with a pleas­ant user expe­ri­ence, and for this, cer­tain cook­ies are often absolute­ly nec­es­sary.

If non-essen­tial cook­ies are used, this only hap­pens with your con­sent. The legal basis in this regard is Arti­cle 6 (1) (a) GDPR.

In the fol­low­ing sec­tions, you will be informed in more detail about the use of cook­ies, pro­vid­ed that the soft­ware used uses cook­ies.

Web hosting introduction

What is web hosting?

When you vis­it web­sites these days, cer­tain infor­ma­tion – includ­ing per­son­al data – is auto­mat­i­cal­ly cre­at­ed and stored, includ­ing on this web­site. This data should be processed as spar­ing­ly as pos­si­ble and only with jus­ti­fi­ca­tion. By “web­site,” we mean the entire­ty of all web pages on a domain, i.e., every­thing from the home page to the very last sub­page (like this one). By “domain,” we mean, for exam­ple, example.de or sampleexample.com.

If you want to view a web­site on a com­put­er, tablet, or smart­phone, you use a pro­gram called a web brows­er. You prob­a­bly know some web browsers by name: Google Chrome, Microsoft Edge, Mozil­la Fire­fox, and Apple Safari. We sim­ply refer to them as “brows­er” or “web brows­er.”

To dis­play the web­site, the brows­er must con­nect to anoth­er com­put­er where the web­site’s code is stored: the web serv­er. Oper­at­ing a web serv­er is a com­plex and time-con­sum­ing task, which is why it is usu­al­ly han­dled by pro­fes­sion­al providers. These offer web host­ing and thus ensure reli­able and error-free stor­age of web­site data. A lot of tech­ni­cal terms, but please stay tuned, it gets bet­ter!

When the brows­er con­nects to your com­put­er (desk­top, lap­top, tablet, or smart­phone) and dur­ing data trans­fer to and from the web serv­er, per­son­al data may be processed. On the one hand, your com­put­er stores data, and on the oth­er hand, the web serv­er must also store data for a while to ensure prop­er oper­a­tion.

A pic­ture is worth a thou­sand words, so the fol­low­ing graph­ic illus­trates the inter­ac­tion between the brows­er, the inter­net, and the host­ing provider.

Why do we process personal data?

The pur­pos­es of data pro­cess­ing are:

1. Pro­fes­sion­al web­site host­ing and oper­a­tional secu­ri­ty
2. to main­tain oper­a­tional and IT secu­ri­ty
3. Anony­mous eval­u­a­tion of access behav­ior to improve our ser­vice and, if nec­es­sary, for crim­i­nal pros­e­cu­tion or the pur­suit of claims

What data is processed?

Even while you are cur­rent­ly vis­it­ing our web­site, our web serv­er, which is the com­put­er on which this web­site is stored, usu­al­ly auto­mat­i­cal­ly saves data such as

• the com­plete Inter­net address (URL) of the accessed web­site
• Brows­er and brows­er ver­sion (e.g., Chrome 87)
• The oper­at­ing sys­tem used (e.g., Win­dows 10)
• The address (URL) of the pre­vi­ous­ly vis­it­ed page (refer­rer URL) (e.g.). https://www.beispielquellsite.de/vondabinichgekommen/)
• The host­name and IP address of the device from which access is made (e.g., COMPUTERNAME and 194.23.43.121)
• Data and time
• in files, the so-called web serv­er log files

How long is data stored?

As a rule, the above-men­tioned data is stored for two weeks and then auto­mat­i­cal­ly delet­ed. We do not share this data, but can­not rule out the pos­si­bil­i­ty that it may be viewed by author­i­ties in the event of ille­gal behav­ior.

In short: Your vis­it is logged by our provider (the com­pa­ny that runs our web­site on spe­cial com­put­ers (servers)), but we do not share your data with­out your con­sent!

Legal Basis

The legal­i­ty of the pro­cess­ing of per­son­al data with­in the frame­work of web host­ing aris­es from Art. 6 (1) (f) GDPR (pro­tec­tion of legit­i­mate inter­ests), as the use of pro­fes­sion­al host­ing with a provider is nec­es­sary to present the com­pa­ny secure­ly and user-friend­ly on the Inter­net and to be able to pur­sue attacks and claims aris­ing from this if nec­es­sary.

There is usu­al­ly a con­tract for data pro­cess­ing between us and the host­ing provider in accor­dance with Art. 28 f) GDPR, which ensures com­pli­ance with data pro­tec­tion and guar­an­tees data secu­ri­ty.

Raid­box­es Pri­va­cy Pol­i­cy

We use the web host­ing provider Raid­box­es for our web­site. The ser­vice provider is the Ger­man com­pa­ny Raid­box­es GmbH, Hafen­straße 32, 48153 Mün­ster, Ger­many.

You can learn more about the data processed through the use of Raid­box­es in the Pri­va­cy Pol­i­cy on  https://raidboxes.io/legal/privacy/.

Website modular systems Introduction

What are website builders?

We use a web­site builder sys­tem for our web­site. Builder sys­tems are spe­cial forms of con­tent man­age­ment sys­tems (CMS). With a builder sys­tem, web­site oper­a­tors can cre­ate a web­site very eas­i­ly and with­out any pro­gram­ming knowl­edge. Many web hosts also offer builder sys­tems. Using a builder sys­tem may also col­lect, store, and process your per­son­al data. This pri­va­cy pol­i­cy pro­vides you with gen­er­al infor­ma­tion about data pro­cess­ing by builder sys­tems. Fur­ther infor­ma­tion can be found in the provider’s pri­va­cy pol­i­cy.

Why do we use website builders for our website?

The biggest advan­tage of a mod­u­lar sys­tem is its ease of use. We want to offer you a clear, sim­ple, and well-orga­nized web­site that we can eas­i­ly oper­ate and main­tain ourselves—without exter­nal sup­port. A mod­u­lar sys­tem now offers many help­ful fea­tures that we can use even with­out pro­gram­ming knowl­edge. This allows us to design our web pres­ence accord­ing to our wish­es and offer you an infor­ma­tive and enjoy­able expe­ri­ence on our web­site.

What data is stored by a modular system?

Exact­ly which data is stored depends, of course, on the web­site builder sys­tem used. Each provider process­es and col­lects dif­fer­ent types of web­site vis­i­tor data. How­ev­er, tech­ni­cal usage infor­ma­tion such as oper­at­ing sys­tem, brows­er, screen res­o­lu­tion, lan­guage and key­board set­tings, host­ing provider, and the date of your web­site vis­it are gen­er­al­ly col­lect­ed. Track­ing data (e.g., brows­er activ­i­ty, click­stream activ­i­ty, ses­sion heatmaps, etc.) may also be processed. Per­son­al data may also be col­lect­ed and stored. This usu­al­ly includes con­tact infor­ma­tion such as email address, tele­phone num­ber (if you have pro­vid­ed it), IP address, and geo­graph­ic loca­tion data. You can find out exact­ly which data is stored in the provider’s pri­va­cy pol­i­cy.

How long and where is the data stored?

We will inform you about the dura­tion of data pro­cess­ing below in con­nec­tion with the web­site mod­u­lar sys­tem used, if we have fur­ther infor­ma­tion about it. You can find detailed infor­ma­tion about this in the provider’s pri­va­cy pol­i­cy. In gen­er­al, we only process per­son­al data for as long as it is absolute­ly nec­es­sary to pro­vide our ser­vices and prod­ucts. The provider may store your data accord­ing to its own spec­i­fi­ca­tions, over which we have no influ­ence.

Right of objection

You always have the right to access, cor­rect, and delete your per­son­al data. If you have any ques­tions, you can also con­tact the per­son respon­si­ble for the web­site build­ing block sys­tem you use at any time. Con­tact details can be found either in our pri­va­cy pol­i­cy or on the web­site of the respec­tive provider.

You can delete, deac­ti­vate, or man­age cook­ies that providers use for their func­tions in your brows­er. Depend­ing on the brows­er you use, this works dif­fer­ent­ly. Please note, how­ev­er, that not all func­tions may then work as usu­al.

Legal basis

We have a legit­i­mate inter­est in using a web­site builder sys­tem to opti­mize our online ser­vice and present it to you in an effi­cient and user-friend­ly man­ner. The legal basis for this is Art. 6 (1) (f) GDPR (legit­i­mate inter­ests). How­ev­er, we only use the builder sys­tem if you have giv­en your con­sent.

If the pro­cess­ing of data is not absolute­ly nec­es­sary for the oper­a­tion of the web­site, the data will only be processed based on your con­sent. This par­tic­u­lar­ly applies to track­ing activ­i­ties. The legal basis in this regard is Art. 6 (1) (a) GDPR.

With this pri­va­cy pol­i­cy, we have pro­vid­ed you with the most impor­tant gen­er­al infor­ma­tion about data pro­cess­ing. If you would like more detailed infor­ma­tion on this, you can find fur­ther infor­ma­tion – if avail­able – in the fol­low­ing sec­tion or in the provider’s pri­va­cy pol­i­cy.

WordPress.com Privacy Policy

What is WordPress?

We use the well-known con­tent man­age­ment sys­tem WordPress.com for our web­site. The ser­vice provider is the Amer­i­can com­pa­ny Automat­tic Inc., 60 29th Street #343, San Fran­cis­co, CA 94110, USA.

The com­pa­ny was found­ed in 2003 and, in a rel­a­tive­ly short time, devel­oped into one of the most well-known con­tent man­age­ment sys­tems (CMS) in the world. A CMS is soft­ware that helps us design our web­site and present con­tent in a beau­ti­ful and orga­nized man­ner. The con­tent can be text, audio, and video.
By using Word­Press, per­son­al data may also be col­lect­ed, stored, and processed. Typ­i­cal­ly, tech­ni­cal data such as oper­at­ing sys­tem, brows­er, screen res­o­lu­tion, or host­ing provider is stored. How­ev­er, per­son­al data such as IP address, geo­graph­i­cal data, or con­tact details may also be processed.

Why do we use WordPress on our website?

We have many strengths, but real pro­gram­ming is sim­ply not one of our core com­pe­ten­cies.

Nev­er­the­less, we want to have a pow­er­ful and attrac­tive web­site that we can man­age and main­tain our­selves. With a web­site builder or con­tent man­age­ment sys­tem like Word­Press, this is exact­ly what we can achieve. With Word­Press, we don’t have to be pro­gram­ming aces to offer you a beau­ti­ful web­site. Thanks to Word­Press, we can oper­ate our web­site quick­ly and eas­i­ly, even with­out pri­or tech­ni­cal knowl­edge. If tech­ni­cal prob­lems arise or we have spe­cial requests for our web­site, we always have our spe­cial­ists who are at home in HTML, PHP, CSS, and the like.

Thanks to Word­Press’s ease of use and com­pre­hen­sive fea­tures, we can design our web­site accord­ing to our wish­es and offer you a good user expe­ri­ence.

What data does WordPress process?

Non-per­son­al data includes tech­ni­cal usage infor­ma­tion such as brows­er activ­i­ty, click­stream activ­i­ty, ses­sion heatmaps, and data about your com­put­er, oper­at­ing sys­tem, brows­er, screen res­o­lu­tion, lan­guage and key­board set­tings, inter­net ser­vice provider, and the date of the page vis­it.

Per­son­al data is also col­lect­ed. This pri­mar­i­ly includes con­tact infor­ma­tion (email address or phone num­ber, if you pro­vide it), IP address, or your geo­graph­ic loca­tion.

Word­Press may also use cook­ies to col­lect data. These often con­tain data about your behav­ior on our web­site. For exam­ple, it can record which sub­pages you par­tic­u­lar­ly like to view, how long you stay on indi­vid­ual pages, when you leave a page (bounce rate), or even your pref­er­ences (e.g., lan­guage selec­tion). Based on this data, Word­Press can also bet­ter tai­lor its own mar­ket­ing mea­sures to your inter­ests and user behav­ior. The next time you vis­it our web­site, our web­site will be dis­played as you pre­vi­ous­ly con­fig­ured it.

Word­Press may also use tech­nolo­gies such as pix­el tags (web bea­cons) to, for exam­ple, clear­ly iden­ti­fy you as a user and pos­si­bly offer inter­est-based adver­tis­ing.

How long and where is the data stored?

How long the data is stored depends on var­i­ous fac­tors. It pri­mar­i­ly depends on the type of data stored and the spe­cif­ic set­tings of the web­site. Gen­er­al­ly, Word­Press deletes data when it is no longer need­ed for its own pur­pos­es. There are, of course, excep­tions, par­tic­u­lar­ly when legal oblig­a­tions stip­u­late longer reten­tion of the data. Web serv­er logs, which con­tain your IP address and tech­ni­cal data, are delet­ed by Word­Press or Automat­tic after 30 days. Automat­tic uses the data for this time to ana­lyze traf­fic on its own web­sites (for exam­ple, all Word­Press pages) and to resolve any poten­tial prob­lems. Delet­ed con­tent on Word­Press web­sites is also stored in the trash for 30 days to enable recov­ery; after that, it may remain in back­ups and caches until they are delet­ed. The data is stored on Automat­tic’s Amer­i­can servers.

How can I delete my data or prevent data storage?

You have the right and oppor­tu­ni­ty to access your per­son­al data at any time and to object to the use and pro­cess­ing of it. You can also file a com­plaint with a gov­ern­ment super­vi­so­ry author­i­ty at any time.

You also have the option to indi­vid­u­al­ly man­age, delete, or deac­ti­vate cook­ies in your brows­er. How­ev­er, please be aware that deac­ti­vat­ed or delet­ed cook­ies may have a neg­a­tive impact on the func­tion­al­i­ty of our Word­Press site. Man­ag­ing cook­ies works slight­ly dif­fer­ent­ly depend­ing on the brows­er you use. Under the “Cook­ies” sec­tion, you will find links to the rel­e­vant instruc­tions for the most pop­u­lar browsers.

Legal basis

If you have con­sent­ed to the use of Word­Press, the legal basis for the cor­re­spond­ing data pro­cess­ing is this con­sent. Accord­ing to Art. 6 (1) (a) GDPR (con­sent), this con­sent con­sti­tutes the legal basis for the pro­cess­ing of per­son­al data, as may occur when Word­Press col­lects it.

We also have a legit­i­mate inter­est in using Word­Press to opti­mize our online ser­vice and present it attrac­tive­ly for you. The cor­re­spond­ing legal basis for this is Art. 6 (1) (f) GDPR (legit­i­mate inter­ests). How­ev­er, we only use Word­Press if you have giv­en your con­sent.

Word­Press or Automat­tic process­es your data, among oth­er places, in the USA. Automat­tic is an active par­tic­i­pant in the EU-US Data Pri­va­cy Frame­work, which reg­u­lates the cor­rect and secure trans­fer of per­son­al data of EU cit­i­zens to the USA. You can find more infor­ma­tion on https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

Automat­tic also uses so-called stan­dard con­trac­tu­al claus­es (= Art. 46, Para­graphs 2 and 3 GDPR). Stan­dard con­trac­tu­al claus­es (SCCs) are tem­plates pro­vid­ed by the EU Com­mis­sion and are intend­ed to ensure that your data com­plies with Euro­pean data pro­tec­tion stan­dards even if it is trans­ferred to and stored in third coun­tries (such as the USA). Through the EU-US Data Pri­va­cy Frame­work and the stan­dard con­trac­tu­al claus­es, Automat­tic under­takes to com­ply with Euro­pean data pro­tec­tion stan­dards when pro­cess­ing your rel­e­vant data, even if the data is stored, processed, and man­aged in the USA. These claus­es are based on an imple­ment­ing deci­sion of the EU Com­mis­sion. You can find the deci­sion and the cor­re­spond­ing stan­dard con­trac­tu­al claus­es here, among oth­er places:

https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

More details about the pri­va­cy pol­i­cy and which data is processed and how by Word­Press can be found on https://automattic.com/privacy/.

Web Analytics Introduction

What is web analytics?

We use soft­ware on our web­site to eval­u­ate the behav­ior of web­site vis­i­tors, known as web ana­lyt­ics or web analy­sis for short. This data is col­lect­ed and stored, man­aged and processed by the respec­tive ana­lyt­ics tool provider (also known as a track­ing tool). This data is used to cre­ate analy­ses of user behav­ior on our web­site and make it avail­able to us as the web­site oper­a­tor. In addi­tion, most tools offer var­i­ous test­ing options. For exam­ple, we can test which offers or con­tent are most pop­u­lar with our vis­i­tors. To do this, we show you two dif­fer­ent offers for a lim­it­ed peri­od of time. After the test (a so-called A/B test), we know which prod­uct or con­tent our web­site vis­i­tors find more inter­est­ing. For such test­ing pro­ce­dures, as for oth­er ana­lyt­ics pro­ce­dures, user pro­files can be cre­at­ed and the data stored in cook­ies.

Why do we use web analytics?

We have a clear goal in mind with our web­site: to pro­vide the best web offer­ing on the mar­ket for our indus­try. To achieve this goal, we want to offer the best and most inter­est­ing offer­ing on the mar­ket, while also ensur­ing that you feel com­plete­ly at home on our web­site. With the help of web analy­sis tools, we can take a clos­er look at the behav­ior of our web­site vis­i­tors and then improve our web offer­ing for you and us accord­ing­ly. For exam­ple, we can deter­mine the aver­age age of our vis­i­tors, where they come from, when our web­site is most vis­it­ed, or which con­tent or prod­ucts are par­tic­u­lar­ly pop­u­lar. All of this infor­ma­tion helps us opti­mize the web­site and thus adapt it as best as pos­si­ble to your needs, inter­ests, and wish­es.

What data is processed?

Exact­ly which data is stored depends, of course, on the analy­sis tools used. How­ev­er, as a rule, we store infor­ma­tion such as the con­tent you view on our web­site, the but­tons or links you click, the time you access a page, the brows­er you use, the device (PC, tablet, smart­phone, etc.) you use to vis­it the web­site, and the com­put­er sys­tem you use. If you have agreed to the col­lec­tion of loca­tion data, this may also be processed by the web analy­sis tool provider.

Your IP address is also stored. Accord­ing to the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR), IP address­es are per­son­al data. How­ev­er, your IP address is usu­al­ly stored pseu­do­ny­mous­ly (i.e., in an unrec­og­niz­able and abbre­vi­at­ed form). For the pur­pos­es of test­ing, web analy­sis, and web opti­miza­tion, no direct data, such as your name, age, address, or email address, is stored. All of this data, if col­lect­ed, is stored pseu­do­ny­mous­ly. This means that you can­not be iden­ti­fied as an indi­vid­ual.

The fol­low­ing exam­ple shows schemat­i­cal­ly how Google Ana­lyt­ics works as an exam­ple of client-based web track­ing with JavaScript code.

How long the respec­tive data is stored always depends on the provider. Some cook­ies only store data for a few min­utes or until you leave the web­site again; oth­er cook­ies can store data for sev­er­al years.

Duration of data processing

We will inform you below about the dura­tion of data pro­cess­ing, as soon as we have fur­ther infor­ma­tion. Gen­er­al­ly, we only process per­son­al data for as long as it is absolute­ly nec­es­sary to pro­vide our ser­vices and prod­ucts. If required by law, such as in the case of account­ing, this reten­tion peri­od may be exceed­ed.

Right of objection

You also have the right and option to revoke your con­sent to the use of cook­ies or third-par­ty ser­vices at any time. This can be done either via our cook­ie man­age­ment tool or through oth­er opt-out func­tions. For exam­ple, you can also pre­vent data col­lec­tion through cook­ies by man­ag­ing, deac­ti­vat­ing, or delet­ing cook­ies in your brows­er.

Legal basis

The use of web ana­lyt­ics requires your con­sent, which we have obtained with our cook­ie pop­up. This con­sent is, accord­ing to Art. 6 Abs. 1 lit. a DSGVO (Ein­willi­gung) The use of web ana­lyt­ics requires your con­sent, which we have obtained with our cook­ie pop­up. This con­sent is, accord­ing to

In addi­tion to con­sent, we have a legit­i­mate inter­est in ana­lyz­ing the behav­ior of web­site vis­i­tors and thus improv­ing our offer­ing tech­ni­cal­ly and eco­nom­i­cal­ly. With the help of web ana­lyt­ics, we can detect web­site errors, iden­ti­fy attacks, and improve effi­cien­cy. The legal basis for this is Art. 6 Abs. 1 lit. f DSGVO (Berechtigte Inter­essen) . How­ev­er, we only use the tools if you have giv­en your con­sent.

Since web ana­lyt­ics tools use cook­ies, we also rec­om­mend read­ing our gen­er­al pri­va­cy pol­i­cy on cook­ies. To learn exact­ly which of your data is stored and processed, you should read the pri­va­cy poli­cies of the respec­tive tools.

Infor­ma­tion on spe­cif­ic web ana­lyt­ics tools can be found – where avail­able – in the fol­low­ing sec­tions.

Google Analytics Privacy Policy

What is Google Analytics?

• We use the analy­sis track­ing tool Google Ana­lyt­ics, ver­sion Google Ana­lyt­ics 4 (GA4), from the Amer­i­can com­pa­ny Google Inc. on our web­site. Google Ire­land Lim­it­ed (Gor­don House, Bar­row Street, Dublin 4, Ire­land) is respon­si­ble for all Google ser­vices in Europe. Google Ana­lyt­ics col­lects data about your actions on our web­site. Through the com­bi­na­tion of var­i­ous tech­nolo­gies such as cook­ies, device IDs, and login infor­ma­tion, you as a user can be iden­ti­fied across dif­fer­ent devices. This also allows your actions to be ana­lyzed across plat­forms.

  For exam­ple, if you click on a link, this event is stored in a cook­ie and sent to Google Ana­lyt­ics. The reports we receive from Google Ana­lyt­ics help us bet­ter tai­lor our web­site and our ser­vice to your needs. Below, we will dis­cuss the track­ing tool in more detail and, above all, inform you about which data is processed and how you can pre­vent this.

  Google Ana­lyt­ics is a track­ing tool used to ana­lyze our web­site’s traf­fic. These mea­sure­ments and analy­ses are based on a pseu­do­ny­mous user iden­ti­fi­ca­tion num­ber. This num­ber does not con­tain any per­son­al data such as name or address, but is used to assign events to a device. GA4 uses an event-based mod­el that records detailed infor­ma­tion on user inter­ac­tions such as page views, clicks, scrolling, and con­ver­sion events. GA4 also incor­po­rates var­i­ous machine learn­ing func­tions to bet­ter under­stand user behav­ior and cer­tain trends. GA4 uses machine learn­ing func­tions to mod­el. This means that, based on the col­lect­ed data, even miss­ing data can be extrap­o­lat­ed in order to opti­mize the analy­sis and also to make fore­casts.

  For Google Ana­lyt­ics to work, a track­ing code is embed­ded in the code of our web­site. When you vis­it our web­site, this code records var­i­ous events that you per­form on our web­site. With GA4’s event-based data mod­el, we as web­site oper­a­tors can define and track spe­cif­ic events to obtain analy­ses of user inter­ac­tions. This allows us to track not only gen­er­al infor­ma­tion such as clicks or page views, but also spe­cif­ic events that are impor­tant to our busi­ness. Such spe­cial events can include, for exam­ple, sub­mit­ting a con­tact form or pur­chas­ing a prod­uct.

  As soon as you leave our web­site, this data is sent to the Google Ana­lyt­ics servers and stored there.

  Google process­es the data, and we receive reports on your user behav­ior. These reports may include, among oth­ers, the fol­low­ing:

• Audi­ence reports: Through audi­ence reports, we get to know our users bet­ter and know more pre­cise­ly who is inter­est­ed in our ser­vice.

• Ad Report­ing: Ad report­ing helps us ana­lyze and improve our online adver­tis­ing.
• Acqui­si­tion Reports: Acqui­si­tion reports give us help­ful infor­ma­tion about how we can get more peo­ple excit­ed about our ser­vice.
• Behav­ioral reports: This tells us how you inter­act with our web­site. We can track your path on our site and the links you click.
• Con­ver­sion reports: A con­ver­sion is a process in which you per­form a desired action based on a mar­ket­ing mes­sage. For exam­ple, when you go from being a mere web­site vis­i­tor to a buy­er or newslet­ter sub­scriber. These reports help us learn more about how our mar­ket­ing efforts are res­onat­ing with you. This is how we want to increase our con­ver­sion rate.
• Real-time reports: This lets us know imme­di­ate­ly what’s hap­pen­ing on our web­site. For exam­ple, we can see how many users are cur­rent­ly read­ing this text.

In addi­tion to the analy­sis reports men­tioned above, Google Ana­lyt­ics 4 also offers the fol­low­ing fea­tures:

• Event-based data mod­el: This mod­el cap­tures very spe­cif­ic events that can occur on our web­site. For exam­ple, play­ing a video, pur­chas­ing a prod­uct, or sub­scrib­ing to our newslet­ter.
• Advanced ana­lyt­ics fea­tures: These fea­tures allow us to bet­ter under­stand your behav­ior on our web­site or cer­tain gen­er­al trends. For exam­ple, we can seg­ment user groups, con­duct com­par­a­tive analy­ses of tar­get groups, or track your jour­ney or path through our web­site.
• Pre­dic­tive mod­el­ing: Based on col­lect­ed data, machine learn­ing can extrap­o­late miss­ing data to pre­dict future events and trends. This can help us devel­op bet­ter mar­ket­ing strate­gies.
• Cross-plat­form analy­sis: Data can be col­lect­ed and ana­lyzed from both web­sites and apps. This allows us to ana­lyze user behav­ior across plat­forms, pro­vid­ed, of course, that you have con­sent­ed to data pro­cess­ing.

Why do we use Google Analytics on our website?

Our goal with this web­site is clear: to offer you the best pos­si­ble ser­vice. The sta­tis­tics and data from Google Ana­lyt­ics help us achieve this goal.

The sta­tis­ti­cal­ly ana­lyzed data pro­vides us with a clear pic­ture of our web­site’s strengths and weak­ness­es. On the one hand, we can opti­mize our site so that it’s eas­i­er for inter­est­ed peo­ple to find it on Google. On the oth­er hand, the data helps us bet­ter under­stand you as a vis­i­tor. This allows us to know exact­ly what we need to improve on our web­site to offer you the best pos­si­ble ser­vice. The data also helps us imple­ment our adver­tis­ing and mar­ket­ing mea­sures in a more per­son­al­ized and cost-effec­tive way. After all, it only makes sense to show our prod­ucts and ser­vices to peo­ple who are inter­est­ed in them.

What data does Google Analytics store?

Google Ana­lyt­ics uses a track­ing code to cre­ate a ran­dom, unique ID linked to your brows­er cook­ie. This allows Google Ana­lyt­ics to rec­og­nize you as a new user and assign you a user ID. The next time you vis­it our site, you will be rec­og­nized as a “return­ing” user. All col­lect­ed data is stored togeth­er with this user ID. This makes it pos­si­ble to eval­u­ate pseu­do­ny­mous user pro­files.

In order to ana­lyze our web­site with Google Ana­lyt­ics, a prop­er­ty ID must be insert­ed into the track­ing code. The data is then stored in the cor­re­spond­ing prop­er­ty. The Google Ana­lyt­ics 4 prop­er­ty is the default for every new­ly cre­at­ed prop­er­ty. Data is stored for dif­fer­ent lengths of time depend­ing on the prop­er­ty used.

Using iden­ti­fiers such as cook­ies, app instance IDs, user IDs, or cus­tom event para­me­ters, your inter­ac­tions are mea­sured across plat­forms, pro­vid­ed you have con­sent­ed. Inter­ac­tions are all types of actions you per­form on our web­site. If you also use oth­er Google sys­tems (such as a Google Account), data gen­er­at­ed via Google Ana­lyt­ics may be linked to third-par­ty cook­ies. Google does not share Google Ana­lyt­ics data unless we, as the web­site oper­a­tor, approve it. Excep­tions may apply if required by law.

Accord­ing to Google, no IP address­es are logged or stored in Google Ana­lyt­ics 4. How­ev­er, Google uses IP address data to derive loca­tion data and deletes it imme­di­ate­ly after­wards. All IP address­es col­lect­ed from users in the EU are delet­ed before the data is stored in a data cen­ter or on a serv­er.

Because Google Ana­lyt­ics 4 focus­es on event-based data, the tool uses sig­nif­i­cant­ly few­er cook­ies than pre­vi­ous ver­sions (such as Google Uni­ver­sal Ana­lyt­ics). How­ev­er, there are some spe­cif­ic cook­ies used by GA4. These include:

Name: _ga
Val­ue: 2.1326744211.152112009279–5
Pur­pose: By default, analytics.js uses the _ga cook­ie to store the user ID. It is pri­mar­i­ly used to dis­tin­guish between web­site vis­i­tors.
Expiry date: after 2 years

Name: _gid
Val­ue: 2.1687193234.152112009279–1
Pur­pose: This cook­ie also serves to dis­tin­guish between web­site vis­i­tors.
Expiry date: after 24 hours

Name: _gat_gtag_UA_<property-id>
Val­ue: 1
Pur­pose: Used to reduce the request rate. If Google Ana­lyt­ics is pro­vid­ed via Google Tag Man­ag­er, this cook­ie is named _dc_gtm_<property-id>.
Expiry date: after 1 minute

Note: This list can­not claim to be exhaus­tive, as Google con­tin­u­al­ly changes its cook­ie choic­es. GA4 also aims to improve data pro­tec­tion. There­fore, the tool offers sev­er­al options for con­trol­ling data col­lec­tion. For exam­ple, we can spec­i­fy the stor­age peri­od our­selves and also con­trol data col­lec­tion.

Here we show you an overview of the most impor­tant types of data col­lect­ed with Google Ana­lyt­ics:

Heatmaps: Google cre­ates so-called heatmaps. Heatmaps show exact­ly the areas you click on. This gives us infor­ma­tion about where you are on our site.

Ses­sion dura­tion: Google defines the time you spend on our site with­out leav­ing the page as ses­sion dura­tion. If you have been inac­tive for 20 min­utes, the ses­sion ends auto­mat­i­cal­ly.

Bounce rate: A bounce occurs when you only view one page on our web­site and then leave our web­site again.

Account cre­ation: When you cre­ate an account or place an order on our web­site, Google Ana­lyt­ics col­lects this data.

Loca­tion: IP address­es are not logged or stored in Google Ana­lyt­ics. How­ev­er, loca­tion data is derived short­ly before the IP address is delet­ed.

Tech­ni­cal infor­ma­tion: Tech­ni­cal infor­ma­tion includes, among oth­er things, your brows­er type, your Inter­net ser­vice provider or your screen res­o­lu­tion.

Source: Google Ana­lyt­ics and we are of course also inter­est­ed in which web­site or adver­tise­ment you came to our site from.

Oth­er data includes con­tact infor­ma­tion, any rat­ings, media play­back (e.g., when you play a video on our site), shar­ing con­tent via social media, or adding con­tent to your favorites. This list is not exhaus­tive and serves only as a gen­er­al guide to data stor­age by Google Ana­lyt­ics.

How long and where is the data stored?

Google has dis­trib­uted its servers all over the world. Here you can find out exact­ly where Google’s data cen­ters are locat­ed: https://datacenters.google/locations/

Your data is dis­trib­uted across mul­ti­ple phys­i­cal stor­age devices. This has the advan­tage of being faster to access and bet­ter pro­tect­ed against tam­per­ing. Every Google data cen­ter has emer­gency back­up pro­grams for your data. If, for exam­ple, Google’s hard­ware fails or nat­ur­al dis­as­ters crip­ple servers, the risk of ser­vice inter­rup­tion at Google remains low.

The reten­tion peri­od for data depends on the prop­er­ties used. The reten­tion peri­od is always deter­mined indi­vid­u­al­ly for each prop­er­ty. Google Ana­lyt­ics offers us four options for con­trol­ling the reten­tion peri­od:

• 2 months: this is the short­est stor­age peri­od.
• 14 months: By default, GA4 stores data for 14 months.
• 26 months: you can also store the data for 26 months.
• Data will only be delet­ed when we delete it man­u­al­ly

Addi­tion­al­ly, you can choose to have data delet­ed only if you no longer vis­it our web­site with­in the peri­od we select. In this case, the reten­tion peri­od will be reset each time you vis­it our web­site again with­in the spec­i­fied peri­od.

Once the spec­i­fied peri­od has expired, the data will be delet­ed once a month. This reten­tion peri­od applies to your data asso­ci­at­ed with cook­ies, user recog­ni­tion, and adver­tis­ing IDs (e.g., cook­ies from the Dou­bleClick domain). Report results are based on aggre­gat­ed data and are stored inde­pen­dent­ly of user data. Aggre­gat­ed data is the merg­ing of indi­vid­ual pieces of data into a larg­er unit.

How can I delete my data or prevent data storage?

Under Euro­pean Union data pro­tec­tion law, you have the right to access, update, delete, or restrict your data. You can pre­vent Google Ana­lyt­ics 4 from using your data by using the Google Ana­lyt­ics JavaScript (analytics.js, gtag.js) brows­er add-on. You can down­load the brows­er add-on at https://tools.google.com/dlpage/gaoptout?hl=de

Down­load and install. Please note that this add-on only dis­ables data col­lec­tion by Google Ana­lyt­ics.

If you gen­er­al­ly want to dis­able, delete, or man­age cook­ies, you will find the rel­e­vant links to the instruc­tions for the most pop­u­lar browsers under the “Cook­ies” sec­tion.

Legal basis

The use of Google Ana­lyt­ics requires your con­sent, which we have obtained with our cook­ie pop­up. This con­sent is pro­vid­ed accord­ing to Art. 6 Abs. 1 lit. a DSGVO (Ein­willi­gung) the legal basis for the pro­cess­ing of per­son­al data, as may occur when col­lect­ed by web ana­lyt­ics tools.

In addi­tion to con­sent, we have a legit­i­mate inter­est in ana­lyz­ing the behav­ior of web­site vis­i­tors and thus improv­ing our offer­ing tech­ni­cal­ly and eco­nom­i­cal­ly. With the help of Google Ana­lyt­ics, we can detect errors on the web­site, iden­ti­fy attacks, and improve effi­cien­cy. The legal basis for this is Art. 6 Abs. 1 lit. f DSGVO (Berechtigte Inter­essen) . How­ev­er, we only use Google Ana­lyt­ics if you have giv­en your con­sent.

Google process­es your data, among oth­er places, in the USA. Google is an active par­tic­i­pant in the EU-US Data Pri­va­cy Frame­work, which reg­u­lates the cor­rect and secure trans­fer of per­son­al data from EU cit­i­zens to the USA. You can find more infor­ma­tion on https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

In addi­tion, Google uses so-called stan­dard con­trac­tu­al claus­es (= Art. 46 (2) and (3) GDPR). Stan­dard con­trac­tu­al claus­es (SCCs) are tem­plates pro­vid­ed by the EU Com­mis­sion and are intend­ed to ensure that your data com­plies with Euro­pean data pro­tec­tion stan­dards even if it is trans­ferred to and stored in third coun­tries (such as the USA). Through the EU-US Data Pri­va­cy Frame­work and the stan­dard con­trac­tu­al claus­es, Google under­takes to com­ply with Euro­pean data pro­tec­tion stan­dards when pro­cess­ing your rel­e­vant data, even if the data is stored, processed, and man­aged in the USA. These claus­es are based on an imple­ment­ing deci­sion of the EU Com­mis­sion. You can find the deci­sion and the cor­re­spond­ing stan­dard con­trac­tu­al claus­es here, among oth­er places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Pro­cess­ing Terms, which refer to the stan­dard con­trac­tu­al claus­es, can be found at https://business.safety.google/intl/de/adsprocessorterms/.

We hope we’ve been able to pro­vide you with the most impor­tant infor­ma­tion about Google Ana­lyt­ics’ data pro­cess­ing. If you’d like to learn more about the track­ing ser­vice, we rec­om­mend these two links: https://marketingplatform.google.com/about/analytics/terms/de/ and

https://support.google.com/analytics/answer/6004245?hl=de.

If you want to learn more about data pro­cess­ing, please use the Google Pri­va­cy Pol­i­cy on https://policies.google.com/privacy?hl=de.

Google Tag Manager Privacy Policy

What is the Google Tag Manager?

For our web­site, we use Google Tag Man­ag­er from Google Inc. For the Euro­pean region, Google Ire­land Lim­it­ed (Gor­don House, Bar­row Street Dublin 4, Ire­land) is respon­si­ble for all Google ser­vices. This Tag Man­ag­er is one of many help­ful mar­ket­ing prod­ucts from Google. Google Tag Man­ag­er allows us to cen­tral­ly inte­grate and man­age code sec­tions from var­i­ous track­ing tools that we use on our web­site.

In this pri­va­cy pol­i­cy, we would like to explain in more detail what Google Tag Man­ag­er does, why we use it and how data is processed.

Google Tag Man­ag­er is an orga­ni­za­tion­al tool that allows us to inte­grate and man­age web­site tags cen­tral­ly and via a user inter­face. Tags are small sec­tions of code that record (track) your activ­i­ties on our web­site, for exam­ple. For this pur­pose, JavaScript code sec­tions are insert­ed into the source code of our site. The tags often orig­i­nate from inter­nal Google prod­ucts such as Google Ads or Google Ana­lyt­ics, but tags from oth­er com­pa­nies can also be inte­grat­ed and man­aged via the Man­ag­er. Such tags per­form dif­fer­ent tasks. They can col­lect brows­er data, feed mar­ket­ing tools with data, inte­grate but­tons, set cook­ies and also track users across mul­ti­ple web­sites.

Why do we use Google Tag Manager for our website?

As the say­ing goes: orga­ni­za­tion is half the bat­tle! And of course this also applies to the main­te­nance of our web­site. In order to make our web­site as good as pos­si­ble for you and all peo­ple who are inter­est­ed in our prod­ucts and ser­vices, we need var­i­ous track­ing tools such as Google Ana­lyt­ics. The data col­lect­ed by these tools shows us what you are most inter­est­ed in, where we can improve our ser­vices and which peo­ple we should show our offers to. And for this track­ing to work, we have to inte­grate the cor­re­spond­ing JavaScript codes into our web­site. In prin­ci­ple, we could inte­grate each code sec­tion of the indi­vid­ual track­ing tools sep­a­rate­ly into our source code. How­ev­er, this takes a rel­a­tive­ly long time and it is easy to lose track. That’s why we use the Google Tag Man­ag­er. We can eas­i­ly inte­grate the nec­es­sary scripts and man­age them from one place. Google Tag Man­ag­er also offers an easy-to-use user inter­face and no pro­gram­ming knowl­edge is required. This is how we man­age to keep order in our tag jun­gle.

What data is stored by Google Tag Manager?

The Tag Man­ag­er itself is a domain that does not set any cook­ies or store any data. It acts as a mere “man­ag­er” of the imple­ment­ed tags. The data is record­ed by the indi­vid­ual tags of the var­i­ous web analy­sis tools. The data is passed through the Google Tag Man­ag­er to the indi­vid­ual track­ing tools and is not saved.

How­ev­er, the sit­u­a­tion is com­plete­ly dif­fer­ent with the inte­grat­ed tags of the var­i­ous web analy­sis tools, such as Google Ana­lyt­ics. Depend­ing on the analy­sis tool, var­i­ous data about your web behav­ior is usu­al­ly col­lect­ed, stored and processed with the help of cook­ies. Please read our data pro­tec­tion texts for the indi­vid­ual analy­sis and track­ing tools that we use on our web­site.

In the account set­tings of the Tag Man­ag­er, we have allowed Google to receive anonymized data from us. How­ev­er, this only con­cerns the use and uti­liza­tion of our Tag Man­ag­er and not your data that is stored via the code sec­tions. We allow Google and oth­ers to receive select­ed data in anonymized form. We there­fore con­sent to the anony­mous shar­ing of our web­site data. Despite exten­sive research, we were unable to find out exact­ly which sum­ma­rized and anony­mous data is for­ward­ed. In any case, Google deletes all infor­ma­tion that could iden­ti­fy our web­site. Google com­bines the data with hun­dreds of oth­er anony­mous web­site data and cre­ates user trends as part of bench­mark­ing mea­sures. Bench­mark­ing involves com­par­ing our own results with those of our com­peti­tors. Process­es can be opti­mized on the basis of the infor­ma­tion col­lect­ed.

How long and where is the data stored?

When Google stores data, this data is stored on Google’s own servers. The servers are locat­ed all over the world. Most of them are locat­ed in Amer­i­ca. Under https://datacenters.google/locations/    you can find out exact­ly where the Google servers are locat­ed.

You can find out how long the indi­vid­ual track­ing tools store your data in our indi­vid­ual data pro­tec­tion texts for the indi­vid­ual tools.

How can I delete my data or prevent data storage?

The Google Tag Man­ag­er itself does not set cook­ies, but man­ages tags from var­i­ous track­ing web­sites. In our data pro­tec­tion texts on the indi­vid­ual track­ing tools, you will find detailed infor­ma­tion on how you can delete or man­age your data.

Please note that when using this tool, your data may also be stored and processed out­side the EU. Most third coun­tries (includ­ing the USA) are not con­sid­ered secure under cur­rent Euro­pean data pro­tec­tion law. Data may there­fore not sim­ply be trans­ferred to inse­cure third coun­tries, stored and processed there, unless there are suit­able guar­an­tees (such as EU stan­dard con­trac­tu­al claus­es) between us and the non-Euro­pean ser­vice provider.

Legal basis

The use of Google Tag Man­ag­er requires your con­sent, which we have obtained with our cook­ie pop-up. Accord­ing to Art. 6 para. 1 lit. a GDPR (con­sent), this con­sent con­sti­tutes the legal basis for the pro­cess­ing of per­son­al data, as may occur when it is col­lect­ed by web ana­lyt­ics tools.

In addi­tion to con­sent, we have a legit­i­mate inter­est in ana­lyz­ing the behav­ior of web­site vis­i­tors in order to improve our offer tech­ni­cal­ly and eco­nom­i­cal­ly. We can improve our effi­cien­cy with the help of the Google Tag Man­ag­er. The legal basis for this is Art. 6 para. 1 lit. f GDPR (legit­i­mate inter­ests) . Nev­er­the­less, we only use Google Tag Man­ag­er if you have giv­en your con­sent.

Google also process­es your data in the USA, among oth­er places. Google is an active par­tic­i­pant in the EU-US Data Pro­tec­tion Frame­work, which reg­u­lates the cor­rect and secure trans­fer of per­son­al data of EU cit­i­zens to the USA. For more infor­ma­tion, see https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

Google also uses so-called stan­dard con­trac­tu­al claus­es (= Art. 46 (2) and (3) GDPR). Stan­dard Con­trac­tu­al Claus­es (SCCs) are tem­plates pro­vid­ed by the EU Com­mis­sion and are intend­ed to ensure that your data com­plies with Euro­pean data pro­tec­tion stan­dards even if it is trans­ferred to third coun­tries (such as the USA) and stored there. Through the EU-US Data Pri­va­cy Frame­work and the stan­dard con­trac­tu­al claus­es, Google under­takes to com­ply with the Euro­pean lev­el of data pro­tec­tion when pro­cess­ing your rel­e­vant data, even if the data is stored, processed and man­aged in the USA. These claus­es are based on an imple­ment­ing deci­sion of the EU Com­mis­sion. You can find the deci­sion and the cor­re­spond­ing stan­dard con­trac­tu­al claus­es here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Pro­cess­ing Terms, which refer to the stan­dard con­trac­tu­al claus­es, can be found at https://business.safety.google/intl/de/adsprocessorterms/.

If you want to learn more about Google Tag Man­ag­er, we rec­om­mend the FAQs at https://support.google.com/tagmanager/?hl=de#topic=3441530.

You can find out which data Google gen­er­al­ly col­lects and what they use this data for at https://policies.google.com/privacy?hl=de read more.

Cookie-Zustimmungsmanagement-Plattform Einführung

What is a Cookie Consent Management Platform?

We use Con­sent Man­age­ment Plat­form (CMP) soft­ware on our web­site, which makes it eas­i­er for us and you to han­dle scripts and cook­ies cor­rect­ly and secure­ly. The soft­ware auto­mat­i­cal­ly cre­ates a cook­ie pop-up, scans and checks all scripts and cook­ies, pro­vides you with the cook­ie con­sent required under data pro­tec­tion law and helps us and you to keep track of all cook­ies. Most cook­ie con­sent man­age­ment tools iden­ti­fy and cat­e­go­rize all exist­ing cook­ies. As a web­site vis­i­tor, you then decide for your­self whether and which scripts and cook­ies you allow or do not allow. The fol­low­ing graph­ic shows the rela­tion­ship between brows­er, web serv­er and CMP.

Why do we use a cookie management tool?

Our aim is to offer you the best pos­si­ble trans­paren­cy in the area of data pro­tec­tion. We are also legal­ly oblig­ed to do so. We want to pro­vide you with as much infor­ma­tion as pos­si­ble about all tools and all cook­ies that can store and process your data. It is also your right to decide for your­self which cook­ies you accept and which you do not. In order to grant you this right, we first need to know exact­ly which cook­ies have land­ed on our web­site in the first place. Thanks to a cook­ie man­age­ment tool that reg­u­lar­ly scans the web­site for all exist­ing cook­ies, we know about all cook­ies and can pro­vide you with GDPR-com­pli­ant infor­ma­tion about them. You can then accept or reject cook­ies via the con­sent sys­tem.

What data is processed?

As part of our cook­ie man­age­ment tool, you can man­age each indi­vid­ual cook­ie your­self and have com­plete con­trol over the stor­age and pro­cess­ing of your data. The dec­la­ra­tion of your con­sent is stored so that we do not have to ask you every time you vis­it our web­site and we can also prove your con­sent if required by law. This is stored either in an opt-in cook­ie or on a serv­er. The stor­age peri­od of your cook­ie con­sent varies depend­ing on the provider of the cook­ie man­age­ment tool. In most cas­es, this data (e.g. pseu­do­ny­mous user ID, time of con­sent, details of cook­ie cat­e­gories or tools, brows­er, device infor­ma­tion) is stored for up to two years.

Duration of data processing

We will inform you about the dura­tion of data pro­cess­ing below, if we have fur­ther infor­ma­tion on this. In gen­er­al, we only process per­son­al data for as long as is absolute­ly nec­es­sary for the pro­vi­sion of our ser­vices and prod­ucts. Data that is stored in cook­ies is stored for dif­fer­ent lengths of time. Some cook­ies are delet­ed as soon as you leave the web­site, while oth­ers may be stored in your brows­er for sev­er­al years. The exact dura­tion of data pro­cess­ing depends on the tool used; in most cas­es, you should be pre­pared for a stor­age peri­od of sev­er­al years. You can usu­al­ly find pre­cise infor­ma­tion about the dura­tion of data pro­cess­ing in the respec­tive data pro­tec­tion dec­la­ra­tions of the indi­vid­ual providers.

Right of objection

You also have the right and the option to with­draw your con­sent to the use of cook­ies at any time. This works either via our cook­ie man­age­ment tool or via oth­er opt-out func­tions. For exam­ple, you can also pre­vent data col­lec­tion by cook­ies by man­ag­ing, deac­ti­vat­ing or delet­ing cook­ies in your brows­er.

Infor­ma­tion on spe­cial cook­ie man­age­ment tools, if avail­able, can be found in the fol­low­ing sec­tions.

Legal basis

If you con­sent to cook­ies, your per­son­al data will be processed and stored via these cook­ies. If we are per­mit­ted to use cook­ies on the basis of your con­sent (Arti­cle 6(1)(a) GDPR), this con­sent is also the legal basis for the use of cook­ies and the pro­cess­ing of your data. Cook­ie con­sent man­age­ment plat­form soft­ware is used to man­age your con­sent to cook­ies and to enable you to give your con­sent. The use of this soft­ware enables us to oper­ate the web­site in an effi­cient and legal­ly com­pli­ant man­ner, which con­sti­tutes a legit­i­mate inter­est (Arti­cle 6(1)(f) GDPR).

AdSimple Consent Manager Privacy Policy

What is the AdSimple Consent Manager?

We use the AdSim­ple Con­sent Man­ag­er of the soft­ware devel­op­ment and online mar­ket­ing com­pa­ny AdSim­ple GmbH, Fab­riks­gasse 20, 2230 Gänsern­dorf on our web­site. The AdSim­ple Con­sent Man­ag­er offers us, among oth­er things, the oppor­tu­ni­ty to pro­vide you with a com­pre­hen­sive and data pro­tec­tion-com­pli­ant cook­ie notice so that you can decide for your­self which cook­ies you allow and which you do not. By using this soft­ware, data is sent from you to AdSim­ple and stored. In this pri­va­cy pol­i­cy, we inform you why we use the AdSim­ple Con­sent Man­ag­er, what data is trans­ferred and stored and how you can pre­vent this data trans­fer.

The AdSim­ple Con­sent Man­ag­er is a soft­ware that scans our web­site and iden­ti­fies and cat­e­go­rizes all exist­ing cook­ies. In addi­tion, as a web­site vis­i­tor, you are informed about the use of cook­ies via a cook­ie notice script and decide for your­self which cook­ies you allow and which you do not.

Why do we use the AdSimple Consent Manager on our website?

We want to offer you max­i­mum trans­paren­cy in the area of data pro­tec­tion. To ensure this, we first need to know exact­ly which cook­ies have end­ed up on our web­site over time. Because AdSim­ple’s Con­sent Man­ag­er reg­u­lar­ly scans our web­site and iden­ti­fies all cook­ies, we have full con­trol over these cook­ies and can there­fore act in com­pli­ance with the GDPR. This enables us to inform you pre­cise­ly about the use of cook­ies on our web­site. Fur­ther­more, you will always receive an up-to-date and data pro­tec­tion-com­pli­ant cook­ie notice and can decide for your­self which cook­ies you accept or block using a check­box sys­tem.

What data is stored by the AdSimple Consent Manager?

If you con­sent to cook­ies on our web­site, the fol­low­ing cook­ie will be set by the AdSim­ple Con­sent Man­ag­er:

Name: acm_status
Val­ue: “:true, “statistics”:true, “marketing”:true, “socialmedia”:true, “settings”:true}
Pur­pose: Your con­sent sta­tus is stored in this cook­ie. This allows our web­site to read and fol­low the cur­rent sta­tus on future vis­its.
Expi­ra­tion date: after one year

How long and where is the data stored?

All data col­lect­ed by the AdSim­ple Con­sent Man­ag­er is trans­ferred and stored exclu­sive­ly with­in the Euro­pean Union. The data col­lect­ed is stored on AdSim­ple’s servers at Het­zn­er GmbH in Ger­many. Only AdSim­ple GmbH and Het­zn­er GmbH have access to this data.

How can I delete my data or prevent data storage?

You have the right to access and delete your per­son­al data at any time. You can pre­vent data col­lec­tion and stor­age, for exam­ple, by reject­ing the use of cook­ies via the cook­ie hint script. Anoth­er option to pre­vent data pro­cess­ing or to man­age it accord­ing to your wish­es is offered by your brows­er. Depend­ing on the brows­er, cook­ie man­age­ment works slight­ly dif­fer­ent­ly. In the “Cook­ies” sec­tion, you will find the rel­e­vant links to the instruc­tions for the most pop­u­lar browsers.

Legal basis

If you con­sent to cook­ies, your per­son­al data will be processed and stored via these cook­ies. If we are per­mit­ted to use cook­ies on the basis of your con­sent (Arti­cle 6(1)(a) GDPR), this con­sent is also the legal basis for the use of cook­ies and the pro­cess­ing of your data. The AdSim­ple Con­sent Man­ag­er is used to man­age con­sent to cook­ies and to enable you to give your con­sent. The use of this soft­ware enables us to oper­ate the web­site in an effi­cient and legal­ly com­pli­ant man­ner, which con­sti­tutes a legit­i­mate inter­est (Arti­cle 6(1)(f) GDPR).

We hope we have pro­vid­ed you with a good overview of the data traf­fic and data pro­cess­ing by the AdSim­ple Con­sent Man­ag­er. If you would like to find out more about this tool, we rec­om­mend you vis­it the descrip­tion page on https://www.adsimple.at/consent-manager/.

BorlabsCookie privacy policy

We use Bor­lab­sCook­ie on our web­site, which is, among oth­er things, a tool for stor­ing your cook­ie con­sent. The ser­vice provider is the Ger­man com­pa­ny Bor­labs — Ben­jamin A. Born­schein, Rübenkamp 32, 22305 Ham­burg, Ger­many. You can find out more about the data processed through the use of Bor­lab­sCook­ie in the pri­va­cy pol­i­cy at https://de.borlabs.io/datenschutz/.

Security & Anti-Spam

What is security & anti-spam software?

With so-called secu­ri­ty and anti-spam soft­ware, you and we can pro­tect our­selves from var­i­ous spam or phish­ing emails and pos­si­ble oth­er cyber­at­tacks. Spam refers to adver­tis­ing emails from a mass mail­ing that you did not request your­self. Such emails are also known as data junk and can also cause costs. Phish­ing emails, on the oth­er hand, are mes­sages that aim to build trust via fake mes­sages or web­sites in order to obtain per­son­al data. Anti-spam soft­ware gen­er­al­ly pro­tects against unwant­ed spam mes­sages or mali­cious emails that could intro­duce virus­es into our sys­tem. We also use gen­er­al fire­wall and secu­ri­ty sys­tems to pro­tect our com­put­ers from unwant­ed net­work attacks.

Why do we use security & anti-spam software?

We attach great impor­tance to secu­ri­ty on our web­site. After all, it’s not just about our secu­ri­ty, but above all about yours. Unfor­tu­nate­ly, cyber threats are now part of every­day life in the world of IT and the Inter­net. Hack­ers often try to steal per­son­al data from an IT sys­tem with the help of a cyber attack. And that is why a good defense sys­tem is absolute­ly essen­tial. A secu­ri­ty sys­tem mon­i­tors all incom­ing and out­go­ing con­nec­tions to our net­work or com­put­er. To achieve even greater secu­ri­ty against cyber attacks, we also use oth­er exter­nal secu­ri­ty ser­vices in addi­tion to the stan­dard­ized secu­ri­ty sys­tems on our com­put­er. This pre­vents unau­tho­rized data traf­fic and pro­tects us from cyber­crime.

What data is processed by security & anti-spam software?What data is processed by security & anti-spam software?

Exact­ly which data is col­lect­ed and stored depends of course on the respec­tive ser­vice. How­ev­er, we always strive to use only pro­grams that col­lect data very spar­ing­ly or only store data that is nec­es­sary for the per­for­mance of the ser­vice offered. In prin­ci­ple, the ser­vice may store data such as name, address, IP address, e‑mail address and tech­ni­cal data such as brows­er type or brows­er ver­sion. Any per­for­mance and log data may also be col­lect­ed in order to detect pos­si­ble incom­ing threats in good time. This data is processed as part of the ser­vices and in com­pli­ance with the applic­a­ble laws. This also includes the GDPR for US providers (via the stan­dard con­trac­tu­al claus­es). In some cas­es, these secu­ri­ty ser­vices also work with third-par­ty providers who may store and/or process data under instruc­tions and in accor­dance with the data pro­tec­tion guide­lines and oth­er secu­ri­ty mea­sures. Data is usu­al­ly stored via cook­ies.

Duration of data processing

We will inform you about the dura­tion of data pro­cess­ing below if we have fur­ther infor­ma­tion on this. For exam­ple, secu­ri­ty pro­grams store data until you or we revoke the data stor­age. In gen­er­al, per­son­al data is only stored for as long as is absolute­ly nec­es­sary for the pro­vi­sion of the ser­vices. Unfor­tu­nate­ly, in many cas­es we do not receive pre­cise infor­ma­tion from the providers about the length of stor­age.

Right of objection

You also have the right and the option to with­draw your con­sent to the use of cook­ies or third-par­ty secu­ri­ty soft­ware at any time. This works either via our cook­ie man­age­ment tool or via oth­er opt-out func­tions. For exam­ple, you can also pre­vent data col­lec­tion by cook­ies by man­ag­ing, deac­ti­vat­ing or delet­ing cook­ies in your brows­er.

As such secu­ri­ty ser­vices may also use cook­ies, we rec­om­mend that you read our gen­er­al pri­va­cy pol­i­cy on cook­ies. To find out exact­ly which of your data is stored and processed, you should read the pri­va­cy poli­cies of the respec­tive tools.

Legal basis

We use the secu­ri­ty ser­vices main­ly on the basis of our legit­i­mate inter­ests (Art. 6 para. 1 lit. f GDPR) in a good secu­ri­ty sys­tem against var­i­ous cyber attacks.

Cer­tain pro­cess­ing oper­a­tions, in par­tic­u­lar the use of cook­ies and the use of secu­ri­ty func­tions, require your con­sent. If you have con­sent­ed to your data being processed and stored by inte­grat­ed secu­ri­ty ser­vices, this con­sent is the legal basis for data pro­cess­ing (Art. 6 para. 1 lit. a GDPR). Most of the ser­vices we use set cook­ies in your brows­er to store data. We there­fore rec­om­mend that you read our data pro­tec­tion text on cook­ies care­ful­ly and view the pri­va­cy pol­i­cy or cook­ie guide­lines of the respec­tive ser­vice provider.

Infor­ma­tion on spe­cial tools — if avail­able — can be found in the fol­low­ing sec­tions.

Google reCAPTCHA privacy policy

What is reCAPTCHA?

Our pri­ma­ry goal is to secure and pro­tect our web­site for you and for us in the best pos­si­ble way. To ensure this, we use Google reCAPTCHA from Google Inc. For the Euro­pean region, the com­pa­ny Google Ire­land Lim­it­ed (Gor­don House, Bar­row Street Dublin 4, Ire­land) is respon­si­ble for all Google ser­vices. With reCAPTCHA we can deter­mine whether you are real­ly a flesh and blood per­son and not a robot or oth­er spam soft­ware. By spam we mean any unso­licit­ed infor­ma­tion that is sent to us elec­tron­i­cal­ly. With the clas­sic CAPTCHAs, you usu­al­ly had to solve text or pic­ture puz­zles for ver­i­fi­ca­tion. With reCAPTCHA from Google, we don’t usu­al­ly have to both­er you with such puz­zles. In most cas­es, all you have to do is tick a box to con­firm that you are not a bot. With the new Invis­i­ble reCAPTCHA ver­sion, you no longer even have to tick the box. You can find out exact­ly how this works and, above all, which data is used for this in the course of this pri­va­cy pol­i­cy.

reCAPTCHA is a free captcha ser­vice from Google that pro­tects web­sites from spam soft­ware and mis­use by non-human vis­i­tors. This ser­vice is most com­mon­ly used when you fill out forms on the Inter­net. A Captcha ser­vice is a type of auto­mat­ic Tur­ing test that is designed to ensure that an action on the Inter­net is per­formed by a human and not by a bot. In the clas­sic Tur­ing test (named after the com­put­er sci­en­tist Alan Tur­ing), a human deter­mines the dif­fer­ence between a bot and a human. With captchas, this is also done by a com­put­er or a soft­ware pro­gram. Clas­sic captchas work with small tasks that are easy for humans to solve but present con­sid­er­able dif­fi­cul­ties for machines. With reCAPTCHA, you no longer have to active­ly solve puz­zles. The tool uses mod­ern risk tech­niques to dis­tin­guish humans from bots. All you have to do is check the “I am not a robot” text box or, with Invis­i­ble reCAPTCHA, even that is no longer nec­es­sary. With reCAPTCHA, a JavaScript ele­ment is inte­grat­ed into the source code and then the tool runs in the back­ground and ana­lyzes your user behav­iour. The soft­ware cal­cu­lates a so-called captcha score from these user actions. Google uses this score to cal­cu­late the prob­a­bil­i­ty that you are human even before you enter the captcha. reCAPTCHA or captchas in gen­er­al are always used when bots could manip­u­late or abuse cer­tain actions (e.g. reg­is­tra­tions, sur­veys, etc.).

Why do we use reCAPTCHA on our website?

We only want to wel­come peo­ple of flesh and blood on our site. Bots and spam soft­ware of all kinds can safe­ly stay at home. That’s why we do every­thing we can to pro­tect our­selves and offer you the best pos­si­ble user-friend­li­ness. For this rea­son, we use Google reCAPTCHA from Google. This way we can be pret­ty sure that we remain a “bot-free” web­site. By using reCAPTCHA, data is trans­mit­ted to Google to deter­mine whether you are actu­al­ly a human being. reCAPTCHA there­fore serves to ensure the secu­ri­ty of our web­site and, by exten­sion, your secu­ri­ty. For exam­ple, with­out reCAPTCHA it could hap­pen that a bot reg­is­ters as many e‑mail address­es as pos­si­ble dur­ing reg­is­tra­tion in order to sub­se­quent­ly “spam” forums or blogs with unwant­ed adver­tis­ing con­tent. With reCAPTCHA, we can pre­vent such bot attacks.

What data is stored by reCAPTCHA?

reCAPTCHA col­lects per­son­al data from users in order to deter­mine whether the actions on our web­site actu­al­ly orig­i­nate from peo­ple. The IP address and oth­er data that Google requires for the reCAPTCHA ser­vice may there­fore be sent to Google. IP address­es are almost always trun­cat­ed with­in the mem­ber states of the EU or oth­er sig­na­to­ry states to the Agree­ment on the Euro­pean Eco­nom­ic Area before the data is sent to a serv­er in the USA. The IP address is not com­bined with oth­er Google data unless you are logged in with your Google account while using reCAPTCHA. First, the reCAPTCHA algo­rithm checks whether Google cook­ies from oth­er Google ser­vices (YouTube, Gmail, etc.) have already been placed on your brows­er. Then reCAPTCHA sets an addi­tion­al cook­ie in your brows­er and takes a snap­shot of your brows­er win­dow.

The fol­low­ing list of col­lect­ed brows­er and user data is not intend­ed to be exhaus­tive. Rather, they are exam­ples of data that, to our knowl­edge, are processed by Google.

• Refer­rer URL (the address of the page from which the vis­i­tor comes)
  IP address (e.g. 256.123.123.1)
• Infor­ma­tion about the oper­at­ing sys­tem (the soft­ware that enables your com­put­er to oper­ate. Known oper­at­ing sys­tems are Win­dows, Mac OS X or Lin­ux)
• Cook­ies (small text files that store data in your brows­er)
  Mouse and key­board behav­iour (every action you per­form with the mouse or key­board is stored)
• Date and lan­guage set­tings (which lan­guage or date you have pre­set on your PC is stored)
• All JavaScript objects (JavaScript is a pro­gram­ming lan­guage that enables web­sites to adapt to the user. JavaScript objects can col­lect all kinds of data under one name)
• Screen res­o­lu­tion (shows how many pix­els the image dis­play con­sists of)

It is undis­put­ed that Google uses and ana­lyzes this data even before you click on the “I am not a robot” check­box. With the Invis­i­ble reCAPTCHA ver­sion, you don’t even have to check the box and the entire recog­ni­tion process runs in the back­ground. Google does not tell you in detail exact­ly how much and what data it stores.

The fol­low­ing cook­ies are used by reCAPTCHA: Here we refer to the reCAPTCHA demo ver­sion from Google at https://www.google.com/recaptcha/api2/demo. All these cook­ies require a unique iden­ti­fi­er for track­ing pur­pos­es. Here is a list of cook­ies that Google reCAPTCHA has set on the demo ver­sion:

Name: IDE
Val­ue: WqTUmlnmv_qXyi_DGNPLESKnRNrpgXoy1K-pAZtAkMbHI-112009279–8
Pur­pose: This cook­ie is set by the com­pa­ny Dou­bleClick (also owned by Google) to reg­is­ter and report the actions of a user on the web­site when inter­act­ing with adver­tise­ments. This allows the effec­tive­ness of adver­tis­ing to be mea­sured and appro­pri­ate opti­miza­tion mea­sures to be tak­en. IDE is stored in browsers under the domain doubleclick.net.
Expi­ra­tion date: after one year

Name: 1P_JAR
Val­ue: 2019–5‑14–12
Pur­pose: This cook­ie col­lects sta­tis­tics on web­site usage and mea­sures con­ver­sions. A con­ver­sion occurs, for exam­ple, when a user becomes a buy­er. The cook­ie is also used to dis­play rel­e­vant adver­tise­ments to users. The cook­ie can also be used to pre­vent a user from see­ing the same ad more than once.
Expi­ra­tion date: after one month

Name: ANID
Val­ue: U7j1v3dZa1120092790xgZFmiqWppRWKOr
Pur­pose: We were unable to find out much infor­ma­tion about this cook­ie. In Google’s pri­va­cy pol­i­cy, the cook­ie is men­tioned in con­nec­tion with “adver­tis­ing cook­ies” such as “DSID”, “FLC”, “AID”, “TAID”. ANID is stored under domain google.com.
Expi­ra­tion date: after 9 months

Name: CONSENT
Val­ue: YES+AT.de+20150628–20‑0
Pur­pose: The cook­ie stores the sta­tus of a user’s con­sent to the use of var­i­ous Google ser­vices. CONSENT is also used for secu­ri­ty pur­pos­es to ver­i­fy users, pre­vent fraud­u­lent login infor­ma­tion and pro­tect user data from unau­tho­rized attacks.
Expi­ra­tion date: after 19 years

Name: NID
Val­ue: 0WmuWqy112009279zILzqV_nmt3sDXwPeM5Q
Pur­pose: NID is used by Google to cus­tomize ads to your Google search­es. With the help of the cook­ie, Google “remem­bers” your most fre­quent­ly entered search queries or your pre­vi­ous inter­ac­tion with ads. So you always get cus­tomized ads. The cook­ie con­tains a unique ID to col­lect the user’s per­son­al set­tings for adver­tis­ing pur­pos­es.
Expi­ra­tion date: after 6 months

Name: DV
Val­ue: gEAABBCjJMXcI0dSAAAANbqc112009279‑4
Pur­pose: As soon as you have checked the “I am not a robot” box, this cook­ie is set. The cook­ie is used by Google Ana­lyt­ics for per­son­al­ized adver­tis­ing. DV col­lects infor­ma­tion in anonymized form and is also used to make user dis­tinc­tions.
Expi­ra­tion date: after 10 min­utes

Note: This list can­not claim to be exhaus­tive, as expe­ri­ence has shown that Google changes its choice of cook­ies from time to time.

How long and where is the data stored?

By insert­ing reCAPTCHA, data is trans­ferred from you to the Google serv­er. Where exact­ly this data is stored is not made clear by Google, even after repeat­ed requests. With­out hav­ing received con­fir­ma­tion from Google, it can be assumed that data such as mouse inter­ac­tion, time spent on the web­site or lan­guage set­tings are stored on the Euro­pean or Amer­i­can Google servers. The IP address that your brows­er trans­mits to Google is not merged with oth­er Google data from oth­er Google ser­vices. How­ev­er, if you are logged into your Google account while using the reCAPTCHA plug-in, the data will be merged. The devi­at­ing data pro­tec­tion pro­vi­sions of Google apply to this.

How can I delete my data or prevent data storage?

If you do not want any data about you and your behav­ior to be trans­mit­ted to Google, you must log out of Google com­plete­ly and delete all Google cook­ies before you vis­it our web­site or use the reCAPTCHA soft­ware. In prin­ci­ple, the data is auto­mat­i­cal­ly trans­mit­ted to Google as soon as you vis­it our web­site. To delete this data again, you must con­tact Google sup­port at https://support.google.com/?hl=de&tid=112009279 con­tact.

There­fore, when you use our web­site, you con­sent to Google LLC and its rep­re­sen­ta­tives auto­mat­i­cal­ly col­lect­ing, pro­cess­ing and using data.

Please note that when using this tool, your data may also be stored and processed out­side the EU. Most third coun­tries (includ­ing the USA) are not con­sid­ered secure under cur­rent Euro­pean data pro­tec­tion law. Data may there­fore not sim­ply be trans­ferred to inse­cure third coun­tries, stored and processed there, unless there are suit­able guar­an­tees (such as EU stan­dard con­trac­tu­al claus­es) between us and the non-Euro­pean ser­vice provider.

Legal basis

If you have con­sent­ed to the use of Google reCAPTCHA, the legal basis for the cor­re­spond­ing data pro­cess­ing is this con­sent. Accord­ing to Art. 6 para. 1 lit. a GDPR (con­sent), this con­sent con­sti­tutes the legal basis for the pro­cess­ing of per­son­al data, as may occur when Google reCAPTCHA is used.

We also have a legit­i­mate inter­est in using Google reCAPTCHA to opti­mize our online ser­vice and make it more secure. The legal basis for this is Art. 6 para. 1 lit. f GDPR (legit­i­mate inter­ests). Nev­er­the­less, we only use Google reCAPTCHA if you have giv­en your con­sent.

Google also process­es your data in the USA, among oth­er places. Google is an active par­tic­i­pant in the EU-US Data Pri­va­cy Frame­work, which reg­u­lates the cor­rect and secure trans­fer of per­son­al data from EU cit­i­zens to the USA. You can find more infor­ma­tion on this at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

Google also uses so-called stan­dard con­trac­tu­al claus­es (= Art. 46 (2) and (3) GDPR). Stan­dard Con­trac­tu­al Claus­es (SCCs) are tem­plates pro­vid­ed by the EU Com­mis­sion and are intend­ed to ensure that your data com­plies with Euro­pean data pro­tec­tion stan­dards even if it is trans­ferred to third coun­tries (such as the USA) and stored there. Through the EU-US Data Pri­va­cy Frame­work and the stan­dard con­trac­tu­al claus­es, Google under­takes to com­ply with the Euro­pean lev­el of data pro­tec­tion when pro­cess­ing your rel­e­vant data, even if the data is stored, processed and man­aged in the USA. These claus­es are based on an imple­ment­ing deci­sion of the EU Com­mis­sion. You can find the deci­sion and the cor­re­spond­ing stan­dard con­trac­tu­al claus­es here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Pro­cess­ing Terms, which refer to the stan­dard con­trac­tu­al claus­es, can be found at https://business.safety.google/intl/de/adsprocessorterms/.

You can find out more about reCAPTCHA on Google’s web devel­op­er page at https://developers.google.com/recaptcha/. Although Google goes into more detail about the tech­ni­cal devel­op­ment of reCAPTCHA here, you will search in vain for pre­cise infor­ma­tion about data stor­age and data pro­tec­tion issues. A good overview of the basic use of data at Google can be found in the com­pa­ny’s own pri­va­cy pol­i­cy at  https://policies.google.com/privacy.

iThemes Security Privacy Policy

We use iThemes Secu­ri­ty for our web­site, a secu­ri­ty plu­g­in for the Word­Press con­tent man­age­ment sys­tem. The ser­vice provider is the Amer­i­can com­pa­ny iThemes Media LLC, 1720 S Kel­ly Ave, Edmond, OK 73013, USA. In 2018, the com­pa­ny was acquired by Liq­uid Web LLC (2703 Ena Dri­ve, Lans­ing, MI 48917, USA).

iThemes also process­es your data in the USA, among oth­er places. We would like to point out that, in the opin­ion of the Euro­pean Court of Jus­tice, there is cur­rent­ly no ade­quate lev­el of pro­tec­tion for data trans­fers to the USA. This may entail var­i­ous risks for the legal­i­ty and secu­ri­ty of data pro­cess­ing.

iThemes uses so-called stan­dard con­trac­tu­al claus­es (= Art. 46. para. 2 and 3 GDPR) as the basis for data pro­cess­ing with recip­i­ents based in third coun­tries (out­side the Euro­pean Union, Ice­land, Liecht­en­stein, Nor­way, i.e. in par­tic­u­lar in the USA) or data trans­fer there. Stan­dard Con­trac­tu­al Claus­es (SCCs) are tem­plates pro­vid­ed by the EU Com­mis­sion and are intend­ed to ensure that your data com­plies with Euro­pean data pro­tec­tion stan­dards even if it is trans­ferred to third coun­tries (such as the USA) and stored there. Through these claus­es, Liq­uid Web under­takes to com­ply with the Euro­pean lev­el of data pro­tec­tion when pro­cess­ing your rel­e­vant data, even if the data is stored, processed and man­aged in the USA. These claus­es are based on an imple­ment­ing deci­sion of the EU Com­mis­sion. You can find the deci­sion and the cor­re­spond­ing stan­dard con­trac­tu­al claus­es here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

On the web­site https://www.liquidweb.com/blog/liquid-web-and-gdpr-compliance/ you will find a down­load link via which you can down­load the Data Pro­cess­ing Adden­dum. You can also find out more about the stan­dard con­trac­tu­al claus­es.

You can find out more about the data that is processed through the use of iThemes or Liq­uid Web in the pri­va­cy pol­i­cy on https://www.liquidweb.com/policies/privacy-policy/

Audio & Video Introduction

What are audio and video elements?

We have inte­grat­ed audio and video ele­ments on our web­site so that you can watch videos or lis­ten to music/podcasts direct­ly via our web­site. The con­tent is pro­vid­ed by ser­vice providers. All con­tent is there­fore also obtained from the cor­re­spond­ing servers of the providers.

These are inte­grat­ed func­tion­al ele­ments from plat­forms such as YouTube, Vimeo or Spo­ti­fy. The use of these por­tals is usu­al­ly free of charge, but paid con­tent can also be pub­lished. With the help of these inte­grat­ed ele­ments, you can lis­ten to or view the respec­tive con­tent via our web­site.

If you use audio or video ele­ments on our web­site, your per­son­al data may also be trans­mit­ted to the ser­vice providers, processed and stored.

Why do we use audio & video elements on our website?

Of course we want to pro­vide you with the best offer on our web­site. And we are aware that con­tent is no longer just con­veyed in text and sta­t­ic images. Instead of sim­ply giv­ing you a link to a video, we offer you audio and video for­mats direct­ly on our web­site that are enter­tain­ing or infor­ma­tive and ide­al­ly even both. This expands our ser­vice and makes it eas­i­er for you to access inter­est­ing con­tent. We there­fore offer video and/or audio con­tent in addi­tion to our texts and images.

What data is stored by audio & video elements?

When you access a page on our web­site that has an embed­ded video, for exam­ple, your serv­er con­nects to the serv­er of the ser­vice provider. Your data is also trans­mit­ted to the third-par­ty provider and stored there. Some data is col­lect­ed and stored regard­less of whether you have an account with the third-par­ty provider or not. This usu­al­ly includes your IP address, brows­er type, oper­at­ing sys­tem and oth­er gen­er­al infor­ma­tion about your end device. In addi­tion, most providers also col­lect infor­ma­tion about your web activ­i­ty. This includes, for exam­ple, ses­sion dura­tion, bounce rate, which but­ton you clicked on or which web­site you used to access the ser­vice. All this infor­ma­tion is usu­al­ly stored using cook­ies or pix­el tags (also known as web bea­cons). Pseu­do­nymized data is usu­al­ly stored in cook­ies in your brows­er. You can always find out exact­ly which data is stored and processed in the pri­va­cy pol­i­cy of the respec­tive provider.

Duration of data processing

You can find out exact­ly how long the data is stored on the servers of the third-par­ty providers either below in the data pro­tec­tion text of the respec­tive tool or in the provider’s pri­va­cy pol­i­cy. In prin­ci­ple, per­son­al data is only ever processed for as long as is absolute­ly nec­es­sary for the pro­vi­sion of our ser­vices or prod­ucts. This gen­er­al­ly also applies to third-par­ty providers. In most cas­es, you can assume that cer­tain data will be stored on the servers of third-par­ty providers for sev­er­al years. Data can be stored for dif­fer­ent lengths of time, espe­cial­ly in cook­ies. Some cook­ies are delet­ed as soon as you leave the web­site, while oth­ers may be stored in your brows­er for sev­er­al years.

Right of objection

You also have the right and the option to with­draw your con­sent to the use of cook­ies or third-par­ty providers at any time. This works either via our cook­ie man­age­ment tool or via oth­er opt-out func­tions. For exam­ple, you can also pre­vent data col­lec­tion by cook­ies by man­ag­ing, deac­ti­vat­ing or delet­ing cook­ies in your brows­er. The legal­i­ty of the pro­cess­ing until the revo­ca­tion remains unaf­fect­ed.

As the inte­grat­ed audio and video func­tions on our web­site usu­al­ly also use cook­ies, you should also read our gen­er­al pri­va­cy pol­i­cy on cook­ies. You can find out more about the han­dling and stor­age of your data in the pri­va­cy poli­cies of the respec­tive third-par­ty providers.

Legal basis

If you have con­sent­ed to your data being processed and stored by inte­grat­ed audio and video ele­ments, this con­sent is the legal basis for data pro­cess­ing (Art. 6 para. 1 lit. a GDPR). In prin­ci­ple, your data is also stored and processed on the basis of our legit­i­mate inter­est (Art. 6 para. 1 lit. f GDPR) in fast and good com­mu­ni­ca­tion with you or oth­er cus­tomers and busi­ness part­ners. Nev­er­the­less, we only use the inte­grat­ed audio and video ele­ments if you have giv­en your con­sent.

YouTube privacy policy

What is YouTube?

We have inte­grat­ed YouTube videos on our web­site. This allows us to present inter­est­ing videos direct­ly on our site. YouTube is a video por­tal that has been a sub­sidiary of Google since 2006. The video por­tal is oper­at­ed by YouTube, LLC, 901 Cher­ry Ave, San Bruno, CA 94066, USA. When you access a page on our web­site that has an embed­ded YouTube video, your brows­er auto­mat­i­cal­ly con­nects to the YouTube or Google servers. Var­i­ous data will be trans­mit­ted (depend­ing on the set­tings). Google Ire­land Lim­it­ed (Gor­don House, Bar­row Street Dublin 4, Ire­land) is respon­si­ble for all data pro­cess­ing in Europe.

In the fol­low­ing, we would like to explain in more detail what data is processed, why we have inte­grat­ed YouTube videos and how you can man­age or delete your data.

YouTube allows users to watch, rate, com­ment on and upload videos free of charge. In recent years, YouTube has become one of the most impor­tant social media chan­nels world­wide. To enable us to dis­play videos on our web­site, YouTube pro­vides a code snip­pet that we have inte­grat­ed into our site.

Why do we use YouTube videos on our website?

YouTube is the video plat­form with the most vis­i­tors and the best con­tent. We strive to offer you the best pos­si­ble user expe­ri­ence on our web­site. And of course, inter­est­ing videos are a must. With the help of our embed­ded videos, we pro­vide you with fur­ther help­ful con­tent in addi­tion to our texts and images. The embed­ded videos also make our web­site eas­i­er to find on the Google search engine. Even if we place ads via Google Ads, Google can — thanks to the data col­lect­ed — only show these ads to peo­ple who are inter­est­ed in our offers.

What data is stored by YouTube?

As soon as you vis­it one of our pages that has a YouTube video embed­ded, YouTube sets at least one cook­ie that stores your IP address and our URL. If you are logged into your YouTube account, YouTube can usu­al­ly assign your inter­ac­tions on our web­site to your pro­file using cook­ies. This includes data such as ses­sion dura­tion, bounce rate, approx­i­mate loca­tion, tech­ni­cal infor­ma­tion such as brows­er type, screen res­o­lu­tion or your inter­net provider. Oth­er data may include con­tact details, any rat­ings, the shar­ing of con­tent via social media or adding to your favorites on YouTube.

If you are not logged into a Google account or a YouTube account, Google stores data with a unique iden­ti­fi­er that is linked to your device, brows­er or app. For exam­ple, your pre­ferred lan­guage set­ting is retained. But a lot of inter­ac­tion data can­not be saved because few­er cook­ies are set.

In the fol­low­ing list, we show cook­ies that were set in a test in the brows­er. On the one hand, we show cook­ies that are set with­out a logged-in YouTube account. On the oth­er hand, we show cook­ies that are set with a logged-in account. The list can­not claim to be com­plete because the user data always depends on the inter­ac­tions on YouTube.

Name: YSC
Val­ue: b9-CV6o­jI5Y112009279‑1
Pur­pose: This cook­ie reg­is­ters a unique ID to store sta­tis­tics of the video viewed.
Expi­ra­tion date: after the end of the ses­sion

Name: PREF
Val­ue: f1=50000000
Pur­pose: This cook­ie also reg­is­ters your unique ID. Google receives sta­tis­tics on how you use YouTube videos on our web­site via PREF.
Expi­ra­tion date: after 8 months

Name: GPS
Val­ue: 1
Pur­pose: This cook­ie reg­is­ters your unique ID on mobile devices to track the GPS loca­tion.
Expi­ra­tion date: after 30 min­utes

Name: VISITOR_INFO1_LIVE
Val­ue: 95Chz8bagyU
Pur­pose: This cook­ie attempts to esti­mate the user’s band­width on our web­sites (with inte­grat­ed YouTube video).
Expi­ra­tion date: after 8 months

Oth­er cook­ies that are set when you are logged in with your YouTube account:

Name: APISID
Val­ue: zIL­lv­ClZSkqGsS­wI/AU1aZ­I6HY7112009279-
Pur­pose: This cook­ie is used to cre­ate a pro­file of your inter­ests. The data is used for per­son­al­ized adver­tise­ments.
Expi­ra­tion date: after 2 years

Name: CONSENT
Val­ue: YES+AT.de+20150628–20‑0
Pur­pose: The cook­ie stores the sta­tus of a user’s con­sent to the use of var­i­ous Google ser­vices. CONSENT is also used for secu­ri­ty pur­pos­es to check users and pro­tect user data from unau­tho­rized attacks.
Expi­ra­tion date: after 19 years

Name: HSID
Val­ue: AcRwpgUik9Dveht0I
Pur­pose: This cook­ie is used to cre­ate a pro­file of your inter­ests. This data helps to dis­play per­son­al­ized adver­tis­ing.
Expi­ra­tion date: after 2 years

Name: LOGIN_INFO
Val­ue: AFmmF2swRQIhALl6aL…
Pur­pose: This cook­ie is used to store infor­ma­tion about your login data.
Expi­ra­tion date: after 2 years

Name: SAPISID
Val­ue: 7oaPx­oG-pZsJu­uF5/AnUd­DUIsJ9i­Jz2vdM
Pur­pose: This cook­ie works by unique­ly iden­ti­fy­ing your brows­er and device. It is used to cre­ate a pro­file of your inter­ests.
Expi­ra­tion date: after 2 years

Name: SID
Val­ue: oQfNK­jAsI112009279-
Pur­pose: This cook­ie stores your Google Account ID and your last login time in dig­i­tal­ly signed and encrypt­ed form.
Expi­ra­tion date: after 2 years

Name: SIDCC
Val­ue: AN0-TYuqub2JOcDTyL
Pur­pose: This cook­ie stores infor­ma­tion about how you use the web­site and what adver­tise­ments you may have seen before vis­it­ing our site.
Expi­ra­tion date: after 3 months

How long and where is the data stored?

The data that YouTube receives from you and process­es is stored on Google servers. Most of these servers are locat­ed in Amer­i­ca. Under https://datacenters.google/locations/

you can see exact­ly where the Google data cen­ters are locat­ed. Your data is dis­trib­uted across the servers. This means that the data can be accessed more quick­ly and is bet­ter pro­tect­ed against manip­u­la­tion.

Google stores the data it col­lects for dif­fer­ent lengths of time. You can delete some data at any time, oth­ers are auto­mat­i­cal­ly delet­ed after a lim­it­ed time and oth­ers are stored by Google for a longer peri­od of time. Some data (such as ele­ments from “My activ­i­ty”, pho­tos or doc­u­ments, prod­ucts) that are stored in your Google account remain stored until you delete them. Even if you are not signed in to a Google Account, you can delete some data asso­ci­at­ed with your device, brows­er or app.

How can I delete my data or prevent data storage?

In prin­ci­ple, you can delete data in your Google account man­u­al­ly. With the auto­mat­ic dele­tion func­tion for loca­tion and activ­i­ty data intro­duced in 2019, infor­ma­tion is stored for either 3 or 18 months, depend­ing on your deci­sion, and then delet­ed.

Regard­less of whether you have a Google account or not, you can con­fig­ure your brows­er so that cook­ies are delet­ed or deac­ti­vat­ed by Google. Depend­ing on which brows­er you use, this works in dif­fer­ent ways. In the “Cook­ies” sec­tion, you will find the rel­e­vant links to the instruc­tions for the most pop­u­lar browsers.

If you do not want any cook­ies, you can set up your brows­er so that it always informs you when a cook­ie is to be set. This allows you to decide for each indi­vid­ual cook­ie whether you want to allow it or not.

Legal basis

If you have con­sent­ed to your data being processed and stored by inte­grat­ed YouTube ele­ments, this con­sent is the legal basis for data pro­cess­ing (Art. 6 para. 1 lit. a GDPR). In prin­ci­ple, your data is also stored and processed on the basis of our legit­i­mate inter­est (Art. 6 para. 1 lit. f GDPR) in fast and good com­mu­ni­ca­tion with you or oth­er cus­tomers and busi­ness part­ners. Nev­er­the­less, we only use the inte­grat­ed YouTube ele­ments if you have giv­en your con­sent. YouTube also sets cook­ies in your brows­er to store data. We there­fore rec­om­mend that you read our data pro­tec­tion text on cook­ies care­ful­ly and con­sult the pri­va­cy pol­i­cy or cook­ie guide­lines of the respec­tive ser­vice provider.

YouTube also process­es your data in the USA, among oth­er places. YouTube and Google are active par­tic­i­pants in the EU-US Data Pri­va­cy Frame­work, which reg­u­lates the cor­rect and secure trans­fer of per­son­al data from EU cit­i­zens to the USA. You can find more infor­ma­tion on this at   https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

Google also uses so-called stan­dard con­trac­tu­al claus­es (= Art. 46 (2) and (3) GDPR). Stan­dard Con­trac­tu­al Claus­es (SCCs) are tem­plates pro­vid­ed by the EU Com­mis­sion and are intend­ed to ensure that your data com­plies with Euro­pean data pro­tec­tion stan­dards even if it is trans­ferred to third coun­tries (such as the USA) and stored there. Through the EU-US Data Pri­va­cy Frame­work and the stan­dard con­trac­tu­al claus­es, Google under­takes to com­ply with the Euro­pean lev­el of data pro­tec­tion when pro­cess­ing your rel­e­vant data, even if the data is stored, processed and man­aged in the USA. These claus­es are based on an imple­ment­ing deci­sion of the EU Com­mis­sion. You can find the deci­sion and the cor­re­spond­ing stan­dard con­trac­tu­al claus­es here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Pro­cess­ing Terms, which refer to the stan­dard con­trac­tu­al claus­es, can be found at https://business.safety.google/intl/de/adsprocessorterms/.

As YouTube is a sub­sidiary of Google, there is a joint pri­va­cy pol­i­cy. If you would like to find out more about how your data is han­dled, we rec­om­mend that you read the pri­va­cy pol­i­cy at https://policies.google.com/privacy?hl=de.

Font Awesome Privacy Policy

What is Font Awesome?

We use Font Awe­some from the Amer­i­can com­pa­ny Fonti­cons (307 S. Main St., Suite 202, Ben­tonville, AR 72712, USA) on our web­site. When you access one of our web­sites, the Font Awe­some web font (in par­tic­u­lar icons) is loaded via the Font Awe­some Con­tent Deliv­ery Net­work (CDN). This ensures that the texts, fonts and icons are dis­played appro­pri­ate­ly on every end device. In this pri­va­cy pol­i­cy, we go into more detail about data stor­age and data pro­cess­ing by this ser­vice.

Icons are play­ing an increas­ing­ly impor­tant role for web­sites. Font Awe­some is a web font that has been spe­cial­ly devel­oped for web design­ers and web devel­op­ers. With Font Awe­some, icons can be scaled and col­ored as desired using the CSS style sheet lan­guage. They thus replace old image icons. Font Awe­some CDN is the eas­i­est way to load icons or fonts onto your web­site. All we had to do was add a small line of code to our web­site.

Why do we use Font Awesome on our website?

Font Awe­some allows con­tent on our web­site to be bet­ter pre­sent­ed. This makes it eas­i­er for you to find your way around our web­site and grasp the con­tent more eas­i­ly. The icons can some­times even be used to replace entire words and save space. This is par­tic­u­lar­ly prac­ti­cal when we opti­mize con­tent specif­i­cal­ly for smart­phones. These icons are insert­ed as HMTL code instead of images. This allows us to edit the icons with CSS exact­ly as we want. At the same time, we also improve our load­ing speed with Font Awe­some because these are only HTML ele­ments and not icon images. All these advan­tages help us to make the web­site even clear­er, fresh­er and faster for you.

What data is stored by Font Awesome?

The Font Awe­some Con­tent Deliv­ery Net­work (CDN) is used to load icons and sym­bols. CDNs are net­works of servers that are dis­trib­uted world­wide and make it pos­si­ble to quick­ly load files from near­by. This means that as soon as you call up one of our pages, the cor­re­spond­ing icons are pro­vid­ed by Font Awe­some.

In order for the web fonts to be loaded, your brows­er must estab­lish a con­nec­tion to the servers of Fonti­cons, Inc. Your IP address is rec­og­nized in the process. Font Awe­some also col­lects data about which icon files are down­loaded and when. In addi­tion, tech­ni­cal data such as your brows­er ver­sion, screen res­o­lu­tion or the time the page was called up is also trans­mit­ted.

This data is col­lect­ed and stored for the fol­low­ing rea­sons:

• to opti­mize con­tent deliv­ery net­works
• to detect and fix tech­ni­cal errors
• to pro­tect CDNs from abuse and attacks
• to be able to charge Font Awe­some Pro cus­tomer­sto find out the pop­u­lar­i­ty of icons
• to know which com­put­er and soft­ware you are using

If your brows­er does not allow web fonts, a stan­dard font from your PC will be used auto­mat­i­cal­ly. As far as we are cur­rent­ly aware, no cook­ies are set. We are in con­tact with Font Awe­some’s data pro­tec­tion depart­ment and will let you know as soon as we find out more.

How long and where is the data stored?

Font Awe­some stores data about the use of the Con­tent Deliv­ery Net­work on servers in the Unit­ed States of Amer­i­ca. How­ev­er, the CDN servers are locat­ed world­wide and store user data wher­ev­er you are. The data is usu­al­ly only stored in iden­ti­fi­able form for a few weeks. Aggre­gat­ed sta­tis­tics on the use of CDNs can also be stored for longer. Per­son­al data is not includ­ed here.

How can I delete my data or prevent data storage?

To the best of our knowl­edge, Font Awe­some does not store any per­son­al data about the con­tent deliv­ery net­works. If you do not want data about the icons used to be stored, you will unfor­tu­nate­ly not be able to vis­it our web­site. If your brows­er does not allow web fonts, no data will be trans­mit­ted or stored. In this case, your com­put­er’s default font will sim­ply be used.

Legal basis

If you have con­sent­ed to Font Awe­some being used, the legal basis for the cor­re­spond­ing data pro­cess­ing is this con­sent. Accord­ing to Art. 6 para. 1 lit. a GDPR (con­sent), this con­sent con­sti­tutes the legal basis for the pro­cess­ing of per­son­al data, as may occur when Font Awe­some col­lects it.

We also have a legit­i­mate inter­est in using Font Awe­some to opti­mize our online ser­vice. The legal basis for this is Art. 6 para. 1 lit. f GDPR (legit­i­mate inter­ests). Nev­er­the­less, we only use Font Awe­some if you have giv­en your con­sent.

We would like to point out that, in the opin­ion of the Euro­pean Court of Jus­tice, there is cur­rent­ly no ade­quate lev­el of pro­tec­tion for data trans­fers to the USA. Data pro­cess­ing is essen­tial­ly car­ried out by Font Awe­some. This may result in data not being processed and stored anony­mous­ly. Fur­ther­more, US gov­ern­ment author­i­ties may have access to indi­vid­ual data. It is also pos­si­ble that this data may be linked to data from oth­er Font Awe­some ser­vices with which you have a user account.

If you would like to learn more about Font Awe­some and how they han­dle data, we rec­om­mend that you read their pri­va­cy pol­i­cy at https://fontawesome.com/privacy and the help page at https://fontawesome.com/support.

Google Fonts privacy policy

What are Google Fonts?

We use Google Fonts on our web­site. These are the “Google fonts” of Google Inc. For the Euro­pean area, the com­pa­ny Google Ire­land Lim­it­ed (Gor­don House, Bar­row Street Dublin 4, Ire­land) is respon­si­ble for all Google ser­vices.

You do not need to log in or enter a pass­word to use Google fonts. Fur­ther­more, no cook­ies are stored in your brows­er. The files (CSS, fonts) are request­ed via the Google domains fonts.googleapis.com and fonts.gstatic.com. Accord­ing to Google, requests for CSS and fonts are com­plete­ly sep­a­rate from all oth­er Google ser­vices. If you have a Google account, you do not need to wor­ry that your Google account data will be trans­mit­ted to Google while using Google Fonts. Google records the use of CSS (Cas­cad­ing Style Sheets) and the fonts used and stores this data secure­ly. We will take a clos­er look at exact­ly how the data is stored.

Google Fonts (for­mer­ly Google Web Fonts) is a direc­to­ry of over 800 fonts that can be Google to your users free of charge.

Many of these fonts are pub­lished under the SIL Open Font License, while oth­ers are pub­lished under the Apache License. Both are free soft­ware licens­es.

Why do we use Google Fonts on our website?

With Google Fonts, we can use fonts on our own web­site with­out hav­ing to upload them to our own serv­er. Google Fonts is an impor­tant com­po­nent in keep­ing the qual­i­ty of our web­site high. All Google fonts are auto­mat­i­cal­ly opti­mized for the web and this saves data vol­ume and is a great advan­tage, espe­cial­ly for use on mobile devices. When you vis­it our site, the low file size ensures a fast load­ing time. Fur­ther­more, Google Fonts are secure web fonts. Dif­fer­ent image syn­the­sis sys­tems (ren­der­ing) in dif­fer­ent browsers, oper­at­ing sys­tems and mobile devices can lead to errors. Such errors can some­times visu­al­ly dis­tort texts or entire web­sites. Thanks to the fast Con­tent Deliv­ery Net­work (CDN), there are no cross-plat­form prob­lems with Google Fonts. Google Fonts sup­ports all com­mon browsers (Google Chrome, Mozil­la Fire­fox, Apple Safari, Opera) and works reli­ably on most mod­ern mobile oper­at­ing sys­tems, includ­ing Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). We use Google Fonts so that we can present our entire online ser­vice as beau­ti­ful­ly and uni­form­ly as pos­si­ble.

What data is stored by Google?

When you vis­it our web­site, the fonts are reloaded via a Google serv­er. This exter­nal call trans­mits data to the Google serv­er. In this way, Google also rec­og­nizes that you or your IP address is vis­it­ing our web­site. The Google Fonts API was devel­oped to reduce the use, stor­age and col­lec­tion of end user data to what is nec­es­sary for the prop­er pro­vi­sion of fonts. Inci­den­tal­ly, API stands for “Appli­ca­tion Pro­gram­ming Inter­face” and is used, among oth­er things, as a data trans­mit­ter in the soft­ware sec­tor.

Google Fonts stores CSS and font requests secure­ly at Google and is there­fore pro­tect­ed. Google can use the col­lect­ed usage fig­ures to deter­mine how well the indi­vid­ual fonts are received. Google pub­lish­es the results on inter­nal analy­sis pages, such as Google Ana­lyt­ics. Google also uses data from its own web crawler to deter­mine which web­sites use Google fonts. This data is pub­lished in the Google Fonts Big­Query data­base. Entre­pre­neurs and devel­op­ers use the Google web ser­vice Big­Query to ana­lyze and move large amounts of data.

How­ev­er, it should be not­ed that every Google Font request also auto­mat­i­cal­ly trans­mits infor­ma­tion such as lan­guage set­tings, IP address, brows­er ver­sion, brows­er screen res­o­lu­tion and brows­er name to the Google servers. It is not clear whether this data is also stored or whether it is clear­ly com­mu­ni­cat­ed by Google.

How long and where is the data stored?

Google stores requests for CSS assets for one day on its servers, which are main­ly locat­ed out­side the EU. This allows us to use the fonts with the help of a Google stylesheet. A stylesheet is a for­mat tem­plate that can be used to quick­ly and eas­i­ly change the design or font of a web­site, for exam­ple.

The font files are stored by Google for one year. Google’s aim is to fun­da­men­tal­ly improve the load­ing time of web­sites. If mil­lions of web­sites refer to the same fonts, they are cached after the first vis­it and imme­di­ate­ly reap­pear on all oth­er web­sites vis­it­ed lat­er. Some­times Google updates font files to reduce the file size, increase lan­guage cov­er­age and improve the design.

How can I delete my data or prevent data storage?

The data that Google stores for one day or one year can­not sim­ply be delet­ed. The data is auto­mat­i­cal­ly trans­mit­ted to Google when the page is accessed. To delete this data pre­ma­ture­ly, you must con­tact Google sup­port at https://support.google.com/?hl=de&tid=112009279 con­tact us. In this case, you can only pre­vent data stor­age if you do not vis­it our web­site.

Unlike oth­er web fonts, Google allows us unre­strict­ed access to all fonts. This means we have unlim­it­ed access to a sea of fonts and can there­fore get the most out of our web­site. You can find out more about Google Fonts and oth­er ques­tions at https://developers.google.com/fonts/faq?tid=112009279. Although Google address­es data pro­tec­tion issues there, it does not con­tain any real­ly detailed infor­ma­tion about data stor­age. It is rel­a­tive­ly dif­fi­cult to obtain real­ly pre­cise infor­ma­tion from Google about stored data.

Legal basis

If you have con­sent­ed to the use of Google Fonts, the legal basis for the cor­re­spond­ing data pro­cess­ing is this con­sent. Accord­ing to Art. 6 para. 1 lit. a GDPR (con­sent), this con­sent con­sti­tutes the legal basis for the pro­cess­ing of per­son­al data, as may occur when Google Fonts is used.

We also have a legit­i­mate inter­est in using Google Fonts to opti­mize our online ser­vice. The legal basis for this is Art. 6 para. 1 lit. f GDPR (legit­i­mate inter­ests). Nev­er­the­less, we only use Google Font if you have giv­en your con­sent.

Google also process­es your data in the USA, among oth­er places. Google is an active par­tic­i­pant in the EU-US Data Pri­va­cy Frame­work, which reg­u­lates the cor­rect and secure trans­fer of per­son­al data from EU cit­i­zens to the USA. You can find more infor­ma­tion on this at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

Google also uses so-called stan­dard con­trac­tu­al claus­es (= Art. 46 (2) and (3) GDPR). Stan­dard Con­trac­tu­al Claus­es (SCCs) are tem­plates pro­vid­ed by the EU Com­mis­sion and are intend­ed to ensure that your data com­plies with Euro­pean data pro­tec­tion stan­dards even if it is trans­ferred to third coun­tries (such as the USA) and stored there. Through the EU-US Data Pri­va­cy Frame­work and the stan­dard con­trac­tu­al claus­es, Google under­takes to com­ply with the Euro­pean lev­el of data pro­tec­tion when pro­cess­ing your rel­e­vant data, even if the data is stored, processed and man­aged in the USA. These claus­es are based on an imple­ment­ing deci­sion of the EU Com­mis­sion. You can find the deci­sion and the cor­re­spond­ing stan­dard con­trac­tu­al claus­es here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Pro­cess­ing Terms, which refer to the stan­dard con­trac­tu­al claus­es, can be found at https://business.safety.google/intl/de/adsprocessorterms/.

You can also find out which data is gen­er­al­ly col­lect­ed by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/ read more.

Online map services Introduction

What are online map services?

We also use online map ser­vices for our web­site as an extend­ed ser­vice. Google Maps is prob­a­bly the ser­vice you are most famil­iar with, but there are also oth­er providers that spe­cial­ize in cre­at­ing dig­i­tal maps. Such ser­vices make it pos­si­ble to dis­play loca­tions, route plans or oth­er geo­graph­i­cal infor­ma­tion direct­ly via our web­site. With an inte­grat­ed map ser­vice, you no longer have to leave our web­site to view the route to a loca­tion, for exam­ple. In order for the online map to work on our web­site, map sec­tions are inte­grat­ed using HTML code. The ser­vices can then dis­play street maps, the earth­’s sur­face or aer­i­al or satel­lite images. If you use the inte­grat­ed map ser­vice, data is also trans­ferred to the tool used and stored there. This data may also include per­son­al data.

Why do we use online map services on our website?

Gen­er­al­ly speak­ing, our aim is to offer you a pleas­ant time on our web­site. And your time is only enjoy­able if you can eas­i­ly find your way around our web­site and find all the infor­ma­tion you need quick­ly and eas­i­ly. That’s why we thought that an online map sys­tem could sig­nif­i­cant­ly improve our ser­vice on the web­site. With­out leav­ing our web­site, you can use the map sys­tem to eas­i­ly view route descrip­tions, loca­tions or even places of inter­est. Of course, it is also very prac­ti­cal that you can see at a glance where we are based so that you can find us quick­ly and safe­ly. As you can see, there are sim­ply many advan­tages and we clear­ly regard online map ser­vices on our web­site as part of our cus­tomer ser­vice.

What data is stored by online map services?

When you open a page on our web­site that has a built-in online map func­tion, per­son­al data may be trans­mit­ted to the respec­tive ser­vice and stored there. In most cas­es, this is your IP address, which can also be used to deter­mine your approx­i­mate loca­tion. In addi­tion to the IP address, data such as search terms entered and lon­gi­tude and lat­i­tude coor­di­nates are also stored. If you enter an address for route plan­ning, for exam­ple, this data is also stored. The data is not stored by us, but on the servers of the inte­grat­ed tools. You can imag­ine it like this: You are on our web­site, but when you inter­act with a map ser­vice, this inter­ac­tion actu­al­ly hap­pens on their web­site. In order for the ser­vice to func­tion prop­er­ly, at least one cook­ie is usu­al­ly set in your brows­er. Google Maps, for exam­ple, also uses cook­ies to record user behav­iour in order to opti­mize its own ser­vice and pro­vide per­son­al­ized adver­tis­ing. You can find out more about cook­ies in our “Cook­ies” sec­tion.

How long and where is the data stored?

Each online map ser­vice process­es dif­fer­ent user data. If we have fur­ther infor­ma­tion, we will inform you about the dura­tion of data pro­cess­ing below in the rel­e­vant sec­tions on the indi­vid­ual tools. In prin­ci­ple, per­son­al data is only stored for as long as is nec­es­sary for the pro­vi­sion of the ser­vice. Google Maps, for exam­ple, stores cer­tain data for a spec­i­fied peri­od of time, while you must delete oth­er data your­self. With Map­box, for exam­ple, the IP address is stored for 30 days and then delet­ed. As you can see, each tool stores data for dif­fer­ent lengths of time. We there­fore rec­om­mend that you take a close look at the pri­va­cy poli­cies of the tools you use.

The providers also use cook­ies to store data on your user behav­ior with the map ser­vice. You can find more gen­er­al infor­ma­tion on cook­ies in our “Cook­ies” sec­tion, but you can also find out which cook­ies may be used in the data pro­tec­tion texts of the indi­vid­ual providers. In most cas­es, how­ev­er, this is only an exem­plary list and is not com­plete.

Right of objection

You always have the pos­si­bil­i­ty and also the right to access your per­son­al data and also to object to its use and pro­cess­ing. You can also with­draw the con­sent you have giv­en us at any time. As a rule, the eas­i­est way to do this is via the cook­ie con­sent tool. How­ev­er, there are also oth­er opt-out tools that you can use. You can also man­age, delete or deac­ti­vate any cook­ies set by the providers you use your­self with just a few mouse clicks. How­ev­er, some func­tions of the ser­vice may then no longer work as usu­al. How you man­age cook­ies in your brows­er also depends on the brows­er you are using. In the “Cook­ies” sec­tion, you will also find links to the instruc­tions for the most impor­tant browsers.

Legal basis

If you have con­sent­ed to the use of an online map ser­vice, the legal basis for the cor­re­spond­ing data pro­cess­ing is this con­sent. Accord­ing to Art. 6 para. 1 lit. a GDPR (con­sent), this con­sent con­sti­tutes the legal basis for the pro­cess­ing of per­son­al data, as may occur when it is col­lect­ed by an online map ser­vice.

We also have a legit­i­mate inter­est in using an online map ser­vice to opti­mize our ser­vice on our web­site. The legal basis for this is Art. 6 para. 1 lit. f GDPR (legit­i­mate inter­ests). How­ev­er, we only ever use an online map ser­vice if you have giv­en your con­sent. We would like to make this clear at this point.

Infor­ma­tion on spe­cial online map ser­vices — if avail­able — can be found in the fol­low­ing sec­tions.

Google Maps privacy policy

What is Google Maps?

We use Google Maps from Google Inc. on our web­site. Google Ire­land Lim­it­ed (Gor­don House, Bar­row Street Dublin 4, Ire­land) is respon­si­ble for all Google ser­vices in Europe. Google Maps enables us to show you loca­tions bet­ter and thus adapt our ser­vice to your needs. By using Google Maps, data is trans­mit­ted to Google and stored on Google servers. We would now like to explain in more detail what Google Maps is, why we use this Google ser­vice, what data is stored and how you can pre­vent this.

Google Maps is an inter­net map ser­vice from Google. With Google Maps, you can search online for exact loca­tions of cities, places of inter­est, accom­mo­da­tion or busi­ness­es using a PC, tablet or app. If com­pa­nies are rep­re­sent­ed on Google My Busi­ness, fur­ther infor­ma­tion about the com­pa­ny is dis­played in addi­tion to the loca­tion. To dis­play direc­tions, map sec­tions of a loca­tion can be inte­grat­ed into a web­site using HTML code. Google Maps shows the earth­’s sur­face as a street map or as an aer­i­al or satel­lite image. Thanks to the Street View images and the high-qual­i­ty satel­lite images, very accu­rate rep­re­sen­ta­tions are pos­si­ble.

Why do we use Google Maps on our website?

All our efforts on this site are aimed at pro­vid­ing you with a use­ful and mean­ing­ful time on our web­site. By inte­grat­ing Google Maps, we can pro­vide you with the most impor­tant infor­ma­tion on var­i­ous loca­tions. You can see at a glance where we are based. The direc­tions always show you the best or quick­est way to reach us. You can call up the direc­tions for routes by car, pub­lic trans­port, on foot or by bike. For us, pro­vid­ing Google Maps is part of our cus­tomer ser­vice.

What data is stored by Google Maps?

In order for Google Maps to be able to offer its full ser­vice, the com­pa­ny must col­lect and store data from you. This includes the search terms entered, your IP address and also the lat­i­tude and lon­gi­tude coor­di­nates. If you use the route plan­ner func­tion, the start address you enter is also saved. How­ev­er, this data stor­age takes place on the Google Maps web­sites. We can only inform you about this, but can­not influ­ence it. As we have inte­grat­ed Google Maps into our web­site, Google sets at least one cook­ie (name: NID) in your brows­er. This cook­ie stores data about your user behav­ior. Google uses this data pri­mar­i­ly to opti­mize its own ser­vices and to pro­vide you with indi­vid­ual, per­son­al­ized adver­tis­ing.

The fol­low­ing cook­ie is set in your brows­er due to the inte­gra­tion of Google Maps:

Name: NID
Val­ue: 188=h26c1Ktha7fCQTx8rXgLyATyITJ112009279‑5
Pur­pose: NID is used by Google to cus­tomize ads to your Google search­es. With the help of the cook­ie, Google “remem­bers” your most fre­quent­ly entered search queries or your pre­vi­ous inter­ac­tion with ads. So you always get cus­tomized ads. The cook­ie con­tains a unique ID that Google uses to col­lect your per­son­al set­tings for adver­tis­ing pur­pos­es.
Expi­ra­tion date: after 6 months

Note: We can­not guar­an­tee the com­plete­ness of the stored data. Changes can nev­er be ruled out, espe­cial­ly when using cook­ies. In order to iden­ti­fy the NID cook­ie, a sep­a­rate test page was cre­at­ed where only Google Maps was inte­grat­ed.

How long and where is the data stored?

Google servers are locat­ed in data cen­ters all over the world. How­ev­er, most of the servers are locat­ed in Amer­i­ca. For this rea­son, your data is increas­ing­ly stored in the USA. Here you can read exact­ly where the Google data cen­ters are locat­ed: https://datacenters.google/locations/

Google dis­trib­utes the data on dif­fer­ent data car­ri­ers. This means that the data can be accessed more quick­ly and is bet­ter pro­tect­ed against any attempts at manip­u­la­tion. Each data cen­ter also has spe­cial emer­gency pro­grams. For exam­ple, if there are prob­lems with the Google hard­ware or a nat­ur­al dis­as­ter par­a­lyzes the servers, the data is still fair­ly secure.

Google stores some data for a fixed peri­od of time. For oth­er data, Google only offers the option of delet­ing it man­u­al­ly. The com­pa­ny also anonymizes infor­ma­tion (such as adver­tis­ing data) in serv­er logs by delet­ing part of the IP address and cook­ie infor­ma­tion after 9 and 18 months respec­tive­ly.

How can I delete my data or prevent data storage?

With the auto­mat­ic dele­tion func­tion for loca­tion and activ­i­ty data intro­duced in 2019, loca­tion and web/app activ­i­ty infor­ma­tion is stored for either 3 or 18 months — depend­ing on your deci­sion — and then delet­ed. You can also man­u­al­ly delete this data from your his­to­ry at any time via your Google account. If you want to com­plete­ly pre­vent your loca­tion from being record­ed, you must pause the “Web and app activ­i­ty” sec­tion in your Google account. Click on “Data and per­son­al­iza­tion” and then on the “Activ­i­ty set­tings” option. Here you can switch the activ­i­ties on or off.

You can also deac­ti­vate, delete or man­age indi­vid­ual cook­ies in your brows­er. Depend­ing on which brows­er you use, this always works slight­ly dif­fer­ent­ly. In the “Cook­ies” sec­tion, you will find the rel­e­vant links to the instruc­tions for the most pop­u­lar browsers.

If you do not want any cook­ies at all, you can set up your brows­er so that it always informs you when a cook­ie is to be set. This allows you to decide for each indi­vid­ual cook­ie whether you want to allow it or not.

Legal basis

If you have con­sent­ed to the use of Google Maps, the legal basis for the cor­re­spond­ing data pro­cess­ing is this con­sent. Accord­ing to Art. 6 para. 1 lit. a GDPR (con­sent), this con­sent con­sti­tutes the legal basis for the pro­cess­ing of per­son­al data, as may occur when Google Maps is used.

We also have a legit­i­mate inter­est in using Google Maps to opti­mize our online ser­vice. The legal basis for this is Art. 6 para. 1 lit. f GDPR (legit­i­mate inter­ests). Nev­er­the­less, we only use Google Maps if you have giv­en your con­sent.

Google also process­es your data in the USA, among oth­er places. Google is an active par­tic­i­pant in the EU-US Data Pri­va­cy Frame­work, which reg­u­lates the cor­rect and secure trans­fer of per­son­al data from EU cit­i­zens to the USA. You can find more infor­ma­tion on this at  https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

Google also uses so-called stan­dard con­trac­tu­al claus­es (= Art. 46 (2) and (3) GDPR). Stan­dard Con­trac­tu­al Claus­es (SCCs) are tem­plates pro­vid­ed by the EU Com­mis­sion and are intend­ed to ensure that your data com­plies with Euro­pean data pro­tec­tion stan­dards even if it is trans­ferred to third coun­tries (such as the USA) and stored there. Through the EU-US Data Pri­va­cy Frame­work and the stan­dard con­trac­tu­al claus­es, Google under­takes to com­ply with the Euro­pean lev­el of data pro­tec­tion when pro­cess­ing your rel­e­vant data, even if the data is stored, processed and man­aged in the USA. These claus­es are based on an imple­ment­ing deci­sion of the EU Com­mis­sion. You can find the deci­sion and the cor­re­spond­ing stan­dard con­trac­tu­al claus­es here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Pro­cess­ing Terms, which refer to the stan­dard con­trac­tu­al claus­es, can be found at https://business.safety.google/intl/de/adsprocessorterms/.

If you would like to find out more about Google’s data pro­cess­ing, we rec­om­mend that you read the com­pa­ny’s own pri­va­cy pol­i­cy at https://policies.google.com/privacy?hl=de.

Other Introduction

What falls under “Other”?

The “Oth­er” cat­e­go­ry includes ser­vices that do not fit into one of the above cat­e­gories. These are usu­al­ly var­i­ous plu­g­ins and inte­grat­ed ele­ments that improve our web­site. As a rule, these func­tions are obtained from third-par­ty providers and inte­grat­ed into our web­site. For exam­ple, these are web search ser­vices such as Algo­lia Place, Giphy, Pro­gram­ma­ble Search Engine or online ser­vices for weath­er data such as Open­Weath­er.

Why do we use other third-party providers?

With our web­site, we want to offer you the best web offer­ing in our indus­try. A web­site has long been more than just a busi­ness card for com­pa­nies. Rather, it is a place to help you find what you are look­ing for. To make our web­site even more inter­est­ing and help­ful for you, we use var­i­ous third-par­ty ser­vices.

What data is processed?

When­ev­er ele­ments are inte­grat­ed into our web­site, your IP address is trans­mit­ted to the respec­tive provider, stored and processed there. This is nec­es­sary because oth­er­wise the con­tent will not be sent to your brows­er and will there­fore not be dis­played accord­ing­ly. Ser­vice providers may also use pix­el tags or web bea­cons. These are small graph­ics on web­sites that record a log file and can also cre­ate analy­ses of this file. Providers can use the infor­ma­tion obtained to improve their own mar­ket­ing mea­sures. In addi­tion to pix­el tags, such infor­ma­tion (such as which but­ton you click or when you vis­it which page) can also be stored in cook­ies. In addi­tion to analy­sis data on your web behav­ior, tech­ni­cal infor­ma­tion such as your brows­er type or oper­at­ing sys­tem can also be stored in cook­ies. Some providers may also link the data obtained with oth­er inter­nal ser­vices or with third-par­ty providers. Each provider han­dles your data dif­fer­ent­ly. We there­fore rec­om­mend that you care­ful­ly read the data pro­tec­tion dec­la­ra­tions of the respec­tive ser­vices. As a mat­ter of prin­ci­ple, we endeav­or to only use ser­vices that han­dle the issue of data pro­tec­tion very care­ful­ly.

Duration of data processing

We will inform you about the dura­tion of data pro­cess­ing below if we have fur­ther infor­ma­tion on this. In gen­er­al, we only process per­son­al data for as long as is absolute­ly nec­es­sary for the pro­vi­sion of our ser­vices and prod­ucts.

Legal basis

If we ask for your con­sent and you also agree that we may use the ser­vice, this is the legal basis for pro­cess­ing your data (Art. 6 para. 1 lit. a GDPR). In addi­tion to con­sent, we have a legit­i­mate inter­est in ana­lyz­ing the behav­ior of web­site vis­i­tors in order to improve our offer tech­ni­cal­ly and eco­nom­i­cal­ly. The legal basis for this is Art. 6 para. 1 lit. f GDPR (legit­i­mate inter­ests). Nev­er­the­less, we only use the tools if you have giv­en your con­sent.

Infor­ma­tion on the spe­cif­ic tools, if avail­able, can be found in the fol­low­ing sec­tions.

Explanation of terms used

We always endeav­or to write our pri­va­cy pol­i­cy as clear­ly and com­pre­hen­si­bly as pos­si­ble. How­ev­er, this is not always easy, espe­cial­ly when it comes to tech­ni­cal and legal top­ics. It often makes sense to use legal terms (such as per­son­al data) or cer­tain tech­ni­cal terms (such as cook­ies, IP address). How­ev­er, we do not want to use these with­out expla­na­tion. Below you will find an alpha­bet­i­cal list of impor­tant terms used, which we may not have suf­fi­cient­ly addressed in the pre­vi­ous pri­va­cy pol­i­cy. If these terms have been tak­en from the GDPR and are def­i­n­i­tions, we will also quote the GDPR texts here and add our own expla­na­tions if nec­es­sary.

Supervisory authority

Def­i­n­i­tion accord­ing to Arti­cle 4 of the GDPR

For the pur­pos­es of this Reg­u­la­tion, the term:

‘super­vi­so­ry author­i­ty’ means an inde­pen­dent pub­lic author­i­ty estab­lished by a Mem­ber State in accor­dance with Arti­cle 51;

Expla­na­tion: “Super­vi­so­ry author­i­ties” are always inde­pen­dent state insti­tu­tions that are also autho­rized to issue instruc­tions in cer­tain cas­es. They serve to car­ry out so-called state super­vi­sion and are locat­ed in min­istries, spe­cial depart­ments or oth­er author­i­ties. For data pro­tec­tion in Aus­tria, there is an Aus­tri­an data pro­tec­tion author­i­ty; for Ger­many, there is a sep­a­rate data pro­tec­tion author­i­ty for each fed­er­al state.

Processor

Def­i­n­i­tion accord­ing to Arti­cle 4 of the GDPR

For the pur­pos­es of this Reg­u­la­tion, the term:

“Proces­sor” means a nat­ur­al or legal per­son, pub­lic author­i­ty, agency or oth­er body which process­es per­son­al data on behalf of the con­troller;

Expla­na­tion: As a com­pa­ny and web­site own­er, we are respon­si­ble for all data that we process from you. In addi­tion to con­trollers, there may also be so-called proces­sors. This includes any com­pa­ny or per­son who process­es per­son­al data on our behalf. In addi­tion to ser­vice providers such as tax con­sul­tants, proces­sors can there­fore also be host­ing or cloud providers, pay­ment or newslet­ter providers or large com­pa­nies such as Google or Microsoft.

Consent

Def­i­n­i­tion accord­ing to Arti­cle 4 of the GDPR

For the pur­pos­es of this Reg­u­la­tion:

“Con­sent” of the data sub­ject means any freely giv­en, spe­cif­ic, informed and unam­bigu­ous indi­ca­tion of the data sub­jec­t’s wish­es by which he or she, by a state­ment or by a clear affir­ma­tive action, sig­ni­fies agree­ment to the pro­cess­ing of per­son­al data relat­ing to him or her;

Expla­na­tion: As a rule, such con­sent is giv­en via a cook­ie con­sent tool on web­sites. You are prob­a­bly famil­iar with this. When­ev­er you vis­it a web­site for the first time, you are usu­al­ly asked via a ban­ner whether you agree or con­sent to data pro­cess­ing. In most cas­es, you can also make indi­vid­ual set­tings and decide for your­self which data pro­cess­ing you allow and which you do not. If you do not give your con­sent, your per­son­al data may not be processed. In prin­ci­ple, con­sent can of course also be giv­en in writ­ing, i.e. not via a tool.

Health data

Def­i­n­i­tion accord­ing to Arti­cle 4 of the GDPR

For the pur­pos­es of this Reg­u­la­tion:

“Health data” means per­son­al data relat­ing to the phys­i­cal or men­tal health of a nat­ur­al per­son, includ­ing the pro­vi­sion of health­care ser­vices, and from which infor­ma­tion about their health sta­tus is derived;

Expla­na­tion: Health data there­fore includes all stored infor­ma­tion relat­ing to your own health. This is often data that is also record­ed in a patient file. This includes, for exam­ple, which med­ica­tion you use, X‑ray images, your entire med­ical his­to­ry or, as a rule, your vac­ci­na­tion sta­tus.

Personal data

Def­i­n­i­tion accord­ing to Arti­cle 4 of the GDPR

For the pur­pos­es of this Reg­u­la­tion:

“Per­son­al data” means any infor­ma­tion relat­ing to an iden­ti­fied or iden­ti­fi­able nat­ur­al per­son (here­inafter “data sub­ject”); an iden­ti­fi­able nat­ur­al per­son is one who can be iden­ti­fied, direct­ly or indi­rect­ly, in par­tic­u­lar by ref­er­ence to an iden­ti­fi­er such as a name, an iden­ti­fi­ca­tion num­ber, loca­tion data, an online iden­ti­fi­er or to one or more fac­tors spe­cif­ic to the phys­i­cal, phys­i­o­log­i­cal, genet­ic, men­tal, eco­nom­ic, cul­tur­al or social iden­ti­ty of that nat­ur­al per­son;

Expla­na­tion: Per­son­al data is there­fore all data that can iden­ti­fy you as a per­son. This is usu­al­ly data such as:

• Name
• Address
• E‑mail address
• Postal address
• Tele­phone num­ber
• Date of birth
• Iden­ti­fi­ca­tion num­bers such as social secu­ri­ty num­ber, tax iden­ti­fi­ca­tion num­ber, ID card num­ber or matric­u­la­tion num­ber
• Bank data such as account num­ber, cred­it infor­ma­tion, account bal­ances and much more.

Accord­ing to the Euro­pean Court of Jus­tice (ECJ), your IP address is also con­sid­ered per­son­al data. IT experts can use your IP address to deter­mine at least the approx­i­mate loca­tion of your device and sub­se­quent­ly you as the own­er of the con­nec­tion. There­fore, the stor­age of an IP address also requires a legal basis with­in the mean­ing of the GDPR. There are also so-called “spe­cial cat­e­gories” of per­son­al data, which are also par­tic­u­lar­ly wor­thy of pro­tec­tion. These include

• racial and eth­nic ori­gin
• polit­i­cal opin­ions
• reli­gious or philo­soph­i­cal beliefs
• trade union mem­ber­ship
• genet­ic data such as data tak­en from blood or sali­va sam­ples
• bio­met­ric data (i.e. infor­ma­tion on men­tal, phys­i­cal or behav­ioral char­ac­ter­is­tics that can iden­ti­fy a per­son).
• Health data
• Data on sex­u­al ori­en­ta­tion or sex life

Profiling

Def­i­n­i­tion accord­ing to Arti­cle 4 of the GDPR

For the pur­pos­es of this Reg­u­la­tion:

“Pro­fil­ing” means any form of auto­mat­ed pro­cess­ing of per­son­al data con­sist­ing of the use of per­son­al data to eval­u­ate cer­tain per­son­al aspects relat­ing to a nat­ur­al per­son, in par­tic­u­lar to ana­lyze or pre­dict aspects con­cern­ing that nat­ur­al per­son­’s per­for­mance at work, eco­nom­ic sit­u­a­tion, health, per­son­al pref­er­ences, inter­ests, reli­a­bil­i­ty, behav­ior, loca­tion or move­ments;

Expla­na­tion: Pro­fil­ing involves col­lect­ing var­i­ous pieces of infor­ma­tion about a per­son in order to find out more about them. In the web sec­tor, pro­fil­ing is often used for adver­tis­ing pur­pos­es or for cred­it checks. For exam­ple, web and adver­tis­ing analy­sis pro­grams col­lect data about your behav­ior and inter­ests on a web­site. This results in a spe­cial user pro­file that can be used to tar­get adver­tis­ing to a spe­cif­ic tar­get group.

Person responsible

Def­i­n­i­tion accord­ing to Arti­cle 4 of the GDPR

For the pur­pos­es of this Reg­u­la­tion:

“Con­troller” means the nat­ur­al or legal per­son, pub­lic author­i­ty, agency or oth­er body which, alone or joint­ly with oth­ers, deter­mines the pur­pos­es and means of the pro­cess­ing of per­son­al data; where the pur­pos­es and means of such pro­cess­ing are deter­mined by Union or Mem­ber State law, the con­troller or the spe­cif­ic cri­te­ria for its nom­i­na­tion may be pro­vid­ed for by Union or Mem­ber State law;

Expla­na­tion: In our case, we are respon­si­ble for the pro­cess­ing of your per­son­al data and are there­fore the “con­troller”. If we pass on col­lect­ed data to oth­er ser­vice providers for pro­cess­ing, they are “proces­sors”. An “order pro­cess­ing con­tract (AVV)” must be signed for this.

Processing

Def­i­n­i­tion accord­ing to Arti­cle 4 of the GDPR

For the pur­pos­es of this Reg­u­la­tion:

“Pro­cess­ing” means any oper­a­tion or set of oper­a­tions which is per­formed on per­son­al data or on sets of per­son­al data, whether or not by auto­mat­ed means, such as col­lec­tion, record­ing, orga­ni­za­tion, struc­tur­ing, stor­age, adap­ta­tion or alter­ation, retrieval, con­sul­ta­tion, use, dis­clo­sure by trans­mis­sion, dis­sem­i­na­tion or oth­er­wise mak­ing avail­able, align­ment or com­bi­na­tion, restric­tion, era­sure or destruc­tion;

Note: When we refer to pro­cess­ing in our pri­va­cy pol­i­cy, we mean any kind of data pro­cess­ing. As men­tioned above in the orig­i­nal GDPR dec­la­ra­tion, this includes not only the col­lec­tion but also the stor­age and pro­cess­ing of data.

All texts are pro­tect­ed by copy­right.