DATA PROTECTION

Relevant legal bases

In accordance with Art. 13 GDPR, we will inform you of the legal basis for our data processing. If the legal basis is not mentioned in the data protection declaration, the following applies: The legal basis for obtaining consent is Art. 6 Para. 1 lit. a and Art. 7 GDPR, the legal basis for processing to fulfill our services and carry out contractual measures as well as answering inquiries is Art. 6 Para. 1 lit. b GDPR, the legal basis for processing to fulfill our legal obligations is Art. 6 Para. 1 lit. c GDPR, and the legal basis for processing to protect our legitimate interests is Art. 6 Para. 1 lit. f GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 Para. 1 lit. d GDPR serves as the legal basis.

Changes and updates to the privacy policy

We ask you to regularly inform yourself about the content of our data protection declaration. We will adapt the data protection declaration as soon as changes to the data processing we carry out make this necessary. We will inform you as soon as the changes require your cooperation (e.g. consent) or other individual notification.

security measures

In accordance with Art. 32 GDPR, we take suitable technical and organizational measures to ensure a level of protection appropriate to the risk, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of processing as well as the varying likelihood of occurrence and severity of the risk to the rights and freedoms of natural persons. The measures include in particular ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access, input, transfer, securing availability and separation of data. Furthermore, we have set up procedures that ensure the exercise of data subject rights, deletion of data and response to data threats. Furthermore, we take the protection of personal data into account when developing or selecting hardware, software and procedures, in accordance with the principle of data protection through technology design and through data protection-friendly default settings (Art. 25 GDPR).

The security measures include in particular the encrypted transmission of data between your browser and our server.

cooperation with processors and third parties

If, as part of our processing, we disclose data to other persons and companies (contract processors or third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as payment service providers, is necessary to fulfil the contract in accordance with Art. 6 Para. 1 lit. b GDPR), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).

If we commission third parties to process data on the basis of a so-called “order processing agreement”, this is done on the basis of Art. 28 GDPR.

data transfer to third countries

Except for the applications mentioned above, no transmission to countries outside the EU takes place and is not planned.

rights of those affected

You have the right to:

information about your stored data
Correction and completion of your stored data
Deletion of your no longer needed data
restriction of the processing of your data
Revocation of consent granted with effect for the future
Objection to the future processing of data concerning you, in particular against processing for direct marketing purposes
Receipt and transmission to other responsible parties of the data concerning you

provision of contractual services

If inventory data (e.g. names and addresses as well as contact details of users) are processed, this is done to fulfil our contractual obligations and services in accordance with Art. 6 Paragraph 1 Letter b. GDPR. The entries marked as mandatory in online forms are required for the conclusion of the contract.

deletion of data

The data we process is deleted or restricted in accordance with Art. 17 and 18 GDPR. Unless expressly stated in this privacy policy, the data stored by us is deleted as soon as it is no longer required for its intended purpose and there are no statutory retention periods that prevent deletion. If the data is not deleted because it is required for other legally permissible purposes, its processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.

contact

When you contact us (via contact form or email), the user's details will be processed to handle the contact request and its processing in accordance with Art. 6 (1) (b) GDPR.

User information may be stored in a customer relationship management system ("CRM system") or comparable inquiry organization.

We delete the requests if they are no longer required. We check the necessity every two years; we permanently save requests from customers who have a customer account and refer to the customer account details for deletion. In the case of statutory archiving obligations, deletion takes place after these expire (end of commercial law (6 years) and tax law (10 years) retention periods).

collection of access data and log files

Based on our legitimate interests in accordance with Art. 6 (1) (f) GDPR, we collect data about every access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.

Log file information is stored for security reasons (e.g. to investigate misuse or fraud) for a maximum of seven days and then deleted. Data that needs to be retained for evidentiary purposes is exempt from deletion until the respective incident has been finally resolved.

online presence in social media

Within the scope of our legitimate interests within the meaning of Art. 6 Para. 1 lit. f. GDPR, we operate online presences within social networks and platforms in order to communicate with customers, interested parties and users active there and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply.

Unless otherwise stated in our privacy policy, we process users' data if they communicate with us within the social networks and platforms, e.g. by writing posts on our online presence or sending us messages.

use of cookies

Cookies are pieces of information that are transferred from our web server or third-party web servers to users' web browsers and stored there for later retrieval. Cookies can be small files or other types of information storage.

We use "session cookies" that are only stored for the duration of your current visit to our website (e.g. to enable the storage of your login status or the shopping cart function and thus the use of our online service). A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. A cookie also contains information about its origin and the storage period. These cookies cannot store any other data. Session cookies are deleted when you have finished using our online service and, for example, log out or close the browser.

Users are informed about the use of cookies in the context of pseudonymous reach measurement in this data protection declaration.

If you do not want cookies to be stored on your computer, please deactivate the corresponding option in the system settings of your browser. Stored cookies can be deleted in the system settings of the browser. Excluding cookies can lead to functional restrictions of this online service.

You can object to the use of cookies that are used for reach measurement and advertising purposes via the deactivation page of the Network Advertising Initiative ( http://optout.networkadvertising.org/ ) and additionally the US website ( http://www.aboutads.info/choices ) or the European website ( http://www.youronlinechoices.com/uk/your-ad-choices/ ).

Use of Google Analytics

This website uses Google Analytics, a web analysis service provided by Google Inc. (hereinafter: Google). Google Analytics uses so-called "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website is usually transferred to a Google server in the USA and saved there. However, due to the activation of IP anonymization on these websites, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and Internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ).

You can prevent cookies from being saved by selecting the appropriate settings on your browser software; however, please note that if you do this, you may not be able to use all the functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de (browser add-on to deactivate Google Analytics)

In addition or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our pages by clicking this link .

An opt-out cookie will be installed on your device. This will prevent Google Analytics from collecting data for this website and for this browser in the future as long as the cookie remains installed in your browser.

Integration of third-party services and content

Based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offering within the meaning of Art. 6 Para. 1 lit. f. GDPR), we use content or service offers from third parties in order to integrate their content and services, such as videos or fonts (hereinafter referred to uniformly as "content"). This always requires that the third-party providers of this content perceive the IP address of the users, since without the IP address they would not be able to send the content to their browser. The IP address is therefore required to display this content. We endeavor to only use content whose respective providers only use the IP address to deliver the content. Third-party providers can also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, and may also be linked to such information from other sources.

The following presentation provides an overview of third-party providers and their content, along with links to their privacy policies, which contain further information on the processing of data and, in some cases already mentioned here, options for objection (so-called opt-out):

Maps of the “Google Maps” service provided by the third-party provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/ .
Videos from the “YouTube” platform of the third-party provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://policies.google.com/privacy , Opt-Out: https://adssettings.google.com/authenticated .

supervisory authority

According to Article 77 of the EU GDPR, you can lodge a complaint with a supervisory authority if you believe that the processing of personal data concerning you violates the EU GDPR or the BDSG.

icons

Chart icons created by Smashicons - Flaticon, www.flaticon.com

Icons designed by Freepik, www.freepik.com