1. Name and contact details of the controller and the company data protection officer
Salurner Straße 2
Telephone: +49 821 4559700
Fax: +49 821 45597022
2. Information on collection and storage of personal data, the nature and purpose of said data and its use
a) When visiting the website
When you visit our website, the browser used on your terminal device automatically sends information to our website server. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until it is automatically deleted:
- IP address
- Date and time of request
- Time zone difference from Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transmitted each time
- The website making the request
- Browser type and version
- Operating system and user interface
- Language and version of the browser software
- Name of the accessed web page
- Message about successful retrieval
The aforementioned data will be processed by us for the following purposes:
- Ensuring a smooth establishment of connection by the website
- Ensuring a comfortable use of our website
- System security and site stability
- For other administrative purposes
The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f GDPR. The purposes indicated above constitute our legitimate interest in collecting such data. Under no circumstances will we use the data collected for the purpose of drawing any conclusions about you.
b) When registering for our newsletter,
Insofar as you are expressly gave your consent according to Art. 6 para. 1 p. 1 lit. a GDPR, we will use your email address to send you our newsletter on a regular basis. To receive the newsletter, simply provide an email address.
Unsubscribing is possible at any time, for example via a link at the end of each newsletter. Alternatively, you are welcome to email your unsubscribe request to email@example.com at any time. The storage period for your data expires within 24 hours after unsubscribing from the newsletter.
c) When using our contact form
For questions of any kind, we offer you the opportunity to contact us via a form provided on the website. In doing so, it is necessary to provide a valid email address so that we know from whom the request originates and so that we can answer it. Additional information can be provided voluntarily.
We process this data for the purpose of maintaining contact according to Art. 6 para. 1 p. 1 lit. a GDPR based on your voluntarily given consent.
The personal data collected by us for the use of the contact form will be automatically deleted after completion of your request.
3. Data disclosure
Your personal data will not be transferred to third parties for purposes other than those mentioned.
We will only disclose your personal data to third parties if:
- you have expressly consented to this according to Art. 6 para. 1 p. 1 lit. a GDPR
- the transfer according to Art. 6 para. 1 p. 1 lit. f GDPR is required in order to assert, exercise, or defend legal claims and there is no reason to believe that you have an overriding interest in not disclosing your data
- in the event of transfer according to Art. 6 para. 1 p. 1 lit. c GDPR, a legal obligation exists
- which is legally permissible and in accordance with Art. 6 para. 1 p. 1 lit. b GDPR, is necessary for the processing of contractual relationships with you
- You have chosen the credit card payment method. SumUp Limited is the responsible party here as our credit card service provider. You can find all important information about the data protection of SumUp Limited here: https://www.sumup.com/en-us/privacy
4. Unsolicited applications
You are welcome to send us unsolicited applications. Please ensure yourself that the transmission path you choose is sufficiently secure. Sending an email without a suitable encryption method is not recommended, as your data could then be read and used by unauthorized persons on the communication path without much effort. If you would like to send us an encrypted email with application documents, please only use the email address firstname.lastname@example.org.
Information is stored in the cookie that arises in each case in connection with the specific end device used. This does not mean, however, that we thereby gain direct knowledge of your identity.
In addition, to optimize user-friendliness, we also use temporary cookies which are stored on your terminal device for a certain specified period of time. If you visit our site again to use our services, it is automatically recognized that you have already been with us and which entries and settings you have made so that you do not have to enter them again.
The data processed by cookies are necessary for the aforementioned purposes to protect our legitimate interests as well as those of third parties according to Art. 6 para. 1 p. 1 lit. f GDPR.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.
The tracking measures listed below and used by us are used on the basis of Art. 6 para. 1 p. 1 lit. f GDPR. With the tracking measures used, we want to ensure a needs-based design and the ongoing optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing what we offer for you. These interests are to be considered legitimate within the meaning of the aforementioned provision.
The respective data processing purposes and data categories can be found in the corresponding tracking tools.
i) Google analytics
For the purpose of demand-oriented design and ongoing optimization of our pages, we use Google Analytics, a web analytics service provided by Google Inc (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google"). In this context, pseudonymized usage profiles are created and cookies used (see under section 4). The information generated by the cookie about your use of this website, such as
- browser type/version
- operating system used
- referrer URL (the previously visited page)
- host name of the accessing computer (IP address)
- time of the server request
are transferred to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to the use of the website and the Internet for the purposes of market research and demand-oriented design of these Internet pages. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. In no case will your IP address be merged with other data from Google. The IP addresses are anonymized so that no assignment is possible (IP masking).
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent the collection by Google Analytics by clicking on this link. An opt-out cookie is set that prevents future collection of your data when visiting this website. The opt-out cookie is valid only in this browser and only for our website and will be stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
Further information on data protection in connection with Google Analytics can be found, for example, in the Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=de).
ii) Google Adwords conversion tracking
In order to statistically record the use of our website and to evaluate it for the purpose of optimizing our website for you, we also use Google Conversion Tracking. In the process, Google Adwords sets a cookie (see section 5) on your computer if you have accessed our website via a Google ad.
These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords customer's website and the cookie has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page.
Each Adwords customer receives a different cookie. Cookies can therefore not be tracked through the websites of Adwords customers. The information collected using the conversion cookie is used to create conversion statistics for Adwords customers who have opted for conversion tracking. Adwords customers will learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information by which users can be personally identified.
7. Social media plug-ins
On our website, on the basis of Art. 6 para. 1 p. 1 lit. f GDPR, we utilize social plug-ins of the social networks Facebook, Twitter and Instagram, to make our company better known. The underlying promotional purpose is to be considered a legitimate interest within the meaning of the GDPR. Responsibility for data protection-compliant operation is to be ensured by their respective providers. The integration of these plug-ins by us takes place by way of the so-called two-click method in order to protect visitors to our website as best as possible.
Social media plugins from Facebook are used on our website to make their use more personal. For this purpose, we use the "LIKE" or "SHARE" buttons. This is an offer from Facebook.
When you visit a page of our website that contains such a plugin, your browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser, which then integrates it into the website.
By integrating the plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there.
If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook account. If you interact with the plugins, for example by clicking the "LIKE" or "SHARE" button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information will also be published on Facebook and displayed to your Facebook friends.
Facebook may use this information for the purposes of advertising, market research, and customization of Facebook pages. For this purpose, Facebook creates usage, interest and relationship profiles, e.g., to evaluate your use of our website with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website, and to provide other services associated with the use of Facebook.
If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website.
Our website integrates plugins for the short-message network Twitter Inc. (Twitter). You can recognize the Twitter plugins (tweet button) by the Twitter logo on our site. An overview of tweet buttons can be found here (https://about.twitter.com/resources/buttons).
When you call up a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. Twitter thereby receives the information that you have visited our site with your IP address. If you click on the Twitter "tweet button" while logged into your Twitter account, you can link the contents of our pages on your Twitter profile. This allows Twitter to assign the visit to our pages to your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter.
If you do not want Twitter to be able to associate your visit to our pages, please log out of your Twitter user account.
Our website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our web pages with your IP address. If you click the "Recommend” button of LinkedIn and are logged into your account at LinkedIn, it is possible for LinkedIn to assign your visit to our website to you and your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by LinkedIn.
Our website uses functions of the XING network. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time one of our pages containing Xing functions is accessed, a connection to Xing servers is established. As far as we are aware, no personal data is stored in the process. In particular, no IP addresses are stored or usage behavior evaluated.
8. Use of our web shop
If you would like to order in our online shop, in order to conclude the contract it is necessary for you to provide your personal data, which we need for processing your order. Mandatory information necessary for the processing of contracts is marked separately; other information is voluntary. We process the data you provide to process your order. For this purpose, we may pass on your payment data to our company bank. The legal basis for this is Art. 6 Abs. 1 p. 1 lit. b GDPR.
You can voluntarily create a customer account, through which we can store your data for future purchases. When you create an account under "My account," and the data you provide will be stored but may be cancelled. You can always delete all other data, including your user account, in the customer area.
We may also process the data you provide to inform you about other interesting products from our portfolio or to send you emails with technical information.
We are obliged by commercial and tax law to store your address, payment and order data for a period of 10 years. However, we restrict processing after two years, i.e., your data will only be used to comply with legal obligations.
To prevent unauthorized access by third parties to your personal data, especially financial data, the ordering process is encrypted using TLS technology.
9. YouTube video integration
We have integrated YouTube videos into our online offering; they are stored on http://www.YouTube.com and can be played directly from our website. [These are all embedded in "extended data protection mode," which means that no data about you as a user is transmitted to YouTube if you do not play the videos. The data mentioned in paragraph 2 are only transmitted when you play the videos. We have no influence on this data transmission.]
Due to visit to the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned under section 3 of this declaration will be transmitted. This occurs regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data are directly assigned to your account. If you do not want the assignment with your profile at YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) for the provision of tailored advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact YouTube to exercise this right.
10. Data subject rights
You have the right:
- in accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details.
- in accordance with Art. 16 GDPR, to demand without delay the correction of incorrect or completion of your personal data stored by us.
- in accordance with Art. 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims.
- in accordance with Art. 18 GDPR, to restrict the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims, or you have a legitimate interest in the processing of your personal data, in accordance with Art. 21 GDPR, and have objected to its processing.
- in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller.
- in accordance with Art. 7 para. 3 GDPR, to revoke your consent once given to us at any time. This has the consequence that we may no longer continue the data processing based on this consent for the future. in accordance with Art. 77 GDPR, to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters for this purpose.
11. Right of appeal
If your personal data is collected on the basis of legitimate interests in accordance with Art. 6 para. 1 p. 1 lit. f GDPR, you have the right, in accordance with Art. 21 GDPR, to object to the processing of your personal data, insofar as there are grounds for doing so that arise from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation.
If you wish to exercise your right of revocation or objection, simply send an email to email@example.com.
12. Data security
Within the website visit, we use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously being improved in line with technological developments.