Privacy policy

Germany

SSL or TLS encryption

When you enter your data on websites, place online orders or send e-mails via the Internet, you must always be prepared for unauthorized third parties to access your data. There is no complete protection against such access. However, we make every effort to protect your data in the best possible way and to close security gaps as far as possible.

An important protection mechanism is the SSL or TLS encryption of our website, which ensures that data that you transmit to us cannot be read by third parties. You can recognize the encryption by the lock icon in front of the Internet address entered in your browser and by the fact that our Internet address begins with https:// and not with http://.

Data transfer to the USA

We also use tools on our website from companies that transfer your data to the USA and store and, if necessary, process it there. The European Commission has adopted an adequacy decision for the EU-US data protection framework. This establishes that the USA guarantees an adequate level of protection for personal data from the EU that is transferred to US companies. This decision is based on new safeguards and measures introduced by the US to meet data protection requirements. The adequacy decision includes, among other things, restrictions and safeguards on access to the data by US intelligence services. Binding safeguards have been introduced to limit the access of US intelligence agencies to what is necessary and proportionate to protect national security. In addition, increased oversight of the activities of the US intelligence services has been established to ensure that the restrictions on surveillance activities are complied with. An independent redress mechanism has also been established to handle and resolve complaints from European citizens about access to their data. The EU-US Privacy Shield Framework thus allows European companies to transfer data to certified US companies without having to introduce additional data protection safeguards. You can view a list of all certified companies at the following link: https://www.dataprivacyframework.gov/s/participant-search

A change to the European Commission's decision cannot be ruled out.

Hosting and Content Delivery Networks (CDN)

External hosting

Our website is hosted on a server of the following internet service provider (hoster):

Has an order processing contract been concluded with the hoster or are standard contractual clauses (SCC) used?

Yes

How do we process your data?

The host stores all data from our website. This also includes all personal data that is collected automatically or through your input. This may include in particular Your IP address, pages accessed, names, contact details and inquiries as well as meta and communication data. When processing data, our hoster complies with our instructions and only ever processes the data to the extent that this is necessary to fulfill the service obligation to us.

On what legal basis do we process your data?

Since we address potential customers via our website and maintain contact with existing customers, data processing by our hoster serves to initiate and fulfill contracts and is therefore based on Art. 6 para. 1 lit. b) GDPR. In addition, it is our legitimate interest as a company to provide a professional website that meets the necessary requirements for security, speed and efficiency. In this respect, we also process your data on the basis of Art. 6 para. 1 lit. f) GDPR.

Use of cookies

Our website places cookies on your device. These are small text files that are used for different purposes. Some cookies are technically necessary for the website to function at all (necessary cookies). Others are required to perform certain actions or functions on the site (functional cookies). For example, without cookies it would not be possible to use the benefits of a shopping basket in an online store. Other cookies are used to analyze user behavior or to optimize advertising measures. If we use third-party services on our website, e.g. to process payment transactions, these companies may also leave cookies on your device when you access the website (so-called third-party cookies).

How do we process your data?

Session cookies are only stored on your device for the duration of a session. As soon as you close the browser, they disappear automatically. Permanent cookies, on the other hand, remain on your device if you do not delete them yourself. This can lead, for example, to your user behavior being permanently analyzed. You can use the settings in your browser to influence how it handles cookies:

• Do you want to be informed when cookies are set?
• Do you want to exclude cookies in general or for certain cases?
• Do you want cookies to be deleted automatically when you close your browser?

If you deactivate or do not allow cookies, the functionality of the website may be restricted.

If we use cookies from other companies or for analysis purposes, we will inform you about this in this privacy policy. We also ask for your consent in this regard when you visit our website.

On what legal basis do we process your data?

We have a legitimate interest in ensuring that our online services can be used by visitors without technical problems and that all desired functions are available to them. The storage of necessary and functional cookies on your device is therefore based on Art. 6 para. 1 lit. f) GDPR. We use all other cookies on the basis of Art. 6 para. 1 lit. a) GDPR, provided that you give us your consent to do so. You can revoke this consent at any time with effect for the future. If you have consented to the placement of necessary and functional cookies when your consent was requested, these cookies will also be stored exclusively on the basis of your consent.

Contact form

You can send us a message using the contact form on this website.

How do we process your data?

We store your message and the information from the form in order to be able to process your request, including follow-up questions. This also applies to the contact details provided. We will not pass the data on to other persons without your consent.

How long do we store your data?

We delete your data as soon as one of the following points occurs:

• Your request has been finally processed.
• You ask us to delete the data.
• You revoke your consent to storage.

This does not apply only if we are required by law to retain the data.

On what legal basis do we process your data?

If your request is related to our contractual relationship or serves the implementation of pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b) GDPR. In all other cases, it is in our legitimate interest to process inquiries addressed to us effectively. The legal basis for data processing is therefore Art. 6 para. 1 lit. f) GDPR. If you have consented to the storage of your data, Art. 6 para. 1 lit. a) GDPR is the legal basis. In this case, you can withdraw your consent at any time with effect for the future.

Request by e-mail, telephone or fax

You can send us a message by e-mail or fax or give us a call.

How do we process your data?

We store your message and the contact details you have provided or the telephone number you have transmitted so that we can process your inquiry, including any follow-up questions. We will not pass the data on to other persons without your consent.

How long do we store your data?

We delete your data as soon as one of the following points occurs:

• Your request has been finally processed.
• You ask us to delete the data.
• You revoke your consent to storage.

This does not apply only if we are required by law to retain the data.

On what legal basis do we process your data?

If your request is related to our contractual relationship or serves the implementation of pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b) GDPR. In all other cases, it is in our legitimate interest to process inquiries addressed to us effectively. The legal basis for data processing is therefore Art. 6 para. 1 lit. f) GDPR. If you have consented to the storage of your data, Art. 6 para. 1 lit. a) GDPR is the legal basis. In this case, you can withdraw your consent at any time with effect for the future.

Microsoft Bookings

What is Micosoft Bookings?

Scheduling tool

Who processes your data?

Microsoft Ireland Operations Limited One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland

Where can you find more information about data protection at Microsoft?

https://privacy.microsoft.com/de-de/privacystatement

On what basis do we transfer your data to the USA?

Based on the adequacy decision of the European Commission and the corresponding certification of the company.

How do we process your data?

To make an appointment with us, you can use the Microsoft Bookings tool on our website. We use the data for the planning, execution and, if necessary, follow-up of the appointment.

How long do we store your data?

We delete your data as soon as one of the following points occurs:

- The purpose of the data processing no longer applies.

- You ask us to delete the data.

- You revoke your consent to storage.

This does not apply only if we are required by law to retain the data.

On what legal basis do we process your data?

We have a legitimate interest in arranging appointments with customers and other interested parties as easily as possible. Data processing is therefore carried out on the basis of Art. 6 para. 1 lit. f) GDPR. If you have consented to the storage of your data, Art. 6 para. 1 lit. a) GDPR is the sole legal basis. In this case, you can revoke your consent at any time with effect for the future.

Analysis tools and advertising

We use the following tools to analyze the behavior of our website visitors and show you advertisements.

Google Tag Manager

What is Google Tag Manager?

Tag management system for the integration of tracking codes and conversion pixels of Google Ireland. Ltd.

Who processes your data?

Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland

Where can you find more information about data protection at Google Tag Manager?

https://policies.google.com/privacy

On what basis do we transfer your data to the USA?

Based on the adequacy decision of the European Commission and the corresponding certification of the company.

How do we process your data?

We use the Google Tag Manager. This tool helps us to integrate tracking codes and conversion pixels into our website, manage them and play them out. Google Tag Manager itself does not create any user profiles, does not place any cookies on your device and does not analyze your behavior as a user. However, it does record your IP address and transmits it to Google servers in the USA.

On what legal basis do we process your data?

We have a legitimate interest in the fast and uncomplicated integration and management of various tools on our website. The use of Google Tag Manager is therefore lawful under Art. 6 (1) (f) GDPR. If you have consented to the forwarding of your IP address, we process your data exclusively on the basis of Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time with effect for the future.

Google Ads

What is Google Ads?

Online advertising program of Google Ireland Ltd.

Who processes your data?

Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland

Where can you find more information about data protection at Google Ads?

https://policies.google.com/privacy?hl=de&gl=de

On what basis do we transfer your data to the USA?

Based on the adequacy decision of the European Commission and the corresponding certification of the company.

How do we process your data?

We use Google Ads. Google's advertising program enables us to display advertisements in the Google search engine or on third-party websites when visitors to our website enter certain search terms on Google (keyword targeting). Furthermore, we can place targeted advertisements (target group targeting) based on the user data available at Google (e.g. location data and interests). We evaluate the collected data quantitatively, for example by analyzing which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks.

On what legal basis do we process your data?

As a website operator, we have a legitimate interest in the placement and analysis of advertisements. Data processing is therefore lawful under Art. 6 (1) (f) GDPR. In the event that you have consented to the storage of cookies, for example, or have otherwise consented to data processing by Google, the legal basis is exclusively Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time with effect for the future.

Newsletter

Mail poet

What is Mail Poet?

Among other things, service for sending newsletters and analyzing recipient behavior

Who processes your data?

Aut O'Mattic, A8C Ireland Ltd, Business Centre, No.1 Lower Mayor Street, International Financial Services Centre, Dublin 1, Ireland

Where can I find more information about data protection at Mail Poet?

https://automattic.com/privacy/

On what basis do we transfer your data to the USA?

Based on the adequacy decision of the European Commission and the corresponding certification of the company.

How do we process your data?

We use Mail Poet to send out our newsletter. The service manages the data of newsletter subscribers for us, sends out our newsletter and analyzes our newsletter campaigns.

If you would like to receive our newsletter, we need your e-mail address. We will also use a confirmation e-mail (double opt-in procedure) to check whether you really are the owner of this e-mail address. We do not collect any further data, or only on a voluntary basis. We use your data exclusively for sending the newsletter. They are stored on a Mail Poet server.

If we send a newsletter via Mail Poet and you open it, a file contained in the newsletter automatically connects to the Mail Poet servers. This tells the service that the newsletter has been opened and registers all clicks on the links it contains. It also registers whether you have made a purchase after clicking on a link, for example. Mail Poet also records technical information such as the time of access, IP address, browser type and operating system.

With Mail Poet, we can divide the recipients of our newsletter into categories, e.g. age, gender or place of residence. This enables us to better adapt our newsletters to the respective target group.

You can unsubscribe from the newsletter at any time.

How long do we store your data?

After you have unsubscribed, your data will be deleted from the newsletter distribution list. Under certain circumstances, we may also place your e-mail address on a blacklist; this is necessary, for example, if we have received an objection to advertising from you. The storage then takes place on the basis of Art. 6 para. 1 lit. f) GDPR.

Furthermore, we reserve the right to delete the data at any time once the purpose for which it was collected no longer applies or at our own discretion.

On what legal basis do we process your data?

By adding your name to the subscriber list, you consent to the processing of your data by Mail Poet. This is therefore lawful on the basis of Art. 6 para. 1 lit. a) GDPR. You can revoke your consent by unsubscribing from the newsletter or by sending us an informal message. For us, this means that we may no longer send you newsletters from this point on.

Google Fonts (local hosting)

We use fonts from the US company Google on our website. We have installed the fonts locally, so there is no connection to Google's servers when you visit our website.

Further information on Google Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://policies.google.com/privacy?hl=de.

OneDrive

What is OneDrive?

Cloud storage

Who processes your data?

Microsoft Corp, One Microsoft Way, Redmond, WA 98052-6399, USA

Where can you find more information about data protection at OneDrive?

https://privacy.microsoft.com/de-de/privacystatement

On what basis do we transfer your data to the USA?

Based on the adequacy decision of the European Commission and the corresponding certification of the company.

How do we process your data?

You can upload files on our website. We use the cloud storage OneDrive for this purpose. The files are stored on the servers of the US company Microsoft. When you visit our website, a connection to OneDrive is also established. The cloud storage registers that our website has been accessed via your IP address.

On what legal basis do we process your data?

We have a legitimate interest in offering a reliable upload area on our website. Your data is therefore processed on the basis of Art. 6 para. 1 lit. f) GDPR. If you have consented to data processing, we process your data exclusively on the basis of Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time with effect for the future.

Use of chats and chatbots

You have the option of communicating with us on our website via chat or chatbot. Chatbots can respond to communication without human assistance.

How do we process your data?

If you ask a question or make an entry of any kind in the chat window, the chatbot analyzes other data in addition to your entries in order to provide suitable answers (e.g. names, email addresses and other contact data, customer numbers and other identifiers, orders and chat histories). Your IP address, log files, location information and other metadata may also be collected via the chatbot. This data is generally stored on the chatbot provider's servers.

User profiles can be created on the basis of the data collected. In addition, if the other legal requirements are met (in particular your consent), the data can be used to display advertising relevant to your interests. For this purpose, the chatbots may be linked to analysis and advertising tools.

The data collected can also be used to improve our chatbots and their response behavior (machine learning).

How long do we store your data?

We delete your data as soon as one of the following points occurs:

- Your request has been finally processed.

- You ask us to delete the data.

- You revoke your consent to storage.

This does not apply only if we are required by law to retain the data.

On what legal basis do we process your data?

If our exchange via chatbot is related to our contractual relationship or serves the implementation of pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b) GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time. In all other cases, the use is based on our legitimate interest in the most effective customer communication possible (Art. 6 para. 1 lit. f GDPR).

Chatfuel

What is Chatfuel?

Chatfuel is a platform for creating chatbots without programming knowledge. It allows users to create and manage chatbots for Facebook Messenger, Telegram and other platforms.

Who processes your data?

200 LABS, INC., d/b/a Chatfuel, 490 Post Street, Ste. 526, San Francisco, CA 94102, USA

Where can you find more information about data protection at Chatfuel?

https://chatfuel.com/files/PrivacyPolicy-EU.pdf

On what basis do we transfer your data to the USA?

Based on the standard contractual clauses of the European Commission(https://chatfuel.com/files/PrivacyPolicy-EU.pdf )

How do we process your data?

As part of the communication with you, Chatfuel processes all data entered as well as log data (browser device, etc.), your IP address and the corresponding platform page from which your request comes. Chatfuel uses artificial neural networks (artificial intelligence) to evaluate user input and generate appropriate responses. User behavior is also analyzed. All data generated in the course of communication is also shared with the corresponding platform via which your request was received.

Audio and video conferencing

As a company, we are in contact with many people: Customers, business partners, service providers, etc. In addition to other means of communication, we also use online conferencing tools. Information relevant to data protection law on the provider(s) of the tools we use can be found at the end of this section. If you communicate with us via such a tool, not only we, but in particular the provider of the respective tool will process your personal data.

How do we process your data?

Online conference tools collect and store various personal data to enable participation in an online conference and its smooth execution. In addition to registration, conference and technical data, this also applies to certain communication content.

• Registration data: Your e-mail address and/or telephone number and, if applicable, other data that you provide when registering for the conference.
• Conference data: The start, end, and duration of your participation in the conference, the number of participants, and other metadata about the conference.
• Technical data: IP address, MAC address, device ID, device type, operating system and version, client version, camera type, microphone or loudspeaker and the type of connection.
• Communication content: Cloud recordings, chat/instant messages, voicemails uploaded photos and videos, files, whiteboards and other information shared while using the service.

For details on data processing, please refer to the data protection declarations of the respective conference tool provider.

How long do we store your data?

As your communication partner, we will delete your data from our systems as soon as one of the following points occurs:

• The purpose of data processing no longer applies.
• You ask us to delete the data.
• You revoke your consent to storage.

This does not apply only if we are required by law to retain the data.

Cookies remain on your end device until you delete them.

The providers of conference tools also store your data for their own purposes. Please contact the providers directly to find out what this means for the duration of the storage of your data.

On what legal basis do we process your data?

If we already have a contractual relationship or if you wish to conclude a contract with us, we use conference tools to fulfill the contract or to inform you about our services or products. In this respect, data processing is carried out on the basis of Art. 6 para. 1 lit. b) GDPR. Otherwise, the use of conference tools serves the purpose of simple and fast communication, without which we would not be able to run our company efficiently. We therefore also have a legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f) GDPR. Another legal basis may be your consent. In this case, Art. 6 para. 1 lit. a) GDPR is relevant. This basis ceases to apply in the future if you withdraw your consent.

What online conferencing tools do we use?

Microsoft Teams

What is Microsoft Teams?

Communication platform for team collaboration

Who processes your data?

Microsoft Corp, One Microsoft Way, Redmond, WA 98052-6399, USA

Where can you find more information about data protection at Microsoft Teams?

https://privacy.microsoft.com/de-de/privacystatement

On what basis do we transfer your data to the USA?

Based on the adequacy decision of the European Commission and the corresponding certification of the company.

Own services / other

Handling applicant data

If you would like to work for us, we would be pleased to receive your application. We treat all personal data submitted as strictly confidential. This also applies to data that we only collect later during the application process.

How do we process your data?

We store and use all data that we collect during the application process insofar as this is necessary for the decision on the establishment of an employment relationship. In addition to contact and communication data and application documents, this also applies, for example, to notes that we take during job interviews. We only pass on your data within our company to persons who are involved in processing your application.

If your application is successful, we will store the data required to carry out the employment relationship in our data processing systems.

How long do we store your data?

If we are unable to make you a job offer, you reject a job offer or withdraw your application, we reserve the right to retain your documents and other application data for up to 6 months after the end of the application process. The reason for this is that we may need the data for evidence purposes in the event of a legal dispute. After this period has expired, we delete the data and destroy the documents. If a legal dispute is actually imminent or already pending, we will delete the data and documents if they are no longer required for evidentiary purposes.

The deletion of your data always presupposes that we are not legally obliged to keep it for longer.

On what legal basis do we process your data?

We process your applicant data on the basis of § 26 BDSG-new (initiation of an employment relationship) and Art. 6 para. 1 lit. b) GDPR (general contract initiation).

The same applies if your application is successful.

If we are unable to make you a job offer, you reject a job offer or withdraw your application, we have a legitimate interest in using your data for evidence purposes in a possible legal dispute. The data processing is therefore based on Art. 6 para. 1 lit. f) GDPR.

If you have expressly consented to the storage of your data, we process your data on the basis of Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time with effect for the future.

Data processing on social media

What is social media?

By social media, we mean the social networks on which we have created publicly accessible profiles. You can find out which social networks these are below.

Who processes your data?

The respective operating companies of the social networks. You can find the individual operators below under the respective networks.

How is your data processed?

The operators of social networks are generally able to collect and evaluate comprehensive data about the behavior of visitors and users of the network. It is not possible for us to track all processing operations in the social networks we use, which is why further processing operations that are not listed here may be carried out by the operators of the social networks. You can find more information on this in the terms of use and privacy policies of the respective social networks.

The processing of your data can be triggered when you visit the website of the social network or our profile page there. Even if you visit a website that uses certain network content, e.g. like or share buttons, data may already be transferred to the operators of the social network. If you yourself are a user of the social network and are logged into your user account, your visit to our profile page can be assigned to your account by the operator of the social network. Even if you have not registered a user account yourself or are not logged in, the operator of the network may still collect your personal data, e.g. by recording your IP address or setting cookies. With this data, the operators can create user profiles tailored to your behavior and interests and show you interest-based advertising inside and outside the network. If you are a registered user of the network, interest-based advertising may also be displayed on all devices on which you are or were logged in.

On what legal basis is your data processed?

Our profiles on social networks are intended to ensure that our company has the widest possible presence on the Internet. As a company, we have a legitimate interest in this. Data processing is therefore lawful in accordance with Art. 6 para. 1 lit. f GDPR.

The data processing operations and analyses carried out by the social network operators themselves may be based on other legal bases. These must be specified by the operators of the social networks.

Who is responsible for processing your data and how can you assert your rights?

If you visit one of our profiles in the social networks, we are jointly responsible with the operator of the respective network for the data processing operations triggered during this visit. In principle, you can assert your rights against both us and the operator of the respective network.

Despite the joint responsibility with the operators of the social networks, our influence on the data processing operations of the respective operator is limited and is primarily based on the specifications of the operator.

How long will your data be stored?

If we collect data via our profiles in the social networks, these are deleted from our systems as soon as the purpose for their storage no longer applies, you request us to delete them or you revoke your consent to their storage. Stored cookies remain on your end device until you delete them. Mandatory statutory provisions - in particular retention periods - remain unaffected.

We have no influence on how long the operators of the social networks store your data, which the operators collect for their own purposes. You can obtain information on this directly from the operator of the respective social network, e.g. in the respective privacy policy.

What social media do we use?

Facebook

What is Facebook?
A social network

Who processes your data?
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland

Is your data transferred to third countries?
Yes, to the USA and also to other third countries

Where can you find more information about data protection on Facebook?
https://www.facebook.com/about/privacy/

As a Facebook user, where can you adjust your advertising settings?
As a registered Facebook user, you can adjust your advertising settings in your user account. To do this, click on the following link and log in:
https://www.facebook.com/settings?tab=ads.

Instagram

What is Instagram?
A social network specializing in photos and videos

Who processes your data?
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland

Will your data be transferred to third countries?
Yes

Where can you find more information about Instagram privacy?
https://help.instagram.com/519522125107875/?helpref=hc_fnav&bc[0]=Instagram help section&bc[1]=Guidelines%20and%20messages

As a user, where can you adjust your privacy settings?
As a registered Instagram user, you can adjust your privacy settings in your user account. To do this, click on the following link and log in:
https://www.instagram.com/accounts/privacy_and_security/

LinkedIn

What is LinkedIn?

A social network for business contacts

Who processes your data?

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

Will your data be transferred to third countries?

Yes

Where can you find more information about data protection at LinkedIn?

https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy

Where can you as a user adjust your data protection settings?

As a registered LinkedIn user, you can adjust your privacy settings in your user account. To do this, click on the following link and log in:
https://www.linkedin.com/psettings/