Privacy policy
2022-03-30 11:40 AM
Carbexx GmbH takes the protection of personal data very seriously. The protection of your privacy when using our websites is important to us. Therefore, we strictly adhere to the rules of the data protection laws of the Federal Republic of Germany (BDSG), the Telemedia Act (TMG) and the European Data Protection Regulation (GDPR). Insofar as reference is made to the GDPR in this data protection declaration, it is clarified that this will only apply from 25 May 2018. Prior to this, the legal basis is the BDSG.
This data protection declaration informs you about the type, scope and purpose of the processing of personal data (hereinafter referred to as "data") within our online offer and the websites, functions and content connected with it as well as external online presences, such as our social media profiles (hereinafter jointly referred to as "online offer"). With regard to the terms used, such as "processing" or "controller", we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).
Person responsible within the meaning of the GDPR
Carbexx GmbH
ICO InnovationsCentrum
Albert-Einstein-Str. 1
49076 Osnabrück
Germany
Email: [email protected]
Definitions
Our privacy policy is intended to be simple and understandable for everyone. In this privacy policy, the official terms of the General Data Protection Regulation (GDPR) are generally used. The official definitions are explained in Art. 4 GDPR.
Types of data processed:
- Inventory data (e.g., names, addresses).
- Contact data (e.g., email, phone numbers).
- Content data (e.g., text entries, photographs, videos).
- Usage data (e.g., web pages visited, interest in content, access times).
- Meta/communication data (e.g., device information, IP addresses).
Categories of persons concerned
Visitors and users of the online offer (hereinafter we also refer to the data subjects collectively as "users").
Purpose of the processing
- Provision of the online offer, its functions and contents.
- Responding to contact requests and communicating with users.
- Security measures.
- Reach measurement/marketing
Relevant legal bases
In accordance with Art. 13 GDPR, we inform you about the legal basis of our data processing. If the legal basis is not stated in the privacy policy, the following applies: The legal basis for obtaining consent is Art. 6 (1) lit. a and Art. 7 GDPR, the legal basis for processing for the performance of our services and implementation of contractual measures as well as answering enquiries is Art. 6 (1) lit. b GDPR, the legal basis for processing for the performance of our legal obligations is Art. 6 (1) lit. c GDPR, and the legal basis for processing for the protection of our legitimate interests is Art. 6 (1) lit. f GDPR. In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) lit. d GDPR serves as the legal basis.
Security measures
We take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk in accordance with Article 32 of the GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons.
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access to, input, disclosure, ensuring availability and segregation of the data. We also have procedures in place to ensure the exercise of data subjects' rights, deletion of data and response to data compromise. Furthermore, we already take the protection of personal data into account in the development and selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and through data protection-friendly default settings (Art. 25 GDPR).
Cooperation with processors and third parties
If we disclose data to other persons and companies (processors or third parties) in the course of our processing, transmit it to them or otherwise grant them access to the data, this is only done on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as to payment service providers, is necessary for the performance of the contract pursuant to Art. 6 (1) lit. b GDPR), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).
If we commission third parties with the processing of data on the basis of a so-called "order processing contract", this is done on the basis of Art. 28 GDPR.
Transfers to third countries
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done in the context of using third-party services or disclosing or transferring data to third parties, this is only done if it is done in order to fulfil our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we only process or allow the processing of data in a third country if the special requirements of Art. 44 and following of the GDPR. I.e. a transfer of personal data to the USA by us or our third party service providers (on the website) only takes place if other suitable guarantees are provided in accordance with Art. 46 of the GDPR or if an exceptional circumstance exists in accordance with Art. 49 of the GDPR.
Rights of the data subjects
In the following, you will find information about your data subject rights, which the current data protection law grants you against the controller concerning the processing of personal data:
The right, pursuant to Art. 15 GDPR, to obtain information about your personal data processed by us. In particular, you may request information about the purposes of processing, the categories of personal data concerned, the categories of recipients to whom your data has been or will be disclosed, the envisaged period for which the data will be stored, the existence of the right to request from the controller rectification or erasure or personal data or restriction of processing of personal data concerning you or to object such processing, the existence of a right to lodge a complaint with a supervisory authority, the origin of your data, if these have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about the logic involved, as well as the significance and the envisaged consequences.
The right to obtain without undue delay the rectification of inaccurate personal data concerning you in accordance with Art. 16 GDPR.
The right to request the erasure of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right of freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
The right, pursuant to Art. 18 GDPR, to demand the restriction of the processing of your personal data if the accuracy of the data is contested by you, the processing is unlawful, but you oppose the erasure and we no longer need the data for the purposes of processing, but they are required by you for the establishment, exercise or defence of legal claims or you have filed an objection against the processing pursuant to Art. 21 GDPR.
The right, in accordance with Art. 20 GDPR, to receive the personal data concerning you, which you have provided to us in in a commonly used and machine-readable format and the right to transmit those data to another controller.
The right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR, in particular in the Member State of your habitual residence, place of work.
Right to withdraw
The right to withdraw your given consent pursuant to Art. 7 (3) GDPR with effect in the future at any time. You have the right to withdraw your given consent concerning the processing of your personal data with effect for the future at any time. In the event of withdrawal, we will delete the data concerned without delay, unless further processing can be based on a legal basis for processing without consent. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
Right to object
If your personal data is processed by us based on legitimate interests pursuant to Art. 6 (1) lit. f GDPR, you have the right, pursuant to Art. 21 GDPR, to object at any time to the processing of your personal data on grounds relating to your particular situation. If the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right of objection without the requirement of stating a particular situation.
If you wish to exercise your right of withdrawal, objection or any of your other rights, simply send an e-mail to [email protected].
Cookies and right to object to direct advertising
Our website uses so-called “cookies”. Cookies are small text files that are either temporarily stored on your end device for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your terminal device until you delete them yourself or an automatic solution is provided by your web browser.
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function or language settings). Other cookies are used to evaluate user behaviour or display advertising.
Technically necessary cookies are stored on the basis of Art. 6 (1) lit. f GDPR. We have a legitimate interest in the storage of cookies for the technically error-free and optimised presentation of our services. Other cookies are only stored with your consent on the basis of Art. 6 (1) lit. a GDPR. This consent can be withdrawn at any time for the future. The legal basis may also result from Art. 6 (1) lit. b GDPR if the processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures taken at the request of the data subject.
Insofar as cookies are used for analysis purposes, we will inform you of this separately within the framework of this privacy policy and obtain your consent.
You can set your browser to
- be informed about the setting of cookies,
- only allow cookies in individual cases,
- exclude the acceptance of cookies for certain cases or generally,
- activate the automatic deletion of cookies when the browser is closed.
The cookie settings can be managed under the following links for each browser:
- Google Chrome
- Mozilla Firefox
- Edge (Microsoft)
- Safari
- Opera
You can also manage cookies of many companies and functions used for advertising individually. To do this, use the appropriate user tools, available at https://www.aboutads.info/choices
Most browsers also offer a so-called "do-not-track function". When this feature is enabled, the browser tells ad networks, websites, and applications that you do not want to be "tracked" for behavioural advertising and the like.
For information and instructions on how to edit this feature, please refer to the links below, depending on your browser provider:
Additionally, you can prevent the loading of so-called scripts by default. "NoScript" allows the execution of JavaScripts, Java and other plug-ins only at trusted domains of your choice. Information and instructions on how to edit this function can be obtained from the provider of your browser (e.g. for Mozilla Firefox at: https://addons.mozilla.org/de/firefox/addon/noscript/).
Please note that if you disable cookies, the functionality of our website may be limited.
Essential cookies used:
Language persistence, Session persistence:
ARRAffinity
The website uses session cookies to maintain information about each visit to the website and enable core site functionality. These cookies do not contain any personal information and only last for the duration of your visit, being deleted as soon as you close your web browser.
.AspNetCore.Antiforgery.*
https://docs.microsoft.com/en-us/aspnet/core/security/anti-request-forgery?view=aspnetcore-6.0
Language
Language cookies are set to store the last language settings.
Functional cookies:
Mapbox
Mapbox provides maps and geo-functions for this website.
Mapbox, Inc.
740 15th St Nw Suite 500 Washington, DC 20005 United States of America
https://www.mapbox.com/legal/privacy/
https://www.mapbox.com/legal/cookies
Cloudflare
Content Delivery Network
Cloudflare Inc.
101 Townsend St., San Francisco, CA 94107, United States of America
https://www.cloudflare.com/privacypolicy/
https://www.cloudflare.com/cookie-policy/
[email protected]
Google Analytics
These cookies allow us to count page visits and traffic sources so we can measure and improve the performance of our site, using a service provided by Google Analytics. For more information about Google's privacy policy, please visit www.google.com/intl/en/policies/privacy.
Deletion of data
The data processed by us will be deleted or restricted in its processing in accordance with Articles 17 and 18 GDPR. Unless expressly stated within the scope of this data protection declaration, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. I.e. the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law.
According to legal requirements in Germany, data is stored for 10 years in accordance with §§ 147 (1) AO, 257 (1), (4) HGB (books, records, management reports, accounting vouchers, commercial books, documents relevant for taxation, etc.) and 6 years in accordance with § 257 (1), (4) HGB (commercial letters).
According to legal requirements in Austria, retention takes place in particular for 7 years pursuant to § 132 (1) BAO (accounting records, vouchers/invoices, accounts, receipts, business papers, statement of income and expenditure, etc.), for 22 years in connection with real property and for 10 years for records in connection with electronically provided services, telecommunications, radio and television services provided to non-entrepreneurs in EU Member States and for which the Mini-One-Stop-Shop (MOSS) is claimed.
Contacting
If you send us requests via our contact form or email, your details from the contact form or email, including the contact data you have provided there, will be stored for the purpose of processing your request and in the event of follow-up questions. You are required to provide an email address to contact us. Your name and telephone number are optional. Under no circumstances will we pass on this data without your consent. The legal basis for processing the data is our legitimate interest in responding to your request pursuant to Art. 6 (1) lit. f GDPR and, if applicable, Art. 6 (1) lit. b GDPR, provided that your request is aimed at concluding a contract. Your data will be deleted after final processing of your request, provided that there are no legal storage obligations to the contrary. You can object to the processing of your personal data at any time in the case of Art. 6 (1) lit. f GDPR.
Newsletter
If you would like to receive the newsletter offered on our website with regular information about our offers and products, we need your email address as a mandatory information. We use the so-called double opt-in procedure for sending the newsletter. This means that we will not send you our newsletter by email until you have expressly confirmed that you agree to the dispatch of newsletters. In the first step, you will receive an email with a link to confirm that you, as the owner of the corresponding email address, would like to receive the newsletter in the future. With the confirmation you give us your consent according to Art. 6 (1) lit. a GDPR that we may use your personal data for the purpose of the desired newsletter dispatch.
When registering for the newsletter, in addition to the email address required for sending the newsletter, we store the IP address via which you have registered for the newsletter as well as the date and time of registration and confirmation so that we can trace any possible misuse at a later point in time.
You can cancel the newsletter at any time via the link inserted in each newsletter or by sending an email to the above-mentioned responsible party. After your cancellation, your email address will be deleted from our newsletter distribution list immediately, unless you have explicitly consented to continued use of the data collected or continued processing is otherwise legally permissible.
Newsletter - Mailchimp
If you would like to receive the newsletter offered on our website with regular information about our offers and products, we need your email address as mandatory information. Additional data is provided in order to address you personally in the newsletter and/or to identify you if you wish to exercise your rights as a data subject.
For the dispatch of the newsletter we use the so-called double opt-in. This means that we will only send you our newsletter via email, if you have expressly confirmed that you agree to receive newsletters. In the first step, you will receive an email with a link to confirm that you, as the owner of the corresponding email address, wish to receive newsletters in the future. With the confirmation you give us your consent in accordance with Art. 6 (1) lit. a GDPR that we may use your personal data for the purpose of the desired newsletter dispatch.
When you register for the newsletter, in addition to the email address required for sending the newsletter, we store the IP address by which you registered for the newsletter as well as the date and time of registration and confirmation in order to be able to trace possible misuse at a later point in time. You can unsubscribe from the newsletter at any time by clicking on the link included in each newsletter or by sending an email to the controller as described above. Once you have cancelled your subscription, your email address will be deleted from our newsletter list immediately, unless you have expressly consented to the continued use of the data collected.
Our email newsletters are sent via the technical service provider Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA ("Mailchimp"), to whom we pass on the data you provide when you register for the newsletter. Mailchimp uses this information for the dispatch and statistical evaluation of the newsletter on our behalf. For the evaluation the sent emails contain so-called web beacons or tracking pixels, which are one-pixel image files stored on our website. In this way it can be determined whether a newsletter message has been opened and which links have been clicked on, if applicable. Conversion tracking can also be used to analyse whether a predefined action (e.g. purchase of a product on our website) was carried out after clicking on the link in the newsletter. Technical information is also recorded (e.g. time of access, IP address, browser type and operating system). The data is collected pseudonymously and is not linked to your other personal data, a direct personal reference is excluded. These data are used exclusively for statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients. The service provider uses this information to send and statistically evaluate the newsletter on our behalf. For the evaluation, the emails sent contain so-called web beacons or tracking pixels, which are single-pixel image files stored on our website. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked on. With the help of so-called conversion tracking, it can also be analysed whether a predefined action (e.g. purchase of a product on our website) has taken place after clicking on the link in the newsletter. In addition, technical information is recorded (e.g. time of retrieval, IP address, browser type and operating system).
The data is collected exclusively in pseudonymised form and is not linked to your other personal data; direct personal reference is excluded. This data is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients. If you wish to object to the data analysis for statistical evaluation purposes, you must cancel the newsletter subscription.
Since a transfer of personal data to the U.S. takes place, further appropriate safeguards are required to ensure the level of data protection under the GDPR. To guarantee this, we have concluded standard contractual clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the U.S. to process the data according to the level of protection in Europe. In cases in which this cannot be guaranteed even by this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the U.S.
Hosting
This website is hosted by an external service provider (hoster). This website is hosted in Kiel . Personal data collected on this website is stored on the hoster's servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, web page accesses and other data generated by a website.
We have concluded a Data Processing Agreement with the provider in accordance with the requirements of Art. 28 GDPR, in which we commit him to protect the data of our customers and not to pass them on to third parties.
Content-Delivery-Network Cloudflare
Our website uses the services of Cloudflare Inc. (USA) for secure encrypted data transmission on the Internet (SSL), to improve global website performance through the Cloudlflare Content Delivery Network (CDN) and to improve security and protect against hacker attacks through the Cloudflare Web Application Firewall (WAF). It is possible that Cloudflare uses its own cookies to provide these services.
Cloudflare generally only forwards that data which is controlled by website operators. The content is therefore not determined by Cloudflare, but always by the website operator itself. In addition, Cloudflare may collect certain information on the use of our website and process data that is sent by us or for which Cloudflare has received appropriate instructions. In most cases, Cloudflare receives data such as contact information, IP addresses, security fingerprints, DNS log data and website performance data derived from browser activity. Log data helps Cloudflare to detect new threats, for example. In this way, Cloudflare can ensure a high level of security protection for our website.
For security reasons, Cloudflare also uses a cookie. The cookie (__cfduid) is used to identify individual users behind a shared IP address and to apply security settings for each individual user. This cookie is absolutely necessary for Cloudflare's security features and cannot be disabled.
In general, Cloudflare stores user-level data for domains in the Free, Pro and Business versions for less than 24 hours. Cloudflare only retains data logs for as long as necessary and this data is also deleted within 24 hours in most cases. Cloudflare also does not store any personal data, such as your IP address. However, there is information that Cloudflare stores indefinitely as part of its permanent logs in order to improve the overall performance of Cloudflare Resolver and to identify any security risks.
To find out exactly what permanent logs are stored, please visit https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/privacy-policy/. All data that Cloudflare collects (temporary or permanent) is scrubbed of any personally identifiable information. All permanent logs are also anonymised by Cloudflare.
You can also completely prevent all collection and processing of your data by Cloudflare by disabling the execution of script code in your browser or by including a script blocker in your browser.
As there is a transfer of personal data to the USA, further protection mechanisms are required to ensure the level of data protection of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even through this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the USA.
We have concluded a Data Processing Agreement with Cloudflare. You can find more detailed information about data protection and Cloudflare at: https://www.cloudflare.com/de-de/gdpr/introduction/
Google Ads
We use "Google Ads" on our website, a service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as "Google"). Google Ads is used by us for marketing and optimisation purposes, in particular to display ads that are relevant and interesting to you.
If you have given us your consent to do so in accordance with Art. 6 (1) lit. a GDPR, we can use Google Ads to draw attention to our attractive offers by using advertising material on external websites. This enables us to determine how successful individual advertising measures are.
These advertising media is delivered by Google via so-called "AdServers". We use AdServer cookies for this purpose, through which certain parameters for measuring success, such as the display of the ads or clicks by users, can be measured.
If you reach our website via a Google ad, Google Ads will store a cookie on your PC. These cookies usually expire after 30 days. They are not intended to identify you personally. The following information is usually stored as analysis values for this cookie: Unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions), opt-out information (marking that the user no longer wishes to be contacted). These cookies enable Google to recognize your web browser. If a user visits certain pages of an ad client's website and the cookie stored on their computer has not expired, Google and the client will be able to tell that the user clicked on the ad and was redirected to that page. A different cookie is associated with each ad client. As a result, cookies cannot be tracked through the websites of ad clients. We ourselves do not collect and process any personal data in the advertising measures mentioned above. We only receive statistical evaluations from Google. By means of these evaluations we can recognize which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material, in particular we cannot identify the users on the basis of this information.
Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data collected by Google through the use of Google Ads. To the best of our knowledge, Google receives the information that you have called up the relevant part of our website or clicked on an advertisement from us. If you have a user account with Google and are registered, Google can assign the visit to your user account. Even if you are not registered with Google or have not logged in, there is a possibility that Google will find out and save your IP address.
Since a transfer of personal data to the U.S. takes place, further appropriate safeguards are required to ensure the level of data protection under the GDPR. To guarantee this, we have concluded standard contractual clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the U.S. to process the data according to the level of protection in Europe. In cases in which this cannot be guaranteed even by this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the U.S.
Further information on data use by Google, on setting and objection options as well as on data protection can be found on the following Google websites:
- Privacy policy: https://policies.google.com/privacy
- Google website statistics: https://services.google.com/sitestats/en.html
You can prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in the settings of your web browser. Please note that in this case you may not be able to use all functions of our website to their full extent. You can also prevent the storage of cookies by setting your web browser to block cookies from the domain "www.googleadservices.com" (https://www.google.de/settings/ads). We would like to point out that this setting will be deleted if you delete your cookies. In addition, you can deactivate interest-related advertisements by clicking on the link http://optout.aboutads.info. Please note that this setting will also be deleted if you delete your cookies.
Google Tag Manager
This website uses the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). This service allows website tags to be managed through an interface. The Google Tag Manager only implements tags. This means that no cookies are used and only the user's IP address is transmitted to Google to establish a connection. The Google Tag Manager triggers other tags, which in turn may collect data. However, the Google Tag Manager does not access this data. If a deactivation has been made on domain or cookie level, it will remain for all tracking tags as long as they are implemented with the Google Tag Manager.
We use the Google Tag Manager on the basis of our legitimate interest under Art. 6 (1) lit. f GDPR. Our legitimate interest here is to enable the technical integration of other website tools.
Since a transfer of personal data (IP address) to the U.S. takes place, further appropriate safeguards are required to ensure the level of data protection under the GDPR. To guarantee this, we have concluded standard contractual clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the U.S. to process the data according to the level of protection in Europe. In cases in which this cannot be guaranteed even by this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the U.S.
Further information on data privacy regarding Google can be found here: https://policies.google.com/privacy?hl=en&gl=en
Google Analytics
Our website uses Google Analytics, an internet analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses so-called "cookies" and web beacons. Google will use this information on behalf of the operator of this website to evaluate your use of the website and to create reports on website activity. Google will also use this information to provide the website operator with further services related to the use of the website and the internet. The IP address sent by your browser in the context of Google Analytics is not combined with other data from Google. Processing is carried out in accordance with Art. 6 (1) lit. a GDPR on the legal basis of your given consent.
We use Google Analytics only with activated IP anonymisation. This means that your IP address will only be further processed by Google in abbreviated form.
We have concluded a Data Processing Agreement with the service provider in which we oblige him to protect the data of our customers and not to pass them on to third parties.
Since a transfer of personal data to the U.S. takes place, further appropriate safeguards are required to ensure the level of data protection under the GDPR. To guarantee this, we have concluded standard contractual clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the U.S. to process the data according to the level of protection in Europe. In cases in which this cannot be guaranteed even by this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the U.S.
The terms of use of Google Analytics and information on data protection can be accessed via the following links:
http://www.google.com/analytics/terms/
https://policies.google.com/privacy
The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. User and event-level data associated with cookies, user IDs (e.g., User ID), and advertising IDs (e.g., DoubleClick cookies, Android Advertising ID, IDFA) will be deleted no later than 14 months after collection.
You can prevent cookies from being saved by adjusting the settings of your browser software accordingly. Please note, however, that if you do so you may not be able to use all the functions of this website without restriction. You can also prevent Google from collecting the data generated by the cookie and analysing your use of the website (including your IP address) and processing this data by Google by downloading and installing the browser plugin available at https://tools.google.com/dlpage/gaoptout.
Facebook-Pixel and Conversion
We use "Facebook Pixel" on our website, a service of Facebook Inc, 1601 S California Ave, Palo Alto, California 94304, USA (hereinafter referred to as: "Facebook").
Provided you have given us your consent in accordance with Art. 6 (1) lit. a GDPR, we use Facebook Pixel for marketing and optimisation purposes, in particular to place relevant and interesting advertisements on Facebook and thus improve our offer, make it more interesting for you as a user and avoid annoying advertisements.
Facebook Pixel enables Facebook to display our ads on Facebook, so-called "Facebook Ads" only to those Facebook users who were visitors to our website, in particular those who showed interest in our online offer. In this case, Facebook Pixel also enables us to check whether a user was redirected to our website after clicking on our Facebook Ads. Among other things, Facebook Pixel uses cookies, i.e. small text files that are stored locally in the cache of your web browser on your end device. If you are logged into Facebook with your user account, the visit to our online offer will be noted in your user account. The data collected about you is anonymous to us, so we cannot draw any conclusions about the identity of the user. However, this data can be linked by Facebook with your user account there. If you have a user account on Facebook and are registered, Facebook can assign the visit to your user account.
As a transfer of personal data to the USA takes place, further protective mechanisms are required to ensure the level of data protection under the GDPR. In order to guarantee this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These clauses oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases in which this cannot be guaranteed even by this contractual extension, we will endeavour to obtain additional regulations and commitments from the recipient in the USA.
Further information on data protection from the third party provider can be found on the following Facebook website:
https://www.facebook.com/about/privacy.
Information on Facebook Pixel can be found on the following Facebook website:
https://www.facebook.com/business/help/651294705016616
You can make the relevant settings for which types of advertisements are displayed to you within Facebook on the following Facebook website:
https://www.facebook.com/settings?tab=ads.
We would like to point out that this setting is deleted when you delete your cookies. In addition, you can deactivate cookies that are used to measure reach and advertising purposes via the following websites:
http://optout.networkadvertising.org/
http://www.aboutads.info/choices
http://www.youronlinechoices.com/uk/your-ad-choices/
Please note that this setting is also deleted when you delete your cookies.
Facebook Custom Audiences
We use "Facebook Custom Audiences" on our website, a remarketing tool of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour Dublin 2, Ireland (hereinafter referred to as "Facebook"). Facebook Custom Audiences enables us to display interest-based advertisements, so-called "Facebook Ads", to visitors to our website as part of a visit to the social network Facebook or as part of a visit to other websites that also use Facebook Custom Audiences.
By using "Facebook Custom Audiences" your web browser automatically establishes a direct connection with the Facebook server. We have no influence on the scope and further use of the data collected by Facebook through the use of Facebook Custom Audiences. To the best of our knowledge, Facebook receives the information that you have called up the relevant part of our website or clicked on an advertisement from us. If you have a user account with Facebook and are registered, Facebook can assign the visit to your user account. Even if you are not registered with Facebook or have not logged in, it is possible that Facebook will find out and store your IP address and, if necessary, other identifying features.
We use Facebook Custom Audiences for marketing and optimization purposes, in particular to display ads that are relevant and interesting for you and thus improve our offer and make it more interesting for you as a user. The legal basis is Art. 6 (1) lit. a GDPR (consent).
We have concluded a Data Processing Agreement with our service provider Facebook in which we commit Facebook to protect our customers' data and not to pass it on to third parties.
Since a transfer of personal data to the U.S. takes place, further appropriate safeguards are required to ensure the level of data protection under the GDPR. To guarantee this, we have concluded standard contractual clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the U.S. to process the data according to the level of protection in Europe. In cases in which this cannot be guaranteed even by this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the U.S.
For more information about Facebook’s privacy practices, please visit the following Facebook website:
https://www.facebook.com/about/privacy
The deactivation of Facebook Custom Audiences is possible for logged-in users at
https://www.facebook.com/settings/?tab=ads#_.
Please note that this setting is also deleted when you delete your cookies.
Microsoft Bing Ads
On our pages, we use the conversion tracking of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
If you have given us your consent in accordance with Art. 6 (1) lit. a GDPR, Microsoft Bing Ads will store a cookie on your computer if you have accessed our website via a Microsoft Bing advertisement. In this way, Microsoft Bing and we can recognise that someone has clicked on an ad, been redirected to our website and reached a previously determined target page (conversion page). We only learn the total number of users who clicked on a Bing ad and were then redirected to the conversion page. No personal information about the identity of the user is disclosed.
We have concluded an order processing agreement with the service provider in which we oblige them to protect our customers' data and not to pass it on to third parties.
As a transfer of personal data to the USA takes place, further protection mechanisms are required to ensure the level of data protection of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured by this contractual extension, we will endeavour to obtain additional regulations and commitments from the recipient in the USA.
If you do not want information about your behaviour to be used by Microsoft as explained above, you can refuse the setting of a cookie required for this - for example, by means of a browser setting that generally deactivates the automatic setting of cookies. You can also prevent the collection of data generated by the cookie and related to your use of the website, as well as the processing of this data by Microsoft, by clicking on the following link:
https://account.microsoft.com/privacy/ad-settings/signedout?lang=de-DE to declare your objection.
Further information on data protection and the cookies used by Microsoft and Bing Ads can be found on the Microsoft website at https://privacy.microsoft.com/de-de/privacystatement.
Online presence in social media
We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply.
Unless otherwise stated in our privacy policy, we process the data of users if they communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages.
Google Fonts
This site uses so-called web fonts provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") for the uniform display of fonts. Google Web Fonts enables us to use external fonts, so-called Google Fonts. The integration of these web fonts is carried out locally by our server.
As a transfer of personal data to the USA takes place, further protection mechanisms are required to ensure the level of data protection of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured by this contractual extension, we endeavour to obtain additional regulations and assurances from the recipient in the USA.
We use Google Web Fonts for optimisation purposes, in particular to improve the use of our website for you and to make its design more user-friendly. This is also our legitimate interest according to Art. 6 (1) lit. f GDPR.
Further information on data protection can be found in Google's data protection declaration:
http://www.google.de/intl/de/policies/privacy.
Further information on Google Web Fonts can be found at
http://www.google.com/webfonts/,
https://developers.google.com/fonts/faq?hl=de-DE&csw=1 and
https://www.google.com/fonts#AboutPlace:about.
Mapbox
We use the services of Mapbox Inc. (Mapbox) to display interactive maps on some pages of our website. Using our website may lead to information about your use of this website, including your IP address, being transmitted to Mapbox in the USA.
When you access a page that contains Mapbox maps, your browser establishes a direct connection with Mapbox servers. The map content is directly transmitted by Mapbox to your browser, which integrates the content into the website. We therefore cannot influence the amount of data, which is collected by Mapbox in this manner.
If you do not want Mapbox to process your data via our website, you can deactivate JavaScript in your browser settings. However, if you choose to do so, you will not be able to view the maps on our site.
You can find further information about the purpose and scope of data processing by Mapbox, your rights in this regard, and the configuration options available to protect your privacy in the Mapbox privacy policy at: https://www.mapbox.com/privacy/.
You can prevent Mapbox from placing cookies on your device by deactivating third-party cookies in your browser settings.
Google ReCaptcha
On this website we also use the reCAPTCHA function of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). This function is primarily used to distinguish whether an entry is made by a natural person or is abused by machine and automated processing. The service includes the sending of the IP address and, if applicable, further data required by Google for the reCAPTCHA service to Google and is carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in determining individual personal responsibility on the Internet and the prevention of abuse and spam. The use of Google reCAPTCHA may also involve the transmission of personal data to the servers of Google LLC. in the USA.
Further information on Google reCAPTCHA and Google's privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/.
Microsoft Dynamics 365
We use the Microsoft Dynamics 365 CRM system.
In particular, we use the system to manage customers and prospective customers (leads) and to process user requests faster and more efficiently. The use of the system is based on our legitimate interest in accordance with Art. 6(1)(f) GDPR.
Microsoft Dynamics 365 Cloud
We use the Microsoft Dynamics 365 Cloud CRM system from Microsoft Corporation (One Microsoft Way, Redmond, WA 98052-6399, United States) – hereafter referred to as Microsoft – as a cloud service, i.e., the data is processed at Microsoft data centers.
Microsoft uses the data of users solely for the technical processing of requests and it does not disclose the data to third parties.
In particular, we use the system to manage customers and prospective customers (leads) and to process user requests faster and more efficiently. The use of the system is based on our legitimate interest in accordance with Art. 6(1)(f) GDPR.
Further data privacy information can be found in the Microsoft privacy policy at https://privacy.microsoft.com/en-US/privacystatement .
Vimeo
Our website uses features provided by the Vimeo video portal. This service is provided by Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
If you visit one of our pages featuring a Vimeo plugin, a connection to the Vimeo servers is established. Here the Vimeo server is informed about which of our pages you have visited. In addition, Vimeo will receive your IP address. This also applies if you are not logged in to Vimeo when you visit our website or do not have a Vimeo account. The information is transmitted to a Vimeo server in the US, where it is stored.
If you are logged in to your Vimeo account, Vimeo allows you to associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your Vimeo account.
For more information on how to handle user data, please refer to the Vimeo Privacy Policy at https://vimeo.com/privacy.
Automated decision making
Automated decision making or profiling according to Art. 22 GDPR does not take place.
Subject to change
We reserve the right to adapt or update this privacy policy, if necessary, in compliance with the applicable data protection regulations. In this way, we can adapt it to the current legal requirements and take account of changes to our services, e.g. the introduction of new services. The most current version applies to your visit.
Status of this privacy policy: 01.02.2022