Pri­va­cy Poli­cy

1. An over­view of data pro­tec­tion

Gene­ral infor­ma­ti­on

The fol­lo­wing infor­ma­ti­on will pro­vi­de you with an easy to navi­ga­te over­view of what will hap­pen with your per­so­nal data when you visit this web­site. The term “per­so­nal data” com­pri­ses all data that can be used to per­so­nal­ly iden­ti­fy you. For detail­ed infor­ma­ti­on about the sub­ject mat­ter of data pro­tec­tion, plea­se con­sult our Data Pro­tec­tion Decla­ra­ti­on, which we have included beneath this copy.

Data recor­ding on this web­site

Who is the respon­si­ble par­ty for the recor­ding of data on this web­site (i.e., the “con­trol­ler”)?

The data on this web­site is pro­ces­sed by the ope­ra­tor of the web­site, who­se cont­act infor­ma­ti­on is available under sec­tion “Infor­ma­ti­on about the respon­si­ble par­ty (refer­red to as the “con­trol­ler” in the GDPR)” in this Pri­va­cy Poli­cy.

How do we record your data?

We coll­ect your data as a result of your sha­ring of your data with us. This may, for ins­tance be infor­ma­ti­on you enter into our cont­act form.

Other data shall be recor­ded by our IT sys­tems auto­ma­ti­cal­ly or after you con­sent to its recor­ding during your web­site visit. This data com­pri­ses pri­ma­ri­ly tech­ni­cal infor­ma­ti­on (e.g., web brow­ser, ope­ra­ting sys­tem, or time the site was acces­sed). This infor­ma­ti­on is recor­ded auto­ma­ti­cal­ly when you access this web­site.

What are the pur­po­ses we use your data for?

A por­ti­on of the infor­ma­ti­on is gene­ra­ted to gua­ran­tee the error free pro­vi­si­on of the web­site. Other data may be used to ana­ly­ze your user pat­terns. If con­tracts can be con­cluded or initia­ted via the web­site, the trans­mit­ted data will also be pro­ces­sed for con­tract offers, orders or other order enqui­ries.

What rights do you have as far as your infor­ma­ti­on is con­cer­ned?

You have the right to recei­ve infor­ma­ti­on about the source, reci­pi­ents, and pur­po­ses of your archi­ved per­so­nal data at any time wit­hout having to pay a fee for such dis­clo­sures. You also have the right to demand that your data are rec­ti­fied or era­di­ca­ted. If you have con­sen­ted to data pro­ces­sing, you have the opti­on to revo­ke this con­sent at any time, which shall affect all future data pro­ces­sing. Moreo­ver, you have the right to demand that the pro­ces­sing of your data be rest­ric­ted under cer­tain cir­cum­s­tances. Fur­ther­mo­re, you have the right to log a com­plaint with the com­pe­tent super­vi­sing agen­cy.

Plea­se do not hesi­ta­te to cont­act us at any time if you have ques­ti­ons about this or any other data pro­tec­tion rela­ted issues.

Ana­ly­sis tools and tools pro­vi­ded by third par­ties

The­re is a pos­si­bi­li­ty that your brow­sing pat­terns will be sta­tis­ti­cal­ly ana­ly­zed when your visit this web­site. Such ana­ly­ses are per­for­med pri­ma­ri­ly with what we refer to as ana­ly­sis pro­grams.

For detail­ed infor­ma­ti­on about the­se ana­ly­sis pro­grams plea­se con­sult our Data Pro­tec­tion Decla­ra­ti­on below.

2. Hos­ting and Cloud

We are hos­ting the con­tent of our web­site at the fol­lo­wing pro­vi­der:

All-Inkl

The Pro­vi­der is the ALL-INKL.COM – Neue Medi­en Mün­nich, owner: René Mün­nich, Haupt­stra­ße 68, 02742 Frie­ders­dorf, Ger­ma­ny (her­ein­af­ter “All-Inkl”). The per­so­nal data coll­ec­ted on this web­site is stored on the ser­vers of the hos­ting pro­vi­der. This may include, but is not limi­t­ed to, IP addres­ses, cont­act inqui­ries, meta and com­mu­ni­ca­ti­on data, con­tract data, cont­act infor­ma­ti­on, names, web­site access, and other data gene­ra­ted through a web­site. For details, plea­se visit the pri­va­cy poli­cy of All-Inkl: https://all-inkl.com/datenschutzinformationen/.

The use of All-Inkl is based on Art. 6(1)(f) GDPR. We have a legi­ti­ma­te inte­rest in the most relia­ble repre­sen­ta­ti­on of our web­site. If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, inso­far the con­sent includes the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. This con­sent can be revo­ked at any time.

Data pro­ces­sing

We have con­cluded a data pro­ces­sing agree­ment (DPA) for the use of the abo­ve-men­tio­ned ser­vice. This is a con­tract man­da­ted by data pri­va­cy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our ins­truc­tions and in com­pli­ance with the GDPR.

Goog­le Workspace (form­er­ly: G Suite) /​ Goog­le Cloud

We use Goog­le Workspace. The pro­vi­der is Goog­le Ire­land Limi­t­ed (“Goog­le”), Gor­don House, Bar­row Street, Dub­lin 4, Ire­land.

Goog­le Workspace ser­vices include the sto­rage and manage­ment of docu­ments and data in the cloud, docu­ment crea­ti­on, spreadsheets and pre­sen­ta­ti­ons, the exch­an­ge of docu­ments with spe­ci­fic reci­pi­ents, the publi­ca­ti­on of forms or other con­tent and infor­ma­ti­on, task manage­ment, calen­dar func­tions, email soft­ware, as well as chats and par­ti­ci­pa­ti­on in video and audio con­fe­ren­ces. We also use cloud sto­rage for exter­nal data back­ups of this web­site, inclu­ding the asso­cia­ted data (cont­act inqui­ries, comm­ents, and other data gene­ra­ted via a web­site).

By using the­se ser­vices, all emails, appoint­ments, data coll­ec­ted on this web­site, and all other data stored in the cloud are trans­fer­red to and stored by Goog­le. If, in the cour­se of inter­ac­ting with us, you direct­ly use Goog­le Workspace ser­vices (e.g., the video and audio con­fe­ren­cing plat­form Goog­le Meet, the docu­ment-sha­ring plat­form Goog­le Dri­ve, or Goog­le Forms), all data that you pro­vi­de, enter, or dis­play as part of such use (in par­ti­cu­lar inven­to­ry data such as name and email address; usa­ge data such as brow­ser used, web­sites visi­ted, dura­ti­on of visit, pre­vious­ly visi­ted web­site, and your IP address; con­tent data such as docu­ments, files, con­tracts, audio and video com­mu­ni­ca­ti­ons and/​or recor­dings, chat histo­ry, shared screen con­tent) will also be trans­fer­red to and stored by Goog­le.

In cer­tain cir­cum­s­tances, Goog­le may store coo­kies or other track­ing tech­no­lo­gies on your device when you access Goog­le web ser­vices. You can con­fi­gu­re your brow­ser to inform you about the set­ting of coo­kies and to allow coo­kies only in indi­vi­du­al cases, to exclude the accep­tance of coo­kies for spe­ci­fic cases or in gene­ral, and to enable the auto­ma­tic dele­ti­on of coo­kies when clo­sing the brow­ser. If coo­kies are deac­ti­va­ted, the func­tion­a­li­ty of the web­site may be limi­t­ed.

We use pri­va­cy-fri­end­ly set­tings whe­re­ver pos­si­ble, inclu­ding the sto­rage of data on ser­vers within the EU—where and to the ext­ent sup­port­ed by Goog­le. You may also take simi­lar pre­cau­ti­ons when using Goog­le ser­vices (espe­ci­al­ly Goog­le Meet). For exam­p­le, when com­mu­ni­ca­ting, you may regis­ter using ali­as names or one-time email addres­ses or (par­ti­al­ly) disable your audio and video trans­mis­si­on.

Depen­ding on the ser­vice used, your data may be trans­fer­red to the United Sta­tes.

Your data will remain stored as long as it is neces­sa­ry for the pur­po­ses of your con­sent, for con­tract performance/​processing, for the enforce­ment of our legal claims, for our other legi­ti­ma­te inte­rests, or if we are legal­ly obli­ged to retain your data.

The use of Goog­le Workspace is based on Art. 6(1)(f) GDPR. We have a legi­ti­ma­te inte­rest in the tech­ni­cal­ly flaw­less and eco­no­mic­al­ly effi­ci­ent ope­ra­ti­on of our busi­ness. If cor­re­spon­ding con­sent has been reques­ted, pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and Sec­tion 25(1) TTDSG, inso­far as the con­sent includes the sto­rage of coo­kies or access to infor­ma­ti­on on the user’s device (e.g., device fin­ger­prin­ting) within the mea­ning of the TTDSG. Con­sent may be revo­ked at any time.

For fur­ther infor­ma­ti­on on audio and video con­fe­ren­ces, plea­se refer to the rele­vant sec­tion of our Pri­va­cy Poli­cy.

The com­pa­ny is cer­ti­fied under the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the United Sta­tes inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­ces­sing in the United Sta­tes. Every com­pa­ny cer­ti­fied under the DPF com­mits to com­ply­ing with the­se data pro­tec­tion stan­dards. Fur­ther infor­ma­ti­on can be obtai­ned from the pro­vi­der at the fol­lo­wing link:
https://www.dataprivacyframework.gov/participant/5780

Fur­ther infor­ma­ti­on on data pro­tec­tion at Goog­le can be found in Google’s Pri­va­cy Poli­cy at:
https://policies.google.com/privacy?hl=de

Addi­tio­nal data pro­tec­tion infor­ma­ti­on for Goog­le Cloud and Goog­le Workspace can be found at the fol­lo­wing links:
https://cloud.google.com/terms
https://workspace.google.com/terms/dpa_terms.html

Data pro­ces­sing

We have con­cluded a data pro­ces­sing agree­ment (DPA) for the use of the abo­ve-men­tio­ned ser­vice. This is a con­tract man­da­ted by data pri­va­cy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our ins­truc­tions and in com­pli­ance with the GDPR.

Micro­soft 365 /​ Micro­soft Azu­re

We use cloud-based ser­vices pro­vi­ded by Micro­soft (Micro­soft 365 and Micro­soft Azu­re). The pro­vi­der is Micro­soft Ire­land Ope­ra­ti­ons Limi­t­ed, One Micro­soft Place, South Coun­ty Busi­ness Park, Leo­pard­stown, Dub­lin 18, Ire­land.

Microsoft’s cloud-based ser­vices include the sto­rage and manage­ment of docu­ments and data in the cloud, docu­ment crea­ti­on, spreadsheets and pre­sen­ta­ti­ons, the exch­an­ge of docu­ments with spe­ci­fic reci­pi­ents, the publi­ca­ti­on of forms or other con­tent and infor­ma­ti­on, task manage­ment, calen­dar func­tions, email soft­ware, as well as chats and par­ti­ci­pa­ti­on in video and audio con­fe­ren­ces. We also use cloud sto­rage for exter­nal data back­ups of this web­site, inclu­ding the asso­cia­ted data (cont­act inqui­ries, comm­ents, and other data gene­ra­ted via a web­site).

By using the­se ser­vices, all emails, appoint­ments, data coll­ec­ted on this web­site, and all other data stored in the cloud are trans­fer­red to and stored by Micro­soft. If, in the cour­se of inter­ac­ting with us, you direct­ly use Micro­soft ser­vices (e.g., the video and audio con­fe­ren­cing plat­form Micro­soft Teams, the docu­ment-sha­ring plat­form Micro­soft One­Dri­ve, or Micro­soft Forms), all data that you pro­vi­de, enter, or dis­play as part of such use (in par­ti­cu­lar inven­to­ry data such as name and email address; usa­ge data such as brow­ser used, web­sites visi­ted, dura­ti­on of visit, pre­vious­ly visi­ted web­site, and your IP address; con­tent data such as docu­ments, files, con­tracts, audio and video com­mu­ni­ca­ti­ons and/​or recor­dings, chat histo­ry, shared screen con­tent) will also be trans­fer­red to and stored by Micro­soft.

In cer­tain cir­cum­s­tances, Micro­soft may store coo­kies or other track­ing tech­no­lo­gies on your device when you access Micro­soft web ser­vices. You can con­fi­gu­re your brow­ser to inform you about the set­ting of coo­kies and to allow coo­kies only in indi­vi­du­al cases, to exclude the accep­tance of coo­kies for spe­ci­fic cases or in gene­ral, and to enable the auto­ma­tic dele­ti­on of coo­kies when clo­sing the brow­ser. If coo­kies are deac­ti­va­ted, the func­tion­a­li­ty of the web­site may be limi­t­ed.

We use pri­va­cy-fri­end­ly set­tings whe­re­ver pos­si­ble, inclu­ding the sto­rage of data on ser­vers within the EU—where and to the ext­ent sup­port­ed by Micro­soft. You may also take simi­lar pre­cau­ti­ons when using Micro­soft ser­vices (espe­ci­al­ly Micro­soft Teams). For exam­p­le, when com­mu­ni­ca­ting, you may regis­ter using ali­as names or one-time email addres­ses or (par­ti­al­ly) disable your audio and video trans­mis­si­on.

Depen­ding on the ser­vice used, your data may be trans­fer­red to the United Sta­tes.

Your data will remain stored as long as it is neces­sa­ry for the pur­po­ses of your con­sent, for con­tract performance/​processing, for the enforce­ment of our legal claims, for our other legi­ti­ma­te inte­rests, or if we are legal­ly obli­ged to retain your data.

The use of Microsoft’s cloud-based ser­vices is based on Art. 6(1)(f) GDPR. We have a legi­ti­ma­te inte­rest in the tech­ni­cal­ly flaw­less and eco­no­mic­al­ly effi­ci­ent ope­ra­ti­on of our busi­ness. If cor­re­spon­ding con­sent has been reques­ted, pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and Sec­tion 25(1) TDDDG, inso­far as the con­sent includes the sto­rage of coo­kies or access to infor­ma­ti­on on the user’s device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. Con­sent may be revo­ked at any time.

For fur­ther infor­ma­ti­on on audio and video con­fe­ren­ces, plea­se refer to the rele­vant sec­tion of our Pri­va­cy Poli­cy.

The com­pa­ny is cer­ti­fied under the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the United Sta­tes inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­ces­sing in the United Sta­tes. Every com­pa­ny cer­ti­fied under the DPF com­mits to com­ply­ing with the­se data pro­tec­tion stan­dards. Fur­ther infor­ma­ti­on can be obtai­ned from the pro­vi­der at the fol­lo­wing link:
https://www.dataprivacyframework.gov/participant/6474

Fur­ther infor­ma­ti­on on data pro­tec­tion at Micro­soft can be found at the fol­lo­wing links:

https://privacy.microsoft.com/de-de/privacystatement
https://www.microsoft.com/de-de/trust-center
https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA?lang=14

Data pro­ces­sing

We have con­cluded a data pro­ces­sing agree­ment (DPA) for the use of the abo­ve-men­tio­ned ser­vice. This is a con­tract man­da­ted by data pri­va­cy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our ins­truc­tions and in com­pli­ance with the GDPR.

3. Gene­ral infor­ma­ti­on and man­da­to­ry infor­ma­ti­on

Data pro­tec­tion

The ope­ra­tors of this web­site and its pages take the pro­tec­tion of your per­so­nal data very serious­ly. Hence, we hand­le your per­so­nal data as con­fi­den­ti­al infor­ma­ti­on and in com­pli­ance with the sta­tu­to­ry data pro­tec­tion regu­la­ti­ons and this Data Pro­tec­tion Decla­ra­ti­on.

When­ever you use this web­site, a varie­ty of per­so­nal infor­ma­ti­on will be coll­ec­ted. Per­so­nal data com­pri­ses data that can be used to per­so­nal­ly iden­ti­fy you. This Data Pro­tec­tion Decla­ra­ti­on explains which data we coll­ect as well as the pur­po­ses we use this data for. It also explains how, and for which pur­po­se the infor­ma­ti­on is coll­ec­ted.

We here­wi­th advi­se you that the trans­mis­si­on of data via the Inter­net (i.e., through e‑mail com­mu­ni­ca­ti­ons) may be pro­ne to secu­ri­ty gaps. It is not pos­si­ble to com­ple­te­ly pro­tect data against third-par­ty access.

Infor­ma­ti­on about the respon­si­ble par­ty (refer­red to as the “con­trol­ler” in the GDPR)

The data pro­ces­sing con­trol­ler on this web­site is:

PAG Pea­kAl­pha Glo­bal Ltd.
Apos­to­lou Pav­lou 16, 2nd flo­or
8046 Paphos
Cyprus

Pho­ne: +357 26 000 343
E‑mail: contact@peakalpha-global.com

The con­trol­ler is the natu­ral per­son or legal enti­ty that sin­gle-han­dedly or joint­ly with others makes decis­i­ons as to the pur­po­ses of and resour­ces for the pro­ces­sing of per­so­nal data (e.g., names, e‑mail addres­ses, etc.).

Sto­rage dura­ti­on

Unless a more spe­ci­fic sto­rage peri­od has been spe­ci­fied in this pri­va­cy poli­cy, your per­so­nal data will remain with us until the pur­po­se for which it was coll­ec­ted no lon­ger appli­es. If you assert a jus­ti­fied request for dele­ti­on or revo­ke your con­sent to data pro­ces­sing, your data will be dele­ted, unless we have other legal­ly per­mis­si­ble reasons for sto­ring your per­so­nal data (e.g., tax or com­mer­cial law reten­ti­on peri­ods); in the lat­ter case, the dele­ti­on will take place after the­se reasons cea­se to app­ly.

Gene­ral infor­ma­ti­on on the legal basis for the data pro­ces­sing on this web­site

If you have con­sen­ted to data pro­ces­sing, we pro­cess your per­so­nal data on the basis of Art. 6(1)(a) GDPR or Art. 9 (2)(a) GDPR, if spe­cial cate­go­ries of data are pro­ces­sed accor­ding to Art. 9 (1) DSGVO. In the case of expli­cit con­sent to the trans­fer of per­so­nal data to third count­ries, the data pro­ces­sing is also based on Art. 49 (1)(a) GDPR. If you have con­sen­ted to the sto­rage of coo­kies or to the access to infor­ma­ti­on in your end device (e.g., via device fin­ger­prin­ting), the data pro­ces­sing is addi­tio­nal­ly based on § 25 (1) TDDDG. The con­sent can be revo­ked at any time. If your data is requi­red for the ful­fill­ment of a con­tract or for the imple­men­ta­ti­on of pre-con­trac­tu­al mea­su­res, we pro­cess your data on the basis of Art. 6(1)(b) GDPR. Fur­ther­mo­re, if your data is requi­red for the ful­fill­ment of a legal obli­ga­ti­on, we pro­cess it on the basis of Art. 6(1)© GDPR. Fur­ther­mo­re, the data pro­ces­sing may be car­ri­ed out on the basis of our legi­ti­ma­te inte­rest accor­ding to Art. 6(1)(f) GDPR. Infor­ma­ti­on on the rele­vant legal basis in each indi­vi­du­al case is pro­vi­ded in the fol­lo­wing para­graphs of this pri­va­cy poli­cy.

Reci­pi­ents of per­so­nal data

In the scope of our busi­ness acti­vi­ties, we coope­ra­te with various exter­nal par­ties. In some cases, this also requi­res the trans­fer of per­so­nal data to the­se exter­nal par­ties. We only dis­c­lo­se per­so­nal data to exter­nal par­ties if this is requi­red as part of the ful­fill­ment of a con­tract, if we are legal­ly obli­ga­ted to do so (e.g., dis­clo­sure of data to tax aut­ho­ri­ties), if we have a legi­ti­ma­te inte­rest in the dis­clo­sure pur­su­ant to Art. 6 (1)(f) GDPR, or if ano­ther legal basis per­mits the dis­clo­sure of this data. When using pro­ces­sors, we only dis­c­lo­se per­so­nal data of our cus­to­mers on the basis of a valid con­tract on data pro­ces­sing. In the case of joint pro­ces­sing, a joint pro­ces­sing agree­ment is con­cluded.

Revo­ca­ti­on of your con­sent to the pro­ces­sing of data

A wide ran­ge of data pro­ces­sing tran­sac­tions are pos­si­ble only sub­ject to your express con­sent. You can also revo­ke at any time any con­sent you have alre­a­dy given us. This shall be wit­hout pre­ju­di­ce to the lawful­ness of any data coll­ec­tion that occur­red pri­or to your revo­ca­ti­on.

Right to object to the coll­ec­tion of data in spe­cial cases; right to object to direct adver­ti­sing (Art. 21 GDPR)

IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS, ON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING, EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION PURSUANT TO ART. 21(1) GDPR).

IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).

Right to log a com­plaint with the com­pe­tent super­vi­so­ry agen­cy

In the event of vio­la­ti­ons of the GDPR, data sub­jects are entit­led to log a com­plaint with a super­vi­so­ry agen­cy, in par­ti­cu­lar in the mem­ber sta­te whe­re they usual­ly main­tain their domic­i­le, place of work or at the place whe­re the alle­ged vio­la­ti­on occur­red. The right to log a com­plaint is in effect regard­less of any other admi­nis­tra­ti­ve or court pro­cee­dings available as legal recour­ses.

Right to data por­ta­bi­li­ty

You have the right to have data that we pro­cess auto­ma­ti­cal­ly on the basis of your con­sent or in ful­fill­ment of a con­tract han­ded over to you or to a third par­ty in a com­mon, machi­ne-rea­da­ble for­mat. If you should demand the direct trans­fer of the data to ano­ther con­trol­ler, this will be done only if it is tech­ni­cal­ly fea­si­ble.

Infor­ma­ti­on about, rec­ti­fi­ca­ti­on and era­di­ca­ti­on of data

Within the scope of the appli­ca­ble sta­tu­to­ry pro­vi­si­ons, you have the right to demand infor­ma­ti­on about your archi­ved per­so­nal data, their source and reci­pi­ents as well as the pur­po­se of the pro­ces­sing of your data at any time. You may also have a right to have your data rec­ti­fied or era­di­ca­ted. If you have ques­ti­ons about this sub­ject mat­ter or any other ques­ti­ons about per­so­nal data, plea­se do not hesi­ta­te to cont­act us at any time.

Right to demand pro­ces­sing rest­ric­tions

You have the right to demand the impo­si­ti­on of rest­ric­tions as far as the pro­ces­sing of your per­so­nal data is con­cer­ned. To do so, you may cont­act us at any time. The right to demand rest­ric­tion of pro­ces­sing appli­es in the fol­lo­wing cases:

• In the event that you should dis­pu­te the cor­rect­ness of your data archi­ved by us, we will usual­ly need some time to veri­fy this cla­im. During the time that this inves­ti­ga­ti­on is ongo­ing, you have the right to demand that we rest­rict the pro­ces­sing of your per­so­nal data.
• If the pro­ces­sing of your per­so­nal data was/​is con­duc­ted in an unlawful man­ner, you have the opti­on to demand the rest­ric­tion of the pro­ces­sing of your data ins­tead of deman­ding the era­di­ca­ti­on of this data.
• If we do not need your per­so­nal data any lon­ger and you need it to exer­cise, defend or cla­im legal entit­le­ments, you have the right to demand the rest­ric­tion of the pro­ces­sing of your per­so­nal data ins­tead of its era­di­ca­ti­on.
• If you have rai­sed an objec­tion pur­su­ant to Art. 21(1) GDPR, your rights and our rights will have to be weig­hed against each other. As long as it has not been deter­mi­ned who­se inte­rests pre­vail, you have the right to demand a rest­ric­tion of the pro­ces­sing of your per­so­nal data.

If you have rest­ric­ted the pro­ces­sing of your per­so­nal data, the­se data – with the excep­ti­on of their archi­ving – may be pro­ces­sed only sub­ject to your con­sent or to cla­im, exer­cise or defend legal entit­le­ments or to pro­tect the rights of other natu­ral per­sons or legal enti­ties or for important public inte­rest reasons cited by the Euro­pean Uni­on or a mem­ber sta­te of the EU.

SSL and/​or TLS encryp­ti­on

For secu­ri­ty reasons and to pro­tect the trans­mis­si­on of con­fi­den­ti­al con­tent, such as purcha­se orders or inqui­ries you sub­mit to us as the web­site ope­ra­tor, this web­site uses eit­her an SSL or a TLS encryp­ti­on pro­gram. You can reco­gni­ze an encrypt­ed con­nec­tion by che­cking whe­ther the address line of the brow­ser swit­ches from “http://” to “https://” and also by the appearance of the lock icon in the brow­ser line.

If the SSL or TLS encryp­ti­on is acti­va­ted, data you trans­mit to us can­not be read by third par­ties.

Rejec­tion of unso­li­ci­ted e‑mails

We here­wi­th object to the use of cont­act infor­ma­ti­on published in con­junc­tion with the man­da­to­ry infor­ma­ti­on to be pro­vi­ded in our Site Noti­ce to send us pro­mo­tio­nal and infor­ma­ti­on mate­ri­al that we have not express­ly reques­ted. The ope­ra­tors of this web­site and its pages reser­ve the express right to take legal action in the event of the unso­li­ci­ted sen­ding of pro­mo­tio­nal infor­ma­ti­on, for ins­tance via SPAM mes­sa­ges.

4. Recor­ding of data on this web­site

Coo­kies

Our web­sites and pages use what the indus­try refers to as “coo­kies.” Coo­kies are small data packa­ges that do not cau­se any dama­ge to your device. They are eit­her stored tem­po­r­a­ri­ly for the dura­ti­on of a ses­si­on (ses­si­on coo­kies) or they are per­ma­nent­ly archi­ved on your device (per­ma­nent coo­kies). Ses­si­on coo­kies are auto­ma­ti­cal­ly dele­ted once you ter­mi­na­te your visit. Per­ma­nent coo­kies remain archi­ved on your device until you actively dele­te them, or they are auto­ma­ti­cal­ly era­di­ca­ted by your web brow­ser.

Coo­kies can be issued by us (first-par­ty coo­kies) or by third-par­ty com­pa­nies (so-cal­led third-par­ty coo­kies). Third-par­ty coo­kies enable the inte­gra­ti­on of cer­tain ser­vices of third-par­ty com­pa­nies into web­sites (e.g., coo­kies for hand­ling pay­ment ser­vices).

Coo­kies have a varie­ty of func­tions. Many coo­kies are tech­ni­cal­ly essen­ti­al sin­ce cer­tain web­site func­tions would not work in the absence of the­se coo­kies (e.g., the shop­ping cart func­tion or the dis­play of vide­os). Other coo­kies may be used to ana­ly­ze user beha­vi­or or for pro­mo­tio­nal pur­po­ses.

Coo­kies, which are requi­red for the per­for­mance of elec­tro­nic com­mu­ni­ca­ti­on tran­sac­tions, for the pro­vi­si­on of cer­tain func­tions you want to use (e.g., for the shop­ping cart func­tion) or tho­se that are neces­sa­ry for the opti­miza­ti­on (requi­red coo­kies) of the web­site (e.g., coo­kies that pro­vi­de mea­sura­ble insights into the web audi­ence), shall be stored on the basis of Art. 6(1)(f) GDPR, unless a dif­fe­rent legal basis is cited. The ope­ra­tor of the web­site has a legi­ti­ma­te inte­rest in the sto­rage of requi­red coo­kies to ensu­re the tech­ni­cal­ly error-free and opti­mi­zed pro­vi­si­on of the operator’s ser­vices. If your con­sent to the sto­rage of the coo­kies and simi­lar reco­gni­ti­on tech­no­lo­gies has been reques­ted, the pro­ces­sing occurs exclu­si­ve­ly on the basis of the con­sent obtai­ned (Art. 6(1)(a) GDPR and § 25 (1) TDDDG); this con­sent may be revo­ked at any time.

You have the opti­on to set up your brow­ser in such a man­ner that you will be noti­fied any time coo­kies are pla­ced and to per­mit the accep­tance of coo­kies only in spe­ci­fic cases. You may also exclude the accep­tance of coo­kies in cer­tain cases or in gene­ral or acti­va­te the dele­te-func­tion for the auto­ma­tic era­di­ca­ti­on of coo­kies when the brow­ser clo­ses. If coo­kies are deac­ti­va­ted, the func­tions of this web­site may be limi­t­ed.

If other coo­kies and ser­vices are used on this web­site, you can find this infor­ma­ti­on in this pri­va­cy poli­cy.

At the end of this pri­va­cy poli­cy, you will find fur­ther detail­ed infor­ma­ti­on on the coo­kies used on this web­site within the sec­tion „Addi­tio­nal infor­ma­ti­on on coo­kies“.

Con­sent and 2‑click method with Borlabs Coo­kie

Our web­site uses the Borlabs con­sent tech­no­lo­gy to obtain your con­sent to the sto­rage of cer­tain coo­kies in your brow­ser or for the use of cer­tain tech­no­lo­gies (e.g. loa­ding con­tent from exter­nal sources) and for their data pri­va­cy pro­tec­tion com­pli­ant docu­men­ta­ti­on. The pro­vi­der of this tech­no­lo­gy is Borlabs GmbH, Ham­bur­ger Str. 11, 22083 Ham­burg, Ger­ma­ny (her­ein­af­ter refer­red to as Borlabs).

When­ever you visit our web­site and we ask for your con­sent at this time or if you give con­sent to the loa­ding of con­tent from exter­nal sources by pres­sing the con­fir­ma­ti­on but­ton (2‑click pro­cess), a Borlabs coo­kie will be stored in your brow­ser, which archi­ves any decla­ra­ti­ons or revo­ca­ti­ons of con­sent you have ente­red. The­se data are not shared with the pro­vi­der of the Borlabs tech­no­lo­gy.

The recor­ded data shall remain archi­ved until you ask us to era­di­ca­te them, dele­te the Borlabs coo­kie on your own or the pur­po­se of sto­ring the data no lon­ger exists. This shall be wit­hout pre­ju­di­ce to any reten­ti­on obli­ga­ti­ons man­da­ted by law. To review the details of Borlabs’ data pro­ces­sing poli­ci­es, plea­se visit https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

We use the Borlabs coo­kie con­sent tech­no­lo­gy to obtain the decla­ra­ti­ons of con­sent man­da­ted by law for the use of coo­kies. The legal basis for the use of such coo­kies is Art. 6(1)© GDPR.

At the end of this pri­va­cy poli­cy, you will find fur­ther detail­ed infor­ma­ti­on on the coo­kies used on this web­site within the sec­tion „Addi­tio­nal infor­ma­ti­on on coo­kies“. The­re you can modi­fy your coo­kie set­tings for this web­site at any time.

Ser­ver log files

The pro­vi­der of this web­site and its pages auto­ma­ti­cal­ly coll­ects and stores infor­ma­ti­on in so-cal­led ser­ver log files, which your brow­ser com­mu­ni­ca­tes to us auto­ma­ti­cal­ly. The infor­ma­ti­on com­pri­ses:

• The type and ver­si­on of brow­ser used
• The used ope­ra­ting sys­tem
• Refer­rer URL
• The host­na­me of the acces­sing com­pu­ter
• The time of the ser­ver inquiry
• The IP address

This data is not mer­ged with other data sources.

This data is recor­ded on the basis of Art. 6(1)(f) GDPR. The ope­ra­tor of the web­site has a legi­ti­ma­te inte­rest in the tech­ni­cal­ly error free depic­tion and the opti­miza­ti­on of the operator’s web­site. In order to achie­ve this, ser­ver log files must be recor­ded.

Cont­act form

If you sub­mit inqui­ries to us via our cont­act form, the infor­ma­ti­on pro­vi­ded in the cont­act form as well as any cont­act infor­ma­ti­on pro­vi­ded the­r­ein will be stored by us in order to hand­le your inquiry and in the event that we have fur­ther ques­ti­ons. We will not share this infor­ma­ti­on wit­hout your con­sent.

The pro­ces­sing of the­se data is based on Art. 6(1)(b) GDPR, if your request is rela­ted to the exe­cu­ti­on of a con­tract or if it is neces­sa­ry to car­ry out pre-con­trac­tu­al mea­su­res. In all other cases the pro­ces­sing is based on our legi­ti­ma­te inte­rest in the effec­ti­ve pro­ces­sing of the requests addres­sed to us (Art. 6(1)(f) GDPR) or on your agree­ment (Art. 6(1)(a) GDPR) if this has been reques­ted; the con­sent can be revo­ked at any time.

The infor­ma­ti­on you have ente­red into the cont­act form shall remain with us until you ask us to era­di­ca­te the data, revo­ke your con­sent to the archi­ving of data or if the pur­po­se for which the infor­ma­ti­on is being archi­ved no lon­ger exists (e.g., after we have con­cluded our respon­se to your inquiry). This shall be wit­hout pre­ju­di­ce to any man­da­to­ry legal pro­vi­si­ons, in par­ti­cu­lar reten­ti­on peri­ods.

Request by e‑mail, tele­pho­ne, or fax

If you cont­act us by e‑mail, tele­pho­ne or fax, your request, inclu­ding all resul­ting per­so­nal data (name, request) will be stored and pro­ces­sed by us for the pur­po­se of pro­ces­sing your request. We do not pass the­se data on wit­hout your con­sent.

The­se data are pro­ces­sed on the basis of Art. 6(1)(b) GDPR if your inquiry is rela­ted to the ful­fill­ment of a con­tract or is requi­red for the per­for­mance of pre-con­trac­tu­al mea­su­res. In all other cases, the data are pro­ces­sed on the basis of our legi­ti­ma­te inte­rest in the effec­ti­ve hand­ling of inqui­ries sub­mit­ted to us (Art. 6(1)(f) GDPR) or on the basis of your con­sent (Art. 6(1)(a) GDPR) if it has been obtai­ned; the con­sent can be revo­ked at any time.

The data sent by you to us via cont­act requests remain with us until you request us to dele­te, revo­ke your con­sent to the sto­rage or the pur­po­se for the data sto­rage lap­ses (e.g. after com­ple­ti­on of your request). Man­da­to­ry sta­tu­to­ry pro­vi­si­ons — in par­ti­cu­lar sta­tu­to­ry reten­ti­on peri­ods — remain unaf­fec­ted.

Com­mu­ni­ca­ti­on via Whats­App

For com­mu­ni­ca­ti­on with our cus­to­mers and other third par­ties, one of the ser­vices we use is the instant mes­sa­ging ser­vice Whats­App. The pro­vi­der is Whats­App Ire­land Limi­t­ed, Mer­ri­on Road, Dub­lin 4, D04 X2K5, Ire­land.

The com­mu­ni­ca­ti­on is encrypt­ed end-to-end (peer-to-peer), which pre­vents Whats­App or other third par­ties from gai­ning access to the com­mu­ni­ca­ti­on con­tent. Howe­ver, Whats­App does gain access to meta­da­ta crea­ted during the com­mu­ni­ca­ti­on pro­cess (for exam­p­le, sen­der, reci­pi­ent, and time). We would also like to point out that Whats­App has sta­ted that it shares per­so­nal data of its users with its U.S.-based parent com­pa­ny Meta. Fur­ther details on data pro­ces­sing can be found in the Whats­App pri­va­cy poli­cy at: https://www.whatsapp.com/legal/#privacy-policy.

The use of Whats­App is based on our legi­ti­ma­te inte­rest in com­mu­ni­ca­ting as quick­ly and effec­tively as pos­si­ble with cus­to­mers, inte­res­ted par­ties and other busi­ness and con­trac­tu­al part­ners (Art. 6(1)(f) GDPR). If a cor­re­spon­ding con­sent has been reques­ted, data pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of the con­sent; this con­sent may be revo­ked at any time with effect for the future.

The com­mu­ni­ca­ti­on con­tent exch­an­ged bet­ween you and us on Whats­App remains with us until you request us to dele­te it, revo­ke your con­sent to sto­rage or the pur­po­se for which the data is stored cea­ses to app­ly (e.g. after your request has been pro­ces­sed). Man­da­to­ry legal pro­vi­si­ons, in par­ti­cu­lar reten­ti­on peri­ods, remain unaf­fec­ted.

The com­pa­ny is cer­ti­fied in accordance with the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the US, which is inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­ces­sing in the US. Every com­pa­ny cer­ti­fied under the DPF is obli­ged to com­ply with the­se data pro­tec­tion stan­dards. For more infor­ma­ti­on, plea­se cont­act the pro­vi­der under the fol­lo­wing link: https://www.dataprivacyframework.gov/participant/7735.

We use Whats­App in the “Whats­App Busi­ness” vari­ant.

Data trans­mis­si­on to the US is based on the Stan­dard Con­trac­tu­al Clau­ses (SCC) of the Euro­pean Com­mis­si­on. Details can be found here: https://www.whatsapp.com/legal/business-data-transfer-addendum?lang=en.

We have set up our Whats­App accounts in such a way that the­re is no auto­ma­tic syn­chro­niza­ti­on of data with the address book on the smart­phones in use.

We have con­cluded a data pro­ces­sing agree­ment (DPA) with the abo­ve-men­tio­ned pro­vi­der.

Online Appoint­ment Sche­du­ling

On our web­site, you have the oppor­tu­ni­ty to sche­du­le appoint­ments with us. For boo­king appoint­ments, we use a local­ly instal­led boo­king tool. This tool does not trans­mit any per­so­nal data to the pro­vi­der of the tool.

For the pur­po­se of boo­king an appoint­ment, you enter the reques­ted data and the desi­red appoint­ment time into the desi­gna­ted form. The data ente­red will be used for plan­ning, exe­cu­ting and, if neces­sa­ry, for the fol­low-up of the appoint­ment. The appoint­ment data is stored on our web­site ser­ver.

Addi­tio­nal­ly, the boo­king tool trans­mits the appoint­ment data to Outlook365 via an inter­face for syn­chro­niza­ti­on and uni­form appoint­ment manage­ment.

As a result, the appoint­ment data is also stored on Micro­sof­t’s ser­vers. The pro­vi­der is Micro­soft Ire­land Ope­ra­ti­ons Limi­t­ed, One Micro­soft Place, South Coun­ty Busi­ness Park, Leo­pard­stown, Dub­lin 18, Ire­land. You can view their pri­va­cy state­ment here: https://privacy.microsoft.com/de-de/privacystatement

The com­pa­ny is cer­ti­fied in accordance with the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the US, which is inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­ces­sing in the US. Every com­pa­ny cer­ti­fied under the DPF is obli­ged to com­ply with the­se data pro­tec­tion stan­dards. For more infor­ma­ti­on, plea­se cont­act the pro­vi­der under the fol­lo­wing link: https://www.dataprivacyframework.gov/participant/6474.

The data you have ente­red will remain with us until you ask us to dele­te it, revo­ke your con­sent for sto­rage or the pur­po­se for which the data was stored cea­ses to app­ly. Man­da­to­ry legal pro­vi­si­ons, in par­ti­cu­lar reten­ti­on peri­ods, remain unaf­fec­ted.

The legal basis for data pro­ces­sing is Art. 6(1)(f) GDPR. The web­site ope­ra­tor has a jus­ti­fied inte­rest in making appoint­ments with inte­res­ted par­ties and cus­to­mers in as uncom­pli­ca­ted a man­ner as pos­si­ble. If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, inso­far the con­sent includes the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. This con­sent can be revo­ked at any time.

Data pro­ces­sing

We have con­cluded a data pro­ces­sing agree­ment (DPA) for the use of the abo­ve-men­tio­ned ser­vice. This is a con­tract man­da­ted by data pri­va­cy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our ins­truc­tions and in com­pli­ance with the GDPR.

Pro­ven­Ex­pert

We have included eva­lua­ti­on seals from Pro­ven­Ex­pert on this web­site. The pro­vi­der is Expert Sys­tems AG, Qued­lin­bur­ger Str. 1, 10589 Ber­lin, https://www.provenexpert.com.

The Pro­ven­Ex­pert seal enables us to dis­play on our web­site cus­to­mer reviews that have been sub­mit­ted to Pro­ven­Ex­pert about our com­pa­ny. When you visit our web­site, a con­nec­tion to Pro­ven­Ex­pert is estab­lished so that Pro­ven­Ex­pert can deter­mi­ne that you have visi­ted our web­site. Fur­ther­mo­re, Pro­ven­Ex­pert records your lan­guage set­tings to dis­play the seal in the cho­sen lan­guage.

The use of Pro­ven­Ex­pert is based on Art. 6(1)(f) GDPR. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in the most com­pre­hen­si­ble pre­sen­ta­ti­on of cus­to­mer reviews. If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, inso­far the con­sent includes the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. This con­sent can be revo­ked at any time.

5. Ana­ly­sis tools and adver­ti­sing

Goog­le Tag Mana­ger

We use the Goog­le Tag Mana­ger. The pro­vi­der is Goog­le Ire­land Limi­t­ed, Gor­don House, Bar­row Street, Dub­lin 4, Ire­land

The Goog­le Tag Mana­ger is a tool that allows us to inte­gra­te track­ing or sta­tis­ti­cal tools and other tech­no­lo­gies on our web­site. The Goog­le Tag Mana­ger its­elf does not crea­te any user pro­files, does not store coo­kies, and does not car­ry out any inde­pen­dent ana­ly­ses. It only mana­ges and runs the tools inte­gra­ted via it. Howe­ver, the Goog­le Tag Mana­ger does coll­ect your IP address, which may also be trans­fer­red to Google’s parent com­pa­ny in the United Sta­tes.

The Goog­le Tag Mana­ger is used on the basis of Art. 6(1)(f) GDPR. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in the quick and uncom­pli­ca­ted inte­gra­ti­on and admi­nis­tra­ti­on of various tools on his web­site. If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, inso­far the con­sent includes the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. This con­sent can be revo­ked at any time.

The com­pa­ny is cer­ti­fied in accordance with the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the US, which is inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­ces­sing in the US. Every com­pa­ny cer­ti­fied under the DPF is obli­ged to com­ply with the­se data pro­tec­tion stan­dards. For more infor­ma­ti­on, plea­se cont­act the pro­vi­der under the fol­lo­wing link: https://www.dataprivacyframework.gov/participant/5780.

Goog­le Ana­ly­tics

This web­site uses func­tions of the web ana­ly­sis ser­vice Goog­le Ana­ly­tics. The pro­vi­der of this ser­vice is Goog­le Ire­land Limi­t­ed (“Goog­le”), Gor­don House, Bar­row Street, Dub­lin 4, Ire­land.

Goog­le Ana­ly­tics enables the web­site ope­ra­tor to ana­ly­ze the beha­vi­or pat­terns of web­site visi­tors. To that end, the web­site ope­ra­tor recei­ves a varie­ty of user data, such as pages acces­sed, time spent on the page, the uti­li­zed ope­ra­ting sys­tem and the user’s ori­gin. This data is sum­ma­ri­zed in a user-ID and assi­gned to the respec­ti­ve end device of the web­site visi­tor.

Fur­ther­mo­re, Goog­le Ana­ly­tics allows us to record your mou­se and scroll move­ments and clicks, among other things. Goog­le Ana­ly­tics uses various mode­ling approa­ches to aug­ment the coll­ec­ted data sets and uses machi­ne lear­ning tech­no­lo­gies in data ana­ly­sis.

Goog­le Ana­ly­tics uses tech­no­lo­gies that make the reco­gni­ti­on of the user for the pur­po­se of ana­ly­zing the user beha­vi­or pat­terns (e.g., coo­kies or device fin­ger­prin­ting). The web­site use infor­ma­ti­on recor­ded by Goog­le is, as a rule trans­fer­red to a Goog­le ser­ver in the United Sta­tes, whe­re it is stored.

The use of the­se ser­vices occurs on the basis of your con­sent pur­su­ant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You may revo­ke your con­sent at any time. Within the sec­tion „Your coo­kie set­tings“ you can find your con­sent histo­ry for Goog­le Ana­ly­tics and can chan­ge your coo­kie set­tings or revo­ke your con­sent at any time by cli­cking on the but­ton „Coo­kie set­tings“.

Data trans­mis­si­on to the US is based on the Stan­dard Con­trac­tu­al Clau­ses (SCC) of the Euro­pean Com­mis­si­on. Details can be found here: https://business.safety.google/adscontrollerterms/sccs/.

The com­pa­ny is cer­ti­fied in accordance with the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the US, which is inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­ces­sing in the US. Every com­pa­ny cer­ti­fied under the DPF is obli­ged to com­ply with the­se data pro­tec­tion stan­dards. For more infor­ma­ti­on, plea­se cont­act the pro­vi­der under the fol­lo­wing link: https://www.dataprivacyframework.gov/participant/5780.

IP anony­miza­ti­on

Goog­le Ana­ly­tics IP anony­miza­ti­on is acti­ve. As a result, your IP address will be abbre­via­ted by Goog­le within the mem­ber sta­tes of the Euro­pean Uni­on or in other sta­tes that have rati­fied the Con­ven­ti­on on the Euro­pean Eco­no­mic Area pri­or to its trans­mis­si­on to the United Sta­tes. The full IP address will be trans­mit­ted to one of Google’s ser­vers in the United Sta­tes and abbre­via­ted the­re only in excep­tio­nal cases. On behalf of the ope­ra­tor of this web­site, Goog­le shall use this infor­ma­ti­on to ana­ly­ze your use of this web­site to gene­ra­te reports on web­site acti­vi­ties and to ren­der other ser­vices to the ope­ra­tor of this web­site that are rela­ted to the use of the web­site and the Inter­net. The IP address trans­mit­ted in con­junc­tion with Goog­le Ana­ly­tics from your brow­ser shall not be mer­ged with other data in Google’s pos­ses­si­on.

Brow­ser plug-in

You can pre­vent the recor­ding and pro­ces­sing of your data by Goog­le by down­loa­ding and instal­ling the brow­ser plug­in available under the fol­lo­wing link: https://tools.google.com/dlpage/gaoptout?hl=en.

For more infor­ma­ti­on about the hand­ling of user data by Goog­le Ana­ly­tics, plea­se con­sult Google’s Data Pri­va­cy Decla­ra­ti­on at: https://support.google.com/analytics/answer/6004245?hl=en.

Goog­le Signals

We use Goog­le Signals. When­ever you visit our web­site, Goog­le Ana­ly­tics records, among other things, your loca­ti­on, the pro­gres­si­on of your search and You­Tube pro­gres­si­on as well as demo­gra­phic data (site visi­tor data). This data may be used for cus­to­mi­zed adver­ti­sing with the assis­tance of Goog­le Signal. If you have a Goog­le account, your site visi­tor infor­ma­ti­on will be lin­ked to your Goog­le account by Goog­le Signal and used to send you cus­to­mi­zed pro­mo­tio­nal mes­sa­ges. The data is also used to com­pi­le anony­mi­zed sta­tis­tics of our users’ online pat­terns.

Con­tract data pro­ces­sing

We have exe­cu­ted a con­tract data pro­ces­sing agree­ment with Goog­le and are imple­men­ting the strin­gent pro­vi­si­ons of the Ger­man data pro­tec­tion agen­ci­es to the ful­lest when using Goog­le Ana­ly­tics.

Goog­le Con­ver­si­on-Track­ing

This web­site uses Goog­le Con­ver­si­on Track­ing. The pro­vi­der of this ser­vice is Goog­le Ire­land Limi­t­ed (“Goog­le”), Gor­don House, Bar­row Street, Dub­lin 4, Ire­land.

With the assis­tance of Goog­le Con­ver­si­on Track­ing, we are in a posi­ti­on to reco­gni­ze whe­ther the user has com­ple­ted cer­tain actions. For ins­tance, we can ana­ly­ze the how fre­quent­ly which but­tons on our web­site have been cli­cked and which pro­ducts are review­ed or purcha­sed with par­ti­cu­lar fre­quen­cy. The pur­po­se of this infor­ma­ti­on is to com­pi­le con­ver­si­on sta­tis­tics. We learn how many users have cli­cked on our ads and which actions they have com­ple­ted. We do not recei­ve any infor­ma­ti­on that would allow us to per­so­nal­ly iden­ti­fy the users. Goog­le as such uses coo­kies or com­pa­ra­ble reco­gni­ti­on tech­no­lo­gies for iden­ti­fi­ca­ti­on pur­po­ses.

The use of the­se ser­vices occurs on the basis of your con­sent pur­su­ant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You may revo­ke your con­sent at any time.

For more infor­ma­ti­on about Goog­le Con­ver­si­on Track­ing, plea­se review Google’s data pro­tec­tion poli­cy at: https://policies.google.com/privacy?hl=en

The com­pa­ny is cer­ti­fied in accordance with the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the US, which is inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­ces­sing in the US. Every com­pa­ny cer­ti­fied under the DPF is obli­ged to com­ply with the­se data pro­tec­tion stan­dards. For more infor­ma­ti­on, plea­se cont­act the pro­vi­der under the fol­lo­wing link: https://www.dataprivacyframework.gov/participant/5780.

6. News­let­ter

News­let­ter data

If you would like to recei­ve the news­let­ter offe­red on the web­site, we requi­re an e‑mail address from you as well as infor­ma­ti­on that allows us to veri­fy that you are the owner of the e‑mail address pro­vi­ded and that you agree to recei­ve the news­let­ter. Fur­ther data is not coll­ec­ted or only on a vol­un­t­a­ry basis. For the hand­ling of the news­let­ter, we use news­let­ter ser­vice pro­vi­ders, which are descri­bed below.

Bre­vo

This web­site uses Bre­vo for the sen­ding of news­let­ters. The pro­vi­der is the Sen­din­blue GmbH, Köpe­ni­cker Stra­ße 126, 10179 Ber­lin, Ger­ma­ny.

Bre­vo ser­vices can, among other things, be used to orga­ni­ze and ana­ly­ze the sen­ding of news­let­ters. The data you enter for the pur­po­se of sub­scrib­ing to the news­let­ter are archi­ved on ser­vers of Sen­din­blue GmbH in Ger­ma­ny.

Data ana­ly­sis by Bre­vo

Bre­vo enables us to ana­ly­ze our news­let­ter cam­paigns. For ins­tance, it allows us to see whe­ther a news­let­ter mes­sa­ge has been ope­ned and, if so, which links may have been cli­cked. This enables us to deter­mi­ne, which links drew an extra­or­di­na­ry num­ber of clicks.

Moreo­ver, we are also able to see whe­ther once the e‑mail was ope­ned or a link was cli­cked, any pre­vious­ly defi­ned actions were taken (con­ver­si­on rate). This allows us to deter­mi­ne whe­ther you have made a purcha­se after cli­cking on the news­let­ter.

Bre­vo also enables us to divi­de the sub­scri­bers to our news­let­ter into various cate­go­ries (i.e., to “clus­ter” reci­pi­ents). For ins­tance, news­let­ter reci­pi­ents can be cate­go­ri­zed based on age, gen­der, or place of resi­dence. This enables us to tail­or our news­let­ter more effec­tively to the needs of the respec­ti­ve tar­get groups.

If you do not want to per­mit an ana­ly­sis by Bre­vo, you must unsub­scri­be from the news­let­ter. We pro­vi­de a link for you to do this in every news­let­ter mes­sa­ge. Moreo­ver, you can also unsub­scri­be from the news­let­ter right on the web­site.

For detail­ed infor­ma­ti­on on the func­tions of Bre­vo plea­se fol­low this link: https://www.brevo.com/de/newsletter-software/.

Legal basis

The data is pro­ces­sed based on your con­sent (Art. 6(1)(a) GDPR). You may revo­ke any con­sent you have given at any time by unsub­scrib­ing from the news­let­ter. This shall be wit­hout pre­ju­di­ce to the lawful­ness of any data pro­ces­sing tran­sac­tions that have taken place pri­or to your revo­ca­ti­on.

Sto­rage peri­od

The data depo­si­ted with us for the pur­po­se of sub­scrib­ing to the news­let­ter will be stored by us until you unsub­scri­be from the news­let­ter or the news­let­ter ser­vice pro­vi­der and dele­ted from the news­let­ter dis­tri­bu­ti­on list after you unsub­scri­be from the news­let­ter. Data stored for other pur­po­ses with us remain unaf­fec­ted.

After you unsub­scri­be from the news­let­ter dis­tri­bu­ti­on list, your e‑mail address may be stored by us or the news­let­ter ser­vice pro­vi­der in a black­list, if such action is neces­sa­ry to pre­vent future mai­lings. The data from the black­list is used only for this pur­po­se and not mer­ged with other data. This ser­ves both your inte­rest and our inte­rest in com­ply­ing with the legal requi­re­ments when sen­ding news­let­ters (legi­ti­ma­te inte­rest within the mea­ning of Art. 6(1)(f) GDPR). The sto­rage in the black­list is inde­fi­ni­te. You may object to the sto­rage if your inte­rests out­weigh our legi­ti­ma­te inte­rest.

For more details, plea­se con­sult the Data Pro­tec­tion Regu­la­ti­ons of Bre­vo at: https://www.brevo.com/de/datenschutz-uebersicht/ and https://www.brevo.com/de/legal/privacypolicy/.

Data pro­ces­sing

We have con­cluded a data pro­ces­sing agree­ment (DPA) for the use of the abo­ve-men­tio­ned ser­vice. This is a con­tract man­da­ted by data pri­va­cy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our ins­truc­tions and in com­pli­ance with the GDPR.

News­let­ter mai­ling to exis­ting cus­to­mers

If you order goods or ser­vices from us and enter your e‑mail address, this e‑mail address may sub­se­quent­ly be used by us to send you news­let­ters, pro­vi­ded we inform you of this in advan­ce. In such a case, only direct adver­ti­sing for our own simi­lar goods or ser­vices will be sent via the news­let­ter. You can unsub­scri­be from this news­let­ter at any time. The­re is a cor­re­spon­ding link in every news­let­ter for this pur­po­se. In this case, the legal basis for sen­ding the news­let­ter is Art. 6 (1)(f) GDPR in con­junc­tion with Sec­tion 7 (3) UWG.

After you unsub­scri­be from the news­let­ter dis­tri­bu­ti­on list, we may store your email address in a black­list to pre­vent future mai­lings to you. The data from the black­list will only be used for this pur­po­se and will not be mer­ged with other data. This ser­ves both your inte­rest and our inte­rest in com­ply­ing with the legal requi­re­ments when sen­ding news­let­ters (legi­ti­ma­te inte­rest within the mea­ning of Art. 6 (1)(f) GDPR). Sto­rage in the black­list is not limi­t­ed in time. You can object to the sto­rage if your inte­rests out­weigh our legi­ti­ma­te inte­rest.

7. Plug-ins and Tools

You­Tube with expan­ded data pro­tec­tion inte­gra­ti­on

This web­site inte­gra­tes vide­os from the You­Tube web­site. The ope­ra­tor of the web­site is Goog­le Ire­land Limi­t­ed (“Goog­le”), Gor­don House, Bar­row Street, Dub­lin 4, Ire­land.

When you visit one of the­se web­sites on which You­Tube is inte­gra­ted, a con­nec­tion to the You­Tube ser­vers is estab­lished. This tells the You­Tube ser­ver which of our pages you have visi­ted. If you are log­ged into your You­Tube account, you enable You­Tube to assign your sur­fing beha­vi­or direct­ly to your per­so­nal pro­fi­le. You can pre­vent this by log­ging out of your You­Tube account.

We use You­Tube in exten­ded data pro­tec­tion mode. Accor­ding to You­Tube, vide­os that are play­ed in exten­ded data pro­tec­tion mode are not used to per­so­na­li­ze brow­sing on You­Tube. Ads that are play­ed in exten­ded data pro­tec­tion mode are also not per­so­na­li­zed. No coo­kies are set in exten­ded data pro­tec­tion mode. Ins­tead, so-cal­led local sto­rage ele­ments are stored in the user’s brow­ser, which con­tain per­so­nal data simi­lar to coo­kies and can be used for reco­gni­ti­on. Details on the exten­ded data pro­tec­tion mode can be found here: https://support.google.com/youtube/answer/171780.

After acti­vat­ing a You­Tube video, fur­ther data pro­ces­sing ope­ra­ti­ons may be trig­ge­red over which we have no influence.

The use of You­Tube is based on our inte­rest in pre­sen­ting our online con­tent in an appe­al­ing man­ner. Pur­su­ant to Art. 6(1)(f) GDPR, this is a legi­ti­ma­te inte­rest. If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, inso­far the con­sent includes the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. This con­sent can be revo­ked at any time. Within the sec­tion „Your coo­kie set­tings“ you can find your con­sent histo­ry for You­Tube and can chan­ge your coo­kie set­tings or revo­ke your con­sent at any time by cli­cking on the but­ton „Coo­kie set­tings“.

For more infor­ma­ti­on on how You­Tube hand­les user data, plea­se con­sult the You­Tube Data Pri­va­cy Poli­cy under: https://policies.google.com/privacy?hl=en.

The com­pa­ny is cer­ti­fied in accordance with the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the US, which is inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­ces­sing in the US. Every com­pa­ny cer­ti­fied under the DPF is obli­ged to com­ply with the­se data pro­tec­tion stan­dards. For more infor­ma­ti­on, plea­se cont­act the pro­vi­der under the fol­lo­wing link: https://www.dataprivacyframework.gov/participant/5780.

Goog­le Fonts (local embed­ding)

This web­site uses so-cal­led Goog­le Fonts pro­vi­ded by Goog­le to ensu­re the uni­form use of fonts on this site. The­se Goog­le fonts are local­ly instal­led so that a con­nec­tion to Google’s ser­vers will not be estab­lished in con­junc­tion with this appli­ca­ti­on.

For more infor­ma­ti­on on Goog­le Fonts, plea­se fol­low this link: https://developers.google.com/fonts/faq and con­sult Google’s Data Pri­va­cy Decla­ra­ti­on under: https://policies.google.com/privacy?hl=en.

Font Awe­so­me (local embed­ding)

This web­site uses Font Awe­so­me to ensu­re the uni­form use of fonts on this site. Font Awe­so­me is local­ly instal­led so that a con­nec­tion to Fon­ti­cons, Inc.’s ser­vers will not be estab­lished in con­junc­tion with this appli­ca­ti­on.

For more infor­ma­ti­on on Font Awe­so­me, plea­se and con­sult the Data Pri­va­cy Decla­ra­ti­on for Font Awe­so­me under: https://fontawesome.com/privacy.

Nin­ja Fire­wall

We have inte­gra­ted Nin­ja Fire­wall on this web­site. The pro­vi­der is Nin­Tech­Net Limi­t­ed, Unit 1603, 16th Flo­or, The L. Pla­za 367 — 375 Queen‘s Road Cen­tral Sheung Wan, Hong Kong (her­ein­af­ter refer­red to as “Nin­ja Fire­wall”).

Nin­ja Fire­wall pro­tects our web­site against unde­si­ra­ble access or mali­cious cyber-attacks. For this pur­po­se, Nin­ja Fire­wall coll­ects IP address, request, refer­rer, and the time of page access. Nin­ja Fire­wall is instal­led local­ly on our ser­vers and does not trans­mit any per­so­nal data to the pro­vi­der of the tool or other third par­ties.

We have enab­led IP anony­miza­ti­on for Nin­ja Fire­wall, so that the tool only coll­ects the IP address in a shor­ten­ed form.

The use of Nin­ja Fire­wall is based on Art. 6(1)(f) GDPR. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in the most effec­ti­ve pro­tec­tion of his web­site against cyber­at­tacks.

Mana­geWP

We admi­nis­tra­te this web­site with the assis­tance of the Mana­geWP tool. The pro­vi­der is GoDaddy.com WP Euro­pe, Trg repu­bli­ke 5, 11000 Bel­gra­de, Ser­bia (her­ein­af­ter refer­red to as Mana­geWP).

Among other things, Mana­geWP ensu­res that we can moni­tor the secu­ri­ty and per­for­mance of our web­site as well as gene­ra­te auto­ma­tic back­ups. Con­se­quent­ly, Mana­geWP has access to all of the website’s con­tent, inclu­ding our data­ba­ses. Mana­geWP is being hos­ted on the provider’s ser­vers.

The use of Mana­geWP is based on Art. 6 (1)(f) GDPR. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in a website(s) that work(s) as effec­tively and secu­re­ly as pos­si­ble. If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, inso­far the con­sent includes the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. This con­sent can be revo­ked at any time.

The com­pa­ny is cer­ti­fied in accordance with the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the US, which is inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­ces­sing in the US. Every com­pa­ny cer­ti­fied under the DPF is obli­ged to com­ply with the­se data pro­tec­tion stan­dards. For more infor­ma­ti­on, plea­se cont­act the pro­vi­der under the fol­lo­wing link: https://www.dataprivacyframework.gov/participant/4957.

Data pro­ces­sing

We have con­cluded a data pro­ces­sing agree­ment (DPA) for the use of the abo­ve-men­tio­ned ser­vice. This is a con­tract man­da­ted by data pri­va­cy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our ins­truc­tions and in com­pli­ance with the GDPR.

Goog­le Data Stu­dio

We use Goog­le Data Stu­dio. The pro­vi­der is Goog­le Ire­land Limi­t­ed, Gor­don House, Bar­row Street, Dub­lin 4, Ire­land.

Goog­le Data Stu­dio is a tool that enables us to prepa­re, visua­li­ze, and ana­ly­ze data from web­site ana­ly­tics and online adver­ti­sing in the form of cus­to­mi­zed reports and inter­ac­ti­ve, dyna­mic dash­boards.

Goog­le Data Stu­dio its­elf does not coll­ect any data and does not store any coo­kies. Rather, it pro­ces­ses data that has alre­a­dy been coll­ec­ted else­whe­re and made available in Goog­le Data Stu­dio by lin­king it to the ori­gi­nal data source (e.g., Goog­le Ana­ly­tics).

If you do not con­sent to the use of cer­tain ser­vices (e.g., Goog­le Ana­ly­tics), no such data will be pro­ces­sed in Goog­le Data Stu­dio.

The data pro­ces­sed in Goog­le Data Stu­dio is gene­ral­ly trans­fer­red to and stored on a Goog­le ser­ver in the United Sta­tes.

The use of this tool is based on Art. 6(1)(f) GDPR. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in the visu­al pre­pa­ra­ti­on of usa­ge and adver­ti­sing data in order to inter­pret and use it in the most effec­ti­ve and eco­no­mic­al­ly effi­ci­ent way pos­si­ble. If cor­re­spon­ding con­sent has been obtai­ned for the under­ly­ing data sources (e.g., con­sent to Goog­le Ana­ly­tics), this con­sent also appli­es to data pro­ces­sing in Goog­le Data Stu­dio, and pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR. Con­sent for the respec­ti­ve data source may be revo­ked at any time. Under “Your Coo­kie Set­tings,” you can view your con­sent histo­ry at any time and chan­ge your coo­kie set­tings or revo­ke pre­vious­ly gran­ted con­sent by cli­cking the “Coo­kie Set­tings” but­ton.

Data trans­fers to the United Sta­tes are based on the Euro­pean Commission’s Stan­dard Con­trac­tu­al Clau­ses (SCCs). Details can be found here:
https://privacy.google.com/businesses/processorterms/mccs/

Fur­ther infor­ma­ti­on about Goog­le Data Stu­dio and Google’s pri­va­cy poli­cy can be found at the fol­lo­wing links:
https://support.google.com/datastudio/answer/6283323?hl=de
https://policies.google.com/privacy?hl=de

The com­pa­ny is cer­ti­fied under the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the United Sta­tes inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­ces­sing in the United Sta­tes. Every com­pa­ny cer­ti­fied under the DPF com­mits to com­ply­ing with the­se data pro­tec­tion stan­dards. Fur­ther infor­ma­ti­on can be obtai­ned from the pro­vi­der at the fol­lo­wing link:
https://www.dataprivacyframework.gov/participant/5780

Data pro­ces­sing

We have con­cluded a data pro­ces­sing agree­ment (DPA) for the use of the abo­ve-men­tio­ned ser­vice. This is a con­tract man­da­ted by data pri­va­cy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our ins­truc­tions and in com­pli­ance with the GDPR.

Web­i­nar­Ge­ek

We use Web­i­nar­Ge­ek to host and mana­ge online web­i­nars. The pro­vi­der of this ser­vice is Web­i­nar­Ge­ek B.V., Chroom­stra­at 12, 2718 RR Zoe­ter­meer, Net­her­lands.

If you par­ti­ci­pa­te in one of our web­i­nars, your per­so­nal data will be stored on WebinarGeek’s ser­vers for the pur­po­se of con­duc­ting the event. This includes, in par­ti­cu­lar, your IP address, your first and last name, your email address, and any con­tent you enter into Web­i­nar­Ge­ek yours­elf (e.g., chat mes­sa­ges).

The legal basis for the use of Web­i­nar­Ge­ek is Art. 6(1)(b) GDPR (per­for­mance of a con­tract) and our legi­ti­ma­te inte­rest in the pro­fes­sio­nal orga­niza­ti­on and exe­cu­ti­on of our web­i­nars (Art. 6(1)(f) GDPR). If cor­re­spon­ding con­sent has been reques­ted, pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and Sec­tion 25(1) TDDDG, inso­far as the con­sent includes the sto­rage of coo­kies or access to infor­ma­ti­on on the user’s device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. Con­sent may be revo­ked at any time.

For details on data pro­ces­sing, plea­se refer to WebinarGeek’s Pri­va­cy Poli­cy:
https://www.webinargeek.com/de/datenschutzerklarung

Data pro­ces­sing

We have con­cluded a data pro­ces­sing agree­ment (DPA) for the use of the abo­ve-men­tio­ned ser­vice. This is a con­tract man­da­ted by data pri­va­cy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our ins­truc­tions and in com­pli­ance with the GDPR.

Agen­cy Soft­ware /​ CRM Pro­So­na­ta

We use the cloud-based agen­cy soft­ware Pro­So­na­ta. The pro­vi­der is Bopp Medi­en GmbH & Co. KG, Tan­nen­stra­ße 2, 63589 Lin­sen­ge­richt, Ger­ma­ny (her­ein­af­ter refer­red to as “Pro­So­na­ta”).

Pro­So­na­ta is a modu­lar sys­tem con­sis­ting of CRM (cont­act manage­ment), pro­ject manage­ment, task manage­ment, quo­ta­ti­on manage­ment, and invoi­cing. Among other things, it enables us to mana­ge exis­ting and poten­ti­al cus­to­mers, sup­pli­ers, and part­ners, as well as their cont­acts, and to orga­ni­ze sales and com­mu­ni­ca­ti­on pro­ces­ses. The per­so­nal data coll­ec­ted in this way can be ana­ly­zed and used for com­mu­ni­ca­ti­on or mar­ke­ting mea­su­res (e.g., mai­lings). The data is stored on the provider’s ser­vers.

Details on the func­tions of Pro­So­na­ta can be found here:
https://www.prosonata.de/agentursoftware-funktionen-fuer-projektmanagement-controlling-und-abrechnung-ihrer-projekte.html

The use of Pro­So­na­ta is based on Art. 6(1)(f) GDPR. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in the most effi­ci­ent pos­si­ble cont­act manage­ment and com­mu­ni­ca­ti­on. If cor­re­spon­ding con­sent has been reques­ted, pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and Sec­tion 25(1) TDDDG, inso­far as the con­sent includes the sto­rage of coo­kies or access to infor­ma­ti­on on the user’s device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. Con­sent may be revo­ked at any time.

Fur­ther infor­ma­ti­on on data pro­tec­tion at Pro­So­na­ta can be found at the fol­lo­wing links:

https://www.prosonata.de/datenschutzhinweise.html
https://www.prosonata.de/infos-und-hilfen/sicherheit-datenschutz.html

Data pro­ces­sing

We have con­cluded a data pro­ces­sing agree­ment (DPA) for the use of the abo­ve-men­tio­ned ser­vice. This is a con­tract man­da­ted by data pri­va­cy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our ins­truc­tions and in com­pli­ance with the GDPR.

Auto­ma­ti­on Plat­form n8n

We use the cloud-based auto­ma­ti­on plat­form n8n. The pro­vi­der is n8n GmbH, Borsigstras­se 10, 10115 Ber­lin, Ger­ma­ny (her­ein­af­ter refer­red to as “n8n”).

n8n enables us to con­nect various appli­ca­ti­ons, tools, and data­ba­ses used within our com­pa­ny and to auto­ma­te work­flows. This allows us to make pro­ces­ses more effi­ci­ent, such as auto­ma­ti­cal­ly trans­fer­ring data bet­ween dif­fe­rent sys­tems or trig­ge­ring actions based on spe­ci­fic events. Depen­ding on the type of auto­ma­ti­on, per­so­nal data may also be pro­ces­sed when using n8n. The data is stored on the provider’s ser­vers.

The use of n8n is based on Art. 6(1)(f) GDPR. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in desig­ning pro­ces­ses as effec­tively as pos­si­ble and inte­gra­ting the tools used. If cor­re­spon­ding con­sent has been reques­ted, pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and Sec­tion 25(1) TDDDG, inso­far as the con­sent includes the sto­rage of coo­kies or access to infor­ma­ti­on on the user’s device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. Con­sent may be revo­ked at any time.

For details on data pro­ces­sing, plea­se refer to n8n’s Pri­va­cy Poli­cy:
https://n8n.io/legal/#privacy

Data pro­ces­sing

We have con­cluded a data pro­ces­sing agree­ment (DPA) for the use of the abo­ve-men­tio­ned ser­vice. This is a con­tract man­da­ted by data pri­va­cy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our ins­truc­tions and in com­pli­ance with the GDPR.

Digi­tal Signa­tu­re Soft­ware spro­of

We use the cloud-based soft­ware spro­of for digi­tal signa­tures. The pro­vi­der is spro­of GmbH, Urstein Süd 19/​2, 5412 Puch b. Hal­lein, Aus­tria (her­ein­af­ter refer­red to as “spro­of”).

spro­of enables us to elec­tro­ni­cal­ly sign con­tracts and docu­ments in a legal­ly bin­ding man­ner and to obtain signa­tures from con­trac­tu­al part­ners. This allows us to make pro­ces­ses more effi­ci­ent for both our con­trac­tu­al part­ners and our­sel­ves. When using spro­of, per­so­nal data is also pro­ces­sed. This includes, in par­ti­cu­lar, the first and last name and the email address of the per­sons sig­ning the docu­ments, as well as any per­so­nal data con­tai­ned in the docu­ments to be signed. The data is stored on the provider’s ser­vers.

The use of spro­of is based on Art. 6(1)(f) GDPR. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in the most effec­ti­ve pos­si­ble con­tract pro­ces­sing and work­flow design. If cor­re­spon­ding con­sent has been reques­ted, pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and Sec­tion 25(1) TDDDG, inso­far as the con­sent includes the sto­rage of coo­kies or access to infor­ma­ti­on on the user’s device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. Con­sent may be revo­ked at any time.

For details on data pro­ces­sing, plea­se refer to sproof’s Pri­va­cy Poli­cy and FAQs:
https://www.sproof.io/de/unternehmen/datenschutzerklaerung
https://www.sproof.io/de/faq

Data pro­ces­sing

We have con­cluded a data pro­ces­sing agree­ment (DPA) for the use of the abo­ve-men­tio­ned ser­vice. This is a con­tract man­da­ted by data pri­va­cy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our ins­truc­tions and in com­pli­ance with the GDPR.

8. Cus­to­mer and Con­tract Data

Pro­ces­sing of Cus­to­mer and Con­tract Data

We coll­ect, pro­cess, and use per­so­nal cus­to­mer and con­tract data for the estab­lish­ment, con­tent arran­ge­ment and modi­fi­ca­ti­on of our con­trac­tu­al rela­ti­onships. Data with per­so­nal refe­ren­ces to the use of this web­site (usa­ge data) will be coll­ec­ted, pro­ces­sed, and used only if this is neces­sa­ry to enable the user to use our ser­vices or requi­red for bil­ling pur­po­ses. The legal basis for the­se pro­ces­ses is Art. 6(1)(b) GDPR.

The coll­ec­ted cus­to­mer data shall be dele­ted upon com­ple­ti­on of the order or ter­mi­na­ti­on of the busi­ness rela­ti­onship and upon expi­ra­ti­on of any exis­ting sta­tu­to­ry archi­ving peri­ods. This shall be wit­hout pre­ju­di­ce to any sta­tu­to­ry archi­ving peri­ods.

9. Online-based Audio and Video Con­fe­ren­ces (Con­fe­rence tools)

Data pro­ces­sing

We use online con­fe­rence tools, among other things, for com­mu­ni­ca­ti­on with our cus­to­mers. The tools we use are lis­ted in detail below. If you com­mu­ni­ca­te with us by video or audio con­fe­rence using the Inter­net, your per­so­nal data will be coll­ec­ted and pro­ces­sed by the pro­vi­der of the respec­ti­ve con­fe­rence tool and by us. The con­fe­ren­cing tools coll­ect all infor­ma­ti­on that you provide/​access to use the tools (email address and/​or your pho­ne num­ber). Fur­ther­mo­re, the con­fe­rence tools pro­cess the dura­ti­on of the con­fe­rence, start and end (time) of par­ti­ci­pa­ti­on in the con­fe­rence, num­ber of par­ti­ci­pan­ts and other “con­text infor­ma­ti­on” rela­ted to the com­mu­ni­ca­ti­on pro­cess (meta­da­ta).

Fur­ther­mo­re, the pro­vi­der of the tool pro­ces­ses all the tech­ni­cal data requi­red for the pro­ces­sing of the online com­mu­ni­ca­ti­on. This includes, in par­ti­cu­lar, IP addres­ses, MAC addres­ses, device IDs, device type, ope­ra­ting sys­tem type and ver­si­on, cli­ent ver­si­on, came­ra type, micro­pho­ne or loud­spea­k­er and the type of con­nec­tion.

Should con­tent be exch­an­ged, uploa­ded, or other­wi­se made available within the tool, it is also stored on the ser­vers of the tool pro­vi­der. Such con­tent includes, but is not limi­t­ed to, cloud recor­dings, chat/​ instant mes­sa­ges, voice­mail uploa­ded pho­tos and vide­os, files, white­boards, and other infor­ma­ti­on shared while using the ser­vice.

Plea­se note that we do not have com­ple­te influence on the data pro­ces­sing pro­ce­du­res of the tools used. Our pos­si­bi­li­ties are lar­ge­ly deter­mi­ned by the cor­po­ra­te poli­cy of the respec­ti­ve pro­vi­der. Fur­ther infor­ma­ti­on on data pro­ces­sing by the con­fe­rence tools can be found in the data pro­tec­tion decla­ra­ti­ons of the tools used, and which we have lis­ted below this text.

Pur­po­se and legal bases

The con­fe­rence tools are used to com­mu­ni­ca­te with pro­s­pec­ti­ve or exis­ting con­trac­tu­al part­ners or to offer cer­tain ser­vices to our cus­to­mers (Art. 6(1)(b) GDPR). Fur­ther­mo­re, the use of the tools ser­ves to gene­ral­ly sim­pli­fy and acce­le­ra­te com­mu­ni­ca­ti­on with us or our com­pa­ny (legi­ti­ma­te inte­rest in the mea­ning of Art. 6(1)(f) GDPR). Inso­far as con­sent has been reques­ted, the tools in ques­ti­on will be used on the basis of this con­sent; the con­sent may be revo­ked at any time with effect from that date.

Dura­ti­on of sto­rage

Data coll­ec­ted direct­ly by us via the video and con­fe­rence tools will be dele­ted from our sys­tems imme­dia­te­ly after you request us to dele­te it, revo­ke your con­sent to sto­rage, or the reason for sto­ring the data no lon­ger appli­es. Stored coo­kies remain on your end device until you dele­te them. Man­da­to­ry legal reten­ti­on peri­ods remain unaf­fec­ted.

We have no influence on the dura­ti­on of sto­rage of your data that is stored by the ope­ra­tors of the con­fe­rence tools for their own pur­po­ses. For details, plea­se direct­ly cont­act the ope­ra­tors of the con­fe­rence tools.

Con­fe­rence tools used

We employ the fol­lo­wing con­fe­rence tools:

Micro­soft Teams

We use Micro­soft Teams. The pro­vi­der is the Micro­soft Ire­land Ope­ra­ti­ons Limi­t­ed, One Micro­soft Place, South Coun­ty Busi­ness Park, Leo­pard­stown, Dub­lin 18, Ire­land.

Fur­ther details can be found abo­ve in the sec­tion “Micro­soft 365 /​ Micro­soft Azu­re.”