The protection of your personal rights and data is very important to us. We protect your data with appropriate technical and organizational measures and take the legal provisions on data protection very seriously, in particular the EU General Data Protection Regulation and the Federal Data Protection Act. Below you will find information on what data is collected in connection with your visit to this website and how it is used.
According to Art. 13 DSGVO, you should be informed about the legal basis of our data processing. If the legal basis is not mentioned in this privacy notice, the following applies:
The legal basis for data processing based on consent is Art. 6(1)(a) and Art. 7 DSGVO, the legal basis for processing for the performance of our services and implementation of contractual measures and answering inquiries is Art. 6(1)(b) DSGVO, the legal basis for processing for the performance of our legal obligations is Art. 6(1)(c) DSGVO, and the legal basis for processing based on our legitimate interests is Art. 6(1)(f) DSGVO. If, on one occasion, vital interests of a data subject or another natural person make data processing of personal data necessary, we base this data processing on Art. 6 (1) lit. d DSGVO.
We only share your data with third parties (other persons or companies) if you consent to this or if this is otherwise permitted by law. This may be the case, for example, if this is necessary in the context of contract initiation or for the performance of a contractual obligation, Art. 6 para. 1 lit. b DSGVO, we comply with a legal obligation under Art. 6 para. 1 lit. c DSGVO or if the transfer serves our legitimate interests in accordance with Art. 6 para. 1 lit. f DSVGO in an economic and effective business operation.
If we involve subcontractors in the processing of your data, we ensure through legal precautions and appropriate technical and organizational measures that your data is protected and the relevant legal requirements are met. If we commission third parties with the processing of data on the basis of a so-called “order processing agreement”, this is done on the basis of Art. 28 DSGVO.
Should a subcontractor carry out data processing outside the European Union or the European Economic Area, the data will only be transferred there if an appropriate level of data protection is ensured at the location of the data processing, you have expressly consented to this, or other legal permission exists.
In some cases, data is also processed by our service providers in so-called third countries. These are countries outside the European Union (EU) or the European Economic Area (EEA). This happens either to fulfill our (pre)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. However, such processing only takes place if the specific requirements of Art. 44 DSGVO are met. In these cases, too, an adequate level of data protection is ensured. This is because in these third countries there are either appropriate guarantees that a level of data protection comparable to the EU exists (e.g. for the USA through the “EU-US Privacy Shield”) or we involve our service providers via special contractual obligations that ensure this level of data protection (so-called “EU standard contractual clauses”).
We delete or restrict the processing of personal data in accordance with Articles 17 and 18 of the GDPR. Stored data is generally deleted when it is no longer needed for your purpose, unless the deletion conflicts with legal retention obligations. We restrict data processing if the data cannot be deleted because it is to be used for other and legally permissible purposes. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law.In Germany, data is retained in particular for 6 years in accordance with Section 257 (1) of the German Commercial Code (HGB) (commercial books, inventories, opening balances, annual financial statements, commercial letters, accounting vouchers, etc.) and for 10 years in accordance with Section 147 (1) of the German Fiscal Code (AO) (books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.).Insofar as you are expressly informed in our data protection information when data will be deleted, this specific statement on the deletion date will of course apply.
On our websites, we use SSL encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties.
Personal data is any data that can be assigned to an identified or identifiable person. In principle, you can visit our websites without telling us who you are. For technical reasons, however, your IP address is always processed when you call up a website. Only in this way can the respective website be delivered to your browser.
We – or our hosting service provider on our behalf – automatically collect and store information in so-called server log files, which your browser automatically transmits to us when you access our website. These are: The name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type along with version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.We carry out this data processing on the basis of our legitimate interests (Art. 6 para. 1 lit. f DSGVO). The collection of this data serves IT security and protection against unauthorized use. In this respect, we reserve the right to check this data subsequently if we become aware of concrete indications of unlawful use. This data will not be merged with other data sources. This data is deleted within a maximum of 7 days after data collection, unless your continued storage is necessary until a specific incident is clarified.
On our website we use so-called cookies. Cookies are small text files that are stored on your computer and saved by your browser. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer.We use so-called session cookies. The use of these cookies is technically necessary to enable you, for example, to set your language. However, no further data collection takes place as a result. The cookies are usually deleted as soon as you close your browser.We also use “persistent” or “permanent” cookies on our websites. These cookies remain stored until their expiration date passes or you delete them prematurely. These cookies allow us to recognize your browser when you visit our website again. We use these types of cookies, for example, for reach analysis.You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general, as well as activate the automatic deletion of cookies when closing the browser. If you disable all cookies, the functionality of the websites may be limited.
If you contact us (e.g. by e-mail or telephone), your data will be processed for the purpose of handling the contact request and its processing.This means that if personal data (such as your name or e-mail address) is collected when you contact us, this is because you are interested in our services, for example, or because you provide us with data to establish, define the content of or amend a contractual relationship between you and us (Art. 6 (1) lit. b DS-GVO) or have another request. In the latter case, we carry out the data processing on the basis of our legitimate interest in an effective external contact (Art. 6 para. 1 lit. f DS-GVO).The personal data transmitted when contacting us will be stored, processed and deleted if it is no longer required for these purposes and further storage or processing for other legitimate interests does not take place and no legal retention obligations prevent deletion.
The hosting services used by us serve to provide the following services: Operation of the websites, computing capacity, storage space and database services.Data that you enter in a web form on our website is transmitted directly to us by the hosting provider or kept available for us.Our hosting provider processes contact data, inventory and content data, usage data, meta data and communication data of customers, interested parties and visitors on our website on our behalf. This is done on the basis of our legitimate interests in an efficient and secure provision of our websites pursuant to Art. 6 para. 1 lit. f DS-GVO in conjunction with. Art. 28 DS-GVO (order processing contract).
You have the right to request information about whether and how data concerning you is processed, further information and a copy of the data in accordance with Art. 15 DSGVO.You have the right, in accordance with Art. 16 DSGVO, to request the completion of the data concerning you or the correction of incorrect data concerning you.In accordance with Art. 17 of the GDPR, you have the right to demand that your data be deleted without delay or, alternatively, to demand restriction of the processing of the data in accordance with Art. 18 of the GDPR.
According to Art. 20 DSGVO, you have the right to have data that we process automatically on the basis of your consent or in performance of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.
If you assume unlawful data processing, you are free to file a complaint with the competent supervisory authority. The competent supervisory authority in data protection matters is the state data protection commissioner of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
You can revoke a declared consent at any time with effect for the future. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
You can also object to the processing of your personal data at any time in accordance with the legal requirements. The objection can be made in particular against the processing for purposes of direct advertising. Insofar as we provide you with an opt-out option in this data protection declaration, you can simply exercise your right of objection in this way.