Data protection

1. Data protection at a glance

General information

The fol­lo­wing infor­ma­ti­on pro­vi­des a simp­le over­view of what hap­pens to your per­so­nal data when you visit this web­site. Per­so­nal data is any data that can be used to per­so­nal­ly iden­ti­fy you. Detail­ed infor­ma­ti­on on the sub­ject of data pro­tec­tion can be found in our data pro­tec­tion decla­ra­ti­on lis­ted below this text.

Data collection on this website

Who is responsible for data collection on this website?

Data pro­ces­sing on this web­site is car­ri­ed out by the web­site ope­ra­tor. You can find their cont­act details in the “Note on the respon­si­ble body” sec­tion in this data pro­tec­tion decla­ra­ti­on.

How do we collect your data?

On the one hand, your data is coll­ec­ted when you pro­vi­de it to us. This can be e.g. This could, for exam­p­le, be data that you enter into a cont­act form.

Other data is coll­ec­ted auto­ma­ti­cal­ly or with your con­sent by our IT sys­tems when you visit the web­site. This is pri­ma­ri­ly tech­ni­cal data (e.g. inter­net brow­ser, ope­ra­ting sys­tem or time of page access). This data is coll­ec­ted auto­ma­ti­cal­ly as soon as you enter this web­site.

What do we use your data for?

Some of the data is coll­ec­ted to ensu­re that the web­site is pro­vi­ded error-free. Other data may be used to ana­ly­ze your user beha­vi­or.

What rights do you have regarding your data?

You have the right at any time to recei­ve infor­ma­ti­on free of char­ge about the ori­gin, reci­pi­ent and pur­po­se of your stored per­so­nal data. You also have the right to request the cor­rec­tion or dele­ti­on of this data. If you have given your con­sent to data pro­ces­sing, you can revo­ke this con­sent at any time in the future. You also have the right to request that the pro­ces­sing of your per­so­nal data be rest­ric­ted in cer­tain cir­cum­s­tances. You also have the right to lodge a com­plaint with the respon­si­ble super­vi­so­ry aut­ho­ri­ty.

You can cont­act us at any time about this or if you have any fur­ther ques­ti­ons about data pro­tec­tion.

Analytics and Third Party Tools

When you visit this web­site, your sur­fing beha­vi­or can be sta­tis­ti­cal­ly eva­lua­ted. This hap­pens pri­ma­ri­ly with so-cal­led ana­ly­sis pro­grams.

Detail­ed infor­ma­ti­on about the­se ana­ly­sis pro­grams can be found in the fol­lo­wing data pro­tec­tion decla­ra­ti­on.

2. Hosting

We host the con­tent of our web­site with the fol­lo­wing pro­vi­der:

IONOS

The pro­vi­der is IONOS SE, Elgen­dor­fer Str. 57, 56410 Mon­ta­baur (her­ein­af­ter IONOS). When you visit our web­site, IONOS coll­ects various log files inclu­ding your IP addres­ses. Details can be found in the IONOS data pro­tec­tion decla­ra­ti­on: https://www.ionos.de/terms-gtc/terms-privacy.

The use of IONOS is based on Art. 6 Para. 1 lit. f GDPR. We have a legi­ti­ma­te inte­rest in ensu­ring that our web­site is pre­sen­ted as relia­bly as pos­si­ble. If appro­pria­te con­sent has been reques­ted, pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6 Para. 1 lit . B. Device fin­ger­prin­ting) within the mea­ning of the TTDSG. Con­sent can be revo­ked at any time.

Order processing

We have con­cluded an order pro­ces­sing con­tract (AVV) for the use of the abo­ve-men­tio­ned ser­vice. This is a con­tract requi­red by data pro­tec­tion law, which ensu­res that we only pro­cess the per­so­nal data of our web­site visi­tors in accordance with our ins­truc­tions and in com­pli­ance with the GDPR.

3. General information and mandatory information

data protection

The ope­ra­tors of the­se sites take the pro­tec­tion of your per­so­nal data very serious­ly. We tre­at your per­so­nal data con­fi­den­ti­al­ly and in accordance with sta­tu­to­ry data pro­tec­tion regu­la­ti­ons and this data pro­tec­tion decla­ra­ti­on.

When you use this web­site, various per­so­nal data is coll­ec­ted. Per­so­nal data is data that can be used to per­so­nal­ly iden­ti­fy you. This data pro­tec­tion decla­ra­ti­on explains what data we coll­ect and what we use it for. It also explains how and for what pur­po­se this hap­pens.

We would like to point out that data trans­mis­si­on over the Inter­net (e.g. when com­mu­ni­ca­ting via email) can have secu­ri­ty gaps. Com­ple­te pro­tec­tion of data from access by third par­ties is not pos­si­ble.

Note on the responsible body

The respon­si­ble body for data pro­ces­sing on this web­site is:

Gebr. HACK Fein­back­wa­ren GmbH
— A HACK AG com­pa­ny -
Karl-Hack-Allee 1
56581 Kurtscheid

Tele­pho­ne: +49 2634 9660–744
Email: [email protected]

The respon­si­ble body is the natu­ral or legal per­son who alo­ne or joint­ly with others deci­des on the pur­po­ses and means of pro­ces­sing per­so­nal data (e.g. names, email addres­ses, etc.).

Storage period

Unless a spe­ci­fic sto­rage peri­od is spe­ci­fied in this data pro­tec­tion decla­ra­ti­on, your per­so­nal data will remain with us until the pur­po­se for data pro­ces­sing no lon­ger appli­es. If you make a legi­ti­ma­te request for dele­ti­on or revo­ke your con­sent to data pro­ces­sing, your data will be dele­ted unless we have other legal­ly per­mis­si­ble reasons for sto­ring your per­so­nal data (e.g. tax or com­mer­cial law reten­ti­on peri­ods); In the lat­ter case, the dele­ti­on takes place after the­se reasons no lon­ger app­ly.

General information on the legal basis for data processing on this website

If you have con­sen­ted to data pro­ces­sing, we will pro­cess your per­so­nal data on the basis of Art. 6 Para. 1 lit. a GDPR or Art. 9 Para. 2 lit are pro­ces­sed. In the event of express con­sent to the trans­fer of per­so­nal data to third count­ries, data pro­ces­sing is also car­ri­ed out on the basis of Art. 49 Para. 1 lit. a GDPR. If you have con­sen­ted to the sto­rage of coo­kies or to the access to infor­ma­ti­on on your device (e.g. via device fin­ger­prin­ting), the data pro­ces­sing will also be car­ri­ed out on the basis of Sec­tion 25 Para­graph 1 TTDSG. Con­sent can be revo­ked at any time. If your data is neces­sa­ry to ful­fill the con­tract or to car­ry out pre-con­trac­tu­al mea­su­res, we pro­cess your data on the basis of Artic­le 6 Para­graph 1 Let­ter b GDPR. Fur­ther­mo­re, we pro­cess your data if it is neces­sa­ry to ful­fill a legal obli­ga­ti­on on the basis of Art. 6 Para. 1 lit. c GDPR. Data pro­ces­sing can also be car­ri­ed out on the basis of our legi­ti­ma­te inte­rest in accordance with Artic­le 6 (1) (f) GDPR. Infor­ma­ti­on about the rele­vant legal bases in each indi­vi­du­al case is pro­vi­ded in the fol­lo­wing para­graphs of this data pro­tec­tion decla­ra­ti­on.

Data Protection Officer

We have appoin­ted a data pro­tec­tion offi­cer.

Dani­el Enns
Karl-Hack-Allee 1
56581 Kurtscheid

Tele­pho­ne: +49 2634 9660–744
Email: [email protected]

Note on data transfer to third countries that are not secure in terms of data protection law as well as transfer to US companies that are not DPF-certified

We use, among other things, tools from com­pa­nies based in third count­ries that are not secu­re in terms of data pro­tec­tion law, as well as US tools who­se pro­vi­ders are not cer­ti­fied accor­ding to the EU-US Data Pri­va­cy Frame­work (DPF). When the­se tools are acti­ve, your per­so­nal data may be trans­fer­red to and pro­ces­sed in the­se count­ries. We would like to point out that in third count­ries with uncer­tain data pro­tec­tion law, a level of data pro­tec­tion com­pa­ra­ble to the EU can­not be gua­ran­teed.

We would like to point out that the USA, as a safe third coun­try, gene­ral­ly has a level of data pro­tec­tion com­pa­ra­ble to the EU. Data trans­fer to the USA is then per­mit­ted if the reci­pi­ent has cer­ti­fi­ca­ti­on under the “EU-US Data Pri­va­cy Frame­work” (DPF) or has appro­pria­te addi­tio­nal gua­ran­tees. Infor­ma­ti­on on trans­fers to third count­ries, inclu­ding data reci­pi­ents, can be found in this data pro­tec­tion decla­ra­ti­on.

Recipients of personal data

As part of our busi­ness acti­vi­ties, we work with various exter­nal bodies. In some cases, it is also neces­sa­ry to trans­mit per­so­nal data to the­se exter­nal bodies. We only pass on per­so­nal data to exter­nal bodies if this is neces­sa­ry to ful­fill a con­tract, if we are legal­ly obli­ged to do so (e.g. pas­sing on data to tax aut­ho­ri­ties), if we have a legi­ti­ma­te inte­rest in accordance with Artic­le 6 Para­graph 1 lit. f DSGVO in the trans­fer or if ano­ther legal basis allows the data trans­fer. When using order pro­ces­sors, we only pass on our cus­to­mers’ per­so­nal data on the basis of a valid order pro­ces­sing con­tract. In the case of joint pro­ces­sing, a joint pro­ces­sing con­tract is con­cluded.

Revocation of your consent to data processing

Many data pro­ces­sing ope­ra­ti­ons are only pos­si­ble with your express con­sent. You can revo­ke any con­sent you have alre­a­dy given at any time. The lawful­ness of the data pro­ces­sing car­ri­ed out until the revo­ca­ti­on remains unaf­fec­ted by the revo­ca­ti­on.

Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)

IF THE DATA PROCESSING IS BASED ON ART. 6 ABS. 1 LITER. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE TERMS. THE APPLICABLE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS DATA PROTECTION POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN PROOF COMPLEX REASONS FOR THE PROCESSING THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOM OR THE PROCESSING IS FOR THE ASSERTMENT, EXERCISE OR DEFENSE IDENTIFICATION OF LEGAL CLAIMS ( OBJECTION PURSUANT TO ARTICLE 21 (1) GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING; THIS ALSO APPLIES TO PROFILING TO THE EXTENT IT IS CONNECTED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR THE PURPOSE OF DIRECT ADVERTISING (OBJECTION PURSUANT TO ARTICLE 21 (2) GDPR).

Right to lodge a complaint with the responsible supervisory authority

In the event of vio­la­ti­ons of the GDPR, tho­se affec­ted have the right to lodge a com­plaint with a super­vi­so­ry aut­ho­ri­ty, in par­ti­cu­lar in the mem­ber sta­te of their habi­tu­al resi­dence, their place of work or the place of the alle­ged vio­la­ti­on. The right to lodge a com­plaint exists wit­hout pre­ju­di­ce to any other admi­nis­tra­ti­ve or judi­cial reme­dies.

Right to data portability

You have the right to have data that we pro­cess auto­ma­ti­cal­ly based on your con­sent or in ful­fill­ment of a con­tract han­ded over to you or to a third par­ty in a com­mon, machi­ne-rea­da­ble for­mat. If you request the data to be trans­fer­red direct­ly to ano­ther per­son respon­si­ble, this will only be done if it is tech­ni­cal­ly fea­si­ble.

Information, correction and deletion

Within the frame­work of the appli­ca­ble legal pro­vi­si­ons, you have the right to free infor­ma­ti­on at any time about your stored per­so­nal data, its ori­gin and reci­pi­ent and the pur­po­se of data pro­ces­sing and, if neces­sa­ry, a right to cor­rec­tion or dele­ti­on of this data. You can cont­act us at any time about this or if you have any fur­ther ques­ti­ons on the sub­ject of per­so­nal data.

Right to restriction of processing

You have the right to request that the pro­ces­sing of your per­so­nal data be rest­ric­ted. You can cont­act us at any time about this. The right to rest­ric­tion of pro­ces­sing exists in the fol­lo­wing cases:

  • If you dis­pu­te the accu­ra­cy of the per­so­nal data we hold about you, we will gene­ral­ly need time to veri­fy this. For the dura­ti­on of the review, you have the right to request that the pro­ces­sing of your per­so­nal data be rest­ric­ted.
  • If the pro­ces­sing of your per­so­nal data was/is occur­ring unlawful­ly, you can request that data pro­ces­sing be rest­ric­ted ins­tead of dele­ti­on.
  • If we no lon­ger need your per­so­nal data, but you need it to exer­cise, defend or assert legal claims, you have the right to request that the pro­ces­sing of your per­so­nal data be rest­ric­ted ins­tead of dele­ti­on.
  • If you have lodged an objec­tion in accordance with Artic­le 21 Para. 1 GDPR, a balan­ce must be made bet­ween your inte­rests and ours. As long as it is not yet clear who­se inte­rests pre­vail, you have the right to request that the pro­ces­sing of your per­so­nal data be rest­ric­ted.

If you have rest­ric­ted the pro­ces­sing of your per­so­nal data, this data — apart from its sto­rage — may only be used with your con­sent or to assert, exer­cise or defend legal claims or to pro­tect the rights of ano­ther natu­ral or legal per­son or for reasons of important public inte­rest of the Euro­pean Uni­on or a mem­ber sta­te.

SSL or TLS encryption

This site uses SSL or TLS encryp­ti­on for secu­ri­ty reasons and to pro­tect the trans­mis­si­on of con­fi­den­ti­al con­tent, such as orders or inqui­ries that you send to us as the site ope­ra­tor. You can reco­gni­ze an encrypt­ed con­nec­tion by the brow­ser address line chan­ging from “http://” to “https://” and by the lock sym­bol in your brow­ser line.

If SSL or TLS encryp­ti­on is acti­va­ted, the data you trans­mit to us can­not be read by third par­ties.

Objection to advertising emails

The use of cont­act details published as part of the imprint obli­ga­ti­on to send unso­li­ci­ted adver­ti­sing and infor­ma­ti­on mate­ri­als is her­eby objec­ted to. The ope­ra­tors of the pages express­ly reser­ve the right to take legal action in the event of unso­li­ci­ted adver­ti­sing infor­ma­ti­on being sent, such as spam emails.

4. Data collection on this website

Cookies

Our web­sites use so-cal­led “coo­kies”. Coo­kies are small data packa­ges and do not cau­se any dama­ge to your device. They are stored on your device eit­her tem­po­r­a­ri­ly for the dura­ti­on of a ses­si­on (ses­si­on coo­kies) or per­ma­nent­ly (per­sis­tent coo­kies). Ses­si­on coo­kies are auto­ma­ti­cal­ly dele­ted at the end of your visit. Per­ma­nent coo­kies remain stored on your device until you dele­te them yours­elf or your web brow­ser auto­ma­ti­cal­ly dele­tes them.

Coo­kies can come from us (first-par­ty coo­kies) or from third-par­ty com­pa­nies (so-cal­led third-par­ty coo­kies). Third-par­ty coo­kies enable the inte­gra­ti­on of cer­tain ser­vices from third-par­ty com­pa­nies within web­sites (e.g. coo­kies for pro­ces­sing pay­ment ser­vices).

Coo­kies have various func­tions. Num­e­rous coo­kies are tech­ni­cal­ly neces­sa­ry becau­se cer­tain web­site func­tions would not work wit­hout them (e.g. the shop­ping cart func­tion or the dis­play of vide­os). Other coo­kies can be used to eva­lua­te user beha­vi­or or for adver­ti­sing pur­po­ses.

Coo­kies that are neces­sa­ry to car­ry out the elec­tro­nic com­mu­ni­ca­ti­on pro­cess, to pro­vi­de cer­tain func­tions you want (e.g. for the shop­ping cart func­tion) or to opti­mi­ze the web­site (e.g. coo­kies to mea­su­re the web audi­ence) (neces­sa­ry coo­kies). stored on the basis of Art. 6 Para. 1 lit. f GDPR, unless ano­ther legal basis is sta­ted. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in sto­ring neces­sa­ry coo­kies for the tech­ni­cal­ly error-free and opti­mi­zed pro­vi­si­on of its ser­vices. If con­sent to the sto­rage of coo­kies and com­pa­ra­ble reco­gni­ti­on tech­no­lo­gies has been reques­ted, pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of this con­sent (Art. 6 Para. 1 lit. a GDPR and Sec­tion 25 Para. 1 TTDSG); con­sent can be revo­ked at any time.

You can set your brow­ser so that you are infor­med about the set­ting of coo­kies and only allow coo­kies in indi­vi­du­al cases, exclude the accep­tance of coo­kies for cer­tain cases or in gene­ral, and acti­va­te the auto­ma­tic dele­ti­on of coo­kies when you clo­se the brow­ser. If coo­kies are deac­ti­va­ted, the func­tion­a­li­ty of this web­site may be rest­ric­ted.

You can find out which coo­kies and ser­vices are used on this web­site in this data pro­tec­tion decla­ra­ti­on.

Consent with compliance

Our web­site uses Complianz’s con­sent tech­no­lo­gy to obtain your con­sent to store cer­tain coo­kies on your device or to use cer­tain tech­no­lo­gies and to docu­ment this in accordance with data pro­tec­tion regu­la­ti­ons. The pro­vi­der of this tech­no­lo­gy is Com­pli­anz BV, Kal­mar­weg 14–5, 9723 JG Gro­nin­gen, Net­her­lands (her­ein­af­ter “Com­pli­anz”).

Com­pli­anz is hos­ted on our ser­vers, so the­re is no con­nec­tion to the Com­pli­anz provider’s ser­vers. Com­pli­anz stores a coo­kie in your brow­ser in order to be able to assign the con­sent you have given or its revo­ca­ti­on. The data coll­ec­ted in this way will be stored until you request us to dele­te it, dele­te the com­pli­ance coo­kie yours­elf or the pur­po­se for sto­ring the data no lon­ger appli­es. Man­da­to­ry legal reten­ti­on obli­ga­ti­ons remain unaf­fec­ted.

Com­pli­anz is used to obtain the legal­ly requi­red con­sent for the use of coo­kies. The legal basis for this is Artic­le 6 Para­graph 1 Let­ter c GDPR.

contact form

If you send us inqui­ries using the cont­act form, your details from the inquiry form, inclu­ding the cont­act details you pro­vi­ded the­re, will be stored by us in order to pro­cess the inquiry and in case of fol­low-up ques­ti­ons. We will not pass on this data wit­hout your con­sent.

This data is pro­ces­sed on the basis of Art. 6 Para. 1 lit. b GDPR, pro­vi­ded your request is rela­ted to the ful­fill­ment of a con­tract or is neces­sa­ry to car­ry out pre-con­trac­tu­al mea­su­res. In all other cases, the pro­ces­sing is based on our legi­ti­ma­te inte­rest in the effec­ti­ve pro­ces­sing of the inqui­ries addres­sed to us (Art. 6 Para. 1 lit. f GDPR) or on your con­sent (Art. 6 Para. 1 lit. a GDPR) if this was queried; con­sent can be revo­ked at any time.

The data you enter in the cont­act form will remain with us until you request us to dele­te it, revo­ke your con­sent to sto­rage or the pur­po­se for data sto­rage no lon­ger appli­es (e.g. after your request has been pro­ces­sed). Man­da­to­ry legal pro­vi­si­ons – in par­ti­cu­lar reten­ti­on peri­ods – remain unaf­fec­ted.

Inquiries by email, telephone or fax

If you cont­act us by email, tele­pho­ne or fax, your request, inclu­ding all resul­ting per­so­nal data (name, request), will be stored and pro­ces­sed by us for the pur­po­se of pro­ces­sing your request. We will not pass on this data wit­hout your con­sent.

This data is pro­ces­sed on the basis of Art. 6 Para. 1 lit. b GDPR, pro­vi­ded your request is rela­ted to the ful­fill­ment of a con­tract or is neces­sa­ry to car­ry out pre-con­trac­tu­al mea­su­res. In all other cases, the pro­ces­sing is based on our legi­ti­ma­te inte­rest in the effec­ti­ve pro­ces­sing of the inqui­ries addres­sed to us (Art. 6 Para. 1 lit. f GDPR) or on your con­sent (Art. 6 Para. 1 lit. a GDPR) if this was queried; con­sent can be revo­ked at any time.

The data you send to us via cont­act requests will remain with us until you request us to dele­te it, revo­ke your con­sent to sto­rage or the pur­po­se for data sto­rage no lon­ger appli­es (e.g. after your request has been pro­ces­sed). Man­da­to­ry legal pro­vi­si­ons – in par­ti­cu­lar sta­tu­to­ry reten­ti­on peri­ods – remain unaf­fec­ted.

5. Social media

LinkedIn

This web­site uses ele­ments of the Lin­ke­dIn net­work. The pro­vi­der is Lin­ke­dIn Ire­land Unli­mi­t­ed Com­pa­ny, Wil­ton Pla­za, Wil­ton Place, Dub­lin 2, Ire­land.

Every time a page on this web­site that con­ta­ins ele­ments from Lin­ke­dIn is acces­sed, a con­nec­tion to Lin­ke­dIn ser­vers is estab­lished. Lin­ke­dIn is infor­med that you have visi­ted this web­site with your IP address. If you click on LinkedIn’s “Recom­mend but­ton” and are log­ged into your Lin­ke­dIn account, Lin­ke­dIn will be able to assign your visit to this web­site to you and your user account. We would like to point out that, as pro­vi­ders of the pages, we have no know­ledge of the con­tent of the data trans­mit­ted or how it is used by Lin­ke­dIn.

If con­sent has been obtai­ned, the abo­ve will be used. Ser­vice based on Artic­le 6 Para­graph 1 Let­ter a GDPR and Sec­tion 25 TTDSG. Con­sent can be revo­ked at any time. Unless con­sent has been obtai­ned, the use of the ser­vice is based on our legi­ti­ma­te inte­rest in achie­ving the grea­test pos­si­ble visi­bi­li­ty on social media.

Data trans­fer to the USA is based on the EU Commission’s stan­dard con­trac­tu­al clau­ses. Details can be found here: https://www.linkedin.com/help/linkedin/answer/62538/datenubertragung-aus-der-eu-dem-ewr-und-der-schweiz?lang=de

Fur­ther infor­ma­ti­on can be found in LinkedIn’s data pro­tec­tion decla­ra­ti­on at: https://www.linkedin.com/legal/privacy-policy.

6. Analytics tools and advertising

Google Analytics

This web­site uses func­tions of the web ana­ly­sis ser­vice Goog­le Ana­ly­tics. The pro­vi­der is Goog­le Ire­land Limi­t­ed (“Goog­le”), Gor­don House, Bar­row Street, Dub­lin 4, Ire­land.

Goog­le Ana­ly­tics enables the web­site ope­ra­tor to ana­ly­ze the beha­vi­or of web­site visi­tors. The web­site ope­ra­tor recei­ves various usa­ge data, such as: E.g. page views, length of stay, ope­ra­ting sys­tems used and ori­gin of the user. This data is sum­ma­ri­zed in a user ID and assi­gned to the web­site visitor’s respec­ti­ve device.

Fur­ther­mo­re, we can use Goog­le Ana­ly­tics, among other things. Record your mou­se and scroll move­ments and clicks. Fur­ther­mo­re, Goog­le Ana­ly­tics uses various mode­ling approa­ches to com­ple­ment the data sets coll­ec­ted and uses machi­ne lear­ning tech­no­lo­gies in data ana­ly­sis.

Goog­le Ana­ly­tics uses tech­no­lo­gies that enable user reco­gni­ti­on for the pur­po­se of ana­ly­zing user beha­vi­or (e.g. coo­kies or device fin­ger­prin­ting). The infor­ma­ti­on coll­ec­ted by Goog­le about the use of this web­site is usual­ly trans­fer­red to a Goog­le ser­ver in the USA and stored the­re.

The use of this ser­vice is based on your con­sent in accordance with Artic­le 6 Para­graph 1 Let­ter a GDPR and Sec­tion 25 Para­graph 1 TTDSG. Con­sent can be revo­ked at any time.

Data trans­fer to the USA is based on the EU Commission’s stan­dard con­trac­tu­al clau­ses. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

The com­pa­ny is cer­ti­fied accor­ding to the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the USA that is inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards when data is pro­ces­sed in the USA. Every DPF cer­ti­fied com­pa­ny under­ta­kes to com­ply with the­se data pro­tec­tion stan­dards. Fur­ther infor­ma­ti­on can be obtai­ned from the pro­vi­der using the fol­lo­wing link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Browser plugin

You can pre­vent Goog­le from coll­ec­ting and pro­ces­sing your data by down­loa­ding and instal­ling the brow­ser plug-in available at the fol­lo­wing link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can find more infor­ma­ti­on about how Goog­le Ana­ly­tics hand­les user data in Google’s pri­va­cy poli­cy: https://support.google.com/analytics/answer/6004245?hl=de.

Order processing

We have con­cluded an order pro­ces­sing con­tract with Goog­le and ful­ly imple­ment the strict requi­re­ments of the Ger­man data pro­tec­tion aut­ho­ri­ties when using Goog­le Ana­ly­tics.

7. Newsletters

Newsletter data

If you would like to recei­ve the news­let­ter offe­red on the web­site, we need an email address from you as well as infor­ma­ti­on that allows us to veri­fy that you are the owner of the email address pro­vi­ded and that you agree to recei­ve the news­let­ter. No fur­ther data is coll­ec­ted or only coll­ec­ted on a vol­un­t­a­ry basis. To pro­cess the news­let­ter, we use news­let­ter ser­vice pro­vi­ders, which are descri­bed below.

MailPoet (local installation)

This web­site uses Mail­Po­et to send news­let­ters. The pro­vi­der is Aut O’Mat­tic A8C Ire­land Ltd., Busi­ness Cent­re, No.1 Lower Mayor Street, Inter­na­tio­nal Finan­cial Ser­vices Cent­re, Dub­lin 1, Ire­land (her­ein­af­ter Mail­Po­et).

Mail­Po­et is a ser­vice that can be used, among other things, to orga­ni­ze and ana­ly­ze the sen­ding of news­let­ters. We have inte­gra­ted Mail­Po­et local­ly on our ser­vers. The data you enter for the pur­po­se of sub­scrib­ing to the news­let­ter will be pro­ces­sed on our ser­vers. Mail­Po­et does not have access to this data.

Data ana­ly­sis by Mail­Po­et

With the help of Mail­Po­et we are able to ana­ly­ze our news­let­ter cam­paigns. So we can e.g. For exam­p­le, you can see whe­ther a news­let­ter mes­sa­ge was ope­ned and which links, if any, were cli­cked. In this way, we can deter­mi­ne, among other things, which links were cli­cked on par­ti­cu­lar­ly often.

We can also see whe­ther cer­tain pre­vious­ly defi­ned actions were car­ri­ed out after opening/clicking (con­ver­si­on rate). We can, for exam­p­le, B. reco­gni­ze whe­ther you made a purcha­se after cli­cking on the news­let­ter.

Mail­Po­et also allows us to divi­de (“clus­ter”) news­let­ter reci­pi­ents based on dif­fe­rent cate­go­ries. The news­let­ter reci­pi­ents can be e.g. B. divi­de accor­ding to age, gen­der or place of resi­dence. In this way, the news­let­ters can be bet­ter adapt­ed to the respec­ti­ve tar­get groups. If you do not want Mail­Po­et to ana­ly­ze you, you must unsub­scri­be from the news­let­ter. For this pur­po­se, we pro­vi­de a cor­re­spon­ding link in every news­let­ter mes­sa­ge.

Legal basis

Data pro­ces­sing is based on your con­sent (Art. 6 Para. 1 lit. a GDPR). You can revo­ke this con­sent at any time in the future.

Sto­rage peri­od

The data you pro­vi­de to us for the pur­po­se of sub­scrib­ing to the news­let­ter will be stored by us until you unsub­scri­be from the news­let­ter and will be dele­ted from the news­let­ter dis­tri­bu­ti­on list after you unsub­scri­be from the news­let­ter or if the pur­po­se no lon­ger appli­es. We reser­ve the right to dele­te or block email addres­ses from our news­let­ter dis­tri­bu­ti­on list at our own dis­cre­ti­on within the scope of our legi­ti­ma­te inte­rest in accordance with Artic­le 6 (1) (f) GDPR. Data stored by us for other pur­po­ses remains unaf­fec­ted.

After you have been unsub­scri­bed from the news­let­ter dis­tri­bu­ti­on list, your email address may be stored in a black­list if this is neces­sa­ry to pre­vent future mai­lings. The data from the black­list will only be used for this pur­po­se and will not be mer­ged with other data. This ser­ves both your inte­rest and our inte­rest in com­ply­ing with legal requi­re­ments when sen­ding news­let­ters (legi­ti­ma­te inte­rest within the mea­ning of Art. 6 Para. 1 lit. f GDPR). The sto­rage in the black­list is not limi­t­ed in time. You can object to the sto­rage if your inte­rests out­weigh our legi­ti­ma­te inte­rests.

8. Plugins and Tools

YouTube with extended data protection

This web­site embeds vide­os from the You­Tube web­site. The web­site is ope­ra­ted by Goog­le Ire­land Limi­t­ed (“Goog­le”), Gor­don House, Bar­row Street, Dub­lin 4, Ire­land.

We use You­Tube in exten­ded data pro­tec­tion mode. Accor­ding to You­Tube, this mode means that You­Tube does not store any infor­ma­ti­on about visi­tors to this web­site befo­re they watch the video. Howe­ver, the exten­ded data pro­tec­tion mode does not neces­s­a­ri­ly exclude the pas­sing on of data to You­Tube part­ners. This way, regard­less of whe­ther you watch a video, You­Tube estab­lishes a con­nec­tion to the Goog­le Mar­ke­ting Net­work.

As soon as you start a You­Tube video on this web­site, a con­nec­tion to YouTube’s ser­vers is estab­lished. The You­Tube ser­ver is infor­med which of our pages you have visi­ted. If you are log­ged into your You­Tube account, you enable You­Tube to assign your sur­fing beha­vi­or direct­ly to your per­so­nal pro­fi­le. You can pre­vent this by log­ging out of your You­Tube account.

Fur­ther­mo­re, after start­ing a video, You­Tube can store various coo­kies on your device or use com­pa­ra­ble reco­gni­ti­on tech­no­lo­gies (e.g. device fin­ger­prin­ting). In this way, You­Tube can recei­ve infor­ma­ti­on about visi­tors to this web­site. This infor­ma­ti­on is, among other things, used to coll­ect video sta­tis­tics, impro­ve user expe­ri­ence and pre­vent fraud attempts.

If neces­sa­ry, fur­ther data pro­ces­sing ope­ra­ti­ons may be trig­ge­red after start­ing a You­Tube video, over which we have no influence.

The use of You­Tube is in the inte­rest of an attrac­ti­ve pre­sen­ta­ti­on of our online offe­rings. This repres­ents a legi­ti­ma­te inte­rest within the mea­ning of Art. 6 Para. 1 lit TTDSG, inso­far as the con­sent includes the sto­rage of coo­kies or access to infor­ma­ti­on on the user’s end device (e.g. device fin­ger­prin­ting) within the mea­ning of the TTDSG. Con­sent can be revo­ked at any time.

Fur­ther infor­ma­ti­on about data pro­tec­tion at You­Tube can be found in their data pro­tec­tion decla­ra­ti­on at: https://policies.google.com/privacy?hl=de.

The com­pa­ny is cer­ti­fied accor­ding to the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the USA that is inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards when data is pro­ces­sed in the USA. Every DPF cer­ti­fied com­pa­ny under­ta­kes to com­ply with the­se data pro­tec­tion stan­dards. Fur­ther infor­ma­ti­on can be obtai­ned from the pro­vi­der using the fol­lo­wing link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Google Maps

This site uses the map ser­vice Goog­le Maps. The pro­vi­der is Goog­le Ire­land Limi­t­ed (“Goog­le”), Gor­don House, Bar­row Street, Dub­lin 4, Ire­land.

In order to use the func­tions of Goog­le Maps, it is neces­sa­ry to save your IP address. This infor­ma­ti­on is usual­ly trans­fer­red to a Goog­le ser­ver in the USA and stored the­re. The pro­vi­der of this site has no influence on this data trans­fer. If Goog­le Maps is acti­va­ted, Goog­le can use Goog­le Fonts for the pur­po­se of uni­form font dis­play. When you access Goog­le Maps, your brow­ser loads the requi­red web fonts into your brow­ser cache in order to dis­play texts and fonts cor­rect­ly.

The use of Goog­le Maps is in the inte­rest of an attrac­ti­ve pre­sen­ta­ti­on of our online offe­rings and to make it easy to find the places we indi­ca­te on the web­site. This repres­ents a legi­ti­ma­te inte­rest within the mea­ning of Art. 6 Para. 1 lit TTDSG, inso­far as the con­sent includes the sto­rage of coo­kies or access to infor­ma­ti­on on the user’s end device (e.g. device fin­ger­prin­ting) within the mea­ning of the TTDSG. Con­sent can be revo­ked at any time.

Data trans­fer to the USA is based on the EU Commission’s stan­dard con­trac­tu­al clau­ses. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

You can find more infor­ma­ti­on about how we hand­le user data in Google’s pri­va­cy poli­cy: https://policies.google.com/privacy?hl=de.

The com­pa­ny is cer­ti­fied accor­ding to the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the USA that is inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards when data is pro­ces­sed in the USA. Every DPF cer­ti­fied com­pa­ny under­ta­kes to com­ply with the­se data pro­tec­tion stan­dards. Fur­ther infor­ma­ti­on can be obtai­ned from the pro­vi­der using the fol­lo­wing link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

9. Audio and video conferencing

Data processing

We use online con­fe­rence tools, among other things, to com­mu­ni­ca­te with our cus­to­mers. The spe­ci­fic tools we use are lis­ted below. If you com­mu­ni­ca­te with us via video or audio con­fe­rence via the Inter­net, your per­so­nal data will be coll­ec­ted and pro­ces­sed by us and the pro­vi­der of the respec­ti­ve con­fe­rence tool.

The con­fe­rence tools coll­ect all the data that you provide/use to use the tools (email address and/or your tele­pho­ne num­ber). The con­fe­rence tools also pro­cess the dura­ti­on of the con­fe­rence, start and end (time) of par­ti­ci­pa­ti­on in the con­fe­rence, num­ber of par­ti­ci­pan­ts and other “con­tex­tu­al infor­ma­ti­on” rela­ted to the com­mu­ni­ca­ti­on pro­cess (meta­da­ta).

Fur­ther­mo­re, the pro­vi­der of the tool pro­ces­ses all tech­ni­cal data that is neces­sa­ry to pro­cess online com­mu­ni­ca­ti­on. This includes in par­ti­cu­lar IP addres­ses, MAC addres­ses, device IDs, device type, ope­ra­ting sys­tem type and ver­si­on, cli­ent ver­si­on, came­ra type, micro­pho­ne or spea­k­er as well as the type of con­nec­tion.

If con­tent is exch­an­ged, uploa­ded or made available in any other way within the tool, it will also be stored on the tool provider’s ser­vers. Such con­tent includes, but is not limi­t­ed to, cloud recor­dings, chat/instant mes­sa­ges, pho­tos and vide­os uploa­ded to voice­mails, files, white­boards and other infor­ma­ti­on shared while using the Ser­vice.

Plea­se note that we do not have full influence on the data pro­ces­sing ope­ra­ti­ons of the tools used. Our opti­ons depend lar­ge­ly on the cor­po­ra­te poli­cy of the respec­ti­ve pro­vi­der. Fur­ther infor­ma­ti­on on data pro­ces­sing by the con­fe­rence tools can be found in the data pro­tec­tion decla­ra­ti­ons of the tools used, which we have lis­ted below this text.

Purpose and legal basis

The con­fe­rence tools are used to com­mu­ni­ca­te with pro­s­pec­ti­ve or exis­ting con­trac­tu­al part­ners or to offer cer­tain ser­vices to our cus­to­mers (Art. 6 Para. 1 lit. b GDPR). Fur­ther­mo­re, the use of the tools ser­ves to gene­ral­ly sim­pli­fy and acce­le­ra­te com­mu­ni­ca­ti­on with us or our com­pa­ny (legi­ti­ma­te inte­rest within the mea­ning of Art. 6 Para. 1 lit. f GDPR). If con­sent has been reques­ted, the rele­vant tools will be used on the basis of this con­sent; con­sent can be revo­ked at any time with effect for the future.

Storage period

The data we coll­ect direct­ly via the video and con­fe­rence tools will be dele­ted from our sys­tems as soon as you request us to dele­te it, revo­ke your con­sent to sto­rage or the pur­po­se for data sto­rage no lon­ger appli­es. Saved coo­kies remain on your device until you dele­te them. Man­da­to­ry sta­tu­to­ry reten­ti­on peri­ods remain unaf­fec­ted.

We have no influence on the sto­rage peri­od of your data, which is stored by the ope­ra­tors of the con­fe­rence tools for their own pur­po­ses. For details, plea­se cont­act the ope­ra­tors of the con­fe­rence tools direct­ly.

Conference tools used

We use the fol­lo­wing con­fe­rence tools:

Microsoft Teams

We use Micro­soft Teams. The pro­vi­der is Micro­soft Ire­land Ope­ra­ti­ons Limi­t­ed, One Micro­soft Place, South Coun­ty Busi­ness Park, Leo­pard­stown, Dub­lin 18, Ire­land. Details on data pro­ces­sing can be found in the Micro­soft Teams data pro­tec­tion decla­ra­ti­on: https://privacy.microsoft.com/de-de/privacystatement.

The com­pa­ny is cer­ti­fied accor­ding to the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the USA that is inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards when data is pro­ces­sed in the USA. Every DPF cer­ti­fied com­pa­ny under­ta­kes to com­ply with the­se data pro­tec­tion stan­dards. Fur­ther infor­ma­ti­on can be obtai­ned from the pro­vi­der using the fol­lo­wing link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000KzNaAAK&status=Active

Order processing

We have con­cluded an order pro­ces­sing con­tract (AVV) for the use of the abo­ve-men­tio­ned ser­vice. This is a con­tract requi­red by data pro­tec­tion law, which ensu­res that we only pro­cess the per­so­nal data of our web­site visi­tors in accordance with our ins­truc­tions and in com­pli­ance with the GDPR.

10. Own services

Handling applicant data

We offer you the oppor­tu­ni­ty to app­ly to us (e.g. by email, post or via the online appli­ca­ti­on form). Below we will inform you about the scope, pur­po­se and use of your per­so­nal data coll­ec­ted as part of the appli­ca­ti­on pro­cess. We assu­re that the coll­ec­tion, pro­ces­sing and use of your data is car­ri­ed out in accordance with appli­ca­ble data pro­tec­tion law and all other legal pro­vi­si­ons and that your data will be trea­ted with strict con­fi­den­tia­li­ty.

Scope and purpose of data collection

If you send us an appli­ca­ti­on, we pro­cess your asso­cia­ted per­so­nal data (e.g. cont­act and com­mu­ni­ca­ti­on data, appli­ca­ti­on docu­ments, notes from job inter­views, etc.) to the ext­ent that this is neces­sa­ry to deci­de on the estab­lish­ment of an employ­ment rela­ti­onship. The legal basis for this is Sec­tion 26 BDSG under Ger­man law (initia­ti­on of an employ­ment rela­ti­onship), Artic­le 6 Para­graph 1 Let­ter b GDPR (gene­ral con­tract initia­ti­on) and – if you have given your con­sent – Artic­le 6 Para­graph 1 Let­ter a GDPR. Con­sent can be revo­ked at any time. Your per­so­nal data will only be pas­sed on within our com­pa­ny to peo­p­le who are invol­ved in pro­ces­sing your appli­ca­ti­on.

If the appli­ca­ti­on is suc­cessful, the data you sub­mit will be stored in our data pro­ces­sing sys­tems for the pur­po­se of car­ry­ing out the employ­ment rela­ti­onship on the basis of Sec­tion 26 BDSG and Artic­le 6 Para­graph 1 Let­ter b GDPR.

Data retention period

If we can­not make you a job offer, you reject a job offer or with­draw your appli­ca­ti­on, we reser­ve the right to keep the data you have trans­mit­ted for up to 6 months based on our legi­ti­ma­te inte­rests (Art. 6 Para. 1 lit. f GDPR). from the end of the appli­ca­ti­on pro­cess (rejec­tion or with­dra­wal of the appli­ca­ti­on). The data will then be dele­ted and the phy­si­cal appli­ca­ti­on docu­ments des­troy­ed. The sto­rage ser­ves in par­ti­cu­lar for evi­den­tia­ry pur­po­ses in the event of a legal dis­pu­te. If it beco­mes clear that the data will be requi­red after the 6‑month peri­od has expi­red (e.g. due to an impen­ding or pen­ding legal dis­pu­te), dele­ti­on will only take place when the pur­po­se for fur­ther sto­rage no lon­ger appli­es.

Lon­ger sto­rage can also take place if you have given your con­sent (Art. 6 Para. 1 lit. a GDPR) or if legal reten­ti­on obli­ga­ti­ons con­flict with dele­ti­on.

Inclusion in the applicant pool

If we do not make you a job offer, it may be pos­si­ble to include you in our appli­cant pool. If you are accept­ed, all docu­ments and infor­ma­ti­on from the appli­ca­ti­on will be trans­fer­red to the appli­cant pool in order to cont­act you in the event of sui­ta­ble vacan­ci­es.

Inclu­si­on in the appli­cant pool occurs exclu­si­ve­ly on the basis of your express con­sent (Art. 6 Para. 1 lit. a GDPR). Pro­vi­ding con­sent is vol­un­t­a­ry and has no con­nec­tion to the ongo­ing appli­ca­ti­on pro­cess. The per­son con­cer­ned can revo­ke their con­sent at any time. In this case, the data will be irre­vo­ca­bly dele­ted from the appli­cant pool unless the­re are legal reasons for reten­ti­on.

The data from the appli­cant pool will be irre­vo­ca­bly dele­ted no later than two years after con­sent has been given.