Privacy Policy
1. Data processing in general
Name and address
The responsible party, according to the General Data Protection Regulations and various national data protection provisions of the member states of the European Union and other legal data privacy policies, is:
Proemion GmbH
Petersberger Straße 57a
36037 Fulda
Germany
Tel.: +49 661 9490 0
Fax: +49 661 9490 333
E-mail: info@proemion.com
Website: www.proemion.com
Name and address of the enforcing data protection officer
The responsible party appoints the following data protection officer (DPO):
BerIsDa GmbH
Justus-Liebig-Straße 4
36093 Künzell
Germany
Tel.: +49 661 29 69 80 90
Fax: +49 661 29 69 80 99
E-Mail: datenschutz@proemion.com
Website: www.berisda.de
1.1 Scope of personal data processing
We collect and process our user's (data subjects) personal information (data) solely to the extent necessary to maintain a functional website for providing our products and services. Data subjects' consent is routinely required to collect and process personal information. An exception applies in circumstances where it is impossible to obtain prior permission due to genuine reasons. The processing of data is permitted by law.
1.2 Legal basis for the processing of personal data
Once a data subjects' consent for processing personal data has been obtained, Article 6, Section 1(a) of the EU General Data Protection Regulation (GDPR) serves as the legal regulation for processing personal data.
When processing personal data, required for the performance of a contract whose party to the agreement is the data subject, Article 6, Section 1(b) of the GDPR shall apply. Such shall also apply to processing activities involving the performance of pre-contractual measures.
To the extent personal data processing becomes necessary to fulfill a legal obligation to which our company is subject, Article 6, Section 1(c) of the GDPR shall apply.
If crucial concerns regarding the interests of the data subject or another natural individual require personal data processing, Article 6, Section 1(d) of the GDPR shall apply.
Should the processing be necessary to safeguard our company or a third party's legitimate interests, and should the interests, fundamental rights, and freedom of the data subject not outweigh the interests of our company, Article 6, Section 1(f) of the GDPR shall apply to the processing.
1.3 Deleting data and data retention
Personal information regarding the data subject will be deleted or blocked once the purpose of storing no longer applies. Furthermore, data may be stored if the European or national legislature has stipulated such storage in EU regulations, laws, or other provisions under which the responsible party is bound. Data shall also be blocked or deleted in the event a storage period, as stipulated in the conditions mentioned above, expires, unless a need for extended storage of data arises, i.e., to conclude a contract meet contractual obligations.
2. Web hosting services
This website is hosted in-house. The personal data collected on this website is stored on the servers. This information typically includes IP addresses, contact requests, metadata and communication data, contract data, contact details, names, website access, and other data generated via the website.
The hoster is used to meet our contractual obligations towards our potential and current customers (Article 6, Section 1(b) of the GDPR) and in the interest of a secure, fast, and efficient availability of our online offer through a professional provider (Article 6, Section 1(f) of the GDPR).
Our hoster shall only process your data to the extent necessary to meet its performance obligations and adhere to our guidelines regarding such data.
We have concluded a Data Processing Agreement with our hoster regarding data processing to ensure your data's secure processing compliance with data privacy regulations.
3. Providing the website and creating log files
3.1 Description and scope of data processing
Whenever our website is accessed, our system automatically collects data and information from the visiting party's computer system.
The following data is collected:
- Information regarding the browser type and current browser version
- The user's operating system
- The user's internet service provider
- The user's IP address
- Access date and time
- Websites from which the user's computer system accesses our website
- Websites that are accessed by the user's computer system via our website
The data is also stored in the log files of our computer system. This data is not stored together with other personal user data.
3.2 Data processing compliance
The legal basis for the temporary storage of data and log files is Article 6, Section 1(f) of the GDPR.
3.3 Purpose of data processing
The temporary storage of the IP address by the computer system is necessary to enable the website to be transmitted to the user's computer. For this purpose, the user's IP address must remain stored for the session's duration.
The storage in log files is necessary to ensure website operation. We also use the data to optimize the website and provide our information technology systems' security. An evaluation of the data for marketing purposes is not performed in this context.
These objectives also include our legitimate interest in data processing per Article 6, Section1(f) of the GDPR.
3.4 Data Retention
The data shall be deleted once these are no longer required for their intended purpose. When data collection occurs to provide the website, ending the individual session results in deleted data.
In the event data is stored in log files; they are deleted within seven days at the very most. Additional data backup is available. In this event, the users' IP addresses will be deleted or altered, making it impossible to identify the contracting client.
3.5 Options regarding objections and deletion
The collection of data required for the website's availability and the storage of the data in log files is mandatory for the website's operation. Therefore, the user does not have the option to reject relevant data collection.
4. Cookie policy
4.1 Description and scope of data processing
Our website uses cookies. Cookies are small data files stored on your computer or another device when you visit a website. Once a user visits a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that uniquely identify the browser on subsequent visits to the website.
We use cookies to improve our website and enhance user experience. Several of our website features require visitor browser identification with each new page to navigate our website.
The following data is recorded and transmitted in cookies:
(1) IP address
We also use cookies on our website to analyze users' browsing behavior.
This enables the following data to be disclosed:
- Sites accessed
- Frequency in which sites are accessed
- Contents viewed
- Website features used
When accessing our website, the user is informed about cookies for evaluation purposes. His/her consent is obtained regarding the processing of personal data. Within this context, a reference to this privacy policy is also made.
4.2 Legal regulations regarding data privacy
Article 6, Section 1(f) of the GDPR regulates personal data processing regarding technically essential cookies.
Article 6, Section 1(a) of the GDPR regulates the processing of personal information regarding the use of analytics cookies, which require express user consent.
4.3 Purpose of processing data
The purpose of using technically essential cookies is to simplify your visit to our website. Several features of our website require the use of cookies. The browser must be recognized even in navigating to a new page.
We require cookies for the following applications:
- Language settings
- Track your searches
User data collected for technically essential cookies cannot create user profiles.
Analytics cookies are used to improve our website's quality and content. Analytic cookies help us better understand how you interact with our website and continuously improve our service.
These intentions serve as our legitimate interest in the processing of personal data according to Article 6, Section 1(f) of the GDPR.
4.4 Blocking, restricting, and deleting cookies
Cookies are stored on the user's computer and transmitted to our website. Therefore, as a user, you have full control of cookies. By changing your internet browser settings, you can deactivate or limit cookies' placement. Previously stored cookies can be deleted at any time. This can also be performed automatically. In the event cookies are deactivated for our website, this may result that not all features of our website can be used to their full extent.
5. Usercentrics cookie consent technology
This website implements Usercentrics cookie content technology to obtain your consent to the storage of certain cookies on your device or the use of specific technologies and document this consent in a manner compliant with data privacy provisions. Provider of this technology is Usercentrics GmbH, Rosental 4, 80331 Munich, Germany, Website:
https://usercentrics.com/de/ (from now on referred to as "Usercentrics").
In the event you visit our website, the following personal information is disclosed to Usercentrics:
- Your consent(s) or the revocation of your consent(s)
- Your IP address
- Information regarding your browser
- Information on your computer
- Time of your visit to the website
Besides, Usercentrics stores a cookie in your browser to allocate the consent you have given or revoked. The data collected in this manner is kept until you request us to delete it, delete the Usercentrics cookie itself, or the purpose for which the data is stored no longer applies. Mandatory legal storage obligations remain valid.
Usercentrics are implemented to obtain the legally required consent to use specific technologies. The legal basis for this is the GDPR, Article 6, Section 1(c).
Data Processing Agreement
We have concluded a Data Processing Agreement with Usercentrics regarding data processing. This is a contract stipulated by data privacy law that guarantees that Usercentrics processes our website visitors' personal information in compliance with the GDPR and adherent to our instructions.
6. Newsletter & content downloads
6.1 Description and scope of data processing
You can subscribe to a free newsletter on our website. When registering to receive the newsletter, data from the contact form is disclosed.
Also, the following data is collected during registration:
- The IP address of the visiting computer
- Registration date and time
Your consent to our data processing will be required/obtained during the registration process. Reference will be made to this privacy policy.
If you purchase goods or services on our website and enter your e-mail address, we may subsequently send you a newsletter to this e-mail address. The newsletter is only used to send direct advertising for our similar products or services in this event.
Processed data about the newsletter sent via e-mail will not be passed on to third parties. The data will be used exclusively for sending the newsletter.
6.2 Data privacy compliance
The processing of data upon a users' newsletter registration, in the event the user has given his consent, complies with Article 6, Section 1(a) of the GDPR, just as the sale of goods or services complies with Article 7, Section 3 of the German Unfair Competition Act (UWG).
6.3 Purpose of data processing
The data subject's e-mail address information is used to send the newsletter.
All other personal information collected for the registration process serves to prevent service and e-mail address fraud.
6.4 Data Retention
The data shall be deleted once these are no longer required for their intended purpose. Accordingly, the data subject's e-mail address is stored for the duration of an active subscription to the newsletter.
6.5 Options regarding objections and deletion
The user of the service may terminate the newsletter subscription at any time. A link is provided in each newsletter to unsubscribe.
6.6 Newsletter-Tracking
Our newsletters incorporate so-called tracking pixels. A tracking pixel is a thumbnail image embedded in e-mails sent out in HTML format to enable log file recording and log file analysis. Such information enables a statistical evaluation of online marketing campaigns' success or failure. With the help of embedded tracking pixels, we can identify if and when an e-mail was opened by a particular individual and which links were activated by that specific individual.
On behalf of the data subjects' best interests, the personal data collected via embedded newsletter tracking pixels are stored and evaluated by the data controller to optimize newsletter distribution and more effectively adapt the content of future newsletters. The provided personally identifiable information will not be passed on to third parties. Data subjects are entitled to revoke the respective consent submitted via the double opt-in procedure at any time. The data controller will delete your data upon revocation. An unsubscribed newsletter is automatically considered a cancellation from receiving the newsletter.
7. E-mail account
7.1 Description and scope of data processing
Our website and signatures therein provide e-mail addresses that can be used to contact us. In such a case, the data subject's data disclosed via e-mail will be stored.
The data in this regard will not be disclosed to third parties. The data will solely be reserved for processing the conversation.
7.2 Data processing compliance
The processing of data collected in sending an e-mail complies with Article 6, Section 1(f) of the GDPR. Suppose an e-mail correspondence involves the intent to conclude a contract. In that case, such processing complies with Article 6, Section 1(b) of the GDPR.
7.3 Purpose of data processing
Processing personal data solely serves the purpose of establishing communication. This is linked to our legitimate interest in processing the required data.
7.4 Data Retention
The data shall be deleted once these are no longer required for their intended purpose. Such is the case regarding personal data received via e-mail when the related conversation with the data subject has ended. A conversation ends when it can be concluded from the circumstances that the matter in question has been resolved.
7.5 Options regarding objections and deletion
uppose a data subject contacts us via e-mail. In that case, such individuals may object to the storage of their personal data at any time. In this event, the conversation cannot be commenced.
All personal data stored during contact will be deleted in such an event.
8. Contact form
8.1 Description and scope of data processing
Our website provides a contact form for electronic communication purposes. If the data subject chooses this option, the information entered in the form is stored and forwarded to us.
When sending the message, the following data is also stored:
- The user's IP address
- Registration date and time
Your consent will be required during the submitting transaction. Reference will be made to this privacy policy to process the data.
The data in this regard will not be disclosed to third parties. The data will solely be reserved for processing the conversation.
8.2 2. Data processing compliance
The processing of data collected with your consent complies with Article 6, Section 1(a) of the GDPR. In the event, correspondence involves the intent to conclude a contract. Processing such data complies with Article 6, Section 1(b) of the GDPR.
8.3 Purpose of data processing
The processing of personally identifying information entered on the contact form solely serves this purpose.
All further personal data processed during the mailing process prevents the misuse of the contact form and ensures our information technology systems' security.
8.4 Data Retention
The data shall be deleted once these are no longer required for their intended purpose. Regarding the personal data submitted in the contact form, this will be the case once the data subject's respective communication is ended. A conversation ends when it can be concluded from the circumstances that the matter in question has been resolved.
Additional personal data collected during the sending transaction will only be deleted upon request to process your request efficiently.
8.5 Options regarding objections and deletion
The data subject has the option to revoke their consent to the processing of personal data at any time. In this event, the conversation cannot be commenced.
All personal data stored during contact will be deleted in such an event.
9. Online application
9.1 Data collected
During your online application, we will collect and process the following personal application data from you:
- Name, first name
- Address
- Phone number
- Application forms (cover letter, resume, report cards, references, certificates, etc.)
- Date of birth
- Nationality
- Gender
9.2 Purpose of data collection/disclosure
Collection and processing of your personal application information are exclusively to fill vacancies within our company. As a matter of principle, your data will only be forwarded to our company's internal departments and specialized divisions, which are responsible for the specific application process. Your application data will not be disclosed without your prior express consent.
9.3 Retention period of application information
Your personal application data will be automatically deleted three months upon completing the application process as a rule. This does not apply in the event of legal provisions preventing deletion, if further storage becomes necessary for evidence or if you have expressly consented to prolonged storage.
9.4 Storing information for future job vacancies
Suppose we are unable to provide you a current vacancy but believe on the basis of your profile that your application may be of interest for future vacancies. In that case, we will store your personal application data for twelve months, provided you expressly consent to such storage and use.
9.5 Privacy regarding applications and the application process
The department responsible for processing applicants' personal data does so to handle the application procedure. The processing may also be performed electronically. This is particularly the case when an applicant sends application documents electronically, for example, via e-mail or by filling out a form located on the website. Suppose the responsible processing department concludes an employment contract with an applicant. In that case, the disclosed data will be stored to process the employment relationship in compliance with the statutory provisions. Suppose the application processing department does not conclude an employment contract with the applicant. In that case, the application documents shall automatically be deleted two months upon the rejection decision's notification, provided no other legitimate interests of the responsible application processing department prevent such action. Any other legitimate interest in this regard is, for example, a duty to provide evidence in proceedings under the General Equal Opportunity Act as it relates to the German "Allgemeinen Gleichbehandlungsgesetz (AGG)".
9.6 Personio
Data transmitted as part of your application will be transferred using TLS encryption and stored in a database. This database is operated by Personio GmbH, which offers a human resource and applicant management software solution (https://www.personio.com/legal-notice/).
The data you create/transmit for the purpose of your application is stored on the servers of Personio.
Legal basis
Article 6, Section 1(a) of the GDPR regulates the processing of the data. The website operator will obtain a corresponding consent from you.
You may revoke your consent at any time. The lawfulness of the data processing operations already carried out remains unaffected by the revocation.
Data Processing Agreement
We have concluded a Data Processing Agreement with Personio regarding data processing. This is a contract stipulated by data privacy law that guarantees that Personio processes our website visitors' personal information in compliance with the GDPR and adherent to our instructions.
10. Rights of the data subject
In the event, your personal data is processed by us, you are a data subject as defined under the GDPR, and you are entitled to the following rights towards the responsible party:
10.1 The right to access information
You may request confirmation from the responsible party regarding whether we are processing personal data on your behalf.
In the event of such processing, you may request the following information from the responsible party:
- the purpose for which the personal data are being processed;
- the categories of personally-identifying information being processed;
- the recipients or categories of recipients to whom the personal data regarding oneself has been or will be disclosed;
- the intended duration of personal data storage regarding oneself or, in the event-specific details are not possible, criteria for determining the retention period;
- the right to exercise the rectification or erasure of personal data regarding oneself, a right to limit processing by the responsible party, and a right to object to such processing;
- the right of appeal with a supervisory authority;
- all available information regarding the origin of the data, in the event the personally identifiable data was not collected from the data subject;
- the existence of an automated data processor, including profiling, by Article 22, Section 1 and 4 of the GDPR and, at least in these events, conclusive information regarding the logic involved and the scope and intended consequences of such processing for the data subject.
You have the right to request information about whether personal data concerning you is being disclosed to a third country or an international organization. In this context, you may request to be informed of the appropriate safeguards according to Article 46 of the GDPR related to the disclosure of information.
10.2The right to rectification
You have a right to rectify and/or completion by the responsible party in the event of inaccurate or incomplete processing of your data. The party responsible is required to correct the data without delay.
10.3 The right to restrict processing
You may request the restriction of personal data processing regarding yourself under the following circumstances:
- when you deny the accuracy of your personally identifying data for a period in which the responsible party can verify the accuracy of the personal data;
- processing proves to be unlawful, and you object to the removal of the personal data and request instead of the restriction of personal data processing;
- the responsible party no longer requires the personal data for processing, but you need them for the establishment, exercise, or defense of legal claims, or
- in the event you have objected to the processing under Article 21, Section 1 of the GDPR. It has not yet been determined whether the responsible party's legitimate grounds override your interests.
In the event the processing of your personal data has been restricted, such data may, except for being stored, be processed only with your consent or for the establishment, exercise, or defense of legal claims or the protection of the rights of another natural or legal individual or for reasons of substantial public interest of the European Union or a member state.
Suppose a limitation of the processing restriction has been imposed in accordance with the above circumstances. In that case, you will be informed by the responsible party before the limitation is lifted.
10.4 The right to request deletion
a) Obligation to delete
You may request the responsible party to delete your personal data without unreasonable delay, and the responsible party is obligated to delete such data without little delay in the event one of the following reasons apply:
- Your personal data is no longer necessary for the purpose for which they were collected or otherwise processed.
- You revoke your consent for which the processing was based under Article 6, Section 1(a) or Article 9, Section 2(a) of the GDPR. There remains no other legal basis for the processing of data.
- You object to the processing under Article 21, Section 1 of the GDPR. There remain no overriding legitimate grounds for the processing, or you object to the processing under Article 21, Section 2 of the GDPR.
- The personal data regarding your information have been processed unlawfully.
- The removal of the personal data concerning you is required for compliance with a legal obligation under European Union or member state law to which the responsible party is subject.
- Your personal data has been collected in connection with a Society Information Services offered under Article 8, Section 1 of the GDPR.
b) Information provided to third parties
In the event, the responsible party has made your personal data public. It is required to delete it under Article 17, Section 1 of the GDPR. The responsible party shall take reasonable steps, including technical measures, about available technology and the cost of implementation, to inform those data controllers who process the personal data that you, as the data subject, have requested that they erase all links to or copies or replications of such personal data.
c) Exceptions
The right to deletion does not exist insofar as the processing is required
- to exercise the right to freedom of expression and information;
- to comply with a legal obligation which requires processing under European Union or Member State law to which the responsible party is subject, or for the performance of a task carried out in the interest of the public or the exercise of official authority vested in the responsible party;
- for reasons of public interest in the scope of public health by Article 9, Section 2(h) and (i) and Article 9, Section 3 of the GDPR;
- For archival purposes in the public interest, scientific or historical research purposes, or statistical purposes under Article 89, Section 1 of the GDPR, insofar as the right referred to in part (a) is likely to render impossible or seriously prejudice the achievement of the purposes of such processing, or
- for the enforcement, exercise, or defense of legal claims.
10.5 The right to be informed
In the event you have exercised the right to rectification, deletion, or restriction of processing towards the responsible party, the responsible party is obligated to communicate this rectification or deletion of data to all recipients to whom the personal data in your regards have been disclosed unless this proves impossible or involves a disproportionate effort.
You have the right to be informed about these recipients by the responsible party.
10.6 The right to transferable data
You have the right to receive the personal data you have provided to the responsible party in a structured, standard, and machine-readable format. Also, you have the right to transmit this data to another responsible party without hindrance from the responsible party to whom the personal data was supplied, provided that
- the processing is based on consent under Article 6, Section 1(a) of the GDPR or Article 9, Section (a) of the GDPR or a contract drawn under Article 6, Section 1(b) of the GDPR and
- the processing is carried out with the help of automated procedures.
In exercising this right, you also have the right to obtain those personal data concerning you, which get transferred directly from one responsible party to another responsible party, insofar as this is technically feasible. The freedom and rights of other individuals must not be affected by this.
The right to data portability does not apply to the processing of personal data required for a task's performance in the public interest or the exercise of official authority vested in the responsible party.
10.7 Right to object
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you, which is carried out based on Article 6, Section 1(e) or (f) of the GDPR; this also applies to profiling based on these provisions.
The responsible party shall no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds regarding the processing, which override your interests, rights, and freedom, or for the establishment, exercise, or defense of legal claims.
Suppose the personal data concerning you is processed for direct marketing. In that case, you have the right to object at any time to the processing of personal data concerning you for such marketing; this also applies to profiling, insofar as it is related to such direct marketing practices.
Suppose you object to processing for direct marketing purposes. In that case, the personal data concerning you will no longer be processed for these purposes.
Regarding the use of Information Society Services, regardless of Directive 2002/58/EC, you have the option to exercise your right to object using automated procedures using technical specifications.
10.8 Right to revoke ones' consent to the privacy policy
You have the right to revoke your consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent until revoked. You may send the cancellation either by mail, e-mail, or fax to the responsible party.
10.9 The automated decision regarding individual cases, including profiling
You have the right not to be subject to a decision based solely on automated processing - including profiling - which poses legal ramifications for you or any similarly significant manner of impact on you. This does not apply in the event the decision
- is required for the conclusion or performance of a contract between you and the responsible party,
- is permitted by the legislation of the European Union or the Member States to which the responsible party is subject and that legislation maintains appropriate measures to safeguard your rights and freedom and your legitimate interests, or
- is done with your express consent.
However, these decisions may not be based on specific categories of personal data under Article 9, Section 1 of the GDPR, unless Article 9, Section 2(a), or (g) of the GDPR applies. Appropriate measures have been taken to protect the rights and freedom and your legitimate interests.
Concerning the cases referred to in (1) and (3), the responsible party shall take reasonable steps to safeguard the rights and freedom of, and the legitimate interests of the data subject, which shall include, at least, the right to obtain the intervention of an individual on the part of the responsible party, to express his or her point of view and to challenge the decision.
10.10 Right to file a complaint with a regulatory authority
Without affecting any other administrative or judicial remedy, you have the right to file a complaint with a supervisory authority, in particular in the Member State of your residence, place of work, or the place of the alleged infringement, in the event you consider the processing of personal data relating to you infringes the GDPR.
The supervisory authority to which the complaint has been submitted shall inform the plaintiff of the filed complaint's status and outcome, including the option of a judicial appeal under Article 78 of the GDPR.
11. SSL encryption
This site uses SSL encryption for security purposes. It protects confidential content disclosure, such as the inquiries you send to us as the site operator. You will recognize an encrypted connection by the fact that the browser address bar changes from "http://" to "https://" and by the lock symbol in your browser toolbar.
If SSL encryption is activated, the data you disclose to us cannot be read by third parties.
12. Content delivery network (Cloudflare)
We utilize the service "Cloudflare". The provider is Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA (hereinafter referred to as "Cloudflare").
Cloudflare provides a worldwide content delivery network using DNS. Technically, the disclosure of information between your browser and our website is conducted via the Cloudflare network. This enables Cloudflare to analyze traffic between your browser and our website and serve as a filter between our servers and potentially malicious traffic on the internet. In doing so, Cloudflare implements cookies or other technologies regarding the recognition of internet users, which are only used for the purpose indicated herein.
Cloudflare is a certified partner of the "EU-US Privacy Shield Framework". Cloudflare is committed to processing all personal data received from the European Union (EU) member states by the "Privacy Shield Framework".
We implement Cloudflare to provide maximum accuracy and safety of our website contents and service (Article 6, Section 1(f) GDPR).
For additional information regarding security and privacy at Cloudflare, please visit: https://www.cloudflare.com/privacypolicy/.
13. Google Tag Manager
This website implements the Google Tag Manager from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is implemented to manage website tags through one interface and control the exact integration of services on our website. This allows us to flexibly integrate additional services to evaluate data subject access to our website.
The implementation of Google Tag Manager is based on our legitimate interests, i.e., interest in optimizing our services by Article 6, Section 1(f) of the GDPR.
For more information about Google Tag Manager privacy practices can be found at https://policies.google.com/privacy?hl=en and terms of use at https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/
14. Google Analytics
This website implements features of the web analysis service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics allows the website operator to analyze the behavior of website visitors. The website operator receives various data regarding usage, such as page views, duration of visit, operating systems used, and origin of the user. Google may summarize this data in a profile assigned to the respective user or their end device.
Google Analytics uses technologies that enable the recognition of the data subject to analyze user behavior (e.g., cookies or device fingerprinting). The information collected by Google regarding this website's use is usually disclosed to a Google server in the United States of America and stored there.
This analysis tool's implementation is conducted based on Article 6, Section 1(f) of the GDPR. The website operator holds a legitimate interest in analyzing user behavior to optimize its web services and advertising. If an individual consent has been requested (e.g., a license to store cookies), the processing is exclusively based on Article 6, Section 1(a) of the GDPR; the consent may be revoked at any time.
1. IP anonymization
We have activated the IP anonymization feature on this website. This means that Google shortens your IP address within member states of the European Union or in other contracting states of the agreement on the European Economic Area before being disclosed to the United States of America. Only in rare cases will the full IP address be revealed to a Google server in the United States of America and shortened there. On behalf of this website's provider, Google will use this information to evaluate your use of the website to compile reports on website activity for website operators and further provide other services related to website activity and internet usage. Within the scope of Google Analytics, IP addresses from your browser will not be merged with any other Google data.
More information on the handling of user data at Google Analytics can be found in the Google privacy policy: https://support.google.com/analytics/answer/6004245?hl=en
2. Demographic characteristics at Google Analytics
This website utilizes the "demographic features" of Google Analytics. This allows reports to be created containing statements regarding the age, gender, and interests of site visitors. This data is derived from interest-based advertising from Google and visitor data from third-party providers. This data cannot be assigned to a specific individual. You can deactivate this feature at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown under the setting option "Objection to data collection".
3. Retention period
Data stored by Google at user and event-level, linked to cookies, user identifiers (e.g., User ID), or advertising IDs (e.g., DoubleClick cookies, Android advertising ID) is anonymized or deleted after 14 months. Details can be found under the following link: https://support.google.com/analytics/answer/7667196?hl=en
15. Doubleclick Ad Exchange
This website implements Google DoubleClick features. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland (from now on referred to as "DoubleClick"). DoubleClick is implemented to show you interest-based ads across the Google advertising network. The ads can be targeted to the respective viewer's interests with the help of DoubleClick. For example, our advertising may be displayed in Google search results or advertising banners associated with DoubleClick.
DoubleClick must recognize the respective viewer and assign to them the web pages visited clicks, and other information on user behavior to display interest-based advertising to users. DoubleClick sets cookies or comparable recognition technologies (e.g., device fingerprinting). The collected data is combined into a pseudonymous user profile to display interest-based advertising to the relevant user.
Google DoubleClick is implemented in the interest of targeted advertising measures. This constitutes a legitimate interest within the scope of Article 6, Section 1(f) of the GDPR. If an individual consent has been requested (e.g., permission to store cookies), the processing is exclusively based on Article 6, Section 1(a) of the GDPR; the consent may be revoked at any time.
For more information on how to object to the advertisements displayed by Google, please refer to the following links: https://policies.google.com/technologies/ads and https://adssettings.google.com/authenticated
16. LinkedIn Plugin
Our website implements features of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time one of our pages containing LinkedIn features is accessed, a connection to LinkedIn servers is established. LinkedIn is informed when you visit our website with your IP address. Suppose you click the "Recommend Button" of LinkedIn and are logged into your account at LinkedIn. In that case, LinkedIn can assign your visit to our website to you and your user account. We point out that we, as the provider of the pages, do not know the content of the disclosed data and their use by LinkedIn.
The LinkedIn plugin's implementation is conducted based on Article 6, Section 1(f) of the GDPR. The website operator has a legitimate interest in ensuring the most excellent possible visibility in social media. If an individual consent was requested, the processing is exclusively based on Article 6, Section1(a) of the GDPR; the license can be revoked at any time.
You will find additional information in this regard under the LinkedIn privacy policy here: https://www.linkedin.com/legal/privacy-policy
17. YouTube enhanced privacy
This website embeds videos from the YouTube platform. The pages' operator is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
We implement YouTube in an extended data protection setting. According to YouTube, this setting causes YouTube to store information regarding visitors to this website before they watch the video. The disclosure of data to YouTube partners, on the other hand, is not necessarily excluded by the extended data protection setting. This is how YouTube connects to the Google DoubleClick network - regardless of whether you watch a video.
As soon as you start a YouTube video on this website, a connection to YouTube's servers is established. This tells the YouTube server which of our pages you have visited.
Suppose you are logged into your YouTube account. In that case, you enable YouTube to assign your surfing behavior directly to your profile. You can prevent this by logging out of your YouTube account.
Furthermore, after starting a video, YouTube may store various cookies on your end device or use comparable recognition technologies (e.g., device fingerprinting). In this manner, YouTube may obtain information regarding visitors to this website. This information is implemented, among other things, to collect video statistics, improve user experience, and prevent fraud attempts.
Under certain circumstances, further data processing operations may be triggered after the start of a YouTube video, over which we have no control.
We implement YouTube to provide an appealing presentation of our online offers. This constitutes a legitimate interest within the context of Article 6, Section 1(f) of the GDPR. In the event a relevant consent was requested, the processing is carried out exclusively in compliance with Article 6, Section 1(a) of the GDPR; the license can be revoked at any time.
For additional information regarding privacy at YouTube, please refer to their privacy policy at https://policies.google.com/privacy?hl=en.
18. Google Ads
The website operator implements Google Ads. Google Ads is an online advertising program under Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. Google Ads allows us to display advertisements in the Google search engine or third-party websites when they enter specific search terms on Google (keyword targeting). Furthermore, targeted advertisements can be played out based on the user data available at Google (e.g., location data and preferences) (target group targeting). As a website operator, we can quantitatively evaluate this data by analyzing, for example, which search terms led to our advertisements' activation and how many ads resulted in corresponding clicks.
The implementation of Google Ads conforms to Article 6, Section 1(f) of the GDPR. The website operator has a legitimate interest in marketing its products and services as effectively as possible.
19. Google Maps
This site implements the Google Maps service via API. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
To use the Google Maps features, it is necessary to store your IP address. The collected information through the placement of cookies will usually be disclosed to and stored by Google on a server in the United States of America.
The provider of this site does not influence this data disclosure.
Google Maps is implemented in the interest of an appealing presentation of our online offers and to make it easy to find the places we indicate on the website. This constitutes a legitimate interest within the context of Article 6, Section 1(f) of the GDPR. If an individual consent was requested, the processing is exclusively based on Article 6, Section1(a) of the GDPR; the license can be revoked at any time.
More information on user data management can be found in Google's privacy policy: https://policies.google.com/privacy?hl=en
20. Google Web Fonts
This site implements web fonts provided by Google to facilitate the uniform display of fonts. If you call up a page, your browser loads the required web fonts into its browser cache to display texts and fonts correctly. Google fonts are installed locally. A connection to Google servers does not take place. If your browser does not support web fonts, a default font is used by your computer.
Further information regarding Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy/
21. Google reCAPTCHA
We implement "Google reCAPTCHA" (from now on referred to as "reCAPTCHA") on this website. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA is to verify whether the data entered on this website (e.g., in a contact form) is made by an individual or by an automated program system. For this purpose, reCAPTCHA analyses the website visitor's behavior based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For analysis purposes, reCAPTCHA evaluates different information (e.g., IP address, time spent on the website by a particular visitor, or mouse movements made by the user). The data collected during the analysis will be forwarded to Google.
The reCAPTCHA analyses run entirely in the background. Website visitors are not made aware that an analysis is taking place.
The data storage and analysis are conducted based on Article 6, Section 1(f) of the GDPR. The website operator has a legitimate interest in protecting its web offers from fraudulent automated spying and SPAM. If an individual consent was requested, the processing is exclusively based on Article 6, Section1(a) of the GDPR; the license can be revoked at any time.
For more information about Google reCAPTCHA, please refer to the Google Privacy Policy and the Google Terms of Service at the following links: https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en
22. Bootstrap (JSDelivr CDN)
On this website, the Bootstrap technology is used for a modern design and presentation of the offered content on different end devices. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. To increase the loading speed of the website, we use the JSDelivr CDN (Content Delivery Network) by Prospect One to deliver libraries to your browser. It is possible that you have already downloaded one of these libraries by visiting another JsDelivr website. In this case, your browser will fall back to the cached copy. If your browser does not have a cached copy, or if for some other reason it should download the file from the JSDelivr CDN, then your IP address will be transmitted to the provider Prospect One during the connection to the JSDelivr CDN server. This service is provided by Prospect One, Krolewska 65a, Krakow, Malopolskie 30-081, Poland. For more information about Prospect One's privacy policy, please visit: https://www.jsdelivr.com/terms/privacy-policy-jsdelivr-net
23. jQuery
We use jQuery CDN to properly deliver the content of our website. jQuery CDN is a service of jQuery, which acts as a content delivery network (CDN) on our website.
A CDN helps to provide content from our online offering, especially files such as graphics or scripts, more quickly using regionally or internationally distributed servers. When you access this content, you establish a connection to jQuery servers, whereby your IP address and, if applicable, browser data such as your user agent are transmitted. This data is processed solely for the above purposes and to maintain the security and functionality of jQuery CDN.
The use of the Content Delivery Network is based on our legitimate interests, i.e. interest in a secure and efficient provision as well as the optimization of our online offer according to Art. 6 para. 1 lit. f. DSGVO.
Further information can be found in the privacy policy for jQuery CDN: https://openjsf.org/wp-content/uploads/sites/84/2021/04/OpenJS-Foundation-Privacy-Policy-2019-11-15.pdf
24. Pardot
We implement the Pardot Marketing Automation System ("Pardot MAS") from Pardot LLC, 950 E. Paces Ferry Rd. Suite 3300 Atlanta, GA 30326, USA ("Pardot"). Pardot provides special software for recording and analyzing a website's use among website visitors. When you visit our website, Pardot MAS records your navigation path via mouse clicks and compiles an individual user profile based on a pseudonym. For this purpose, cookies are used, which allow your browser to be recognized. By agreeing to the use of cookies when visiting our website for the first time through the confirmation of the so-called cookie acceptance banner or by continuing to use our website, you also agree to the setting of cookies derived from Pardot. You may revoke your consent at any time, taking immediate effect for the future. To do so, please contact the responsible party mentioned above. You may also deactivate the pseudonymized user profile feature at any time by configuring your internet browser so that cookies from the domain "pardot.com" are not accepted. However, this may lead to certain restrictions on the features and user-friendliness of our offer.
25. Microsoft Clarity
This website implements Microsoft Clarity for the analysis of website interactions. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA (referred to as "Microsoft Clarity ").
Microsoft Clarity is a service that can be used to create session records, heat maps, and ML Insights.
The data you create/transmit stored on Microsoft Clarity's servers.
For more information about the features of Microsoft Clarity, please visit: https://privacy.microsoft.com/de-de/privacystatement
Legal basis
Article 6, Section 1(a) of the GDPR regulates the data's processing.
The website operator will obtain corresponding consent from you (e.g., consent to the storage of cookies).
You may revoke your consent at any time. The lawfulness of the data processing operations already carried out remains unaffected by the revocation.
Retention period
The data you have deposited with us for Microsoft Clarity will be stored for up to 12 months and then deleted.
You can find more details in the Microsoft Clarity data protection regulations at https://privacy.microsoft.com/de-de/privacystatement
Microsoft Clarity commits itself in its Online Service Terms. It uses the EU standard contract clauses to guarantee the data's protection.
26. Elfsight LLC
We have embedded third-party content on our website. This content is made available by Elfsight, LLC, 0015, Armenia, Yerevan, Paronyana, 19/3, 201. All information is processed in agreement with their privacy policy - https://elfsight.com/privacy-policy/