Privacy policy

1. Data protection at a glance

General information

So that you don't have to read 20 pages of data protection information, the most important information about what happens to your personal data is briefly summarized here. If you want to read all the details, just keep scrolling.

Who is responsible for data processing?

The data processing is carried out by the person responsible or the natural or legal person who makes the offer available. In this case, the person responsible is:

Pexonix eU

How do we collect your data?

On the one hand, your data is collected when you communicate it to us. This may, for example, be data that you enter in a contact form.

Other data is collected automatically or with your consent when you visit the website or use our services through the IT systems. This is primarily technical data (e.g. Internet browser or operating system) or data that is necessary to provide the service (e.g. your email address).

What do we use your data for?

Some of the data is collected to ensure that the website or service is provided without errors. Other data may be used, with your consent, to analyze your user behavior.

What rights do you have regarding your data?

The General Data Protection Regulation grants you extensive rights when your personal data is processed. You have the right to obtain information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or, under certain conditions, the deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. In addition, you have the right to request the restriction of the processing of your personal data under certain circumstances. You also have the right to lodge a complaint with the responsible supervisory authority.

2. General information and mandatory information

Note on the responsible body

The responsible body for data processing is:

Pexonix eU

E-Mail: [email protected]

The responsible body is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).

purpose of processing

Your personal data is processed primarily to provide or improve our services. This may be based on a contract with you (Art. 6 Para. 1 lit. b GDPR), a legal obligation (Art. 6 Para. 1 lit. c), your consent (Art. 6 Para. 1 lit. a GDPR) or our legitimate interest (Art. 6 Para. 1 lit. f GDPR).

storage period

Unless a more specific storage period has been specified within this data protection declaration, your personal data will remain with us until the purpose for data processing no longer applies. If you make a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have another legally permissible purpose.

There are reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, deletion will take place once these reasons no longer apply.

rights of those affected

You can request information in accordance with Art. 15 GDPR from the data controller about the data stored about you and, under certain conditions, request the correction in accordance with Art. 16 GDPR or the deletion in accordance with Art. 17 GDPR of your data using the contact details above. You may also have the right to restrict the processing of your data in accordance with Art. 18 GDPR.

If the data processing is based on Art. 6 (1) (f) GDPR, you also have the right to object to the data processing taking place for reasons arising from your particular situation (Art. 21 GDPR). The right of objection does not exist if there is a compelling interest in the processing which outweighs your interests or if a legal provision requires the processing.

If the data processing is based on Art. 6 (1) (a) GDPR, you also have the right to revoke your consent at any time with effect for the future. The data processing carried out to date remains unaffected by the revocation. Furthermore, you may have the right to have the data you have provided released in a structured, common and machine-readable format in accordance with Art. 20 GDPR.

right to lodge a complaint with the competent supervisory authority

In the event of violations of the GDPR, those affected have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged violation. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.

3. Hosting and Content Delivery Networks (CDN)

External hosting

This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster's servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website.

The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 Para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 Para. 1 lit. f GDPR).

Our host will only process your data to the extent necessary to fulfill its service obligations and will follow our instructions regarding this data.

We use the following hoster:

Corporate HQ

400 North Saint Paul St.

Suite 920

Dallas, Texas 75201

(888) 732-4197

conclusion of a contract for order processing

In order to ensure data protection-compliant processing, we have concluded a contract for order processing with our host.

server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

Browser type and browser versionOperating system usedReferrer URLHost name of the accessing computerTime of the server requestIP address

This data will not be merged with other data sources.

This data is collected on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website - for this purpose, the server log files must be recorded.

GoDaddy

We use the service “GoDaddy”. The provider is Corporate Headquarters, 2155 E. GoDaddy Way Tempe, AZ 85284 USA (hereinafter “GoDaddy”).

GoDaddy offers a globally distributed content delivery network with DNS. Technically, the transfer of information between your browser and our website is routed through GoDaddy's network. This enables GoDaddy to analyze the traffic between your browser and our website and to act as a filter between our servers and potentially malicious traffic from the Internet. GoDaddy may also use cookies or other technologies to recognize Internet users, but these are only used for the purpose described here.

The use of GoDaddy is based on our legitimate interest in providing our website as error-free and secure as possible (Art. 6 para. 1 lit. f GDPR).

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:https://www.godaddy.com/de-de/legal/agreements/data-processing-addendum

For more information about security and privacy at GoDaddy, please see:https://www.godaddy.com/de-de/legal/agreements/privacy-policy#id-4c4731e1-f2b1-4215-885b-38250197c52e

conclusion of a contract for order processing

In order to ensure data protection-compliant processing, we have concluded a contract for order processing with GoDaddy.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the website operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you send to us cannot be read by third parties.

Encrypted payment transactions on this website

If, after concluding a paid contract, you are obliged to provide us with your payment details (e.g. account number for direct debit authorization), these details will be required to process the payment.

Payment transactions using common payment methods (Visa/MasterCard, direct debit) are carried out exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

With encrypted communication, your payment data that you send to us cannot be read by third parties.

Note on data transfer to the USA

The website uses programs from companies based in the USA. If you actively use these programs, your personal data may be transmitted to the servers of the respective companies. The USA is not a safe third country within the meaning of the GDPR. This may be due, among other things, to the fact that US companies are obliged to release personal data to security authorities without you as the data subject being informed or being able to take legal action against it. This also allows secret services, for example, to use this data for surveillance purposes. We have no influence on these processing activities.

4. Data collection on this website

Cookies

Our websites use so-called "cookies". Cookies are small text files and do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or they are automatically deleted by your web browser.

In some cases, cookies from third-party companies may also be stored on your device when you visit our website (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary because certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or to display advertising.

Cookies that are required to carry out electronic communications (necessary cookies) or to provide certain functions you require (functional cookies, e.g. for the shopping cart function) are stored on the basis of Art. 6 (1) (f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies to ensure technically error-free and optimized provision of its services. If consent to store cookies has been requested, the cookies in question will be stored exclusively on the basis of this consent (Art. 6 (1) (a) GDPR), for example if cookies are used to measure the web audience; consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately in this data protection declaration and, if necessary, ask for your consent.

Cookie consent with ...

contact form

If you send us inquiries using the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6 (1) (b) GDPR if your request is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 (1) (f) GDPR) or on your consent (Art. 6 (1) (a) GDPR) if this was requested.

The data you enter in the contact form will remain with us until you request deletion, revoke your consent to storage or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.

Inquiry by email, telephone or fax

If you contact us by email, telephone or fax, your request, including all personal data resulting from it (name, request), will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.

The data you send to us via contact requests will remain with us until you request deletion, revoke your consent to storage or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular statutory retention periods - remain unaffected.

communication via WhatsApp

To communicate with our customers and other third parties, we use the instant messaging service WhatsApp. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Communication takes place via end-to-end encryption (peer-to-peer), which prevents WhatsApp or other third parties from gaining access to the communication content. However, WhatsApp receives access to metadata that is generated during the communication process (e.g. sender, recipient and time). We would also like to point out that WhatsApp says it shares its users' personal data with its US-based parent company Facebook. Further details on data processing can be found in WhatsApp's privacy policy at:https://www.whatsapp.com/legal/#privacy-policy.

The use of WhatsApp is based on our legitimate interest in communicating with customers, interested parties and other business and contractual partners as quickly and effectively as possible (Art. 6 Para. 1 Clause 1 Letter f GDPR). If consent has been requested, data processing will be carried out exclusively on the basis of consent; this can be revoked at any time with effect for the future.

The communication content exchanged between and on WhatsApp remains with us until you request us to delete it, revoke your consent to storage or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.

We use WhatsApp in the “WhatsApp Business” variant.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:https://www.whatsapp.com/legal/business-data-processing-terms?lang=de

We have set up our WhatsApp accounts so that it does not automatically synchronize data with the address book on the smartphones in use.

We have concluded a contract for order processing with WhatsApp.

registration on this website

You can register on this website to use additional functions on the site. We only use the data you enter for the purpose of using the respective offer or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject the registration.

For important changes, such as changes to the scope of our services or technically necessary changes, we will use the email address you provided during registration to inform you in this way.

The data entered during registration is processed for the purpose of implementing the user relationship established by the registration and, if necessary, for initiating further contracts (Art. 6 para. 1 lit. b GDPR).

The data collected during registration will be stored by us for as long as you are registered on this website and will then be deleted. Statutory retention periods remain unaffected.

5. Social media

Data processing by social networks

We maintain publicly accessible profiles on social networks. The social networks we use in detail can be found below.

Social networks such as Facebook, Twitter, etc. can generally analyze your user behavior comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media presences triggers numerous data protection-relevant processing operations. In detail:

If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies that are stored on your device or by recording your IP address.

Using the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be shown to you both inside and outside of the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are or were logged in.

Please also note that we cannot track all processing operations on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and data protection provisions of the respective social media portals.

legal basis

Our social media presence is intended to ensure the most comprehensive possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 Para. 1 lit. a GDPR).

Responsible person and assertion of rights

If you visit one of our social media sites (e.g. Facebook), we and the operator of the social media platform are jointly responsible for the data processing operations triggered during this visit. You can generally assert your rights (information, correction, deletion, restriction of processing, data portability and complaints) both against us and against the operator of the respective social media portal (e.g. Facebook).

Please note that despite our shared responsibility with the social media portal operators, we do not have full influence on the data processing procedures of the social media portals. Our options are largely determined by the company policy of the respective provider.

storage period

The data we collect directly via the social media presence is deleted from our systems as soon as the purpose for storing it no longer applies, you request deletion, revoke your consent to storage or the purpose for storing the data no longer applies. Stored cookies remain on your device until you delete them. Mandatory legal provisions - in particular retention periods - remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

Social networks in detail

Facebook

We have a profile on Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. According to Facebook, the data collected is also transferred to the USA and other third countries.

We have concluded a joint processing agreement with Facebook (Controller Addendum). This agreement specifies which data processing operations we or Facebook are responsible for when you visit our Facebook page. You can view this agreement at the following link:https://www.facebook.com/legal/terms/page_controller_addendum.

You can adjust your advertising settings yourself in your user account. To do so, click on the following link and log in:

https://www.facebook.com/settings?tab=ads.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:https://www.facebook.com/legal/EU_data_transfer_addendumandhttps://de-de.facebook.com/help/566994660333381.

For details, please see Facebook’s privacy policy:https://www.facebook.com/about/privacy/.

Instagram

We have a profile on Instagram. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum
,
https://help.instagram.com/519522125107875
and
https://de-de.facebook.com/help/566994660333381.

For details on how they handle your personal data, please see Instagram’s privacy policy:https://help.instagram.com/519522125107875.

We have a profile on Pinterest. The operator is Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland. Details on how they handle your personal data can be found in Pinterest's privacy policy:https://policy.pinterest.com/de/privacy-policy.

YouTube

We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on how they handle your personal data can be found in YouTube's privacy policy:https://policies.google.com/privacy?hl=de.

6. Analysis tools and advertising

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior of website visitors. The website operator receives various usage data, such as page views, length of stay, operating systems used and origin of the user. This data may be summarized by Google in a profile that is assigned to the respective user or their device.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.

This analysis tool is used on the basis of Art. 6 (1) (f) GDPR (without the use of cookies). The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR; the consent can be revoked at any time.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:https://privacy.google.com/businesses/controllerterms/mccs/.

IP anonymization

We have activated the IP anonymization function on this website. This means that your IP address will be shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

browser plugin

You can prevent Google from collecting and processing your data by downloading and installing the browser plug-in available under the following link:https://tools.google.com/dlpage/gaoptout?hl=de.

For more information on how Google Analytics handles user data, please see Google’s privacy policy:https://support.google.com/analytics/answer/6004245?hl=de.

order processing

We have concluded a data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Demographic characteristics in Google Analytics

This website uses the "demographic characteristics" function of Google Analytics to be able to show website visitors suitable advertisements within the Google advertising network. This enables reports to be created that contain information about the age, gender and interests of the site visitors. This data comes from interest-based advertising from Google as well as from visitor data from third parties. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the "Objection to data collection" section.

Google Analytics eCommerce tracking

This website uses the "E-Commerce Tracking" function of Google Analytics. With the help of e-commerce tracking, the website operator can analyze the purchasing behavior of website visitors in order to improve its online marketing campaigns. Information such as orders placed, average order values, shipping costs and the time from viewing to purchasing a product is recorded. This data can be summarized by Google under a transaction ID that is assigned to the respective user or their device.

storage period

Data stored by Google at the user and event level that is linked to cookies, user IDs (e.g. user ID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) is anonymized or deleted after 14 months. You can find details at the following link:https://support.google.com/analytics/answer/7667196?hl=de

Google
Ads

The website operator uses Google Ads. Google Ads is an online advertising program from Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms into Google (keyword targeting). In addition, targeted advertisements can be displayed based on the user data available to Google (e.g. location data and interests) (target group targeting). We as website operators can evaluate this data quantitatively, for example by analyzing which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks.

The use of Google Ads is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in marketing its services and products as effectively as possible. The use of Google Ads in combination with advertising cookies is based exclusively on Art. 6 Para. 1 lit a GDPR.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:https://privacy.google.com/businesses/controllerterms/mccs/.

Google AdSense (not personalized)

This website uses Google AdSense, a service for integrating advertisements. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

We use Google AdSense in "non-personalized" mode. In contrast to personalized mode, the advertisements are not based on your previous user behavior and no user profile is created of you. Instead, so-called "context information" is used when selecting the advertisement. The selected advertisements are then based on, for example, your location, the content of the website you are on or your current search terms. You can find out more about the differences between personalized and non-personalized targeting with Google AdSense at:https://support.google.com/adsense/answer/9007336.

Please note that even when using Google Adsense in non-personalized mode, cookies or similar recognition technologies (e.g. device fingerprinting) may be used. According to Google, these are used to combat fraud and abuse.

The use of AdSense is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in marketing its website as effectively as possible. If consent has been requested, processing will be carried out exclusively on the basis of Art. 6 (1) (a) GDPR; consent can be revoked at any time.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:https://privacy.google.com/businesses/controllerterms/mccs/.

You can adjust your advertising settings yourself in your user account. To do so, click on the following link and log in:https://adssettings.google.com/authenticated.

Further information about Google's advertising technologies can be found here:
https://policies.google.com/technologies/ads
and
https://www.google.de/intl/de/policies/privacy/.

Facebook
Pixel

This website uses Facebook's visitor action pixel to measure conversions. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.

This allows the behavior of site visitors to be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized.

The data collected is anonymous for us as the operator of this website, we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with theFacebook data usage policyThis allows Facebook to enable advertisements to be placed on Facebook pages and outside of Facebook. We as the website operator cannot influence this use of data.

The use of Facebook pixels is based on Art. 6 (1) (f) GDPR (without the use of cookies). The website operator has a legitimate interest in effective advertising measures, including social media. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR; the consent can be revoked at any time.

You can find further information on protecting your privacy in Facebook’s privacy policy:https://de-de.facebook.com/about/privacy/.

You can also enable the Custom Audiences remarketing feature in the Ad Settings section underhttps://www.facebook.com/ads/preferences/?entry_product=ad_settings_screendeactivate. To do this, you must be logged in to Facebook.

If you do not have a Facebook account, you can opt out of usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website:http://www.youronlinechoices.com/de/praferenzmanagement/.

Facebook Ads

The website operator uses Facebook Ads. Facebook Ads is an online advertising program from Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

Facebook Ads enables us to display advertisements on the social network “Facebook” when the user enters certain search terms on Facebook (keyword targeting). In addition, targeted advertisements can be displayed based on the user data available on Facebook (e.g. location data and interests) (target group targeting). We as website operators can evaluate this data quantitatively, for example by analyzing which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks.

The use of Facebook Ads is based on Art. 6 (1) lit. a GDPR.

You can find further information on protecting your privacy in Facebook’s privacy policy:https://de-de.facebook.com/about/privacy/.

LinkedIn Insight Tag

This website uses the LinkedIn Insight Tag. The provider of this service is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Data processing by LinkedIn Insight Tag

With the help of the LinkedIn Insight Tag, we receive information about the visitors to our website. If a website visitor is registered with LinkedIn, we can, among other things, analyze the professional key data (e.g. career level, company size, country, location, industry and job title) of our website visitors and thus better tailor our site to the respective target groups. Furthermore, with the help of LinkedIn Insight Tags, we can measure whether visitors to our websites make a purchase or another action (conversion measurement). Conversion measurement can also take place across devices (e.g. from PC to tablet). LinkedIn Insight Tag also offers a retargeting function with which we can show visitors to our website targeted advertising outside of the website, although according to LinkedIn, the advertising recipient is not identified.

LinkedIn itself also records so-called log files (URL, referrer URL, IP address, device and browser properties and time of access). The IP addresses are shortened or (if they are used to reach LinkedIn members across devices) hashed (pseudonymized). The direct identifiers of LinkedIn members are deleted by LinkedIn after seven days. The remaining pseudonymized data is then deleted within 180 days.

We as website operators cannot assign the data collected by LinkedIn to specific individuals. LinkedIn will store the personal data collected from website visitors on its servers in the USA and use it for its own advertising purposes. For details, see LinkedIn's privacy policy athttps://www.linkedin.com/legal/privacy-policy#choices-oblig.

legal basis

The use of LinkedIn Insight is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in effective advertising measures, including social media. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR; the consent can be revoked at any time.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:https://www.linkedin.com/legal/l/dpaandhttps://www.linkedin.com/legal/l/eu-sccs.

Objection to the use of LinkedIn Insight Tag

You can object to the analysis of user behavior and targeted advertising by LinkedIn using the following link:https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Furthermore, LinkedIn members can control the use of their personal data for advertising purposes in their account settings. To avoid a link between data collected on our website by LinkedIn and your LinkedIn account, you must log out of your LinkedIn account before visiting our website.

conclusion of a contract for order processing

We have concluded a contract for order processing with LinkedIn.

7. Newsletter and postal advertising

Newsletter data

If you would like to receive the newsletter offered on the website, we require an email address from you as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive the newsletter. No other data is collected or is only collected on a voluntary basis. We use this data exclusively to send the requested information and do not pass it on to third parties.

The data entered in the newsletter registration form is processed exclusively on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the email address and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

The data you provide to us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data that we have stored for other purposes remains unaffected.

After you unsubscribe from the newsletter distribution list, your email address may be stored in a blacklist by us or the newsletter service provider to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not time-limited.You can object to the storage if your interests outweigh our legitimate interest.

8. Plugins and tools

YouTube with enhanced data protection

This website embeds videos from YouTube. The site is operated by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in enhanced data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the enhanced data protection mode does not necessarily exclude the transfer of data to YouTube partners. This means that YouTube establishes a connection to the Google DoubleClick network - regardless of whether you watch a video.

As soon as you start a YouTube video on this website, a connection is established to the YouTube servers. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you allow YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, after starting a video, YouTube can save various cookies on your device or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can receive information about visitors to this website. This information is used, among other things, to record video statistics, improve user-friendliness and prevent fraud attempts.

After starting a YouTube video, further data processing operations may be triggered over which we have no influence.

YouTube is used in the interest of an appealing presentation of our online offerings. This represents a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR; the consent can be revoked at any time.

For more information about data protection at YouTube, please see their privacy policy at:https://policies.google.com/privacy?hl=de.

Google Web Fonts

This site uses so-called web fonts provided by Google for the uniform display of fonts. When you visit a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

For this purpose, the browser you use must connect to Google's servers. This tells Google that this website was accessed via your IP address. The use of Google WebFonts is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the uniform presentation of the typeface on its website. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR; the consent can be revoked at any time.

If your browser does not support web fonts, a standard font from your computer will be used.

For more information about Google Web Fonts, seehttps://developers.google.com/fonts/faqand in Google's privacy policy:https://policies.google.com/privacy?hl=de.

Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

reCAPTCHA is designed to check whether the data entered on this website (e.g. in a contact form) is being entered by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, length of time the website visitor spends on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.

The data is stored and analyzed on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated spying and from SPAM. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR; the consent can be revoked at any time.

For more information about Google reCAPTCHA, please see the Google Privacy Policy and the Google Terms of Service at the following links:https://policies.google.com/privacy?hl=deandhttps://policies.google.com/terms?hl=de.

9. Audio and video conferences

Data processing

We use online conference tools, among others, to communicate with our customers. The tools we use in detail are listed below. If you communicate with us via video or audio conference via the Internet, your personal data will be collected and processed by us and the provider of the respective conference tool.

The conference tools record all data that you provide/use to use the tools (email address and/or your telephone number). The conference tools also process the duration of the conference, the start and end (time) of participation in the conference, the number of participants and other “context information” related to the communication process (metadata).

Furthermore, the provider of the tool processes all technical data that is necessary to handle online communication. This includes in particular IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection.

If content is exchanged, uploaded or otherwise made available within the tool, this is also stored on the servers of the tool providers. Such content includes in particular cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards and other information shared while using the service.

Please note that we do not have full influence on the data processing procedures of the tools used. Our options are largely based on the company policy of the respective provider. Further information on data processing by the conference tools can be found in the data protection declarations of the tools used, which we have listed below this text.

purpose and legal basis

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 Para. 1 Clause 1 Letter b GDPR). Furthermore, the use of the tools serves to generally simplify and accelerate communication with us or our company (legitimate interest within the meaning of Art. 6 Para. 1 Letter f GDPR). If consent has been requested, the use of the tools in question is based on this consent; the consent can be revoked at any time with effect for the future.

storage period

The data we collect directly via the video and conference tools will be deleted from our systems as soon as you request deletion, revoke your consent to storage or the purpose for storing the data no longer applies. Stored cookies remain on your device until you delete them. Mandatory statutory retention periods remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

Conference tools used

We use the following conference tools:

zoom

We use Zoom. The provider of this service is Zoom Communications Inc., San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. Details on data processing can be found in Zoom's privacy policy:https://zoom.us/de-de/privacy.html

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:https://zoom.us/de-de/privacy.html

conclusion of a contract for order processing

We have concluded a data processing agreement with the provider of Zoom and fully implement the strict requirements of the German data protection authorities when using Zoom.

Microsoft Teams

We use Microsoft Teams. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Details on data processing can be found in the Microsoft Teams privacy policy:https://privacy.microsoft.com/de-de/privacystatement

conclusion of a contract for order processing

We have concluded a data processing agreement with the provider of Microsoft Teams and fully implement the strict requirements of the German data protection authorities when using Microsoft Teams.

Google Meet

We use Google Meet. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on data processing can be found in Google's privacy policy:https://policies.google.com/privacy?hl=de

conclusion of a contract for order processing

We have concluded a data processing agreement with the provider of Google Meet and fully implement the strict requirements of the German data protection authorities when using Google Meet.

[email protected]