Controller’s name and address
The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the Member States as well as other data protection regulations is the entity indicated in the site notice.
Data Protection Officer’s contact details
Basic information on the processing of personal data
We only collect and process our users’ personal data if this is necessary to provide a functional website as well as our company’s services. Processing will only take place with your consent or if a legal regulation requires or allows us to undertake such processing.
In this connection, your personal data’s security has a high priority for us. We therefore protect your data through technical and organisational measures to prevent misuse. We regularly review the measures taken and adapt these to current technical conditions. We also ensure all our staff are bound to observe confidentiality in accordance with Article 28 GDPR.
Purposes of and legal basis for the processing, transfer to third parties and abroad
We process your data for the following purposes:
• Fulfilment of new or existing contractual relationships or for the implementation of pre-contractual measures,
e.g. the preparation of offers;
• Processing of inquiries, e.g. as part of our core activity or for applications;
• Provision of telemedia, e.g. our website or e-mail;
In this connection, we process the data on the legal basis of Article 6(1) GDPR:
• Article 6(1)(a) GDPR: Processing operations based on your consent
• Article 6(1)(a) GDPR: Processing procedures for the performance of a contract or the implementation of pre-contractual measures, e.g. a purchase or service contract or the solicitation of an offer
• Article 6(1)(c) GDPR: Processing operations which we are legally obliged to undertake, e.g. storage for tax reasons
• Article 6(1)(f) GDPR: Processing operations we undertake on the basis of our legitimate interests, e.g. the transfer of your data to postal service providers for the purpose of sending mail or to a tax consultant. This also includes storing information about website usage for the purpose of optimizing our website.
The transfer of your data to third parties is also based on the above authorisation facts and your data will only be transferred within the scope of a processing agreement or if other confidentiality obligations exist. This includes persons subject to a duty of professional secrecy or shipping carriers. If data is transferred to third countries outside the European Economic Area, there shall be a corresponding adequacy resolution pursuant to Article 45 GDPR for the respective third country (e.g. for Switzerland), or the recipient shall have put in place the corresponding safeguards pursuant to Article 46 GDPR.
Duration of storage, erasure of personal data
Personal data will only be processed and stored for the period necessary to fulfil the processing purposes. Following the purpose’s fulfilment, we will erase or block your data, provided that we are no longer subject to any legal storage obligation.
Collection of access data and log files
We collect access data (log files) about each server access on the basis of our legitimate interests in accordance with Article 6(1)(f) GDPR. This includes the name of the accessed website, date and time of access, transferred file and data volume, notification of successful or unsuccessful access, browser type and version, the operating system, referrer URL (the previously visited page) and your IP address.
Log files are collected for security reasons (e.g. to investigate criminal offences), are stored for a period of 30 days and subsequently deleted. If data are still required for evidence purposes, they will be excluded from erasure until the respective incident has been finally cleared up.
To guarantee a fast and stable connection, we have outsourced hosting to an external service provider. This provider will process the above-mentioned log data according to our specifications. Data is transferred on the basis of our legitimate interest pursuant to Article 6(1)(f) GDPR in conjunction with Article 28 GDPR.
Cookies are text files that are stored by the internet browser on the user's computer system. Cookies will be stored in the data subject’s browser memory when this website is accessed.
You can prevent the storage of cookies in the browser, but the site may then only function to a limited extent. Instead, it makes more sense to set the browser to delete all cookies after the end of the respective browser session, which works on our site without restriction and prevents recognition at the next visit with all positive and negative consequences for you. We use technical cookies because this is technically necessary for the operation of the service offered in accordance with Article 6(1)(f) GDPR, i.e. to protect our legitimate interest.
Technical cookies are used to recognize a user when the website is called up again and thus, for example, to save language settings made, a shopping basket or suchlike beyond a browsing session.
Embedded third-party services and content delivery network providers
ajax.googleapis.com for Jquery and JQueryUI
This website uses the CDN (content delivery network) of Fastly Inc., 475 Brannan St. #300, San Francisco, CA 94107, USA ("Fastly"). A Content Delivery Network is an online service that delivers large media files (such as graphics or page content) through regionally distributed Internet servers, thus relieving global networks and increasing website availability and speed. The use of the Content Delivery Network is in the interest of a higher reliability of the website and a better loading speed of this website according to Art. 6 (1) lit. f GDPR. Within the scope of use, their data is transferred to the provider in the USA.
This website uses the CDN (content delivery network) of Cloudflare Inc., 101 Townsend St. San Francisco, CA 94107, USA ("Cloudflare"). A Content Delivery Network is an online service that delivers large media files (such as graphics or page content) through regionally distributed Internet servers, thus relieving global networks and increasing website availability and speed. The use of the Content Delivery Network is in the interest of a higher reliability of the website and a better loading speed of this website according to Art. 6 (1) lit. f GDPR. Within the scope of use, their data is transferred to the provider in the USA.
This website uses the CDN (content delivery network) of Cloudfront. This is a service provided by Amazon Web Services Inc., 410 Terry Avenue North, Seattle, WA 98109-5210. A Content Delivery Network is an online service that delivers large media files (such as graphics or page content) through regionally distributed Internet servers, thus relieving global networks and increasing website availability and speed. The use of the Content Delivery Network is in the interest of a higher reliability of the website and a better loading speed of this website according to Art. 6 (1) lit. f GDPR. Within the scope of use, their data is transferred to the provider in the USA.
To learn more about Amazon Web Services' privacy practices, visit: https://aws.amazon.com/de/data-protection/
When contact is made (e.g. via the contact form, e-mail, telephone or social networks), the user's personal data will be processed to process the contact request in accordance with Art. 6(1)(b) GDPR, i.e. to fulfil a contract or implement pre-contractual measures. Your data may be transferred to a customer management program (CRM system) for this purpose. Please note that we are required to archive e-mails in accordance with the German GoBD [Principles for the Proper Maintenance and Keeping of Books, Records and Documents in Electronic Form and for Data Access], and emails sent to us can therefore not be completely deleted (from our archive system).
Information that has been transmitted to us via our website Contact page, are securely encrypted according to the guidelines stipulated in TMG Article 13, Part 7.
Notice on the rights of data subjects
If we process your personal data, you are the data subject within the meaning of the GDPR, and you have the following rights with respect to the controller:
You have the right to request information about your stored personal data.
You have the right to receive the requested data in a commonly used and machine readable format.
You have the right to obtain immediate rectification of any inaccurate personal data concerning you from the controller.
You can request the restriction or erasion of the processing of personal data concerning you.
You have the right to withdraw consent to the processing of personal data at any time.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority.
Right to Object
The data subject has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1),
Collection of personal data
If you do not provide us with the personal data we require for contractual purposes, this failure to provide data shall not generally mean that the contract cannot be concluded. In individual cases we can advise you whether the provision of persona data is legally obligatory or contractually prescribed, and what consequences the failure to provide personal data would have in individual cases.