We process personal data only insofar as this is permissible within the meaning of the provisions of data protection law. In so doing, we employ all the necessary technical and organisational security measures to protect your data from unauthorised access and abuse.
Controller within the meaning of the General Data Protection Regulation is:
REISSWOLF International GmbH
Wilhelm-Bergner-Straße 3 A
21509 Glinde
Germany
T +49 40 3346300
info@reisswolf.com
www.reisswolf.com
Data Protection Officer:
Ines Krumrei
T +49 40 334630194
Email
1. Contact form and email contact
Purpose and legal basis
On our website, we provide various contact forms, which may be used to contact us electronically or to register for events. If a user takes advantage of this possibility, the data entered in the input screen are transferred to us and stored. These data comprise name, company name, telephone number, email and postal addresses, job title and content of the message, together with the information requested on specific topics.
In addition, the IP address of the terminal accessing our website, the date and time of the despatch of the message are recorded.
As part of the process, your consent will be obtained and referred to this Data Privacy Statement.
Alternatively, you may contact us through the email address provided. In this case, the user's personal data transferred with the email are stored.
The data are used solely for the processing of the conversation.
If consent has been obtained from the user, the legal basis for the processing of the data is Article 6 (1) point (a) GDPR.
If the contact results in the conclusion of a contract, the additional legal basis for the processing is Article 6 (1) point (b) GDPR.
Recipient
Our website is serviced by service providers, who are engaged as our processors.
If you send us a request for a quotation, for example, processors appointed by us may receive data for this purpose, provided that these processors need the data to perform their respective service (e.g. IT services). All service providers are contractually obliged to treat your data confidentially. Furthermore, in order to respond to or to process your requests, we transfer your data to the REISSWOLF company responsible for the region or to our cooperation partner.
Period of storage
The data are erased as soon as they are no longer needed to fulfil the purpose, for which they were collected. For the personal data from the input screen for the contact form and the data sent by email, this is when the respective conversation with the user has come to an end. The conversation has come to an end, when it can be presumed from the circumstances, that the issue in question is conclusively clarified.
Your personal data in the contact forms will not be stored temporarily.
Third country transfer
A transfer of personal data to third countries does not take place.
Right to object
The user has the right at any time to withdraw his consent to the processing of the personal data. For this purpose, an informal communication by email is sufficient. If you choose this alternative, the conversation cannot be continued.
In this case, all personal data, which have been stored in the course of making contact, are erased.
1.1 Applications via the REISSWOLF applicant portal
Purpose and legal basis
With reference to the first paragraph above "Contact forms and email contact", our website also provides the opportunity to apply for speculative and advertised jobs with the REISSWOLF Group via the aforementioned contact channels.
In order to make the application process easier for interested parties and to ensure that applications are processed quickly and securely, we use our own applicant portal.
When an application is submitted via the contact forms in the applicant portal area of the website (https://karriere.reisswolf.com), the data from the input mask such as first name, surname, email address, telephone number as well as application documents uploaded by the applicant, such as letter of motivation, CV and certificates, are transmitted to us. In addition, the date and time of the contact form submission are collected.
Alternatively, it is possible to contact us via the email address bewerbung@reisswolf.com. In this case, the user's personal data transmitted with the email will be processed by us.
REISSWOLF processes applicant data for the purpose of establishing or implementing an employment relationship (implementation of the application process and, if applicable, contract initiation/establishment of an employment relationship) on the basis of Art. 6 (1) point (b) GDPR in conjunction with Section 26 of the Federal Data Protection Act (BDSG).
Recipient
REISSWOLF uses the data collected as part of the application to check the suitability of the applicant for the advertised position. In principle, only the REISSWOLF company division to which the advertised position is assigned is given access to the application data. The evaluation and decision-making process is carried out exclusively by REISSWOLF employees.
Period of storage
In the case of a successful employment contract, the user's data will be stored for the duration of the employment relationship and beyond, taking into account the statutory retention periods.
In the case of unsuccessful applications, all data collected will be irretrievably deleted after a period of ninety days at the latest.
Third country transfer
A transfer of personal data to third countries does not take place.
Right to object
Insofar as the data processing is based on consent, the consent can be revoked at any time with effect for the future. An informal message by email to REISSWOLF is sufficient for this purpose. Please send changes and additions to application data to bewerbung@reisswolf.com.
2. Making appointments via Microsoft Bookings
Purpose and legal basis
On our website we offer users the possibility to book appointments directly online with REISSWOLF employees. For this purpose, we use the appointment booking service Microsoft Bookings from Microsoft Corporation.
If a user takes advantage of this option, the data entered in the input mask is recorded, processed, stored by Microsoft and transmitted to us when an appointment is booked. This data includes:
- Personal entries, such as name, email address, telephone number, company name, address, job title and optional notes
- Date & time of submission
- Preferred language
As part of the process, your consent is obtained and a reference is made to this data protection declaration.
The legal basis for the processing of your data is Article 6 (1) point (a) of the GDPR (consent). In addition, we have a legitimate interest (Article 6 (1) point (f) GDPR) in providing you with a user-friendly website with a wide range of functions, where appointments with our staff can be made quickly and easily as required.
Recipient
With regard to direct online appointment booking, we use the Microsoft Bookings application of the Microsoft Office 365 cloud software of the external service provider Microsoft Corporation to process your data. To make an appointment, your entries in the appointment form are transferred to Microsoft. Microsoft reserves the right to process customer data for its own business purposes. Please note that we have no influence on Microsoft's data processing. To the extent Microsoft Bookings processes personal data in connection with Microsoft's legitimate business operations, Microsoft is an independent data controller for such use. Consequently, Microsoft, as a data controller, is also responsible for compliance with all applicable laws and obligations.
For more information about the Microsoft Bookings application, please visit:
https://www.microsoft.com/de-de/microsoft-365/business/scheduling-and-booking-app
Period of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the form, this is the case when the respective conversation with the user has ended. The conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified.
Third country transfer
In principle, all collected data is processed and stored on our (REISSWOLF's own) Microsoft 365 and Exchange instance, which is usually provided on regional Microsoft servers (in this case within the EU). However, Microsoft Bookings is based on the Microsoft 365 guidelines, which indicate that collected data can also be transmitted to Microsoft's worldwide server infrastructure.
Microsoft uses a number of legal mechanisms when transferring data, including contracts such as Standard Contractual Clauses (SCCs).
In addition, Microsoft continues to comply with and is certified to the EU-US Privacy Shield Framework Agreement.
You can find more information here:
https://privacy.microsoft.com/de-de/privacystatement and
https://www.microsoft.com/de-de/trust-center/privacy?docid=22&langid=de-de and
https://docs.microsoft.com/de-de/compliance/regulatory/gdpr-dsr-Office365#bookings and
https://docs.microsoft.com/de-de/microsoft-365/bookings/bookings-faq?view=o365-worldwide#datenschutz
Right to object
The user has the possibility at any time to revoke his consent to the processing of personal data with effect for the future. An informal communication by email is sufficient for this purpose. In such a case, the conversation cannot be continued. All personal data stored in the course of contacting us will be deleted in this case.
Furthermore, we would like to point out that you are not obliged to use Microsoft Bookings to arrange an appointment. If you do not wish to use the service, please use another of the contact options offered, such as a contact form, to make an appointment.
3. Digital contract conclusion for REISSWOLF Document. Box.
Purpose and legal basis
Our website offers the possibility of concluding a purchase contract via an online order function. If a user takes advantage of this option, the data entered in the input mask is transmitted to us and stored. This data includes name, company name, telephone, email, address, job title of orderer and recipient of the REISSWOLF Document. Box. as well as information on the ordered goods. In addition, the IP address of the calling end device, date and time of dispatch are collected.
If you also use the payment option via credit card or PayPal, the personal data and payment data you provide will be transmitted to the online payment service provider PayPal (Europe) S.à r.l. et Cie, S.C.A.. This includes: Name, address, company, IP address, email address or other data required for order processing. As well as data related to the service, such as the type of service, identity of the recipient, billing information, invoice amount and tax percentage. This transmission is necessary to carry out the service with the payment method you have selected, in particular to confirm your identity, to administer your payment and the customer relationship. We do not receive any account or credit card related information in this process, but only information with confirmation or negative information of the payment.
For payment transactions via PayPal, the terms and conditions and the data protection information of PayPal apply, which can be accessed within the respective websites or transaction applications. We also refer to these for further information and the assertion of revocation, information and other data subject rights: www.paypal.com/de/webapps/mpp/ua/privacy-full
You can find more information on PayPal's terms of use at:
www.paypal.com/de/webapps/mpp/ua/useragreement-full
The data is used exclusively for the processing of the order and the fulfilment of the contract as well as pre-contractual measures. The legal basis for the processing of the data is Article 6 (1) point (b) GDPR.
Recipient
Our website is maintained by service providers who act as our processors. If you place an online order, service providers used by us may view or receive data for these purposes, insofar as this is required for the fulfilment of their respective service (e.g. IT services). All service providers are contractually obliged to treat your data confidentially.
In the case of payment by PayPal or credit card, data is transmitted to the payment service provider PayPal (Europe) S.à.r.l. & Cie. S.C.A. as described above.
For the delivery of orders, we work together with the external shipping service provider DHL Paket GmbH. This company receives the name of the recipient and the delivery address from us for the execution of the respective order and for the creation of the shipping label.
The service providers have been carefully selected and commissioned by us and are regularly checked.
Period of storage
The data will be deleted after expiry of the retention periods required by commercial and tax law.
The data collected via the input mask will be deleted after a period of 24 hours.
Third country transfer
REISSWOLF does not transmit any personal data to third countries in connection with the order and fulfilment of the contract.
For the transmission to third countries on the part of PayPals, we refer to the applicable terms and conditions and the data protection information of the payment service provider:
www.paypal.com/de/webapps/mpp/ua/privacy-full und
www.paypal.com/de/webapps/mpp/ua/bcr
Right to object
As an alternative to the online ordering function, each user also has the option of receiving and signing contracts by email or by post and selecting the invoice payment option. For this purpose, an informal message by email to REISSWOLF is sufficient.
4. Webinar registration and conduct
Purpose and legal basis
On our website you have the possibility to participate in webinars. We use the software solution GoToWebinar from LogMeIn, Inc. to conduct webinars via the Internet. LogMeIn, Inc. is responsible for providing this service and the data processing associated with it. LogMeIn's privacy statement can be found here:
www.logmeininc.com/legal/privacy
When you register for the webinar, data from the input form such as your name, company name, job title, and email address will be sent to LogMeIn, Inc. It also collects the date and time of registration. During the registration process, your consent (Article 6 (1) point (a) GDPR) is obtained for the processing of the registration data and for statistical purposes. Because during and after the webinar, statistical data is collected and transmitted to us. This includes data such as participation status and duration, questions asked/answered, interest in the webinar. We use this data for customer support and to enhance the user experience.
During this session, we record audio or video information in order to make it available to webinar participants for later retrieval.
Further details about the technical functionality of the tool used and further information can be found at:
www.gotomeeting.com/webinar
Recipient
We use the external service provider LogMeIn, Inc. for processing your data. LogMeIn, Inc. has been carefully selected and commissioned by us, is bound by our instructions and is checked regularly. The service provider is contractually obliged to treat your data confidentially.
Period of storage
The user's data will be stored by the order processor until the termination of the service contract.
Third country transfer
By using LogMeIn, Inc.'s GoToWebinar software solution, personal data is transferred to contract processors located in third countries where an adequate level of protection is not ensured. For more information, see LogMeIn's Privacy Policy:
www.logmeininc.com/legal/privacy
Right to object
The user has the possibility to revoke his consent to the processing of personal data at any time. An informal notification by email is sufficient for this purpose. Alternatively, you can use the following LogMeIn, Inc. support form:
https://support.logmeininc.com/de/gotowebinar/contactus
5. Newsletter dispatch incl. Google reCAPTCHA
Purpose and legal basis
On our website, we offer you the opportunity to register for a newsletter, free of charge. When you register for the newsletter the data from the input screen, as name, company name and email address, are transferred to the service provider we use for this purpose, so that we can send the newsletter to you.
In addition, the IP address of the terminal accessing our site and the date and time of the registration are collected.
Your consent is obtained as part of the registration process (Article 6 (1) point (a) GDPR) and we refer you to this Data Privacy Statement.
Recipient
We use external service providers to process your data. These are selected and commissioned by us with care, are bound to comply with our instructions and are regularly inspected. All service providers are contractually obliged to treat your data confidentially.
Period of storage
The user's data are stored for as long as the newsletter subscription is active.
Third country transfer
A transfer of personal data to third countries does not take place.
Right to object
The subscription to the newsletter may be cancelled by the user in question at any time. A link is provided for this purpose in every newsletter.
5.1 Google reCAPTCHA
We use the reCAPTCHA service (www.google.com/recaptcha/about/) from Google Ireland Limited to determine whether a person or a computer is making a certain entry in our newsletter registration form. Google uses the following data to check whether you are a person or a computer: IP address of the terminal device used, the website you visit with us on which the captcha is embedded, the date and duration of the visit, the recognition data of the browser and operating system type used, Google account if you are logged in to Google, mouse movements on the reCaptcha areas and tasks that require you to identify images.
The legal basis for the described data processing is Article 6 (1) point (f) GDPR, because there is a legitimate interest on our part to ensure the security of our website and to protect ourselves from automated entries (attacks).
For more information on Google reCAPTCHA's data collection and processing, as well as your rights and selectable privacy options, please see Google's privacy policy: https://policies.google.com/privacy?hl=en-GB
6. Provision of the website and creation of log files
Purpose and legal basis
Every time our website is accessed, our system collects automated data from the accessing terminal's system and stores these in log files. The temporary storage of the IP address by the system is necessary in order to deliver the website to the user's terminal. The following data are collected:
- type and version of browser
- operating system
- website, from which the user has accessed our website
- internet service provider
- date & time of the server query
- IP address
The data are processed pursuant to Article 6 (1) point (f) GDPR, based on our legitimate interest in improving the stability and functionality of our website.
Recipient
To operate and maintain our website we use technical service providers, who are appointed as our processors.
Period of storage
The data collected are erased, as soon as the respective session is ended. If the data are stored in log files, the data are then erased at the end of sixty days at the latest.
Third country transfer
A transfer of personal data to third countries does not take place.
Right to object
The collection of the data for the purposes of providing the website and the storage of the data in log files is of compelling necessity for the operation of the website. Consequently, the user has no right to object.
Recipient
We use the external web service Cookiebot of Cybot A/S (www.cookiebot.com/en) to inform you about the cookies used on our website and to obtain your consent to the use of cookies. To store your consent, a permanent cookie called "CookieConsent" is stored in your browser.
The following data will be automatically logged by Cybot A/S:
- IP number of the end user in anonymous form (the last three digits are set to '0')
- Date and time of consent
- User agent of the end user's browser
- URL from which the consent was sent
- An anonymous, random and encrypted key
- Consent status of the end user serving as proof of consent
The information generated by the cookie is not used to personally identify the visitor to this website and is not merged with personal data about the bearer of the pseudonym.
The data collected by Cybot A/S is stored on servers within the EU.
If you do not consent to the storage of this data, you can object to its storage at any time as described above. In this case, a so-called opt-out cookie is stored in your browser, which means that Cookiebot only provides cookies for the technically error-free and optimised provision of the website. Please note that the complete deletion of your cookies means that the opt-out cookie is also deleted and may have to be reactivated by you.
Period of storage
The permanent cookie called "CookieConsent" by Cookiebot is automatically deleted after 12 months unless you delete it beforehand via the browser setting. You can delete cookies at any time in the security settings of your browser.
Third country transfer
No third country transfer takes place through the use of Cookiebot.
Cookiebot uses trusted subcontractors within the EU to provide its cloud-based services.
For more details, please refer to Cookiebot's Privacy Policy:
www.cookiebot.com/en/privacy-policy/
Right to object
You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that all functions of the website can no longer be used to their full extent.
8. Web analysis with Google Analytics
Purpose and legal basis
In order to make our offer more user-friendly and relevant in terms of content, we use the web analysis tool Google Analytics.
To achieve this goal, we use cookies, so that we can identify you when you next visit our website, e.g. when you have visited another site before returning to us. In addition, we use cookies, which allow us to analyse surfing behaviour, e.g. the search term entered and the frequency of visits to the site. When the user accesses our site, he is informed by an information banner about the use of cookies for analysis purpose and is referred to the Data Privacy Statement.
Cookies, which are necessary to operate the electronic communication procedure or to provide specific functions, required by you are stored based on Article 6 (1) point (f) GDPR. The website operator has a legitimate interest in storing cookies, in order to be able to provide its services free of technical faults and to an optimum standard.
Recipient
We use external service providers for tracking and web analysis. These process the access data on our behalf for the purpose of user analysis and statistical processing for us. For this purpose, we have concluded the corresponding contract processing agreements with the providers.
The data collected with the web analysis service software Google Analytics (https://marketingplatform.google.com/intl/en/about/analytics/) from Google Ireland Limited (including your pseudonymised IP address) is processed on Google's worldwide servers. The information generated by the cookie in the pseudonymous user profile is not used to personally identify the visitor to this website and is not merged with personal data about the bearer of the pseudonym. In order to be able to evaluate pseudonymous user profiles, recorded data is stored together with randomly generated user IDs.
Among other things, the following data is recorded by Google Analytics during your website visit:
- Pages called up
- Your behaviour on the pages (e.g. clicks, scrolling behaviour and length of stay)
- Your approximate location (country and city)
- Your IP address (in abbreviated form, so that no unambiguous assignment is possible)
- Technical information such as browser, Internet provider, terminal device and screen resolution
- Source of your visit (i.e. via which website or advertising medium you came to us)
If you do not agree with the storage and evaluation of this data from your visit, you can prevent this by installing the following browser add-on once to deactivate Google Analytics:
https://tools.google.com/dlpage/gaoptout?hl=en
Further details about the technical functionality of the tool used and information can be found at:
https://marketingplatform.google.com/intl/en/about/analytics/
Period of storage
Temporary cookies are automatically deleted when you close your browser. These include in particular session cookies. They store a so-called session ID with which various requests from your browser can be assigned to the shared session. This enables your terminal device to be recognised when you return to our website. The session cookies are deleted when you log out or close your browser.
Permanent cookies, such as Google Analytics analysis cookies, are automatically deleted after a specified period, which may vary depending on the cookie. Google Analytics analysis cookies are stored in your web browser for a period of two years from your last visit, unless you delete them first in your browser settings. You can delete cookies at any time in the security settings of your browser.
User-related data collected by Google Analytics are automatically deleted after 14 months. Other anonymized data remains stored in aggregated form for an unlimited period of time.
Transfer to third countries
Collected data is transferred to Google servers located worldwide (including the USA). Google complies with the Standard Contractual Clauses (SCCs) and is also still certified for the EU-U.S. and Swiss-U.S. Privacy Shield.
For more information, please see Google's Privacy Policy:
www.google.de/intl/en/policies/privacy/ and
https://policies.google.com/privacy/frameworks?hl=en-GB&gl=de
Right to object
You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically, e.g. using the above-mentioned browser add-on to deactivate Google Analytics (further information here: https://tools.google.com/dlpage/gaoptout?hl=en). If cookies are deactivated for our website, it is possible that all functions of the website can no longer be used to their full extent.
9. Web analysis with Hotjar
Purpose and legal basis
In order to make our website more user-friendly and relevant in terms of content, we use the web analysis tool Hotjar.
Hotjar – as online analysis software – cumulatively and visually prepares how users move across our website in order to help us better understand what our users like about reisswolf.com, what they ignore or what causes difficulties, for example. To create these cumulative movement patterns (so-called heat maps), Hotjar uses data from cursor movements, click activities and page movements, which are recorded via cookies. Keystrokes or data entries in forms are not recorded.
When you access our website, we inform you about the use of cookies for analysis purposes with an information banner and refer you to our data protection declaration.
Cookies that are required to carry out the electronic communication process or to provide certain functions you have requested are stored on the basis of Article 6 (1) point (f) GDPR. As website operators, we have a legitimate interest in storing cookies for the technically error-free and optimised provision of our services.
Recipient
The web analysis tool Hotjar (www.hotjar.com/) is provided to us by the external service provider Hotjar Ltd. This company processes the access data on our behalf for the purpose of user analysis and prepares the data statistically and visually for us. We have concluded the corresponding order processing agreement with the provider for this purpose.
The data collected with the web analysis software is stored and processed on servers within the EU.
Hotjar works with cookies and other technologies to collect data about the behaviour of our users via their end devices. In particular, the following data is collected by Hotjar during website use:
- Anonymised IP address
- Screen size
- Device and browser properties (also called "user agent")
- Location at country level
- Preferred language
- Mouse/cursor activity (movements, dwell locations and clicks)
- Button clicks
- Referrer URL
- Pages visited
- Date & time of access
Hotjar stores this information with randomly generated user IDs in a pseudonymised user profile in order to be able to recognise returning users independently of personal information. The information in the pseudonymised user profile is not used to identify the visitor personally, nor is it used to merge this with personal data.
You can find more information on this under:
https://help.hotjar.com/hc/en-us/articles/115011639887-Data-Safety-Privacy-Security
Period of storage
Hotjar uses temporary session cookies, which are deleted as soon as the browser is closed, and permanent cookies. Permanent cookies, such as analysis cookies from Hotjar, are automatically deleted after a predefined period of time, which may differ depending on the cookie. The analysis cookies from Hotjar are stored in your web browser for a maximum of 365 days since your last visit, unless you delete them beforehand via the browser settings. You can delete the cookies in the security settings of your browser at any time.
A list of all individual cookies, including their storage duration, can be found here:
https://help.hotjar.com/hc/en-us/articles/115011789248-Hotjar-Cookies
User-related data collected by Hotjar is automatically deleted after 365 days. Further information can be found here:
https://help.hotjar.com/hc/en-us/articles/115011640427-How-long-does-Hotjar-keep-my-data-
Occasionally, Hotjar may temporarily process or store IP addresses in order to test and ensure the functioning of the system. In this case, the IP addresses are automatically deleted within 30 days. You can find more information about this here:
www.hotjar.com/legal/policies/privacy/
Transfer to third countries
Hojar stores and processes collected personal data resulting from the use of the software within the EU.
Only in exceptional cases may data be transferred to the US-based subcontractor Functional Software, Inc. d/b/a Sentry, which is responsible for application monitoring and error tracking of the system infrastructure.
As a company registered in the European Union, Hotjar enters into data processing agreements with all subcontractors, complying with Standard Contractual Clauses (SCCs) where applicable.
More information on the subject can be found here:
https://help.hotjar.com/hc/en-us/articles/115011639887-Data-Safety-Privacy-Security and
https://help.hotjar.com/hc/en-us/articles/360058514233 and
www.hotjar.com/legal/policies/privacy/
Right to object
If you do not agree to the collection of data by Hotjar, you can object to the collection at any time by activating a "Do Not Track" cookie on the following page:
https://www.hotjar.com/policies/do-not-track/
In this case, a so-called opt-out cookie will be placed in your browser, which means that Hotjar will not collect any data. Please note that if you delete your cookies completely, the opt-out cookie will also be deleted and you may have to reactivate it.
Furthermore, you can deactivate or restrict the transfer of cookies by changing the settings in your internet browser. Of course, you can also delete cookies already stored in your browser at any time.
10. Web analysis with Matomo
Purpose and legal basis
In order to make our offer more attractive and to be able to expand the areas of interest of our website visitors in an efficient and focused way, we use the web analysis tool Matomo.
We use the cookie-less version of Matomo. Matomo does not set any tracking cookies, but uses cookie-like technologies, such as so-called "device fingerprinting", to collect information. The limited form of collection is used exclusively for anonymised visitor count measurement as well as performance evaluation of the website. The following information is collected for this purpose:
- Anonymised IP address
- Device and browser properties, such as browser, internet service provider, terminal device and screen resolution (also called "user agent")
- Time of access
- Approximate location of access at the federal state level
Due to the anonymisation of the information as well as the "fingerprints", which change daily for each visitor, users can neither be identified, nor can collected data be assigned to each other or combined in a user profile.
Thus, it is not possible for us to personally identify visitors to our website or to combine them with personal data.
The collection of information by Matomo takes place exclusively on our website reisswolf.com and not across third party websites.
The analysis and processing is based on Article 6 (1) point (f) GDPR. As website operator, we have a legitimate interest in the analysis, optimisation and economic operation of our website.
Recipient
As an external service provider for web analysis, the web analysis service Matomo (www.matomo.org) processes the access data on our behalf for the purpose of user analysis and statistical processing.
The data collected with Matomo (including your anonymised IP address) is processed on our servers.
Further details on the technical functioning of the tool used and information can be found at: www.matomo.org
Period of storage
Temporary cookies are automatically deleted when you close the browser. These include, in particular, session cookies. These store a so-called session-lD, with which various requests from your browser can be assigned to the joint session. This enables your terminal device to be recognised when you return to our website. The session cookies are deleted when you log out or close the browser.
You can delete the cookies in the security settings of your browser at any time.
Transfer to third countries
No third country transfer takes place through the use of Matomo.
Right to object
If you do not agree to the collection, pseudonymised evaluation and storage of the session cookie data from your visit, you can object to the storage and use at any time by clicking the mouse below. In this case, a so-called opt-out cookie will be stored in your browser, which means that Matomo will not collect any session data. Please note that if you delete your cookies completely, the opt-out cookie will also be deleted and you may have to reactivate it.
Opt-Out iFrame:
11. Google Ads with Conversion Tracking
Purpose and legal basis
Google AdWords is an Internet advertising service that allows advertisers to place ads that are relevant to their interests in Google's search engine results and the Google advertising network.
Interest-relevant ads are defined by pre-defined keywords that a user will not see in Google's search engine results until he or she retrieves keyword relevant results from the search engine.
In the Google advertising network, the ads are distributed to topic-relevant websites using an automatic algorithm and taking into account the predefined keywords.
If a user is redirected to our website via a Google advertisement, a permanent cookie is set in the user's browser to record which pages of our website have been accessed and whether, for example, a contact attempt has been made. This cookie is also called a conversion cookie and is not used for personal identification. Generally, Google collects the following data:
- Unique Cookie ID
- Number & frequency of the ad accesses
- Last impressions
- Opt-out information
The data collected via the conversion cookies is used by Google to compile visit statistics for our website. These visit statistics in turn serve us to determine the number of users of our ads and to optimize advertisements.
We use interest-relevant advertising of our offer on the legal basis of Article 6 (1) point (f) GDPR. As a website operator, we have a legitimate interest in the storage of cookies for the analysis, optimisation and economic operation of our website.
Recipient
Our website uses the external service of the online advertising program Google Ads (https://ads.google.com/) with conversion tracking by Google Ireland Limited. As a service provider, Google Ads processes the access data to switched online advertising on our behalf for the purpose of user analysis and statistical processing for us. The service provider has been carefully selected and commissioned by us and is checked regularly. In addition, it is contractually obliged to treat your data confidentially.
The data collected with Google Ads (including your pseudonymized IP address) is processed on Google's worldwide server landscape.
The information generated by cookies is not used to personally identify the user of our advertising or this website and is not merged with personal data about the bearer of the pseudonym.
Period of storage
Google Ads conversion tracking cookies will expire after 30 days unless you delete them from your browser settings. You can delete cookies from your browser's security settings at any time.
Third country transfer
Collected data is transferred to Google servers located worldwide (including the USA). Google complies with the Standard Contractual Clauses (SCCs) and is also still certified for the EU-U.S. and Swiss-U.S. Privacy Shield.
For more information, please see Google's Privacy Policy:
www.google.de/intl/en/policies/privacy/ and
https://policies.google.com/privacy/frameworks?hl=en-GB&gl=de
Right to object
You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that all functions of the website can no longer be used to their full extent.
In addition, it is possible to object to interest-related advertising by Google via the following link:
www.google.com/settings/ads
12. Facebook Pixel with Custom Audiences
Purpose and legal basis
The Facebook Pixel of the Meta Platforms Ireland Limited is a JavaScript code based analysis tool that measures the effectiveness of interest-relevant internet advertising.
Interest-relevant ads are defined here by parameters set in advance, which an ad only displays when the user holds or retrieves the relevant parameters, such as interest in certain topics. These pre-defined user groups are also known as "custom audiences" and ensure that our ads only reach those users who have a potential interest in them. In accordance with the predefined parameters, Facebook distributes the ads using an automatic algorithm.
If a user is redirected to our website or Facebook (i.e. Facebook products, Facebook website, Facebook app, Facebook partner websites or websites with Facebook technologies such as the "Like" button) via a Facebook ad, temporary session cookies as well as permanent cookies are set in the user's browser. These cookies record which advertising campaigns and pages of our website were called up and whether, for example, a contact attempt was made. These types of cookies are also known as conversion cookies and are not used for personal identification. In general, the Facebook pixel collects the following data:
- All information stored in the standard web protocol of the HTTP header, such as information on the web browser, the page location, the document, the referrer, the visitor to the website and the IP address
- Pixel-specific data, such as the pixel ID and the Facebook cookie
- Data on buttons that have been clicked
- Information about the visit, such as actions and activities, via personalised data events
- Field names of forms, such as the headings "email address", "address" and "quantity"
- Information on individual settings/restrictions regarding advertisements and the corresponding tracking
The Facebook pixel does not collect field values such as specific names or email addresses from forms. For more information, please visit www.facebook.com/business/gdpr and
www.facebook.com/policies/cookies.
The data collected via the conversion cookies are used by Facebook to create visit statistics for our website. These visit statistics are in turn used by us to determine the success of our advertisements and their optimisation.
We use interest-relevant advertising of our offer on the legal basis of Article 6 (1) point (f) GDPR. As a website operator, we have a legitimate interest in the storage of cookies for the analysis, optimisation and economic operation of our website.
Recipient
Our website uses the external service of the Meta Platforms Ireland Limited (www.facebook.com) for the placement of online advertisements.
As a service provider, the Meta Platforms Ireland Limited and its partners process the access data for online advertisements on our behalf for the purpose of user analysis and statistical processing for us. The service provider has been carefully selected and commissioned by us and is regularly monitored.
The data collected with Facebook/Meta Platforms Ireland Limited and its partners is processed on a worldwide server landscape.
The information generated by cookies is not used to personally identify the user of our advertising or website or to merge it with personal data.
Period of storage
Facebook/Meta Platforms Ireland Limited and its partners use permanent cookies in addition to temporary session cookies, which are deleted as soon as the browser is closed. In the area of online advertising, permanent cookies primarily include the following:
- Authentication cookies with a storage time of 365 days
- Cookies that deliver advertisements and measure their relevance with a storage time of 90 days
- Cookies serving advertising and website analytics services with a storage time of 90 days
- Cookies that store opt-outs from Facebook's ads based on your own activity & third party website visits with a retention period of five years
For more information about cookies from Facebook/Meta Platforms Ireland Limited and its partners, and how you can manage or opt-out of ad serving and cookies, please visit www.facebook.com/policies/cookies.
Third country transfer
The global server infrastructure of Meta Platforms Ireland Limited causes data collected by Facebook/Meta Platforms Ireland Limited and its partners to be stored and processed on servers both inside and outside the European Economic Area. The transfer of personal data outside the European Economic Area is subject to legal requirements and the EU Data Transfer Addendum of the Standard Contractual Clauses (SCCs). In addition, Facebook/Meta Platforms Ireland Limited adheres to and is certified to the Privacy Shield Framework Agreement. You can find more information here:
www.facebook.com/legal/EU_data_transfer_addendum
Right to object
By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.
You also have the option of managing and rejecting Facebook advertising settings and cookies via the following link: www.facebook.com/policies/cookies
With a personal Facebook account, you also have the option to adjust and limit your individual usage-based advertisements: www.facebook.com/settings?tab=ads
Alternatively, you can control your cookie preferences for online advertising across websites via the European Interactive Digital Advertising Alliance (EDAA) platform, which helps you better understand data-driven advertising and provides options to protect your privacy with respect to data protection: www.youronlinechoices.com/
13. LinkedIn Insight Tag with Matched Audiences and Lead Gen Form
Purpose and legal basis
The LinkedIn Insight tag of LinkedIn Ireland Unlimited Company is a JavaScript tag-based analysis tool that measures the effectiveness of interest-relevant internet advertising.
Interest-relevant ads are defined here by predefined parameters that an ad only shows when the user holds or retrieves the relevant parameters, such as interest in certain topics. These pre-defined user groups are also known as "matched audiences" and ensure that our advertisements reach users who have a potential interest in them. Taking into account the predefined parameters, LinkedIn distributes the advertisements using an automatic algorithm.
If a user is redirected to our website via a LinkedIn ad, temporary session cookies as well as permanent cookies are set in the user's browser, which record which advertising campaigns and pages of our website were called up and whether, for example, a contact attempt was made. These cookies are also known as conversion cookies and are not used for personal identification. Generally, the LinkedIn Insight tag collects the following data:
- URL
- Referrer URL
- IP address - shortened for visitors without a LinkedIn account or hashed (converted to a hash code & coded indexed) for visitors with a personal LinkedIn account.
- Device and browser properties (also called "user agent")
- Time of access (timestamp)
- Information about the visit, such as actions and activities
- Information on individual settings/restrictions regarding advertisements and the corresponding tracking
For more information, please visit https://de.linkedin.com/legal/privacy-policy and https://de.linkedin.com/legal/cookie-policy.
The data collected via the conversion cookies is used by LinkedIn to create traffic statistics for our website. These traffic statistics are in turn used by us to determine the success of our advertisements and their optimisation.
We use interest-relevant advertising of our offer on the legal basis of Article 6 (1) point (f) GDPR. As a website operator, we have a legitimate interest in the storage of cookies for the analysis, optimisation and economic operation of our website.
In addition, you have the possibility to contact us within LinkedIn via the "Lead Gen Form" contact form of LinkedIn. The contact form is linked to the advertisements within LinkedIn and - insofar as you have provided them - automatically takes over personal data from your LinkedIn profile when you fill out a form. This data includes name, company name, phone number, email address and the content of the message. The data entered in the input mask is stored within LinkedIn and processed by us.
The data is used exclusively for processing the conversation. The legal basis for the processing of the data is Article 6 (1) point (a) GDPR if the user has given his consent.
If the contact aims at the conclusion of a contract, the additional legal basis for the processing is Article 6 (1) point (b) GDPR.
Recipient
Our website uses the external service of LinkedIn Ireland Unlimited Company (www.linkedin.com/) for the placement of online advertisements.
As a service provider, LinkedIn processes the access data for online advertisements on our behalf for the purpose of user analysis and statistical processing for us. The service provider has been carefully selected and commissioned by us and is regularly monitored.
The data collected with LinkedIn is processed in the EU, the European Economic Area and the USA.
The information generated by cookies is not used to personally identify the user of our advertising or website or to merge it with personal data.
Period of storage
LinkedIn uses permanent cookies in addition to temporary session cookies, which are deleted as soon as the browser is closed. In the area of online advertising, permanent cookies mainly include:
- Authentication cookies with a storage time of 180 days.
- Cookies that deliver advertisements and measure their relevance, with a storage time of 30 days.
- Cookies serving advertising and website analytics services with a storage time of 90 days
- Cookies that store opt-out for tracking, with a retention period of ten years.
LinkedIn's cookie policy can be found here: https://de.linkedin.com/legal/cookie-policy
You can find more information about individual cookies from LinkedIn at
https://de.linkedin.com/legal/l/cookie-table.
Personal data stored in LinkedIn through the service of online advertisements are automatically deleted on a regular basis:
- Within 30 days with respect to contact lists
- Within 90 days for data submitted using the "Lead Gen Form" contact form
- Within 180 days for pseudonymized website visit data
More information can be found here:
www.linkedin.com/help/lms/answer/87080/linkedin-marketing-solutions-and-the-general-data-protection-regulation-gdpr-?lang=en
The data collected by us from the "Lead Gen Form" contact form will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.
Third country transfer
LinkedIn processes and stores collected data within and outside the USA. The transfer of personal data is subject to the regulations of the General Data Protection Regulation (GDPR) and the Standard Contractual Clauses (SCCs). In addition, LinkedIn adheres to the Privacy Shield Framework Agreement and is certified for it.
Further information can be found here: https://de.linkedin.com/legal/privacy-policy and
www.linkedin.com/help/linkedin/answer/62533
Right to object
By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.
Without a personal LinkedIn account, you have the option of rejecting the cookies and advertising settings of LinkedIn under the following link: www.linkedin.com/mypreferences/g/guest-cookies
With a personal LinkedIn account, you have the option to restrict your cookies and individual usage-based advertisements here: www.linkedin.com/psettings/member-cookies and
www.linkedin.com/psettings/advertising/actions-that-showed-interest
Alternatively, you can control your cookie preferences regarding online advertising across websites via the European Interactive Digital Advertising Alliance (EDAA) platform, which helps you better understand data-driven advertising and provides options to protect your privacy regarding data protection: www.youronlinechoices.com/
With regard to the data collected from the "Lead Gen Form" contact form, the user has the option to revoke his consent to the processing of personal data at any time. An informal communication by e-mail is sufficient for this purpose. In such a case, the conversation cannot be continued. All personal data stored in the course of the contact will be deleted in this case.
14. Google Tag Manager
On our website we use the services of the Google Tag Manager (https://marketingplatform.google.com/intl/en/about/tag-manager/) of Google Ireland Limited. The Google Tag Manager is a platform solution, over which so-called website tags (small code elements, which serve for example to measure traffic and visitor behavior) can be generated, set and managed. Under certain circumstances, placed tags can collect data. The Google Tag Manager itself does not access this data, as it serves solely as a provisioning platform. In addition, despite having its own domain, it does not use cookies and does not collect any personal data. Information about any tags that may collect data can be found as separate topic blocks in this privacy statement. If you've already deactivated cookies at the domain or cookie level, they will remain deactivated for all tracking tags implemented with Google Tag Manager.
The use of the Google Tag Manager takes place on the legal basis of Article 6 (1) point (f) GDPR, whereby we as a website operator have a legitimate interest in the comfortable and use-optimized provision of our Internet presence.
15. YouTube
Our Web site includes the video platform YouTube (www.youtube.com) from YouTube, LLC at designated locations to enable playback of audio and video files.
These videos will obtain your permission to redirect to YouTube before playing. Only upon your consent will the embedded YouTube player connect to YouTube so that the video and audio files can be transmitted and played back. Data will also be transmitted to YouTube, LCC, as the responsible body for www.youtube.com. We are not responsible for YouTube's processing of these data.
For more information about YouTube's data collection and processing and your rights and choices regarding the video platform, please see YouTube's Privacy Policy:
www.google.de/intl/en/policies/privacy/
16. External links
Our website contains links to external websites of third parties on whose contents we have no influence. Therefore, we cannot assume any liability for these external contents. The respective provider or operator of the pages is always responsible for the contents of the linked pages. The linked pages were checked for possible legal infringements at the time of linking. Illegal contents were not recognisable at the time of linking.
A permanent control of the contents of the linked pages is not reasonable without concrete evidence of an infringement. As soon as we become aware of any legal infringements, we will remove such links immediately.
17. Microsoft Advertising
Purpose and Legal Basis
Microsoft Advertising is an online advertising program that allows advertisers to display interest-based ads in the search engine results of Microsoft and the Microsoft Advertising Network.
Microsoft interest-based ads are defined by predetermined keywords, which only display an ad in the search engine results of Google when the user retrieves keyword-relevant results using the search engine.
In the Microsoft Advertising Network, the ads are distributed on topic-relevant websites using an automatic algorithm and taking into account the predefined keywords.
When a user is redirected to our website via a Microsoft ad, a permanent cookie is set in the user’s browser, which collects data on which pages of our website were accessed and whether, for example, an attempt to contact was made. This cookie is also referred to as a conversion cookie and is not used for personal identification.
As a rule, Google collects the following data:
- Unique cookie ID
- Number and frequency of ad impressions
- Last impressions
- Opt-out information
The data collected via the conversion cookies are used by Microsoft to create visit statistics for our website. These visit statistics, in turn, help us determine the number of users viewing our ads and optimize our advertising.
We use interest-based advertising for our offerings based on Article 6(1)(f) of the GDPR. As website operators, we have a legitimate interest in storing cookies for the purpose of analysis, optimization, and the economic operation of our website.
Recipient
Our website uses the external service of the online advertising program Microsoft Advertising (https://ads.microsoft.com/) with conversion tracking from Microsoft Ireland Operations Limited (One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521). As a service provider, Microsoft Advertising processes the access data of displayed online advertisements on our behalf for the purpose of user analysis and statistical reporting for us. The service provider has been carefully selected, contracted, and is regularly monitored by us. Additionally, they are contractually obligated to treat your data confidentially.
The data collected through Microsoft Advertising (including your pseudonymized IP address) is processed within Microsoft's global server infrastructure.
The information generated by the cookies is not used to personally identify the user of our advertisements or this website and is not combined with personal data relating to the holder of the pseudonym.
Period of storage
The cookies used for conversion tracking by Microsoft Advertising expire after 30 days, unless you delete them beforehand via your browser settings. You can delete the cookies at any time in the security settings of your browser.
Third country transfer
The collected data is transferred to Microsoft's globally located servers (including the USA). Microsoft complies with the Standard Contractual Clauses (SCCs) and is also still certified under the EU-U.S. and Swiss-U.S. Privacy Shield.
Further information can be found in Microsoft's privacy policy:
Right to object
By changing the settings in your internet browser, you can disable or limit the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, some functions of the website may no longer be fully usable.
18. Microsoft Clarity
Purpose and Legal Basis
We use the Microsoft Clarity analysis tool to analyze and better understand the usage of our website. Microsoft Clarity allows us to track user interactions on our website, such as mouse movements, clicks, and scrolling behavior. This data helps us improve the user experience and tailor our services to the needs of our users. The legal basis for the processing of personal data by Microsoft Clarity is your consent pursuant to Article 6(1)(a) of the GDPR, which you provide via our cookie banner.
Recipient
The data collected by Microsoft Clarity is processed by Microsoft. Microsoft acts as our processor and is required to process the data only on our behalf and according to our instructions in accordance with applicable data protection regulations.
Period of storage
The data collected by Microsoft Clarity is stored for a period of 1 year.
Third country transfer
In the context of using Microsoft Clarity, your personal data may be transferred to the USA. Microsoft is certified under the EU-US Data Privacy Framework, ensuring an adequate level of data protection in accordance with Article 45 of the GDPR.
Right to object
You have the right to withdraw your consent to the data processing by Microsoft Clarity at any time with effect for the future. The withdrawal can be made by adjusting your cookie settings on our website. Please note that the withdrawal does not affect the lawfulness of the processing carried out prior to the withdrawal.
19. Google Looker Studio
Purpose and Legal Basis
We use Google Looker Studio to create data visualizations and dashboards that help us make business decisions based on data analysis. Google Looker Studio allows us to represent complex data in an understandable way and to use it for internal evaluations. Data processing is carried out based on Article 6(1)(f) of the GDPR, our legitimate interest in effective business management and data-driven decision-making. If you, as the data subject, have given your consent to the processing, it is carried out based on Article 6(1)(a) of the GDPR.
Recipient
The primary recipients of the data are internal departments responsible for corporate management and analysis. Google, as a service provider, also has access to the data insofar as it is necessary to provide the services. Google processes the data on our behalf and according to our instructions as a data processor in accordance with Article 28 of the GDPR.
Period of storage
The storage duration of the data in Google Looker Studio depends on internal data retention policies and legal requirements. In general, the data will be deleted once it is no longer necessary for the purpose for which it was collected and no legal retention obligations prevent deletion.
Right to object
You have the right to object at any time to the processing of your personal data, which is carried out based on Article 6(1)(f) of the GDPR. You can submit your objection to the contact details provided in this privacy policy.
For reasons of security and to protect the transfer of confidential contents this site uses SSL and TLS encryption. An encrypted connection recognises you because the address line of the browser changes from "http://" to "https://" and from the exit symbol in your browser. If the SSL or TLS encryption is activated, the data, which you transfer to us, cannot be read by third parties.
Our employees are trained and obliged to comply with the provisions of the GDPR and the BDSG-neu when dealing with data.
You have the following rights with respect to the personal data concerning you (see Article 15 et seq. GDPR):
- Right to information
- Right to correction or erasure
- Right to restriction of processing
- Right to object to the processing
- Right to data portability
- You may at any time withdraw from us any consent you have given to the processing of personal data. This also applies to the revocation of declarations of consent, which have been granted prior to the entry into force of the General Data Protection Regulation, in other words, prior to 25 May 2018. Please note that the withdrawal takes effect only for the future. Processing procedures carried out prior to the revocation are not affected thereby.
- In addition, there is a right of appeal to a competent data protection supervisory authority. You can find a list of supervisory authorities with their addresses on:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html