Privacy policy

As a data subject, you have the following rights with regard to the personal data concerning you in connection with us:

Of course, you can also object to the processing of your personal data for advertising purposes at any time. To do so, direct your objection to our address given in the imprint or write us an e-mail to the address given in the imprint.

Cookies

Cookies are small text files that are sent by us to the browser of your end device during your visit of our website and stored there. As an alternative to the use of cookies, information can also be stored in the local storage of your browser. Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). Other cookies, on the contrary, enable us to perform various analyses, so that we are able, for example, to recognize the browser you are using when you visit our website again and to transmit various information to us (non-essential cookies). With the help of cookies, we can, among other things, make our website more user-friendly and effective for you, for example by tracking your use of our website and determining your preferred settings (e.g. country and language settings). If third parties process information via cookies, they collect the information directly from your browser. Cookies do not cause any damage to your end device. They cannot execute programs or contain viruses.

Consent with Cookiebot

Our website uses the consent technology of Cookiebot to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document this in accordance with data protection law. The provider of this technology is Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter "Cookiebot").

When you enter our website, a connection is established to Cookiebot's servers in order to obtain your consents and other declarations regarding cookie use. In order to be able to assign and document your consent or revocation, a cookie is set in your browser. This data is stored until you delete the cookie, request us to delete the data or the purpose for data processing no longer applies. Legal storage obligations remain unaffected.

Cookiebot is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c DSGVO.

Order processing
To ensure that personal data is processed according to our specifications and in compliance with the DSGVO, we have concluded a contract on order processing (AVV) with the provider.

Your rights
Under the conditions of the legal provisions of the General Data Protection Regulation (DSGVO), you have the following rights as a data subject:

• Information according to Art. 15 DSGVO about the data stored about you in the form of meaningful information regarding the details of the processing, as well as a copy of your data;
• Right of rectification pursuant to Art. 16 DSGVO of inaccurate or incomplete data stored by us;
• Deletion according to Art. 17 DSGVO of the data stored by us, insofar as the processing is not necessary for the exercise of the right to freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims;
• Restriction of processing pursuant to Art. 18 DSGVO, insofar as the accuracy of the data is disputed, the processing is unlawful, we no longer need the data and you object to their erasure because you need them for the assertion, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 DSGVO.
• Data transferability pursuant to Art. 20 DSGVO, insofar as you have provided us with personal data within the scope of consent pursuant to Art. 6 (1) a DSGVO or on the basis of a contract pursuant to Art. 6 (1) b DSGVO and these have been processed by us with the aid of automated processes. You will receive your data in a structured, common and machine-readable format or we will transfer the data directly to another responsible party, insofar as this is technically possible.
• Objection according to Art. 21 DSGVO against the processing of your personal data, insofar as this is based on Art. 6 para. 1 lit. e, f DSGVO and there are reasons for this that arise from your particular situation or the objection is addressed to direct advertising. The right to object does not exist if outweighing, compelling reasons worthy of protection for the processing are proven or the processing is carried out for the assertion, exercise or defense of legal claims. Where the right to object does not exist for individual processing operations, this is indicated there.
• Revocation pursuant to Art. 7 (3) DSGVO of your granted consent with effect for the future.
• Complaint pursuant to Art. 77 DSGVO to a supervisory authority if you believe that the processing of your personal data violates the DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or our company headquarters.

Data processing in detail

In the following, we inform you about the individual processing operations, the scope and purpose of the data processing, the legal basis, the obligation to provide your data and the respective storage period. An automated decision in individual cases, including profiling does not take place.

Provision of the website

When you visit and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:

• IP address of the requesting computer
• Date and time of access
• Name and URL of the accessed file
• Website from which the access is made (referrer URL)
• Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider.

Our website is not hosted by ourselves, but by a service provider who processes the above-mentioned data on our behalf in accordance with Art. 28 DSGVO for the purpose of providing the website. The hoster is used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO).

We use the following hoster:
Alfahosting GmbH
Edmund-von-Lippmann-Strasse 13-15
06112 Halle (Saale)

 

Contact

Type and scope of processing

If you send us inquiries (e.g. via contact form, email, social media or by phone), we store all data resulting from this (e.g. name, email address, subject of the inquiry, etc.). We need this data to process your request and to be able to answer follow-up questions. We do not pass on this data without your consent.

Purpose and legal basis

The processing of this data is based on Art. 6 (1) lit. b DSGVO, provided that your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. Otherwise, the processing is based on our legitimate interest in the effective processing of requests addressed to us (Art. 6 (1) (f) DSGVO) or on your consent (Art. 6 (1) (a) DSGVO) if you have given it beforehand.

Storage period

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions - in particular retention periods - remain unaffected.

Recruitment process

Type and scope of processing

On our website, you have the option of applying to us (e.g. by e-mail, post or via online application form).

Purpose and legal basis

We process the personal data of applicants in accordance with the legal requirements for the purpose of processing the application procedure and carrying out pre-contractual measures within the meaning of Art. 6 (1) lit. b. DSGVO and § 26 BDSG according to German law (initiation of an employment relationship) and - if you have given your consent - Art. 6 para. 1 lit. a DSGVO. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons involved in processing your application.

If the application is successful, the data you submitted will be stored in our data processing systems on the basis of Section 26 BDSG and Art. 6 (1) lit. b DSGVO for the purpose of implementing the employment relationship.

Storage period

Your data will be stored for a period of 6 months beyond the end of the application process. This is usually done to fulfill legal obligations or to defend against any claims arising from legal regulations. Afterwards, we are required to delete or anonymize your data. In this case, the data is only available to us as so-called metadata without direct personal reference for statistical evaluations (for example, proportion of women or men in applications, number of applications per period, etc.).

If it is apparent that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), the data will not be deleted until the purpose for continued storage no longer applies.

Inclusion in the applicant pool

As part of the application process, we offer applicants the opportunity to be included in our "talent pool" for a period of 12 months on the basis of consent within the meaning of Art. 6 (1) lit. a. DSGVO to be included.

The application documents in the talent pool will be processed only within the framework of future job postings and the employee search and will be destroyed at the latest after the deadline. Applicants are informed that their consent to inclusion in the talent pool is voluntary, has no influence on the current application process and that they can revoke this consent at any time for the future.

If you receive an offer of employment with us as part of the application process and accept it, we will store the personal data collected as part of the application process for at least the duration of the employment relationship.

Presence on social media platforms

Data processing by social networks

We operate public-access profiles on social networks. The social networks used by us in detail can be found below.

Social networks such as Facebook, Twitter, etc. can generally analyze your user behavior extensively. By visiting our social media presences, the following data protection-relevant processing operations are triggered:

If you are logged into your social media account and visit our profile, the operator of this social medium can track this visit. Independently of this, the operator may also process your data (e.g. IP address) under certain circumstances even if you are not logged into your account or you do not have an account at all.

The operator summarizes this data in user profiles, in which your preferences and interests are stored. These profiles are used for the placement of personalized advertising inside and outside the respective social media presence. If you have an account with the respective social network, the personalized advertising may be displayed on all devices on which you are or were logged in.

Depending on the platform, further processing operations may be carried out by the operators of the social media portals, over which we have no control. For details, please refer to the terms of use and data protection provisions of the respective social media portals.

Legal basis
Our social media presences are intended to ensure the most comprehensive possible presence on the Internet within the meaning of Art. 6 (1) lit. f DSGVO. The analysis processes carried out by the operators of the social networks may be based on different legal bases, which are to be specified by the respective providers.

Responsible party and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we are co-responsible with the operator of the social media platform for the data processing operations triggered during this visit. In general, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. Facebook). Despite the joint responsibility with the social media portal operators, we have no full influence on the data processing operations of the portals. Our options are largely determined by the corporate policy of the respective provider.

Storage period
The data collected directly by us via the social media presence will be deleted from our systems as soon as you request us to delete it, withdraw your consent to store it, or the purpose for storing the data no longer applies. Mandatory legal provisions - in particular retention periods - remain unaffected.
We have no influence on the storage period of the data collected by the social networks. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

Facebook page
We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The data collected is also transferred to the USA and other third countries.

We have entered into a Joint Processing Agreement (Controller Addendum) with Facebook, which specifies which data processing operations we or Facebook are responsible for. You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.

You can adjust your advertising settings independently in your user account. To do so, click on the following link and log in: https://www.facebook.com/settings?tab=ads.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

More information on data processing by Facebook can be found at https://www.facebook.com/about/privacy/.

Instagram page
We have a profile on Instagram. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381.
For details on their handling of your personal data, please refer to Instagram's privacy policy: https://help.instagram.com/519522125107875.

LinkedIn page
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you would like to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs. For details on their handling of your personal data, please refer to LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.

XING page
We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. For details on how they handle your personal data, please refer to XING's privacy policy: https://privacy.xing.com/de/datenschutzerklaerung.

YouTube
We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For details on how they handle your personal data, please refer to YouTube's privacy policy: https://policies.google.com/privacy?hl=de.

Pinterest
We have a profile on Pinterest. The operator is Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland. For details on their handling of your personal data, please refer to Pinterest's privacy policy: https://policy.pinterest.com/de/privacy-policy.

Video conferencing

Data processing
We use online conferencing tools to communicate with our customers. The tools we use in detail are listed below. When you communicate with us via video or audio conferencing, your personal data is collected and processed by us and the provider of the relevant tool.

The tools collect the data you provide, including your email address and phone number. They also process, the duration of the conference, when you joined the conference, number of participants and other metadata.

In addition, the tool provider processes all technical data required for handling the conference. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speakers, and the type of connection.

When you share content in this service, it is stored on the providers' servers. This includes cloud recordings, chat messages, voice messages, and photos and videos you shared while using this service.

Please note that we do not have full control over the data processing operations of the tools used. For more information on data processing by the conference tools, please refer to the privacy statements of the respective tools used.

Purpose and legal basis
The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 para. 1 lit. b DSGVO). Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO). If you have previously given your consent to data processing, the processing of your data will take place solely on the basis of Art. 6 (1) lit. a DSGVO; consent can be revoked at any time.

Storage period
The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until you delete them. Mandatory legal retention periods remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

Microsoft Teams
We use Microsoft Teams. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. For details on data processing, please refer to the Microsoft Teams privacy policy: https://privacy.microsoft.com/de-de/privacystatement.

Google Tag Manager
We use services and functions from Google Tag Manager on this website, which are offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is a tool that allows us to use other tools on our website. It does not create user profiles, it does not store cookies, and it does not perform independent analytics. However, your IP address is collected and may be transmitted to the USA. Google Tag Manager itself is only used to manage these tools that are integrated through it. When using Google Tag Manager on this website, we rely on Art. 6 (1) lit. f DSGVO as the legal basis, as we have a legitimate interest in implementing and directing tracking tools on this website easily and quickly. If you have previously given consent for data processing on this website by Google Tag Manager, the processing of your data will take place solely on the legal basis of Art. 6 (1) lit. a DSGVO. You can revoke your consent at any time.

Google Ads
We use Google Ads services and functions on this website, which are offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Type and scope of data processing
Google Ads allow us to display online advertisements in the Google search engine or on other websites when users search for specific terms. In addition, ads can be served to specific audiences based on user data. For example, the ads are targeted to users' interests and location. We analyse this user data and the number of clicks to measure the success of our ads.

Legal basis
When using Google Ads, we rely on Art. 6 (1) lit. f DSGVO as the legal basis, as we have a legitimate interest in analysing the use of our website in order to successfully market our services and products. The transfer of your personal data to the USA is based on the standard contractual clauses of the EU Commission. You can find more information on this at https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.

Google Analytics
We use Google Analytics services and functions on this website, which are offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. With the help of Google Analytics, we as the website operator can determine how our website is used. As part of the analysis, we learn how often our website is accessed, how long visitors stay on the page and with which devices or systems they access the website. In addition, we may use Google Analytics to track your mouse movements and clicks. This information may be stored and used by Google to create a profile about you. In doing so, Google Analytics uses machine learning technologies to analyze and supplement your data. Furthermore, Google Analytics uses website visitor recognition technologies to analyze user behavior. The processing of the collected data usually takes place on Google servers in the USA. When using Google Analytics, we rely on Art. 6 (1) lit. f DSGVO as the legal basis for the storage and analysis of personal data, as we have a legitimate interest in analyzing the use of our website. This allows us to optimize our online presence and offers for you. If you have previously given your consent to data processing on this website by Google Analytics, the processing of your data takes place solely on the legal basis of Art. 6 (1) lit. a DSGVO. You can revoke your consent at any time.

The transfer of your personal data to the USA is based on the standard contractual clauses of the EU Commission. For more information, please visit https://privacy.google.com/businesses/controllerterms/mccs/.

IP anonymization
When using Google Analytics on this website, we use a function where Google shortens your IP address before it is transmitted to Google servers in the USA. This only happens if you are located in the European Union or in a country of the European Economic Area. Your full IP address will only be transmitted to the USA in exceptional cases and then be shortened there. Google Analytics uses this information to track how you use our website. Your IP address will not be merged with any other data held by Google.

Browser plugin
You can prevent Google from collecting and processing data about you. To do this, you must download the browser plugin at https://tools.google.com/dlpage/gaoptout?hl=de and install it in your browser.  For more information on the processing of user data, please refer to the Google Analytics privacy policy at https://support.google.com/analytics/answer/6004245?hl=de.

Order processing
When using Google Analytics, we follow the strict regulations of the German data protection authorities, as we have concluded an order processing agreement with Google.

Storage period
Google stores data linked to cookies, user IDs or advertising IDs. This data is stored for two months and then anonymized or deleted. For more information on the storage period or deletion of your data, please visit https://support.google.com/analytics/answer/7667196?hl=de.

Google DoubleClick
We use Google DoubleClick services and functions on this website, which are offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
With the help of Google DoubleClick, we can show our users targeted advertisements in Google applications connected to DoubleClick that are geared to the users' interests. In order to show users ads that are relevant to them, Google DoubleClick must be able to identify users and associate them with the websites they visit, their clicks and other information about their behavior. For this purpose, Google DoubleClick uses cookies and user recognition technologies and creates pseudonymous profiles of users based on the data collected.
You can deactivate this personalized advertising in your personal Google account at https://myadcenter.google.com/ . You can find more information about this at https://policies.google.com/technologies/ads and https://adssettings.google.com/authenticated.

When using Google DoubleClick, we rely on Art. 6 (1) lit. f DSGVO as the legal basis, as we have a legitimate interest in analyzing the use of our website. This allows us to optimize our online presence and offers for you. If you have previously given your consent to data processing by Google DoubleClick on this website, the processing of your data takes place solely on the legal basis of Art. 6 (1) lit. a DSGVO. You can revoke your consent at any time.

SalesViewer
We have integrated SalesViewer on our website. SalesViewer is a service of SalesViewer GmbH, Bongardstraße 29, 44787 Bochum, Germany, which identifies anonymous website visitors, provides complete contact information and insights into the visit history.
SalesViewer uses cookies and other browser technologies to evaluate user behavior and recognize users. Among other things, SalesViewer shows us which companies have visited our website, determines the history of your visit, including all pages you have visited and viewed, and the length of your stay on this website.
SalesViewer collects and processes data about companies such as company name, phone number, address, web address, industry, company profile, sales, and key people on LinkedIn.

The use of SalesViewer is based on your consent pursuant to Art. 6 para. 1 lit. a. DSGVO and § 25 para. 1 TTDSG.

For further information, please see the privacy policy for SalesViewer: https://www.salesviewer.com/datenschutz.

LinkedIn Insight Tag
We use the LinkedIn Insight Tag on this website, which is offered by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

We use the LinkedIn Insight Tag to obtain information from our website visitors. We can analyze professional information (e.g., company size, job title, industry, location, etc.) of a visitor if they have a LinkedIn account. We can also use the LinkedIn Insight Tag (across devices) to measure whether people who visit our websites buy something or do something else on the website. Furthermore, we can use the tag to conduct so-called remarketing and play them suitable ads on other websites. According to LinkedIn, users are not identified in this process.

LinkedIn itself collects information such as the URL or IP address of website visitors and can use this for its own advertising purposes. LinkedIn also logs which device and which browser someone uses to access the website. Visitors' IP addresses are shortened or pseudonymized (if used to reach LinkedIn members across devices). LinkedIn deletes all direct identifiers after seven days and the remaining pseudonymized data after 180 days. The data collected by LinkedIn is stored on LinkedIn servers in the USA. For more information, please see LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy#choices-oblig.

You can deactivate the analysis of your user behavior and remarketing by LinkedIn at
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. In addition, as LinkedIn members, you can control how your personal data is used for advertising purposes via the account settings. To avoid the data on our website being linked to your LinkedIn account, you must log out of your LinkedIn account before visiting our website.

When using LinkedIn Insight, we rely on Art. 6 (1) lit. f DSGVO as the legal basis, as we have a legitimate interest in optimizing our online presence and offers for you through social media platforms. If you have previously given your consent to data processing by LinkedIn Insight on this website, the processing of your data will take place solely on the legal basis of Art. 6 (1) lit. a DSGVO. You can revoke your consent at any time.

The transfer of your personal data to the USA is based on the standard contractual clauses of the EU Commission. For more information, please visit https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.

Order processing
To ensure that personal data is processed according to our specifications and in compliance with the DSGVO, we have concluded a contract on order processing (AVV) with the provider.

Status of the privacy policy: 31.03.2023