DATA PROTECTION DECLARATION
As of January 2021
Table of Contents
I. Name and address of the responsible party
II. Contact details of the data protection officer
III. General information on data processing
IV. Rights of the data subject
V. Provision of the website and creation of log files
VI. Use of cookies
VII. Email contact
VIII. Hosting
IX. Plugins used
I. Name and address of the controller
The controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:
marc münchen
Senefelderstraße 12
80336 Munich
Germany
Tel.
II. Contact details of the data protection officer
The data protection officer of the controller is:
DataCo GmbH
Dachauer Straße 65
80335 Munich
Germany
+49 89 7400 45840
III. General information on data processing
1. Scope of processing of personal data
We only process personal data of our users to the extent necessary to provide a functional website and our content and services. The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies in cases where prior consent cannot be obtained for practical reasons and the processing of the data is required by law.
2. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 sentence 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is party, Art. 6 para. 1 sentence 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.
Insofar as the processing of personal data is necessary for the fulfillment of a legal obligation to which our company is subject, Art. 6 para. 1 sentence 1 lit. c GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 sentence 1 lit. d GDPR serves as the legal basis.
If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights, and freedoms of the data subject do not override the aforementioned interest, Art. 6 para. 1 sentence 1 lit. f GDPR serves as the legal basis for processing.
3. Data deletion and storage duration
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also take place if this has been provided for by European or national legislators in EU regulations, laws, or other provisions to which the controller is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
IV. Rights of the data subject
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:
1. Right to information
You may request confirmation from the controller as to whether personal data concerning you is being processed by him.
If such processing is taking place, you may request the following information from the controller:
the purposes for which the personal data is processed;
the categories of personal data that are processed;
the recipients or categories of recipients to whom the personal data concerning you has been or will be disclosed;
the planned duration of storage of the personal data concerning you or, if this is not possible, criteria for determining the duration of storage;
the existence of a right to rectify or erase personal data concerning you, a right to restrict processing by the controller or a right to object to such processing;
the existence of a right to lodge a complaint with a supervisory authority;
all available information about the origin of the data if the personal data is not collected from the data subject;
the existence of automated decision-making, including profiling, pursuant to Art. 22 (1) and (4) GDPR and, at least in these cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You have the right to request information about whether the personal data concerning you is being transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.
2. Right to rectification
You have the right to obtain from the controller the rectification and/or completion of personal data concerning you if the personal data processed are inaccurate or incomplete. The controller shall carry out the rectification without undue delay.
3. Right to restriction of processing
You may request the restriction of the processing of personal data concerning you under the following conditions:
if you dispute the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
the controller no longer needs the personal data for the purposes of the processing, but you require it for the assertion, exercise, or defense of legal claims; or
you have objected to the processing pursuant to Art. 21 (1) GDPR and it is not yet clear whether the legitimate reasons of the controller outweigh your reasons.
If the processing of personal data concerning you has been restricted, such data may – except for storage – only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If the restriction of processing has been imposed in accordance with the above conditions, you will be informed by the controller before the restriction is lifted. requirements, you will be informed by the controller before the restriction is lifted.
4. Right to erasure
a) Obligation to erase
You may request that the controller erase personal data concerning you without undue delay, and the controller is obliged to erase such data without undue delay if one of the following grounds applies:
The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
You withdraw your consent on which the processing is based pursuant to Art. 6 (1) sentence 1 lit. a or Art. 9 (2) lit. a GDPR, and there is no other legal basis for the processing.
You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
The personal data concerning you has been processed unlawfully.
The erasure of personal data concerning you is necessary for compliance with a legal obligation to which the controller is subject under Union law or the law of the Member States.
The personal data concerning you were collected in relation to information society services offered pursuant to Art. 8 para. 1 GDPR.
b) Information to third parties
If the controller has made the personal data concerning you public and is obliged to delete it pursuant to Art. 17(1) GDPR, it shall take reasonable steps, including technical measures, to inform the data controllers who process the personal data of the fact that you, as the data subject, have requested the erasure of all links to this personal data or of copies or replications of this personal data.
c) Exceptions
The right to erasure does not apply if the processing is necessary
for exercising the right of freedom of expression and information;
for compliance with a legal obligation which requires processing in accordance with Union or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
for reasons of public interest in the area of public health pursuant to Art. 9 para. 2 lit. h and i as well as Art. 9 para. 3 GDPR;
for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 para. 1 GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of this processing, or
for the establishment, exercise or defense of legal claims.
5. Right to information
If you have exercised your right to rectification, erasure, or restriction of processing against the controller, the controller is obliged to notify all recipients to whom your personal data has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves disproportionate effort.
You have the right to obtain information from the controller about these recipients.
6. Right to data portability
You have the right to receive the personal data concerning you that you have provided to the controller in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data has been provided, provided that
the processing is based on consent pursuant to Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR or on a contract pursuant to Art. 6 (1) (b) GDPR and
the processing is carried out using automated means.
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. The freedoms and rights of other persons must not be affected by this.
The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7. Right to object
You have the right to object, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Article 6(1)(e) or (f) of the GDPR; this also applies to profiling based on these provisions.
The controller shall no longer process the personal data concerning you unless the controller can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is necessary for the establishment, exercising or defense of legal claims.
If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing; this also applies to profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
In connection with the use of information society services, you have the option of exercising your right to object by means of automated procedures using technical specifications, notwithstanding Directive 2002/58/EC.
8. Right to revoke your declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
9. Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
is necessary for the conclusion or performance of a contract between you and the controller,
is authorized by Union or Member State law to which the controller is subject and that law provides for appropriate measures to safeguard your rights and freedoms and legitimate interests, or
is based on your explicit consent.
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 (1) GDPR, unless Art. 9 (2) lit. a or b GDPR applies and appropriate measures to protect your rights and freedoms and legitimate interests have been taken.
With regard to the cases referred to in 1. and 3., the controller shall take appropriate measures to safeguard your rights and freedoms and legitimate interests, which include at least the right to obtain human intervention on the part of the controller, to express your own point of view and to contest the decision.
10. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
V. Provision of the website and creation of log files
1. Description and scope of data processing
Every time you visit our website, our system automatically collects data and information from the computer system of the requesting computer.
The following data is collected:
Information about the browser type and version used
The user’s operating system
Date and time of access
Websites from which the user’s system accesses our website
Web pages accessed by the user’s system via our website
This data is stored in the log files of our system. This does not affect the user’s IP addresses or other data that enables the data to be assigned to a user. This data is not stored together with other personal data of the user.
2. Purpose of data processing
The data is stored in log files to ensure the functionality of the website. The data also helps us optimize the website and ensure the security of our information technology systems. The data is not evaluated for marketing purposes in this context.
These purposes also constitute our legitimate interest in data processing pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.
3. Legal basis for data processing
The legal basis for the temporary storage of data is Art. 6 para. 1 sentence 1 lit. f GDPR.
4. Duration of storage
The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. In the case of data collection for the provision of the website, this is the case when the respective session has ended.
5. Right to object and right to erasure
The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Consequently, there is no possibility for the user to object.
VI. Use of cookies
1. Description and scope of data processing
Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is accessed again.
We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change.
The following data is stored and transmitted in the cookies:
Language settings
Search terms entered
Frequency of page views
The user data collected in this way is pseudonymized by technical measures. Therefore, it is no longer possible to assign the data to the user who accessed the website. The data is not stored together with other personal data of the user.
2. Purpose of data processing
The purpose of using technically necessary cookies is to simplify the use of websites for users. Some features of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.
We require cookies for the following applications:
Transfer of language settings
Remembering search terms
The user data collected by technically necessary cookies is not used to create user profiles.
3. Legal basis for data processing
The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 sentence 1 lit. f GDPR.
4. Duration of storage, objection and removal options
Cookies are stored on the user’s computer and transmitted to our site. Therefore, as a user, you have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.
If you use a Safari browser from version 12.1 onwards, cookies are automatically deleted after seven days. This also applies to opt-out cookies that are set to prevent tracking measures.
VII. Email contact
1. Description and scope of data processing
You can contact us via the email address provided on our website. In this case, the personal data transmitted with the email will be stored.
The data will be used exclusively for processing the conversation.
2. Purpose of data processing
In the event of contact by email, there is also a legitimate interest in the processing of the data.
3. Legal basis for data processing
The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR if the user has given their consent.
The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 para. 1 lit. f GDPR. If the email contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
4. Duration of storage
The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been finally clarified.
The personal data collected additionally during the sending process will be deleted after a period of seven days at the latest.
5. Right to object and right to erasure
The user has the option of revoking their consent to the processing of their personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.
Many data processing operations are only possible with your express consent. You can revoke your consent at any time. To do so, simply send us an informal email. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
All personal data stored in the course of establishing contact will be deleted in this case.
Many data processing operations are only possible with your express consent. You can revoke your consent at any time. To do so, simply send us an informal email. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
VIII. Hosting
The website is hosted on servers by a service provider commissioned by us.
Our service provider is:
ALL-INKL.COM – Neue Medien Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany
The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The information stored is:
Browser type and browser version
Operating system
Referrer URL
Host name of the accessing computer
Date and time of the server request
IP
This data is not merged with other data sources. This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website—for this purpose, the server log files must be collected.
The location of the website server is geographically in Germany.
IX. Plugins used
We use plugins for various purposes. The plugins used are listed below:
Use of Google Analytics
1. Scope of processing of personal data
We use Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and its representative in the European Union, Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). Google Analytics examines, among other things, the origin of visitors, their length of stay on individual pages, and the use of search engines, thereby enabling better monitoring of the success of advertising campaigns. Google places a cookie on your computer. This allows personal data to be stored and evaluated, in particular the activity of the user (in particular which pages have been visited and which elements have been clicked on), device and browser information (in particular the IP address and the operating system), data about the advertisements displayed (in particular which advertisements were displayed and whether the user clicked on them) and also data from advertising partners (in particular pseudonymized user IDs). The information generated by the cookie about your use of this website is transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there.
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by adjusting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of our website to their full extent.
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de
2. Purpose of data processing
The purpose of processing personal data is to specifically address a target group that has already expressed an initial interest by visiting the website.
3. Legal basis for the processing of personal data
The legal basis for the processing of users’ personal data is, in principle, the user’s consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
4. Duration of storage
Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law. Advertising data in server logs is anonymized by Google, which, according to its own statements, deletes parts of the IP address and cookie information after 9 or 18 months.
5. Right of revocation and deletion
You have the right to withdraw your consent to the processing of your personal data at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent Google from collecting and processing your personal data by preventing third-party cookies from being stored on your computer, using the “Do Not Track” feature of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can also prevent Google from collecting the data generated by the cookie and related to your use of the online presence (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de
You can disable the use of your personal data by Google using the following link: https://adssettings.google.de
Further information on Google’s options for objection and removal can be found at: https://policies.google.com/privacy?gl=DE&hl=de
Use of TrustYou
1. Scope of processing of personal data
We use features of the online marketing plugin from TrustYou GmbH, Steinerstraße 15, 81369, Munich, Bavaria, Germany as an online marketing plugin for evaluation analysis, evaluation marketing, reputation management, and for creating and processing guest questionnaires.
Cookies from TrustYou are stored on your device.
In particular, the following personal data is processed by TrustYou:
– The address of the page you visited on the website
– The address of the website you visited immediately before
– Date and time of the website visit
– Characteristics of the end device, in particular the operating system. Device recognition.
– IP address
– Identification number
2. Purpose of data processing
TrustYou is used to interpret, collect, and share customer feedback. It is also used to publish ratings across websites.
3. Legal basis for the processing of personal data
The legal basis for the processing of users’ personal data is, in principle, the user’s consent in accordance with Art. 6 (1) (a) GDPR.
4. Duration of storage
Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g., for tax and accounting purposes.
You can prevent the storage of cookies by adjusting your browser software settings accordingly; however, in this case, you may not be able to use all functions of the website.
5. Right to object and right to erasure
You can prevent TrustYou from collecting and processing your personal data by preventing third-party cookies from being stored on your computer, using the “Do Not Track” function of a supporting browser, deactivating the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Further information on the options for objection and removal from TrustYou can be found at:
https://www.trustyou.com/wp-content/uploads/2018/06/2018-05-24-trustyou-DSE.pdf
Use of Google AdWords
1. Scope of processing of personal data
We use Google AdWords from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and its representative in the EU, Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). We use this service to place advertisements. Google places a cookie on your computer. This allows personal data to be stored and evaluated, in particular the activity of the user (in particular which pages have been visited and which elements have been clicked on), device and browser information (in particular the IP address and the operating system), data about the advertisements displayed (in particular which advertisements were displayed and whether the user clicked on them) and also data from advertising partners (in particular pseudonymized user IDs).
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de
2. Purpose of data processing
We only receive information about the total number of users who responded to our advertisement. No information is passed on that could be used to identify you. The use is not for tracking purposes.
3. Legal basis for the processing of personal data
The legal basis for the processing of users’ personal data is, in principle, the user’s consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
4. Duration of storage
Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g., for tax and accounting purposes.
5. Right to withdraw consent and right to erasure
You have the right to withdraw your consent to the processing of your personal data at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent Google from collecting and processing your personal data by preventing third-party cookies from being stored on your computer, using the “Do Not Track” feature of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can disable Google’s use of your personal data by clicking on the following link: https://adssettings.google.de
Further information on Google’s options for objection and removal can be found at:
https://policies.google.com/privacy?gl=DE&hl=de
Use of Google Maps
1. Scope of processing of personal data
We use the online map service Google Maps provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and its representative in the European Union, Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). We use the Google Maps plugin to visually display geographical data and embed it on our website. When you use Google Maps on our website, information about your use of our website, your IP address, and any addresses entered in the route planner function are transmitted to a Google server and stored there.
Further information on data processing by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de
2. Purpose of data processing
The Google Maps plugin is used to improve user-friendliness and to present our online presence in an appealing manner.
3. Legal basis for the processing of personal data
The legal basis for the processing of users’ personal data is generally the user’s consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
4. Duration of storage
Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law.
5. Right of revocation and deletion
You have the right to withdraw your consent to the processing of your personal data at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent Google from collecting and processing your personal data by preventing third-party cookies from being stored on your computer, using the “Do Not Track” feature of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can disable the use of your personal data by Google using the following link:
Further information on Google’s options for objection and removal can be found at:
https://policies.google.com/privacy?gl=DE&hl=de
Use of Google Web Fonts
1. Scope of processing of personal data
We use Google Web Fonts from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and its representative in the European Union, Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). When you visit the website, the web fonts are transferred to your browser’s cache so that they can be used to display various information in a visually enhanced form. If your browser does not support Google Web Fonts or access is blocked, the text will be displayed in a standard font. No cookies are stored when you visit the site. Data transmitted in connection with the page request is sent to resource-specific domains such as https://fonts.googleapis.com or https://fonts.gstatic.com. This may result in the storage and evaluation of personal data, in particular the user’s activity (in particular which pages have been visited and which elements have been clicked on) and device and browser information (in particular the IP address and operating system).
The data is not associated with data that may be collected or used in connection with the parallel use of authenticated Google services such as Gmail.
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de
2. Purpose of data processing
Google Web Fonts are used to ensure that our texts are displayed in an appealing manner. If your browser does not support this function, a standard font from your computer will be used for display.
3. Legal basis for the processing of personal data
The legal basis for the processing of users’ personal data is generally the user’s consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
4. Duration of storage
Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g., for tax and accounting purposes.
5. Right to object and right to erasure
You can prevent Google from collecting and processing your personal data by preventing third-party cookies from being stored on your computer, using the “Do Not Track” function of a supporting browser, deactivating the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can disable the use of your personal data by Google using the following link:
Further information on Google’s options for objection and removal can be found at:
https://policies.google.com/privacy?gl=DE&hl=de
Use of Google ReCaptcha
1. Scope of processing of personal data
We use Google ReCaptcha from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and its representative in the European Union, Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland. This tool is designed to check whether data entry is compliant and has not been made by a bot. To do this, Google ReCaptcha analyzes and authenticates the behavior of an online presence visitor with regard to various characteristics. This may result in the storage and evaluation of personal data, in particular the user’s activity (especially mouse movements and which elements have been clicked on) and device and browser information (especially the time, IP address, and operating system).
The data is not associated with data that may be collected or used in connection with the parallel use of authenticated Google services such as Gmail.
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de
2. Purpose of data processing
The use of Google ReCaptcha serves to protect our online presence from misuse.
3. Legal basis for the processing of personal data
The legal basis for the processing of users’ personal data is, in principle, the user’s consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
4. Duration of storage
Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g., for tax and accounting purposes.
5. Right to withdraw consent and right to erasure
You have the right to withdraw your consent to the processing of your personal data at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent Google from collecting and processing your personal data by preventing third-party cookies from being stored on your computer, using the “Do Not Track” feature of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can disable the use of your personal data by Google using the following link:
Further information on Google’s options for objection and removal can be found at:
https://policies.google.com/privacy?gl=DE&hl=de
Use of Wordfence Security
1. Scope of processing of personal data
Our online presence uses functions provided by Defiant Inc., 800 5th Ave., Suite 4100, Seattle, WA 98104, USA (hereinafter referred to as Defiant). Wordfence Security secures our online presence and thus protects visitors to the online presence from viruses and malware. When you visit a page with a plugin, a direct connection is established between your computer and the Defiant server. The plugin uses cookies to determine whether the visitor is a human or a bot. This may result in the storage and evaluation of additional personal data, in particular device and browser information (especially the IP address and operating system).
It is possible to evaluate the behavior from the notifications sent (e.g., how often a page is accessed). For the purpose of protecting against brute force and DDoS attacks or comment spam, IP addresses are stored on the Wordfence servers. IP addresses classified as harmless are placed on a white list.
Further information on the processing of data by Defiant can be found here:
https://www.wordfence.com/privacy-policy/
2. Purpose of data processing
The online presence uses the plug-in to protect against viruses and malware and to defend against attacks by computer criminals.
3. Legal basis for the processing of personal data
The legal basis for the processing of users’ personal data is, in principle, the user’s consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
4. Duration of storage
Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g., for tax and accounting purposes.
5. Right to withdraw consent and right to erasure
You have the right to withdraw your consent to the processing of your personal data at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent Wordfence Security from collecting and processing your personal data by preventing third-party cookies from being stored on your computer, using the “Do Not Track” feature of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Further information on the options for objection and removal from Wordfence Security can be found at: https://www.wordfence.com/privacy-policy/
Use of Cookiebot
1. Scope of processing of personal data
We use features of the cookie consent solution Cookiebot from Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter referred to as Cybot).
Cookiebot offers a software solution that handles the collection of consent for the use of cookies and the tracking of online users. Cookiebot informs users of our website about the cookies used on our website. You also have the option of deactivating cookie groups, with the exception of functional cookies (which are necessary for the smooth display of our website). We are obliged to document your consent or refusal in accordance with Art. 7 (1) GDPR.
In particular, the following personal data is processed by Cybot:
– The IP number of the end user in anonymized form (the last three digits are set to ‘0’).
– Date and time of consent.
– Browser of the end user.
– The URL for which consent has been given.
– An anonymous, random, and encrypted key.
– The consent status of the end user, which serves as proof of consent.
Cookies from Cybot are stored on your device.
The key and consent status are also stored in the end user’s browser in the “CookieConsent” cookie so that the website can automatically read and comply with the end user’s consent for all subsequent page requests and future end user sessions for up to 12 months. The key is used to prove consent and for an option that checks whether the consent status stored in the end user’s browser is unchanged compared to the original consent submitted to Cybot.
If the “bulk consent” feature is enabled to govern consent for multiple websites through a single end user consent, Cybot also stores another separate, random, unique ID with the end user’s consent. If all of the following criteria are met, this key is stored in encrypted form in the “CookieConsentBulkTicket” cookie in the end user’s browser.
All data is hosted in an Azure data center of the cloud provider Microsoft Ireland Operations Ltd, South County Business Park, One Microsoft Court, Carmanhall and Leopardstown, Dublin, D18 P521, Ireland.
Further information on the processing of data by Cybot can be found here:
https://www.cookiebot.com/de/privacy-policy/
2. Purpose of data processing
We use Cookiebot to create and display cookie statements for end users and to store and display cookie scan reports in the privacy policy. This enables us to fulfill our information obligations under Articles 13 and 14 of the GDPR towards users of our website and to obtain and document consent to the use of cookies in accordance with data protection regulations.
Furthermore, we use Cookiebot to obtain aggregated information about end users’ selection decisions regarding accepted cookie types and a graphical representation of these in the Service Manager.
3. Legal basis for the processing of personal data
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in the purposes of data processing mentioned under 2. The interests and rights of users are taken into account by anonymizing the IP address.
4. Duration of storage
Your personal information will be stored by Cybot for as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g., for tax and accounting purposes.
The cookies used by Cookiebot are stored on the user’s device for up to 12 months.
5. Right to object and right to erasure
You can prevent Cybot from collecting and processing your personal data by preventing third-party cookies from being stored on your computer, using the “Do Not Track” function of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Further information on objection and removal options vis-à-vis Cybot can be found at:
https://www.cookiebot.com/de/privacy-policy/
This privacy policy was created with the support of DataGuard.