Data privacy policy

1. Data protection at a glance

General information

The following information provides a basic overview of what happens to your personal data when visiting this website. Personal data is data which can be used to personally identify you. For further information on data protection, please refer to our Data Privacy Policy listed below this text.

Data collection on this website

Who is responsible for data collection on this website?

Data on this website is processed by the website operator. The contact details of the website operator can be found in this Data Privacy Policy under “Data controller information”.

How do we collect your data?

We collect your data as a result of you sharing your data with us. This may, for example, be data you enter into our contact form.

Our IT systems automatically, or after you have given your consent, record other data whenever you visit our website. This basically refers to technical data (e.g. Internet browser, operating system or time of access). Such data is collected automatically as soon as you access this website.

How do we use your data?

Part of the data is collected to guarantee the error-free provision of the website. Other data may be used to analyse how you use our website.

What rights do you have regarding your data?

On request, we will send you, free of charge, information about all the personal data concerning you that we have stored. You also have a right to request the rectification or erasure of personal data. If you have given your consent to the processing of your personal data, you can revoke your consent at any time with effect for the future. Under certain conditions, you also have the right to request us to restrict the processing of your personal data. Further, you have the right to lodge a complaint with the relevant supervisory authority.

If you have any further questions about data protection, feel free to contact us at any time.

Third-party analysis tools and tools

When visiting this website, your surfing behaviour may be statistically analysed. This is mainly done using analysis programs.

Detailed information on these analysis programs can be found in the following Data Privacy Policy.

2. Hosting

We host the contents of our website with the following provider:

DomainFactory

The provider is DomainFactory GmbH, Oskar-Messter-Str. 33, D-85737 Ismaning (hereinafter DomainFactory). When you visit our website, DomainFactory collects various log files, including your IP addresses.

Details can be found in the Data Privacy Policy of DomainFactory at: https://www.df.eu/de/datenschutz/.

DomainFactory is used pursuant to Article 6 (1f) GDPR. We have a legitimate interest in our website being displayed as reliably as possible. Insofar as corresponding consent has been requested, data processing is based exclusively on Article 6 (1a) GDPR and Section 25 (1) of the Telecommunications-Telemedia Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information in the end device of the user (e.g. device fingerprinting) within the meaning of the Telecommunications-Telemedia Data Protection Act (TTDSG). The consent provided can be revoked at any time.

Commissioned data processing

We have concluded a commissioned data processing contract (AVV) with the aforesaid newsletter service provider. This contract, which is required by data protection law, ensures that the newsletter service provider processes the personal data of our website users only according to our instructions and in full compliance with the GDPR.

3. General information and mandatory information

Data protection

The operator of this website takes the protection of your data very seriously. We will treat your data in the strictest confidence. In addition to this Data Privacy Policy, your personal data is protected by statutory data protection regulations.

Certain personal data is collected when you use this website. Personal data is data which can be used to personally identify you. This Data Privacy Policy explains which data we collect and how it is used. It also explains how and for which purpose this occurs.

Please note that the transmission of data on the Internet (e.g. data sent in emails) is never guaranteed regarding security. It is impossible to guarantee your security with electronic data and transmission.

Data controller information

The data controller for data processing on this website is:

KRAMER GmbH
Stöckmatten 2-10
D-79224 Umkirch/Freiburg

Phone: +49 7665 9359-0
Email: info@kramer-gmbh.com

The data controller is the natural or legal person who alone or jointly with others determines the purposes and means of personal data processing (e.g. names, email addresses, etc.).

Storage period

Unless a more specific storage period is stated within this Data Privacy Policy, your personal data shall remain stored until the purpose of data processing is no longer applicable. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be deleted once these reasons no longer apply.

General information on the legal bases for data protection on this website

Insofar as you have consented to the processing of your personal data, we shall process your personal data pursuant to Article 6 (1a) GDPR or Article 9 (2a) GDPR, insofar as special categories of data are processed pursuant to Article 9 (1) GDPR. In the case of explicit consent to the transmission of personal data to third countries, data processing is also carried out pursuant to Article 49 (1a) GDPR. If you have consented to the storage of cookies or to the access to information in your end device (e.g. via device fingerprinting), data processing is additionally carried out pursuant to Section 25 (1) of the Telecommunications-Telemedia Data Protection Act (TTDSG). The consent provided can be revoked at any time. If your data is required for the fulfilment of a contract or for the implementation of pre-contractual measures, we shall process your data pursuant to Article 6 (1b) GDPR. Further, if your data is required for the fulfilment of a legal obligation, we shall process your data pursuant to Article 6 (1c) GDPR. Moreover, data processing may be carried out based on our legitimate interest pursuant to Article 6 (1f) GDPR. Information on the relevant legal basis in each individual case is provided in the following paragraphs of this Data Privacy Policy.

Data protection officer

We have designated a data protection officer.

Jerome Drach
Computer Profi Welt OHG
Carl-Benz-Str. 2a
D-79341 Kenzingen

Phone: +49 7664 92260
Email: datenschutz@kramer-gmbh.com

Information on data transfer to the UDA and other third countries

Among other things, we use tools of companies based in the USA or other, from a data protection law perspective, non-secure third countries. If these tools are active, your personal data may potentially be transmitted to these third countries and processed there. Please note that in these countries, a comparable level of data protection to the one in the EU cannot be guaranteed. For example, US companies are under a mandate to release personal data to security agencies and you as the data subject do not have any litigation options to defend yourself in court. Therefore, it cannot be ruled out that US agencies (e.g. the Secret Service) may process, analyse and permanently archive your personal data for surveillance purposes. We have no control over these processing activities.

Revocation of your consent to data processing

Many data processing activities are only possible with your express consent. You have the right to revoke your given consent at any time. This shall not affect the lawfulness of data processing based on your consent prior to revocation.

Right to object to the collection of data in special cases and to direct marketing (article 21 GDPR)

IN THE EVENT THAT DATA IS PROCESSED ON THE BASIS OF ARTICLE 6 (1E) OR (1F) GDPR, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS UPON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA PRIVACY POLICY. IF YOU LODGE AN OBJECTION, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA, UNLESS WE ARE IN A POSITION TO DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING OF YOUR DATA THAT OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR FOR THE ESTABLISHMENT, EXCERCISE OR DEFENCE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ARTICLE 21 (1) GDPR).

WHERE YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA CONCERNING YOU FOR SUCH MARKETING. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ARTICLE 21 (2) GDPR).

Right to appeal to the regulatory authority responsible in your federal state

In the event that the processing of personal data infringes the General Data Protection Regulation (GDPR), data subjects are entitled to lodge a complaint with a supervisory authority, in particular in the Member State where they usually reside, where their place of work is located or where the alleged infringement took place. The right to lodge a complaint is in effect regardless of any other administrative or court proceedings available as legal remedies.

Right to data portability

You have the right to demand that we hand over any data concerning you, which we automatically process on the basis of a revocable consent given by you for the performance of a contract between us, to you or to a third party in a commonly used and machine-readable format. If you demand the direct transmission of the data to another data controller, it will be done insofar as it is technically feasible.

Information, rectification and eradication

Within the scope of the applicable statutory provisions, you have the right at any time and free of charge to obtain information about your stored personal data, its source and recipients, as well as the purpose of the processing of your personal data. Additionally, you might also have the right to have this data rectified or deleted. If you have any further questions about personal data, feel free to contact us at any time.

Right to restriction of processing

You have the right to obtain from us restriction of processing of your personal data. To do so, you may contact us at any time. The right to obtain restriction of processing applies in the following cases:

• If you contest the accuracy of your personal data stored by us, we usually need a certain period of time to enable us to verify the accuracy of the personal data. You have the right to obtain restriction of processing of your personal data for this period of time.
• If the processing of your personal data was/is conducted unlawfully, you have the right to oppose the erasure of your personal data and request restriction of its use instead.
• If we no longer need your personal data for the purposes of processing, but it is required by you for the establishment, exercise or defence of legal claims, you have the right to obtain restriction of processing of your personal data.
• If you have objected to processing pursuant to Article 21 (1) GDPR pending the verification whether our legitimate grounds override yours. You have the right to obtain restriction of processing of your personal data until it has been determined whose interests prevail.

If you have restricted the processing of your personal data, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

SSL/TL encryption

This website uses SSL/TLS encryption for reasons of security and to protect the transmission of confidential contents, such as orders or requests, which you send to us as the website operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL/TLS encryption has been activated, the data you transmit to us cannot be read by third parties.

4. Data collection on this website

Cookies

Our web pages use “cookies”. Cookies are small data packages and do not cause any damage to your end device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your end device. Session cookies are deleted automatically after your visit. Permanent cookies remain stored on your end device until you delete them or until they are automatically deleted by your web browser.

In some cases, cookies from third-party companies may also be stored on your end device when you access our website (third-party cookies). They enable us or you to use certain third-party services (e.g. cookies for processing payment services).

Cookies offer various functions. Numerous cookies are technically necessary, as certain website functions would not function properly without them (e.g. the shopping cart function or playing videos). Other cookies are used to evaluate user behaviour or to display adverts.

Cookies that are required to carry out the electronic communication process (necessary cookies) or to provide certain requested functions (e.g. for the shopping cart function) or to optimise the website (e.g. cookies for measuring the web audience) are stored pursuant to Article 6 (1f) GDPR, unless a different legal basis is stipulated. The website operator has a legitimate interest in storing necessary cookies to ensure technically error-free and optimised provision of its services. Insofar as consent to store cookies and similar recognition technologies has been requested, data processing is based exclusively on Article 6 (1a) GDPR and Section 25 (1) of the Telecommunications-Telemedia Data Protection Act (TTDSG); you can revoke your consent provided to us at any time.

Based on your wishes, you can set your browser either to be informed when a cookie is stored, so that you can decide on acceptance on a case-by-case basis, or to accept all cookies, or to reject all cookies. However, please note that by refusing the use of cookies you may not be able to use the full functionality of this website.

Insofar as cookies are used by third-party companies or for analysis purposes, we shall inform you of this separately within the scope of this Data Privacy Policy and, if necessary, request your consent.

Consent with Borlabs Cookie

Our website uses the Borlabs Cookie consent technology to obtain your consent to the storage of certain cookies in your browser or for the use of certain technologies and for their data protection compliant documentation. The provider of this technology is Borlabs GmbH, Rübenkamp 32, D-22305 Hamburg (hereinafter Borlabs).

Whenever you visit our website, a Borlabs cookie will be stored in your browser, which archives any declarations or revocations of consent you have entered. This data is not shared with the provider of the Borlabs technology.

The collected data will be stored until you request us to delete it or you delete the Borlabs cookie, or until the purpose for data storage no longer applies. Statutory retention periods shall remain unaffected. Details on the data processing of Borlabs Cookie can be found at: https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

We use the Borlabs cookie consent technology to obtain the declarations of consent mandated by law for the use of cookies. The legal basis for the use of such cookies is Article 6 (1c) GDPR.

Server logfiles

The provider of the web pages automatically collects and stores data in server logfiles which your browser provides us with. Namely:

• Type and version of browser used
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of server enquiry
• IP address

A combination of this data with other data sources will not be made.

This data is collected pursuant to Article 6 (1f) GDPR. The website operator has a legitimate interest in ensuring the technically error-free and optimised provision of its website services – and the server log files must be collected for this purpose.

Contact form

If you send us enquiries using our contact form, the data you enter, including contact details, will be stored by us for the purpose of processing your enquiry and dealing with follow-up enquiries. We will not pass on this data without your consent.

This data is processed pursuant to Article 6 (1b) GDPR, if your request is related to the performance of a contract or is necessary for entering into a contract. In all other cases, processing is based on our legitimate interest in the effective processing of the requests sent to us (Article 6 (1f) GDPR) or on your consent (Article 6 (1a) GDPR) if this has been requested; you can revoke your consent provided to us at any time.

The data you enter in the contact form will remain stored until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your enquiry has been processed). Statutory provisions – in particular retention periods – shall remain unaffected.

Enquiry by email, phone or fax

If you contact us by email, phone or fax, your enquiry, including all personal data derived from it (name, enquiry), will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.

This data is processed pursuant to Article 6 (1b) GDPR, if your request is related to the performance of a contract or is necessary for entering into a contract. In all other cases, processing is based on our legitimate interest in the effective processing of the requests sent to us (Article 6 (1f) GDPR) or on your consent (Article 6 (1a) GDPR) if this has been requested; you can revoke your consent provided to us at any time.

The data you send to us via the contact form will remain stored until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Statutory provisions – in particular statutory retention periods – shall remain unaffected.

Communication via WhatsApp

For communication with our customers and other third parties, one of the services we use is the instant messaging service WhatsApp. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

The communication is encrypted end-to-end (peer-to-peer), which prevents WhatsApp or other third parties from gaining access to the communication contents. However, WhatsApp does gain access to metadata created during the communication process (for example, sender, recipient and time). We would also like to point out that WhatsApp has stated that it shares personal data of its users with its parent company Meta based in the USA. Further details on data processing can be found in the Data Privacy Policy of WhatsApp at: https://www.whatsapp.com/legal/#privacy-policy.

The use of WhatsApp is based on our legitimate interest in communicating as quickly and effectively as possible with customers, interested parties and other business and contractual partners (Article 6 (1f) GDPR). If a corresponding consent has been requested, data processing is carried out exclusively on the basis of the consent; this consent may be revoked at any time with effect for the future.

The communication contents exchanged between and on WhatsApp remain with us until you ask us to delete them, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your enquiry has been processed). Statutory provisions – in particular retention periods – shall remain unaffected.

We use WhatsApp in the “WhatsApp Business” variant.

The transmission of data to the USA is based on the standard contract clauses of the EU Commission. Details can be found at: https://www.whatsapp.com/legal/business-data-transfer-addendum.

5. Analysis tools and advertising

Google Tag Manager

We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. Google Tag Manager itself does not create any user profiles, does not store cookies and does not carry out any independent analyses. It only manages and runs the tools integrated via it. However, Google Tag Manager does collect your IP address, which may also be transferred to Google’s parent company in the USA.

Google Tag Manager is used pursuant to Article 6 (1f) GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and administration of various tools on its website. Insofar as corresponding consent has been requested, data processing is based exclusively on Article 6 (1a) GDPR and Section 25 (1) of the Telecommunications-Telemedia Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information in the end device of the user (e.g. device fingerprinting) within the meaning of the Telecommunications-Telemedia Data Protection Act (TTDSG). The consent provided can be revoked at any time.

Google Analytics

This website uses the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyse the behaviour patterns of website visitors. To this end, the website operator receives a wide range of user data, such as web pages accessed, time spent on the website, the operating system used and origin of the user. This data is assigned to the respective end device of the user. An assignment to a user ID does not take place.

Moreover, Google Analytics enables us to record your mouse and scroll movements and clicks, for example. Google Analytics additionally uses various modelling approaches to supplement the collected data sets and employs machine learning technologies for data analysis.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analysing the user behaviour patterns (e.g. cookies or device fingerprinting). Information collected by Google regarding the use of this website will generally be transmitted to and stored on servers in the USA.

Use of this service occurs on the basis of your consent pursuant to Article 6 (1a) GDPR and Section 25 (1) of the Telecommunications-Telemedia Data Protection Act (TTDSG). The consent provided can be revoked at any time.

The transmission of data to the USA is based on the standard contract clauses of the EU Commission. Details can be found at: https://privacy.google.com/businesses/controllerterms/mccs/.

IP anonymisation

On this website, we have activated the IP anonymisation function. As a result, your IP address will be abbreviated by Google within the Member States of the European Union or in other states that have ratified the Convention on the European Economic Area prior to its transmission to the USA. In exceptional circumstances, the full IP address will be transmitted to and shortened on a Google server in the USA. Google uses the information gathered on this website on behalf of the website operator to analyse your usage of the website, to generate reports regarding your website activity, to create anonymous user profiles and web statistics and to provide further services on behalf of the website operator associated with the website and internet usage. The IP address transmitted by your browser when using Google Analytics will not be combined with any other data from Google.

Browser plugin

You can prevent the recording and processing of your data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

More information concerning the handling of user data by Google Analytics can be found in the Data Privacy Policy of Google at: https://support.google.com/analytics/answer/6004245?hl=de.

Commissioned data processing

We have concluded a data processing agreement with Google and implement the stringent provisions of German data protection agencies to the fullest when using Google Analytics.

Google Ads

The website operator uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to present advertisements in the Google search engine or on third-party websites if the user enters certain search terms in Google (keyword targeting). Further, targeted advertising can be displayed based on user data available at Google (e.g. location data and interests) (target group targeting). We, as the website operator, may perform quantitative analysis of this data by analysing which search terms resulted in our advertisement being displayed and how many displays resulted in corresponding clicks.

Use of this service occurs on the basis of your consent pursuant to Article 6 (1a) GDPR and Section 25 (1) of the Telecommunications-Telemedia Data Protection Act (TTDSG). The consent provided can be revoked at any time.

The transmission of data to the USA is based on the standard contract clauses of the EU Commission. Details can be found at: https://policies.google.com/privacy/frameworks und https://privacy.google.com/businesses/controllerterms/mccs/.

Google conversion tracking

This website uses Google Conversion Tracking. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Using Google Conversion Tracking, Google and we are able to identify whether the user has performed certain actions. For example, we are able to analyse which and how frequently buttons on our website are clicked, and which products are viewed or purchased routinely. This information is used to create conversion statistics. We find out the total number of users who have clicked on our advertisements and which actions they have performed. However, we do not receive any information with which we can personally identify the user. Google uses cookies or similar recognition technologies for identification.

Use of this service occurs on the basis of your consent pursuant to Article 6 (1a) GDPR and Section 25 (1) of the Telecommunications-Telemedia Data Protection Act (TTDSG). The consent provided can be revoked at any time.

More information on Google Conversion Tracking can be found in the Data Privacy Policy of Google at: https://policies.google.com/privacy?hl=de.

Facebook Pixel

This website uses the visitor activity pixel of Facebook to measure conversion rates. This service is provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland. According to Facebook, the collected data will be transferred to the USA and other third countries.

This tool allows the tracking of page visitors after they have been linked to the website of the provider after clicking on a Facebook ad. This makes it possible to analyse the effectiveness of Facebook ads for statistical and market research purposes and to optimise future advertising campaigns.

For us, as the operator of this website, the collected data is anonymous. We are not in a position to arrive at any conclusions as to the identity of users. However, Facebook archives the information and processes it, so that it is possible to make a connection to the respective user profile and Facebook is in a position to use the data for its own promotional purposes in compliance with the Facebook Data Usage Policy. This enables Facebook to display ads on Facebook pages as well as in locations outside of Facebook. We, as the operator of this website, have no control over the use of such data.

Use of this service occurs on the basis of your consent pursuant to Article 6 (1a) GDPR and Section 25 (1) of the Telecommunications-Telemedia Data Protection Act (TTDSG). The consent provided can be revoked at any time.

The transmission of data to the USA is based on the standard contract clauses of the EU Commission. Details can be found at: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Article 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The data processing by Facebook that takes place after forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the data protection information when using the Facebook tool and for the secure implementation, from a data protection law perspective, of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert your rights as a data subject (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert your rights as a data subject with us, we are obliged to forward them to Facebook.

Additional information concerning the protection of your privacy can be found in the Data Privacy Policy of Facebook at: https://de-de.facebook.com/about/privacy/.

You can also deactivate the remarketing function “Custom Audiences” in the ad settings section at: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do so, you must first log into Facebook.

If you do not have a Facebook account, you can deactivate any user-based advertising by Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

6. Newsletter

Newsletter­ data

If you would like to receive the newsletter offered on the website, we require an email address from you as well as information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter. Further data is not collected or is collected on a voluntary basis only. We use the newsletter service providers described below for handling the newsletters.

Inxmail

This website uses Inxmail to send newsletters. The provider is Inxmail GmbH, Wetzinger Strasse 17, D-79106 Freiburg (hereinafter Inxmail).

The Inxmail service can also be used to organise and analyse the sending of newsletters. The data you enter for subscription to the newsletter will be stored and processed on Inxmail servers.

Data analysis by Inxmail

Inxmail enables us to analyse our newsletter campaigns. We can, for instance, see whether a newsletter message has been opened and which links, if any, have been clicked. This obviously allows us to determine which links have been clicked more often, etc.

Further, we can identify whether certain predefined actions were performed after opening/clicking (conversion rate). For example, we can see if you made a purchase after clicking on the newsletter.

Inxmail also allows us to subdivide (“cluster”) newsletter recipients according to various categories. In other words, the newsletter recipients can be subdivided according to their age, gender or where they live, for example. Consequently, the newsletters can be better adapted to the respective target groups. If you do not want to be part of the Inxmail analysis, you will need to unsubscribe from the newsletter. Each newsletter has a corresponding link to unsubscribe.

The Data Privacy Policy of Inxmail can be found at: https://www.inxmail.de/datenschutz.

Legal basis

The processing of data occurs on the basis of your consent (Article 6 (1a) GDPR). You can withdraw your consent provided to us at any time with effect for the future.

Storage period

The data provided by you for subscription to the newsletter shall be stored by us or our newsletter service provider until your removal from the newsletter service and shall be deleted from the distribution list after you have unsubscribed from the newsletter. We reserve the right to delete or block email addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest pursuant to Article 6 (1f) GDPR. Data that we have stored for other purposes shall remain unaffected by this.

Once you have been removed from the newsletter distribution list, your email address may be stored by us or the newsletter service provider in a blacklist to prevent future mailings. The data from the blacklist is only used for this purpose and will not be merged with other data. This is both in your interest as well as in our interest in complying with the legal provisions on sending newsletters (legitimate interest within the meaning of Article 6 (1f) GDPR). The storage period for blacklist data is unlimited. You may object to storage if your interests override our legitimate interests.

Commissioned data processing

We have concluded a commissioned data processing contract (AVV) with the aforesaid newsletter service provider. This contract, which is required by data protection law, ensures that the newsletter service provider processes the personal data of our website users only according to our instructions and in full compliance with the GDPR.

7. Plugins und tools

YouTube with expanded data protection integration

This website embeds videos of YouTube. The operator of the web pages is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in the expanded data protection mode. According to YouTube, this mode ensures that YouTube does not store any information about visitors to this website before they watch the video. Nevertheless, this does not necessarily mean that the sharing of data with YouTube partners can be ruled out as a result of the expanded data protection mode. For instance, regardless of whether you are watching a video, YouTube will always establish a connection with the Google DoubleClick network.

As soon as you start to play a YouTube video on this website, a connection to YouTube servers will be established. The YouTube server will then be submitted the information that you have visited our web pages. If you are logged into your YouTube account, you enable YouTube to associate your browsing behaviour with your personal profile. You may prevent this by logging out of your YouTube account.

Furthermore, after you have started to play a video, YouTube will be able to place various cookies on your device or comparable technologies for recognition (e.g. device fingerprinting). As such, YouTube will be able to obtain information about visitors to this website. This information will, among other things, be used to generate video statistics with the aim of improving the user friendliness of the website and to prevent attempts to commit fraud.

Under certain circumstances, additional data processing transactions which are beyond our control may be triggered after you have started to play a YouTube video.

The use of YouTube is based on our interest in the optimised provision of our website services. This constitutes a legitimate interest within the meaning of Article 6 (1f) GDPR. Insofar as corresponding consent has been requested, data processing is based exclusively on Article 6 (1a) GDPR and Section 25 (1) of the Telecommunications-Telemedia Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information in the end device of the user (e.g. device fingerprinting) within the meaning of the Telecommunications-Telemedia Data Protection Act (TTDSG). The consent provided can be revoked at any time.

Further information about data protection at YouTube can be found in its Data Privacy Policy at: https://policies.google.com/privacy?hl=de.

MyFonts

This website uses MyFonts. MyFonts provides fonts that are loaded onto your browser when you access our website to warrant the provision of a uniform font in the provision of the website. The provider is Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, Massachusetts 01801, USA.

To be able to ensure compliance with the licensing terms and conditions and to monitor the number of monthly site visits, MyFonts transfers your IP address along with the URL of our website and our contract data to its servers in the USA. According to Monotype, your IP address will be anonymised immediately after the transfer so that any affiliations with individuals are no longer possible (anonymisation).

Details can be found in the Data Privacy Policy of Monotype at: https://www.monotype.com/de/rechtshinweise/datenschutzrichtlinie/datenschutzrichtlinie-zum-tracking-von-webschriften.

8. Audio and video conferences

Data processing

We use online conference tools, among other things, for communication with our customers. The tools we use are listed in detail below. If you communicate with us by video or audio conference using the Internet, your personal data will be collected and processed by the provider of the respective conference tool and by us.

The conference tools collect all information that you provide/access to use the tools (email address and/or your phone number). Furthermore, the conference tools process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” related to the communication process (metadata).

Furthermore, the provider of the tool processes all the technical data required for the processing of the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection.

Should contents be exchanged, uploaded or otherwise made available within the tool, they are also stored on the servers of the tool providers. Such contents include, but are not limited to, cloud recordings, chat / instant messages, voicemails, uploaded photos and videos, files, whiteboards and other information shared while using the service.

Please note that we do not have complete influence on the data processing procedures of the tools used. Our possibilities are largely determined by the corporate policy of the respective provider. Further information on data processing by the conference tools can be found in the data privacy policies of the tools used, which we have listed below this text.

Purpose and legal basis

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Article 6 (1b) GDPR). Furthermore, the use of the tools serves to generally simplify and accelerate communication with us or our company (legitimate interest in the meaning of Article 6 (1f) GDPR). Insofar as consent has been requested, the tools in question will be used on the basis of this consent; the consent may be revoked at any time with effect for the future.

Storage period

Data collected directly by us via the video and conference tools will remain stored until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Statutory retention periods shall remain unaffected.

We have no influence on the duration of storage of your data that is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

Conference tools used

We use the following conference tools:

Microsoft Teams

We use Microsoft Teams. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. For details concerning data processing, please consult the Data Privacy Policy of Microsoft Teams: https://privacy.microsoft.com/de-de/privacystatement.

 

9. Information about processing your data:

Privacy information pursuant to Art. 13, 14 GDPR for customers, suppliers, business partners & their employees.

Privacy information pursuant to Art. 13, 14 GDPR for interested parties, their employees & other contacts.

Privacy information pursuant to Art. 13 GDPR for applicants.