DATA PROTECTION DECLARATION

Table of contents

PRIVACY POLICY

DATA PROTECTION RIGHTS AND INFORMATION ON THE RIGHT TO

OBJECT

GENERAL INFORMATION

HOSTING

COOKIES

DATA PROCESSING ON THE WEBSITE
Contact requests
Applications via the website
Newsletter mailing

THIRD PARTY TOOLS
Facebook (Meta) Pixel
Google Tag Manager
Google Analytics
Google Ads
Google AdManager (formerly DoubleClick)
Google AdSense
Google Maps
LinkedIN Insight Tag
Salesforce Sales Cloud
Pardot by Salesforce
Youtube with expanded data protection

NOTES REGARDING OUR PRESENCE ON SOCIAL MEDIA

Privacy policy

Thank you for visiting our website and for your interest in our company. When processing your data, we strive to take the greatest possible care. The following information provides a compact and simple overview of what happens to your personal data when you visit our website. Your personal data will be processed in accordance with the relevant legal provisions.

Controller

The controller within the meaning of the European General Data Protection Regulation (GDPR) and other national data protection laws of the member states of the EU, as well as other data protection regulations, is:

DyeMansion GmbH
Robert-Koch-Straße 1
82152 Planegg-Munich
Germany
+49 89 4141705 00
hallo@dyemansion.com
https://dyemansion.com/

Contact information for questions about data protection

We have appointed an external data protection officer. For questions on the subject of data protection, please contact: datenschutz@confidentdata.de

Validity and changes of the privacy policy

This privacy policy is valid and is dated from

Due to the further development of our website or the implementation of new technologies and features, it may become necessary to change this privacy policy. We reserve the right to make appropriate changes at any time.

Data protection rights and information on the right to object

Your rights of access, rectification, restriction, erasure, data portability and to lodge a complaint with the supervisory authority

Every data subject has the right of access pursuant to Art. 15 GDPR, the right to rectification pursuant to Art. 16 GDPR, the right to erasure pursuant to Art. 17 GDPR, the right to restriction of processing pursuant to Art. 18 GDPR, the right to object pursuant to Art. 21 GDPR and the right to data portability pursuant to Art. 20 GDPR.

With regard to the right of access and the right of erasure, the restrictions pursuant to §§34 and 35 BDSG apply.

You may object to the processing of your personal data at any time. This also applies to objections of declarations of consent given to us before the applicability of the General Data Protection Regulation, i.e. before May 25, 2018. Please note that the objection is only effective for the future. Processing that took place before the objection is not affected by it.

In addition, there is a right to lodge a compliant with the supervisory authority (Art. 77 GDPR in conjunction with § 19 BDSG). A list of the supervisory authorities (for the non-public sector) with address can be found at: https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html

Information on the right to object pursuant to Art. 21 GDPR

Right to object to the collection of personal data in special cases and recipient of the request

You have the right to object at any time, based on reasons relating to your particular situation, to the processing of your personal data on the basis of Art. 6(1)(f) GDPR (data processing on the basis of a balance of interests); this also applies to profiling based on this provision within the meaning of Art. 4 No. 4 GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.

The objection can be made informally with the subject “Objection” stating your name, address or other identification features to the contact data stored in the imprint.

General information

Data security

We use technical and organizational security measures to protect your personal data against misuse, loss, destruction or access by unauthorized persons. The security measures taken into account (such as encryption procedures, firewall and virus protection, back-up and recovery procedures) correspond to the current state of the art and are continuously updated.

Nevertheless, we would like to point out that there is always a certain residual risk when communicating on the Internet, which depends on the user’s respective usage behavior and over which we consequently have no influence.

Scope (external links)

This privacy policy applies exclusively to visits to our own website. At some points on our website, external websites of third parties are linked. These websites are subject to the liability of the respective operators. If you notice that links on the websites refer to Internet pages whose contents violate applicable law, please notify us via the e-mail address provided in the imprint. We will then immediately remove these links from our website. The providers do not assume any liability for the topicality, correctness, completeness or quality of the information provided.

Data erasure routine

As a matter of principle, we only store your personal data for the period of time required to achieve the purpose of storage or if this is stipulated by national or European legislation.

In Germany, in particular, there is an obligation to retain documents for 6 years in accordance with § 257 (1) HGB (in particular, commercial books, inventories, opening balances, annual financial statements, commercial letters, accounting vouchers). Pursuant to § 147 (1) and (3) AO, 10 years for books, records, management reports, accounting vouchers, documents relevant to taxation, and 6 years in particular for commercial and business letters.

If the purpose of storage no longer applies or if a legally prescribed storage period expires, your personal data will be deleted routinely and in accordance with the statutory provisions.

Please also be aware of the specific explanations on individual storage and deletion periods of the respective data processing in this data protection declaration.

Data transfer to non EU-countries

When browsing our website, personal data may be transferred to servers in third countries outside the European Union through the integration of individual plug-ins and tools. Details about these data transfers, if any, including the respective valid legal basis, can be found in the section of the respective third-party tool in this privacy policy.

Data processing by processors

Tools and plug-ins from third-party providers are used on our website as part of commissioned processing. A data processing agreement has been duly concluded with all commissioned processors used, which ensures an appropriate level of data protection.

You can find more information about the data processing by the processors used in the section of the third-party tool in this privacy policy.

Hosting

External hosting provider:
We use an external service provider to host our website.

Provider:
1&1 IONOS SE
Elgendorfer Str. 57
56410 Montabaur
Germany

Purpose:
Reliable accessibility and presentation of our website.

Legal basis:
The use of our hoster is based on our legitimate interest in the most reliable accessibility and presentation of our website, pursuant to Art. 6 (1) lit. f GDPR.

Data processing agreement:
We have concluded a data processing agreement (DPA) with our hoster, which ensures that the personal data of our website visitors is only processed according to our instructions and in compliance with the GDPR.

SSL- / TLS:
To protect the security of your data during transmission, we use the SSL or TLS encryption method via HTTPS.

Server-Log-Files:
When you browse our website, technical information of your browser session is automatically processed by our server. This data (so-called server log files) includes for example: the type of web browser, the operating system used, the domain name of your Internet service provider, your IP address and the like.

Purpose:
Ensuring a stable and smooth connection to the website, a responsive use of our website and the guarantee of system security and stability. We also reserve the right to check the server log files on a regular basis if there are concrete indications of illegal use.

Legal Basis:
The legal basis for the processing of the server log files is our legitimate interest in an error-free and secure presentation of our website, pursuant to Art. 6 (1) lit. f GDPR.

Provision of your data voluntary or mandatory:
Die Bereitstellung der Server Log-Files ist weder gesetzlich noch vertraglich vorgeschrieben. Ohne die Erhebung der Logfiles ist jedoch die Funktionsfähigkeit unserer Website nicht gewährleistet.

Storage period: 
The server-log-files are deleted as soon as it is no longer required for the purpose of collection. This is generally the case for the data used to provide the website when the respective session has ended.

Cookies

Cookies

Cookies are pieces of information that are transmitted from our web server or third-party web servers to users’ web browsers, where they are stored for later retrieval. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your terminal device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser.

If you agree, cookies from third-party companies may also be stored on your end device (third-party cookies). These enable us or you to use certain services of the third-party company (e.g., reach measurement and evaluation of the usage behavior of our website, etc.)

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. saving your cookie preferences). Other cookies are used to evaluate user behavior or, for example, to display advertising.

Cookies that are necessary to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies, e.g. for storing your cookie preferences) or to optimize the website (e.g. cookies for measuring the web audience) are stored on the basis of Art. 6 (1) lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies has been requested, the storage of the cookies in question is based exclusively on this consent (Art. 6 (1) lit. a GDPR and §25 (1) TTDSG); a given consent can be objected at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.

As far as cookies are used by third-party companies or for analysis purposes, we will inform you separately about this within the framework of this data protection declaration and, if necessary, ask for your consent.

Borlabs Cookie

Provider:
Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg, Germany.

Purpose:
Borlabs cookie is used to obtain consent from website users to store certain cookies and to use certain third-party tools, and to document this consent in compliant manner

Description of data processing:
When you browse our website for the first time, you are asked for your cookie preferences in Borlabs’ consent manager. A cookie is then set in your browser, which stores your cookie preferences for further browsing on our site. No personal data is passed on to Borlabs in this process.

Legal basis:
Obtaining legally required consent for the use of cookies according to Art. 6 (1) lit. c GDPR.

Provision of your data voluntarily or required:
Obtaining your cookie preferences is required by law.

Storage period:
The collected data is stored until you request us to delete it or delete the Borlabs cookie yourself, or until the purpose for storing the data no longer applies.

Objection:
For information on your right to object under Art. 21 GDPR, please see the section about data subject rights of this privacy policy.

Borlabs is not a processor:
No personal data is transmitted to Borlabs. Borlabs is therefore not a processor in terms of GDPR.

Information about data protection at the third party provider:
https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

Data processing on the website

Contact requests

Purpose:
Processing of the request.

Description of data processing:
Requests by e-mail, telephone or fax, including all resulting personal data, are stored and processed for the purpose of processing. A passing on of the data does not take place without your consent.

Legal basis:
The processing of your request is based on our legitimate interest pursuant to Art. 6 (1) lit. f GDPR. If you contact us to request a contractual offer, the processing is carried out for the implementation of pre-contractual measures pursuant to Art. 6 (1) lit. b GDPR.

Provision of your data voluntarily or required:
The provision of your data is neither legally nor contractually required. However, without the information a processing of your request is not possible.

Storage period:
Your data will be deleted at the latest 6 months after processing the request. If a contractual relationship exists, we are subject to the statutory retention periods and delete your data after six or ten years.

Objection:
For information on your right to object under Art. 21 GDPR, please see the section about data subject rights of this privacy policy.

Online contact form:
By providing an online contact form, we would like to enable you to contact us easily. The information you provide will be stored for the purpose of processing the request and for possible follow-up questions, taking into account the above-mentioned storage period.

Use of a CRM-System:
The personal data resulting from your inquiry may be stored in our Customer Relationship Management System (CRM). For more information on the CRM system that is used, please refer to the section Third-party tools.

Applications via the website

Purpose:
Processing of applications.

Description of data processing:
On our website, users have the possibility of applying to us either via our application form or directly by e-mail. In this context, we will inform you separately about the details of the processing of your application data with corresponding data protection information according to Art. 13, 14 and 21 GDPR.

Legal basis:
The processing of your application including all resulting personal data is based on your consent pursuant to Art. 6 (1) lit. a DSGVO and for the decision on the establishment of an employment relationship pursuant to Art. 88 DSGVO in conjunction with. § 26 BDSG.

Provision of your data voluntarily or required:
The provision of your application is voluntary. However, we can only make a decision on the establishment of an employment relationship if you provide such personal data that is required for the execution of the application.

Storage period:
Your application documents will be deleted no later than six months after the end of the application process (e.g. notification of the rejection decision), unless longer storage is legally required or permitted.

Application pool:
In case we are unable to make you a job offer at the time of your application, we offer applicants the opportunity to be included in our applicant pool in order to be informed about suitable vacancies at a later date. Inclusion in the applicant pool is, of course, voluntary and has no effect on the current application process. The legal basis for inclusion is your consent pursuant to Art. 6 (1) lit. a GDPR.

Objection:
You can object your given consent at any time. Information on your right to object in accordance with Art. 21 GDPR can be found in the section “Data subject rights”.

Storage period of personal data stored in our application pool:
Applications in our applicant pool will be irrevocably deleted no later than two years after consent has been given.

Newsletter mailing

Purpose:
Sending a newsletter for marketing purposes.

Description of data processing:
On our website visitors can sign up for a newsletter. If you decide to subscribe, your data will only be used to send you the newsletter you have subscribed to by e-mail and, if you have also consented to this, to evaluate how you use the newsletter and any content linked to it. To receive the newsletter, it is only mandatory to provide a valid e-mail address.All other information requested is voluntary.

Legal basis:
The processing is based on your consent in receiving the newsletter according to Art. 6 (1) lit. a GDPR.

Provision of your data voluntarily or required:
The provision of your data is voluntary, based on your consent. However, without your consent, the receipt of our newsletter is not possible.

Storage period:
Your data will only be processed as long as we have your consent in receiving our newsletter.

Objection:
You can object your given consent in every newsletter mail by clicking on unsubscibe. You then will no longer receive the newsletter.

Use of a newsletter tool:
To ensure an efficient and performative newsletter mailing, we use an external newsletter tool of a third-party provider. You can find more information about the newsletter tool we are using in the section about third-party tools.

Tools von Drittanbietern

Facebook (Meta) Pixel

To measure conversion rates, this website uses the visitor activity pixel of Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s statement the collected data will be transferred to the USA and other third-party countries too.

This tool allows the tracking of page visitors after they have been linked to the website of the provider after clicking on a Facebook ad. This makes it possible to analyze the effectiveness of Facebook ads for statistical and market research purposes and to optimize future advertising campaigns.

For us as the operators of this website, the collected data is anonymous. We are not in a position to arrive at any conclusions as to the identity of users. However, Facebook archives the information and processes it, so that it is possible to make a connection to the respective user profile and Facebook is in a position to use the data for its own promotional purposes in compliance with the Facebook Data Usage Policy. This enables Facebook to display ads on Facebook pages as well as in locations outside of Facebook. We as the operator of this website have no control over the use of such data.

The use of Facebook Pixel is based on Art. 6(1)(f) GDPR. The operator of the website has a legitimate interest in effective advertising campaigns, which also include social media. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum und https://de-de.facebook.com/help/566994660333381.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found under: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

In Facebook’s Data Privacy Policies, you will find additional information about the protection of your privacy at: https://www.facebook.com/about/privacy/.

You also have the option to deactivate the remarketing function “Custom Audiences” in the ad settings section under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you first have to log into Facebook.

If you do not have a Facebook account, you can deactivate any user-based advertising by Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

 

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

The Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store cookies, and does not carry out any independent analyses. It only manages and runs the tools integrated via it. However, the Google Tag Manager does collect your IP address, which may also be transferred to Google’s parent company in the United States.

The Google Tag Manager is used on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and administration of various tools on his website. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior patterns of website visitors. To that end, the website operator receives a variety of user data, such as pages accessed, time spent on the page, the utilized operating system and the user’s origin. This data is summarized in a user-ID and assigned to the respective end device of the website visitor.

Google Analytics uses technologies that make the recognition of the user for the purpose of analyzing the user behavior patterns (e.g., cookies or device fingerprinting). The website use information recorded by Google is, as a rule transferred to a Google server in the United States, where it is stored.

This analysis tool is used on the basis of Art. 6(1)(f) GDPR. The operator of this website has a legitimate interest in the analysis of user patterns to optimize both, the services offered online and the operator’s advertising activities. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

Browser plug-in

You can prevent the recording and processing of your data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

For more information about the handling of user data by Google Analytics, please consult Google’s Data Privacy Declaration at: https://support.google.com/analytics/answer/6004245?hl=en.

Contract data processing

We have executed a contract data processing agreement with Google and are implementing the stringent provisions of the German data protection agencies to the fullest when using Google Analytics.

Google Ads

The website operator uses Google Ads. Google Ads is an online promotional program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display ads in the Google search engine or on third-party websites, if the user enters certain search terms into Google (keyword targeting). It is also possible to place targeted ads based on the user data Google has in its possession (e.g., location data and interests; target group targeting). As the website operator, we can analyze these data quantitatively, for instance by analyzing which search terms resulted in the display of our ads and how many ads led to respective clicks.

The use of Google Ads is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in marketing the operator’s services and products as effectively as possible.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.

Google Remarketing

This website uses the functions of Google Analytics Remarketing. The provider of these solutions is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Remarketing analyzes your user patterns on our website (e.g., clicks on specific products), to allocate a certain advertising target groups to you and to subsequently display matching online offers to you when you visit other online offers (remarketing or retargeting).

Moreover, it is possible to link the advertising target groups generated with Google Remarketing to device encompassing functions of Google. This makes it possible to display interest-based customized advertising messages, depending on your prior usage and browsing patterns on a device (e.g., cell phone) in a manner tailored to you as well as on any of your devices (e.g., tablet or PC).

If you have a Google account, you have the option to object to personalized advertising under the following link: https://www.google.com/settings/ads/onweb/.

The use of Google Remarketing is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the marketing of the operator’s products that is as effective as possible. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

For further information and the pertinent data protection regulations, please consult the Data Privacy Policies of Google at: https://policies.google.com/technologies/ads?hl=en.

Google Conversion-Tracking

This website uses Google Conversion Tracking. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

With the assistance of Google Conversion Tracking, we are in a position to recognize whether the user has completed certain actions. For instance, we can analyze the how frequently which buttons on our website have been clicked and which products are reviewed or purchased with particular frequency. The purpose of this information is to compile conversion statistics. We learn how many users have clicked on our ads and which actions they have completed. We do not receive any information that would allow us to personally identify the users. Google as such uses cookies or comparable recognition technologies for identification purposes.

We use Google Conversion Tracking on the basis of Art. 6(1)(f) GDPR. The operator of the website has a legitimate interest in the analysis of the user patterns with the aim of optimizing both, the operator’s web presentation and advertising. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

For more information about Google Conversion Tracking, please review Google’s data protection policy at: https://policies.google.com/privacy?hl=en

Google AdManager (formerly DoubleClick)

This website uses the Google AdManager (formerly known as „DoubleClick“). The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

The Google AdManager is used to show you interest-based ads across the Google Network. Advertisements can be tailored to the interests of the viewer. For example, our ads may appear in Google search results or in banners associated with the DoubleClick network.

To be able to display interest adequate promotional content to users, the Google AdManager must recognize the respective visitor so that it can allocate the websites visited, the clicks and other user pattern information to the user. To do this, Google AdManager deploys cookies or comparable recognition technologies (e.g., device fingerprinting). The recorded information is consolidated into a pseudonym user profile so that the respective user can be shown interest adequate advertising.

The use of Google AdManager takes place in the interest of targeted advertising measures. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

For further information on how to object to the advertisements displayed by Google, please see the following links: https://policies.google.com/technologies/ads and https://adssettings.google.com/authenticated.

Google AdSense

This website uses Google AdSense, a service for the integration of ads. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

With the assistance of Google Adsense, we are in a position to place targeted ads by third parties on our site. The contents of the ads are based on your interests, which Google determines based on your past user patterns. Moreover, when choosing compatible ads, context information, such as your location, the content of the visited website or Google search terms you have entered, will be taken into account.

Google AdSense uses Cookies, Web Beacons (invisible graphics) and comparable recognition technologies. As a result, it is possible to analyze information, such as visitor traffic data, on these sites.

The usage information for this website (including your IP address) recorded by Google Adsense and delivery of advertising formats are transferred to a Google server in the United States, where the information is stored. Google may share this information with one of its contracting partners. However, Google will not link your IP address with any other of your stored information.

Our use of AdSense is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the marketing of the operator’s website that is as effective as possible. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

Google Maps

This website uses the mapping service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To enable the use of the Google Maps features, your IP address must be stored. As a rule, this information is transferred to one of Google’s servers in the United States, where it is archived. The operator of this website has no control over the data transfer. In case Google Maps has been activated, Google has the option to use Google web fonts for the purpose of the uniform depiction of fonts. When you access Google Maps, your browser will load the required web fonts into your browser cache, to correctly display text and fonts.

We use Google Maps to present our online content in an appealing manner and to make the locations disclosed on our website easy to find. This constitutes a legitimate interest as defined in Art. 6(1)(f) GDPR. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

For more information on the handling of user data, please review Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.

LinkedIN Insight Tag

This website uses the Insight tag from LinkedIn. This service is provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Data processing by LinkedIn Insight tag

We use the LinkedIn Insight tag to obtain information about visitors to our website. Once a website visitor is registered with LinkedIn, we can analyze the key occupational data (e.g., career level, company size, country, location, industry, job title) of our website visitors to help us better target our site to the relevant audience. We can also use LinkedIn Insight tags to measure whether visitors to our websites make a purchase or perform other actions (conversion measurement). Conversion measurement can also be carried out across devices (e.g. from PC to tablet). LinkedIn Insight Tag also features a retargeting function that allows us to display targeted advertising to visitors to our website outside of the website. According to LinkedIn, no identification of the advertising addressee takes place.

LinkedIn itself also collects log files (URL, referrer URL, IP address, device and browser characteristics and time of access). The IP addresses are shortened or (if they are used to reach LinkedIn members across devices) hashed (pseudonymized). The direct identifiers of LinkedIn members are deleted by LinkedIn after seven days. The remaining pseudonymized data will then be deleted within 180 days.

The data collected by LinkedIn cannot be assigned by us as a website operator to specific individuals. LinkedIn will store the personal data collected from website visitors on its servers in the USA and use it for its own promotional activities. For details, please see LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy#choices-oblig.

Legal basis

The use of LinkedIn Insight is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in effective advertising measures, including social media. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa und https://www.linkedin.com/legal/l/eu-sccs.

Objection to the use of LinkedIn Insight Tag

You can object to LinkedIn’s analysis of user behavior and targeted advertising at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

In addition, LinkedIn members can control the use of their personal information for promotional purposes in the account settings. To prevent LinkedIn from linking information collected on our site to your LinkedIn account, you must log out of your LinkedIn account before you visit our site.

Salesforce Sales Cloud

We use Salesforce Sales Cloud to manage customer data. The provider is salesforce.com Deutschland GmbH, Erika-Mann-Str. 31, 80636 Munich, Germany (hereinafter “Salesforce”).

Salesforce Sales Cloud is a CRM system and enables us, in particular, to manage existing and potential customers and customer contacts and to organize sales and communication processes. The use of the CRM system also enables us to analyze our customer-related processes. Customer data is stored on Salesforce servers. In the process, personal data may also be transferred to the parent company of salesforce.com Germany GmbH, salesforce.com inc., Salesforce Tower, 415 Mission Street, San Francisco, CA 94105, USA.

Details about Salesforce Sales Cloud’s features can be found here: https://www.salesforce.com/de/products/sales-cloud/overview/.

The use of Salesforce Sales Cloud takes place on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest on the most efficient customer management and customer communication possible. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

Salesforce has Binding Corporate Rules (BCR) approved by the French data protection authority. These are binding corporate rules that legitimize the transfer of data from companies to third countries outside the EU and EEA. Details can be found here: https://www.salesforce.com/de/blog/2020/07/die-binding-corporate-rules-von-salesforce-erfuellen-hoechste-da.html.

For details, see the Salesforce Privacy Policy: https://www.salesforce.com/de/company/privacy/.

Data processing

We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

Pardot by Salesforce

Provider:
Salesforce – salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich, Germany.

Purpose:
Efficient newsletter email marketing.

Description of data processing:
We offer a newsletter that informs you about news. The registration to our newsletter is of course voluntary. Within the scope of your registration, we and our tool used for the newsletter dispatch, Pardot by Salesforce, process the data provided by you. The only mandatory information is your e-mail address, the rest is voluntary. The registration procedure works by means of the so-called “double opt-in procedure. Pardot offers us the possibility to analyze our newsletter campaigns. For this purpose, so-called web beacons are integrated into the e-mails, which establish a connection with the Salesforce servers when the e-mail is opened and transmit technical information (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. As described above, data transmission to the Salesforce servers in the USA cannot be completely ruled out.

Legal basis:
Receiving our newsletter requires your consent. This is requested in the course of registration. The legal basis is therefore in accordance with Art. 6 (1) lit. a DSGVO and §25 (1) TTDSG, insofar as the consent includes the storage of cookies or device finger printing (access to information of your terminal device) in the sense of the TTDSG. This consent can be revoked at any time. For unsubscribing, a corresponding link is provided in each newsletter e-mail.

Provision of your data voluntary or mandatory:
The provision of your data is voluntary. Without existing consent, however, we can not send them our newsletter.

Storage period:
Data processing takes place until you revoke your consent and unsubscribe from our newsletter. You can find out how long your data will remain with Salesforce in the tool’s privacy policy.

Notes on data protection with the third-party provider:
Salesforce privacy policy: https://www.salesforce.com/de/company/privacy/ Notes on how Pardot works: https://www.salesforce.com/de/products/pardot/solutions/

Data Processing Addendum:
We have concluden Salesforces’ Data Processing Addendum (DPA), which ensures that the personal data is only processed according to our instructions and in compliance with the GDPR. Salesforces’ Data Processing Addendum can be viewed here: https://www.salesforce.com/content/dam/web/en_us/www/documents/legal/Agreements/data-processing-addendum.pdf.

Data transfers to Non-EU countries:
In exceptional cases, data processing also takes place outside the EU, namely in the USA. Guarantees exist in the form of binding corporate rules pursuant to Article 47 of the GDPR, to which Salesforce has committed itself and which have been approved by the French data protection authority. Furthermore, in the form of concluded standard contractual clauses, pursuant to Art. 46 (2) lit. c DSGVO. You can view Salesforce standard contractual clauses here: https://www.salesforce.com/content/dam/web/en_us/www/documents/legal/Agreements/scc-amendment.pdf

Youtube with expanded data protection

Our website embeds videos of the website YouTube. The website operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in the expanded data protection mode. According to YouTube, this mode ensures that YouTube does not store any information about visitors to this website before they watch the video. Nevertheless, this does not necessarily mean that the sharing of data with YouTube partners can be ruled out as a result of the expanded data protection mode. For instance, regardless of whether you are watching a video, YouTube will always establish a connection with the Google DoubleClick network.

As soon as you start to play a YouTube video on this website, a connection to YouTube’s servers will be established. As a result, the YouTube server will be notified, which of our pages you have visited. If you are logged into your YouTube account while you visit our site, you enable YouTube to directly allocate your browsing patterns to your personal profile. You have the option to prevent this by logging out of your YouTube account.

Furthermore, after you have started to play a video, YouTube will be able to place various cookies on your device or comparable technologies for recognition (e.g. device fingerprinting). In this way YouTube will be able to obtain information about this website’s visitors. Among other things, this information will be used to generate video statistics with the aim of improving the user friendliness of the site and to prevent attempts to commit fraud.

Under certain circumstances, additional data processing transactions may be triggered after you have started to play a YouTube video, which are beyond our control.

The use of YouTube is based on our interest in presenting our online content in an appealing manner. Pursuant to Art. 6(1)(f) GDPR, this is a legitimate interest. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

For more information on how YouTube handles user data, please consult the YouTube Data Privacy Policy under: https://policies.google.com/privacy?hl=en.

 

Notes regarding our presence on social media

Data processing resulting from our presence on social media platforms
We are having profiles on various social media platforms. Details on the individual platforms we use can be found in this section.

Purpose:
We are having profiles on various social media platforms. Details on the individual platforms we use can be found in this section.

Description of data processing:
The type of data processing differs from platform to platform. Social networks such as Facebook, Instagram, Twitter, etc. can comprehensively analyze user behavior when you visit the respective platform or a website with integrated social media content (e.g. share/ like buttons or banners). Visiting our profiles on the platforms triggers numerous processing operations relevant to data protection.

For example: If you are logged into your account and visit our profile, the operator of the platform can assign this visit to your user account. Your personal data transmitted when you visit our profile may also be collected if you are not logged in or do not have an account with the respective social media platform. This is done, for example, via cookies that are stored on your terminal device or by recording your IP address.

The data collected in this way enables the platforms to create user profiles of the visitors, in which the preferences and interests of the users are stored. This helps the operators of the platforms to show you advertising tailored to your respective interests inside and outside platforms. This is how the platforms earn money. Provided you have an account with the respective platform, this advertising can be displayed on all devices on which you are or were logged in.

The data processing that takes place on the individual platforms is very difficult for outsiders to understand: It is therefore not possible for us to trace all the processing operations that actually take place on the individual networks. When visiting the platforms, it is therefore quite possible that further processing operations of your data are carried out by the operators. You can find more information on this in the terms of use and data protection provisions of the individual services.

Legal basis:
The legal basis is our legitimate interest in a comprehensive presence on social media platforms pursuant to Art. 6 (1) lit. f DSGVO. The data processing on the social media platforms themselves is based on other legal bases for which the operators themselves are responsible.

Storage period:
Personal data that we have collected directly via the individual platforms will be deleted from our systems as soon as you request us to do so, revoke your consent to storage or the purpose for storing the data no longer applies. Cookies remain on your device until you delete them. We have no direct influence on the storage period of your data on the individual social media platforms.

We have profiles on the following platforms:

Facebook (Meta)

Provider:
Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irleand.

Joint controllership:
When you visit our Facebook page, Facebook and we are jointly responsible for the processing of your data under data protection law. Facebooks agreement of joint controllership has been concluded. It can be viewed here: https://www.facebook.com/legal/terms/page_controller_addendum.

Data transfers to the US:
When visiting our Facebook profile, personal data is transferred to Facebook’s server in the USA. The transfer of personal data to the USA is based on the standard contractual clauses of the EU Commission. These can be viewed here: https://www.facebook.com/legal/EU_data_transfer_addendum.

Information on Facebook and privacy:
Advertising settings in your Facebook profile: https://www.facebook.com/settings?tab=ads.
Facebooks privacy policy: https://www.facebook.com/settings?tab=ads.
Information on the Standard Contractual Clauses: https://de-de.facebook.com/help/566994660333381.

Instagram

Provider:
Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA.

Data transfers to the US:
Whilst visiting our Instagram profile, personal data is transferred to servers of Facebook (Meta), as Instagram’s parent company, in the USA. The data transfer to the USA is based on the concluded standard contractual clauses of the EU Commission. These can be viewed here: https://www.facebook.com/legal/EU_data_transfer_addendum.

Information on Instagram and privacy:
Instagrams privacy policy: https://help.instagram.com/519522125107875. Information on the Standard Contractual Clauses: https://de-de.facebook.com/help/566994660333381.

Twitter

Provider:
Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.

Data transfers to the US: Whilst visiting our Twitter profile, data is transmitted to Twitter’s server in the USA. The data transfer to the USA is based on the concluded standard contractual clauses of the EU Commission. These can be viewed here: https://gdpr.twitter.com/en/controller-to-controller-transfers.html.

Information on Twitter and privacy:
Twitters Privacy Policy: https://twitter.com/de/privacy.

YouTube

Provider:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Information on YouTube and privacy:
Googles privacy policy, as YouTubes parent organisation: https://policies.google.com/privacy?hl=de.
For oweners of a Google account:
Link to disable YouTube History: https://myactivity.google.com/myactivity.
Link to the data and privacy account settings: https://myaccount.google.com/data-and-privacy.

LinkedIN

Provider:
LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Data Processing Addendum:
We have concluded LinkedIns’ data processing addendum, which ensures that the personal data of our website visitors are processed only according to our instructions and in compliance with the DSGVO. LinkedIn’s Data Processing Addendum can be found here: https://www.LinkedIn.com/legal/l/dpa.

Data transfers to the US:
Whilst visiting our LinkedIn profile, data is transferred to LinkedIn servers in the USA. The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. These can be viewed here: https://www.linkedin.com/legal/l/eu-sccs.

Information on LinkedIn and privacy:
LinkedIns privacy policy: https://www.linkedin.com/legal/privacy-policy.
Opt-out cookie to disable LinkedIN retargeting: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

X

Start typing and press Enter to search