Privacy policy

Privacy Policy

1. An overview of data protection

General information

The fol­lo­wing infor­ma­ti­on will pro­vi­de you with an easy to navi­ga­te over­view of what will hap­pen with your per­so­nal data when you visit this web­site. The term “per­so­nal data” com­pri­ses all data that can be used to per­so­nal­ly iden­ti­fy you. For detail­ed infor­ma­ti­on about the sub­ject mat­ter of data pro­tec­tion, plea­se con­sult our Data Pro­tec­tion Decla­ra­ti­on, which we have included beneath this copy.

Data recording on this website

Who is the responsible party for the recording of data on this website (i.e., the “controller”)?

The data on this web­site is pro­ces­sed by the ope­ra­tor of the web­site, who­se cont­act infor­ma­ti­on is available under sec­tion “Infor­ma­ti­on about the respon­si­ble par­ty (refer­red to as the “con­trol­ler” in the GDPR)” in this Pri­va­cy Policy.

How do we record your data?

We coll­ect your data as a result of your sha­ring of your data with us. This may, for ins­tance be infor­ma­ti­on you enter into our cont­act form.

Other data shall be recor­ded by our IT sys­tems auto­ma­ti­cal­ly or after you con­sent to its recor­ding during your web­site visit. This data com­pri­ses pri­ma­ri­ly tech­ni­cal infor­ma­ti­on (e.g., web brow­ser, ope­ra­ting sys­tem, or time the site was acces­sed). This infor­ma­ti­on is recor­ded auto­ma­ti­cal­ly when you access this website.

What are the purposes we use your data for?

A por­ti­on of the infor­ma­ti­on is gene­ra­ted to gua­ran­tee the error free pro­vi­si­on of the web­site. Other data may be used to ana­ly­ze your user patterns.

What rights do you have as far as your information is concerned?

You have the right to recei­ve infor­ma­ti­on about the source, reci­pi­ents, and pur­po­ses of your archi­ved per­so­nal data at any time wit­hout having to pay a fee for such dis­clo­sures. You also have the right to demand that your data are rec­ti­fied or era­di­ca­ted. If you have con­sen­ted to data pro­ces­sing, you have the opti­on to revo­ke this con­sent at any time, which shall affect all future data pro­ces­sing. Moreo­ver, you have the right to demand that the pro­ces­sing of your data be rest­ric­ted under cer­tain cir­cum­s­tances. Fur­ther­mo­re, you have the right to log a com­plaint with the com­pe­tent super­vi­sing agency.

Plea­se do not hesi­ta­te to cont­act us at any time if you have ques­ti­ons about this or any other data pro­tec­tion rela­ted issues.

Analysis tools and tools provided by third parties

The­re is a pos­si­bi­li­ty that your brow­sing pat­terns will be sta­tis­ti­cal­ly ana­ly­zed when your visit this web­site. Such ana­ly­ses are per­for­med pri­ma­ri­ly with what we refer to as ana­ly­sis programs.

For detail­ed infor­ma­ti­on about the­se ana­ly­sis pro­grams plea­se con­sult our Data Pro­tec­tion Decla­ra­ti­on below.

2. Hosting

We are hos­ting the con­tent of our web­site at the fol­lo­wing provider:

Hetzner

The pro­vi­der is the Hetz­ner Online GmbH, Indus­trie­str. 25, 91710 Gun­zen­hau­sen, Ger­ma­ny (her­ein­af­ter refer­red to as Hetzner).

For details, plea­se view the data pri­va­cy poli­cy of Hetz­ner: https://www.hetzner.com/de/legal/privacy-policy/.

We use Hetz­ner on the basis of Art. 6(1)(f) GDPR. We have a legi­ti­ma­te inte­rest in the most relia­ble depic­tion of our web­site pos­si­ble. If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, inso­far the con­sent includes the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. This con­sent can be revo­ked at any time.

Data processing

We have con­cluded a data pro­ces­sing agree­ment (DPA) for the use of the abo­ve-men­tio­ned ser­vice. This is a con­tract man­da­ted by data pri­va­cy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our ins­truc­tions and in com­pli­ance with the GDPR.

3. General information and mandatory information

Data protection

The ope­ra­tors of this web­site and its pages take the pro­tec­tion of your per­so­nal data very serious­ly. Hence, we hand­le your per­so­nal data as con­fi­den­ti­al infor­ma­ti­on and in com­pli­ance with the sta­tu­to­ry data pro­tec­tion regu­la­ti­ons and this Data Pro­tec­tion Declaration.

When­ever you use this web­site, a varie­ty of per­so­nal infor­ma­ti­on will be coll­ec­ted. Per­so­nal data com­pri­ses data that can be used to per­so­nal­ly iden­ti­fy you. This Data Pro­tec­tion Decla­ra­ti­on explains which data we coll­ect as well as the pur­po­ses we use this data for. It also explains how, and for which pur­po­se the infor­ma­ti­on is collected.

We here­wi­th advi­se you that the trans­mis­si­on of data via the Inter­net (i.e., through e-mail com­mu­ni­ca­ti­ons) may be pro­ne to secu­ri­ty gaps. It is not pos­si­ble to com­ple­te­ly pro­tect data against third-par­ty access.

Information about the responsible party (referred to as the “controller” in the GDPR)

The data pro­ces­sing con­trol­ler on this web­site is:

FENECON GmbH
Brunn­wie­sen­str. 4
94469 Deggendorf

Pho­ne: +49 9903 6280-0
E-mail: info@fenecon.de

The con­trol­ler is the natu­ral per­son or legal enti­ty that sin­gle-han­dedly or joint­ly with others makes decis­i­ons as to the pur­po­ses of and resour­ces for the pro­ces­sing of per­so­nal data (e.g., names, e-mail addres­ses, etc.).

Storage duration

Unless a more spe­ci­fic sto­rage peri­od has been spe­ci­fied in this pri­va­cy poli­cy, your per­so­nal data will remain with us until the pur­po­se for which it was coll­ec­ted no lon­ger appli­es. If you assert a jus­ti­fied request for dele­ti­on or revo­ke your con­sent to data pro­ces­sing, your data will be dele­ted, unless we have other legal­ly per­mis­si­ble reasons for sto­ring your per­so­nal data (e.g., tax or com­mer­cial law reten­ti­on peri­ods); in the lat­ter case, the dele­ti­on will take place after the­se reasons cea­se to apply.

General information on the legal basis for the data processing on this website

If you have con­sen­ted to data pro­ces­sing, we pro­cess your per­so­nal data on the basis of Art. 6(1)(a) GDPR or Art. 9 (2)(a) GDPR, if spe­cial cate­go­ries of data are pro­ces­sed accor­ding to Art. 9 (1) DSGVO. In the case of expli­cit con­sent to the trans­fer of per­so­nal data to third count­ries, the data pro­ces­sing is also based on Art. 49 (1)(a) GDPR. If you have con­sen­ted to the sto­rage of coo­kies or to the access to infor­ma­ti­on in your end device (e.g., via device fin­ger­prin­ting), the data pro­ces­sing is addi­tio­nal­ly based on § 25 (1) TDDDG. The con­sent can be revo­ked at any time. If your data is requi­red for the ful­fill­ment of a con­tract or for the imple­men­ta­ti­on of pre-con­trac­tu­al mea­su­res, we pro­cess your data on the basis of Art. 6(1)(b) GDPR. Fur­ther­mo­re, if your data is requi­red for the ful­fill­ment of a legal obli­ga­ti­on, we pro­cess it on the basis of Art. 6(1)© GDPR. Fur­ther­mo­re, the data pro­ces­sing may be car­ri­ed out on the basis of our legi­ti­ma­te inte­rest accor­ding to Art. 6(1)(f) GDPR. Infor­ma­ti­on on the rele­vant legal basis in each indi­vi­du­al case is pro­vi­ded in the fol­lo­wing para­graphs of this pri­va­cy policy.

Designation of a data protection officer

We have appoin­ted a data pro­tec­tion officer.

Det­lef Paß­ber­ger - P-teck
Ries 120
94034 Passau

Pho­ne: +49 851 / 37930128
E-mail: passberger@p-teck.de

Recipients of personal data

In the scope of our busi­ness acti­vi­ties, we coope­ra­te with various exter­nal par­ties. In some cases, this also requi­res the trans­fer of per­so­nal data to the­se exter­nal par­ties. We only dis­c­lo­se per­so­nal data to exter­nal par­ties if this is requi­red as part of the ful­fill­ment of a con­tract, if we are legal­ly obli­ga­ted to do so (e.g., dis­clo­sure of data to tax aut­ho­ri­ties), if we have a legi­ti­ma­te inte­rest in the dis­clo­sure pur­su­ant to Art. 6 (1)(f) GDPR, or if ano­ther legal basis per­mits the dis­clo­sure of this data. When using pro­ces­sors, we only dis­c­lo­se per­so­nal data of our cus­to­mers on the basis of a valid con­tract on data pro­ces­sing. In the case of joint pro­ces­sing, a joint pro­ces­sing agree­ment is concluded.

Revocation of your consent to the processing of data

A wide ran­ge of data pro­ces­sing tran­sac­tions are pos­si­ble only sub­ject to your express con­sent. You can also revo­ke at any time any con­sent you have alre­a­dy given us. This shall be wit­hout pre­ju­di­ce to the lawful­ness of any data coll­ec­tion that occur­red pri­or to your revocation.

Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)

IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS, ON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING, EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION PURSUANT TO ART. 21(1) GDPR).

IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).

Right to log a complaint with the competent supervisory agency

In the event of vio­la­ti­ons of the GDPR, data sub­jects are entit­led to log a com­plaint with a super­vi­so­ry agen­cy, in par­ti­cu­lar in the mem­ber sta­te whe­re they usual­ly main­tain their domic­i­le, place of work or at the place whe­re the alle­ged vio­la­ti­on occur­red. The right to log a com­plaint is in effect regard­less of any other admi­nis­tra­ti­ve or court pro­cee­dings available as legal recourses.

Right to data portability

You have the right to have data that we pro­cess auto­ma­ti­cal­ly on the basis of your con­sent or in ful­fill­ment of a con­tract han­ded over to you or to a third par­ty in a com­mon, machi­ne-rea­da­ble for­mat. If you should demand the direct trans­fer of the data to ano­ther con­trol­ler, this will be done only if it is tech­ni­cal­ly feasible.

Information about, rectification and eradication of data

Within the scope of the appli­ca­ble sta­tu­to­ry pro­vi­si­ons, you have the right to demand infor­ma­ti­on about your archi­ved per­so­nal data, their source and reci­pi­ents as well as the pur­po­se of the pro­ces­sing of your data at any time. You may also have a right to have your data rec­ti­fied or era­di­ca­ted. If you have ques­ti­ons about this sub­ject mat­ter or any other ques­ti­ons about per­so­nal data, plea­se do not hesi­ta­te to cont­act us at any time.

Right to demand processing restrictions

You have the right to demand the impo­si­ti­on of rest­ric­tions as far as the pro­ces­sing of your per­so­nal data is con­cer­ned. To do so, you may cont­act us at any time. The right to demand rest­ric­tion of pro­ces­sing appli­es in the fol­lo­wing cases:

  • In the event that you should dis­pu­te the cor­rect­ness of your data archi­ved by us, we will usual­ly need some time to veri­fy this cla­im. During the time that this inves­ti­ga­ti­on is ongo­ing, you have the right to demand that we rest­rict the pro­ces­sing of your per­so­nal data.
  • If the pro­ces­sing of your per­so­nal data was/is con­duc­ted in an unlawful man­ner, you have the opti­on to demand the rest­ric­tion of the pro­ces­sing of your data ins­tead of deman­ding the era­di­ca­ti­on of this data.
  • If we do not need your per­so­nal data any lon­ger and you need it to exer­cise, defend or cla­im legal entit­le­ments, you have the right to demand the rest­ric­tion of the pro­ces­sing of your per­so­nal data ins­tead of its eradication.
  • If you have rai­sed an objec­tion pur­su­ant to Art. 21(1) GDPR, your rights and our rights will have to be weig­hed against each other. As long as it has not been deter­mi­ned who­se inte­rests pre­vail, you have the right to demand a rest­ric­tion of the pro­ces­sing of your per­so­nal data.

If you have rest­ric­ted the pro­ces­sing of your per­so­nal data, the­se data – with the excep­ti­on of their archi­ving – may be pro­ces­sed only sub­ject to your con­sent or to cla­im, exer­cise or defend legal entit­le­ments or to pro­tect the rights of other natu­ral per­sons or legal enti­ties or for important public inte­rest reasons cited by the Euro­pean Uni­on or a mem­ber sta­te of the EU.

SSL and/or TLS encryption

For secu­ri­ty reasons and to pro­tect the trans­mis­si­on of con­fi­den­ti­al con­tent, such as purcha­se orders or inqui­ries you sub­mit to us as the web­site ope­ra­tor, this web­site uses eit­her an SSL or a TLS encryp­ti­on pro­gram. You can reco­gni­ze an encrypt­ed con­nec­tion by che­cking whe­ther the address line of the brow­ser swit­ches from “http://” to “https://” and also by the appearance of the lock icon in the brow­ser line.

If the SSL or TLS encryp­ti­on is acti­va­ted, data you trans­mit to us can­not be read by third parties.

Rejection of unsolicited e-mails

We here­wi­th object to the use of cont­act infor­ma­ti­on published in con­junc­tion with the man­da­to­ry infor­ma­ti­on to be pro­vi­ded in our Site Noti­ce to send us pro­mo­tio­nal and infor­ma­ti­on mate­ri­al that we have not express­ly reques­ted. The ope­ra­tors of this web­site and its pages reser­ve the express right to take legal action in the event of the unso­li­ci­ted sen­ding of pro­mo­tio­nal infor­ma­ti­on, for ins­tance via SPAM messages.

4. Recording of data on this website

Consent with Borlabs Cookie

Our web­site uses the Borlabs con­sent tech­no­lo­gy to obtain your con­sent to the sto­rage of cer­tain coo­kies in your brow­ser or for the use of cer­tain tech­no­lo­gies and for their data pri­va­cy pro­tec­tion com­pli­ant docu­men­ta­ti­on. The pro­vi­der of this tech­no­lo­gy is Borlabs GmbH, Rüben­kamp 32, 22305 Ham­burg, Ger­ma­ny (her­ein­af­ter refer­red to as Borlabs).

When­ever you visit our web­site, a Borlabs coo­kie will be stored in your brow­ser, which archi­ves any decla­ra­ti­ons or revo­ca­ti­ons of con­sent you have ente­red. The­se data are not shared with the pro­vi­der of the Borlabs technology.

The recor­ded data shall remain archi­ved until you ask us to era­di­ca­te them, dele­te the Borlabs coo­kie on your own or the pur­po­se of sto­ring the data no lon­ger exists. This shall be wit­hout pre­ju­di­ce to any reten­ti­on obli­ga­ti­ons man­da­ted by law. To review the details of Borlabs’ data pro­ces­sing poli­ci­es, plea­se visit https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

We use the Borlabs coo­kie con­sent tech­no­lo­gy to obtain the decla­ra­ti­ons of con­sent man­da­ted by law for the use of coo­kies. The legal basis for the use of such coo­kies is Art. 6(1)© GDPR.

Server log files

The pro­vi­der of this web­site and its pages auto­ma­ti­cal­ly coll­ects and stores infor­ma­ti­on in so-cal­led ser­ver log files, which your brow­ser com­mu­ni­ca­tes to us auto­ma­ti­cal­ly. The infor­ma­ti­on comprises:

  • The type and ver­si­on of brow­ser used
  • The used ope­ra­ting system
  • Refer­rer URL
  • The host­na­me of the acces­sing computer
  • The time of the ser­ver inquiry
  • The IP address

This data is not mer­ged with other data sources.

This data is recor­ded on the basis of Art. 6(1)(f) GDPR. The ope­ra­tor of the web­site has a legi­ti­ma­te inte­rest in the tech­ni­cal­ly error free depic­tion and the opti­miza­ti­on of the operator’s web­site. In order to achie­ve this, ser­ver log files must be recorded.

Contact form

If you sub­mit inqui­ries to us via our cont­act form, the infor­ma­ti­on pro­vi­ded in the cont­act form as well as any cont­act infor­ma­ti­on pro­vi­ded the­r­ein will be stored by us in order to hand­le your inquiry and in the event that we have fur­ther ques­ti­ons. We will not share this infor­ma­ti­on wit­hout your consent.

The pro­ces­sing of the­se data is based on Art. 6(1)(b) GDPR, if your request is rela­ted to the exe­cu­ti­on of a con­tract or if it is neces­sa­ry to car­ry out pre-con­trac­tu­al mea­su­res. In all other cases the pro­ces­sing is based on our legi­ti­ma­te inte­rest in the effec­ti­ve pro­ces­sing of the requests addres­sed to us (Art. 6(1)(f) GDPR) or on your agree­ment (Art. 6(1)(a) GDPR) if this has been reques­ted; the con­sent can be revo­ked at any time.

The infor­ma­ti­on you have ente­red into the cont­act form shall remain with us until you ask us to era­di­ca­te the data, revo­ke your con­sent to the archi­ving of data or if the pur­po­se for which the infor­ma­ti­on is being archi­ved no lon­ger exists (e.g., after we have con­cluded our respon­se to your inquiry). This shall be wit­hout pre­ju­di­ce to any man­da­to­ry legal pro­vi­si­ons, in par­ti­cu­lar reten­ti­on periods.

Request by e-mail, telephone, or fax

If you cont­act us by e-mail, tele­pho­ne or fax, your request, inclu­ding all resul­ting per­so­nal data (name, request) will be stored and pro­ces­sed by us for the pur­po­se of pro­ces­sing your request. We do not pass the­se data on wit­hout your consent.

The­se data are pro­ces­sed on the basis of Art. 6(1)(b) GDPR if your inquiry is rela­ted to the ful­fill­ment of a con­tract or is requi­red for the per­for­mance of pre-con­trac­tu­al mea­su­res. In all other cases, the data are pro­ces­sed on the basis of our legi­ti­ma­te inte­rest in the effec­ti­ve hand­ling of inqui­ries sub­mit­ted to us (Art. 6(1)(f) GDPR) or on the basis of your con­sent (Art. 6(1)(a) GDPR) if it has been obtai­ned; the con­sent can be revo­ked at any time.

The data sent by you to us via cont­act requests remain with us until you request us to dele­te, revo­ke your con­sent to the sto­rage or the pur­po­se for the data sto­rage lap­ses (e.g. after com­ple­ti­on of your request). Man­da­to­ry sta­tu­to­ry pro­vi­si­ons - in par­ti­cu­lar sta­tu­to­ry reten­ti­on peri­ods - remain unaffected.

5. Analysis tools and advertising

Google Analytics

This web­site uses func­tions of the web ana­ly­sis ser­vice Goog­le Ana­ly­tics. The pro­vi­der of this ser­vice is Goog­le Ire­land Limi­t­ed (“Goog­le”), Gor­don House, Bar­row Street, Dub­lin 4, Ireland.

Goog­le Ana­ly­tics enables the web­site ope­ra­tor to ana­ly­ze the beha­vi­or pat­terns of web­site visi­tors. To that end, the web­site ope­ra­tor recei­ves a varie­ty of user data, such as pages acces­sed, time spent on the page, the uti­li­zed ope­ra­ting sys­tem and the user’s ori­gin. This data is assi­gned to the respec­ti­ve end device of the user. An assign­ment to a user-ID does not take place.

Fur­ther­mo­re, Goog­le Ana­ly­tics allows us to record your mou­se and scroll move­ments and clicks, among other things. Goog­le Ana­ly­tics uses various mode­ling approa­ches to aug­ment the coll­ec­ted data sets and uses machi­ne lear­ning tech­no­lo­gies in data analysis.

Goog­le Ana­ly­tics uses tech­no­lo­gies that make the reco­gni­ti­on of the user for the pur­po­se of ana­ly­zing the user beha­vi­or pat­terns (e.g., coo­kies or device fin­ger­prin­ting). The web­site use infor­ma­ti­on recor­ded by Goog­le is, as a rule trans­fer­red to a Goog­le ser­ver in the United Sta­tes, whe­re it is stored.

The use of the­se ser­vices occurs on the basis of your con­sent pur­su­ant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You may revo­ke your con­sent at any time.

Data trans­mis­si­on to the US is based on the Stan­dard Con­trac­tu­al Clau­ses (SCC) of the Euro­pean Com­mis­si­on. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

The com­pa­ny is cer­ti­fied in accordance with the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the US, which is inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­ces­sing in the US. Every com­pa­ny cer­ti­fied under the DPF is obli­ged to com­ply with the­se data pro­tec­tion stan­dards. For more infor­ma­ti­on, plea­se cont­act the pro­vi­der under the fol­lo­wing link: https://www.dataprivacyframework.gov/participant/5780.

IP anonymization

Goog­le Ana­ly­tics IP anony­miza­ti­on is acti­ve. As a result, your IP address will be abbre­via­ted by Goog­le within the mem­ber sta­tes of the Euro­pean Uni­on or in other sta­tes that have rati­fied the Con­ven­ti­on on the Euro­pean Eco­no­mic Area pri­or to its trans­mis­si­on to the United Sta­tes. The full IP address will be trans­mit­ted to one of Google’s ser­vers in the United Sta­tes and abbre­via­ted the­re only in excep­tio­nal cases. On behalf of the ope­ra­tor of this web­site, Goog­le shall use this infor­ma­ti­on to ana­ly­ze your use of this web­site to gene­ra­te reports on web­site acti­vi­ties and to ren­der other ser­vices to the ope­ra­tor of this web­site that are rela­ted to the use of the web­site and the Inter­net. The IP address trans­mit­ted in con­junc­tion with Goog­le Ana­ly­tics from your brow­ser shall not be mer­ged with other data in Google’s possession.

Browser plug-in

You can pre­vent the recor­ding and pro­ces­sing of your data by Goog­le by down­loa­ding and instal­ling the brow­ser plug­in available under the fol­lo­wing link: https://tools.google.com/dlpage/gaoptout?hl=en.

For more infor­ma­ti­on about the hand­ling of user data by Goog­le Ana­ly­tics, plea­se con­sult Google’s Data Pri­va­cy Decla­ra­ti­on at: https://support.google.com/analytics/answer/6004245?hl=en.

Contract data processing

We have exe­cu­ted a con­tract data pro­ces­sing agree­ment with Goog­le and are imple­men­ting the strin­gent pro­vi­si­ons of the Ger­man data pro­tec­tion agen­ci­es to the ful­lest when using Goog­le Analytics.

6. Newsletter

Newsletter data

If you would like to recei­ve the news­let­ter offe­red on the web­site, we requi­re an e-mail address from you as well as infor­ma­ti­on that allows us to veri­fy that you are the owner of the e-mail address pro­vi­ded and that you agree to recei­ve the news­let­ter. Fur­ther data is not coll­ec­ted or only on a vol­un­t­a­ry basis. For the hand­ling of the news­let­ter, we use news­let­ter ser­vice pro­vi­ders, which are descri­bed below.

CleverReach

This web­site uses Cle­ver­Reach for the sen­ding of news­let­ters. The pro­vi­der is the Cle­ver­Reach GmbH & Co. KG, Schaf­jü­cken­weg 2, 26180 Ras­tede, Ger­ma­ny (her­ein­af­ter “Cle­ver­Reach”). Cle­ver­Reach is a ser­vice that can be used to orga­ni­ze and ana­ly­ze the sen­ding of news­let­ters. The data you have ente­red for the pur­po­se of sub­scrib­ing to our news­let­ter (e.g., e-mail address) are stored on ser­vers of Cle­ver­Reach in Ger­ma­ny or in Ireland.

News­let­ters we send out via Cle­ver­Reach allow us to ana­ly­ze the user pat­terns of our news­let­ter reci­pi­ents. Among other things, in con­junc­tion with this, it is pos­si­ble how many reci­pi­ents actual­ly ope­ned the news­let­ter e-mail and how often which link insi­de the news­let­ter has been cli­cked. With the assis­tance of a tool cal­led Con­ver­si­on Track­ing, we can also deter­mi­ne whe­ther an action that has been pre­de­fi­ned in the news­let­ter actual­ly occur­red after the link was cli­cked (e.g., purcha­se of a pro­duct on this web­site). For more infor­ma­ti­on on the data ana­ly­sis ser­vices by Cle­ver­Reach news­let­ters, plea­se go to: https://www.cleverreach.com/en/features/reporting-tracking/.

The data is pro­ces­sed based on your con­sent (Art. 6(1)(a) GDPR). You may revo­ke any con­sent you have given at any time by unsub­scrib­ing from the news­let­ter. This shall be wit­hout pre­ju­di­ce to the lawful­ness of any data pro­ces­sing tran­sac­tions that have taken place pri­or to your revocation.

If you do not want to per­mit an ana­ly­sis by Cle­ver­Reach, you must unsub­scri­be from the news­let­ter. We pro­vi­de a link for you to do this in every news­let­ter message.

The data depo­si­ted with us for the pur­po­se of sub­scrib­ing to the news­let­ter will be stored by us until you unsub­scri­be from the news­let­ter or the news­let­ter ser­vice pro­vi­der and dele­ted from the news­let­ter dis­tri­bu­ti­on list after you unsub­scri­be from the news­let­ter. Data stored for other pur­po­ses with us remain unaffected.

After you unsub­scri­be from the news­let­ter dis­tri­bu­ti­on list, your e-mail address may be stored by us or the news­let­ter ser­vice pro­vi­der in a black­list, if such action is neces­sa­ry to pre­vent future mai­lings. The data from the black­list is used only for this pur­po­se and not mer­ged with other data. This ser­ves both your inte­rest and our inte­rest in com­ply­ing with the legal requi­re­ments when sen­ding news­let­ters (legi­ti­ma­te inte­rest within the mea­ning of Art. 6(1)(f) GDPR). The sto­rage in the black­list is inde­fi­ni­te. You may object to the sto­rage if your inte­rests out­weigh our legi­ti­ma­te interest.

For more details, plea­se con­sult the Data Pro­tec­tion Pro­vi­si­ons of Cle­ver­Reach at: https://www.cleverreach.com/en/privacy-policy/.

Data processing

We have con­cluded a data pro­ces­sing agree­ment (DPA) for the use of the abo­ve-men­tio­ned ser­vice. This is a con­tract man­da­ted by data pri­va­cy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our ins­truc­tions and in com­pli­ance with the GDPR.

7. Plug-ins and Tools

Google Maps

This web­site uses the map­ping ser­vice Goog­le Maps. The pro­vi­der is Goog­le Ire­land Limi­t­ed (“Goog­le”), Gor­don House, Bar­row Street, Dub­lin 4, Ire­land. With the means of this ser­vice, we can inte­gra­te map mate­ri­al on our website.

To enable the use of the Goog­le Maps fea­tures, your IP address must be stored. As a rule, this infor­ma­ti­on is trans­fer­red to one of Google’s ser­vers in the United Sta­tes, whe­re it is archi­ved. The ope­ra­tor of this web­site has no con­trol over the data trans­fer. In case Goog­le Maps has been acti­va­ted, Goog­le has the opti­on to use Goog­le Fonts for the pur­po­se of the uni­form depic­tion of fonts. When you access Goog­le Maps, your brow­ser will load the requi­red web fonts into your brow­ser cache, to cor­rect­ly dis­play text and fonts.

We use Goog­le Maps to pre­sent our online con­tent in an appe­al­ing man­ner and to make the loca­ti­ons dis­c­lo­sed on our web­site easy to find. This con­sti­tu­tes a legi­ti­ma­te inte­rest as defi­ned in Art. 6(1)(f) GDPR. If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, inso­far the con­sent includes the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. This con­sent can be revo­ked at any time.

Data trans­mis­si­on to the US is based on the Stan­dard Con­trac­tu­al Clau­ses (SCC) of the Euro­pean Com­mis­si­on. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

For more infor­ma­ti­on on the hand­ling of user data, plea­se review Google’s Data Pri­va­cy Decla­ra­ti­on under: https://policies.google.com/privacy?hl=en.

The com­pa­ny is cer­ti­fied in accordance with the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the US, which is inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­ces­sing in the US. Every com­pa­ny cer­ti­fied under the DPF is obli­ged to com­ply with the­se data pro­tec­tion stan­dards. For more infor­ma­ti­on, plea­se cont­act the pro­vi­der under the fol­lo­wing link: https://www.dataprivacyframework.gov/participant/5780.

Google reCAPTCHA

We use “Goog­le reCAPTCHA” (her­ein­af­ter refer­red to as “reCAPTCHA”) on this web­site. The pro­vi­der is Goog­le Ire­land Limi­t­ed (“Goog­le”), Gor­don House, Bar­row Street, Dub­lin 4, Ireland.

The pur­po­se of reCAPTCHA is to deter­mi­ne whe­ther data ente­red on this web­site (e.g., infor­ma­ti­on ente­red into a cont­act form) is being pro­vi­ded by a human user or by an auto­ma­ted pro­gram. To deter­mi­ne this, reCAPTCHA ana­ly­zes the beha­vi­or of the web­site visi­tors based on a varie­ty of para­me­ters. This ana­ly­sis is trig­ge­red auto­ma­ti­cal­ly as soon as the web­site visi­tor enters the site. For this ana­ly­sis, reCAPTCHA eva­lua­tes a varie­ty of data (e.g., IP address, time the web­site visi­tor spent on the site or cur­sor move­ments initia­ted by the user). The data tra­cked during such ana­ly­ses are for­ward­ed to Google.

reCAPTCHA ana­ly­ses run enti­re­ly in the back­ground. Web­site visi­tors are not aler­ted that an ana­ly­sis is underway.

Data are stored and ana­ly­zed on the basis of Art. 6(1)(f) GDPR. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in the pro­tec­tion of the operator’s web­sites against abu­si­ve auto­ma­ted spy­ing and against SPAM. If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, inso­far the con­sent includes the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. This con­sent can be revo­ked at any time.

For more infor­ma­ti­on about Goog­le reCAPTCHA plea­se refer to the Goog­le Data Pri­va­cy Decla­ra­ti­on and Terms Of Use under the fol­lo­wing links: https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en.

The com­pa­ny is cer­ti­fied in accordance with the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the US, which is inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­ces­sing in the US. Every com­pa­ny cer­ti­fied under the DPF is obli­ged to com­ply with the­se data pro­tec­tion stan­dards. For more infor­ma­ti­on, plea­se cont­act the pro­vi­der under the fol­lo­wing link: https://www.dataprivacyframework.gov/participant/5780.

8. Custom Services

Handling applicant data

We offer web­site visi­tors the oppor­tu­ni­ty to sub­mit job appli­ca­ti­ons to us (e.g., via e-mail, via pos­tal ser­vices on by sub­mit­ting the online job appli­ca­ti­on form). Below, we will brief you on the scope, pur­po­se and use of the per­so­nal data coll­ec­ted from you in con­junc­tion with the appli­ca­ti­on pro­cess. We assu­re you that the coll­ec­tion, pro­ces­sing, and use of your data will occur in com­pli­ance with the appli­ca­ble data pri­va­cy rights and all other sta­tu­to­ry pro­vi­si­ons and that your data will always be trea­ted as strict­ly confidential.

Scope and purpose of the collection of data

If you sub­mit a job appli­ca­ti­on to us, we will pro­cess any affi­lia­ted per­so­nal data (e.g., cont­act and com­mu­ni­ca­ti­ons data, appli­ca­ti­on docu­ments, notes taken during job inter­views, etc.), if they are requi­red to make a decis­i­on con­cer­ning the estab­lish­ment or an employ­ment rela­ti­onship. The legal grounds for the afo­re­men­tio­ned are § 26 BDSG accor­ding to Ger­man Law (Nego­tia­ti­on of an Employ­ment Rela­ti­onship), Art. 6(1)(b) GDPR (Gene­ral Con­tract Nego­tia­ti­ons) and – pro­vi­ded you have given us your con­sent – Art. 6(1)(a) GDPR. You may revo­ke any con­sent given at any time. Within our com­pa­ny, your per­so­nal data will only be shared with indi­vi­du­als who are invol­ved in the pro­ces­sing of your job application.

If your job appli­ca­ti­on should result in your recruit­ment, the data you have sub­mit­ted will be archi­ved on the grounds of § 26 BDSG and Art. 6(1)(b) GDPR for the pur­po­se of imple­men­ting the employ­ment rela­ti­onship in our data pro­ces­sing system.

Data Archiving Period

If we are unable to make you a job offer or you reject a job offer or with­draw your appli­ca­ti­on, we reser­ve the right to retain the data you have sub­mit­ted on the basis of our legi­ti­ma­te inte­rests (Art. 6(1)(f) GDPR) for up to 6 months from the end of the appli­ca­ti­on pro­ce­du­re (rejec­tion or with­dra­wal of the appli­ca­ti­on). After­wards the data will be dele­ted, and the phy­si­cal appli­ca­ti­on docu­ments will be des­troy­ed. The sto­rage ser­ves in par­ti­cu­lar as evi­dence in the event of a legal dis­pu­te. If it is evi­dent that the data will be requi­red after the expiry of the 6-month peri­od (e.g., due to an impen­ding or pen­ding legal dis­pu­te), dele­ti­on will only take place when the pur­po­se for fur­ther sto­rage no lon­ger applies.

Lon­ger sto­rage may also take place if you have given your agree­ment (Artic­le 6(1)(a) GDPR) or if sta­tu­to­ry data reten­ti­on requi­re­ments pre­clude the deletion.

Admission to the applicant pool

If we do not make you a job offer, you may be able to join our appli­cant pool. In case of admis­si­on, all docu­ments and infor­ma­ti­on from the appli­ca­ti­on will be trans­fer­red to the appli­cant pool in order to cont­act you in case of sui­ta­ble vacancies.

Admis­si­on to the appli­cant pool is based exclu­si­ve­ly on your express agree­ment (Art. 6(1)(a) GDPR). The sub­mis­si­on agree­ment is vol­un­t­a­ry and has no rela­ti­on to the ongo­ing appli­ca­ti­on pro­ce­du­re. The affec­ted per­son can revo­ke his agree­ment at any time. In this case, the data from the appli­cant pool will be irre­vo­ca­bly dele­ted, pro­vi­ded the­re are no legal reasons for storage.

The data from the appli­cant pool will be irre­vo­ca­bly dele­ted no later than two years after con­sent has been granted.

Stand: 17.09.2024