Pre­am­ble

With the fol­low­ing pri­vacy pol­icy we would like to inform you which types of your per­sonal data (here­inafter also abbre­vi­ated as “data”) we process for which pur­poses and in which scope. The pri­vacy state­ment applies to all pro­cess­ing of per­sonal data car­ried out by us, both in the con­text of pro­vid­ing our ser­vices and in par­tic­u­lar on our web­sites, in mobile appli­ca­tions and within exter­nal online pres­ences, such as our social media pro­files (here­inafter col­lec­tively referred to as “online ser­vices”).

The terms used are not gender-​​specific.

Last Update: 6. July 2023

Table of con­tents

Con­troller

Rel­e­vant legal bases accord­ing

Rel­e­vant legal bases accord­ing to the GDPR: In the fol­low­ing, you will find an overview of the legal basis of the GDPR on which we base the pro­cess­ing of per­sonal data. Please note that in addi­tion to the pro­vi­sions of the GDPR, national data pro­tec­tion pro­vi­sions of your or our coun­try of res­i­dence or domi­cile may apply. If, in addi­tion, more spe­cific legal bases are applic­a­ble in indi­vid­ual cases, we will inform you of these in the data pro­tec­tion dec­la­ra­tion.

  • Con­sent (Arti­cle 6 (1) (a) GDPR) – The data sub­ject has given con­sent to the pro­cess­ing of his or her per­sonal data for one or more spe­cific pur­poses.
  • Per­for­mance of a con­tract and prior requests (Arti­cle 6 (1) (b) GDPR) – Per­for­mance of a con­tract to which the data sub­ject is party or in order to take steps at the request of the data sub­ject prior to enter­ing into a con­tract.
  • Legit­i­mate Inter­ests (Arti­cle 6 (1) (f) GDPR) – Pro­cess­ing is nec­es­sary for the pur­poses of the legit­i­mate inter­ests pur­sued by the con­troller or by a third party, except where such inter­ests are over­rid­den by the inter­ests or fun­da­men­tal rights and free­doms of the data sub­ject which require pro­tec­tion of per­sonal data.

National data pro­tec­tion reg­u­la­tions in Ger­many: In addi­tion to the data pro­tec­tion reg­u­la­tions of the GDPR, national reg­u­la­tions apply to data pro­tec­tion in Ger­many. This includes in par­tic­u­lar the Law on Pro­tec­tion against Mis­use of Per­sonal Data in Data Pro­cess­ing (Fed­eral Data Pro­tec­tion Act – BDSG). In par­tic­u­lar, the BDSG con­tains spe­cial pro­vi­sions on the right to access, the right to erase, the right to object, the pro­cess­ing of spe­cial cat­e­gories of per­sonal data, pro­cess­ing for other pur­poses and trans­mis­sion as well as auto­mated indi­vid­ual decision-​​making, includ­ing pro­fil­ing. Fur­ther­more, data pro­tec­tion laws of the indi­vid­ual fed­eral states may apply.

Ref­er­ence to the applic­a­bil­ity of the GDPR and the Swiss DPA: These pri­vacy notices are intended to pro­vide infor­ma­tion in accor­dance with both the Swiss Data Pro­tec­tion Act (Swiss DPA) and the Gen­eral Data Pro­tec­tion Reg­u­la­tion (GDPR). For this rea­son, we ask you to note that due to the broader spa­tial appli­ca­tion and com­pre­hen­si­bil­ity, the terms of the GDPR have been replaced with Swiss terms. Specif­i­cally, instead of the GDPR terms “pro­cess­ing” of “per­sonal data” (or briefly “data”), and “legit­i­mate inter­est”, the terms used in the Swiss DPA, “pro­cess­ing” of “per­sonal data” and “pre­dom­i­nant inter­est”, are used. How­ever, the legal mean­ing of the terms con­tin­ues to be deter­mined by the Swiss DPA in the con­text of its appli­ca­tion.

Overview of pro­cess­ing oper­a­tions

The fol­low­ing table sum­marises the types of data processed, the pur­poses for which they are processed and the con­cerned data sub­jects.

Cat­e­gories of Processed Data

  • Inven­tory data.
  • Con­tact data.
  • Con­tent data.
  • Usage data.
  • Meta, com­mu­ni­ca­tion and process data.

Cat­e­gories of Data Sub­jects

  • Com­mu­ni­ca­tion part­ner.
  • Users.

Pur­poses of Pro­cess­ing

  • Con­tact requests and com­mu­ni­ca­tion.
  • Secu­rity mea­sures.
  • Web Ana­lyt­ics.
  • Man­ag­ing and respond­ing to inquiries.
  • Feed­back.
  • Pro­files with user-​​related infor­ma­tion.
  • Pro­vi­sion of our online ser­vices and usabil­ity.
  • Infor­ma­tion tech­nol­ogy infra­struc­ture.

Secu­rity Pre­cau­tions

We take appro­pri­ate tech­ni­cal and organ­i­sa­tional mea­sures in accor­dance with the legal require­ments, tak­ing into account the state of the art, the costs of imple­men­ta­tion and the nature, scope, con­text and pur­poses of pro­cess­ing as well as the risk of vary­ing like­li­hood and sever­ity for the rights and free­doms of nat­ural per­sons, in order to ensure a level of secu­rity appro­pri­ate to the risk.

The mea­sures include, in par­tic­u­lar, safe­guard­ing the con­fi­den­tial­ity, integrity and avail­abil­ity of data by con­trol­ling phys­i­cal and elec­tronic access to the data as well as access to, input, trans­mis­sion, secur­ing and sep­a­ra­tion of the data. In addi­tion, we have estab­lished pro­ce­dures to ensure that data sub­jects’ rights are respected, that data is erased, and that we are pre­pared to respond to data threats rapidly. Fur­ther­more, we take the pro­tec­tion of per­sonal data into account as early as the devel­op­ment or selec­tion of hard­ware, soft­ware and ser­vice providers, in accor­dance with the prin­ci­ple of pri­vacy by design and pri­vacy by default.

TLS encryp­tion (https): To pro­tect your data trans­mit­ted via our online ser­vices, we use TLS encryp­tion. You can rec­og­nize such encrypted con­nec­tions by the pre­fix https:// in the address bar of your browser.

Trans­mis­sion of Per­sonal Data

In the con­text of our pro­cess­ing of per­sonal data, it may hap­pen that the data is trans­ferred to other places, com­pa­nies or per­sons or that it is dis­closed to them. Recip­i­ents of this data may include, for exam­ple, ser­vice providers com­mis­sioned with IT tasks or providers of ser­vices and con­tent that are embed­ded in a web­site. In such cases, the legal require­ments will be respected and in par­tic­u­lar cor­re­spond­ing con­tracts or agree­ments, which serve the pro­tec­tion of your data, will be con­cluded with the recip­i­ents of your data.

Rights of Data Sub­jects

Rights of the Data Sub­jects under the GDPR: As data sub­ject, you are enti­tled to var­i­ous rights under the GDPR, which arise in par­tic­u­lar from Arti­cles 15 to 21 of the GDPR:

  • Right to Object: You have the right, on grounds aris­ing from your par­tic­u­lar sit­u­a­tion, to object at any time to the pro­cess­ing of your per­sonal data which is based on let­ter (e) or (f) of Arti­cle 6(1) GDPR, includ­ing pro­fil­ing based on those pro­vi­sions. Where per­sonal data are processed for direct mar­ket­ing pur­poses, you have the right to object at any time to the pro­cess­ing of the per­sonal data con­cern­ing you for the pur­pose of such mar­ket­ing, which includes pro­fil­ing to the extent that it is related to such direct mar­ket­ing.
  • Right of with­drawal for con­sents: You have the right to revoke con­sents at any time.
  • Right of access: You have the right to request con­fir­ma­tion as to whether the data in ques­tion will be processed and to be informed of this data and to receive fur­ther infor­ma­tion and a copy of the data in accor­dance with the pro­vi­sions of the law.
  • Right to rec­ti­fi­ca­tion: You have the right, in accor­dance with the law, to request the com­ple­tion of the data con­cern­ing you or the rec­ti­fi­ca­tion of the incor­rect data con­cern­ing you.
  • Right to Era­sure and Right to Restric­tion of Pro­cess­ing: In accor­dance with the statu­tory pro­vi­sions, you have the right to demand that the rel­e­vant data be erased imme­di­ately or, alter­na­tively, to demand that the pro­cess­ing of the data be restricted in accor­dance with the statu­tory pro­vi­sions.
  • Right to data porta­bil­ity: You have the right to receive data con­cern­ing you which you have pro­vided to us in a struc­tured, com­mon and machine-​​readable for­mat in accor­dance with the legal require­ments, or to request its trans­mis­sion to another con­troller.
  • Com­plaint to the super­vi­sory author­ity: In accor­dance with the law and with­out prej­u­dice to any other admin­is­tra­tive or judi­cial rem­edy, you also have the right to lodge a com­plaint with a data pro­tec­tion super­vi­sory author­ity, in par­tic­u­lar a super­vi­sory author­ity in the Mem­ber State where you habit­u­ally reside, the super­vi­sory author­ity of your place of work or the place of the alleged infringe­ment, if you con­sider that the pro­cess­ing of per­sonal data con­cern­ing you infringes the GDPR.

Use of Cook­ies

Cook­ies are small text files or other data records that store infor­ma­tion on end devices and read infor­ma­tion from the end devices. For exam­ple, to store the login sta­tus in a user account, the con­tents of a shop­ping cart in an e-​​shop, the con­tents accessed or the func­tions used. Cook­ies can also be used for var­i­ous pur­poses, e.g. for pur­poses of func­tion­al­ity, secu­rity and con­ve­nience of online offers as well as the cre­ation of analy­ses of vis­i­tor flows.

Infor­ma­tion on con­sent: We use cook­ies in accor­dance with the statu­tory pro­vi­sions. There­fore, we obtain prior con­sent from users, except when it is not required by law. In par­tic­u­lar, con­sent is not required if the stor­age and read­ing of infor­ma­tion, includ­ing cook­ies, is strictly nec­es­sary in order to pro­vide an infor­ma­tion soci­ety ser­vice explic­itly requested by the sub­scriber or user. Essen­tial cook­ies usu­ally include cook­ies with func­tions related to the dis­play and oper­abil­ity of the onli­ne­ser­vice, load bal­anc­ing, secu­rity, stor­age of users’ pref­er­ences and choices or sim­i­lar pur­poses related to the pro­vi­sion of the main and sec­ondary func­tions of the onli­ne­ser­vice requested by users. The revo­ca­ble con­sent will be clearly com­mu­ni­cated to the user and will con­tain the infor­ma­tion on the respec­tive cookie use.

Infor­ma­tion on legal bases under data pro­tec­tion law: The legal basis under data pro­tec­tion law on which we process users’ per­sonal data with the use of cook­ies depends on whether we ask users for con­sent. If users con­sent, the legal basis for pro­cess­ing their data is their declared con­sent. Oth­er­wise, the data processed with the help of cook­ies is processed on the basis of our legit­i­mate inter­ests (e.g. in a busi­ness oper­a­tion of our online ser­vices and improve­ment of its usabil­ity) or, if this is done in the con­text of the ful­fill­ment of our con­trac­tual oblig­a­tions, if the use of cook­ies is nec­es­sary to ful­fill our con­trac­tual oblig­a­tions. For which pur­poses the cook­ies are processed by us, we do clar­ify in the course of this pri­vacy pol­icy or in the con­text of our con­sent and pro­cess­ing pro­ce­dures.

Reten­tion period: With regard to the reten­tion period, a dis­tinc­tion is drawn between the fol­low­ing types of cook­ies:

  • Tem­po­rary cook­ies (also known as “ses­sion cook­ies”): Tem­po­rary cook­ies are deleted at the lat­est after a user has left an online ser­vice and closed his or her end device (i.e. browser or mobile appli­ca­tion).
  • Per­ma­nent cook­ies: Per­ma­nent cook­ies remain stored even after the ter­mi­nal device is closed. For exam­ple, the login sta­tus can be saved, or pre­ferred con­tent can be dis­played directly when the user vis­its a web­site again. Like­wise, user data col­lected with the help of cook­ies can be used for reach mea­sure­ment. Unless we pro­vide users with explicit infor­ma­tion about the type and stor­age dura­tion of cook­ies (e.g., as part of obtain­ing con­sent), users should assume that cook­ies are per­ma­nent and that the stor­age period can be up to two years.

Gen­eral notes on revo­ca­tion and objec­tion (so-​​called “Opt-​​Out”): Users can revoke the con­sents they have given at any time and object to the pro­cess­ing in accor­dance with legal require­ments. Users can restrict the use of cook­ies in their browser set­tings, among other options (although this may also limit the func­tion­al­ity of our online offer­ing). A objec­tion to the use of cook­ies for online mar­ket­ing pur­poses can also be made through the web­sites https://​optout​.aboutads​.info and https://​www​.youron​line​choices​.com/.

  • Legal Basis: Legit­i­mate Inter­ests (Arti­cle 6(1)(1)(f) GDPR); Con­sent (Arti­cle 6(1)(a) GDPR).

Fur­ther infor­ma­tion on pro­cess­ing meth­ods, pro­ce­dures and ser­vices used:

  • Pro­cess­ing Cookie Data on the Basis of Con­sent: We use a cookie man­age­ment solu­tion in which users’ con­sent to the use of cook­ies, or the pro­ce­dures and providers men­tioned in the cookie man­age­ment solu­tion, can be obtained, man­aged and revoked by the users. The dec­la­ra­tion of con­sent is stored so that it does not have to be retrieved again and the con­sent can be proven in accor­dance with the legal oblig­a­tion. Stor­age can take place server-​​sided and/​or in a cookie (so-​​called opt-​​out cookie or with the aid of com­pa­ra­ble tech­nolo­gies) in order to be able to assign the con­sent to a user or and/​or his/​her device. Sub­ject to indi­vid­ual details of the providers of cookie man­age­ment ser­vices, the fol­low­ing infor­ma­tion applies: The dura­tion of the stor­age of the con­sent can be up to two years. In this case, a pseu­do­ny­mous user iden­ti­fier is formed and stored with the date/​time of con­sent, infor­ma­tion on the scope of the con­sent (e.g. which cat­e­gories of cook­ies and/​or ser­vice providers) as well as the browser, sys­tem and used end device; Legal Basis: Con­sent (Arti­cle 6(1)(a) GDPR).
  • Bor­lab­sCookie: Cookie-​​Consent Man­ager; Ser­vice provider: Hosted locally on our server, no data trans­fer to third par­ties; Web­site: https://​bor​labs​.io/​b​o​r​l​a​b​s​-​c​o​okie/; Fur­ther Infor­ma­tion: An indi­vid­ual user ID, lan­guage as well as types of con­sent and the time of their sub­mis­sion are stored on the server and in the cookie on the user’s device.

Overview and Con­fig­u­ra­tion of Your Con­sent

Here you can see the con­sents you have granted or denied for the pro­cess­ing of per­sonal data in the past:

DateVer­sionCon­sents

We have stored these set­tings under the ID . You can mod­ify them Change set­tings.

All Cook­ies

Essen­tial

Essen­tial cook­ies enable basic func­tions and are nec­es­sary for the proper func­tion of the web­site.

Exter­nal Media

Con­tent from video plat­forms and social media plat­forms is blocked by default. If Exter­nal Media cook­ies are accepted, access to those con­tents no longer requires man­ual con­sent.

YouTube

NameYouTube
ProviderGoogle Ire­land Lim­ited, Gor­don House, Bar­row Street, Dublin 4, Ire­land
Pur­poseUsed to unblock YouTube con­tent.
Pri­vacy Pol­icyhttps://​poli​cies​.google​.com/​p​r​ivacy
Host(s)google​.com
Cookie NameNID
Cookie Expiry6 Months

Pro­vi­sion of online ser­vices and web host­ing

We process user data in order to be able to pro­vide them with our online ser­vices. For this pur­pose, we process the IP address of the user, which is nec­es­sary to trans­mit the con­tent and func­tions of our online ser­vices to the user’s browser or ter­mi­nal device.

  • Processed data types: Usage data (e.g. web­sites vis­ited, inter­est in con­tent, access times); Meta, com­mu­ni­ca­tion and process data (e.g. IP addresses, time infor­ma­tion, iden­ti­fi­ca­tion num­bers, con­sent sta­tus); Con­tent data (e.g. text input, pho­tographs, videos).
  • Data sub­jects: Users (e.g. web­site vis­i­tors, users of online ser­vices).
  • Pur­poses of Pro­cess­ing: Pro­vi­sion of our online ser­vices and usabil­ity; Infor­ma­tion tech­nol­ogy infra­struc­ture (Oper­a­tion and pro­vi­sion of infor­ma­tion sys­tems and tech­ni­cal devices, such as com­put­ers, servers, etc.).); Secu­rity mea­sures.
  • Legal Basis: Legit­i­mate Inter­ests (Arti­cle 6(1)(1)(f) GDPR).

Fur­ther infor­ma­tion on pro­cess­ing meth­ods, pro­ce­dures and ser­vices used:

  • Pro­vi­sion of online offer on rented host­ing space: For the pro­vi­sion of our online ser­vices, we use stor­age space, com­put­ing capac­ity and soft­ware that we rent or oth­er­wise obtain from a cor­re­spond­ing server provider (also referred to as a “web hoster”); Legal Basis: Legit­i­mate Inter­ests (Arti­cle 6(1)(1)(f) GDPR).
  • Col­lec­tion of Access Data and Log Files: The access to our online ser­vices is logged in the form of so-​​called “server log files”. Server log files may include the address and name of the web pages and files accessed, the date and time of access, data vol­umes trans­ferred, noti­fi­ca­tion of suc­cess­ful access, browser type and ver­sion, the user’s oper­at­ing sys­tem, refer­rer URL (the pre­vi­ously vis­ited page) and, as a gen­eral rule, IP addresses and the request­ing provider.
    The server log files can be used for secu­rity pur­poses, e.g. to avoid over­load­ing the servers (espe­cially in the case of abu­sive attacks, so-​​called DDoS attacks) and to ensure the sta­bil­ity and opti­mal load bal­anc­ing of the servers; Legal Basis: Legit­i­mate Inter­ests (Arti­cle 6(1)(1)(f) GDPR); Reten­tion period: Log file infor­ma­tion is stored for a max­i­mum period of 30 days and then deleted or anonymized. Data, the fur­ther stor­age of which is nec­es­sary for evi­dence pur­poses, are excluded from dele­tion until the respec­tive inci­dent has been finally clar­i­fied.
  • E-​​mail Send­ing and Host­ing: The web host­ing ser­vices we use also include send­ing, receiv­ing and stor­ing e-​​mails. For these pur­poses, the addresses of the recip­i­ents and senders, as well as other infor­ma­tion relat­ing to the send­ing of e-​​mails (e.g. the providers involved) and the con­tents of the respec­tive e-​​mails are processed. The above data may also be processed for SPAM detec­tion pur­poses. Please note that e-​​mails on the Inter­net are gen­er­ally not sent in encrypted form. As a rule, e-​​mails are encrypted dur­ing trans­port, but not on the servers from which they are sent and received (unless a so-​​called end-​​to-​​end encryp­tion method is used). We can there­fore accept no respon­si­bil­ity for the trans­mis­sion path of e-​​mails between the sender and recep­tion on our server; Legal Basis: Legit­i­mate Inter­ests (Arti­cle 6(1)(1)(f) GDPR).

Con­tact and Inquiry Man­age­ment

When con­tact­ing us (e.g. via mail, con­tact form, e-​​mail, tele­phone or via social media) as well as in the con­text of exist­ing user and busi­ness rela­tion­ships, the infor­ma­tion of the inquir­ing per­sons is processed to the extent nec­es­sary to respond to the con­tact requests and any requested mea­sures.

  • Processed data types: Con­tact data (e.g. e-​​mail, tele­phone num­bers); Con­tent data (e.g. text input, pho­tographs, videos); Usage data (e.g. web­sites vis­ited, inter­est in con­tent, access times); Meta, com­mu­ni­ca­tion and process data (e.g. IP addresses, time infor­ma­tion, iden­ti­fi­ca­tion num­bers, con­sent sta­tus).
  • Data sub­jects: Com­mu­ni­ca­tion part­ner (Recip­i­ents of e-​​mails, let­ters, etc.).
  • Pur­poses of Pro­cess­ing: Con­tact requests and com­mu­ni­ca­tion; Man­ag­ing and respond­ing to inquiries; Feed­back (e.g. col­lect­ing feed­back via online form); Pro­vi­sion of our online ser­vices and usabil­ity.
  • Legal Basis: Legit­i­mate Inter­ests (Arti­cle 6(1)(1)(f) GDPR); Per­for­mance of a con­tract and prior requests (Arti­cle 6(1)(1)(b) GDPR).

Fur­ther infor­ma­tion on pro­cess­ing meth­ods, pro­ce­dures and ser­vices used:

  • Con­tact form: When users con­tact us via our con­tact form, e-​​mail or other com­mu­ni­ca­tion chan­nels, we process the data pro­vided to us in this con­text to process the com­mu­ni­cated request; Legal Basis: Per­for­mance of a con­tract and prior requests (Arti­cle 6(1)(1)(b) GDPR), Legit­i­mate Inter­ests (Arti­cle 6(1)(1)(f) GDPR).

Web Analy­sis, Mon­i­tor­ing and Opti­miza­tion

Web analy­sis is used to eval­u­ate the vis­i­tor traf­fic on our web­site and may include the behav­iour, inter­ests or demo­graphic infor­ma­tion of users, such as age or gen­der, as pseu­do­ny­mous val­ues. With the help of web analy­sis we can e.g. rec­og­nize, at which time our online ser­vices or their func­tions or con­tents are most fre­quently used or requested for repeat­edly, as well as which areas require opti­miza­tion.

In addi­tion to web analy­sis, we can also use test pro­ce­dures, e.g. to test and opti­mize dif­fer­ent ver­sions of our online ser­vices or their com­po­nents.

Unless oth­er­wise stated below, pro­files, i.e. data aggre­gated for a usage process, can be cre­ated for these pur­poses and infor­ma­tion can be stored in a browser or in a ter­mi­nal device and read from it. The infor­ma­tion col­lected includes, in par­tic­u­lar, web­sites vis­ited and ele­ments used there as well as tech­ni­cal infor­ma­tion such as the browser used, the com­puter sys­tem used and infor­ma­tion on usage times. If users have agreed to the col­lec­tion of their loca­tion data from us or from the providers of the ser­vices we use, loca­tion data may also be processed.

Unless oth­er­wise stated below, pro­files, that is data sum­ma­rized for a usage process or user, may be cre­ated for these pur­poses and stored in a browser or ter­mi­nal device (so-​​called “cook­ies”) or sim­i­lar processes may be used for the same pur­pose. The infor­ma­tion col­lected includes, in par­tic­u­lar, web­sites vis­ited and ele­ments used there as well as tech­ni­cal infor­ma­tion such as the browser used, the com­puter sys­tem used and infor­ma­tion on usage times. If users have con­sented to the col­lec­tion of their loca­tion data or pro­files to us or to the providers of the ser­vices we use, these may also be processed, depend­ing on the provider.

The IP addresses of the users are also stored. How­ever, we use any exist­ing IP mask­ing pro­ce­dure (i.e. pseu­do­nymi­sa­tion by short­en­ing the IP address) to pro­tect the user. In gen­eral, within the frame­work of web analy­sis, A/​B test­ing and opti­mi­sa­tion, no user data (such as e-​​mail addresses or names) is stored, but pseu­do­nyms. This means that we, as well as the providers of the soft­ware used, do not know the actual iden­tity of the users, but only the infor­ma­tion stored in their pro­files for the pur­poses of the respec­tive processes.

  • Processed data types: Usage data (e.g. web­sites vis­ited, inter­est in con­tent, access times); Meta, com­mu­ni­ca­tion and process data (e.g. IP addresses, time infor­ma­tion, iden­ti­fi­ca­tion num­bers, con­sent sta­tus).
  • Data sub­jects: Users (e.g. web­site vis­i­tors, users of online ser­vices).
  • Pur­poses of Pro­cess­ing: Web Ana­lyt­ics (e.g. access sta­tis­tics, recog­ni­tion of return­ing vis­i­tors); Pro­files with user-​​related infor­ma­tion (Cre­at­ing user pro­files).
  • Secu­rity mea­sures: IP Mask­ing (Pseu­do­nymiza­tion of the IP address).
  • Legal Basis: Legit­i­mate Inter­ests (Arti­cle 6(1)(1)(f) GDPR).

Fur­ther infor­ma­tion on pro­cess­ing meth­ods, pro­ce­dures and ser­vices used:

  • Matomo (with­out cook­ies): Matomo is a data pro­tec­tion friendly web analy­sis soft­ware, which is used with­out cook­ies and in which the recog­ni­tion of return­ing users is car­ried out with the help of a so-​​called “dig­i­tal fin­ger­print”, which is stored anony­mously and changed every 24 hours; in the case of the “dig­i­tal fin­ger­print”, user move­ments within our online ser­vices are recorded with the help of pseu­do­nymised IP addresses in com­bi­na­tion with user-​​side browser set­tings in such a way that con­clu­sions about the iden­tity of indi­vid­ual users are not pos­si­ble. User data col­lected through the use of Matomo is processed only by us and is not shared with third par­ties; Legal Basis: Legit­i­mate Inter­ests (Arti­cle 6(1)(1)(f) GDPR).

Plu­g­ins and embed­ded func­tions and con­tent

Within our online ser­vices, we inte­grate func­tional and con­tent ele­ments that are obtained from the servers of their respec­tive providers (here­inafter referred to as “third-​​party providers”). These may, for exam­ple, be graph­ics, videos or city maps (here­inafter uni­formly referred to as “Con­tent”).

The inte­gra­tion always pre­sup­poses that the third-​​party providers of this con­tent process the IP address of the user, since they could not send the con­tent to their browser with­out the IP address. The IP address is there­fore required for the pre­sen­ta­tion of these con­tents or func­tions. We strive to use only those con­tents, whose respec­tive offer­ers use the IP address only for the dis­tri­b­u­tion of the con­tents. Third par­ties may also use so-​​called pixel tags (invis­i­ble graph­ics, also known as “web bea­cons”) for sta­tis­ti­cal or mar­ket­ing pur­poses. The “pixel tags” can be used to eval­u­ate infor­ma­tion such as vis­i­tor traf­fic on the pages of this web­site. The pseu­do­ny­mous infor­ma­tion may also be stored in cook­ies on the user’s device and may include tech­ni­cal infor­ma­tion about the browser and oper­at­ing sys­tem, refer­ring web­sites, visit times and other infor­ma­tion about the use of our web­site, as well as may be linked to such infor­ma­tion from other sources.

  • Processed data types: Usage data (e.g. web­sites vis­ited, inter­est in con­tent, access times); Meta, com­mu­ni­ca­tion and process data (e.g. IP addresses, time infor­ma­tion, iden­ti­fi­ca­tion num­bers, con­sent sta­tus).
  • Data sub­jects: Users (e.g. web­site vis­i­tors, users of online ser­vices).
  • Pur­poses of Pro­cess­ing: Pro­vi­sion of our online ser­vices and usabil­ity.

Fur­ther guid­ance on pro­cess­ing oper­a­tions, pro­ce­dures and ser­vices:

  • YouTube videos: Video con­tent; Legal basis: Con­sent (Art. 6 para. 1 lit. a DSGVO); You can revoke any con­sent you may have given in the past via the set­tings in this pri­vacy pol­icy ; Ser­vice provider: Google Ire­land Lim­ited, Gor­don House, Bar­row Street, Dublin 4, Ire­land; Web­site: https://​www​.youtube​.com; Pri­vacy Pol­icy: https://​poli​cies​.google​.com/​p​r​ivacy.