You can view Webinaris’ data protection provisions here:http://webinaris.com/datenschutzbestimmungen.html

When you register for a webinar and when you participate in a webinar that we as users organize via the Webinaris online platform, the following data is transferred from you as a so-called user to Webinaris and processed there:

• E-mail address
• First name (optional)
• Surname (optional)
• Browser and system data
• IP address
• Language
• Time zone
• All data provided by the participant in the chat
• Usage data resulting from registration for and participation in the webinar

Webinaris offers us the opportunity to publish webinars and to evaluate them statistically in order to constantly improve our offering. To do this, it is necessary for Webinaris to process the data of webinar participants/users on our behalf. The scope of the data and the data processing are regulated in the agreement on data processing, which we have concluded with Webinaris. As a user, we can view the data at Webinaris and export it to our own systems. 

The legal basis for the processing of the data is Art. 6 para. 1 sentence 1 lit. b) GDPR. Further information can be found in Webinaris’s privacy policy athttps://webinaris.com/datenschutzbestimmungen.html.

Use of Calendly

This website uses Calendly.com for the online appointment booking service. This page offers an external platform for making appointments. The appointment booking service is integrated into the source code of our website via a script. By using the appointment calendar, you automatically use the services of Calendly.com. Data is transferred there for the security and documentation of teambay. The data collected includes: name, IP address at the time of the appointment, agreed date and agreed time. This data will not be passed on to third parties and is used only for the administration and organization of appointments and for internal statistics. By using the appointment calendar, you agree that you agree to this. You can find more information about Calendly.com here. Please be sure to read it. Please note, however, that the site is only available in English:https://calendly.com/pages/privacy

We would also like to point out that requests for information and the assertion of data subject rights can be most effectively asserted with the providers. Only the providers have access to the users’ data and can take appropriate measures and provide information directly. However, if you still need help, you can contact us.

• Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing: Contact requests and communication, tracking (e.g. interest/behavioral profiling, use of cookies), remarketing, reach measurement (e.g. access statistics, recognition of returning visitors), affiliate tracking.
• Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Instagram : Social network; Service provider: Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; Website: https://www. instagram.com; Privacy Policy:http://instagram.com/about/legal/privacy.
• Facebook: Social network; Service provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; privacy policy: https://www.facebook.com/about/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active; Opt-out: Advertising settings: https://www.facebook.com/settings?tab=ads; Additional information on data protection: Agreement on joint processing of personal data on Facebook pages: https://www.facebook.com/legal/ terms/page_controller_addendum, Privacy Policy for Facebook Pages: https://www.facebook.com/legal/terms/information_about_page_insights_data.
• Flickr: Social network; Service provider: Flickr Inc., 475 Sansome St San Francisco, California 94111, USA; Website: https://www.flickr .com; Privacy Policy: https://www.flickr.com/help/privacy.
• LinkedIn: Social network; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Data protection declaration: https://www.linkedin.com/legal/privacy-policy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active; Opt-out out):https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
• Pinterest: Social network; Service provider: Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA; website:https://www.pinterest.com; privacy policy:https://about.pinterest.com/de/privacy-policy; opt-out:https://about.pinterest.com/de/privacy-policy.
• SlideShare: Platform for presentations; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Data protection declaration: https://www.linkedin.com/legal/privacy-policy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.
• TikTok: Social network; Service provider: musical.ly Inc., 10351 Santa Monica Blvd #310, Los Angeles, CA 90025 USA; Website: https://www.tiktok.com; Privacy Policy: https://www.tiktok.com/en/privacy-policy.
• Twitter: Social network; Service provider: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA; Privacy policy: https://twitter.com/de/privacy, (settings) https://twitter.com/personalization; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
• YouTube: Social network; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Privacy Policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt 000000001L5AAI&status=Active; Opt-out:https://adssettings.google.com/authenticated.
• Xing: Social network; Service provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; Website: https://www.xing.de; privacy policy:https://privacy.xing.com/de/datenschutzerklaerung.

Plugins and embedded functions and content

We integrate functional and content elements into our online offering that are obtained from the servers of their respective providers (hereinafter referred to as “third-party providers”). These may include, for example, graphics, videos or social media buttons, as well as posts (hereinafter uniformly referred to as “content”).

The integration always requires that the third-party providers of this content process the IP address of the users, as they would not be able to send the content to their browsers without the IP address. The IP address is therefore required for the display of this content or functions. We endeavor to use only content whose respective providers use the IP address solely for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user’s device and may include technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as being linked to such information from other sources.

Notes on legal basis: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is consent. Otherwise, the user data is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and user-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this data protection declaration.

• Data types processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), inventory data (e.g. names, addresses).
• Data subjects: Users (e.g. website visitors, users of online services), communication partners.
• Purposes of processing: Provision of our online offer and user-friendliness, contractual services and service, contact requests and communication, direct marketing (e.g. by e-mail or post ), tracking (e.g. interest/behavior-based profiling, use of cookies), interest-based and behavior-based marketing, profiling (creation of user profiles), security measures, administration and answering of inquiries.
• Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR), consent (Art. 6 para. 1 sentence 1 lit. a GDPR), fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR).

Services and service providers used:

• Facebook Social Plugins: Facebook Social Plugins – These may include content such as images, videos or texts and buttons that allow users to share content from this online offering within Facebook. The list and appearance of the Facebook social plugins can be viewed here:https://developers.facebook.com/docs/plugins/; Service provider:https://www.facebook.com, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; privacy policy:  https://www.facebook.com/about/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov /participant?id=a2zt0000000GnywAAC&status=Active; Opt-out: Settings for ads: https://www.facebook.com/settings?tab=ads.
• Google Fonts: We integrate the fonts (“Google Fonts”) of the provider Google, whereby the data of the users are used solely for the purpose of displaying the fonts in the user’s browser. The integration is based on our legitimate interests in a technically secure, maintenance-free and efficient use of fonts, their uniform display and taking into account possible license restrictions for their integration. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://fonts.google.com/; privacy policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&status=Active.
• Google Maps: We embed maps from the Google Maps service provided by Google. The data processed may include, in particular, IP addresses and location data of users, but these are not collected without their consent (usually given as part of the settings on their mobile devices). Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://maps.google.de; privacy policy:https://policies.google.com/privacy; Privacy Shield (guaranteeing data protection level when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW& =”noreferrer noopener”>https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• Instagram plugins and buttons: Instagram plugins and buttons – These may include content such as images, videos or texts and buttons that allow users to share content from this online offering within Instagram. Service provider:https://www.instagram.com, Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; website:https://www.instagram.com; Privacy Policy: http://instagram.com/about/legal/privacy.
• LinkedIn Plugins and Buttons: LinkedIn Plugins and Buttons – These may include content such as images, videos or texts and buttons that allow users to share content from this online offer within LinkedIn. Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; website:https://www.instagram.com; privacy policy:https://www.linkedin.com/legal/privacy-policy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active; Opt-out out):https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
• OpenStreetMap: We embed maps from the OpenStreetMap service, which are offered by the OpenStreetMap Foundation (OSMF) on the basis of the Open Data Commons Open Database License (ODbL). The user data is used by OpenStreetMap exclusively for the purpose of displaying the map functions and for caching the selected settings. This data may include, in particular, IP addresses and location data of users, which, however, are not collected without their consent (usually given as part of the settings of their mobile devices). Service provider: OpenStreetMap Foundation (OSMF); website:https://www.openstreetmap.de; privacy policy: https://wiki.openstreetmap.org/wiki/Privacy_Policy.
• Pinterest plugins and buttons: Pinterest plugins and buttons – These may include content such as images, videos or texts and buttons that allow users to share content from this online offering within Pinterest. Service provider: Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA; website:https://www.pinterest. com; Privacy Policy:https://about.pinterest.com/de/privacy-policy.
• ReCaptcha: We use the “ReCaptcha” function to detect bots, e.g. when entering data in online forms. The user’s behavior (e.g. mouse movements or queries) is evaluated to distinguish between humans and bots. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://www.google.com/recaptcha/; privacy policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• SlideShare presentations: Inclusion of SlideShare presentations; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; website:https://www.linkedin.com; privacy policy:https://www.linkedin.com/legal/privacy-policy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.
• Typekit fonts from Adobe: We embed the fonts (Typekit fonts) from Adobe, whereby the user data is used solely for the purpose of displaying the fonts in the user’s browser. The integration is based on our legitimate interests in a technically secure, maintenance-free and efficient use of fonts, their uniform display and taking into account possible license restrictions for their integration. Service provider: Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland; website: https://www.adobe.com/de; privacy policy: https://www.adobe.com/de/privacy.html; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TNo9AAG&status=Active.
• YouTube: Videos; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://www.youtube.com; privacy policy: https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• Xing Plugins and Buttons: Xing Plugins and Buttons – These may include content such as images, videos or texts and buttons that allow users to share content from this online offer within Xing. Service provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; website:https://www.xing.com; privacy policy:https://privacy.xing.com/de/datenschutzerklaerung.
• Vimeo: Video platform; Service provider: Vimeo Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA; Website: https://vimeo.com; Data protection declaration: < a href=”https://vimeo.com/privacy” target=”_blank” rel=”noreferrer noopener”>https://vimeo.com/privacy; Opt-out: We would like to point out that Vimeo may use Google Analytics and refer you to the data protection declaration (https://policies.google.com/privacy) and the opt-out options for Google Analytics (http:// tools.google.com/dlpage/gaoptout?hl=de) or Google’s settings for data use for marketing purposes (https://adssettings.google.com/).

Deletion of data

The data we process will be deleted in accordance with the legal requirements as soon as the consent to process it is revoked or other permissions lapse (e.g. if the purpose of processing this data no longer applies or it is no longer required for this purpose).

If the data is not deleted because it is required for other legally permissible purposes, its processing will be limited to these purposes. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax reasons or whose storage is necessary to assert, exercise or defend legal claims or to protect the rights of another natural or legal person.

Further information on the deletion of personal data can also be found in the individual data protection notices of this data protection declaration.

Amendment and updating of the data protection declaration

We ask you to regularly check the content of our data protection declaration. We will adapt the data protection declaration as soon as the changes to the data processing carried out by us make this necessary. We will inform you as soon as the changes require your cooperation (e.g. consent) or any other individual notification.

If we provide addresses and contact information for companies and organizations in this data protection declaration, please note that the addresses may change over time and please check the information before contacting us.

Rights of the data subjects

As a data subject, you have various rights under the GDPR, in particular under Articles 15 to 18 and 21 of the GDPR:

• Right to object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions. If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.
• Right of withdrawal: You have the right to withdraw your consent at any time.
• Right of access: You have the right to request confirmation as to whether the data in question is being processed and to request access to this data, as well as further information and a copy of the data in accordance with the legal requirements.
• Right to rectification: In accordance with the legal requirements, you have the right to request that the data concerning you be completed or that incorrect data concerning you be rectified.
• Right to erasure and restriction of processing: You have the right to request that the data concerning you be erased immediately or, alternatively, to request that the processing of the data be restricted in accordance with the statutory provisions.
• Right to data portability: You have the right to receive the data concerning you that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller, in accordance with the legal requirements.
• Complaint to supervisory authority: You also have the right, in accordance with the legal requirements, to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

Definitions

This section provides an overview of the terms used in this data protection declaration. Many of the terms are taken from the law and are defined in particular in Art. 4 GDPR. The legal definitions are binding. The following explanations are intended to help you understand them. The terms are in alphabetical order.

• A/B tests: A/B tests are used to improve the user-friendliness and performance of online offers. For example, users are shown different versions of a website or its elements, such as input forms, in which the placement of the content or the labels of the navigation elements may differ. Based on the behavior of the users, e.g. longer stays on the website or more frequent interaction with the elements, it can then be determined which of these websites or elements are more likely to meet the needs of the users.
• Affiliate tracking: As part of affiliate tracking, links that are used by linking websites to refer users to websites with product or other offers are logged. The operators of the respective linking websites may receive a commission if users follow these so-called affiliate links and then take advantage of the offers (e.g. buy goods or use services). To do this, it is necessary for the providers to be able to track whether users who are interested in certain offers subsequently take advantage of them at the instigation of the affiliate links. Therefore, for affiliate links to function properly, it is necessary for them to be supplemented with certain values that become part of the link or are stored elsewhere, e.g. in a cookie. These values include, in particular, the originating website (referrer), the time, an online identifier of the operator of the website on which the affiliate link was located, an online identifier of the respective offer, an online identifier of the user, as well as tracking-specific values, such as advertising medium ID, partner ID and categorizations.
• Conversion tracking: “Conversion tracking” is a process that can be used to determine the effectiveness of marketing measures. To do this, a cookie is usually stored on the user’s device within the websites on which the marketing measures take place and then retrieved again on the target website. For example, we can use this to see whether the ads we place on other websites were successful.
• Content Delivery Network (CDN): A “Content Delivery Network” (CDN) is a service that helps to deliver the content of an online offering, in particular large media files such as graphics or program scripts, faster and more securely using servers that are distributed regionally and connected via the Internet.
• Cross-device tracking: Cross-device tracking is a form of tracking in which users’ behavior and interest information is collected across devices in so-called profiles by assigning users an online identifier. This means that user information can usually be analyzed for marketing purposes, regardless of the browsers or devices (e.g. mobile phones or desktop computers) used. The online identifier is not linked to clear data such as names, postal addresses or e-mail addresses for most providers.
• Heatmaps: “Heatmaps” are the movements of users’ mouse cursors, which are combined to form an overall picture that can be used, for example, to identify which website elements are preferred and which website elements users prefer less.
• IP masking: IP masking is a method in which the last octet, i.e. the last two numbers of an IP address, are deleted so that the IP address can no longer be used to uniquely identify a person. IP masking is therefore a means of pseudonymizing processing procedures, especially in online marketing
• Interest-based and behavior-based marketing: Interest-based and/or behavior-based marketing is when potential interests of users in ads and other content are predicted as accurately as possible. This is done by using information about their previous behavior (e.g. visiting certain websites and spending time on them, buying behavior or interaction with other users), which is stored in a so-called profile. Cookies are usually used for these purposes.
• Click tracking: Click tracking allows us to monitor the movements of users within an entire online offering. Since the results of these tests are more accurate when the interaction of users can be tracked over a certain period of time (e.g. so that we can find out whether a user likes to return), cookies are usually stored on the users’ computers for these test purposes.
• Conversion measurement: Conversion measurement is a method for determining the effectiveness of marketing measures. To do this, a cookie is usually stored on the user’s device within the websites on which the marketing measures take place and then retrieved again on the target website. For example, this allows us to see whether the ads we place on other websites were successful.
• Personal data: “Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier number, location data, online identifier (e.g. cookie) or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
• Profiling: Profiling is any form of automated processing of personal data consisting of the use of such personal data to analyze, evaluate or predict certain personal aspects relating to a natural person (depending on the type of profiling, this may include information concerning age, gender, location data and movement data, interaction with websites and their content, purchasing behavior, social interactions with other people), to analyze, evaluate or predict them (e.g. interests in certain content or products, click behavior on a website or location). Cookies and web beacons are often used for profiling purposes.
• Reach measurement: Reach measurement (also known as web analytics) is used to evaluate the visitor traffic of an online offering and can include the behavior or interests of visitors to certain information, such as website content. With the help of reach analysis, website owners can, for example, recognize at what time visitors visit their website and what content they are interested in. This enables them, for example, to better adapt the content of the website to the needs of their visitors. For the purposes of reach analysis, pseudonymous cookies and web beacons are often used to recognize returning visitors and thus obtain more accurate analyses of the use of an online offering.
• Remarketing: The terms “remarketing” and “retargeting” are used when, for example, a user’s interest in a product on a website is noted for advertising purposes in order to remind the user of these products on other websites, e.g. in advertisements.
• Tracking: Tracking refers to the ability to track the behavior of users across multiple online services. As a rule, behavioral and interest information is stored in cookies or on the servers of the providers of the tracking technologies with regard to the online services used (so-called profiling). This information can then be used, for example, to display advertisements to users that are likely to match their interests.
• Controller: The controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
• Processing: “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The term is broad and covers virtually any handling of data, whether it be collection, evaluation, storage, transmission or deletion.
• Target group formation: Target group formation (or “custom audiences”) refers to the formation of target groups for advertising purposes, e.g. the display of advertisements. For example, based on a user’s interest in certain products or topics on the internet, it can be concluded that this user is interested in advertisements for similar products or the online shop in which he or she viewed the products. Lookalike audiences (or similar target groups) are created when the content deemed suitable is displayed to users whose profiles or interests are presumed to correspond to the users for whom the profiles were created. Cookies and web beacons are generally used to create custom audiences and lookalike audiences.

Created with free Datenschutz-Generator.de by Dr. Thomas Schwenke

---

Registration for webinars

The following information is to inform you about the registration, participation and statistical evaluation procedure as well as your rights of objection in connection with the webinars we offer. By registering for our free and paid webinars, you agree to receive e-mails, such as info mails and newsletters, as well as the described procedures.

Registration data and registration procedure:

When you register for our webinars using the double opt-in procedure, you will be informed about receiving our newsletter and the free option to revoke your consent. Registration for our webinars is completely voluntary.

To participate in one of our webinars, it is sufficient to provide your e-mail address. Optionally, we ask you to provide your first and last name for the purpose of personalizing our e-mails and for an overview of our prospective customer structure. These optional details are provided voluntarily and are not mandatory for participation in a webinar.

The registration process is logged on the basis of our legitimate interests in accordance with Art. 6 (1) (f) GDPR and serves to provide proof of consent to receive our e-mails.

In Germany, the sending of info mails and newsletters as well as the measurement of success are based on the consent of the recipients in accordance with Art. 6 para. 1 lit. a, Art. 7 GDPR in conjunction with § 7 para. 2 no. 3 UWG or on the basis of the legal permission in accordance with § 7 para. 3 UWG.

Webinar service provider:

We provide our webinars via the online platform of Webinaris GmbH, Bussardstr. 5.2, 82166 Gräfelfing, hereinafter referred to as “Webinaris”. We are a so-called “user” who has a paid Webinaris membership on the Webinaris online platform in order to be able to register and conduct webinars via this platform.

You can view Webinaris’ data protection provisions here:http://webinaris.com/datenschutzbestimmungen.html

When you register for a webinar and when you participate in a webinar that we as users organize via the Webinaris online platform, the following data is transferred from you as a so-called user to Webinaris and processed there:

• E-mail address
• First name (optional)
• Surname (optional)
• Browser and system data
• IP address
• Language
• Time zone
• All data provided by the participant in the chat
• Usage data resulting from registration for and participation in the webinar

Webinaris offers us the opportunity to publish webinars and to evaluate them statistically in order to constantly improve our offering. To do this, it is necessary for Webinaris to process the data of webinar participants/users on our behalf. The scope of the data and the data processing are regulated in the agreement on data processing, which we have concluded with Webinaris. As a user, we can view the data at Webinaris and export it to our own systems. 

The legal basis for the processing of the data is Art. 6 para. 1 sentence 1 lit. b) GDPR. Further information can be found in Webinaris’s privacy policy athttps://webinaris.com/datenschutzbestimmungen.html.

Use of Calendly

This website uses Calendly.com for the online appointment booking service. This page offers an external platform for making appointments. The appointment booking service is integrated into the source code of our website via a script. By using the appointment calendar, you automatically use the services of Calendly.com. Data is transferred there for the security and documentation of teambay. The data collected includes: name, IP address at the time of the appointment, agreed date and agreed time. This data will not be passed on to third parties and is used only for the administration and organization of appointments and for internal statistics. By using the appointment calendar, you agree that you agree to this. You can find more information about Calendly.com here. Please be sure to read it. Please note, however, that the site is only available in English:https://calendly.com/pages/privacy

Retrieval of WordPress emojis and smilies: Within our WordPress blog, graphical emojis (or smilies), i.e. small graphical files that express feelings, are used for the purpose of efficiently integrating content elements, which are obtained from external servers. The providers of the servers collect the IP addresses of the users. This is necessary so that the emoji files can be transmitted to the users’ browsers.

Akismet anti-spam check: We use the “Akismet” service on the basis of our legitimate interests. Akismet is used to distinguish comments from real people from spam comments. To do this, all comment information is sent to a server in the USA, where it is analyzed and stored for four days for comparison purposes. If a comment is classified as spam, the data is stored beyond this time. This information includes the name entered, the e-mail address, the IP address, the comment content, the referrer, information on the browser used and the computer system, and the time of the entry.

Users are welcome to use pseudonyms or to refrain from entering their name or e-mail address. They can completely prevent the transfer of data by not using our comment system. That would be a shame, but unfortunately we see no alternatives that work equally effectively.

Gravatar profile pictures: We use the Gravatar service within our online offering and in particular in the blog.

Gravatar is a service that allows users to register and store profile pictures and their e-mail addresses. When users leave posts or comments on other online presences (especially blogs) with the respective e-mail address, their profile pictures can be displayed next to the posts or comments. To do this, the e-mail address provided by the users is encrypted and transmitted to Gravatar to check whether a profile is stored for it. This is the only purpose of the e-mail address. It will not be used for any other purpose and will be deleted afterwards.

We use Gravatar on the basis of our legitimate interests, as we use Gravatar to offer the authors of posts and comments the option of personalizing their posts with a profile picture.

By displaying the images, Gravatar learns the IP address of the user, as this is necessary for communication between a browser and an online service.

If users do not want a user image associated with their e-mail address to appear in the comments, they should use an e-mail address that is not stored with Gravatar to comment. We would also like to point out that it is also possible to use an anonymous or no e-mail address at all if users do not want their own e-mail address to be sent to Gravatar. Users can completely prevent the transfer of data by not using our comment system.

• Types of data processed: Inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), contract data (e.g. subject matter of the contract, term, customer category).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing: Contractual services and support, feedback (e.g. collecting feedback via online forms), security measures, administration and answering of enquiries, contact requests and communication, provision of our online services and user-friendliness.
• Legal basis: Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR), consent (Art. 6 para. 1 sentence 1 lit. a GDPR), protection of vital interests (Art. 6 para. 1 sentence 1 lit. d. GDPR).

Services and service providers used:

• Retrieval of WordPress emojis and smilies: Retrieval of WordPress emojis and smilies; Service provider: Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA; Website: https://automattic.com; Privacy Policy:https://automattic.com/privacy.
• Akismet Anti-Spam-Check: Akismet Anti-Spam-Check; Service provider: Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA; Website: https://automattic.com; Privacy Policy: https://automattic.com/privacy.
• Gravatar profile pictures: Profile pictures; Service provider: Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA; Website: https://automattic.com; Privacy Policy: https://automattic.com/privacy.
• UpdraftPlus: Backup software and storage; Service provider: Simba Hosting Ltd., 11, Barringer Way, St. Neots, Cambs., PE19 1LW, GB; website:https://updraftplus.com/.

Contact

When you contact us (e.g. via the contact form, e-mail, telephone or social media), the information provided by the person making the request will be processed to the extent necessary to answer the contact requests and any requested measures.

The response to contact requests in the context of contractual or pre-contractual relationships is made in order to fulfill our contractual obligations or to respond to (pre)contractual requests and, in addition, on the basis of the legitimate interests in responding to the requests.

• Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Communication partners.
• Purposes of processing: Contact requests and communication.
• Legal basis: Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Communication via Messenger

We use messenger services for communication purposes and therefore ask you to note the following information on the functionality of the messengers, encryption, the use of metadata in communication and your options for objecting to this

You can also contact us by other means, e.g. by telephone or e-mail. Please use the contact options provided to you or the contact options provided within our online offering.

In the case of end-to-end encryption of content (i.e. the content of your message and attachments), we would like to point out that the communication content (i.e. the content of the message and attached images) is encrypted from end to end. This means that the content of the messages cannot be viewed, not even by the messenger providers themselves. You should always use the latest version of the messenger with encryption enabled to ensure that the message content is encrypted.

However, we would also like to point out to our communication partners that although the providers of the messengers do not view the content, they can find out that and when communication partners communicate with us, as well as technical information about the communication partner’s device and, depending on the settings of their device, location information (so-called metadata) is processed.

Notes on legal basis: If we ask communication partners for permission before communicating with them via Messenger, the legal basis for our processing of their data is their consent. In other respects, if we do not ask for consent and you contact us, for example, on your own initiative, we use Messenger as a contractual measure in relation to our contractual partners and in the context of initiating contracts, and in the case of other interested parties and communication partners on the basis of our legitimate interests in fast and efficient communication and fulfilling the needs of our communication partners in communicating via Messengers. Furthermore, we would like to point out that we will not transmit the contact data provided to us to the messengers for the first time without your consent.

Revocation, objection and deletion: You can revoke your consent at any time and object to communication with us via messenger at any time. In the case of communication via Messenger, we delete the messages in accordance with our general deletion guidelines (i.e. e.g. as described above, after the end of contractual relationships, in the context of archiving requirements, etc.) and otherwise as soon as we can assume that we have answered any information from the communication partner, if no reference to a previous conversation is to be expected and the deletion does not conflict with any legal retention obligations.

Reservation of the right to refer to other communication channels: Finally, we would like to point out that, for reasons of your security, we reserve the right not to answer questions via Messenger. This is the case, for example, if contractual information requires special confidentiality or an answer via Messenger does not meet the formal requirements. In such cases, we refer you to more appropriate communication channels.

Skype: Skype’s end-to-end encryption requires it to be activated (unless it is activated by default).

• Types of data processed: Contact details (e.g. e-mail, telephone numbers), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), content data (e.g. text entries, photographs, videos).
• Data subjects: Communication partners.
• Purposes of processing: Contact requests and communication, direct marketing (e.g. by e-mail or post).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Facebook Messenger: Facebook Messenger with end-to-end encryption (end-to-end encryption of Facebook Messenger requires activation if it is not activated by default); service provider:& nbsp;https://www.facebook.com, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; privacy policy: https://www.facebook.com/about/privacy; Privacy Shield (guaranteeing a certain level of data protection when processing data in the USA): https://www.privac yshield.gov/participant?id=a2zt0000000GnywAAC&status=Active; Opt-out:https://www.facebook.com/settings?tab=ads.
• Skype: Skype Messenger with end-to-end encryption; Service provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA; website: https://www.skype.com/de/; privacy policy:&nbsp ;https://privacy.microsoft.com/de-de/privacystatement, security information: https://www.microsoft.com/de-de/trustcenter; Privacy Shield (guaranteeing a level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active.
• Snapchat: Snapchat Messenger with end-to-end encryption; Service provider: Snap Inc, 63 Market Street Venice, CA 90291 USA; Website: https://www.snapchat.com/l/de-de/; Privacy Policy: https://www.snap.com/de-DE/privacy/privacy-policy/; Privacy Shield (guaranteeing a level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TNPxAAO&status=Active.
• WhatsApp: WhatsApp Messenger with end-to-end encryption; Service provider: WhatsApp Inc. WhatsApp Legal 1601 Willow Road Menlo Park, California 94025, USA; Website: https://www.whatsapp.com/; Privacy Policy: https://www.whatsapp.com/legal; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TSnwAAG&status=Active.

Chatbots and chat functions

We offer a so-called “chatbot” as a means of communication. A chatbot is software that answers users’ questions or informs them about messages. If you chat with our chatbot, we can process your personal data.

If you communicate with the chatbot within an online platform, your identification number will also be stored within the respective platform. We may also collect information about which users interact with our chatbot and when. Furthermore, we store the content of your conversations with the chatbot and log registration and consent processes in order to be able to prove them in accordance with legal requirements.

We would like to point out that the respective platform provider can find out that and when users communicate with our chatbot, as well as technical information about the user’s device and, depending on the settings of their device, location information (so-called metadata) for the purpose of optimizing the respective services and for security purposes. The metadata of the communication via chatbot (i.e. e.g. the information of who communicated with whom) could also be used by the respective platform providers in accordance with their provisions, to which we refer for further information, for marketing purposes or to display customized advertising to users.

If users agree to the chatbot to activate information with regular messages, they have the option to unsubscribe from the information at any time. The chatbot will inform users how and with which terms they can unsubscribe from the messages. When unsubscribing from the chatbot messages, user data will be deleted from the directory of message recipients.

We use the above information to operate our chatbot, e.g. to address users personally, to answer their questions to the chatbot, to transmit any requested content and also to improve our chatbot (e.g. to “teach” it answers to frequently asked questions or to recognize unanswered questions).

Notes on legal basis: We use the chatbot on the basis of consent if we have previously obtained the user’s permission to process their data through the chatbot (this applies to cases in which users are asked for consent, e.g. so that the chatbot can send them regular messages). If we use the chatbot to answer user queries about our services or our company, this is for contractual and pre-contractual communication. Otherwise, we use the chatbot on the basis of our legitimate interests in optimizing the chatbot, its operational efficiency and increasing the positive user experience.

Revocation, objection and deletion: You can revoke your consent at any time or object to the processing of your data in the context of our chatbot use.

• Types of data processed: Contact details (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Communication partners, users (e.g. website visitors, users of online services).
• Purposes of processing: Contact requests and communication, direct marketing (e.g. by e-mail or post), reach measurement (e.g. access statistics, recognition of returning visitors ), tracking (e.g. interest/behavioral profiling, use of cookies), remarketing, visit action evaluation, profiling (creation of user profiles), conversion measurement (measurement of the effectiveness of marketing measures).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Surveys and questionnaires

The surveys and questionnaires we conduct (hereinafter referred to as “surveys”) are evaluated anonymously. Personal data is only processed to the extent necessary to provide and technically implement the surveys (e.g. processing the IP address to display the survey in the user’s browser or to enable the survey to be resumed using a temporary cookie (session cookie)) or if users have consented to this.

Notes on legal basis: If we ask participants for their consent to the processing of their data, this is the legal basis for the processing; otherwise, the processing of participants’ data is based on our legitimate interest in conducting an objective survey.

• Types of data processed: Contact details (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Communication partners, users (e.g. website visitors, users of online services).
• Purposes of processing: Contact requests and communication, direct marketing (e.g. by e-mail or post), tracking (e.g. interest/behavioral profiling, use of cookies), feedback (e.g. collecting feedback via online form).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Google Form: Google Cloud Forms; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://firebase.google.com; privacy policy: https://policies.google.com/privacy; Privacy Shield (guaranteeing a certain level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.

Provision of the online offer and web hosting

In order to provide our online offering securely and efficiently, we use the services of one or more web hosting providers, from whose servers (or servers managed by them) the online offering can be accessed. For these purposes, we may use infrastructure and platform services, computing capacity, storage space and database services, as well as security and technical maintenance services.

The data processed in the context of providing the hosting service may include all information concerning the users of our online service that is generated in the course of its use and communication. This regularly includes the IP address, which is necessary to deliver the content of online services to browsers, and all entries made within our online service or on websites.

E-mail sending and hosting: The web hosting services we use also include sending, receiving and storing e-mails. For these purposes, the addresses of the recipients and senders as well as other information regarding the e-mail sending (e.g. the providers involved) and the contents of the respective e-mails are processed. The aforementioned data may also be processed for the purpose of detecting spam. Please note that e-mails are not encrypted when sent over the internet. While e-mails are usually encrypted during transmission, they are not encrypted on the servers from which they are sent and received (unless an end-to-end encryption method is used). We therefore cannot accept any responsibility for the transmission of e-mails between the sender and the recipient on our server.

Collection of access data and log files: We ourselves (or our web hosting provider) collect data on every access to the server (so-called server log files). The server log files may include the address and name of the websites and files accessed, the date and time of access, the amount of data transferred, a notification of successful retrieval, the browser type and version, the user’s operating system, the referrer URL (the previously visited page) and, as a rule, the IP addresses and the requesting provider.

The server log files can be used for security purposes, for example to prevent server overload (especially in the event of abusive attacks, so-called DDoS attacks), and to ensure that the servers are utilized and stable.

Content delivery network: We use a content delivery network (CDN). A CDN is a service that helps to deliver the content of an online offering, in particular large media files such as graphics or program scripts, faster and more securely using servers that are distributed regionally and connected via the internet.

• Types of data processed: Content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing: Content Delivery Network (CDN).
• Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• All-inkl.com: When you visit this website, personal data is processed. Data categories processed: technical connection data of the server access (IP address, date, time, requested page, browser information). Purpose of processing: monitoring of technical function and to increase the operational reliability of our web server, delivery and provision of the website and anonymization and creation of statistics. The legal basis for processing: a legitimate interest that outweighs the rights and freedoms of the data subjects (Art. 6 (1) f GDPR). Legitimate interests in this context: strong economic interest in the secure and functional operation of technical systems. Data is transferred: to the processor ALL-INKL.COM – Neue Medien Münnich, René Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany.
  https://all-inkl.com/datenschutzinformationen/

Cloud services

We use software services that are accessible via the internet and run on the servers of their providers (so-called “cloud services”, also referred to as “software as a service”) for the following purposes: document storage and management, calendar management , sending e-mails, spreadsheets and presentations, exchanging documents, content and information with specific recipients or publishing websites, forms or other content and information, as well as chats and participation in audio and video conferences.

In this context, personal data may be processed and stored on the providers’ servers, provided that this data is part of communication processes with us or is otherwise processed by us, as set out in this data protection declaration. This data may include, in particular, master data and contact data of users, data on processes, contracts, other processes and their contents. The providers of cloud services also process usage data and metadata, which they use for security purposes and to optimize their services.

If we use cloud services to provide forms or other documents and content to other users or publicly accessible websites, the providers may store cookies on the users’ devices for the purposes of web analysis or to remember the users’ settings (e.g. in the case of media control).

Notes on legal basis: If we ask for consent to use cloud services, the legal basis for processing is consent. Furthermore, their use may be part of our (pre)contractual services, provided that the use of cloud services has been agreed in this context. Otherwise, the user data is processed on the basis of our legitimate interests (i.e. interest in efficient and secure administrative and collaboration processes)

• Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Customers, employees (e.g. employees, applicants, former employees), interested parties, communication partners.
• Purposes of processing: Office and organizational procedures.
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Google Cloud Services: Cloud storage services; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://cloud.google.com/; privacy policy: https://www.google.com/policies/privacy, security information: https://cloud.google.com/security/privacy; Privacy Shield (guaranteeing data protection level when processing data in the USA):https://www.privacyshield.gov/ participant?id=a2zt0000000000001L5AAI&status=Active; Standard contractual clauses (ensuring a level of data protection when processing in a third country): https://cloud.google.com/terms/data-processing-terms; Additional information on data protection:https://cloud.google.com/terms/data-processing-terms.
• Microsoft Cloud Services: Cloud storage services; Service provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA; website: http://microsoft.com/de-de; privacy statement: < a href=”https://privacy.microsoft.com/de-de/privacystatement” target=”_blank” rel=”noreferrer noopener”>https://privacy.microsoft.com/de-de/privacystatement, Security Notice: https://www.microsoft.com/de-de/trustcenter; Privacy Shield (guaranteeing a level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active.

Newsletter and broad communication

We only send newsletters, e-mails and other electronic notifications (hereinafter referred to as “newsletters”) with the consent of the recipients or with legal permission. If the contents of a newsletter are specifically described when registering for it, they are decisive for the user’s consent. In addition, our newsletters contain information about our services and us.

To subscribe to our newsletters, it is generally sufficient to provide your e-mail address. However, we may ask you to provide a name so that we can address you personally in the newsletter, or other information if this is necessary for the purposes of the newsletter.

Double opt-in procedure: You will receive an e-mail asking you to confirm your registration. This confirmation is necessary to prevent anyone from registering with someone else’s e-mail address. The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with legal requirements. This includes storing the registration and confirmation times as well as the IP address. The changes to your data stored by the shipping service provider are also logged.

Deletion and restriction of processing: We may store the e-mail addresses of those who have unsubscribed for up to three years on the basis of our legitimate interests before we delete them in order to be able to prove that consent was given. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time. In the event of obligations to permanently observe objections, we reserve the right to store the e-mail address for this purpose alone in a blacklist.

The registration process is logged on the basis of our legitimate interests in order to verify that it has been carried out correctly. If we commission a service provider to send e-mails, this is done on the basis of our legitimate interests in an efficient and secure delivery system.

Notes on legal basis: The newsletter is sent on the basis of the recipient’s consent or, if consent is not required, on the basis of our legitimate interests in direct marketing, provided and to the extent that this is permitted by law, e.g. in the case of customer acquisition. If we commission a service provider to send e-mails, this is done on the basis of our legitimate interests. The registration process is recorded on the basis of our legitimate interests in order to prove that it was carried out in accordance with the law.

Contents: Information about us, our services, promotions and offers.

Performance measurement: The newsletters contain a so-called “web beacon”, i.e. a pixel-sized file that is retrieved from our server when the newsletter is opened, or from the server of the service provider we use if we use a service provider. This retrieval process initially collects technical information such as information about the browser and your system, as well as your IP address and the time of retrieval.

This information is used to technically improve our newsletter based on the technical data or the target groups and their reading behavior based on their locations (which can be determined using the IP address) or the access times. This analysis also includes determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our intention nor that of the mailing service provider, if used, to monitor individual users. Rather, the evaluations serve to identify the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

The evaluation of the newsletter and the measurement of success are carried out, subject to the user’s express consent, on the basis of our legitimate interests for the purpose of using a user-friendly and secure newsletter system that serves both our business interests and the expectations of our users.

Unfortunately, it is not possible to revoke the success measurement separately. In this case, the entire newsletter subscription must be canceled or objected to.

• Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), meta/communication data (e.g. device information, IP addresses), usage data (e.g. websites visited, interest in content, access times).
• Data subjects: Communication partners.
• Purposes of processing: Direct marketing (e.g. by e-mail or post), contact requests and communication.
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).
• Opt-out: You can cancel your subscription to our newsletter at any time, i.e. revoke your consent or object to further receipt. You will find a link to cancel the newsletter either at the end of each newsletter or you can use one of the contact options given above, preferably by e-mail, for this purpose.

Services used and service providers:

Brevo

This website uses Brevo to send newsletters. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.
Brevo is a service that can be used to organize and analyze the sending of newsletters, among other things. The data you enter to receive the newsletter is stored on the servers of Sendinblue GmbH in Germany.

Data analysis by Brevo

With the help of Brevo, we are able to analyze our newsletter campaigns. This allows us to see, for example, whether a newsletter message has been opened and which links, if any, have been clicked on. In this way, we can determine, among other things, which links have been clicked on particularly often.
We can also see whether certain predefined actions have been carried out after opening/clicking on the message (conversion rate). For example, we can see whether you made a purchase after clicking on the newsletter.
Brevo also allows us to divide the newsletter recipients into different categories (“clusters”). This means that the newsletter recipients can be divided according to age, gender or place of residence, for example. In this way, the newsletters can be better adapted to the respective target groups.
If you do not want Brevo to analyze your data, you must unsubscribe from the newsletter. We provide a link to do this in every newsletter message.
For detailed information on the functions of Brevo, please refer to the following link: https://www.brevo.com/de/newsletter-software/.

Legal basis

The data processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.

Storage period

The data you provide to us for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter or the newsletter service provider and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored by us for other purposes remains unaffected by this.
After you have unsubscribed from the newsletter distribution list, your e-mail address will be stored by us or the newsletter service provider in a blacklist if necessary, provided that this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interests and our interest in complying with the legal requirements for sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). There is no time limit on storage in the blacklist. You can object to the storage if your interests outweigh our legitimate interest.
For more information, please refer to Brevo’s data protection regulations at: https://www.brevo.com/de /datenschutz-uebersicht/ andhttps://www.brevo.com/de/legal/privacypolicy/.

Advertising communication by post, fax or telephone

We process personal data for the purposes of advertising communication, which can take place via various channels, such as e-mail, telephone, post or fax. In this context, we observe the legal requirements and obtain the necessary consents, unless the communication is not legally permitted.

The recipients have the right to revoke their consent at any time or to object to the promotional communication at any time.

After revocation or objection, we may store the data required to prove consent for up to three years on the basis of our legitimate interests before deleting it. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time.

• Types of data processed: Inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers).
• Data subjects: Communication partners.
• Purposes of processing: Direct marketing (e.g. by e-mail or post).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Web analysis and optimization

Web analytics (also known as “reach measurement”) is used to evaluate the flow of visitors to our online offering and can include behavior, interests or demographic information about visitors, such as age or gender, as pseudonymous values. With the help of reach analysis, we can, for example, recognize at what time our online offering or its functions or content are most frequently used or invite reuse. We can also see which areas need optimization.

In addition to web analytics, we can also use test procedures to test and optimize different versions of our online offering or its components, for example.

For these purposes, so-called user profiles can be created and stored in a file (so-called “cookies”) or similar procedures with the same purpose can be used. This information may include, for example, viewed content, visited websites and elements used there, as well as technical information such as the browser and computer system used, and information on usage times. If users have consented to the collection of their location data, this data may also be processed, depending on the provider.

The IP addresses of users are also stored. However, we use an IP masking procedure (i.e. pseudonymization by shortening the IP address) to protect users. In general, no clear data of the users (such as e-mail addresses or names) are stored in the context of web analysis, A/B testing and optimization, but pseudonyms. This means that we and the providers of the software used do not know the actual identity of the users, but only the information stored in their profiles for the purposes of the respective procedures.

Notes on legal basis: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is consent. Otherwise, the data of users is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this data protection declaration.

• Data types processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing: Range measurement (e.g. access statistics, recognition of returning visitors), tracking (e.g. interest/behavior-related profiling, use of cookies), visit action evaluation, profiling (creation of user profiles), interest-based and behavior-based marketing, click tracking, A/B tests, heat maps (user mouse movements that are combined into an overall picture.).
• Security measures: IP masking (pseudonymization of the IP address).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Google Optimize: Use of Google Analytics data to improve areas of our online offering and to better align our marketing activities with the potential interests of users; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://optimize.google.com; privacy policy: https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• Yandex-Metrica: Analysis, click-tracking and website optimization; Service provider: Yandex Oy, Moreenikatu 6, 04600 Mantsala, Finland; website:https://yandex.com; privacy policy:https://yandex.com/legal/privacy/; Standard contractual clauses (ensuring a level of data protection when processing in a third country): agreed between Yandex Oy and YANDEX LLC, 16 Lva Tolstogo st., Moscow, 11 902 1, Russia, which is commissioned to process the data.
• Microsoft Clarity: This website uses the “Microsoft Clarity” service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA (hereinafter “Microsoft”) to collect and store various user information for statistical analysis of user behavior and for optimization and marketing purposes. This information, which is always anonymous, includes the time zone setting, operating system and platform, the geographical origin of the page view, the origin of the referral to our site, the duration of visits to certain pages, and information about website interaction (e.g. scrolling, clicks and mouse-overs). Pseudonymized user profiles can be created and evaluated from this data for the same purpose. Cookies are used for collection and analysis. Cookies are small text files that are stored locally in the cache of the visitor’s Internet browser. Among other things, cookies enable the Internet browser to be recognized. The data collected using Microsoft technologies will not be used to personally identify visitors to this website without the express consent of the person concerned and will not be merged with personal data about the bearer of the pseudonym. Collected information may be transmitted to Microsoft servers in the USA and stored there. We have concluded a data processing agreement with Microsoft, obliging Microsoft to protect the data of our customers and not to pass it on to third parties.All the processing described above, in particular the setting of cookies for reading information on the end device used, will only be carried out if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR. Without this consent, Microsoft Clarity will not be used during your visit to the site.
  You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the “Cookie Consent Tool” provided on the website.For more information about Microsoft Clarity’s privacy policy, please visit https://clarity.microsoft.com/terms

Online marketing

We process personal data for the purposes of online marketing, which may include, in particular, the marketing of advertising space or the presentation of advertising and other content (collectively referred to as “content”) based on the potential interests of users and the measurement of their effectiveness.

For these purposes, so-called user profiles are created and stored in a file (so-called “cookie”) or similar procedures are used to store the information relevant to the user for the display of the aforementioned content. This information may include, for example, viewed content, visited websites, used online networks, but also communication partners and technical information, such as the browser used, the computer system used and information on usage times. If users have consented to the collection of their location data, this data may also be processed.

The IP addresses of users are also stored. However, we use available IP masking procedures (i.e. pseudonymization by shortening the IP address) to protect users. In general, no clear data of the users (such as e-mail addresses or names) are stored as part of the online marketing process, but pseudonyms. This means that we and the providers of the online marketing process do not know the actual identity of the users, but only the information stored in their profiles.

The information in the profiles is usually stored in cookies or by means of similar processes. These cookies can generally also be read on other websites that use the same online marketing process, analyzed for the purpose of displaying content, supplemented with additional data and stored on the server of the online marketing process provider.

In exceptional cases, clear data can be assigned to the profiles. This is the case if, for example, the users are members of a social network whose online marketing methods we use and the network links the users’ profiles to the aforementioned information. Please note that users may enter into additional agreements with the providers, e.g. by giving their consent during registration.

We only receive access to summarized information about the success of our advertisements. However, we can use so-called conversion measurements to check which of our online marketing methods have led to a so-called conversion, i.e. to a contract with us. The conversion measurement is used solely to analyze the success of our marketing measures.

Unless otherwise stated, we ask you to assume that cookies used will be stored for a period of two years.

Notes on legal basis: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is consent. Otherwise, the data of users is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this data protection declaration.

Target group formation with Google Analytics: We use Google Analytics to display the ads placed within Google’s advertising services and those of its partners only to users who have also shown an interest in our online or who have certain characteristics (e.g. an interest in certain topics or products determined on the basis of the websites visited) that we transmit to Google (so-called “remarketing” or “Google Analytics audiences”). With the help of remarketing audiences, we also want to ensure that our ads correspond to the potential interest of users

Facebook pixel: With the help of the Facebook pixel, Facebook is able to identify visitors to our online offering as a target group for the display of ads (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to display the Facebook ads we place only to those users on Facebook and within the services of partners cooperating with Facebook (so-called “Audience Network”https://www.facebook.com/audiencenetwork/ ), who have also shown an interest in our online offering or who have certain characteristics (e.g. an interest in certain topics or products that can be seen from the websites visited) that we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we also want to ensure that our Facebook ads match the potential interest of users and do not have a disruptive effect. With the help of the Facebook pixel, we can also track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion measurement”).

• Types of data processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), location data (data that indicate the location of the end user’s terminal device), social data (data that is subject to social secrecy (Section 35 of the German Social Code I) and is processed by social insurance carriers, social welfare organizations or pension authorities, for example.).
• Data subjects: Users (e.g. website visitors, users of online services), interested parties, customers, employees (e.g. employees, applicants, former employees), communication partners.
• Purposes of processing: Tracking (e.g. interest/behavioral profiling, use of cookies), remarketing, visit action evaluation, interest-based and behavioral marketing, profiling (creation of user profiles), conversion measurement (measuring the effectiveness of marketing measures), reach measurement (e.g. access statistics, recognition of returning visitors), target group formation (determination of target groups relevant for marketing purposes or other output of content), cross-device tracking (cross-device processing of user data for marketing purposes).
• Security measures: IP masking (pseudonymization of the IP address).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).
• Opt-out: We refer to the data protection information of the respective providers and the opt-out options provided by the providers. If no explicit opt-out option has been provided, you can disable cookies in your browser settings. However, this may restrict the functionality of our online offering. We therefore also recommend the following opt-out options, which are offered in summary for the respective areas: a) Europe:https://www. youronlinechoices.eu. b) Canada: https://www.youradchoices.ca/choices. c) USA:https://www.aboutads.info/choices. d) Cross-regional:http://optout.aboutads.info.

Services and service providers used:

• Google Tag Manager: Google Tag Manager is a solution that allows us to manage so-called website tags via a user interface (and thus, for example, to integrate Google Analytics and other Google marketing services into our online offering). The Tag Manager itself (which implements the tags) does not process any personal data of users. With regard to the processing of personal data of users, please refer to the following information on Google services. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://marketingplatform.google.com; privacy policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
• Google Analytics: Online marketing and web analysis; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://marketingplatform.google.com/intl/de/about/analytics/; privacy policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active; Opt-out: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• Google Ads and conversion measurement: We use the online marketing method “Google Ads” to place ads in the Google advertising network (e.g., in search results, in videos, on websites, etc.) so that they are displayed to users who are presumed to be interested in the ads. We also measure the conversion of the ads. However, we only learn the anonymous total number of users who clicked on our ad and were redirected to a page with a so-called “conversion tracking tag”. However, we ourselves do not receive any information that can be used to identify users. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://marketingplatform.google.com; Privacy Policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
• Google Ad Manager: We use the “Google Marketing Platform” (and services such as “Google Ad Manager”) to place ads in the Google advertising network (e.g., in search results, in videos, on websites, etc.). The Google Marketing Platform is characterized by the fact that ads are displayed in real time based on the presumed interests of users. This allows us to display ads for and within our online offering in a more targeted manner, so that we only present users with ads that potentially match their interests. If, for example, a user is shown ads for products that they have shown an interest in on other online offerings, this is referred to as “remarketing”. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://marketingplatform.google.com; Privacy Policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
• Google Adsense with personalized ads: We use the Google Adsense with personalized ads service, which helps us to display ads within our online offering and to receive remuneration for their display or other use. ; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://marketingplatform.google.com; Privacy Policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
• Google Adsense with non-personalized ads: We use the Google Adsense service with non-personalized ads, which helps us to display ads within our online offering and to receive remuneration for their display or other use. ; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://marketingplatform.google.com; Privacy Policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
• Facebook Pixel: Facebook Pixel; Service provider: https://www.facebook.com, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; privacy policy: https://www.facebook.com/about/privacy; Privacy Shield (guaranteeing a certain level of data protection when processing data in the USA): https://www.privac yshield.gov/participant?id=a2zt0000000GnywAAC&status=Active; Opt-out:https://www.facebook.com/settings?tab=ads.
• Linkedin Insight Tag: When you visit this website, personal data is processed. Data categories processed: data on the use of the website and the logging of clicks on individual elements. Purpose of processing: Analysis of user behavior, analysis of the effectiveness of online marketing measures and selection of online advertising on other platforms that are automatically selected using real-time bidding based on user behavior. The legal basis for the processing: Your consent in accordance with Art. 6 (1) a GDPR. Data is transferred: to the independent controller LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. The legal basis for the transfer of data to LinkedIn Ireland Unlimited Company is your consent in accordance with Art. 6 (1) a GDPR. This may also involve the transfer of personal data to a country outside the European Union. The transfer of data to the USA is based on Art. 45 GDPR in conjunction with the adequacy decision C(2023) 4745 of the European Commission, as the data recipient has committed to comply with the principles of data processing of the Data Privacy Framework (DPF).Information on LinkedIn Ireland Unlimited Company’s DPF membership

Affiliate programs and affiliate links

We integrate so-called affiliate links or other references (which may include discount codes, for example) to the offers and services of third-party providers into our online offering (collectively referred to as “affiliate links”). If users follow the affiliate links or subsequently take advantage of the offers, we may receive a commission or other benefits from these third-party providers (collectively referred to as “commission”).

In order to be able to track whether users have taken advantage of the offers of an affiliate link we have used, it is necessary for the respective third-party providers to know that the users have followed an affiliate link used within our online offer. The assignment of the affiliate links to the respective business transactions or other actions (e.g. purchases) serves the sole purpose of calculating commissions and is deleted as soon as it is no longer required for this purpose.

For the purposes of the aforementioned assignment of affiliate links, the affiliate links can be supplemented with certain values that are part of the link or can be stored elsewhere, e.g. in a cookie. The values may include, in particular, the originating website (referrer), the time, an online identifier of the operator of the website on which the affiliate link was located, an online identifier of the respective offer, the type of link used, the type of offer and an online identifier of the user.

Notes on legal basis: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is consent. Furthermore, their use may be part of our (pre)contractual services, provided that the use of third-party providers has been agreed in this context. Otherwise, the user’s data is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this data protection declaration.

• Types of data processed: Contract data (e.g. subject matter of the contract, term, customer category), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing: Affiliate tracking.
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Amazon Partner Program: Amazon – Partner Program – Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or one of its affiliates. Service provider: Amazon Europe Core S.à.r.l., Amazon EU S.à.r.l, Amazon Services Europe S.à.r.l. and Amazon Media EU S.à.r.l., all four based in 38, avenue John F. Kennedy, L-1855 Luxembourg, and Amazon Instant Video Germany GmbH, Domagkstr. 28, 80807 Munich (together “Amazon Europe”), parent company: Amazon.com, Inc., 2021 Seventh Ave, Seattle, Washington 98121, USA.; Website:https://www.amazon.de; Privacy Policy:https://www.amazon.de/gp/help/customer/display.html?nodeId=201909010; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TOWQAA4&status=Active.
• AWIN Partner Program (formerly Zanox and Affilinet): Service provider: , AWIN AG, Eichhornstr. 3, 10785 Berlin, Germany; Website: https://www.awin.com/de; Data protection explanation:https://www.awin.com/de/rechtliches/privacy-policy-DACH.
• Digistore24 Partner Program: Service provider: Digistore24 GmbH, St.-Godehard-Straße 32, 31139 Hildesheim, Germany; Website: https://www.digistore 24.com; Privacy Policy:https://www.digistore24.com/page/privacy.

Presence in social networks

We maintain online presences within social networks in order to communicate with users who are active there or to provide information about us there.

We would like to point out that user data may be processed outside the European Union. This may result in risks for users, for example because it could make it more difficult to enforce their rights. With regard to US providers that are certified under the Privacy Shield or offer comparable guarantees of a secure level of data protection, we would like to point out that they are obliged to comply with EU data protection standards.

Furthermore, the data of users within social networks is usually processed for market research and advertising purposes. For example, user profiles can be created based on the user’s usage behavior and the resulting interests. The user profiles can in turn be used, for example, to place advertisements within and outside the networks that are presumed to correspond to the interests of the users. For these purposes, cookies are usually stored on the users’ computers, in which the usage behavior and interests of the users are stored. Furthermore, data can also be stored in the user profiles independently of the devices used by the users (in particular if the users are members of the respective platforms and are logged in to them).

For a detailed description of the respective processing forms and the possibilities of objection (opt-out), we refer to the data protection declarations and information of the operators of the respective networks.

We would also like to point out that requests for information and the assertion of data subject rights can be most effectively asserted with the providers. Only the providers have access to the users’ data and can take appropriate measures and provide information directly. However, if you still need help, you can contact us.

• Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing: Contact requests and communication, tracking (e.g. interest/behavioral profiling, use of cookies), remarketing, reach measurement (e.g. access statistics, recognition of returning visitors), affiliate tracking.
• Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Instagram : Social network; Service provider: Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; Website: https://www. instagram.com; Privacy Policy:http://instagram.com/about/legal/privacy.
• Facebook: Social network; Service provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; privacy policy: https://www.facebook.com/about/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active; Opt-out: Advertising settings: https://www.facebook.com/settings?tab=ads; Additional information on data protection: Agreement on joint processing of personal data on Facebook pages: https://www.facebook.com/legal/ terms/page_controller_addendum, Privacy Policy for Facebook Pages: https://www.facebook.com/legal/terms/information_about_page_insights_data.
• Flickr: Social network; Service provider: Flickr Inc., 475 Sansome St San Francisco, California 94111, USA; Website: https://www.flickr .com; Privacy Policy: https://www.flickr.com/help/privacy.
• LinkedIn: Social network; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Data protection declaration: https://www.linkedin.com/legal/privacy-policy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active; Opt-out out):https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
• Pinterest: Social network; Service provider: Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA; website:https://www.pinterest.com; privacy policy:https://about.pinterest.com/de/privacy-policy; opt-out:https://about.pinterest.com/de/privacy-policy.
• SlideShare: Platform for presentations; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Data protection declaration: https://www.linkedin.com/legal/privacy-policy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.
• TikTok: Social network; Service provider: musical.ly Inc., 10351 Santa Monica Blvd #310, Los Angeles, CA 90025 USA; Website: https://www.tiktok.com; Privacy Policy: https://www.tiktok.com/en/privacy-policy.
• Twitter: Social network; Service provider: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA; Privacy policy: https://twitter.com/de/privacy, (settings) https://twitter.com/personalization; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
• YouTube: Social network; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Privacy Policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt 000000001L5AAI&status=Active; Opt-out:https://adssettings.google.com/authenticated.
• Xing: Social network; Service provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; Website: https://www.xing.de; privacy policy:https://privacy.xing.com/de/datenschutzerklaerung.

Plugins and embedded functions and content

We integrate functional and content elements into our online offering that are obtained from the servers of their respective providers (hereinafter referred to as “third-party providers”). These may include, for example, graphics, videos or social media buttons, as well as posts (hereinafter uniformly referred to as “content”).

The integration always requires that the third-party providers of this content process the IP address of the users, as they would not be able to send the content to their browsers without the IP address. The IP address is therefore required for the display of this content or functions. We endeavor to use only content whose respective providers use the IP address solely for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user’s device and may include technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as being linked to such information from other sources.

Notes on legal basis: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is consent. Otherwise, the user data is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and user-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this data protection declaration.

• Data types processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), inventory data (e.g. names, addresses).
• Data subjects: Users (e.g. website visitors, users of online services), communication partners.
• Purposes of processing: Provision of our online offer and user-friendliness, contractual services and service, contact requests and communication, direct marketing (e.g. by e-mail or post ), tracking (e.g. interest/behavior-based profiling, use of cookies), interest-based and behavior-based marketing, profiling (creation of user profiles), security measures, administration and answering of inquiries.
• Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR), consent (Art. 6 para. 1 sentence 1 lit. a GDPR), fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR).

Services and service providers used:

• Facebook Social Plugins: Facebook Social Plugins – These may include content such as images, videos or texts and buttons that allow users to share content from this online offering within Facebook. The list and appearance of the Facebook social plugins can be viewed here:https://developers.facebook.com/docs/plugins/; Service provider:https://www.facebook.com, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; privacy policy:  https://www.facebook.com/about/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov /participant?id=a2zt0000000GnywAAC&status=Active; Opt-out: Settings for ads: https://www.facebook.com/settings?tab=ads.
• Google Fonts: We integrate the fonts (“Google Fonts”) of the provider Google, whereby the data of the users are used solely for the purpose of displaying the fonts in the user’s browser. The integration is based on our legitimate interests in a technically secure, maintenance-free and efficient use of fonts, their uniform display and taking into account possible license restrictions for their integration. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://fonts.google.com/; privacy policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&status=Active.
• Google Maps: We embed maps from the Google Maps service provided by Google. The data processed may include, in particular, IP addresses and location data of users, but these are not collected without their consent (usually given as part of the settings on their mobile devices). Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://maps.google.de; privacy policy:https://policies.google.com/privacy; Privacy Shield (guaranteeing data protection level when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&amp; =”noreferrer noopener”>https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• Instagram plugins and buttons: Instagram plugins and buttons – These may include content such as images, videos or texts and buttons that allow users to share content from this online offering within Instagram. Service provider:https://www.instagram.com, Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; website:https://www.instagram.com; Privacy Policy: http://instagram.com/about/legal/privacy.
• LinkedIn Plugins and Buttons: LinkedIn Plugins and Buttons – These may include content such as images, videos or texts and buttons that allow users to share content from this online offer within LinkedIn. Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; website:https://www.instagram.com; privacy policy:https://www.linkedin.com/legal/privacy-policy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active; Opt-out out):https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
• OpenStreetMap: We embed maps from the OpenStreetMap service, which are offered by the OpenStreetMap Foundation (OSMF) on the basis of the Open Data Commons Open Database License (ODbL). The user data is used by OpenStreetMap exclusively for the purpose of displaying the map functions and for caching the selected settings. This data may include, in particular, IP addresses and location data of users, which, however, are not collected without their consent (usually given as part of the settings of their mobile devices). Service provider: OpenStreetMap Foundation (OSMF); website:https://www.openstreetmap.de; privacy policy: https://wiki.openstreetmap.org/wiki/Privacy_Policy.
• Pinterest plugins and buttons: Pinterest plugins and buttons – These may include content such as images, videos or texts and buttons that allow users to share content from this online offering within Pinterest. Service provider: Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA; website:https://www.pinterest. com; Privacy Policy:https://about.pinterest.com/de/privacy-policy.
• ReCaptcha: We use the “ReCaptcha” function to detect bots, e.g. when entering data in online forms. The user’s behavior (e.g. mouse movements or queries) is evaluated to distinguish between humans and bots. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://www.google.com/recaptcha/; privacy policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• SlideShare presentations: Inclusion of SlideShare presentations; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; website:https://www.linkedin.com; privacy policy:https://www.linkedin.com/legal/privacy-policy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.
• Typekit fonts from Adobe: We embed the fonts (Typekit fonts) from Adobe, whereby the user data is used solely for the purpose of displaying the fonts in the user’s browser. The integration is based on our legitimate interests in a technically secure, maintenance-free and efficient use of fonts, their uniform display and taking into account possible license restrictions for their integration. Service provider: Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland; website: https://www.adobe.com/de; privacy policy: https://www.adobe.com/de/privacy.html; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TNo9AAG&status=Active.
• YouTube: Videos; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://www.youtube.com; privacy policy: https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• Xing Plugins and Buttons: Xing Plugins and Buttons – These may include content such as images, videos or texts and buttons that allow users to share content from this online offer within Xing. Service provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; website:https://www.xing.com; privacy policy:https://privacy.xing.com/de/datenschutzerklaerung.
• Vimeo: Video platform; Service provider: Vimeo Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA; Website: https://vimeo.com; Data protection declaration: < a href=”https://vimeo.com/privacy” target=”_blank” rel=”noreferrer noopener”>https://vimeo.com/privacy; Opt-out: We would like to point out that Vimeo may use Google Analytics and refer you to the data protection declaration (https://policies.google.com/privacy) and the opt-out options for Google Analytics (http:// tools.google.com/dlpage/gaoptout?hl=de) or Google’s settings for data use for marketing purposes (https://adssettings.google.com/).

Deletion of data

The data we process will be deleted in accordance with the legal requirements as soon as the consent to process it is revoked or other permissions lapse (e.g. if the purpose of processing this data no longer applies or it is no longer required for this purpose).

If the data is not deleted because it is required for other legally permissible purposes, its processing will be limited to these purposes. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax reasons or whose storage is necessary to assert, exercise or defend legal claims or to protect the rights of another natural or legal person.

Further information on the deletion of personal data can also be found in the individual data protection notices of this data protection declaration.

Amendment and updating of the data protection declaration

We ask you to regularly check the content of our data protection declaration. We will adapt the data protection declaration as soon as the changes to the data processing carried out by us make this necessary. We will inform you as soon as the changes require your cooperation (e.g. consent) or any other individual notification.

If we provide addresses and contact information for companies and organizations in this data protection declaration, please note that the addresses may change over time and please check the information before contacting us.

Rights of the data subjects

As a data subject, you have various rights under the GDPR, in particular under Articles 15 to 18 and 21 of the GDPR:

• Right to object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions. If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.
• Right of withdrawal: You have the right to withdraw your consent at any time.
• Right of access: You have the right to request confirmation as to whether the data in question is being processed and to request access to this data, as well as further information and a copy of the data in accordance with the legal requirements.
• Right to rectification: In accordance with the legal requirements, you have the right to request that the data concerning you be completed or that incorrect data concerning you be rectified.
• Right to erasure and restriction of processing: You have the right to request that the data concerning you be erased immediately or, alternatively, to request that the processing of the data be restricted in accordance with the statutory provisions.
• Right to data portability: You have the right to receive the data concerning you that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller, in accordance with the legal requirements.
• Complaint to supervisory authority: You also have the right, in accordance with the legal requirements, to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

Definitions

This section provides an overview of the terms used in this data protection declaration. Many of the terms are taken from the law and are defined in particular in Art. 4 GDPR. The legal definitions are binding. The following explanations are intended to help you understand them. The terms are in alphabetical order.

• A/B tests: A/B tests are used to improve the user-friendliness and performance of online offers. For example, users are shown different versions of a website or its elements, such as input forms, in which the placement of the content or the labels of the navigation elements may differ. Based on the behavior of the users, e.g. longer stays on the website or more frequent interaction with the elements, it can then be determined which of these websites or elements are more likely to meet the needs of the users.
• Affiliate tracking: As part of affiliate tracking, links that are used by linking websites to refer users to websites with product or other offers are logged. The operators of the respective linking websites may receive a commission if users follow these so-called affiliate links and then take advantage of the offers (e.g. buy goods or use services). To do this, it is necessary for the providers to be able to track whether users who are interested in certain offers subsequently take advantage of them at the instigation of the affiliate links. Therefore, for affiliate links to function properly, it is necessary for them to be supplemented with certain values that become part of the link or are stored elsewhere, e.g. in a cookie. These values include, in particular, the originating website (referrer), the time, an online identifier of the operator of the website on which the affiliate link was located, an online identifier of the respective offer, an online identifier of the user, as well as tracking-specific values, such as advertising medium ID, partner ID and categorizations.
• Conversion tracking: “Conversion tracking” is a process that can be used to determine the effectiveness of marketing measures. To do this, a cookie is usually stored on the user’s device within the websites on which the marketing measures take place and then retrieved again on the target website. For example, we can use this to see whether the ads we place on other websites were successful.
• Content Delivery Network (CDN): A “Content Delivery Network” (CDN) is a service that helps to deliver the content of an online offering, in particular large media files such as graphics or program scripts, faster and more securely using servers that are distributed regionally and connected via the Internet.
• Cross-device tracking: Cross-device tracking is a form of tracking in which users’ behavior and interest information is collected across devices in so-called profiles by assigning users an online identifier. This means that user information can usually be analyzed for marketing purposes, regardless of the browsers or devices (e.g. mobile phones or desktop computers) used. The online identifier is not linked to clear data such as names, postal addresses or e-mail addresses for most providers.
• Heatmaps: “Heatmaps” are the movements of users’ mouse cursors, which are combined to form an overall picture that can be used, for example, to identify which website elements are preferred and which website elements users prefer less.
• IP masking: IP masking is a method in which the last octet, i.e. the last two numbers of an IP address, are deleted so that the IP address can no longer be used to uniquely identify a person. IP masking is therefore a means of pseudonymizing processing procedures, especially in online marketing
• Interest-based and behavior-based marketing: Interest-based and/or behavior-based marketing is when potential interests of users in ads and other content are predicted as accurately as possible. This is done by using information about their previous behavior (e.g. visiting certain websites and spending time on them, buying behavior or interaction with other users), which is stored in a so-called profile. Cookies are usually used for these purposes.
• Click tracking: Click tracking allows us to monitor the movements of users within an entire online offering. Since the results of these tests are more accurate when the interaction of users can be tracked over a certain period of time (e.g. so that we can find out whether a user likes to return), cookies are usually stored on the users’ computers for these test purposes.
• Conversion measurement: Conversion measurement is a method for determining the effectiveness of marketing measures. To do this, a cookie is usually stored on the user’s device within the websites on which the marketing measures take place and then retrieved again on the target website. For example, this allows us to see whether the ads we place on other websites were successful.
• Personal data: “Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier number, location data, online identifier (e.g. cookie) or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
• Profiling: Profiling is any form of automated processing of personal data consisting of the use of such personal data to analyze, evaluate or predict certain personal aspects relating to a natural person (depending on the type of profiling, this may include information concerning age, gender, location data and movement data, interaction with websites and their content, purchasing behavior, social interactions with other people), to analyze, evaluate or predict them (e.g. interests in certain content or products, click behavior on a website or location). Cookies and web beacons are often used for profiling purposes.
• Reach measurement: Reach measurement (also known as web analytics) is used to evaluate the visitor traffic of an online offering and can include the behavior or interests of visitors to certain information, such as website content. With the help of reach analysis, website owners can, for example, recognize at what time visitors visit their website and what content they are interested in. This enables them, for example, to better adapt the content of the website to the needs of their visitors. For the purposes of reach analysis, pseudonymous cookies and web beacons are often used to recognize returning visitors and thus obtain more accurate analyses of the use of an online offering.
• Remarketing: The terms “remarketing” and “retargeting” are used when, for example, a user’s interest in a product on a website is noted for advertising purposes in order to remind the user of these products on other websites, e.g. in advertisements.
• Tracking: Tracking refers to the ability to track the behavior of users across multiple online services. As a rule, behavioral and interest information is stored in cookies or on the servers of the providers of the tracking technologies with regard to the online services used (so-called profiling). This information can then be used, for example, to display advertisements to users that are likely to match their interests.
• Controller: The controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
• Processing: “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The term is broad and covers virtually any handling of data, whether it be collection, evaluation, storage, transmission or deletion.
• Target group formation: Target group formation (or “custom audiences”) refers to the formation of target groups for advertising purposes, e.g. the display of advertisements. For example, based on a user’s interest in certain products or topics on the internet, it can be concluded that this user is interested in advertisements for similar products or the online shop in which he or she viewed the products. Lookalike audiences (or similar target groups) are created when the content deemed suitable is displayed to users whose profiles or interests are presumed to correspond to the users for whom the profiles were created. Cookies and web beacons are generally used to create custom audiences and lookalike audiences.

Created with free Datenschutz-Generator.de by Dr. Thomas Schwenke

---

Registration for webinars

The following information is to inform you about the registration, participation and statistical evaluation procedure as well as your rights of objection in connection with the webinars we offer. By registering for our free and paid webinars, you agree to receive e-mails, such as info mails and newsletters, as well as the described procedures.

Registration data and registration procedure:

When you register for our webinars using the double opt-in procedure, you will be informed about receiving our newsletter and the free option to revoke your consent. Registration for our webinars is completely voluntary.

To participate in one of our webinars, it is sufficient to provide your e-mail address. Optionally, we ask you to provide your first and last name for the purpose of personalizing our e-mails and for an overview of our prospective customer structure. These optional details are provided voluntarily and are not mandatory for participation in a webinar.

The registration process is logged on the basis of our legitimate interests in accordance with Art. 6 (1) (f) GDPR and serves to provide proof of consent to receive our e-mails.

In Germany, the sending of info mails and newsletters as well as the measurement of success are based on the consent of the recipients in accordance with Art. 6 para. 1 lit. a, Art. 7 GDPR in conjunction with § 7 para. 2 no. 3 UWG or on the basis of the legal permission in accordance with § 7 para. 3 UWG.

Webinar service provider:

We provide our webinars via the online platform of Webinaris GmbH, Bussardstr. 5.2, 82166 Gräfelfing, hereinafter referred to as “Webinaris”. We are a so-called “user” who has a paid Webinaris membership on the Webinaris online platform in order to be able to register and conduct webinars via this platform.

You can view Webinaris’ data protection provisions here:http://webinaris.com/datenschutzbestimmungen.html

When you register for a webinar and when you participate in a webinar that we as users organize via the Webinaris online platform, the following data is transferred from you as a so-called user to Webinaris and processed there:

• E-mail address
• First name (optional)
• Surname (optional)
• Browser and system data
• IP address
• Language
• Time zone
• All data provided by the participant in the chat
• Usage data resulting from registration for and participation in the webinar

Webinaris offers us the opportunity to publish webinars and to evaluate them statistically in order to constantly improve our offering. To do this, it is necessary for Webinaris to process the data of webinar participants/users on our behalf. The scope of the data and the data processing are regulated in the agreement on data processing, which we have concluded with Webinaris. As a user, we can view the data at Webinaris and export it to our own systems. 

The legal basis for the processing of the data is Art. 6 para. 1 sentence 1 lit. b) GDPR. Further information can be found in Webinaris’s privacy policy athttps://webinaris.com/datenschutzbestimmungen.html.

Use of Calendly

This website uses Calendly.com for the online appointment booking service. This page offers an external platform for making appointments. The appointment booking service is integrated into the source code of our website via a script. By using the appointment calendar, you automatically use the services of Calendly.com. Data is transferred there for the security and documentation of teambay. The data collected includes: name, IP address at the time of the appointment, agreed date and agreed time. This data will not be passed on to third parties and is used only for the administration and organization of appointments and for internal statistics. By using the appointment calendar, you agree that you agree to this. You can find more information about Calendly.com here. Please be sure to read it. Please note, however, that the site is only available in English:https://calendly.com/pages/privacyStatistics, marketing and personalization cookies: Cookies are also generally used to measure reach and when a user’s interests or behavior (e.g. viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles are used to display content to users that matches their potential interests, for example. This process is also referred to as “tracking”, i.e. tracking the potential interests of users. If we use cookies or “tracking” technologies, we will inform you separately in our data protection declaration or when we obtain your consent.

Notes on legal basis: The legal basis for processing your personal data with the help of cookies depends on whether we ask you for your consent. If this is the case and you consent to the use of cookies, the legal basis for the processing of your data is your consent. Otherwise, the data processed using cookies is processed on the basis of our legitimate interests (e.g. in the commercial operation of our online offering and its improvement) or, if the use of cookies is necessary to fulfill our contractual obligations.

General information on revocation and objection (opt-out): Depending on whether the processing is based on consent or legal permission, you have the option at any time to revoke your consent or to object to the processing of your data by cookie technologies (collectively referred to as “opt-out”). You can initially declare your objection by means of your browser settings, e.g. by deactivating the use of cookies (although this may also restrict the functionality of our online offering). You can also object to the use of cookies for online marketing purposes using a variety of services, especially in the case of tracking, via the websites http:// optout.aboutads.info and http://www.youronlinechoices.com/ . You can also find further information on how to opt out in the information provided on the service providers and cookies used.

Processing of cookie data on the basis of consent: Before we process data or have it processed in the context of the use of cookies, we ask users for consent, which can be revoked at any time. Before consent has been given, cookies that are necessary for the operation of our online offer may be used. Their use is based on our interest and the interest of users in the expected functionality of our online offer.

• Types of data processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Users (e.g. website visitors, users of online services).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Manage privacy settings

Blogs and publication media

We use blogs or similar means of online communication and publication (hereinafter referred to as “publication medium”). The data of the readers are only processed for the purposes of the publication medium to the extent necessary for its presentation and communication between authors and readers or for security reasons. For the rest, we refer to the information on the processing of visitors to our publication medium in the context of this data protection notice.

Comments and posts: If users leave comments or other posts, their IP addresses may be stored on the basis of our legitimate interests. This is done for our security in case someone leaves illegal content in comments and posts (insults, prohibited political propaganda, etc.). In this case, we ourselves can be prosecuted for the comment or post and are therefore interested in the identity of the author.

Furthermore, we reserve the right to process the information provided by users for the purpose of spam detection based on our legitimate interests.

On the same legal basis, we reserve the right to store the IP addresses of users for the duration of surveys and to use cookies to prevent multiple votes.

The personal information provided in the comments and posts, any contact and website information, as well as the content information, will be stored by us permanently until the user objects.

Comment subscriptions: Users can subscribe to follow-up comments with their consent. Users will receive a confirmation email to verify that they are the owner of the email address entered. Users can unsubscribe from current comment subscriptions at any time. The confirmation email will contain information on how to revoke consent. For the purpose of proving the user’s consent, we store the time of registration and the user’s IP address and delete this information when the user unsubscribes.

You can cancel your subscription to our newsletter at any time, i.e. revoke your consent. We may store the unsubscribed e-mail addresses for up to three years on the basis of our legitimate interests before we delete them in order to be able to prove a previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time.

Retrieval of WordPress emojis and smilies: Within our WordPress blog, graphical emojis (or smilies), i.e. small graphical files that express feelings, are used for the purpose of efficiently integrating content elements, which are obtained from external servers. The providers of the servers collect the IP addresses of the users. This is necessary so that the emoji files can be transmitted to the users’ browsers.

Akismet anti-spam check: We use the “Akismet” service on the basis of our legitimate interests. Akismet is used to distinguish comments from real people from spam comments. To do this, all comment information is sent to a server in the USA, where it is analyzed and stored for four days for comparison purposes. If a comment is classified as spam, the data is stored beyond this time. This information includes the name entered, the e-mail address, the IP address, the comment content, the referrer, information on the browser used and the computer system, and the time of the entry.

Users are welcome to use pseudonyms or to refrain from entering their name or e-mail address. They can completely prevent the transfer of data by not using our comment system. That would be a shame, but unfortunately we see no alternatives that work equally effectively.

Gravatar profile pictures: We use the Gravatar service within our online offering and in particular in the blog.

Gravatar is a service that allows users to register and store profile pictures and their e-mail addresses. When users leave posts or comments on other online presences (especially blogs) with the respective e-mail address, their profile pictures can be displayed next to the posts or comments. To do this, the e-mail address provided by the users is encrypted and transmitted to Gravatar to check whether a profile is stored for it. This is the only purpose of the e-mail address. It will not be used for any other purpose and will be deleted afterwards.

We use Gravatar on the basis of our legitimate interests, as we use Gravatar to offer the authors of posts and comments the option of personalizing their posts with a profile picture.

By displaying the images, Gravatar learns the IP address of the user, as this is necessary for communication between a browser and an online service.

If users do not want a user image associated with their e-mail address to appear in the comments, they should use an e-mail address that is not stored with Gravatar to comment. We would also like to point out that it is also possible to use an anonymous or no e-mail address at all if users do not want their own e-mail address to be sent to Gravatar. Users can completely prevent the transfer of data by not using our comment system.

• Types of data processed: Inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), contract data (e.g. subject matter of the contract, term, customer category).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing: Contractual services and support, feedback (e.g. collecting feedback via online forms), security measures, administration and answering of enquiries, contact requests and communication, provision of our online services and user-friendliness.
• Legal basis: Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR), consent (Art. 6 para. 1 sentence 1 lit. a GDPR), protection of vital interests (Art. 6 para. 1 sentence 1 lit. d. GDPR).

Services and service providers used:

• Retrieval of WordPress emojis and smilies: Retrieval of WordPress emojis and smilies; Service provider: Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA; Website: https://automattic.com; Privacy Policy:https://automattic.com/privacy.
• Akismet Anti-Spam-Check: Akismet Anti-Spam-Check; Service provider: Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA; Website: https://automattic.com; Privacy Policy: https://automattic.com/privacy.
• Gravatar profile pictures: Profile pictures; Service provider: Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA; Website: https://automattic.com; Privacy Policy: https://automattic.com/privacy.
• UpdraftPlus: Backup software and storage; Service provider: Simba Hosting Ltd., 11, Barringer Way, St. Neots, Cambs., PE19 1LW, GB; website:https://updraftplus.com/.

Contact

When you contact us (e.g. via the contact form, e-mail, telephone or social media), the information provided by the person making the request will be processed to the extent necessary to answer the contact requests and any requested measures.

The response to contact requests in the context of contractual or pre-contractual relationships is made in order to fulfill our contractual obligations or to respond to (pre)contractual requests and, in addition, on the basis of the legitimate interests in responding to the requests.

• Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Communication partners.
• Purposes of processing: Contact requests and communication.
• Legal basis: Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Communication via Messenger

We use messenger services for communication purposes and therefore ask you to note the following information on the functionality of the messengers, encryption, the use of metadata in communication and your options for objecting to this

You can also contact us by other means, e.g. by telephone or e-mail. Please use the contact options provided to you or the contact options provided within our online offering.

In the case of end-to-end encryption of content (i.e. the content of your message and attachments), we would like to point out that the communication content (i.e. the content of the message and attached images) is encrypted from end to end. This means that the content of the messages cannot be viewed, not even by the messenger providers themselves. You should always use the latest version of the messenger with encryption enabled to ensure that the message content is encrypted.

However, we would also like to point out to our communication partners that although the providers of the messengers do not view the content, they can find out that and when communication partners communicate with us, as well as technical information about the communication partner’s device and, depending on the settings of their device, location information (so-called metadata) is processed.

Notes on legal basis: If we ask communication partners for permission before communicating with them via Messenger, the legal basis for our processing of their data is their consent. In other respects, if we do not ask for consent and you contact us, for example, on your own initiative, we use Messenger as a contractual measure in relation to our contractual partners and in the context of initiating contracts, and in the case of other interested parties and communication partners on the basis of our legitimate interests in fast and efficient communication and fulfilling the needs of our communication partners in communicating via Messengers. Furthermore, we would like to point out that we will not transmit the contact data provided to us to the messengers for the first time without your consent.

Revocation, objection and deletion: You can revoke your consent at any time and object to communication with us via messenger at any time. In the case of communication via Messenger, we delete the messages in accordance with our general deletion guidelines (i.e. e.g. as described above, after the end of contractual relationships, in the context of archiving requirements, etc.) and otherwise as soon as we can assume that we have answered any information from the communication partner, if no reference to a previous conversation is to be expected and the deletion does not conflict with any legal retention obligations.

Reservation of the right to refer to other communication channels: Finally, we would like to point out that, for reasons of your security, we reserve the right not to answer questions via Messenger. This is the case, for example, if contractual information requires special confidentiality or an answer via Messenger does not meet the formal requirements. In such cases, we refer you to more appropriate communication channels.

Skype: Skype’s end-to-end encryption requires it to be activated (unless it is activated by default).

• Types of data processed: Contact details (e.g. e-mail, telephone numbers), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), content data (e.g. text entries, photographs, videos).
• Data subjects: Communication partners.
• Purposes of processing: Contact requests and communication, direct marketing (e.g. by e-mail or post).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Facebook Messenger: Facebook Messenger with end-to-end encryption (end-to-end encryption of Facebook Messenger requires activation if it is not activated by default); service provider:& nbsp;https://www.facebook.com, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; privacy policy: https://www.facebook.com/about/privacy; Privacy Shield (guaranteeing a certain level of data protection when processing data in the USA): https://www.privac yshield.gov/participant?id=a2zt0000000GnywAAC&status=Active; Opt-out:https://www.facebook.com/settings?tab=ads.
• Skype: Skype Messenger with end-to-end encryption; Service provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA; website: https://www.skype.com/de/; privacy policy:&nbsp ;https://privacy.microsoft.com/de-de/privacystatement, security information: https://www.microsoft.com/de-de/trustcenter; Privacy Shield (guaranteeing a level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active.
• Snapchat: Snapchat Messenger with end-to-end encryption; Service provider: Snap Inc, 63 Market Street Venice, CA 90291 USA; Website: https://www.snapchat.com/l/de-de/; Privacy Policy: https://www.snap.com/de-DE/privacy/privacy-policy/; Privacy Shield (guaranteeing a level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TNPxAAO&status=Active.
• WhatsApp: WhatsApp Messenger with end-to-end encryption; Service provider: WhatsApp Inc. WhatsApp Legal 1601 Willow Road Menlo Park, California 94025, USA; Website: https://www.whatsapp.com/; Privacy Policy: https://www.whatsapp.com/legal; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TSnwAAG&status=Active.

Chatbots and chat functions

We offer a so-called “chatbot” as a means of communication. A chatbot is software that answers users’ questions or informs them about messages. If you chat with our chatbot, we can process your personal data.

If you communicate with the chatbot within an online platform, your identification number will also be stored within the respective platform. We may also collect information about which users interact with our chatbot and when. Furthermore, we store the content of your conversations with the chatbot and log registration and consent processes in order to be able to prove them in accordance with legal requirements.

We would like to point out that the respective platform provider can find out that and when users communicate with our chatbot, as well as technical information about the user’s device and, depending on the settings of their device, location information (so-called metadata) for the purpose of optimizing the respective services and for security purposes. The metadata of the communication via chatbot (i.e. e.g. the information of who communicated with whom) could also be used by the respective platform providers in accordance with their provisions, to which we refer for further information, for marketing purposes or to display customized advertising to users.

If users agree to the chatbot to activate information with regular messages, they have the option to unsubscribe from the information at any time. The chatbot will inform users how and with which terms they can unsubscribe from the messages. When unsubscribing from the chatbot messages, user data will be deleted from the directory of message recipients.

We use the above information to operate our chatbot, e.g. to address users personally, to answer their questions to the chatbot, to transmit any requested content and also to improve our chatbot (e.g. to “teach” it answers to frequently asked questions or to recognize unanswered questions).

Notes on legal basis: We use the chatbot on the basis of consent if we have previously obtained the user’s permission to process their data through the chatbot (this applies to cases in which users are asked for consent, e.g. so that the chatbot can send them regular messages). If we use the chatbot to answer user queries about our services or our company, this is for contractual and pre-contractual communication. Otherwise, we use the chatbot on the basis of our legitimate interests in optimizing the chatbot, its operational efficiency and increasing the positive user experience.

Revocation, objection and deletion: You can revoke your consent at any time or object to the processing of your data in the context of our chatbot use.

• Types of data processed: Contact details (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Communication partners, users (e.g. website visitors, users of online services).
• Purposes of processing: Contact requests and communication, direct marketing (e.g. by e-mail or post), reach measurement (e.g. access statistics, recognition of returning visitors ), tracking (e.g. interest/behavioral profiling, use of cookies), remarketing, visit action evaluation, profiling (creation of user profiles), conversion measurement (measurement of the effectiveness of marketing measures).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Surveys and questionnaires

The surveys and questionnaires we conduct (hereinafter referred to as “surveys”) are evaluated anonymously. Personal data is only processed to the extent necessary to provide and technically implement the surveys (e.g. processing the IP address to display the survey in the user’s browser or to enable the survey to be resumed using a temporary cookie (session cookie)) or if users have consented to this.

Notes on legal basis: If we ask participants for their consent to the processing of their data, this is the legal basis for the processing; otherwise, the processing of participants’ data is based on our legitimate interest in conducting an objective survey.

• Types of data processed: Contact details (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Communication partners, users (e.g. website visitors, users of online services).
• Purposes of processing: Contact requests and communication, direct marketing (e.g. by e-mail or post), tracking (e.g. interest/behavioral profiling, use of cookies), feedback (e.g. collecting feedback via online form).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Google Form: Google Cloud Forms; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://firebase.google.com; privacy policy: https://policies.google.com/privacy; Privacy Shield (guaranteeing a certain level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.

Provision of the online offer and web hosting

In order to provide our online offering securely and efficiently, we use the services of one or more web hosting providers, from whose servers (or servers managed by them) the online offering can be accessed. For these purposes, we may use infrastructure and platform services, computing capacity, storage space and database services, as well as security and technical maintenance services.

The data processed in the context of providing the hosting service may include all information concerning the users of our online service that is generated in the course of its use and communication. This regularly includes the IP address, which is necessary to deliver the content of online services to browsers, and all entries made within our online service or on websites.

E-mail sending and hosting: The web hosting services we use also include sending, receiving and storing e-mails. For these purposes, the addresses of the recipients and senders as well as other information regarding the e-mail sending (e.g. the providers involved) and the contents of the respective e-mails are processed. The aforementioned data may also be processed for the purpose of detecting spam. Please note that e-mails are not encrypted when sent over the internet. While e-mails are usually encrypted during transmission, they are not encrypted on the servers from which they are sent and received (unless an end-to-end encryption method is used). We therefore cannot accept any responsibility for the transmission of e-mails between the sender and the recipient on our server.

Collection of access data and log files: We ourselves (or our web hosting provider) collect data on every access to the server (so-called server log files). The server log files may include the address and name of the websites and files accessed, the date and time of access, the amount of data transferred, a notification of successful retrieval, the browser type and version, the user’s operating system, the referrer URL (the previously visited page) and, as a rule, the IP addresses and the requesting provider.

The server log files can be used for security purposes, for example to prevent server overload (especially in the event of abusive attacks, so-called DDoS attacks), and to ensure that the servers are utilized and stable.

Content delivery network: We use a content delivery network (CDN). A CDN is a service that helps to deliver the content of an online offering, in particular large media files such as graphics or program scripts, faster and more securely using servers that are distributed regionally and connected via the internet.

• Types of data processed: Content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing: Content Delivery Network (CDN).
• Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• All-inkl.com: When you visit this website, personal data is processed. Data categories processed: technical connection data of the server access (IP address, date, time, requested page, browser information). Purpose of processing: monitoring of technical function and to increase the operational reliability of our web server, delivery and provision of the website and anonymization and creation of statistics. The legal basis for processing: a legitimate interest that outweighs the rights and freedoms of the data subjects (Art. 6 (1) f GDPR). Legitimate interests in this context: strong economic interest in the secure and functional operation of technical systems. Data is transferred: to the processor ALL-INKL.COM – Neue Medien Münnich, René Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany.
  https://all-inkl.com/datenschutzinformationen/

Cloud services

We use software services that are accessible via the internet and run on the servers of their providers (so-called “cloud services”, also referred to as “software as a service”) for the following purposes: document storage and management, calendar management , sending e-mails, spreadsheets and presentations, exchanging documents, content and information with specific recipients or publishing websites, forms or other content and information, as well as chats and participation in audio and video conferences.

In this context, personal data may be processed and stored on the providers’ servers, provided that this data is part of communication processes with us or is otherwise processed by us, as set out in this data protection declaration. This data may include, in particular, master data and contact data of users, data on processes, contracts, other processes and their contents. The providers of cloud services also process usage data and metadata, which they use for security purposes and to optimize their services.

If we use cloud services to provide forms or other documents and content to other users or publicly accessible websites, the providers may store cookies on the users’ devices for the purposes of web analysis or to remember the users’ settings (e.g. in the case of media control).

Notes on legal basis: If we ask for consent to use cloud services, the legal basis for processing is consent. Furthermore, their use may be part of our (pre)contractual services, provided that the use of cloud services has been agreed in this context. Otherwise, the user data is processed on the basis of our legitimate interests (i.e. interest in efficient and secure administrative and collaboration processes)

• Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Customers, employees (e.g. employees, applicants, former employees), interested parties, communication partners.
• Purposes of processing: Office and organizational procedures.
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Google Cloud Services: Cloud storage services; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://cloud.google.com/; privacy policy: https://www.google.com/policies/privacy, security information: https://cloud.google.com/security/privacy; Privacy Shield (guaranteeing data protection level when processing data in the USA):https://www.privacyshield.gov/ participant?id=a2zt0000000000001L5AAI&status=Active; Standard contractual clauses (ensuring a level of data protection when processing in a third country): https://cloud.google.com/terms/data-processing-terms; Additional information on data protection:https://cloud.google.com/terms/data-processing-terms.
• Microsoft Cloud Services: Cloud storage services; Service provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA; website: http://microsoft.com/de-de; privacy statement: < a href=”https://privacy.microsoft.com/de-de/privacystatement” target=”_blank” rel=”noreferrer noopener”>https://privacy.microsoft.com/de-de/privacystatement, Security Notice: https://www.microsoft.com/de-de/trustcenter; Privacy Shield (guaranteeing a level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active.

Newsletter and broad communication

We only send newsletters, e-mails and other electronic notifications (hereinafter referred to as “newsletters”) with the consent of the recipients or with legal permission. If the contents of a newsletter are specifically described when registering for it, they are decisive for the user’s consent. In addition, our newsletters contain information about our services and us.

To subscribe to our newsletters, it is generally sufficient to provide your e-mail address. However, we may ask you to provide a name so that we can address you personally in the newsletter, or other information if this is necessary for the purposes of the newsletter.

Double opt-in procedure: You will receive an e-mail asking you to confirm your registration. This confirmation is necessary to prevent anyone from registering with someone else’s e-mail address. The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with legal requirements. This includes storing the registration and confirmation times as well as the IP address. The changes to your data stored by the shipping service provider are also logged.

Deletion and restriction of processing: We may store the e-mail addresses of those who have unsubscribed for up to three years on the basis of our legitimate interests before we delete them in order to be able to prove that consent was given. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time. In the event of obligations to permanently observe objections, we reserve the right to store the e-mail address for this purpose alone in a blacklist.

The registration process is logged on the basis of our legitimate interests in order to verify that it has been carried out correctly. If we commission a service provider to send e-mails, this is done on the basis of our legitimate interests in an efficient and secure delivery system.

Notes on legal basis: The newsletter is sent on the basis of the recipient’s consent or, if consent is not required, on the basis of our legitimate interests in direct marketing, provided and to the extent that this is permitted by law, e.g. in the case of customer acquisition. If we commission a service provider to send e-mails, this is done on the basis of our legitimate interests. The registration process is recorded on the basis of our legitimate interests in order to prove that it was carried out in accordance with the law.

Contents: Information about us, our services, promotions and offers.

Performance measurement: The newsletters contain a so-called “web beacon”, i.e. a pixel-sized file that is retrieved from our server when the newsletter is opened, or from the server of the service provider we use if we use a service provider. This retrieval process initially collects technical information such as information about the browser and your system, as well as your IP address and the time of retrieval.

This information is used to technically improve our newsletter based on the technical data or the target groups and their reading behavior based on their locations (which can be determined using the IP address) or the access times. This analysis also includes determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our intention nor that of the mailing service provider, if used, to monitor individual users. Rather, the evaluations serve to identify the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

The evaluation of the newsletter and the measurement of success are carried out, subject to the user’s express consent, on the basis of our legitimate interests for the purpose of using a user-friendly and secure newsletter system that serves both our business interests and the expectations of our users.

Unfortunately, it is not possible to revoke the success measurement separately. In this case, the entire newsletter subscription must be canceled or objected to.

• Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), meta/communication data (e.g. device information, IP addresses), usage data (e.g. websites visited, interest in content, access times).
• Data subjects: Communication partners.
• Purposes of processing: Direct marketing (e.g. by e-mail or post), contact requests and communication.
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).
• Opt-out: You can cancel your subscription to our newsletter at any time, i.e. revoke your consent or object to further receipt. You will find a link to cancel the newsletter either at the end of each newsletter or you can use one of the contact options given above, preferably by e-mail, for this purpose.

Services used and service providers:

Brevo

This website uses Brevo to send newsletters. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.
Brevo is a service that can be used to organize and analyze the sending of newsletters, among other things. The data you enter to receive the newsletter is stored on the servers of Sendinblue GmbH in Germany.

Data analysis by Brevo

With the help of Brevo, we are able to analyze our newsletter campaigns. This allows us to see, for example, whether a newsletter message has been opened and which links, if any, have been clicked on. In this way, we can determine, among other things, which links have been clicked on particularly often.
We can also see whether certain predefined actions have been carried out after opening/clicking on the message (conversion rate). For example, we can see whether you made a purchase after clicking on the newsletter.
Brevo also allows us to divide the newsletter recipients into different categories (“clusters”). This means that the newsletter recipients can be divided according to age, gender or place of residence, for example. In this way, the newsletters can be better adapted to the respective target groups.
If you do not want Brevo to analyze your data, you must unsubscribe from the newsletter. We provide a link to do this in every newsletter message.
For detailed information on the functions of Brevo, please refer to the following link: https://www.brevo.com/de/newsletter-software/.

Legal basis

The data processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.

Storage period

The data you provide to us for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter or the newsletter service provider and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored by us for other purposes remains unaffected by this.
After you have unsubscribed from the newsletter distribution list, your e-mail address will be stored by us or the newsletter service provider in a blacklist if necessary, provided that this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interests and our interest in complying with the legal requirements for sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). There is no time limit on storage in the blacklist. You can object to the storage if your interests outweigh our legitimate interest.
For more information, please refer to Brevo’s data protection regulations at: https://www.brevo.com/de /datenschutz-uebersicht/ andhttps://www.brevo.com/de/legal/privacypolicy/.

Advertising communication by post, fax or telephone

We process personal data for the purposes of advertising communication, which can take place via various channels, such as e-mail, telephone, post or fax. In this context, we observe the legal requirements and obtain the necessary consents, unless the communication is not legally permitted.

The recipients have the right to revoke their consent at any time or to object to the promotional communication at any time.

After revocation or objection, we may store the data required to prove consent for up to three years on the basis of our legitimate interests before deleting it. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time.

• Types of data processed: Inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers).
• Data subjects: Communication partners.
• Purposes of processing: Direct marketing (e.g. by e-mail or post).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Web analysis and optimization

Web analytics (also known as “reach measurement”) is used to evaluate the flow of visitors to our online offering and can include behavior, interests or demographic information about visitors, such as age or gender, as pseudonymous values. With the help of reach analysis, we can, for example, recognize at what time our online offering or its functions or content are most frequently used or invite reuse. We can also see which areas need optimization.

In addition to web analytics, we can also use test procedures to test and optimize different versions of our online offering or its components, for example.

For these purposes, so-called user profiles can be created and stored in a file (so-called “cookies”) or similar procedures with the same purpose can be used. This information may include, for example, viewed content, visited websites and elements used there, as well as technical information such as the browser and computer system used, and information on usage times. If users have consented to the collection of their location data, this data may also be processed, depending on the provider.

The IP addresses of users are also stored. However, we use an IP masking procedure (i.e. pseudonymization by shortening the IP address) to protect users. In general, no clear data of the users (such as e-mail addresses or names) are stored in the context of web analysis, A/B testing and optimization, but pseudonyms. This means that we and the providers of the software used do not know the actual identity of the users, but only the information stored in their profiles for the purposes of the respective procedures.

Notes on legal basis: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is consent. Otherwise, the data of users is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this data protection declaration.

• Data types processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing: Range measurement (e.g. access statistics, recognition of returning visitors), tracking (e.g. interest/behavior-related profiling, use of cookies), visit action evaluation, profiling (creation of user profiles), interest-based and behavior-based marketing, click tracking, A/B tests, heat maps (user mouse movements that are combined into an overall picture.).
• Security measures: IP masking (pseudonymization of the IP address).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Google Optimize: Use of Google Analytics data to improve areas of our online offering and to better align our marketing activities with the potential interests of users; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://optimize.google.com; privacy policy: https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• Yandex-Metrica: Analysis, click-tracking and website optimization; Service provider: Yandex Oy, Moreenikatu 6, 04600 Mantsala, Finland; website:https://yandex.com; privacy policy:https://yandex.com/legal/privacy/; Standard contractual clauses (ensuring a level of data protection when processing in a third country): agreed between Yandex Oy and YANDEX LLC, 16 Lva Tolstogo st., Moscow, 11 902 1, Russia, which is commissioned to process the data.
• Microsoft Clarity: This website uses the “Microsoft Clarity” service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA (hereinafter “Microsoft”) to collect and store various user information for statistical analysis of user behavior and for optimization and marketing purposes. This information, which is always anonymous, includes the time zone setting, operating system and platform, the geographical origin of the page view, the origin of the referral to our site, the duration of visits to certain pages, and information about website interaction (e.g. scrolling, clicks and mouse-overs). Pseudonymized user profiles can be created and evaluated from this data for the same purpose. Cookies are used for collection and analysis. Cookies are small text files that are stored locally in the cache of the visitor’s Internet browser. Among other things, cookies enable the Internet browser to be recognized. The data collected using Microsoft technologies will not be used to personally identify visitors to this website without the express consent of the person concerned and will not be merged with personal data about the bearer of the pseudonym. Collected information may be transmitted to Microsoft servers in the USA and stored there. We have concluded a data processing agreement with Microsoft, obliging Microsoft to protect the data of our customers and not to pass it on to third parties.All the processing described above, in particular the setting of cookies for reading information on the end device used, will only be carried out if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR. Without this consent, Microsoft Clarity will not be used during your visit to the site.
  You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the “Cookie Consent Tool” provided on the website.For more information about Microsoft Clarity’s privacy policy, please visit https://clarity.microsoft.com/terms

Online marketing

We process personal data for the purposes of online marketing, which may include, in particular, the marketing of advertising space or the presentation of advertising and other content (collectively referred to as “content”) based on the potential interests of users and the measurement of their effectiveness.

For these purposes, so-called user profiles are created and stored in a file (so-called “cookie”) or similar procedures are used to store the information relevant to the user for the display of the aforementioned content. This information may include, for example, viewed content, visited websites, used online networks, but also communication partners and technical information, such as the browser used, the computer system used and information on usage times. If users have consented to the collection of their location data, this data may also be processed.

The IP addresses of users are also stored. However, we use available IP masking procedures (i.e. pseudonymization by shortening the IP address) to protect users. In general, no clear data of the users (such as e-mail addresses or names) are stored as part of the online marketing process, but pseudonyms. This means that we and the providers of the online marketing process do not know the actual identity of the users, but only the information stored in their profiles.

The information in the profiles is usually stored in cookies or by means of similar processes. These cookies can generally also be read on other websites that use the same online marketing process, analyzed for the purpose of displaying content, supplemented with additional data and stored on the server of the online marketing process provider.

In exceptional cases, clear data can be assigned to the profiles. This is the case if, for example, the users are members of a social network whose online marketing methods we use and the network links the users’ profiles to the aforementioned information. Please note that users may enter into additional agreements with the providers, e.g. by giving their consent during registration.

We only receive access to summarized information about the success of our advertisements. However, we can use so-called conversion measurements to check which of our online marketing methods have led to a so-called conversion, i.e. to a contract with us. The conversion measurement is used solely to analyze the success of our marketing measures.

Unless otherwise stated, we ask you to assume that cookies used will be stored for a period of two years.

Notes on legal basis: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is consent. Otherwise, the data of users is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this data protection declaration.

Target group formation with Google Analytics: We use Google Analytics to display the ads placed within Google’s advertising services and those of its partners only to users who have also shown an interest in our online or who have certain characteristics (e.g. an interest in certain topics or products determined on the basis of the websites visited) that we transmit to Google (so-called “remarketing” or “Google Analytics audiences”). With the help of remarketing audiences, we also want to ensure that our ads correspond to the potential interest of users

Facebook pixel: With the help of the Facebook pixel, Facebook is able to identify visitors to our online offering as a target group for the display of ads (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to display the Facebook ads we place only to those users on Facebook and within the services of partners cooperating with Facebook (so-called “Audience Network”https://www.facebook.com/audiencenetwork/ ), who have also shown an interest in our online offering or who have certain characteristics (e.g. an interest in certain topics or products that can be seen from the websites visited) that we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we also want to ensure that our Facebook ads match the potential interest of users and do not have a disruptive effect. With the help of the Facebook pixel, we can also track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion measurement”).

• Types of data processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), location data (data that indicate the location of the end user’s terminal device), social data (data that is subject to social secrecy (Section 35 of the German Social Code I) and is processed by social insurance carriers, social welfare organizations or pension authorities, for example.).
• Data subjects: Users (e.g. website visitors, users of online services), interested parties, customers, employees (e.g. employees, applicants, former employees), communication partners.
• Purposes of processing: Tracking (e.g. interest/behavioral profiling, use of cookies), remarketing, visit action evaluation, interest-based and behavioral marketing, profiling (creation of user profiles), conversion measurement (measuring the effectiveness of marketing measures), reach measurement (e.g. access statistics, recognition of returning visitors), target group formation (determination of target groups relevant for marketing purposes or other output of content), cross-device tracking (cross-device processing of user data for marketing purposes).
• Security measures: IP masking (pseudonymization of the IP address).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).
• Opt-out: We refer to the data protection information of the respective providers and the opt-out options provided by the providers. If no explicit opt-out option has been provided, you can disable cookies in your browser settings. However, this may restrict the functionality of our online offering. We therefore also recommend the following opt-out options, which are offered in summary for the respective areas: a) Europe:https://www. youronlinechoices.eu. b) Canada: https://www.youradchoices.ca/choices. c) USA:https://www.aboutads.info/choices. d) Cross-regional:http://optout.aboutads.info.

Services and service providers used:

• Google Tag Manager: Google Tag Manager is a solution that allows us to manage so-called website tags via a user interface (and thus, for example, to integrate Google Analytics and other Google marketing services into our online offering). The Tag Manager itself (which implements the tags) does not process any personal data of users. With regard to the processing of personal data of users, please refer to the following information on Google services. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://marketingplatform.google.com; privacy policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
• Google Analytics: Online marketing and web analysis; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://marketingplatform.google.com/intl/de/about/analytics/; privacy policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active; Opt-out: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• Google Ads and conversion measurement: We use the online marketing method “Google Ads” to place ads in the Google advertising network (e.g., in search results, in videos, on websites, etc.) so that they are displayed to users who are presumed to be interested in the ads. We also measure the conversion of the ads. However, we only learn the anonymous total number of users who clicked on our ad and were redirected to a page with a so-called “conversion tracking tag”. However, we ourselves do not receive any information that can be used to identify users. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://marketingplatform.google.com; Privacy Policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
• Google Ad Manager: We use the “Google Marketing Platform” (and services such as “Google Ad Manager”) to place ads in the Google advertising network (e.g., in search results, in videos, on websites, etc.). The Google Marketing Platform is characterized by the fact that ads are displayed in real time based on the presumed interests of users. This allows us to display ads for and within our online offering in a more targeted manner, so that we only present users with ads that potentially match their interests. If, for example, a user is shown ads for products that they have shown an interest in on other online offerings, this is referred to as “remarketing”. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://marketingplatform.google.com; Privacy Policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
• Google Adsense with personalized ads: We use the Google Adsense with personalized ads service, which helps us to display ads within our online offering and to receive remuneration for their display or other use. ; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://marketingplatform.google.com; Privacy Policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
• Google Adsense with non-personalized ads: We use the Google Adsense service with non-personalized ads, which helps us to display ads within our online offering and to receive remuneration for their display or other use. ; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://marketingplatform.google.com; Privacy Policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
• Facebook Pixel: Facebook Pixel; Service provider: https://www.facebook.com, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; privacy policy: https://www.facebook.com/about/privacy; Privacy Shield (guaranteeing a certain level of data protection when processing data in the USA): https://www.privac yshield.gov/participant?id=a2zt0000000GnywAAC&status=Active; Opt-out:https://www.facebook.com/settings?tab=ads.
• Linkedin Insight Tag: When you visit this website, personal data is processed. Data categories processed: data on the use of the website and the logging of clicks on individual elements. Purpose of processing: Analysis of user behavior, analysis of the effectiveness of online marketing measures and selection of online advertising on other platforms that are automatically selected using real-time bidding based on user behavior. The legal basis for the processing: Your consent in accordance with Art. 6 (1) a GDPR. Data is transferred: to the independent controller LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. The legal basis for the transfer of data to LinkedIn Ireland Unlimited Company is your consent in accordance with Art. 6 (1) a GDPR. This may also involve the transfer of personal data to a country outside the European Union. The transfer of data to the USA is based on Art. 45 GDPR in conjunction with the adequacy decision C(2023) 4745 of the European Commission, as the data recipient has committed to comply with the principles of data processing of the Data Privacy Framework (DPF).Information on LinkedIn Ireland Unlimited Company’s DPF membership

Affiliate programs and affiliate links

We integrate so-called affiliate links or other references (which may include discount codes, for example) to the offers and services of third-party providers into our online offering (collectively referred to as “affiliate links”). If users follow the affiliate links or subsequently take advantage of the offers, we may receive a commission or other benefits from these third-party providers (collectively referred to as “commission”).

In order to be able to track whether users have taken advantage of the offers of an affiliate link we have used, it is necessary for the respective third-party providers to know that the users have followed an affiliate link used within our online offer. The assignment of the affiliate links to the respective business transactions or other actions (e.g. purchases) serves the sole purpose of calculating commissions and is deleted as soon as it is no longer required for this purpose.

For the purposes of the aforementioned assignment of affiliate links, the affiliate links can be supplemented with certain values that are part of the link or can be stored elsewhere, e.g. in a cookie. The values may include, in particular, the originating website (referrer), the time, an online identifier of the operator of the website on which the affiliate link was located, an online identifier of the respective offer, the type of link used, the type of offer and an online identifier of the user.

Notes on legal basis: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is consent. Furthermore, their use may be part of our (pre)contractual services, provided that the use of third-party providers has been agreed in this context. Otherwise, the user’s data is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this data protection declaration.

• Types of data processed: Contract data (e.g. subject matter of the contract, term, customer category), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing: Affiliate tracking.
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Amazon Partner Program: Amazon – Partner Program – Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or one of its affiliates. Service provider: Amazon Europe Core S.à.r.l., Amazon EU S.à.r.l, Amazon Services Europe S.à.r.l. and Amazon Media EU S.à.r.l., all four based in 38, avenue John F. Kennedy, L-1855 Luxembourg, and Amazon Instant Video Germany GmbH, Domagkstr. 28, 80807 Munich (together “Amazon Europe”), parent company: Amazon.com, Inc., 2021 Seventh Ave, Seattle, Washington 98121, USA.; Website:https://www.amazon.de; Privacy Policy:https://www.amazon.de/gp/help/customer/display.html?nodeId=201909010; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TOWQAA4&status=Active.
• AWIN Partner Program (formerly Zanox and Affilinet): Service provider: , AWIN AG, Eichhornstr. 3, 10785 Berlin, Germany; Website: https://www.awin.com/de; Data protection explanation:https://www.awin.com/de/rechtliches/privacy-policy-DACH.
• Digistore24 Partner Program: Service provider: Digistore24 GmbH, St.-Godehard-Straße 32, 31139 Hildesheim, Germany; Website: https://www.digistore 24.com; Privacy Policy:https://www.digistore24.com/page/privacy.

Presence in social networks

We maintain online presences within social networks in order to communicate with users who are active there or to provide information about us there.

We would like to point out that user data may be processed outside the European Union. This may result in risks for users, for example because it could make it more difficult to enforce their rights. With regard to US providers that are certified under the Privacy Shield or offer comparable guarantees of a secure level of data protection, we would like to point out that they are obliged to comply with EU data protection standards.

Furthermore, the data of users within social networks is usually processed for market research and advertising purposes. For example, user profiles can be created based on the user’s usage behavior and the resulting interests. The user profiles can in turn be used, for example, to place advertisements within and outside the networks that are presumed to correspond to the interests of the users. For these purposes, cookies are usually stored on the users’ computers, in which the usage behavior and interests of the users are stored. Furthermore, data can also be stored in the user profiles independently of the devices used by the users (in particular if the users are members of the respective platforms and are logged in to them).

For a detailed description of the respective processing forms and the possibilities of objection (opt-out), we refer to the data protection declarations and information of the operators of the respective networks.

We would also like to point out that requests for information and the assertion of data subject rights can be most effectively asserted with the providers. Only the providers have access to the users’ data and can take appropriate measures and provide information directly. However, if you still need help, you can contact us.

• Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing: Contact requests and communication, tracking (e.g. interest/behavioral profiling, use of cookies), remarketing, reach measurement (e.g. access statistics, recognition of returning visitors), affiliate tracking.
• Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Instagram : Social network; Service provider: Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; Website: https://www. instagram.com; Privacy Policy:http://instagram.com/about/legal/privacy.
• Facebook: Social network; Service provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; privacy policy: https://www.facebook.com/about/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active; Opt-out: Advertising settings: https://www.facebook.com/settings?tab=ads; Additional information on data protection: Agreement on joint processing of personal data on Facebook pages: https://www.facebook.com/legal/ terms/page_controller_addendum, Privacy Policy for Facebook Pages: https://www.facebook.com/legal/terms/information_about_page_insights_data.
• Flickr: Social network; Service provider: Flickr Inc., 475 Sansome St San Francisco, California 94111, USA; Website: https://www.flickr .com; Privacy Policy: https://www.flickr.com/help/privacy.
• LinkedIn: Social network; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Data protection declaration: https://www.linkedin.com/legal/privacy-policy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active; Opt-out out):https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
• Pinterest: Social network; Service provider: Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA; website:https://www.pinterest.com; privacy policy:https://about.pinterest.com/de/privacy-policy; opt-out:https://about.pinterest.com/de/privacy-policy.
• SlideShare: Platform for presentations; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Data protection declaration: https://www.linkedin.com/legal/privacy-policy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.
• TikTok: Social network; Service provider: musical.ly Inc., 10351 Santa Monica Blvd #310, Los Angeles, CA 90025 USA; Website: https://www.tiktok.com; Privacy Policy: https://www.tiktok.com/en/privacy-policy.
• Twitter: Social network; Service provider: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA; Privacy policy: https://twitter.com/de/privacy, (settings) https://twitter.com/personalization; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
• YouTube: Social network; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Privacy Policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt 000000001L5AAI&status=Active; Opt-out:https://adssettings.google.com/authenticated.
• Xing: Social network; Service provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; Website: https://www.xing.de; privacy policy:https://privacy.xing.com/de/datenschutzerklaerung.

Plugins and embedded functions and content

We integrate functional and content elements into our online offering that are obtained from the servers of their respective providers (hereinafter referred to as “third-party providers”). These may include, for example, graphics, videos or social media buttons, as well as posts (hereinafter uniformly referred to as “content”).

The integration always requires that the third-party providers of this content process the IP address of the users, as they would not be able to send the content to their browsers without the IP address. The IP address is therefore required for the display of this content or functions. We endeavor to use only content whose respective providers use the IP address solely for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user’s device and may include technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as being linked to such information from other sources.

Notes on legal basis: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is consent. Otherwise, the user data is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and user-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this data protection declaration.

• Data types processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), inventory data (e.g. names, addresses).
• Data subjects: Users (e.g. website visitors, users of online services), communication partners.
• Purposes of processing: Provision of our online offer and user-friendliness, contractual services and service, contact requests and communication, direct marketing (e.g. by e-mail or post ), tracking (e.g. interest/behavior-based profiling, use of cookies), interest-based and behavior-based marketing, profiling (creation of user profiles), security measures, administration and answering of inquiries.
• Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR), consent (Art. 6 para. 1 sentence 1 lit. a GDPR), fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR).

Services and service providers used:

• Facebook Social Plugins: Facebook Social Plugins – These may include content such as images, videos or texts and buttons that allow users to share content from this online offering within Facebook. The list and appearance of the Facebook social plugins can be viewed here:https://developers.facebook.com/docs/plugins/; Service provider:https://www.facebook.com, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; privacy policy:  https://www.facebook.com/about/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov /participant?id=a2zt0000000GnywAAC&status=Active; Opt-out: Settings for ads: https://www.facebook.com/settings?tab=ads.
• Google Fonts: We integrate the fonts (“Google Fonts”) of the provider Google, whereby the data of the users are used solely for the purpose of displaying the fonts in the user’s browser. The integration is based on our legitimate interests in a technically secure, maintenance-free and efficient use of fonts, their uniform display and taking into account possible license restrictions for their integration. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://fonts.google.com/; privacy policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&status=Active.
• Google Maps: We embed maps from the Google Maps service provided by Google. The data processed may include, in particular, IP addresses and location data of users, but these are not collected without their consent (usually given as part of the settings on their mobile devices). Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://maps.google.de; privacy policy:https://policies.google.com/privacy; Privacy Shield (guaranteeing data protection level when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&amp; =”noreferrer noopener”>https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• Instagram plugins and buttons: Instagram plugins and buttons – These may include content such as images, videos or texts and buttons that allow users to share content from this online offering within Instagram. Service provider:https://www.instagram.com, Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; website:https://www.instagram.com; Privacy Policy: http://instagram.com/about/legal/privacy.
• LinkedIn Plugins and Buttons: LinkedIn Plugins and Buttons – These may include content such as images, videos or texts and buttons that allow users to share content from this online offer within LinkedIn. Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; website:https://www.instagram.com; privacy policy:https://www.linkedin.com/legal/privacy-policy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active; Opt-out out):https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
• OpenStreetMap: We embed maps from the OpenStreetMap service, which are offered by the OpenStreetMap Foundation (OSMF) on the basis of the Open Data Commons Open Database License (ODbL). The user data is used by OpenStreetMap exclusively for the purpose of displaying the map functions and for caching the selected settings. This data may include, in particular, IP addresses and location data of users, which, however, are not collected without their consent (usually given as part of the settings of their mobile devices). Service provider: OpenStreetMap Foundation (OSMF); website:https://www.openstreetmap.de; privacy policy: https://wiki.openstreetmap.org/wiki/Privacy_Policy.
• Pinterest plugins and buttons: Pinterest plugins and buttons – These may include content such as images, videos or texts and buttons that allow users to share content from this online offering within Pinterest. Service provider: Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA; website:https://www.pinterest. com; Privacy Policy:https://about.pinterest.com/de/privacy-policy.
• ReCaptcha: We use the “ReCaptcha” function to detect bots, e.g. when entering data in online forms. The user’s behavior (e.g. mouse movements or queries) is evaluated to distinguish between humans and bots. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://www.google.com/recaptcha/; privacy policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• SlideShare presentations: Inclusion of SlideShare presentations; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; website:https://www.linkedin.com; privacy policy:https://www.linkedin.com/legal/privacy-policy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.
• Typekit fonts from Adobe: We embed the fonts (Typekit fonts) from Adobe, whereby the user data is used solely for the purpose of displaying the fonts in the user’s browser. The integration is based on our legitimate interests in a technically secure, maintenance-free and efficient use of fonts, their uniform display and taking into account possible license restrictions for their integration. Service provider: Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland; website: https://www.adobe.com/de; privacy policy: https://www.adobe.com/de/privacy.html; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TNo9AAG&status=Active.
• YouTube: Videos; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://www.youtube.com; privacy policy: https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• Xing Plugins and Buttons: Xing Plugins and Buttons – These may include content such as images, videos or texts and buttons that allow users to share content from this online offer within Xing. Service provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; website:https://www.xing.com; privacy policy:https://privacy.xing.com/de/datenschutzerklaerung.
• Vimeo: Video platform; Service provider: Vimeo Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA; Website: https://vimeo.com; Data protection declaration: < a href=”https://vimeo.com/privacy” target=”_blank” rel=”noreferrer noopener”>https://vimeo.com/privacy; Opt-out: We would like to point out that Vimeo may use Google Analytics and refer you to the data protection declaration (https://policies.google.com/privacy) and the opt-out options for Google Analytics (http:// tools.google.com/dlpage/gaoptout?hl=de) or Google’s settings for data use for marketing purposes (https://adssettings.google.com/).

Deletion of data

The data we process will be deleted in accordance with the legal requirements as soon as the consent to process it is revoked or other permissions lapse (e.g. if the purpose of processing this data no longer applies or it is no longer required for this purpose).

If the data is not deleted because it is required for other legally permissible purposes, its processing will be limited to these purposes. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax reasons or whose storage is necessary to assert, exercise or defend legal claims or to protect the rights of another natural or legal person.

Further information on the deletion of personal data can also be found in the individual data protection notices of this data protection declaration.

Amendment and updating of the data protection declaration

We ask you to regularly check the content of our data protection declaration. We will adapt the data protection declaration as soon as the changes to the data processing carried out by us make this necessary. We will inform you as soon as the changes require your cooperation (e.g. consent) or any other individual notification.

If we provide addresses and contact information for companies and organizations in this data protection declaration, please note that the addresses may change over time and please check the information before contacting us.

Rights of the data subjects

As a data subject, you have various rights under the GDPR, in particular under Articles 15 to 18 and 21 of the GDPR:

• Right to object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions. If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.
• Right of withdrawal: You have the right to withdraw your consent at any time.
• Right of access: You have the right to request confirmation as to whether the data in question is being processed and to request access to this data, as well as further information and a copy of the data in accordance with the legal requirements.
• Right to rectification: In accordance with the legal requirements, you have the right to request that the data concerning you be completed or that incorrect data concerning you be rectified.
• Right to erasure and restriction of processing: You have the right to request that the data concerning you be erased immediately or, alternatively, to request that the processing of the data be restricted in accordance with the statutory provisions.
• Right to data portability: You have the right to receive the data concerning you that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller, in accordance with the legal requirements.
• Complaint to supervisory authority: You also have the right, in accordance with the legal requirements, to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

Definitions

This section provides an overview of the terms used in this data protection declaration. Many of the terms are taken from the law and are defined in particular in Art. 4 GDPR. The legal definitions are binding. The following explanations are intended to help you understand them. The terms are in alphabetical order.

• A/B tests: A/B tests are used to improve the user-friendliness and performance of online offers. For example, users are shown different versions of a website or its elements, such as input forms, in which the placement of the content or the labels of the navigation elements may differ. Based on the behavior of the users, e.g. longer stays on the website or more frequent interaction with the elements, it can then be determined which of these websites or elements are more likely to meet the needs of the users.
• Affiliate tracking: As part of affiliate tracking, links that are used by linking websites to refer users to websites with product or other offers are logged. The operators of the respective linking websites may receive a commission if users follow these so-called affiliate links and then take advantage of the offers (e.g. buy goods or use services). To do this, it is necessary for the providers to be able to track whether users who are interested in certain offers subsequently take advantage of them at the instigation of the affiliate links. Therefore, for affiliate links to function properly, it is necessary for them to be supplemented with certain values that become part of the link or are stored elsewhere, e.g. in a cookie. These values include, in particular, the originating website (referrer), the time, an online identifier of the operator of the website on which the affiliate link was located, an online identifier of the respective offer, an online identifier of the user, as well as tracking-specific values, such as advertising medium ID, partner ID and categorizations.
• Conversion tracking: “Conversion tracking” is a process that can be used to determine the effectiveness of marketing measures. To do this, a cookie is usually stored on the user’s device within the websites on which the marketing measures take place and then retrieved again on the target website. For example, we can use this to see whether the ads we place on other websites were successful.
• Content Delivery Network (CDN): A “Content Delivery Network” (CDN) is a service that helps to deliver the content of an online offering, in particular large media files such as graphics or program scripts, faster and more securely using servers that are distributed regionally and connected via the Internet.
• Cross-device tracking: Cross-device tracking is a form of tracking in which users’ behavior and interest information is collected across devices in so-called profiles by assigning users an online identifier. This means that user information can usually be analyzed for marketing purposes, regardless of the browsers or devices (e.g. mobile phones or desktop computers) used. The online identifier is not linked to clear data such as names, postal addresses or e-mail addresses for most providers.
• Heatmaps: “Heatmaps” are the movements of users’ mouse cursors, which are combined to form an overall picture that can be used, for example, to identify which website elements are preferred and which website elements users prefer less.
• IP masking: IP masking is a method in which the last octet, i.e. the last two numbers of an IP address, are deleted so that the IP address can no longer be used to uniquely identify a person. IP masking is therefore a means of pseudonymizing processing procedures, especially in online marketing
• Interest-based and behavior-based marketing: Interest-based and/or behavior-based marketing is when potential interests of users in ads and other content are predicted as accurately as possible. This is done by using information about their previous behavior (e.g. visiting certain websites and spending time on them, buying behavior or interaction with other users), which is stored in a so-called profile. Cookies are usually used for these purposes.
• Click tracking: Click tracking allows us to monitor the movements of users within an entire online offering. Since the results of these tests are more accurate when the interaction of users can be tracked over a certain period of time (e.g. so that we can find out whether a user likes to return), cookies are usually stored on the users’ computers for these test purposes.
• Conversion measurement: Conversion measurement is a method for determining the effectiveness of marketing measures. To do this, a cookie is usually stored on the user’s device within the websites on which the marketing measures take place and then retrieved again on the target website. For example, this allows us to see whether the ads we place on other websites were successful.
• Personal data: “Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier number, location data, online identifier (e.g. cookie) or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
• Profiling: Profiling is any form of automated processing of personal data consisting of the use of such personal data to analyze, evaluate or predict certain personal aspects relating to a natural person (depending on the type of profiling, this may include information concerning age, gender, location data and movement data, interaction with websites and their content, purchasing behavior, social interactions with other people), to analyze, evaluate or predict them (e.g. interests in certain content or products, click behavior on a website or location). Cookies and web beacons are often used for profiling purposes.
• Reach measurement: Reach measurement (also known as web analytics) is used to evaluate the visitor traffic of an online offering and can include the behavior or interests of visitors to certain information, such as website content. With the help of reach analysis, website owners can, for example, recognize at what time visitors visit their website and what content they are interested in. This enables them, for example, to better adapt the content of the website to the needs of their visitors. For the purposes of reach analysis, pseudonymous cookies and web beacons are often used to recognize returning visitors and thus obtain more accurate analyses of the use of an online offering.
• Remarketing: The terms “remarketing” and “retargeting” are used when, for example, a user’s interest in a product on a website is noted for advertising purposes in order to remind the user of these products on other websites, e.g. in advertisements.
• Tracking: Tracking refers to the ability to track the behavior of users across multiple online services. As a rule, behavioral and interest information is stored in cookies or on the servers of the providers of the tracking technologies with regard to the online services used (so-called profiling). This information can then be used, for example, to display advertisements to users that are likely to match their interests.
• Controller: The controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
• Processing: “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The term is broad and covers virtually any handling of data, whether it be collection, evaluation, storage, transmission or deletion.
• Target group formation: Target group formation (or “custom audiences”) refers to the formation of target groups for advertising purposes, e.g. the display of advertisements. For example, based on a user’s interest in certain products or topics on the internet, it can be concluded that this user is interested in advertisements for similar products or the online shop in which he or she viewed the products. Lookalike audiences (or similar target groups) are created when the content deemed suitable is displayed to users whose profiles or interests are presumed to correspond to the users for whom the profiles were created. Cookies and web beacons are generally used to create custom audiences and lookalike audiences.

Created with free Datenschutz-Generator.de by Dr. Thomas Schwenke

---

Registration for webinars

The following information is to inform you about the registration, participation and statistical evaluation procedure as well as your rights of objection in connection with the webinars we offer. By registering for our free and paid webinars, you agree to receive e-mails, such as info mails and newsletters, as well as the described procedures.

Registration data and registration procedure:

When you register for our webinars using the double opt-in procedure, you will be informed about receiving our newsletter and the free option to revoke your consent. Registration for our webinars is completely voluntary.

To participate in one of our webinars, it is sufficient to provide your e-mail address. Optionally, we ask you to provide your first and last name for the purpose of personalizing our e-mails and for an overview of our prospective customer structure. These optional details are provided voluntarily and are not mandatory for participation in a webinar.

The registration process is logged on the basis of our legitimate interests in accordance with Art. 6 (1) (f) GDPR and serves to provide proof of consent to receive our e-mails.

In Germany, the sending of info mails and newsletters as well as the measurement of success are based on the consent of the recipients in accordance with Art. 6 para. 1 lit. a, Art. 7 GDPR in conjunction with § 7 para. 2 no. 3 UWG or on the basis of the legal permission in accordance with § 7 para. 3 UWG.

Webinar service provider:

We provide our webinars via the online platform of Webinaris GmbH, Bussardstr. 5.2, 82166 Gräfelfing, hereinafter referred to as “Webinaris”. We are a so-called “user” who has a paid Webinaris membership on the Webinaris online platform in order to be able to register and conduct webinars via this platform.

You can view Webinaris’ data protection provisions here:http://webinaris.com/datenschutzbestimmungen.html

When you register for a webinar and when you participate in a webinar that we as users organize via the Webinaris online platform, the following data is transferred from you as a so-called user to Webinaris and processed there:

• E-mail address
• First name (optional)
• Surname (optional)
• Browser and system data
• IP address
• Language
• Time zone
• All data provided by the participant in the chat
• Usage data resulting from registration for and participation in the webinar

Webinaris offers us the opportunity to publish webinars and to evaluate them statistically in order to constantly improve our offering. To do this, it is necessary for Webinaris to process the data of webinar participants/users on our behalf. The scope of the data and the data processing are regulated in the agreement on data processing, which we have concluded with Webinaris. As a user, we can view the data at Webinaris and export it to our own systems. 

The legal basis for the processing of the data is Art. 6 para. 1 sentence 1 lit. b) GDPR. Further information can be found in Webinaris’s privacy policy athttps://webinaris.com/datenschutzbestimmungen.html.

Use of Calendly

This website uses Calendly.com for the online appointment booking service. This page offers an external platform for making appointments. The appointment booking service is integrated into the source code of our website via a script. By using the appointment calendar, you automatically use the services of Calendly.com. Data is transferred there for the security and documentation of teambay. The data collected includes: name, IP address at the time of the appointment, agreed date and agreed time. This data will not be passed on to third parties and is used only for the administration and organization of appointments and for internal statistics. By using the appointment calendar, you agree that you agree to this. You can find more information about Calendly.com here. Please be sure to read it. Please note, however, that the site is only available in English:https://calendly.com/pages/privacy

• Temporary cookies (also known as session cookies): Temporary cookies are deleted at the latest after a user has left an online service and closed their browser.
• Permanent cookies: Permanent cookies remain stored even after the browser has been closed. This means, for example, that the login status can be stored or that preferred content can be displayed directly when the user visits a website again. The interests of users, which are used for range measurement or marketing purposes, can also be stored in such a cookie.
• First-party cookies: First-party cookies are set by us ourselves.
• Third-party cookies (also: third-party cookies): Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
• Necessary (also: essential or absolutely required) cookies: Cookies may be absolutely necessary for the operation of a website (e.g. to store logins or other user input or for security reasons).
• Statistics, marketing and personalization cookies: Cookies are also generally used to measure reach and when a user’s interests or behavior (e.g. viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles are used to display content to users that matches their potential interests, for example. This process is also referred to as “tracking”, i.e. tracking the potential interests of users. If we use cookies or “tracking” technologies, we will inform you separately in our data protection declaration or when we obtain your consent.

Notes on legal basis: The legal basis for processing your personal data with the help of cookies depends on whether we ask you for your consent. If this is the case and you consent to the use of cookies, the legal basis for the processing of your data is your consent. Otherwise, the data processed using cookies is processed on the basis of our legitimate interests (e.g. in the commercial operation of our online offering and its improvement) or, if the use of cookies is necessary to fulfill our contractual obligations.

General information on revocation and objection (opt-out): Depending on whether the processing is based on consent or legal permission, you have the option at any time to revoke your consent or to object to the processing of your data by cookie technologies (collectively referred to as “opt-out”). You can initially declare your objection by means of your browser settings, e.g. by deactivating the use of cookies (although this may also restrict the functionality of our online offering). You can also object to the use of cookies for online marketing purposes using a variety of services, especially in the case of tracking, via the websites http:// optout.aboutads.info and http://www.youronlinechoices.com/ . You can also find further information on how to opt out in the information provided on the service providers and cookies used.

Processing of cookie data on the basis of consent: Before we process data or have it processed in the context of the use of cookies, we ask users for consent, which can be revoked at any time. Before consent has been given, cookies that are necessary for the operation of our online offer may be used. Their use is based on our interest and the interest of users in the expected functionality of our online offer.

• Types of data processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Users (e.g. website visitors, users of online services).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Manage privacy settings

Blogs and publication media

We use blogs or similar means of online communication and publication (hereinafter referred to as “publication medium”). The data of the readers are only processed for the purposes of the publication medium to the extent necessary for its presentation and communication between authors and readers or for security reasons. For the rest, we refer to the information on the processing of visitors to our publication medium in the context of this data protection notice.

Comments and posts: If users leave comments or other posts, their IP addresses may be stored on the basis of our legitimate interests. This is done for our security in case someone leaves illegal content in comments and posts (insults, prohibited political propaganda, etc.). In this case, we ourselves can be prosecuted for the comment or post and are therefore interested in the identity of the author.

Furthermore, we reserve the right to process the information provided by users for the purpose of spam detection based on our legitimate interests.

On the same legal basis, we reserve the right to store the IP addresses of users for the duration of surveys and to use cookies to prevent multiple votes.

The personal information provided in the comments and posts, any contact and website information, as well as the content information, will be stored by us permanently until the user objects.

Comment subscriptions: Users can subscribe to follow-up comments with their consent. Users will receive a confirmation email to verify that they are the owner of the email address entered. Users can unsubscribe from current comment subscriptions at any time. The confirmation email will contain information on how to revoke consent. For the purpose of proving the user’s consent, we store the time of registration and the user’s IP address and delete this information when the user unsubscribes.

You can cancel your subscription to our newsletter at any time, i.e. revoke your consent. We may store the unsubscribed e-mail addresses for up to three years on the basis of our legitimate interests before we delete them in order to be able to prove a previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time.

Retrieval of WordPress emojis and smilies: Within our WordPress blog, graphical emojis (or smilies), i.e. small graphical files that express feelings, are used for the purpose of efficiently integrating content elements, which are obtained from external servers. The providers of the servers collect the IP addresses of the users. This is necessary so that the emoji files can be transmitted to the users’ browsers.

Akismet anti-spam check: We use the “Akismet” service on the basis of our legitimate interests. Akismet is used to distinguish comments from real people from spam comments. To do this, all comment information is sent to a server in the USA, where it is analyzed and stored for four days for comparison purposes. If a comment is classified as spam, the data is stored beyond this time. This information includes the name entered, the e-mail address, the IP address, the comment content, the referrer, information on the browser used and the computer system, and the time of the entry.

Users are welcome to use pseudonyms or to refrain from entering their name or e-mail address. They can completely prevent the transfer of data by not using our comment system. That would be a shame, but unfortunately we see no alternatives that work equally effectively.

Gravatar profile pictures: We use the Gravatar service within our online offering and in particular in the blog.

Gravatar is a service that allows users to register and store profile pictures and their e-mail addresses. When users leave posts or comments on other online presences (especially blogs) with the respective e-mail address, their profile pictures can be displayed next to the posts or comments. To do this, the e-mail address provided by the users is encrypted and transmitted to Gravatar to check whether a profile is stored for it. This is the only purpose of the e-mail address. It will not be used for any other purpose and will be deleted afterwards.

We use Gravatar on the basis of our legitimate interests, as we use Gravatar to offer the authors of posts and comments the option of personalizing their posts with a profile picture.

By displaying the images, Gravatar learns the IP address of the user, as this is necessary for communication between a browser and an online service.

If users do not want a user image associated with their e-mail address to appear in the comments, they should use an e-mail address that is not stored with Gravatar to comment. We would also like to point out that it is also possible to use an anonymous or no e-mail address at all if users do not want their own e-mail address to be sent to Gravatar. Users can completely prevent the transfer of data by not using our comment system.

• Types of data processed: Inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), contract data (e.g. subject matter of the contract, term, customer category).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing: Contractual services and support, feedback (e.g. collecting feedback via online forms), security measures, administration and answering of enquiries, contact requests and communication, provision of our online services and user-friendliness.
• Legal basis: Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR), consent (Art. 6 para. 1 sentence 1 lit. a GDPR), protection of vital interests (Art. 6 para. 1 sentence 1 lit. d. GDPR).

Services and service providers used:

• Retrieval of WordPress emojis and smilies: Retrieval of WordPress emojis and smilies; Service provider: Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA; Website: https://automattic.com; Privacy Policy:https://automattic.com/privacy.
• Akismet Anti-Spam-Check: Akismet Anti-Spam-Check; Service provider: Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA; Website: https://automattic.com; Privacy Policy: https://automattic.com/privacy.
• Gravatar profile pictures: Profile pictures; Service provider: Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA; Website: https://automattic.com; Privacy Policy: https://automattic.com/privacy.
• UpdraftPlus: Backup software and storage; Service provider: Simba Hosting Ltd., 11, Barringer Way, St. Neots, Cambs., PE19 1LW, GB; website:https://updraftplus.com/.

Contact

When you contact us (e.g. via the contact form, e-mail, telephone or social media), the information provided by the person making the request will be processed to the extent necessary to answer the contact requests and any requested measures.

The response to contact requests in the context of contractual or pre-contractual relationships is made in order to fulfill our contractual obligations or to respond to (pre)contractual requests and, in addition, on the basis of the legitimate interests in responding to the requests.

• Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Communication partners.
• Purposes of processing: Contact requests and communication.
• Legal basis: Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Communication via Messenger

We use messenger services for communication purposes and therefore ask you to note the following information on the functionality of the messengers, encryption, the use of metadata in communication and your options for objecting to this

You can also contact us by other means, e.g. by telephone or e-mail. Please use the contact options provided to you or the contact options provided within our online offering.

In the case of end-to-end encryption of content (i.e. the content of your message and attachments), we would like to point out that the communication content (i.e. the content of the message and attached images) is encrypted from end to end. This means that the content of the messages cannot be viewed, not even by the messenger providers themselves. You should always use the latest version of the messenger with encryption enabled to ensure that the message content is encrypted.

However, we would also like to point out to our communication partners that although the providers of the messengers do not view the content, they can find out that and when communication partners communicate with us, as well as technical information about the communication partner’s device and, depending on the settings of their device, location information (so-called metadata) is processed.

Notes on legal basis: If we ask communication partners for permission before communicating with them via Messenger, the legal basis for our processing of their data is their consent. In other respects, if we do not ask for consent and you contact us, for example, on your own initiative, we use Messenger as a contractual measure in relation to our contractual partners and in the context of initiating contracts, and in the case of other interested parties and communication partners on the basis of our legitimate interests in fast and efficient communication and fulfilling the needs of our communication partners in communicating via Messengers. Furthermore, we would like to point out that we will not transmit the contact data provided to us to the messengers for the first time without your consent.

Revocation, objection and deletion: You can revoke your consent at any time and object to communication with us via messenger at any time. In the case of communication via Messenger, we delete the messages in accordance with our general deletion guidelines (i.e. e.g. as described above, after the end of contractual relationships, in the context of archiving requirements, etc.) and otherwise as soon as we can assume that we have answered any information from the communication partner, if no reference to a previous conversation is to be expected and the deletion does not conflict with any legal retention obligations.

Reservation of the right to refer to other communication channels: Finally, we would like to point out that, for reasons of your security, we reserve the right not to answer questions via Messenger. This is the case, for example, if contractual information requires special confidentiality or an answer via Messenger does not meet the formal requirements. In such cases, we refer you to more appropriate communication channels.

Skype: Skype’s end-to-end encryption requires it to be activated (unless it is activated by default).

• Types of data processed: Contact details (e.g. e-mail, telephone numbers), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), content data (e.g. text entries, photographs, videos).
• Data subjects: Communication partners.
• Purposes of processing: Contact requests and communication, direct marketing (e.g. by e-mail or post).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Facebook Messenger: Facebook Messenger with end-to-end encryption (end-to-end encryption of Facebook Messenger requires activation if it is not activated by default); service provider:& nbsp;https://www.facebook.com, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; privacy policy: https://www.facebook.com/about/privacy; Privacy Shield (guaranteeing a certain level of data protection when processing data in the USA): https://www.privac yshield.gov/participant?id=a2zt0000000GnywAAC&status=Active; Opt-out:https://www.facebook.com/settings?tab=ads.
• Skype: Skype Messenger with end-to-end encryption; Service provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA; website: https://www.skype.com/de/; privacy policy:&nbsp ;https://privacy.microsoft.com/de-de/privacystatement, security information: https://www.microsoft.com/de-de/trustcenter; Privacy Shield (guaranteeing a level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active.
• Snapchat: Snapchat Messenger with end-to-end encryption; Service provider: Snap Inc, 63 Market Street Venice, CA 90291 USA; Website: https://www.snapchat.com/l/de-de/; Privacy Policy: https://www.snap.com/de-DE/privacy/privacy-policy/; Privacy Shield (guaranteeing a level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TNPxAAO&status=Active.
• WhatsApp: WhatsApp Messenger with end-to-end encryption; Service provider: WhatsApp Inc. WhatsApp Legal 1601 Willow Road Menlo Park, California 94025, USA; Website: https://www.whatsapp.com/; Privacy Policy: https://www.whatsapp.com/legal; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TSnwAAG&status=Active.

Chatbots and chat functions

We offer a so-called “chatbot” as a means of communication. A chatbot is software that answers users’ questions or informs them about messages. If you chat with our chatbot, we can process your personal data.

If you communicate with the chatbot within an online platform, your identification number will also be stored within the respective platform. We may also collect information about which users interact with our chatbot and when. Furthermore, we store the content of your conversations with the chatbot and log registration and consent processes in order to be able to prove them in accordance with legal requirements.

We would like to point out that the respective platform provider can find out that and when users communicate with our chatbot, as well as technical information about the user’s device and, depending on the settings of their device, location information (so-called metadata) for the purpose of optimizing the respective services and for security purposes. The metadata of the communication via chatbot (i.e. e.g. the information of who communicated with whom) could also be used by the respective platform providers in accordance with their provisions, to which we refer for further information, for marketing purposes or to display customized advertising to users.

If users agree to the chatbot to activate information with regular messages, they have the option to unsubscribe from the information at any time. The chatbot will inform users how and with which terms they can unsubscribe from the messages. When unsubscribing from the chatbot messages, user data will be deleted from the directory of message recipients.

We use the above information to operate our chatbot, e.g. to address users personally, to answer their questions to the chatbot, to transmit any requested content and also to improve our chatbot (e.g. to “teach” it answers to frequently asked questions or to recognize unanswered questions).

Notes on legal basis: We use the chatbot on the basis of consent if we have previously obtained the user’s permission to process their data through the chatbot (this applies to cases in which users are asked for consent, e.g. so that the chatbot can send them regular messages). If we use the chatbot to answer user queries about our services or our company, this is for contractual and pre-contractual communication. Otherwise, we use the chatbot on the basis of our legitimate interests in optimizing the chatbot, its operational efficiency and increasing the positive user experience.

Revocation, objection and deletion: You can revoke your consent at any time or object to the processing of your data in the context of our chatbot use.

• Types of data processed: Contact details (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Communication partners, users (e.g. website visitors, users of online services).
• Purposes of processing: Contact requests and communication, direct marketing (e.g. by e-mail or post), reach measurement (e.g. access statistics, recognition of returning visitors ), tracking (e.g. interest/behavioral profiling, use of cookies), remarketing, visit action evaluation, profiling (creation of user profiles), conversion measurement (measurement of the effectiveness of marketing measures).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Surveys and questionnaires

The surveys and questionnaires we conduct (hereinafter referred to as “surveys”) are evaluated anonymously. Personal data is only processed to the extent necessary to provide and technically implement the surveys (e.g. processing the IP address to display the survey in the user’s browser or to enable the survey to be resumed using a temporary cookie (session cookie)) or if users have consented to this.

Notes on legal basis: If we ask participants for their consent to the processing of their data, this is the legal basis for the processing; otherwise, the processing of participants’ data is based on our legitimate interest in conducting an objective survey.

• Types of data processed: Contact details (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Communication partners, users (e.g. website visitors, users of online services).
• Purposes of processing: Contact requests and communication, direct marketing (e.g. by e-mail or post), tracking (e.g. interest/behavioral profiling, use of cookies), feedback (e.g. collecting feedback via online form).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Google Form: Google Cloud Forms; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://firebase.google.com; privacy policy: https://policies.google.com/privacy; Privacy Shield (guaranteeing a certain level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.

Provision of the online offer and web hosting

In order to provide our online offering securely and efficiently, we use the services of one or more web hosting providers, from whose servers (or servers managed by them) the online offering can be accessed. For these purposes, we may use infrastructure and platform services, computing capacity, storage space and database services, as well as security and technical maintenance services.

The data processed in the context of providing the hosting service may include all information concerning the users of our online service that is generated in the course of its use and communication. This regularly includes the IP address, which is necessary to deliver the content of online services to browsers, and all entries made within our online service or on websites.

E-mail sending and hosting: The web hosting services we use also include sending, receiving and storing e-mails. For these purposes, the addresses of the recipients and senders as well as other information regarding the e-mail sending (e.g. the providers involved) and the contents of the respective e-mails are processed. The aforementioned data may also be processed for the purpose of detecting spam. Please note that e-mails are not encrypted when sent over the internet. While e-mails are usually encrypted during transmission, they are not encrypted on the servers from which they are sent and received (unless an end-to-end encryption method is used). We therefore cannot accept any responsibility for the transmission of e-mails between the sender and the recipient on our server.

Collection of access data and log files: We ourselves (or our web hosting provider) collect data on every access to the server (so-called server log files). The server log files may include the address and name of the websites and files accessed, the date and time of access, the amount of data transferred, a notification of successful retrieval, the browser type and version, the user’s operating system, the referrer URL (the previously visited page) and, as a rule, the IP addresses and the requesting provider.

The server log files can be used for security purposes, for example to prevent server overload (especially in the event of abusive attacks, so-called DDoS attacks), and to ensure that the servers are utilized and stable.

Content delivery network: We use a content delivery network (CDN). A CDN is a service that helps to deliver the content of an online offering, in particular large media files such as graphics or program scripts, faster and more securely using servers that are distributed regionally and connected via the internet.

• Types of data processed: Content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing: Content Delivery Network (CDN).
• Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• All-inkl.com: When you visit this website, personal data is processed. Data categories processed: technical connection data of the server access (IP address, date, time, requested page, browser information). Purpose of processing: monitoring of technical function and to increase the operational reliability of our web server, delivery and provision of the website and anonymization and creation of statistics. The legal basis for processing: a legitimate interest that outweighs the rights and freedoms of the data subjects (Art. 6 (1) f GDPR). Legitimate interests in this context: strong economic interest in the secure and functional operation of technical systems. Data is transferred: to the processor ALL-INKL.COM – Neue Medien Münnich, René Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany.
  https://all-inkl.com/datenschutzinformationen/

Cloud services

We use software services that are accessible via the internet and run on the servers of their providers (so-called “cloud services”, also referred to as “software as a service”) for the following purposes: document storage and management, calendar management , sending e-mails, spreadsheets and presentations, exchanging documents, content and information with specific recipients or publishing websites, forms or other content and information, as well as chats and participation in audio and video conferences.

In this context, personal data may be processed and stored on the providers’ servers, provided that this data is part of communication processes with us or is otherwise processed by us, as set out in this data protection declaration. This data may include, in particular, master data and contact data of users, data on processes, contracts, other processes and their contents. The providers of cloud services also process usage data and metadata, which they use for security purposes and to optimize their services.

If we use cloud services to provide forms or other documents and content to other users or publicly accessible websites, the providers may store cookies on the users’ devices for the purposes of web analysis or to remember the users’ settings (e.g. in the case of media control).

Notes on legal basis: If we ask for consent to use cloud services, the legal basis for processing is consent. Furthermore, their use may be part of our (pre)contractual services, provided that the use of cloud services has been agreed in this context. Otherwise, the user data is processed on the basis of our legitimate interests (i.e. interest in efficient and secure administrative and collaboration processes)

• Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Customers, employees (e.g. employees, applicants, former employees), interested parties, communication partners.
• Purposes of processing: Office and organizational procedures.
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Google Cloud Services: Cloud storage services; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://cloud.google.com/; privacy policy: https://www.google.com/policies/privacy, security information: https://cloud.google.com/security/privacy; Privacy Shield (guaranteeing data protection level when processing data in the USA):https://www.privacyshield.gov/ participant?id=a2zt0000000000001L5AAI&status=Active; Standard contractual clauses (ensuring a level of data protection when processing in a third country): https://cloud.google.com/terms/data-processing-terms; Additional information on data protection:https://cloud.google.com/terms/data-processing-terms.
• Microsoft Cloud Services: Cloud storage services; Service provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA; website: http://microsoft.com/de-de; privacy statement: < a href=”https://privacy.microsoft.com/de-de/privacystatement” target=”_blank” rel=”noreferrer noopener”>https://privacy.microsoft.com/de-de/privacystatement, Security Notice: https://www.microsoft.com/de-de/trustcenter; Privacy Shield (guaranteeing a level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active.

Newsletter and broad communication

We only send newsletters, e-mails and other electronic notifications (hereinafter referred to as “newsletters”) with the consent of the recipients or with legal permission. If the contents of a newsletter are specifically described when registering for it, they are decisive for the user’s consent. In addition, our newsletters contain information about our services and us.

To subscribe to our newsletters, it is generally sufficient to provide your e-mail address. However, we may ask you to provide a name so that we can address you personally in the newsletter, or other information if this is necessary for the purposes of the newsletter.

Double opt-in procedure: You will receive an e-mail asking you to confirm your registration. This confirmation is necessary to prevent anyone from registering with someone else’s e-mail address. The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with legal requirements. This includes storing the registration and confirmation times as well as the IP address. The changes to your data stored by the shipping service provider are also logged.

Deletion and restriction of processing: We may store the e-mail addresses of those who have unsubscribed for up to three years on the basis of our legitimate interests before we delete them in order to be able to prove that consent was given. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time. In the event of obligations to permanently observe objections, we reserve the right to store the e-mail address for this purpose alone in a blacklist.

The registration process is logged on the basis of our legitimate interests in order to verify that it has been carried out correctly. If we commission a service provider to send e-mails, this is done on the basis of our legitimate interests in an efficient and secure delivery system.

Notes on legal basis: The newsletter is sent on the basis of the recipient’s consent or, if consent is not required, on the basis of our legitimate interests in direct marketing, provided and to the extent that this is permitted by law, e.g. in the case of customer acquisition. If we commission a service provider to send e-mails, this is done on the basis of our legitimate interests. The registration process is recorded on the basis of our legitimate interests in order to prove that it was carried out in accordance with the law.

Contents: Information about us, our services, promotions and offers.

Performance measurement: The newsletters contain a so-called “web beacon”, i.e. a pixel-sized file that is retrieved from our server when the newsletter is opened, or from the server of the service provider we use if we use a service provider. This retrieval process initially collects technical information such as information about the browser and your system, as well as your IP address and the time of retrieval.

This information is used to technically improve our newsletter based on the technical data or the target groups and their reading behavior based on their locations (which can be determined using the IP address) or the access times. This analysis also includes determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our intention nor that of the mailing service provider, if used, to monitor individual users. Rather, the evaluations serve to identify the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

The evaluation of the newsletter and the measurement of success are carried out, subject to the user’s express consent, on the basis of our legitimate interests for the purpose of using a user-friendly and secure newsletter system that serves both our business interests and the expectations of our users.

Unfortunately, it is not possible to revoke the success measurement separately. In this case, the entire newsletter subscription must be canceled or objected to.

• Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), meta/communication data (e.g. device information, IP addresses), usage data (e.g. websites visited, interest in content, access times).
• Data subjects: Communication partners.
• Purposes of processing: Direct marketing (e.g. by e-mail or post), contact requests and communication.
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).
• Opt-out: You can cancel your subscription to our newsletter at any time, i.e. revoke your consent or object to further receipt. You will find a link to cancel the newsletter either at the end of each newsletter or you can use one of the contact options given above, preferably by e-mail, for this purpose.

Services used and service providers:

Brevo

This website uses Brevo to send newsletters. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.
Brevo is a service that can be used to organize and analyze the sending of newsletters, among other things. The data you enter to receive the newsletter is stored on the servers of Sendinblue GmbH in Germany.

Data analysis by Brevo

With the help of Brevo, we are able to analyze our newsletter campaigns. This allows us to see, for example, whether a newsletter message has been opened and which links, if any, have been clicked on. In this way, we can determine, among other things, which links have been clicked on particularly often.
We can also see whether certain predefined actions have been carried out after opening/clicking on the message (conversion rate). For example, we can see whether you made a purchase after clicking on the newsletter.
Brevo also allows us to divide the newsletter recipients into different categories (“clusters”). This means that the newsletter recipients can be divided according to age, gender or place of residence, for example. In this way, the newsletters can be better adapted to the respective target groups.
If you do not want Brevo to analyze your data, you must unsubscribe from the newsletter. We provide a link to do this in every newsletter message.
For detailed information on the functions of Brevo, please refer to the following link: https://www.brevo.com/de/newsletter-software/.

Legal basis

The data processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.

Storage period

The data you provide to us for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter or the newsletter service provider and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored by us for other purposes remains unaffected by this.
After you have unsubscribed from the newsletter distribution list, your e-mail address will be stored by us or the newsletter service provider in a blacklist if necessary, provided that this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interests and our interest in complying with the legal requirements for sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). There is no time limit on storage in the blacklist. You can object to the storage if your interests outweigh our legitimate interest.
For more information, please refer to Brevo’s data protection regulations at: https://www.brevo.com/de /datenschutz-uebersicht/ andhttps://www.brevo.com/de/legal/privacypolicy/.

Advertising communication by post, fax or telephone

We process personal data for the purposes of advertising communication, which can take place via various channels, such as e-mail, telephone, post or fax. In this context, we observe the legal requirements and obtain the necessary consents, unless the communication is not legally permitted.

The recipients have the right to revoke their consent at any time or to object to the promotional communication at any time.

After revocation or objection, we may store the data required to prove consent for up to three years on the basis of our legitimate interests before deleting it. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time.

• Types of data processed: Inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers).
• Data subjects: Communication partners.
• Purposes of processing: Direct marketing (e.g. by e-mail or post).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Web analysis and optimization

Web analytics (also known as “reach measurement”) is used to evaluate the flow of visitors to our online offering and can include behavior, interests or demographic information about visitors, such as age or gender, as pseudonymous values. With the help of reach analysis, we can, for example, recognize at what time our online offering or its functions or content are most frequently used or invite reuse. We can also see which areas need optimization.

In addition to web analytics, we can also use test procedures to test and optimize different versions of our online offering or its components, for example.

For these purposes, so-called user profiles can be created and stored in a file (so-called “cookies”) or similar procedures with the same purpose can be used. This information may include, for example, viewed content, visited websites and elements used there, as well as technical information such as the browser and computer system used, and information on usage times. If users have consented to the collection of their location data, this data may also be processed, depending on the provider.

The IP addresses of users are also stored. However, we use an IP masking procedure (i.e. pseudonymization by shortening the IP address) to protect users. In general, no clear data of the users (such as e-mail addresses or names) are stored in the context of web analysis, A/B testing and optimization, but pseudonyms. This means that we and the providers of the software used do not know the actual identity of the users, but only the information stored in their profiles for the purposes of the respective procedures.

Notes on legal basis: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is consent. Otherwise, the data of users is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this data protection declaration.

• Data types processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing: Range measurement (e.g. access statistics, recognition of returning visitors), tracking (e.g. interest/behavior-related profiling, use of cookies), visit action evaluation, profiling (creation of user profiles), interest-based and behavior-based marketing, click tracking, A/B tests, heat maps (user mouse movements that are combined into an overall picture.).
• Security measures: IP masking (pseudonymization of the IP address).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Google Optimize: Use of Google Analytics data to improve areas of our online offering and to better align our marketing activities with the potential interests of users; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://optimize.google.com; privacy policy: https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• Yandex-Metrica: Analysis, click-tracking and website optimization; Service provider: Yandex Oy, Moreenikatu 6, 04600 Mantsala, Finland; website:https://yandex.com; privacy policy:https://yandex.com/legal/privacy/; Standard contractual clauses (ensuring a level of data protection when processing in a third country): agreed between Yandex Oy and YANDEX LLC, 16 Lva Tolstogo st., Moscow, 11 902 1, Russia, which is commissioned to process the data.
• Microsoft Clarity: This website uses the “Microsoft Clarity” service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA (hereinafter “Microsoft”) to collect and store various user information for statistical analysis of user behavior and for optimization and marketing purposes. This information, which is always anonymous, includes the time zone setting, operating system and platform, the geographical origin of the page view, the origin of the referral to our site, the duration of visits to certain pages, and information about website interaction (e.g. scrolling, clicks and mouse-overs). Pseudonymized user profiles can be created and evaluated from this data for the same purpose. Cookies are used for collection and analysis. Cookies are small text files that are stored locally in the cache of the visitor’s Internet browser. Among other things, cookies enable the Internet browser to be recognized. The data collected using Microsoft technologies will not be used to personally identify visitors to this website without the express consent of the person concerned and will not be merged with personal data about the bearer of the pseudonym. Collected information may be transmitted to Microsoft servers in the USA and stored there. We have concluded a data processing agreement with Microsoft, obliging Microsoft to protect the data of our customers and not to pass it on to third parties.All the processing described above, in particular the setting of cookies for reading information on the end device used, will only be carried out if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR. Without this consent, Microsoft Clarity will not be used during your visit to the site.
  You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the “Cookie Consent Tool” provided on the website.For more information about Microsoft Clarity’s privacy policy, please visit https://clarity.microsoft.com/terms

Online marketing

We process personal data for the purposes of online marketing, which may include, in particular, the marketing of advertising space or the presentation of advertising and other content (collectively referred to as “content”) based on the potential interests of users and the measurement of their effectiveness.

For these purposes, so-called user profiles are created and stored in a file (so-called “cookie”) or similar procedures are used to store the information relevant to the user for the display of the aforementioned content. This information may include, for example, viewed content, visited websites, used online networks, but also communication partners and technical information, such as the browser used, the computer system used and information on usage times. If users have consented to the collection of their location data, this data may also be processed.

The IP addresses of users are also stored. However, we use available IP masking procedures (i.e. pseudonymization by shortening the IP address) to protect users. In general, no clear data of the users (such as e-mail addresses or names) are stored as part of the online marketing process, but pseudonyms. This means that we and the providers of the online marketing process do not know the actual identity of the users, but only the information stored in their profiles.

The information in the profiles is usually stored in cookies or by means of similar processes. These cookies can generally also be read on other websites that use the same online marketing process, analyzed for the purpose of displaying content, supplemented with additional data and stored on the server of the online marketing process provider.

In exceptional cases, clear data can be assigned to the profiles. This is the case if, for example, the users are members of a social network whose online marketing methods we use and the network links the users’ profiles to the aforementioned information. Please note that users may enter into additional agreements with the providers, e.g. by giving their consent during registration.

We only receive access to summarized information about the success of our advertisements. However, we can use so-called conversion measurements to check which of our online marketing methods have led to a so-called conversion, i.e. to a contract with us. The conversion measurement is used solely to analyze the success of our marketing measures.

Unless otherwise stated, we ask you to assume that cookies used will be stored for a period of two years.

Notes on legal basis: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is consent. Otherwise, the data of users is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this data protection declaration.

Target group formation with Google Analytics: We use Google Analytics to display the ads placed within Google’s advertising services and those of its partners only to users who have also shown an interest in our online or who have certain characteristics (e.g. an interest in certain topics or products determined on the basis of the websites visited) that we transmit to Google (so-called “remarketing” or “Google Analytics audiences”). With the help of remarketing audiences, we also want to ensure that our ads correspond to the potential interest of users

Facebook pixel: With the help of the Facebook pixel, Facebook is able to identify visitors to our online offering as a target group for the display of ads (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to display the Facebook ads we place only to those users on Facebook and within the services of partners cooperating with Facebook (so-called “Audience Network”https://www.facebook.com/audiencenetwork/ ), who have also shown an interest in our online offering or who have certain characteristics (e.g. an interest in certain topics or products that can be seen from the websites visited) that we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we also want to ensure that our Facebook ads match the potential interest of users and do not have a disruptive effect. With the help of the Facebook pixel, we can also track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion measurement”).

• Types of data processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), location data (data that indicate the location of the end user’s terminal device), social data (data that is subject to social secrecy (Section 35 of the German Social Code I) and is processed by social insurance carriers, social welfare organizations or pension authorities, for example.).
• Data subjects: Users (e.g. website visitors, users of online services), interested parties, customers, employees (e.g. employees, applicants, former employees), communication partners.
• Purposes of processing: Tracking (e.g. interest/behavioral profiling, use of cookies), remarketing, visit action evaluation, interest-based and behavioral marketing, profiling (creation of user profiles), conversion measurement (measuring the effectiveness of marketing measures), reach measurement (e.g. access statistics, recognition of returning visitors), target group formation (determination of target groups relevant for marketing purposes or other output of content), cross-device tracking (cross-device processing of user data for marketing purposes).
• Security measures: IP masking (pseudonymization of the IP address).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).
• Opt-out: We refer to the data protection information of the respective providers and the opt-out options provided by the providers. If no explicit opt-out option has been provided, you can disable cookies in your browser settings. However, this may restrict the functionality of our online offering. We therefore also recommend the following opt-out options, which are offered in summary for the respective areas: a) Europe:https://www. youronlinechoices.eu. b) Canada: https://www.youradchoices.ca/choices. c) USA:https://www.aboutads.info/choices. d) Cross-regional:http://optout.aboutads.info.

Services and service providers used:

• Google Tag Manager: Google Tag Manager is a solution that allows us to manage so-called website tags via a user interface (and thus, for example, to integrate Google Analytics and other Google marketing services into our online offering). The Tag Manager itself (which implements the tags) does not process any personal data of users. With regard to the processing of personal data of users, please refer to the following information on Google services. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://marketingplatform.google.com; privacy policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
• Google Analytics: Online marketing and web analysis; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://marketingplatform.google.com/intl/de/about/analytics/; privacy policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active; Opt-out: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• Google Ads and conversion measurement: We use the online marketing method “Google Ads” to place ads in the Google advertising network (e.g., in search results, in videos, on websites, etc.) so that they are displayed to users who are presumed to be interested in the ads. We also measure the conversion of the ads. However, we only learn the anonymous total number of users who clicked on our ad and were redirected to a page with a so-called “conversion tracking tag”. However, we ourselves do not receive any information that can be used to identify users. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://marketingplatform.google.com; Privacy Policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
• Google Ad Manager: We use the “Google Marketing Platform” (and services such as “Google Ad Manager”) to place ads in the Google advertising network (e.g., in search results, in videos, on websites, etc.). The Google Marketing Platform is characterized by the fact that ads are displayed in real time based on the presumed interests of users. This allows us to display ads for and within our online offering in a more targeted manner, so that we only present users with ads that potentially match their interests. If, for example, a user is shown ads for products that they have shown an interest in on other online offerings, this is referred to as “remarketing”. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://marketingplatform.google.com; Privacy Policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
• Google Adsense with personalized ads: We use the Google Adsense with personalized ads service, which helps us to display ads within our online offering and to receive remuneration for their display or other use. ; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://marketingplatform.google.com; Privacy Policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
• Google Adsense with non-personalized ads: We use the Google Adsense service with non-personalized ads, which helps us to display ads within our online offering and to receive remuneration for their display or other use. ; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://marketingplatform.google.com; Privacy Policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
• Facebook Pixel: Facebook Pixel; Service provider: https://www.facebook.com, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; privacy policy: https://www.facebook.com/about/privacy; Privacy Shield (guaranteeing a certain level of data protection when processing data in the USA): https://www.privac yshield.gov/participant?id=a2zt0000000GnywAAC&status=Active; Opt-out:https://www.facebook.com/settings?tab=ads.
• Linkedin Insight Tag: When you visit this website, personal data is processed. Data categories processed: data on the use of the website and the logging of clicks on individual elements. Purpose of processing: Analysis of user behavior, analysis of the effectiveness of online marketing measures and selection of online advertising on other platforms that are automatically selected using real-time bidding based on user behavior. The legal basis for the processing: Your consent in accordance with Art. 6 (1) a GDPR. Data is transferred: to the independent controller LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. The legal basis for the transfer of data to LinkedIn Ireland Unlimited Company is your consent in accordance with Art. 6 (1) a GDPR. This may also involve the transfer of personal data to a country outside the European Union. The transfer of data to the USA is based on Art. 45 GDPR in conjunction with the adequacy decision C(2023) 4745 of the European Commission, as the data recipient has committed to comply with the principles of data processing of the Data Privacy Framework (DPF).Information on LinkedIn Ireland Unlimited Company’s DPF membership

Affiliate programs and affiliate links

We integrate so-called affiliate links or other references (which may include discount codes, for example) to the offers and services of third-party providers into our online offering (collectively referred to as “affiliate links”). If users follow the affiliate links or subsequently take advantage of the offers, we may receive a commission or other benefits from these third-party providers (collectively referred to as “commission”).

In order to be able to track whether users have taken advantage of the offers of an affiliate link we have used, it is necessary for the respective third-party providers to know that the users have followed an affiliate link used within our online offer. The assignment of the affiliate links to the respective business transactions or other actions (e.g. purchases) serves the sole purpose of calculating commissions and is deleted as soon as it is no longer required for this purpose.

For the purposes of the aforementioned assignment of affiliate links, the affiliate links can be supplemented with certain values that are part of the link or can be stored elsewhere, e.g. in a cookie. The values may include, in particular, the originating website (referrer), the time, an online identifier of the operator of the website on which the affiliate link was located, an online identifier of the respective offer, the type of link used, the type of offer and an online identifier of the user.

Notes on legal basis: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is consent. Furthermore, their use may be part of our (pre)contractual services, provided that the use of third-party providers has been agreed in this context. Otherwise, the user’s data is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this data protection declaration.

• Types of data processed: Contract data (e.g. subject matter of the contract, term, customer category), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing: Affiliate tracking.
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Amazon Partner Program: Amazon – Partner Program – Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or one of its affiliates. Service provider: Amazon Europe Core S.à.r.l., Amazon EU S.à.r.l, Amazon Services Europe S.à.r.l. and Amazon Media EU S.à.r.l., all four based in 38, avenue John F. Kennedy, L-1855 Luxembourg, and Amazon Instant Video Germany GmbH, Domagkstr. 28, 80807 Munich (together “Amazon Europe”), parent company: Amazon.com, Inc., 2021 Seventh Ave, Seattle, Washington 98121, USA.; Website:https://www.amazon.de; Privacy Policy:https://www.amazon.de/gp/help/customer/display.html?nodeId=201909010; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TOWQAA4&status=Active.
• AWIN Partner Program (formerly Zanox and Affilinet): Service provider: , AWIN AG, Eichhornstr. 3, 10785 Berlin, Germany; Website: https://www.awin.com/de; Data protection explanation:https://www.awin.com/de/rechtliches/privacy-policy-DACH.
• Digistore24 Partner Program: Service provider: Digistore24 GmbH, St.-Godehard-Straße 32, 31139 Hildesheim, Germany; Website: https://www.digistore 24.com; Privacy Policy:https://www.digistore24.com/page/privacy.

Presence in social networks

We maintain online presences within social networks in order to communicate with users who are active there or to provide information about us there.

We would like to point out that user data may be processed outside the European Union. This may result in risks for users, for example because it could make it more difficult to enforce their rights. With regard to US providers that are certified under the Privacy Shield or offer comparable guarantees of a secure level of data protection, we would like to point out that they are obliged to comply with EU data protection standards.

Furthermore, the data of users within social networks is usually processed for market research and advertising purposes. For example, user profiles can be created based on the user’s usage behavior and the resulting interests. The user profiles can in turn be used, for example, to place advertisements within and outside the networks that are presumed to correspond to the interests of the users. For these purposes, cookies are usually stored on the users’ computers, in which the usage behavior and interests of the users are stored. Furthermore, data can also be stored in the user profiles independently of the devices used by the users (in particular if the users are members of the respective platforms and are logged in to them).

For a detailed description of the respective processing forms and the possibilities of objection (opt-out), we refer to the data protection declarations and information of the operators of the respective networks.

We would also like to point out that requests for information and the assertion of data subject rights can be most effectively asserted with the providers. Only the providers have access to the users’ data and can take appropriate measures and provide information directly. However, if you still need help, you can contact us.

• Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing: Contact requests and communication, tracking (e.g. interest/behavioral profiling, use of cookies), remarketing, reach measurement (e.g. access statistics, recognition of returning visitors), affiliate tracking.
• Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

Services and service providers used:

• Instagram : Social network; Service provider: Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; Website: https://www. instagram.com; Privacy Policy:http://instagram.com/about/legal/privacy.
• Facebook: Social network; Service provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; privacy policy: https://www.facebook.com/about/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active; Opt-out: Advertising settings: https://www.facebook.com/settings?tab=ads; Additional information on data protection: Agreement on joint processing of personal data on Facebook pages: https://www.facebook.com/legal/ terms/page_controller_addendum, Privacy Policy for Facebook Pages: https://www.facebook.com/legal/terms/information_about_page_insights_data.
• Flickr: Social network; Service provider: Flickr Inc., 475 Sansome St San Francisco, California 94111, USA; Website: https://www.flickr .com; Privacy Policy: https://www.flickr.com/help/privacy.
• LinkedIn: Social network; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Data protection declaration: https://www.linkedin.com/legal/privacy-policy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active; Opt-out out):https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
• Pinterest: Social network; Service provider: Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA; website:https://www.pinterest.com; privacy policy:https://about.pinterest.com/de/privacy-policy; opt-out:https://about.pinterest.com/de/privacy-policy.
• SlideShare: Platform for presentations; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Data protection declaration: https://www.linkedin.com/legal/privacy-policy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.
• TikTok: Social network; Service provider: musical.ly Inc., 10351 Santa Monica Blvd #310, Los Angeles, CA 90025 USA; Website: https://www.tiktok.com; Privacy Policy: https://www.tiktok.com/en/privacy-policy.
• Twitter: Social network; Service provider: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA; Privacy policy: https://twitter.com/de/privacy, (settings) https://twitter.com/personalization; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
• YouTube: Social network; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Privacy Policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt 000000001L5AAI&status=Active; Opt-out:https://adssettings.google.com/authenticated.
• Xing: Social network; Service provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; Website: https://www.xing.de; privacy policy:https://privacy.xing.com/de/datenschutzerklaerung.

Plugins and embedded functions and content

We integrate functional and content elements into our online offering that are obtained from the servers of their respective providers (hereinafter referred to as “third-party providers”). These may include, for example, graphics, videos or social media buttons, as well as posts (hereinafter uniformly referred to as “content”).

The integration always requires that the third-party providers of this content process the IP address of the users, as they would not be able to send the content to their browsers without the IP address. The IP address is therefore required for the display of this content or functions. We endeavor to use only content whose respective providers use the IP address solely for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user’s device and may include technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as being linked to such information from other sources.

Notes on legal basis: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is consent. Otherwise, the user data is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and user-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this data protection declaration.

• Data types processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), inventory data (e.g. names, addresses).
• Data subjects: Users (e.g. website visitors, users of online services), communication partners.
• Purposes of processing: Provision of our online offer and user-friendliness, contractual services and service, contact requests and communication, direct marketing (e.g. by e-mail or post ), tracking (e.g. interest/behavior-based profiling, use of cookies), interest-based and behavior-based marketing, profiling (creation of user profiles), security measures, administration and answering of inquiries.
• Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR), consent (Art. 6 para. 1 sentence 1 lit. a GDPR), fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR).

Services and service providers used:

• Facebook Social Plugins: Facebook Social Plugins – These may include content such as images, videos or texts and buttons that allow users to share content from this online offering within Facebook. The list and appearance of the Facebook social plugins can be viewed here:https://developers.facebook.com/docs/plugins/; Service provider:https://www.facebook.com, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; privacy policy:  https://www.facebook.com/about/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov /participant?id=a2zt0000000GnywAAC&status=Active; Opt-out: Settings for ads: https://www.facebook.com/settings?tab=ads.
• Google Fonts: We integrate the fonts (“Google Fonts”) of the provider Google, whereby the data of the users are used solely for the purpose of displaying the fonts in the user’s browser. The integration is based on our legitimate interests in a technically secure, maintenance-free and efficient use of fonts, their uniform display and taking into account possible license restrictions for their integration. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://fonts.google.com/; privacy policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&status=Active.
• Google Maps: We embed maps from the Google Maps service provided by Google. The data processed may include, in particular, IP addresses and location data of users, but these are not collected without their consent (usually given as part of the settings on their mobile devices). Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://maps.google.de; privacy policy:https://policies.google.com/privacy; Privacy Shield (guaranteeing data protection level when processing data in the USA):https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&amp; =”noreferrer noopener”>https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• Instagram plugins and buttons: Instagram plugins and buttons – These may include content such as images, videos or texts and buttons that allow users to share content from this online offering within Instagram. Service provider:https://www.instagram.com, Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; website:https://www.instagram.com; Privacy Policy: http://instagram.com/about/legal/privacy.
• LinkedIn Plugins and Buttons: LinkedIn Plugins and Buttons – These may include content such as images, videos or texts and buttons that allow users to share content from this online offer within LinkedIn. Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; website:https://www.instagram.com; privacy policy:https://www.linkedin.com/legal/privacy-policy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active; Opt-out out):https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
• OpenStreetMap: We embed maps from the OpenStreetMap service, which are offered by the OpenStreetMap Foundation (OSMF) on the basis of the Open Data Commons Open Database License (ODbL). The user data is used by OpenStreetMap exclusively for the purpose of displaying the map functions and for caching the selected settings. This data may include, in particular, IP addresses and location data of users, which, however, are not collected without their consent (usually given as part of the settings of their mobile devices). Service provider: OpenStreetMap Foundation (OSMF); website:https://www.openstreetmap.de; privacy policy: https://wiki.openstreetmap.org/wiki/Privacy_Policy.
• Pinterest plugins and buttons: Pinterest plugins and buttons – These may include content such as images, videos or texts and buttons that allow users to share content from this online offering within Pinterest. Service provider: Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA; website:https://www.pinterest. com; Privacy Policy:https://about.pinterest.com/de/privacy-policy.
• ReCaptcha: We use the “ReCaptcha” function to detect bots, e.g. when entering data in online forms. The user’s behavior (e.g. mouse movements or queries) is evaluated to distinguish between humans and bots. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website:https://www.google.com/recaptcha/; privacy policy:https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• SlideShare presentations: Inclusion of SlideShare presentations; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; website:https://www.linkedin.com; privacy policy:https://www.linkedin.com/legal/privacy-policy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.
• Typekit fonts from Adobe: We embed the fonts (Typekit fonts) from Adobe, whereby the user data is used solely for the purpose of displaying the fonts in the user’s browser. The integration is based on our legitimate interests in a technically secure, maintenance-free and efficient use of fonts, their uniform display and taking into account possible license restrictions for their integration. Service provider: Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland; website: https://www.adobe.com/de; privacy policy: https://www.adobe.com/de/privacy.html; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TNo9AAG&status=Active.
• YouTube: Videos; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://www.youtube.com; privacy policy: https://policies.google.com/privacy; Privacy Shield (ensuring a high level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active; Opt-out option: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertising: https://adssettings.google.com/authenticated.
• Xing Plugins and Buttons: Xing Plugins and Buttons – These may include content such as images, videos or texts and buttons that allow users to share content from this online offer within Xing. Service provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; website:https://www.xing.com; privacy policy:https://privacy.xing.com/de/datenschutzerklaerung.
• Vimeo: Video platform; Service provider: Vimeo Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA; Website: https://vimeo.com; Data protection declaration: < a href=”https://vimeo.com/privacy” target=”_blank” rel=”noreferrer noopener”>https://vimeo.com/privacy; Opt-out: We would like to point out that Vimeo may use Google Analytics and refer you to the data protection declaration (https://policies.google.com/privacy) and the opt-out options for Google Analytics (http:// tools.google.com/dlpage/gaoptout?hl=de) or Google’s settings for data use for marketing purposes (https://adssettings.google.com/).

Deletion of data

The data we process will be deleted in accordance with the legal requirements as soon as the consent to process it is revoked or other permissions lapse (e.g. if the purpose of processing this data no longer applies or it is no longer required for this purpose).

If the data is not deleted because it is required for other legally permissible purposes, its processing will be limited to these purposes. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax reasons or whose storage is necessary to assert, exercise or defend legal claims or to protect the rights of another natural or legal person.

Further information on the deletion of personal data can also be found in the individual data protection notices of this data protection declaration.

Amendment and updating of the data protection declaration

We ask you to regularly check the content of our data protection declaration. We will adapt the data protection declaration as soon as the changes to the data processing carried out by us make this necessary. We will inform you as soon as the changes require your cooperation (e.g. consent) or any other individual notification.

If we provide addresses and contact information for companies and organizations in this data protection declaration, please note that the addresses may change over time and please check the information before contacting us.

Rights of the data subjects

As a data subject, you have various rights under the GDPR, in particular under Articles 15 to 18 and 21 of the GDPR:

• Right to object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions. If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.
• Right of withdrawal: You have the right to withdraw your consent at any time.
• Right of access: You have the right to request confirmation as to whether the data in question is being processed and to request access to this data, as well as further information and a copy of the data in accordance with the legal requirements.
• Right to rectification: In accordance with the legal requirements, you have the right to request that the data concerning you be completed or that incorrect data concerning you be rectified.
• Right to erasure and restriction of processing: You have the right to request that the data concerning you be erased immediately or, alternatively, to request that the processing of the data be restricted in accordance with the statutory provisions.
• Right to data portability: You have the right to receive the data concerning you that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller, in accordance with the legal requirements.
• Complaint to supervisory authority: You also have the right, in accordance with the legal requirements, to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

Definitions

This section provides an overview of the terms used in this data protection declaration. Many of the terms are taken from the law and are defined in particular in Art. 4 GDPR. The legal definitions are binding. The following explanations are intended to help you understand them. The terms are in alphabetical order.

• A/B tests: A/B tests are used to improve the user-friendliness and performance of online offers. For example, users are shown different versions of a website or its elements, such as input forms, in which the placement of the content or the labels of the navigation elements may differ. Based on the behavior of the users, e.g. longer stays on the website or more frequent interaction with the elements, it can then be determined which of these websites or elements are more likely to meet the needs of the users.
• Affiliate tracking: As part of affiliate tracking, links that are used by linking websites to refer users to websites with product or other offers are logged. The operators of the respective linking websites may receive a commission if users follow these so-called affiliate links and then take advantage of the offers (e.g. buy goods or use services). To do this, it is necessary for the providers to be able to track whether users who are interested in certain offers subsequently take advantage of them at the instigation of the affiliate links. Therefore, for affiliate links to function properly, it is necessary for them to be supplemented with certain values that become part of the link or are stored elsewhere, e.g. in a cookie. These values include, in particular, the originating website (referrer), the time, an online identifier of the operator of the website on which the affiliate link was located, an online identifier of the respective offer, an online identifier of the user, as well as tracking-specific values, such as advertising medium ID, partner ID and categorizations.
• Conversion tracking: “Conversion tracking” is a process that can be used to determine the effectiveness of marketing measures. To do this, a cookie is usually stored on the user’s device within the websites on which the marketing measures take place and then retrieved again on the target website. For example, we can use this to see whether the ads we place on other websites were successful.
• Content Delivery Network (CDN): A “Content Delivery Network” (CDN) is a service that helps to deliver the content of an online offering, in particular large media files such as graphics or program scripts, faster and more securely using servers that are distributed regionally and connected via the Internet.
• Cross-device tracking: Cross-device tracking is a form of tracking in which users’ behavior and interest information is collected across devices in so-called profiles by assigning users an online identifier. This means that user information can usually be analyzed for marketing purposes, regardless of the browsers or devices (e.g. mobile phones or desktop computers) used. The online identifier is not linked to clear data such as names, postal addresses or e-mail addresses for most providers.
• Heatmaps: “Heatmaps” are the movements of users’ mouse cursors, which are combined to form an overall picture that can be used, for example, to identify which website elements are preferred and which website elements users prefer less.
• IP masking: IP masking is a method in which the last octet, i.e. the last two numbers of an IP address, are deleted so that the IP address can no longer be used to uniquely identify a person. IP masking is therefore a means of pseudonymizing processing procedures, especially in online marketing
• Interest-based and behavior-based marketing: Interest-based and/or behavior-based marketing is when potential interests of users in ads and other content are predicted as accurately as possible. This is done by using information about their previous behavior (e.g. visiting certain websites and spending time on them, buying behavior or interaction with other users), which is stored in a so-called profile. Cookies are usually used for these purposes.
• Click tracking: Click tracking allows us to monitor the movements of users within an entire online offering. Since the results of these tests are more accurate when the interaction of users can be tracked over a certain period of time (e.g. so that we can find out whether a user likes to return), cookies are usually stored on the users’ computers for these test purposes.
• Conversion measurement: Conversion measurement is a method for determining the effectiveness of marketing measures. To do this, a cookie is usually stored on the user’s device within the websites on which the marketing measures take place and then retrieved again on the target website. For example, this allows us to see whether the ads we place on other websites were successful.
• Personal data: “Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier number, location data, online identifier (e.g. cookie) or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
• Profiling: Profiling is any form of automated processing of personal data consisting of the use of such personal data to analyze, evaluate or predict certain personal aspects relating to a natural person (depending on the type of profiling, this may include information concerning age, gender, location data and movement data, interaction with websites and their content, purchasing behavior, social interactions with other people), to analyze, evaluate or predict them (e.g. interests in certain content or products, click behavior on a website or location). Cookies and web beacons are often used for profiling purposes.
• Reach measurement: Reach measurement (also known as web analytics) is used to evaluate the visitor traffic of an online offering and can include the behavior or interests of visitors to certain information, such as website content. With the help of reach analysis, website owners can, for example, recognize at what time visitors visit their website and what content they are interested in. This enables them, for example, to better adapt the content of the website to the needs of their visitors. For the purposes of reach analysis, pseudonymous cookies and web beacons are often used to recognize returning visitors and thus obtain more accurate analyses of the use of an online offering.
• Remarketing: The terms “remarketing” and “retargeting” are used when, for example, a user’s interest in a product on a website is noted for advertising purposes in order to remind the user of these products on other websites, e.g. in advertisements.
• Tracking: Tracking refers to the ability to track the behavior of users across multiple online services. As a rule, behavioral and interest information is stored in cookies or on the servers of the providers of the tracking technologies with regard to the online services used (so-called profiling). This information can then be used, for example, to display advertisements to users that are likely to match their interests.
• Controller: The controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
• Processing: “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The term is broad and covers virtually any handling of data, whether it be collection, evaluation, storage, transmission or deletion.
• Target group formation: Target group formation (or “custom audiences”) refers to the formation of target groups for advertising purposes, e.g. the display of advertisements. For example, based on a user’s interest in certain products or topics on the internet, it can be concluded that this user is interested in advertisements for similar products or the online shop in which he or she viewed the products. Lookalike audiences (or similar target groups) are created when the content deemed suitable is displayed to users whose profiles or interests are presumed to correspond to the users for whom the profiles were created. Cookies and web beacons are generally used to create custom audiences and lookalike audiences.

Created with free Datenschutz-Generator.de by Dr. Thomas Schwenke

---

Registration for webinars

The following information is to inform you about the registration, participation and statistical evaluation procedure as well as your rights of objection in connection with the webinars we offer. By registering for our free and paid webinars, you agree to receive e-mails, such as info mails and newsletters, as well as the described procedures.

Registration data and registration procedure:

When you register for our webinars using the double opt-in procedure, you will be informed about receiving our newsletter and the free option to revoke your consent. Registration for our webinars is completely voluntary.

To participate in one of our webinars, it is sufficient to provide your e-mail address. Optionally, we ask you to provide your first and last name for the purpose of personalizing our e-mails and for an overview of our prospective customer structure. These optional details are provided voluntarily and are not mandatory for participation in a webinar.

The registration process is logged on the basis of our legitimate interests in accordance with Art. 6 (1) (f) GDPR and serves to provide proof of consent to receive our e-mails.

In Germany, the sending of info mails and newsletters as well as the measurement of success are based on the consent of the recipients in accordance with Art. 6 para. 1 lit. a, Art. 7 GDPR in conjunction with § 7 para. 2 no. 3 UWG or on the basis of the legal permission in accordance with § 7 para. 3 UWG.

Webinar service provider:

We provide our webinars via the online platform of Webinaris GmbH, Bussardstr. 5.2, 82166 Gräfelfing, hereinafter referred to as “Webinaris”. We are a so-called “user” who has a paid Webinaris membership on the Webinaris online platform in order to be able to register and conduct webinars via this platform.

You can view Webinaris’ data protection provisions here:http://webinaris.com/datenschutzbestimmungen.html

When you register for a webinar and when you participate in a webinar that we as users organize via the Webinaris online platform, the following data is transferred from you as a so-called user to Webinaris and processed there:

• E-mail address
• First name (optional)
• Surname (optional)
• Browser and system data
• IP address
• Language
• Time zone
• All data provided by the participant in the chat
• Usage data resulting from registration for and participation in the webinar

Webinaris offers us the opportunity to publish webinars and to evaluate them statistically in order to constantly improve our offering. To do this, it is necessary for Webinaris to process the data of webinar participants/users on our behalf. The scope of the data and the data processing are regulated in the agreement on data processing, which we have concluded with Webinaris. As a user, we can view the data at Webinaris and export it to our own systems. 

The legal basis for the processing of the data is Art. 6 para. 1 sentence 1 lit. b) GDPR. Further information can be found in Webinaris’s privacy policy athttps://webinaris.com/datenschutzbestimmungen.html.

Use of Calendly

This website uses Calendly.com for the online appointment booking service. This page offers an external platform for making appointments. The appointment booking service is integrated into the source code of our website via a script. By using the appointment calendar, you automatically use the services of Calendly.com. Data is transferred there for the security and documentation of teambay. The data collected includes: name, IP address at the time of the appointment, agreed date and agreed time. This data will not be passed on to third parties and is used only for the administration and organization of appointments and for internal statistics. By using the appointment calendar, you agree that you agree to this. You can find more information about Calendly.com here. Please be sure to read it. Please note, however, that the site is only available in English:https://calendly.com/pages/privacy