Go to homepage
Shopping cart
Show all categories Privacy Policy Back

Privacy Policy

1. Introduction

Overview and orientation

On the one hand, this privacy policy informs visitors and users of our internet presence about the data processing operations that take place online and involve the processing of personal data. On the other hand, you will receive information about our processing operations that do not primarily take place online.

  1. “Personal data” are all individual details that allow conclusions to be drawn about a private individual (for definition, see Art. 4 (1) GDPR). This includes, for example, names, e-mail addresses, telephone numbers, but also data such as IP addresses or customer numbers.
  2. The “processing of personal data” includes all operations, for example the collection, storage, transmission, archiving or erasure of personal data (definition Art. 4 (2) GDPR).
  3. The “data subject” within the meaning of data protection law is any private individual from whom personal data are processed.
  4. Further definitions of terms can be taken from the General Data Protection Regulation, these can be found authoritatively in Art. 4 GDPR (Definitions).

 


2. Responsibilities

Controller (see Art. 4 (7) GDPR)
ELSÄSSER Filtertechnik GmbH
Carl-Zeiss-Str. 3
71154 Nufringen
Telephone: 07032 / 96 04-0
Fax: 07032 / 96 04-22
info@filter-technik.de

External data protection officer
DSB Externer Datenschutzbeauftragter Stuttgart
Fabian Henkel
Kantstr. 14
71277 Rutesheim
Tel. +49 7152 564 773
Fax. +49 7152 564 771
info@externer-datenschutzbeauftragter-stuttgart.de
https://www.externer-datenschutzbeauftragter-stuttgart.de


3. Brief overview of data processing

The following contents provide you with a brief overview of the processing of personal data; more detailed information can be found in the respective passages presented in detail.

Security on our website (SSL Secure Socket Layer)
Our website is provided with an SSL certificate, with the help of which data transmission processes are encrypted. This happens, for example, when you send us a message via a form. However, as a precautionary measure, we would like to point out that one hundred percent security in electronic data processing is not possible and that there is always a residual risk.

Data that you transmit to us
On the one hand, we process on this site the data that you enter yourself, for example in a form. In this case, the purpose of the processing results from the type of form and, on the other hand, from this privacy policy. Even if you send us a message by e-mail, for example, or otherwise contact us, we process your data in accordance with the purpose of making contact.

Automatic server log files
On the other hand, our server automatically records all access and thus also IP addresses (log files), this serves the defense against attacks, the analysis of access figures and the smooth operation.

Use of various cookies
Cookies help us provide various services, for more information see this privacy policy.

Consent or refusal to the use of third party cookies
We ask for your permission to set third party cookies at the beginning of your visit. We store your selection in a cookie.

Analysis and tracking tools
In addition to the pure server log files, which also provide us with information on page views, we use analysis tools. These tools give us detailed insights about the content visited on our site, the flow of behavior and, for example, the country from which access took place. For such services to work, cookies must be set at the end of the site visitor.

External plugins
We partly use plugins that extend the functionality of our site. In particular, it is the plugin of the provider Trusted Shops. If necessary, we use additional plugins, such as YouTube or Google Maps. If such services are integrated via a website, access data is transmitted to the provider. As a rule, this is your IP address and other metadata, such as the time and date of access. In some cases, cookies are set by plugins.

Direct marketing
We reserve the right to send direct marketing content to our customers on the basis of Section 7 (3) UWG in conjunction with Art. 6 (1) (f) GDPR. You can, of course, object to receiving direct marketing information from us at any time.

Other data recipients

Use of processors
In accordance with the requirements of Art. 28 GDPR, we use processors, for example in the area of IT services, web hosting, e-mail hosting or printing services. They process personal data for us in accordance with instructions.

Use of non-specialist services
If it is necessary (for example, to perform a contract), we pass on your data to banks, shipping service providers, our tax advisor or lawyer, for example.

Credit rating information
In addition, we may obtain credit rating information, for example from Schufa.

Statutory obligations
We are subject to statutory obligations, such as trade laws or tax law, in this context we are required disclose certain data, for example, to tax authorities.

Investigation of crimes
Insofar as it should be necessary for the investigation of a crime, we pass on data to the law enforcement authorities.

General information on erasure periods for personal data
We process data as long as this is necessary for the respective purpose. To the extent necessary, we process your personal data for the duration of our business relationship, which also includes the initiation and performance of a contract; in addition, we are obligated to comply with statutory retention obligations. If the data processing is based on your consent, we will delete your data after your revocation. 

Transfer of personal data to a third country
As far as possible, we try to have all service providers and services provided by providers within the European Union. A transfer to a third country is possible if you have given us your consent and/or we have concluded a contract for commissioned processing pursuant to Art. 28 GDPR, taking into account appropriate guarantees. In individual cases, we may use plugins or tools that are hosted in third countries, but we use them based on our legitimate interests. In these cases, we point out the circumstance if necessary.

Obligation to provide personal data
The provision of personal data is regularly required for the initiation, conclusion, processing and reversal of a contract. In the event that you do not provide the required personal data, it will not be possible for us to conclude and perform a contract with you.

 

4. Legal bases

The legal bases for the processing of personal data are exceptional circumstances that allow the processing of personal data. The main legal bases are illustrated in particular in Art. 6 GDPR. The legal bases according to which we process personal data are described in the individual processing operations in this privacy policy.

  • Consent is one of these legal bases and requires that the person giving consent does so in an informed manner and on a voluntary basis. Consent on the basis of Art. 6 (1) (a) GDPR is revocable at any time in principle without stating any reasons .
  • The processing of personal data for the initiation or performance of contracts is also a legal basis and is defined in Art. 6 (1) (b) GDPR.
  • The exceptional case of data processing due to a legal obligation is found in Art. 6 (1) (c) GDPR, for example, we are obligated to comply with certain retention periods under commercial law and tax law.
  • The processing of personal data on the basis of a balance of interests pursuant to Art. 6 (1) (f) GDPR allows the processing after careful consideration of financial or legal interests against the interests of the data subject that are worthy of protection.

 

5. Your rights under the General Data Protection Regulation

Every private individual is entitled to certain rights, these are defined in particular in articles 15 to 21 and 77 GDPR. In principle, you have the following rights, which you can claim against us.

  1. Right to information (see. Art. 15 GDPR)
    You have the right to request information about the data processed about you and the purposes of the processing at any time.
  2. Right to correction (see Art. 16 GDPR)
    To the extent that you discover that we are processing incorrect or incomplete data about you, you have the right to rectification.
  3. Right to erasure (see Art. 17 GDPR)
    You have the right to request the erasure of your personal data that we process about you at any time.
  4. Right to restriction of processing / blocking (see Art. 18 GDPR)
    If we cannot erase your personal data, for example, due to legal retention periods, you may exercise your right to restriction. Your data will then be blocked for all other processing purposes. We may also temporarily restrict your data, for example, until we review and process your objection.
  5. Right to data portability (see Art. 20 GDPR)
    You have the right to have us transmit your data to another company in a machine-readable format, insofar as this is possible with reasonable effort.
  6. Right to object to certain processing operations and direct marketing (see Art. 21 GDPR)
    Art. 21 (1) - You may exercise your right to object at any time, this is particularly relevant if the processing is based on Art. 6 (1) (e) or (f) GDPR. This also includes processing for profiling purposes. If we can demonstrate compelling grounds for processing that override your interests or if the processing serves to assert legal claims, exercise them or defend them, we may reject your objection in individual cases.
    Art. 21 (2) - You may also object at any time to processing for direct marketing purposes, including profiling related to direct marketing. We will follow up on your objection at any time and will no longer process your data for these purposes.
  7. Right of complaint to a supervisory authority (see Art. 77 GDPR)
    You have the right to complain about the processing of your personal data to the supervisory authority for data protection at any time.

 


6. Server log and cookies

External hosting
This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contractual data, contact data, names, website accesses and other data generated via a website.

The hoster is used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 (1) (b) GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 (1) (f) GDPR). Our hoster will only process your data to the extent necessary to fulfill its service obligations and will follow our instructions regarding this data.

We have contracted the following hoster for hosting:

maxcluster GmbH
Lise-Meitner-Str. 1b
33104 Paderborn

Automatic server log
Our web server automatically logs all access and thus also IP addresses of visitors. This serves to defend against attacks, analyze access figures and ensure smooth operation. We have a legitimate interest in this (Art. 6 (f) GDPR).

The server log usually records not only the IP address but also other metadata about the session, this data can be found below.

  • Date
  • Time
  • Browser
  • Operating system
  • Where applicable, device (client)
  • Referrer URL

We use this data solely for the purposes mentioned above. As a rule, we delete log files after six months.

 

Use of cookies
Our website uses cookies for the provision of services and to ensure full functionality. Cookies – which are small text files that are automatically stored in your browser or device – can have various functions.

a)    Session cookies (non-persistent cookies)
Session cookies are cookies that are stored for one session only – your visit to our website. These cookies facilitate your visit to our site and are deleted after your visit to the site.

b)    Persistent cookies
Persistent cookies are cookies that are stored for a longer period of time. These are divided into first party cookies, which come directly from our web server, and third party cookies, which are set by third-party providers. For example, tracking cookies.

You can define whether and which cookies you generally allow in your browser settings. We recommend that you set your browser to notify you when a website wants to set cookies on you. This gives you control over which cookies you want to allow.
However, to the extent that you do not allow cookies, the functionality of websites may be limited.
Cookies are generally used by us in the legitimate interest of error-free and functional provision of our services (Art. 6 (1) (f) GDPR). In the individual passages of this privacy policy, you will find more information about other cookies, for example tracking cookies or cookies of other plugins.

 

Functionally necessary cookies

Name of the cookie

Function

Origin

Term

__csrf_token-1

Security token. Cookie from Shopware.

Own server

until the browser session expires

session-1

Identification between browser and server. Cookie from Shopware.

Own server

until the browser session expires

x-ua-device

Identifies whether the visitor is using a desktop device. Cookie from Shopware.

Own server

until the browser session expires

allowCookie

Cookie preference
if third-party cookies have been agreed to.

Own server

6 months

cookieDeclined

Cookie preference when third-party cookies were rejected.

Own server

until the browser session expires

 

Third-party cookies

Google Analytics

Name of the cookie

Function

Origin

Term

_ga

Registers a unique ID that is used to collect statistical usage data.

Google Analytics

2 years

_gat

Used to limit the request rate.

Google Analytics

10 minutes

_gid

Registers a unique ID that is used to collect statistical usage data.

Google Analytics

1 day

_ga_disable

Stores your objection to data collection by Google Analytics if you have objected.

Own server

Persistent cookie

 

Google Doubleclick

Name of the cookie

Function

Origin

Term

test_cookie

Is set as a test to check whether the browser allows the setting of cookies. Does not contain any identification features.

Google Doubleclick

15 minutes

IDE

Used by Google DoubleClick to register and report the user’s actions on the website after viewing or clicking on one of the provider’s ads. The purpose is to measure the effectiveness of an advertisement and display targeted advertising to the user.

Google Doubleclick

1 year

DSID

Contains a randomly generated user ID. Based on this ID, Google can recognize the user across different websites and display personalized advertising.

Google Doubleclick

14 days

 

Google Ads Conversion Tracking

Name of the cookie

Function

Origin

Term

conversion

These cookies are used for Google’s ad preferences and to measure conversions. They can be placed through the remarketing function or through Google AdWords.

Google

up to 2 years

_gac

_gads

 

Bing Ads Conversion Tracking

Name of the cookie

Function

Origin

Term

MUIDB

These cookies are used by Microsoft Ads to anonymously identify user sessions and in this way help us measure the effectiveness of our marketing campaigns. The cookie is stored for up to two years. For more information, please visit https://advertise.bingads.microsoft.com/en-gb/resources/policies/privacy-and-data-protection-policies.

Bing

2 years

MUID

 

MUID: These cookies are used by Microsoft Ads to anonymously identify user sessions and in this way help us measure the effectiveness of our marketing campaigns. The cookie is stored for up to two years. For more information, please visit https://advertise.bingads.microsoft.com/en-gb/resources/policies/privacy-and-data-protection-policies.

 


7. Contact

Message via contact form

You have the possibility to send us messages via contact form. In doing so, we process the data that was entered by you in the data entry mask. As a rule, these are your name, your company (if applicable), telecommunication data and the entered text. Mandatory fields are marked and must be filled in.
The purpose of data processing is to handle your request and, if necessary, to contact you afterwards. The legal basis for processing the data entered in the contact form is always based on your consent (Art. 6 (1) (a) GDPR). You can revoke your consent at any time without giving any reason. In addition, we process your data for the initiation or performance of purchase contracts, insofar as you ask us product-related questions, for example (Art. 6 (1) (b) GDPR).
We store the transmitted data until the purpose of data storage is achieved or you revoke your consent. Please note that the process may be subject to legal retention periods. In this case, we restrict your data for further processing until it expires.

Communication by e-mail
Insofar as you write us an e-mail, we process your data according to the content and purpose of the message. As a rule, processing is carried out on the basis of pre-contractual measures or in the context of the implementation of a contractual relationship on the basis of Art. 6 (1) (b) GDPR and Art. 6 (1) (f) GDPR. It is a legitimate interest to process your request quickly and efficiently.
Insofar as it is a product- or service-related message, we generally process your data on the basis of our legitimate interests pursuant to Art. 6 (1) (f) GDPR.
Please note that in accordance with generally accepted accounting principles, we store all incoming e-mails for a period of ten years, starting on the first day of the following year in which the message was received. Thus, to the extent that you request us to erase the data, we will henceforth restrict your data for processing and store it only for the purpose of complying with retention periods in our legitimate interest.

Communication by telephone or fax
Even if you contact us by phone or fax, we process your data either for the initiation and execution of contractual relationships (if the content is product- or service-related) and/or in our legitimate interest, analogous to contacting you by e-mail.
We do not record the contents of conversations, but we may take notes to help us process your request. We store these until the purpose of data processing has been achieved and we no longer have any legitimate interests in the processing. If necessary, contents of the conversation are stored for statistical purposes anonymized. It goes without saying that you may request erasure at any time.

 

8. Orders and user account

Registration of a user account
You have the option to create a user account. This provides you with enhanced functions, but is not mandatory. When you apply for a user account with us, we will send you your access data by e-mail and ask you to change the initial password immediately.

For registration, it is necessary that you submit various details. To this end, we need your company name and the legal form, the company address, an e-mail address and a contact person, if necessary we will also ask you for your telecommunication data. With a user account you can log in to the site with a username and password, passwords are always stored in encrypted form.

Whether you create a user account is up to you, the processing of your data for this purpose is therefore based on your consent (Art. 6 (1) (a) GDPR). You may revoke your consent at any time with effect for the future.

Your data will be stored until we receive your revocation. Please address your revocation to the contact details given above. Insofar as legal retention periods exist for all or parts of your data, we must comply with these and restrict your data after revocation.

Guest account orders
If you do not wish to create a user account, you have the option to order as a guest, the processing of the information you provide for the processing of the contractual relationship (Art. 6 (1) (b) GDPR). If you request us to erase your data, but legal or contractual retention periods prevent us from doing so immediately, we will continue to process your data under restriction in order to protect our legitimate interests and comply with legal obligations.

Placing orders in our store
If you order goods in our store, the processing of your data is based on the implementation of contractual relationships (purchase contract) on the basis of Art. 6 (1) (b) GDPR. As a rule, we process your billing address, if applicable a different delivery address, as well as your e-mail address and, if applicable, your telephone and fax numbers within the scope of orders.

We store the data related to the transaction until the statutory retention periods expire. To the extent you request us to erase your data, we restrict the processing of your data solely for this purpose .

Transmission of payment details
In addition, the data processing of payment details for billing purposes is carried out by a credit institution. This also takes place within the framework of processing the contractual relationship. In principle, we offer only payment in advance or by invoice.

Transmission of your data to a shipping service provider
For the shipment of the ordered goods, we use shipping service providers or shipping companies, we transfer your data to the contracted shipping service provider to handle the shipping process. We transmit only the data necessary for the transaction, unless you explicitly agree to the transmission of further data.

Credit check
If we make advance payments, we reserve the right to conduct an identity and credit check. This may be necessary for the conclusion of the contract in accordance with Art. 22 (2) (a) GDPR, a specialized service provider is commissioned with the implementation.

Name of the commissioned service provider
Compagnie Française d’Assurance pour le Commerce Extérieur SA (Coface) Germany branch
Isaac-Fulda-Allee 1
55124 Mainz

Appropriate measures to protect your rights, freedoms and legitimate interests will be taken into account in this regard. You have the possibility to express your point of view and challenge the decision by contacting us at the contact option described below.

After complete processing of the contract, your data processed for this purpose will be deleted, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this policy.

Data transfer to collection agencies
In order to perform the contract in accordance with Art. 6 (1) (1) (b) GDPR, we will pass on your data to a commissioned collection agency if our payment claim has not been settled despite a previous reminder. In this case, the debt is collected directly by the collection agency. In addition, the transfer serves to safeguard our legitimate interests, which prevail in the context of weighing up the interests, in an effective assertion or enforcement of our payment claim in accordance with Article 6 (1) (1) (f) GDPR.

 

9. Direct marketing

Direct marketing in legitimate interest

We reserve the right to use the data collected on the occasion of a purchase contract or service contract, if necessary, for direct advertising by e-mail or postal mail in accordance with Section 7 (3) UWG, if the customer does not object or has not objected to this use.

Direct advertising exclusively comprises offerings for similar products or services as the products or services already purchased by the user from us. We have a legitimate, commercial interest (Art. 6 (1) (f) GDPR) in informing our customers about new products and improving our services. We use Rapidmail for sending newsletters. The provider is rapidmail GmbH, Augustinerplatz 2, 79098 Freiburg i.Br., Germany. Rapidmail is a service that can be used, among other things, to organize and analyze the sending of newsletters. The data you enter for the purpose of receiving the newsletter will be stored on Rapidmail’s servers in Germany. You can find Rapidmail’s privacy and data security notices at https://www.rapidmail.de/datenschutz and https://www.rapidmail.de/datensicherheit. For the purpose of analysis, the e-mails sent with Rapidmail contain a “tracking pixel”, which connects to Rapidmail’s servers when the e-mail is opened. This allows determining whether a newsletter message has been opened. Furthermore, with the use of Rapidmail we can determine whether and which links in the newsletter message are clicked. All links in the e-mail are tracking links that can be used to count your clicks. If you do not want any analysis by Rapidmail, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.

For more information about the analysis functions of Rapidmail, please see the following link: https://de.rapidmail.wiki/kategorien/statistiken/. We have concluded a contract with the service provider for the processing of personal data on our behalf. Personal data is processed strictly according to our instructions. You may, of course, object to receiving direct advertising at any time. Address your objection to the above controller. Alternatively, you will find a link to unsubscribe in every newsletter.

 

10. Information for applicants

Privacy policy application procedure
Insofar as you apply to us, whether for an advertised position or on your own initiative, we process your data to carry out the selection process. It is irrelevant for us whether you apply by mail, by e-mail or, if available for the respective position, by online form.

As a matter of principle, we only process the data that you yourself have provided to us as part of an application process. The use of further sources may be considered after information of and consultation with you. For example, whether we may contact a former employer.

The legal basis for the implementation of an application procedure is Section 26 BDSG in conjunction with Art. 6 (1) (b) GDPR (initiation of employment contract). If you give us your consent to store your data for a longer period of time, this is done on the legal basis of Art. 6 (1) (a) GDPR.

Erasure periods for applicant data
We erase applicant data a maximum of 4 months after the application process has been completed (when a candidate has been selected and all applicants have been informed of the outcome). The purpose of data processing is, as a rule, no longer given as of the end of the selection process, however, we have a legitimate interest (Art. 6 (1) (f) GDPR) in being able to defend ourselves against any claims from rejected applicants. If you have the impression that your interests in an immediate erasure outweigh, you have the option to request us to do so. We will then review your request and provide you with feedback.

After the expiration of the above period, your data will be deleted unless we need to defend ourselves, for example, in ongoing proceedings, such as a lawsuit under the General Equal Treatment Act. In this case, we will erase your data after completion of the proceedings, subject to no statutory retention periods applying.

If we are allowed to store your data for a longer period of time based on your consent, we will erase your data if you request us to do so and revoke your consent. If necessary, we will also delete your data before the revocation of your consent if it is foreseeable that no role will be available.

 

11. Analysis, tracking and advertising

Google Analytics
This website uses functions of the Google Analytics web analysis service. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics uses cookies. These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
The storage of Google Analytics cookies and the use of this analysis tool are based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its web offering and its advertising. If a corresponding consent was requested (e.g., consent to store cookies), the processing is based exclusively on Art. 6 (1) (a) GDPR; consent may be revoked at any time.

IP anonymization
We have activated the IP anonymization function on this website. As a result, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before it is transmitted to the USA. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google.

Browser plugin
You may refuse the use of cookies by selecting the appropriate settings on your browser; however, please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Objection to data collection
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this website: Disable Google Analytics.

Order processing
We have concluded an order processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Storage period
Data stored by Google at user and event level that is linked to cookies, user identifiers (e.g., user ID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) is anonymized or deleted after 14 months. Details can be found under the following link: https://support.google.com/analytics/answer/7667196?hl=de

You can find more information on the handling of user data at Google Analytics in the Google privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

 

Google Ads and Google Conversion-Tracking
This website uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Within the framework of Google Ads we use conversion tracking. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the Internet browser stores on the user’s computer. These cookies lose their validity after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page.

Each Google Ads customer receives a different cookie. The cookies cannot be tracked through Google Ads clients’ websites. The information collected using the conversion cookie is used to generate conversion statistics for Google Ads customers who have opted in to conversion tracking. Clients learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information with which users can be personally identified. If you do not wish to participate in tracking, you can object to this use by easily deactivating the Google conversion tracking cookie via your internet browser under user settings. You will then not be included in the conversion tracking statistics. Alternatively, click here to disable tracking

The storage of “conversion cookies” and the use of this tracking tool are based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its web offering and its advertising. If a corresponding consent was requested (e.g., consent to store cookies), the processing is based exclusively on Art. 6 (1) (a) GDPR; consent may be revoked at any time.

More information about Google Ads and Google Conversion Tracking can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. When cookies are disabled, the functionality of this website may be limited.

 

Google DoubleClick
This website uses functions of Google DoubleClick. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (hereinafter “DoubleClick”).

DoubleClick is used to show you interest-based ads across the Google advertising network. The ads can be targeted to the interests of the respective viewer with the help of DoubleClick. For example, our advertising may be displayed in Google search results or in advertising banners associated with DoubleClick.

In order to display interest-based advertising to users, DoubleClick must be able to recognize the respective viewer. For this purpose, a cookie is stored in the user’s browser, behind which the web pages visited by the user, clicks and various other information are stored. This information is combined into a pseudonymous user profile in order to display interest-based advertising to the relevant user.

Google DoubleClick is used in the interest of targeted advertising measures. This constitutes a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. If a corresponding consent was requested (e.g., consent to store cookies), the processing is based exclusively on Art. 6 (1) (a) GDPR; consent may be revoked at any time.

You can set your browser so that it no longer stores cookies. However, this may be associated with a limitation of the accessible website functions. In addition, it should be noted that DoubleClick may also use other technologies to create user profiles. Switching off cookies therefore offers no guarantee that user profiles will no longer be created.

For more information on how to object to the advertisements displayed by Google, please see the following links: https://policies.google.com/technologies/ads and https://adssettings.google.com/authenticated.

 

Bing Ads Conversion Tracking
Our online offer uses the conversion tracking of Bing ads of the provider Microsoft (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA). A cookie is set on your computer if you have accessed our site via a Bing Ads ad. Microsoft Bing and we can recognize in this way that someone has clicked on an ad, been redirected to our website and reached a previously determined target page (conversion page). We only learn the total number of users who clicked on a Bing ad and were then redirected to the conversion page. No personal information about the identity of the user is communicated. You can also disable cookies for conversion tracking by setting your browser to block cookies from the flex.msn.com domain.

Our online offerings also use conversion tracking from Microsoft (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA). Microsoft Bing Ads will set a cookie on your computer if you have accessed our website via a Microsoft Bing ad. Microsoft Bing and we can recognize in this way that someone has clicked on an ad, been redirected to our website and reached a previously determined target page (conversion page). We only learn the total number of users who clicked on a Bing ad and were then redirected to the conversion page. No personal information about the identity of the user is communicated. If you do not wish to participate in the tracking procedure, you can also refuse the setting of a cookie required for this – for example, by using a browser setting that deactivates the automatic setting of cookies as a general rule. For more information about privacy and cookies used by Microsoft Bing, please visit the Microsoft website at: https://privacy.microsoft.com/de-de/privacystatement

The storage of “conversion cookies” and the use of this tracking tool are based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its web offering and its advertising. If a corresponding consent was requested (e.g., consent to store cookies), the processing is based exclusively on Art. 6 (1) (a) GDPR; consent may be revoked at any time.

 

Leadinfo
We use the service of the provider Leadinfo B.V., Rotterdam, Netherlands. We have concluded an order processing contract with Leadinfo, personal data is processed strictly in accordance with our instructions. You can find more information about data privacy at Leadinfo in the service’s data protection provisions:https:www.leadinfo.com/en/privacy/

Leadinfo recognizes whether a visitor to our website is a business or an individual based on their IP address. Insofar as it is a company, Leadinfo shows us publicly available information about it. Recognition is based on the IP address, but these addresses are not stored. The primary purpose here is to collect data in the B2B area and transmit it to us. In individual cases, personal data of private individuals may also be collected and transmitted. In this case, Leadinfo will inform and erase this data.
In addition, two first-party cookies are used to analyze user behavior, process domains from form inputs (e.g. “leadinfo.com”), correlate IP addresses with companies and improve services. We receive information on how visitors use the website (analytics). These cookies are not linked to any other information and nothing is shared with third parties.
Leadinfo is used in the interest of collecting non-personal company data for possible sales activities. This constitutes a legitimate interest within the meaning of Article 6 (1) (f) GDPR. If corresponding consent has been requested, the processing takes place exclusively on the basis of Article 6 (1) (a) GDPR; consent may be revoked at any time.
Objection to data collection: If you wish to opt out of processing by Leadinfo, please click on the appropriate button below: https://www.leadinfo.com/de/opt-out/

 

New Relic web analysis service
We use the New Relic service, which is an analysis service provided by New Relic Inc., San Francisco, CA, 188 Spear St, San Francisco, USA. We have concluded an order processing contract with New Relic using the standard EU contract clauses. New Relic undertakes to ensure the European level of data protection through technical and organizational measures, even if the processing of personal data takes place in the USA. You can view the data processing contract here https://newrelic.com/termsandconditions/dataprotectionfaq, New Relic’s privacy policy can be found at The Data Processing Addendum, which corresponds to the standard contractual clauses, and can be found at:newrelic.com/termsandconditions/privacy

New Relic collects and processes usage data about our website and uses this to create pseudonymized user profiles and can recognize the browser of website visitors when they visit again. These profiles help us to enhance and optimize our website. Of course, these pseudonymous usage profiles are not merged with the bearers of the pseudonym, insofar as this would be technically possible. New Relic also serves as a tool to measure and monitor the technical performance of our website. For example, data is collected on the performance of the website, whether the page can be called up at all or how long it takes to load the website. In addition, New Relic collects data about our website, such as system data on add-ons used, usage times, browsers used, hardware and software used. This data, known as application data, is stored on New Relic’s servers and used to analyze the performance of this website. At the same time, New Relic allows us to make cross-offer performance comparisons between our website and other websites.

New Relic processes the following data from our website visitors:
• IP address
• Browser type and browser version
• Operating system
• Device type
• Date and time of access
• Approximate location
• Automatically Assigned ID

New Relic uses cookies and similar technologies for this purpose, you can find more about cookies in this privacy policy.
We use the service on the basis of your consent pursuant to Art. 6 (1) (a) GDPR (or Art. 49 (1) (a) GDPR), provided that this was given as part of the consent to use cookies. You may revoke your consent at any time by accessing the cookie setting again.

 

LinkedIn Insight Tag
This website uses the Insight tag from LinkedIn. The provider of this service is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Data processing by LinkedIn Insight Tag
With the help of the LinkedIn Insight Tag, we receive information about visitors to our website. If a website visitor is registered with LinkedIn, we can, among other things, analyze the key professional data (e.g., career level, company size, country, location, industry, and job title) of our website visitors and thus better tailor our site to the respective target groups. Furthermore, we can use LinkedIn Insight Tags to measure whether visitors to our websites make a purchase or take any other action (conversion measurement). Conversion measurement can also be performed across devices (e.g., from PC to tablet). LinkedIn Insight Tag also provides a retargeting feature that allows us to display targeted off-site advertising to visitors to our website, which LinkedIn states does not identify the ad recipient. LinkedIn itself also collects so-called log files (URL, referrer URL, IP address, device and browser properties and time of access). IP addresses are shortened or (if used to reach LinkedIn members across devices) hashed (pseudonymized). The direct identifiers of LinkedIn members are deleted by LinkedIn after seven days. The remaining pseudonymized data is then deleted within 180 days. The data collected by LinkedIn cannot be assigned to specific individuals by us as the website operator. LinkedIn will store the collected personal data of the website visitors on its servers in the USA and use it in the context of its own advertising measures. For details, see LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy#choices-oblig

Legal basis
If consent has been obtained, the above service is used exclusively on the basis of Art. 6 (1) (a) GDPR and Section 25 TTDSG. Consent may be revoked at any time. Unless consent has been obtained, the use of this service is based on Art. 6 (1) (f) GDPR; the website operator has a legitimate interest in effective advertising measures including social media.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: www.linkedin.com/legal/l/dpa and www.linkedin.com/legal/l/eu-sccs
Objection to the use of LinkedIn Insight Tag
Object to the analysis of usage behavior as well as targeted advertising by LinkedIn at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out 
Furthermore, LinkedIn members can control the use of their personal data for advertising purposes in the account settings. To avoid a link between data collected on our website by LinkedIn and your LinkedIn account, you must log out of your LinkedIn account before visiting our website.

 

Meta Pixel

We use the visitor action Pixel from Meta (parent company of Facebook and Instagram) for conversion measurement. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Meta, the collected data is also transferred to the U.S. and other third countries. 
Meta Pixel can be used to track the behavior of page visitors after they have been redirected to our website by clicking on a Facebook or Instagram ad. This allows analyzing the effectiveness of Facebook-ads for statistical and market research purposes and optimizing future advertising.

The collected data is anonymous for us as the operator of this website, we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Meta (Facebook / Instagram), so that a connection to the respective user profile is possible and Meta can use the data for its own advertising purposes, in accordance with the Meta (Facebook / Instagram) data usage policy (see https://de-de.facebook.com/privacy/policy/). This allows Meta to enable to place ads on Facebook and Instagram pages, as well as outside of Facebook and Instagram. This use of data cannot be influenced by us as the site operator.
The use of this service is based on your consent according to Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG. Consent may be revoked at any time.

Insofar as personal data is collected on our website with the use of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook. The processing by Facebook that takes place after the forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Meta tool and for implementing the tool on our website in a privacy-safe manner. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., information requests) regarding the data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obligated to forward them to Facebook.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
In the privacy policy of Meta (Facebook / instagram) you will find further information on the protection of your privacy: https://de-de.facebook.com/about/privacy/.
You can also disable the Custom Audiences remarketing function in the Ad Settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged in to Facebook.
If you do not have a Facebook account, you can opt out of usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/.



12. Used plugins and content delivery networks

Google Tag Manager
This website uses the Google Tag Manager. Google Tag Manager is a solution that allows marketers to manage website tags through one interface.

The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not collect any personal data. The tool takes care of triggering other tags, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been carried out at the domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.
We use the Google Tag Manager in the legitimate interest (Art. 6 (1) (f) GDPR).

Google Maps
This site uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. If Google Maps is enabled, Google may use Google Web Fonts for the purpose of uniform font display. When calling up Google Maps, your browser loads the required web fonts into your browser cache to display texts and fonts correctly .

Google Maps is used in the interest of an appealing presentation of our online offerings and to make it easy to find the places we indicate on the website. This constitutes a legitimate interest within the meaning of Article 6 (1) (f) GDPR. If corresponding consent has been requested, the processing takes place exclusively on the basis of Article 6 (1) (a) GDPR; consent may be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

More information on the handling of user data can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

Integration of the Trusted Shops Trustbadge
To display our Trusted Shops quality seal and to offer Trusted Shops products to buyers after they have placed an order, the Trusted Shops Trustbadge is integrated on this website.

This serves to protect our legitimate interests in optimal marketing by enabling secure shopping in accordance with Art. 6 (1) (1) (f) GDPR, which prevail in the context of a weighing up of interests. The Trustbadge and the services advertised with it are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne. The Trustbadge is provided by a CDN provider (content delivery network) as part of order processing. Trusted Shops GmbH also uses service providers from the USA. An adequate level of data protection is ensured. You can find more information about the data protection of Trusted Shops GmbH here.

When the Trustbadge is called up, the web server automatically saves a server log file, which also contains your IP address, the date and time of the call, the amount of data transferred and the requesting provider (access data) and documents the call. Individual access data is stored in a security database for the analysis of security anomalies. The log files are automatically deleted no later than 90 days after creation.

Further personal data is transferred to Trusted Shops GmbH if you decide to use Trusted Shops products after completing an order or if you have already registered to use them. The contractual agreement between you and Trusted Shops applies. For this purpose, personal data is automatically collected from the order data. Whether you as a buyer are already registered for product use is automatically checked using a neutral parameter, the e-mail address hashed by a cryptological one-way function. The e-mail address is converted into this hash value, which cannot be decrypted by Trusted Shops, before it is transmitted. After checking for a match, the parameter is automatically deleted.

This is necessary for the fulfillment of our and Trusted Shops’ overriding legitimate interests in the provision of the buyer protection linked to the specific order in each case and the transactional evaluation services pursuant to Art. 6 (1) (1) (f) GDPR. Further details, including the objection, can be found in the Trusted Shops privacy policy linked above and in the Trustbadge.

Further personal data is only transferred to Trusted Shops if you have consented to this, have decided to use Trusted Shops products after completing an order, or have already registered to use them. In this case, the contractual agreement between you and Trusted Shops applies.

 

YouTube with enhanced privacy
This website embeds videos from YouTube. The operator of the pages is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in extended data protection mode. According to YouTube, this mode causes YouTube not to store information about visitors to this website before they watch the video. The transfer of data to YouTube partners, on the other hand, is not necessarily excluded by the extended data protection mode. Thus, YouTube – regardless of whether you watch a video – connects to the Google DoubleClick network.

As soon as you start a YouTube video on this website, a connection to YouTube’s servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, YouTube may store various cookies on your end device after starting a video or use comparable recognition technologies (e.g., device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve user experience, and prevent attempted fraud.

If necessary, further data processing operations may be triggered after the start of a YouTube video, over which we have no control.

YouTube is used in the interest of an attractive presentation of our online offers. This constitutes a legitimate interest within the meaning of Article 6 (1) (f) GDPR. If corresponding consent has been requested, the processing takes place exclusively on the basis of Article 6 (1) (a) GDPR; consent may be revoked at any time.

Userlike
We use Userlike (hereinafter: “Userlike”) to process user requests via our support channels or via live chat systems. The provider is Userlike UG (limited liability), Probsteigasse 44 – 46, 50670 Cologne.

Messages that you send to us can be stored in the Userlike ticket system or answered in live chat by our staff. When you communicate with us through Userlike, we and Userlike store, among other things, your name and e-mail address, if you have provided them, and your chat history. This data is summarized in a profile.

The messages sent to us remain with us until you request us to delete them or the purpose for storing the data no longer applies (e.g., after we have completed processing your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

The use of Userlike is based on Art. 6 (1) (f) GDPR. We have a legitimate interest in processing your requests as quickly, reliably and efficiently as possible. If corresponding consent has been requested, the processing takes place exclusively on the basis of Article 6 (1) (a) GDPR; consent may be revoked at any time.

Userlike is based in the European Union, but uses Amazon Web Services servers, so your data may also be transferred to the USA.

For more information, please see the Userlike privacy policy: https://www.userlike.com/de/data-privacy and https://www.userlike.com/de/blog/live-chat-software-datenschutz-dsgvo.

 

13. Our social media presence

Data processing through social networks
We maintain publicly accessible profiles on social networks. The social networks used by us in detail can be found below. Social networks such as Facebook, Twitter, etc., can generally analyze your user behavior extensively when you visit their website or a website with integrated social media content (e.g., like buttons or advertising banners). Visiting our social media sites triggers numerous processing operations relevant to data protection.

In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your terminal device or by recording your IP address.

With the use of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising may be displayed on all devices on which you are or were logged in.

Please also note that we cannot track all processing on the social media portals. Depending on the provider, therefore further processing by the operators of the social-media-portals may therefore be carried out. For details, please refer to the terms of use and privacy policies of the respective social media portals.

Legal basis
Our social media presences are intended to ensure the most comprehensive possible presence on the internet and to enable effective user information and communication with users. This is a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which are to be specified by the operators of the social networks (e.g., consent within the meaning of Art. 6 (1) (a) GDPR).

Responsible party and assertion of rights
If you visit one of our social media sites (e.g., XING), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g., against XING).

Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are largely determined by the corporate policy of the respective provider.

Storage period
The data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose for storing it no longer applies, you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until you delete them. Mandatory legal provisions – in particular retention periods – remain unaffected. We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g., in their privacy policy, see below).

 

Social networks in detail
We maintain profiles on the following social networks

Facebook
We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter Meta). According to Meta, the collected data is also transferred to the USA and other third countries. We have entered into a joint processing agreement (Controller Addendum) with Meta. This agreement specifies the data processing operations for which we or Meta is responsible when you visit our Facebook page. You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
You can adjust your advertising settings independently in your user account. To do so, click on the following link and log in: https://www.facebook.com/settings?tab=ads. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381. For details, see Facebook’s privacy policy: https://www.facebook.com/about/privacy/

Instagram
We have a profile on Instagram.

XING
We have a profile on XING. The provider is New Work SE, Dammtorstrasse 30, 20354 Hamburg, Germany. For details on how they handle your personal data, please refer to XING’s privacy policy: https://privacy.xing.com/de/datenschutzerklaerung

LinkedIn
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you would like to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs. Details on how they handle your personal data can be found in LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy

YouTube
We have a profile on YouTube. The provider is the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on how they handle your personal data can be found in YouTube’s privacy policy: https://policies.google.com/privacy?hl=de.

 

14. Additional information for business contacts

Personal data that we usually process in the business process
We process personal data of our customers, prospective customers, service providers and partners that we receive directly in the course of our business relationship. If we have received data from you, we generally process it only for the purposes for which we received or collected it.

As a rule, we process the following categories of data from you

- Surname, first name
- Address and / or company address
- Telecommunication data
- Email address
- Company
- Professional function and/or position
- Bank details / credit card number / other payment details
- Data on the history of the business relationship
- Interest in direct marketing actions

In the course of the business initiation phase and during the business relationship, in particular through personal, telephone or written contacts, initiated by you or by one of our employees, further personal data is generated, e.g., information on contact channel, date, occasion and result; (electronic) copies of correspondence and information on participation in direct marketing measures.

On the other hand, we process personal data that we have permissibly obtained from publicly accessible sources (e.g., commercial and association registers, press, media, Internet) and are allowed to process.

Data processing for other purposes shall only be considered if the legal requirements necessary in this respect pursuant to Art. 6 (4) GDPR are given. We will, of course, comply with any information obligations pursuant to Art. 13 (3) GDPR and Art. 14 (4) GDPR in this case.

 

General Information on other recipients your data

Transfer to processors within the scope of Art. 28 GDPR
In accordance with the requirements of Art. 28 GDPR, we use order processors, for example in the area of IT services, web hosting, e-mail hosting or printing services. These service providers process personal data for us in accordance with instructions. If we commission service providers to fulfill our tasks, we always observe the provisions of data protection law; in particular, we only pass on data after concluding contracts for order processing.

Disclosure for the purpose of implementing a contractual relationship
If it is necessary for the performance of the contract with you, we pass on your data, for example, to banks, other payment service providers, shipping service providers or comparable service providers.

Disclosure due to a legal obligation
In the event of a legal or official obligation, we will pass on your data to public bodies or institutions (authorities, for example in the context of criminal prosecution).

Other entities, insofar as you have given us consent
If we have explicit consent, we will also pass on your data to other bodies. However, this is done within the limits in the presence of verifiable consent by you.

Disclosure for obtaining information
If we make advance payments, we reserve the right to obtain identity and credit information from specialized service providers (credit agencies) in order to protect our legitimate interests.

Disclosure to collection service provider
In order to collect outstanding receivables after several reminders, we may use collection service providers. On the one hand, this serves to process the contract, and on the other hand, it also serves to protect our legitimate interests.

 

General information on deletion periods for personal data

Principle of purpose limitation and compliance with statutory retention periods
We process the data as long as this is necessary for the respective purpose. To the extent necessary, we process your personal data for the duration of our business relationship, which also includes the initiation and performance of a contract.

In addition, like any company, we are obligated to comply with the statutory retention periods, for example the periods from commercial and tax law. Insofar as statutory retention obligations exist, the personal data in question will be stored for the duration of the retention obligation. The storage period is also based on the statutory limitation periods, which, for example, according to sections 195 et seq. of the German Civil Code (BGB), are generally three years, but in certain cases can be up to thirty years. After the retention period has expired, a check is made to determine whether there is a further need for processing. If the data is no longer required, it will be deleted.

Specific example
Insofar as you provide us with your contact details, for example by e-mail, telephone, or by handing over your business card, we store this data on the basis of Art. 6 (1) (b) GDPR on the basis of pre-contractual measures and in the legitimate interest (Art. 6 (1) (f) GDPR) of smooth and targeted communication. Insofar as no legal transaction is concluded, we will delete your data if you request us to do so or if no further contact takes place within a period of three years. If you enter into a legal transaction with us (Art. 6 1) (b) GDPR), we store your data for ten years until the expiry of the requirements under commercial and tax law. After this period, we will check whether we can delete the data and, if necessary, we will send it for deletion.

E-mails and business letters
We archive all our e-mail correspondence for ten years. If you write us an e-mail, your data and the entire e-mail content will be stored accordingly for 10 years. Most e-mails are deemed to be business letters; in addition, e-mails may contain information relevant to tax law. In our opinion, the effort required to check each individual e-mail is not commensurate with the benefits and the legitimate interests of the sender. However, you can of course ask us to erase it at any time and we will carry out a case-by-case review and inform you of the result. This may result in erasure or restriction of processing, depending on the content of the correspondence.

Revocation of your consent
Insofar as we process your data on the basis of your consent (Art. 6 (1) (a) GDPR), we will delete it after your revocation. Unless there are legitimate interests against a complete deletion. For example, we generally retain declarations of consent for up to three years after receipt of your revocation in the legitimate interest (Art. 6 (1) (f) GDPR). We keep the consent exclusively under restriction of processing in order to be able to defend ourselves in case of dispute.

 

15. Microsoft Teams audio and video conferences

Video conferences with Teams

We use the Microsoft Teams online conferencing tool to communicate with our customers. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.

 

Conclusion of a contract for order processing
We have concluded an order processing agreement with the Microsoft Teams provider and fully implement the strict requirements of the German data protection authorities when using Microsoft Teams.

Scope of data processing
When you communicate with us via video or audio conference over the internet, your personal data is collected and processed by us and Microsoft.
Microsoft Teams collects any data you provide/enter to use the tools (e-mail address and/or your phone number). Furthermore, Microsoft Teams processes the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” related to the communication process (metadata).

Furthermore, Microsoft Teams processes all technical data that is required to handle online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and connection type.
If content is exchanged, uploaded or otherwise made available within Microsoft Teams, it will also be stored on the Microsoft Teams servers. Such content specifically includes cloud recordings, chat/instant messages, voicemails uploaded photos and videos, files, whiteboards, and other information shared while using the service.

Please note that we do not have full control over the data processing operations of the tools used. Our options are largely determined by the provider’s corporate policy. For details on data processing, please refer to the Microsoft Teams privacy policy: https://privacy.microsoft.com/de-de/privacystatement.

 

Purpose and legal basis
Microsoft Teams is used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 (1) (b) GDPR).
Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 (1) (f) GDPR).
In the context of the initiation of the implementation of employment relationships, the use is made on the basis of Section 26 BDSG in addition to Art. 6 (1) (b) GDPR.
Insofar as consent (Art. 6 (1) (a) GDPR) has been requested, the use of the tools concerned is based on this consent; consent can be revoked at any time with effect for the future.

Storage period
The data collected directly by us via the video and conference tools will be erased from our systems as soon as you request us to erase it, revoke your consent to store it, or the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until you delete them. Mandatory statutory retention periods remain unaffected.
We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

This website uses cookies to provide the best possible experience. More information ...