Introduction This website is operated by: maevsi UG (haftungsbeschränkt). It is very important to us to handle the data of our website visitors with confidence and to protect them in the best possible way. For this reason, we make every effort to comply with the requirements of the GDPR. Below, we explain how we process your data on our website. We use language that is as clear and transparent as possible so that you truly understand what happens to your data.
General information
Processing of personal data and other terms Data protection applies to the processing of personal data. Personal data means all data with which you can be personally identified. This includes, for example, the IP address of the device (PC, laptop, smartphone, etc.) you are currently using. Such data is processed when 'something happens to it.' For example, the IP address is transmitted from the browser to our provider and stored there automatically. This constitutes processing (according to Art. 4 No. 2 GDPR) of personal data (according to Art. 4 No. 1 GDPR). These and other legal definitions can be found in Art. 4 GDPR.
Applicable regulations/laws - GDPR, BDSG, and TDDDG The scope of data protection is regulated by laws. In this case, these are the GDPR (General Data Protection Regulation) as a European regulation and the BDSG (Federal Data Protection Act) as a national law. In addition, the TDDDG supplements the provisions of the GDPR regarding the use of cookies.
The person in charge The person responsible for data processing on this website is the controller within the meaning of the GDPR. This is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data. You can reach the responsible person at:
maevsi UG (limited liability)
Virchowstrasse 4
34121 Kassel
Email: [email protected]
How data is processed on this website As we have already established, there is data (e.g. IP address) that is collected automatically. This data is mainly required for the technical provision of the website. If we also use personal data or collect other data, we will inform you of this or ask for your consent. Other personal data is shared with us consciously by you. You will find more detailed information below.
Your rights The GDPR provides you with comprehensive rights. These include, for example, free information about the origin, recipient, and purpose of your stored personal data. You can also request the rectification, restriction, or erasure of this data or lodge a complaint with the competent data protection supervisory authority. You can revoke your consent at any time. You can find out in detail what these rights are and how to exercise them in the last section of this Privacy Policy.
Data protection - Our view Data protection is more than just a chore for us! Personal data is of great value, and careful handling of this data should be a matter of course in our digitalized world. Additionally, as a website visitor, you should be able to decide for yourself what "happens" to your data, when, and by whom. Therefore, we commit to complying with all legal requirements, collecting only the data necessary for us, and treating it confidentially.
Disclosure and deletion The transfer and deletion of data are also important and sensitive topics. Therefore, we would like to briefly inform you in advance about our general approach to this. Data is only transferred based on a legal foundation and only if it is unavoidable. This may be the case, in particular, if it involves a so-called Data Processor and a Data Processing Agreement has been concluded in accordance with Art. 28 GDPR. We delete your data when the purpose and legal basis for processing cease to exist and no other legal obligations prevent its deletion. A comprehensive overview of this is provided in Art. 17 GDPR. For further information, please refer to this Privacy Policy and contact the responsible person if you have any specific questions.
Hosting This website is hosted externally. The personal data collected on this website is stored on the host's servers. This includes automatically collected and stored log files (see below for more details), as well as all other data provided by website visitors. External hosting is used to ensure the secure, fast, and reliable provision of our website and, in this context, serves to fulfill contracts with our potential and existing customers. The legal basis for processing is Art. 6 para. 1 lit. a, b, and f GDPR, as well as § 25 para. 1 TDDDG, insofar as consent includes the storage of cookies or access to information in the terminal device of the website visitor or user within the meaning of the TDDDG. Our host only processes data necessary to fulfill its service obligations and acts as our Data Processor, meaning it is subject to our instructions. We have concluded a corresponding Data Processing Agreement with our host. We use the following host: Hetzner
Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
Germany
Email: [email protected] https://www.hetzner.com/de/rechtliches/datenschutz.
Legal basis The processing of personal data always requires a legal basis. The GDPR provides for the following possibilities in Art. 6 (1) Sentence 1:
The data subject has given their consent to the processing of personal data concerning them for one or more specific purposes;
The processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures taken at the data subject's request;
Processing is necessary for compliance with a legal obligation to which the person responsible is subject;
The processing is necessary in order to protect the vital interests of the data subject or another natural person;
Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the person in charge;
Processing is necessary for the purposes of safeguarding the legitimate interests of the responsible person(s) or a third party, unless the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, override this, in particular where the data subject is a child.
In the following sections, we will provide you with the specific legal basis for the respective processing.
What happens on our website By visiting our website, we process personal data about you. To protect this data as best as possible against unauthorized access by third parties, we use SSL or TLS encryption. You can recognize this encrypted connection by the fact that https:// or a lock symbol is displayed in the address bar of your browser. In the following, you will learn which data is collected when you visit our website, for what purpose this is done, and on what legal basis.
Data collection when calling up the website By accessing the website, information is automatically stored in so-called server log files. This includes the following information:
Browser type and version
Operating system used
Referrer URL
Hostname of the accessing computer
Time of the server request
IP address
This data is temporarily required in order to display our website to you permanently and without problems. In particular, this data serves the following purposes:
System security of the website
System stability of the website
Website troubleshooting
Connecting to the website
Website presentation
The data processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR and is based on our legitimate interest in processing this data, in particular, the interest in the functionality of the website as well as its security. If possible, this data is stored pseudonymously and deleted after the respective purpose has been achieved. Insofar as the server log files allow the identification of the person concerned, the data is stored for a maximum period of 14 days. An exception exists if a security-relevant event occurs. In this case, the server log files are stored until the elimination and final clarification of the security-relevant event. Otherwise, a consolidation with other data does not take place.
Cookies
General This website uses so-called cookies. These are data records stored in the browser of your terminal device and related to our website. By setting cookies, website navigation, in particular, can be made easier for the visitor.
Reject cookies The setting of cookies can be prevented by adjusting the settings of your browser. Here you can find the corresponding links to frequently used browsers:
If you use another browser, it is recommended to search for your browser’s name along with "delete and manage cookies" in a search engine and follow the official link. Alternatively, you can manage your cookie settings under http://www.aboutads.info/choices/ or http://www.youronlinechoices.com. However, we must inform you that a comprehensive blocking/deletion of cookies can lead to impairments in the use of the website.
Technically necessary cookies We use technically necessary cookies on this website to ensure that our website functions without errors and in accordance with applicable laws. They help make the website user-friendly. Some functions of our website cannot be displayed without the use of cookies. The legal basis for this is, depending on the individual case, Art. 6 para. 1 lit. b, c, and/or f GDPR.
Technically unnecessary cookies We also use cookies on our website that are not technically necessary. These cookies are used, among other things, to analyze the surfing behavior of website visitors or to offer functions of the website that are not technically necessary. The legal basis for this is your consent pursuant to Art. 6 para. 1 lit. a GDPR. Technically unnecessary cookies are only set with your consent, which you can revoke at any time in the cookie consent tool.
Data processing through user input
Own data collection We offer the following services on our website: Personalized event recommendations and the Early Bird Program. For this purpose, we collect the following data:
Personalized event recommendations
Email address
Age
Preferences: size, format, category, and area of events
Early Bird Program
Email address
Name
The legal basis for this data processing is Art. 6 para. 1 lit. b GDPR. The data will be deleted as soon as the respective purpose ceases to apply and deletion is possible in accordance with legal requirements.
Contact
Email When you contact us by email, we process your email address and any other data contained in the email. This data is stored on the mail server and, in some cases, on the respective end devices. Depending on the request, the legal basis for this processing is regularly Art. 6 para. 1 lit. f GDPR or Art. 6 para. 1 lit. b GDPR. The data will be deleted as soon as the respective purpose no longer applies and deletion is possible in accordance with legal requirements.
Contact form We offer a contact form for reaching out to our company. In this form, we usually process:
Your first and last name
Your email address
Your telephone number
The content of your message
The data is stored on our web server and forwarded internally to the relevant email addresses. The legal basis for data processing is Art. 6 para. 1 lit. f GDPR, as we have a legitimate interest in responding to your request and providing an easy way to contact us. If the contact is aimed at the conclusion of a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR. We delete this data no later than three months after receipt unless it is required for an ongoing contractual relationship. We integrate the contact form of Monday
Monday.com Labs Ltd.
52 Menachem Begin Road
Tel Aviv 6713701
Israel
on our website. More details: https://monday.com/l/de/privatsphaere/datenschutzerklarung/.
Questionnaires/forms
In-house development We integrate self-developed forms on our website. The data entered will be stored on our servers. The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be withdrawn at any time. The legality of the processing that has already taken place remains unaffected by any revocation. The stored data can be made available at any time by email, or a request can be made for data deletion.
Mailing service
Amazon SES We use Amazon Simple Email Service (SES) as a mailing service. This service is provided by:
Amazon Web Services, Inc.
410 Terry Avenue North
Seattle
WA 98109
United States
Amazon SES is a cloud-based email service that can be integrated into applications to automate large volumes of emails. With Amazon SES, companies can send various types of emails, including transactional emails, marketing emails, and newsletters. Processing is based on consent according to Art. 6 para. 1 lit. a GDPR when we use the mailing service to contact leads. Consent can be revoked at any time. When sending emails for the specific purpose of initiating a contract or within an existing contractual relationship, the legal basis for processing is Art. 6 para. 1 lit. b GDPR, as the services used serve customer management and the fulfillment of our contractual obligations. The data will be deleted at the end of the contract between us and Amazon Web Services. In cases of data transfer to the USA, the standard contractual clauses (SCC) of the EU Commission apply. More details: https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice_German_2023-08-11.pdf.
Analysis and tracking tools
Google Analytics We use Google Analytics on this website. Google Analytics is a web analytics service. This service is provided by:
Google Ireland Limited ("Google")
Gordon House
Barrow Street
Dublin 4
Ireland
Google Analytics uses cookies to recognize the user and thus analyze usage behavior. These cookies are only set with consent. Consent can be revoked at any time and managed in our cookie consent tool. The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. The information collected here is usually transferred to a Google server in the USA and stored there. On July 10, 2023, the European Commission adopted an adequacy decision for the USA. Google LLC is certified under the EU-US Privacy Framework. However, as Google servers are located worldwide and data transfer to third countries (e.g., Singapore) cannot be ruled out, the EU Commission's Standard Contractual Clauses (SCC) apply. The use of Google Analytics results in IP anonymization. The IP address of the respective user is shortened on servers within the member states of the EU (or the European Economic Area) in such a way that it is no longer possible to trace it back to a natural person. In addition, Google undertakes to provide appropriate data protection via the Google Ads data processing conditions, creates an evaluation of website use and website activity, and provides the services associated with use. The Google Ads Data Processing Terms apply to companies that are subject to the EU General Data Protection Regulation (GDPR) of the European Economic Area (EEA), the California Consumer Privacy Act (CCPA), or similar regulations. An additional browser plugin can be used to prevent the information collected (such as the IP address) from being sent to Google and used by Google. The plugin and further information can be found at: https://tools.google.com/dlpage/gaoptout?hl=de. Otherwise, the storage period depends on the type of data processed. Each customer can choose how long Google Analytics stores data before it is automatically deleted. The maximum lifespan of a Google Analytics cookie is two years. More information on the use of data by Google can be found at: https://support.google.com/analytics/answer/6004245?hl=de. For all further questions, you can also contact [email protected].
Google Consent Mode We use Google Consent Mode on our website to adjust the use of Google services based on your consent. Depending on usage, Google Consent Mode may allow a certain level of data processing, even if consent is denied, but only in an anonymized form. In this process, IP addresses may be transmitted to Google. We use the Basic Consent Mode in such a way that we only utilize the full functionality of Google services with your consent and do not conduct limited data collection without your consent. Processing after consent serves to improve our website and analyze conversion events in an anonymized form. This allows us to better assess the performance of our marketing efforts. Processing is carried out in our legitimate interest to better control and use certain functions of the Google services requiring consent on the website. The legal basis for processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Further information on Google Consent Mode can be found at: https://support.google.com/analytics/answer/9976101.
Sentry We integrate the Sentry service on our website. This is a service provided by:
Functional Software, Inc.
Hawthorne St
San Francisco, CA 94107
USA
Sentry collects and stores data created from anonymized usage profiles in order to improve the technical stability of our website by monitoring system stability and detecting code errors. According to the service, user data, such as information on the device or time of error, is collected anonymously, is not used for personal purposes, and is subsequently deleted. Sentry may set cookies to track activity on our website and store certain information. These cookies help us operate the service, remember your preferences, and keep our website secure. The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as this consent includes access to information in the user's terminal device or the storage of cookies within the meaning of the TDDDG. Otherwise, the legal basis for the processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in anonymized analysis to ensure the technical stability of our website. More information: https://sentry.io/privacy/.
Cloudflare Web Analytics We integrate the Cloudflare Web Analytics service on our website. This is a service of:
Cloudflare Germany GmbH
Rosental 7
c/o Mindspace
80331 Munich
Germany
Cloudflare Web Analytics allows us to obtain important statistics about website usage. It enables us to retrieve the most important hostnames, URLs, countries, and other key metrics like status codes. Additionally, traffic spikes can be analyzed. No client-side information, such as that collected using cookies or localStorage, is used by Cloudflare. Cloudflare Web Analytics does not set cookies, does not collect personal information, and does not track visitors across different websites. The legal basis for the processing is Art. 6 (1) lit. f GDPR. We have a legitimate interest in the anonymized analysis to ensure the technical stability of our website. If data is transferred to the USA, the standard contractual clauses (SCC) of the EU Commission apply to ensure an appropriate level of data protection. More information: https://www.cloudflare.com/en-us/trust-hub/gdpr/.
Google Search Console We integrate the Google Search Console service on our website, which is operated by:
Google Ireland Limited
Gordon House
Barrow Street
Dublin 4
Ireland
Google Search Console is a service that enables us to monitor the indexing status of our website and optimize its visibility in Google search results. Various data is processed, including information on website performance, clicks, accesses, and technical errors that occur on the website. The purpose of data processing is to improve search engine optimization (SEO), analyze the technical performance of the website, and correct errors. The legal basis for data processing is Art. 6 para. 1 lit. f GDPR, as we have a legitimate interest in optimizing our website in the search results and ensuring its functionality. Google Search Console does not set cookies on our website. However, data may be transferred to third countries, in particular to the USA, as Google operates servers worldwide. The standard contractual clauses (SCCs) of the EU Commission are used to ensure an adequate level of data protection. The data is stored for as long as it is necessary for the respective processing purpose or until the user requests deletion. Further information on data processing can be found at: https://policies.google.com/privacy.
Social media profiles In addition to our website, our company is also present on social networks. Here, we want to present our company and create the opportunity to get in touch with us. We also use the opportunity to place advertisements and job postings on social media. In the following, we provide information about what data we and the respective social network process when you visit and interact with our profile.
LinkedIn We operate a LinkedIn profile on https://www.linkedin.com/. This social network is operated by:
LinkedIn Corporation
2029 Stierlin Court
Mountain View
CA 94043
USA
Interaction with our company profile When you visit our LinkedIn profile and interact with us via it, we process personal data. On the one hand, this includes the data made publicly available on the profile. On the other hand, we also process the personal data contained in posts, comments, or direct messages to us. Through interactions such as liking or sharing, we can see the user profile with the public information. The legal basis for this processing is Art. 6 para. 1 lit. f GDPR. It is in our legitimate interest to provide relevant and interesting content and to enable the use and functionality of our LinkedIn profile. Insofar as an inquiry is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures, our processing is based on Art. 6 para. 1 lit. b GDPR.
Page Insights LinkedIn provides us with aggregated statistics and insights (called Page Insights) that tell us how people interact with our Company Page. Among other things, we receive information about the number of profiles that view, comment on, or otherwise interact with our posts, as well as aggregated demographic and other information that helps us learn about interactions with our page or LinkedIn profile. Page Insights provided to us by LinkedIn consist of aggregated data, and LinkedIn does not provide us with any personally identifiable information about members in relation to Page Insights. We also have no way of linking Page Insights to individual members. When placing ads, LinkedIn provides us with information about the types of people who see our ads and about the success of our ads. Personal data is only passed on to us if the person has consented to such processing. We also receive information from LinkedIn that allows us to understand which of our ads led to a purchase being made or an action being taken. The purpose of processing this data is to analyze our reach and adapt our content and advertisements to user interests. By evaluating this data, we can recognize how our content, our profile, and our advertising are consumed. This enables us to create target group-specific content and place advertisements to better market our company and our services. The processing is based on our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. When processing personal data in the course of the so-called Page Insights, the processing is carried out in joint responsibility with LinkedIn in accordance with Art. 26 para. 1 GDPR. To this end, we have entered into a corresponding agreement with LinkedIn, which can be viewed here: https://legal.linkedin.com/pages-joint-controller-addendum.
The contact details of LinkedIn are:
LinkedIn Ireland Unlimited Company
Wilton Place
Dublin 2
Ireland
For LinkedIn, you can contact the data protection officer at the following link: https://www.linkedin.com/help/linkedin/ask/TSO-DPO.
Processing by LinkedIn In connection with your visit to our company profile, LinkedIn may also process additional personal data. In this case, the processing is carried out under the sole responsibility of LinkedIn and without our knowledge. You can find more information from LinkedIn at: https://de.linkedin.com/legal/privacy-policy.
Facebook We operate a Facebook fan page at https://www.facebook.com/. This social network is operated by:
Meta Platforms Ireland Limited
4 Grand Canal Square
Grand Canal Harbour
Dublin 2
Ireland
Interaction with our company profile When you visit our Facebook profile and interact with us via it, we process personal data. On the one hand, this includes the data made publicly available on the profile. On the other hand, we also process the personal data contained in posts, comments, or direct messages to us. Through interactions such as liking or sharing, we can see the user profile with its public information. The legal basis for this processing is Art. 6 para. 1 lit. f GDPR. It is in our legitimate interest to provide relevant and interesting content and to enable the use and functionality of our Facebook profile. Insofar as an inquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures, our processing is based on Art. 6 para. 1 lit. b GDPR.
Page Insights As explained in the Meta Privacy Policy under "How do we use your information?", Meta collects and uses information to provide analytics services, known as Page Insights, for site operators. This also applies to our Facebook page. Page Insights are summarized statistics that are created based on certain interactions of visitors with pages and the content associated with them (e.g., viewing a page or a video, subscribing to a page, marking a page with "Like" or "No longer like", etc.) and are logged by Meta's servers. In connection with Page Insights, Meta provides us with summarized statistics and insights that give us information about how people interact with our company page. We do not have access to any personal data, only to the summarized Page Insights. With the help of Page Insights, we can view anonymous statistics, e.g., the reach of our account, page views, likes, etc. These also contain evaluations according to the age, gender, and location of users (as specified in their respective Facebook profiles). To evaluate reach, we can configure settings or apply filters regarding time periods, specific posts, and demographic groupings. This data is anonymized. It is not possible for us to draw conclusions about specific individuals. The purpose of processing this data is to analyze our reach and adapt our content and advertisements to user interests so that visitors can derive the greatest possible benefit from them. By evaluating this data, we can understand how our content, our profile, and our advertisements are consumed. This enables us to create target group-specific content and place advertisements to better market our company and services. The processing is based on our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. When processing personal data in the course of the so-called Page Insights, we are jointly responsible with Facebook in accordance with Art. 26 para. 1 GDPR. We have concluded a corresponding agreement with Facebook for this purpose, which can be viewed here: https://www.facebook.com/legal/terms/page_controller_addendum. The contact details for Facebook are: Online contact: https://www.facebook.com/help/contact/1650115808681298 Postal:
Meta Platforms Ireland Limited
ATTN: Privacy Operations
Merrion Road
Dublin 4
D04 X2K5
Ireland
For Facebook, you can contact the data protection officer at the following link: https://www.facebook.com/help/contact/540977946302970. Further information about Page Insights: https://de-de.facebook.com/legal/terms/page_controller_addendum.
Processing of personal data and cookies by Meta When you access a Facebook page, the IP address assigned to your device is transmitted to Facebook. According to Facebook, this IP address is anonymized (for "German" IP addresses). Facebook also stores information about users' devices (e.g., as part of the "login notification" function); Facebook may thus be able to assign IP addresses to individual users. If you are currently logged in to Facebook, a cookie with your Facebook ID is stored on your device. This enables Facebook to track that you have visited this page and how you have used it. Facebook buttons integrated into websites allow Facebook to record your visits to those sites and associate them with your Facebook profile. This data can be used to tailor content or advertising to you. Information on how personal data can be managed or deleted can be found in Facebook's Privacy Center: https://www.facebook.com/privacy/center/. Further information on Facebook's data handling practices can be found here: http://de-de.facebook.com/about/privacy.
Instagram We operate an Instagram profile. This social media platform is offered by:
Meta Platforms Ireland Limited
4 Grand Canal Square
Grand Canal Harbour
Dublin 2
Ireland
Interaction with our company profile When you visit our Instagram profile and interact with us, we process personal data. On the one hand, this includes the data made publicly available on the profile. On the other hand, we also process the personal data contained in posts, comments, or direct messages to us. Through interactions such as liking or sharing, we can see the user profile with its public information. The legal basis for this processing is Art. 6 para. 1 lit. f GDPR. It is in our legitimate interest to provide relevant and interesting content and to enable the use and functionality of our Instagram profile. Insofar as an inquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures, our processing is based on Art. 6 para. 1 lit. b GDPR.
Insights As explained in the Meta Privacy Policy under "How do we use your information?" (https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect), Meta also collects and uses information to provide analytics services, known as Insights, for site operators. This also applies to our Instagram profile. Insights are summarized statistics created based on certain interactions of visitors with pages and the content associated with them, which are logged by Meta's servers. This includes, among other things:
How many people see and interact with our products, services, or content, such as posts, videos, Instagram pages, listings, stores, and advertisements (if the advertisement is shown on Meta products);
How people interact with our content, websites, apps, and services;
Which groups of people interact with our content and which groups use our services.
Meta provides us with summarized reports and insights that tell us how well our content, features, products, and services are performing. We do not receive access to personal data, only summarized reports. To evaluate reach, we can apply settings or filters regarding the selection of a time period, the viewing of a specific post, and demographic groupings. This data is anonymized. It is not possible for us to draw conclusions about specific individuals. The purpose of processing this data is to analyze our reach and adapt our content and advertisements to user interests so that visitors can derive the greatest possible benefit from them. By evaluating this data, we can understand how our content, profile, and advertising are consumed. This enables us to create target group-specific content and place advertisements to better market our company and services. The processing is based on our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. When processing personal data in the context of Insights, the processing is carried out under joint responsibility with Meta in accordance with Art. 26 para. 1 GDPR. We have concluded a corresponding agreement with Meta, which can be viewed here: (https://www.facebook.com/legal/terms/page_controller_addendum). Meta's contact details are as follows: Online contact: https://www.facebook.com/help/contact/1650115808681298 Postal:
Meta Platforms Ireland Limited
ATTN: Privacy Operations
Merrion Road
Dublin 4
D04 X2K5
Ireland
For Instagram, you can contact the data protection officer at the following link: https://www.facebook.com/help/contact/540977946302970. Further information about Insights: https://de-de.facebook.com/help/pages/insights. You can find Instagram's full privacy policy here: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect. Processing of personal data and cookies by Meta When you access an Instagram page, the IP address assigned to your device is transmitted to Meta. According to Meta, this IP address is anonymized (for "German" IP addresses). Meta also stores information about users' end devices (e.g., as part of the "login notification" function); Meta may thus be able to assign IP addresses to individual users. If you are currently logged in to Instagram, a cookie with your Instagram ID is stored on your device. This enables Meta to track that you have visited this page and how you have used it. Meta buttons integrated into websites allow Meta to record your visits to these websites and assign them to your Instagram profile. This data can be used to tailor content or advertising to you. Further information: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect.
TikTok We operate a TikTok channel. TikTok is provided by
TikTok Technology Limited
10 Earlsfort Terrace
Dublin
D02 T380
Ireland
(hereinafter "TikTok Ireland"). Our TikTok channel allows us to present ourselves to TikTok users and engage with them.
Interactions with our TikTok channel Users can interact with our TikTok channel via their TikTok account, for example, by liking or commenting on our posts. In doing so, we process associated data such as the username and profile picture. We use this data to optimize our content and its presentation and to tailor it to user interests. It is also possible to send us direct messages on our TikTok channel. The username and profile picture are also displayed here. The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in optimizing our TikTok channel and the content published there. We also have a legitimate interest in communicating with users to answer questions, respond to criticism, build relationships, and exchange information. This enables us to improve our services and respond to the needs of potential customers. By communicating via TikTok, we particularly reach younger audiences. Comments remain on the channel indefinitely and can be viewed by other users. The same applies to the use of the Like function and direct messages.
TikTok analysis When our TikTok channel is accessed and used, additional data is processed for TikTok analysis. These are summarized statistics that are created and logged by TikTok based on certain interactions of visitors with our TikTok channel and provide information about how our channel is interacted with. This data includes, but is not limited to:
Follower growth
Video views
Profile views
Likes, comments, and shares
Average playback time
Percentage of viewers who watch the entire video
Sources of traffic (e.g., profile, For You feed)
Geographical distribution of the audience
Activity times of the followers
The data is provided to us in aggregated form as statistics. We do not have access to personal data, only to the summarized statistics. Further information on TikTok analyses can be found here: https://www.tiktok.com/creators/creator-portal/en-us/tiktok-content-strategy/understanding-your-analytics/. This data is processed solely for the purpose of analyzing and improving the content on our TikTok channel. By evaluating this data, we can recognize how our content and our TikTok channel are consumed. This enables us to create target group-oriented content and, if necessary, place advertising to better market our company and services. The processing is based on our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. When processing personal data in the course of TikTok analyses, the processing is carried out under joint responsibility with TikTok in accordance with Art. 26 para. 1 GDPR. We have concluded a corresponding agreement with TikTok for this purpose, which can be viewed here. The contact details of TikTok are: Online contact: https://privacytiktok.zendesk.com/hc/en-us/requests/new Postal:
TikTok Technology Limited
10 Earlsfort Terrace
Dublin
D02 T380
Ireland
You can use this form to contact TikTok's data protection officer: https://www.tiktok.com/legal/report/DPO.
Processing of personal data by TikTok When using TikTok's services, TikTok processes the personal data of users. This includes data such as your IP address, location data, time zone settings, advertising IDs, app and browser versions, and device data (system, network type, device ID, screen resolution, operating system, audio settings, and connected audio devices). The TikTok profiles and channels accessed, likes, messages, and other usage data are also processed. If you are logged in with your own TikTok account, this data will be assigned to your account. Further information on the processing of data by TikTok can be found here: https://www.tiktok.com/legal/page/eea/privacy-policy/de.
Google company profile We have a so-called Google company profile. We use the information service offered by Google and the services of
Google Ireland Limited
Gordon House
Barrow Street
Dublin 4
Ireland
("Google").
Data processing by Google The Google page and its functions are used under your own responsibility. This applies in particular to the use of social and interactive functions (e.g., commenting, sharing, rating, direct messages). When you visit and interact with our Google company profile entry, Google also records your IP address and other information stored on your device in the form of cookies. This may enable Google to assign IP addresses to individual users or user accounts. This information is used to provide us, as the operator of the Google company profile entry, with statistical information about the use of Google services. The data collected in this context is processed by Google and may be transferred to countries outside the European Union. What information Google receives and how it is used is generally described by Google in its Privacy Policy. If you contact us via our Google company profile entry or other Google services by direct message, we cannot rule out the possibility that these messages may also be read and analyzed by Google (both by employees and automatically). We therefore advise against providing us with personal data. Instead, another form of communication should be chosen as early as possible. The use of this service is subject to the Google Privacy Policy, which you — by using this service — have already agreed to. Further information can be found in the Privacy Policy at the following link: https://policies.google.com/privacy?hl=de.
Data processing by us As the provider of our Google company profile entry, we do not collect or process any further data from the use of this Google service. If you contact us or publish a review about us, we will process your published profile data and the content of the review/comment. The legal basis is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our company and enabling the evaluation of our services to present our company and services to the public.
Third-party content
Google Fonts We have integrated Google Fonts locally on our server. Thus, despite the use, no data is transmitted to Google.
Cloudflare DNS We use the Cloudflare DNS service. This service is offered by:
Cloudflare Germany GmbH
Rosental 7
c/o Mindspace
80331 Munich
Cloudflare DNS provides protection against DDoS attacks and bot attacks and helps improve the security and performance of websites through global caching and a range of optimization features. For this purpose, Cloudflare receives data on the website accessed, the browser type used, the operating system, the referrer URL, the IP address, and the requesting provider. We obtain consent to collect this data. The legal basis is then Art. 6 para. 1 lit. a GDPR. This consent can be revoked at any time. Otherwise, the legal basis for the processing of personal data is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in optimizing and securing the content on our website to effectively protect ourselves against DDoS attacks and bot attacks. More information: https://www.cloudflare.com/en-us/trust-hub/gdpr/ and https://www.cloudflare.com/en-us/privacypolicy/.
Cloudflare Turnstile We use the Cloudflare Turnstile service. This service is offered by:
Cloudflare Germany GmbH
Rosental 7
c/o Mindspace
80331 Munich
Cloudflare Turnstile enables a CAPTCHA-free experience on the website. In addition, Turnstile prevents misuse and confirms that website visits are genuine. No data is collected for the retargeting of advertisements. For Apple devices with the latest macOS or iOS versions, validation is performed via Private Access Tokens without collecting or storing any personal data other than the user agent and browser properties, meaning that no data is passed on to Cloudflare or third parties. However, for users of other devices, Cloudflare Turnstile collects personal data such as the IP address and shares it with the provider in the USA. The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time. In the case of data transfer to the USA, the standard contractual clauses (SCCs) of the EU Commission apply. More details: https://www.cloudflare.com/en-us/trust-hub/gdpr/ and https://www.cloudflare.com/en-us/privacypolicy/.
Polyfill We use the functions of Polyfill, an open-source community project. We utilize the alternative provision by
Cloudflare Germany GmbH
Rosental 7
c/o Mindspace
80331 Munich
due to a security incident involving the original operator. The polyfill service provides code snippets, known as "polyfills." A polyfill is used to implement modern functions in older web browsers that do not support them natively, ensuring a consistent website experience across different browsers. When our website is accessed, the browser downloads all required polyfills to display the website correctly. For this purpose, technical information about the browser is collected. In addition, connection information (IP address) and the URL of the requesting website are recorded. This information is not stored. However, an anonymized version of the IP address, the domain of the requesting page, the user agent string of the browser, the requested polyfills, and the URL/HTTP method used for the request are stored. The legal basis is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in making the site accessible for older web browsers. Further information: https://www.cloudflare.com/en-us/trust-hub/gdpr/ and https://www.cloudflare.com/en-us/privacypolicy/.
Gravatar We integrate the functions of Gravatar on our website. This service is offered by:
Automattic Inc.
60 29th Street #343
San Francisco, CA 94110
USA
Gravatar is a service that allows users to create a single avatar image and link it to their email address. This avatar is then automatically displayed next to their name when posting comments or writing articles on Gravatar-enabled websites, forums, and blogs. Gravatar's main features include easy avatar creation and management, enabling a consistent online identity across multiple platforms. For this purpose, a hash of the email address and the IP address is transmitted to Automattic's servers in the USA. Gravatar sets both technically necessary cookies and cookies for analysis, performance measurement, and advertising. The latter are only set with consent, in accordance with Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time. Otherwise, data processing is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in offering users Gravatar functions on our website to ensure an unrestricted user experience. In the case of data transfer to the USA, the standard contractual clauses (SCCs) of the EU Commission apply. Further information: https://automattic.com/privacy/ and https://automattic.com/cookies/.
OpenAI API We integrate the functions of the OpenAI API on our website. This service is offered by OpenAI Inc., 3180 18th Street, San Francisco, California 94110, USA. OpenAI specializes in artificial intelligence and machine learning. With the OpenAI API, we can develop AI tools based on the databases and capabilities of ChatGPT/OpenAI. All inputs in our tool are processed. These inputs — such as natural language, images, or other data formats — are processed by OpenAI to develop machine learning models. This data is then used to improve or train the respective tool. OpenAI collects the IP address when the tool is used. If the tool is not used to process personal data, no personal data other than the IP address is collected. OpenAI may set cookies, but only with prior consent. The legal basis for this is Art. 6 para. 1 lit. a GDPR. Otherwise, the legal basis for data processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in using AI and ML models in our tools and integrating them into our website to optimize our service both technically and economically. If the function to automatically delete the chat history is not activated, the data entered will remain with OpenAI for 30 days for model training purposes. In the case of data transfer to the USA, the standard contractual clauses (SCCs) of the EU Commission apply. More information: https://openai.com/de-DE/policies/privacy-policy/.
Cloud backups We use cloud backup functions to protect website data and content from data loss, corruption, or security incidents. This ensures that the website can be restored quickly and completely in the event of a server failure, hacker attack, or other unforeseen events. If personal data is stored on our website, it is transferred to the servers of the respective provider during backups. The legal basis for data processing is Art. 6 para. 1 lit. f GDPR, as we have a legitimate interest in backing up our data. We use the following cloud backup service: Scaleway Object Storage, provided by:
Scaleway
8 Rue de la Ville-l'Évêque
75008 Paris
France
More information: https://www.scaleway.com/en/object-storage/.
This is also important Finally, we would like to inform you in detail about your rights and how you will be informed about changes in data protection requirements.
Your rights in detail
Right to information according to Art. 15 GDPR You can request information about whether your personal data is being processed. If this is the case, you can request further details about the type and manner of processing. A detailed list can be found in Art. 15 (1) (a) to (h) GDPR.
Right to rectification according to Art. 16 GDPR This right includes the correction of inaccurate data and the completion of incomplete personal data.
Right to deletion according to Art. 17 GDPR This so-called "right to be forgotten" gives you the right, under certain conditions, to demand the deletion of personal data by the controller. This is generally the case if the purpose of the data processing has ceased to exist, if consent has been revoked, or if the initial processing took place without a legal basis. You can find a detailed list of reasons in Art. 17 (1) (a) to (f) GDPR. Furthermore, this "right to be forgotten" corresponds with the obligation of the controller under Art. 17 (2) GDPR to take appropriate measures to ensure a general erasure of the data.
Right to restriction of processing according to Art. 18 GDPR This right is subject to the conditions set out in Art. 18 (1) (a) to (d) GDPR.
Right to data portability according to Art. 20 GDPR This right regulates the ability to receive one's own data in a common format and transfer it to another data controller. However, it only applies to data processed on the basis of consent or a contract pursuant to Art. 20 (1) (a) and (b) GDPR, and only to the extent that this is technically feasible.
Right to object according to Art. 21 GDPR In principle, you can object to the processing of your personal data. This applies in particular if your interest in objecting outweighs the legitimate interest of the controller in the processing and if the processing relates to direct marketing and/or profiling.
Right to "decision in individual cases" according to Art. 22 GDPR In principle, you have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you. However, this right is also subject to restrictions and additions in Art. 22 (2) and (4) GDPR.
Other rights The GDPR contains comprehensive rights to inform third parties about whether or how you have asserted rights under Art. 16, 17, and 18 GDPR. However, this only applies insofar as it is possible or feasible with reasonable effort. At this point, we would like to remind you once again of your right to withdraw your consent in accordance with Article 7 (3) GDPR. However, this does not affect the lawfulness of the processing carried out up to that point. In addition, we would like to inform you about your rights according to §§ 32 ff. BDSG, which are largely congruent with the rights just described.
Right of appeal according to Art. 77 GDPR You also have the right to lodge a complaint with a data protection supervisory authority if you consider that the processing of personal data relating to you infringes this Regulation.
What if tomorrow the GDPR is abolished or other changes take place? The current status of this Privacy Policy is 2025-03-31. From time to time, it is necessary to adapt the content of the Privacy Policy to reflect actual and legal changes. We therefore reserve the right to amend this Privacy Policy at any time. We will publish the amended version in the same place and recommend that you read the Privacy Policy regularly.