Privacy Policy

Thank you for visiting our website and for your interest in our company. When processing your personal data, we strive to take the greatest possible care. The following information provides a compact and simple overview of what happens to your personal data when you visit our website. Your personal data will be processed in accordance with the relevant legal provisions.

Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the member states of the EU as well as other data protection regulations is:

Noyes Technologie GmbH
Leopoldstraße 37a
80802 Munich
Germany

Contact information for questions about data protection

We have appointed a data protection officer. For questions on the subject of data protection, please contact: datenschutz@confidentdata.de.

Validity and changes of the privacy policy

This privacy policy is valid and is dated from:

28th of February 2023

Due to the further development of our website or the implementation of new technologies and features, it may become necessary to change this privacy policy. We reserve the right to make appropriate changes at any time.

Data protection rights and information on the right to object

Your rights of access, rectification, restriction, erasure, data portability and to lodge a complaint with the supervisory authority

Every data subject has the right of access pursuant to Art. 15 GDPR, the right to rectification pursuant to Art. 16 GDPR, the right to erasure pursuant to Art. 17 GDPR, the right to restriction of processing pursuant to Art. 18 GDPR, the right to object pursuant to Art. 21 GDPR and the right to data portability pursuant to Art. 20 GDPR.

With regard to the right of access and the right of erasure, the restrictions pursuant to §§34 and 35 Federal Data Protection Act (BDSG) apply.

You may object to the processing of your personal data at any time. This also applies to objections of declarations of consent given to us before the applicability of the General Data Protection Regulation, i.e. before May 25, 2018. Please note that the objection is only effective for the future. Processing that took place before the objection is not affected by it.

In addition, there is a right to lodge a compliant with the supervisory authority (Art. 77 GDPR in conjunction with § 19 Federal Data Protection Act (BDSG)). A list of the supervisory authorities (for the non-public sector) with address can be found at: https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html

Information on the right to object pursuant to Art. 21 GDPR

Right to object to the collection of personal data in special cases and recipient of the request

You have the right to object at any time, based on reasons relating to your particular situation, to the processing of your personal data on the basis of Art. 6 (1) lit. f GDPR (data processing on the basis of a balance of interests); this also applies to profiling based on this provision within the meaning of Art. 4 (4) GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.

The objection can be made informally with the subject “Objection” stating your name, address or other identification features to the contact data stored in the imprint.

General reference

Data erasure routine

As a matter of principle, we only store your personal data for the period of time required to achieve the purpose of storage or if this is stipulated by national or European legislation.

In Germany there is an obligation to retain documents for 6 years in accordance with § 257 (1) Commercial Code (Handelsgesetzbuch – HGB), which effects the e.g. the storage period of commercial books, inventories, opening balances, annual financial statements, business letters or accounting vouchers. And pursuant to § 147 (1) & (3) Fiscal Code of Germany (Abgabenordnung – AO), it is 10 years for books, records, management reports, accounting vouchers, documents relevant to taxation, and 6 years in particular for commercial and business letters.

If the purpose of storage no longer applies or if a legally prescribed storage period expires, your personal data will be deleted routinely and in accordance with the statutory provisions.

Please also be aware of the specific explanations on individual storage and deletion periods of the respective data processing in this data protection declaration.

Data security

We use technical and organizational security measures to protect your personal data against misuse, loss, destruction or access by unauthorized persons. The security measures taken into account (such as encryption procedures, firewall and virus protection, back-up and recovery procedures) correspond to the current state of the art and are continuously updated.

Nevertheless, we would like to point out that there is always a certain residual risk when communicating on the Internet, which depends on the user’s respective usage behavior and over which we consequently have no influence.

Data processing by processors

Tools and plug-ins from third-party providers are used on our website as part of commissioned processing. A data processing agreement has been duly concluded with all commissioned processors used, which ensures an appropriate level of data protection.

You can find more information about the data processing by the processors used in the section of the third-party tool in this privacy policy.

Transfers to third countries

When browsing our website, personal data may be transferred to servers in third countries outside the European Union through the integration of individual plug-ins and tools. Details about these data transfers, if any, including the respective valid legal basis, can be found in the section of the respective third-party tool in this privacy policy.

Scope (external links)

This privacy policy applies exclusively to visits to our own website.

At some points on our website, external websites of third parties are linked. These websites are subject to the liability of the respective operators. If you notice that links on the websites refer to Internet pages whose contents violate applicable law, please notify us via the e-mail address provided in the imprint.

We will then immediately remove these links from our website. The providers do not assume any liability for the topicality, correctness, completeness or quality of the information provided.

Hosting

External hosting provider

We use an external provider to host our website.

Provider:
IONOS SE
Elgendorfer Str. 57
56410 Montabaur
Germany

Purpose:
Reliable accessibility and presentation of our website.

Legal basis:
The use of our hoster is based on our legitimate interest in the most reliable accessibility and presentation of our website, pursuant to Art. 6 (1) lit. f GDPR.

Right to object / Opt-Out:
Information on your right to object according to Art. 21 GDPR can be found in the section on data subject rights.

Data processing agreement:
We have concluded a data processing agreement (DPA) with our hoster, which ensures that the personal data of our website visitors is only processed according to our instructions and in compliance with the GDPR.

SSL- / TLS-Encryption:
To protect the security of your data during transmission, we use the SSL or TLS encryption method via HTTPS.

Server-Log-Files:

When you browse our website, technical information of your browser session is automatically processed by our server. This data (so-called server log files) includes for example: the type of web browser, the operating system used, the domain name of your Internet service provider, your IP address and the like.

Purpose:
Ensuring a stable and smooth connection to the website, a responsive use of our website and the guarantee of system security and stability. We also reserve the right to check the server log files on a regular basis if there are concrete indications of illegal use.

Legal Basis:
The legal basis for the processing of the server log files is our legitimate interest in an error-free and secure presentation of our website, pursuant to Art. 6 (1) lit. f GDPR.

Provision of your data voluntary or mandatory:
The provision of server log files is neither legally nor contractually required. Without the collection of the log files, however, the functionality of our website is not guaranteed.

Storage period:
The server-log-files are deleted as soon as it is no longer required for the purpose of collection. This is generally the case for the data used to provide the website when the respective session has ended.

Cookies

Cookies

Cookies are pieces of information that are transmitted from our web server or third-party web servers to users’ web browsers, where they are stored for later retrieval. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your terminal device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser.

If you agree, cookies from third-party companies may also be stored on your end device (third-party cookies). These help us or you to use certain services of the third-party company (e.g., reach measurement and evaluation of the usage behavior of our website, etc.)

Cookies can be used for different purposes. A distinction is made between technically necessary cookies, without which the website would not function (e.g. session cookies, or the cookie that stores your consent preferences). And technically unnecessary cookies, which help the website operator to evaluate the usage behavior on the website, or which are used for marketing purposes.

Technically necessary cookies are stored on the basis of our legitimate interest, according to Art. 6 (1) lit. f GDPR and §25 (2) TTDSG. The website operator has a legitimate interest in the use of cookies for the technically accurate and optimized provision of its online presence.

For the use of technically unnecessary cookies, your explicit consent is required. The legal basis for this processing in these cases is therefore your consent, according to Art. 6 (1) lit. a GDPR and §25 (1) TTDSG. You can revoke your consent at any time.

You can configure your browser in a privacy-friendly way. These settings allow you, for example, to exclude the acceptance of cookies for certain cases or in general and to automatically delete all cookies that have been set during the browser session when closing the browser. If cookies are turned off in general, some functions of the website may not be displayed correctly.

If cookies are used by third-party providers or for purposes that are not technically necessary, you will find the individual details about this in this privacy policy.

Borlabs Cookie

Provider:
Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg, Germany.

Purpose:
Borlabs cookie is used to obtain consent from website users to store certain cookies and to use certain third-party tools, and to document this consent in compliant manner.

Description of data processing:
When you browse our website for the first time, you are asked for your cookie preferences in Borlabs’ consent manager. A cookie is then set in your browser, which stores your cookie preferences for further browsing on our site. No personal data is passed on to Borlabs in this process.

Legal basis:
Obtaining legally required consent for the use of cookies according to Art. 6 (1) lit. c GDPR.

Provision of your data voluntarily or required:
Obtaining your cookie preferences is required by law.

Storage period:
The collected data is stored until you request us to delete it or delete the Borlabs cookie yourself, or until the purpose for storing the data no longer applies.

Borlabs is not a processor:
No personal data is transmitted to Borlabs. Borlabs is therefore not a processor in terms of GDPR.

Further notes on data protection:
https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

Website data processing

Newsletter

Purpose:
Sending a newsletter for marketing purposes.

Description of data processing:
On our website visitors can sign up for a newsletter. If you decide to subscribe, your data will only be used to send you the newsletter you have subscribed to by e-mail and, if you have also consented to this, to evaluate how you use the newsletter and any content linked to it. To receive the newsletter, it is only mandatory to provide a valid e-mail address.All other information requested is voluntary.

Legal basis:
The receipt of our newsletter requires your consent. This consent is obtained as part of the newsletter sign up process. Legal basis is therefore Art. 6 (1) lit. a GDPR.

Right to object / Opt-Out:
Your consent to receive the newsletter and the storage of your data can be revoked at any time. In every newsletter you will find a link to opt-out. In addition, the consent can be revoked by contacting us using the contact information provided in this policy.

Provision of your data voluntarily or required:
The provision of your data is voluntary, based on your consent. However, without your consent, the receipt of our newsletter is not possible.

Storage period:
Your data will only be processed as long as we have your consent in receiving our newsletter.

Use of a third-party newsletter tool:
To ensure an efficient and performative newsletter mailing, we use a third-party newsletter. You can find more information about the newsletter tool we are using in the section about third-party tools.

Contact requests

Purpose:
Processing of the request.

Description of data processing:
Requests by e-mail, telephone or fax, including all resulting personal data, are stored and processed for the purpose of processing. A passing on of the data does not take place without your consent.

Legal basis:
The processing of your request is based on our legitimate interest of pursuing our business interests pursuant to Art. 6 (1) lit. f GDPR. If you contact us to request a contractual offer, the processing is carried out for the implementation of pre-contractual measures pursuant to Art. 6 (1) lit. b GDPR.

Right to object / Opt-Out:
Information on your right to object according to Art. 21 of the GDPR can be found in the section on data subject rights above.

Provision of your data voluntarily or required:
The provision of your data is neither legally nor contractually required. However, without the information a processing of your request is not possible.

Storage period:
Your data will be deleted at the latest 6 months after processing the request. If a contractual relationship exists, we are subject to the statutory retention periods and delete your data after six or ten years.

Online contact form
By providing an online contact form, we would like to enable you to contact us easily. The information you provide will be stored for the purpose of processing the request and for possible follow-up questions, taking into account the above-mentioned storage period.

Use of a third-party CRM-Tool:
The personal data resulting from your inquiry may be stored in our third-party Customer Relationship Management System (CRM). For more information on the CRM system that is used, please refer to the section Third-party tools.

Applications via the website

Purpose:
Processing of applications.

Description of data processing:
On our website, users have the possibility of applying to us either via our application form or directly by e-mail. In this context, we will inform you separately about the details of the processing of your application data with corresponding data protection information according to Art. 13, 14 and 21 GDPR.

Legal basis:
The processing of your application is primarily based on the decision on the establishment of an employment relationship (Art. 88 GDPR in conjunction with § 26 Federal Data Protection Act (BDSG)). Furthermore, we may process your data for the fulfillment of legal obligations if this is necessary (Art. 6 (1) lit. c GDPR),

Provision of your data voluntarily or required:
The provision of your application is voluntary. However, we can only make a decision on the establishment of an employment relationship if you provide such personal data that is required for the execution of the application.

Storage period:
Your application documents will be deleted no later than six months after the end of the application process (e.g. notification of the rejection decision), unless longer storage is legally required or permitted.

Use of a third-party HR Tool:
Your application data may be entered into our external HR software solution. For more information on the tool used, please refer to the section Third-party tools.

Thrid party tools

Google Analytics

Provider:
Google – Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Purpose:
Analysis of the behavior of website visitors by evaluating, for example, page views, dwell time, operating system, etc., in order to optimize the website.

Description of data processing:
Google Analytics helps us to analyze the traffic of our website. For this to work, a tracking code provided by Google Analytics and integrated via the Google Tag Manager is implemented on our website. If you consent to tracking by Google Analytics, a cookie is set on your device, which gives your device a unique identifier (tracking ID). This cookie is linked to Google Analytics. It records the surfing behavior of our website visitors and the resulting statistics may provide information about which target groups feel addressed by our website.

Legal basis:
The use of Google Analytics requires your consent. This consent is obtained via our Consent Management Tool. Legal basis is therefore Art. 6 (1) lit. a GDPR and §25 (1) TTDSG. The consent can be revoked at any time. Please read the information about your right to object according to Art. 21 GDPR in the section about your data protection rights above.

Right to object / Opt-Out:
Information on your right to object according to Art. 21 of the GDPR can be found in the section on data subject rights. In the footer area of the website, you have the option of resubmitting your cookie preferences. Another option for opting out is to manually delete the website cookies in your browser settings or click the opt-out link below. On top of that Google provides a browser plug-in for a permanent opt-out: https://tools.google.com/dlpage/gaoptout?hl=en.

Provision of data voluntarily or required:
The provision of your data is voluntary.

Further notes on data protection:
Notes on data protection and Google Analytics: https://support.google.com/analytics/answer/6004245?hl=de.
General information about Google Analytics: https://marketingplatform.google.com/about/analytics/terms/de/.
Googles privacy policy: https://policies.google.com/privacy.

Anonymize-IP:
We have activated the IP anonymization function. This means that no full IP addresses of visitors within the European Economic Area (EEA) are stored and transmitted unabbreviated to the USA. A transmission of unabbreviated IP addresses

Data storage 14 months:
We have configured Google Analytics so that the stored data at user and event level is automatically deleted after 14 months. You can find more information about the storage period of the tool here: https://support.google.com/analytics/answer/7667196?hl=de.

Data Processing Addendum:
We have entered into a direct customer agreement with Google for the use of Google Analytics by accepting their “Data Processing Addendum” (DPA) in the Google Analytics settings. You can find more information about these data processing conditions here: https://privacy.google.com/businesses/controllerterms/mccs/.

Transfers to third countries:
Processing also takes place outside the EU, namely in the USA. Guarantees exist in the form of concluded Standard Contractual Clauses (SCC) of the European Commission, pursuant to Art. 46 (2) lit. c GDPR. Information on Googles SCCs can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

Google Tag Manager

Provider:
Google – Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Purpose:
Efficient organization and integration of Google tools on our website.

Description of data processing:
The Google Tag Manager allows us to centrally integrate and manage various Google tools. For this purpose, small sections of code (so-called tags) of the various Google products (such as Google Analytics, Google Ads, etc.), but also tags from other companies are integrated into the Google Tag Manager and managed from there. The Google Tag Manager itself does not store any personal data, so it only acts as an “intermediary”. The situation is different for the tools that are integrated via the Tag Manager. The data protection relevance of these tools is indicated in the corresponding text passages.

Legal basis:
The use of the Google Tag Manager requires your consent. This consent is obtained via our Consent Management Tool. Legal basis is therefore Art. 6 (1) lit. a GDPR and §25 (1) TTDSG. The consent can be revoked at any time.

Right to object / Opt-Out:
Information on your right to object according to Art. 21 of the GDPR can be found in the section on data subject rights. In the footer area of the website, you have the option of resubmitting your cookie preferences. Another option for opting out is to manually delete the website cookies in your browser settings.

Provision of data voluntarily or required:
The provision of your data is voluntary.

Storage period:
The Google Tag Manager itself does not store cookies, user profiles, analyses, etc.. How long the analysis tools integrated via the Google Tag Manager store your data can therefore be found in the respective text passages.

Further notes on data protection:
How the Google Tag Manager works: https://support.google.com/tagmanager/?hl=de#topic=3441530.
Googles privacy policy: https://policies.google.com/privacy?hl=de.

Data Processing Addendum:
By accepting the Google Tag Manager Terms of Service, we have also entered into the Google Ads Data Processing Terms. Googles terms can be viewed as a Data Processing Addendum (DPA). The DPA can be found here: https://business.safety.google/adscontrollerterms/sccs/eu-c2c/.

Data transfers to third countries:
Processing also takes place outside the EU, namely in the USA. Guarantees exist in the form of concluded Standard Contractual Clauses (SCC) of the European Commission, pursuant to Art. 46 (2) lit. c GDPR. The SCCs can be found here: https://business.safety.google/adscontrollerterms/sccs/eu-c2c/.

Hubspot CRM

Provider:
Hubspot – Hubspot Inc. 25 Street, Cambridge, MA 02141 USA.

Purpose:
Efficient customer communication and customer management.

Description of data processing:
To manage our customers, we use the customer relationship management system (CRM) Hubspot. When you contact us, for example by filling out one of our website forms, your data can be transferred to the Hubspot CRM system. There we can centrally manage your request and control and analyze customer-related processes. In this process personal data is transmitted to Hubspot`s servers. Furthermore, in case of your consent, we can also control marketing measures (e.g. newsletter campaigns) with Hubspot or record and analyze the usage behavior of our contacts on our website.

Legal basis:
The processing of customer data with Hubspot is based on our legitimate interest in the most efficient customer management and customer communication possible, pursuant to Art. 6 (1) lit. f GDPR. The sign-up for our newsletter that is provided by Hubspot and the storage of Hubspot`s third-party cookies when you visit our website on the other hand require your consent. This consent is obtained via our Consent Management Tool. Legal basis is therefore Art. 6 (1) lit. a GDPR and §25 (1) TTDSG. The consent can be revoked at any time.

Right to object / Opt-Out:
Information on your right to object according to Art. 21 of the GDPR can be found in the section on data subject rights. You can object your given consent in every newsletter mail by clicking on unsubscribe in the footer section of each mail. You then will no longer receive the newsletter. Regarding Hubspots` third-party cookies, you have the option to resubmit your cookie settings in the footer area of the website. Another opt-out option is to manually delete the website cookies in your browser settings.

Provision of data voluntarily or required:
The provision of your data is voluntary. Without the provision of your data, however, we may not be able to enter into a contractual relationship with you.

Storage period:
The customer data transmitted to Hubspot is deleted as soon as it is no longer required or you request us to delete it. If there is a contractual relationship, we are subject to the statutory retention periods and delete your data after six or ten years.

Further notes on data protection:
Hubspot`s privacy policy: https://legal.hubspot.com/de/privacy-policy.

Data Processing Addendum:
We have concluded Hubspots data processing addendum (DPA), which ensures that the personal data of our website visitors is only processed according to our instructions and in compliance with the GDPR. Hubspots DPA can be found here: https://legal.hubspot.com/dpa.

Data transfers to third countries:
Processing also takes place outside the EU, namely in the USA. Guarantees exist in the form of concluded Standard Contractual Clauses (SCC) of the European Commission, pursuant to Art. 46 (2) lit. c GDPR. Further Information on Hubspot and the SCCs can be found here: https://legal.hubspot.com/dpa.

Personio HR Software

Provider:
Personio – Personio GmbH, Rundfunkplatz 4, 80335 Munich, Germany.

Purpose:
Efficient HR-Management and application management.

Description of data processing:
Our Human Resources Management uses the cloud-based HR operating system Personio. The tool helps us to deal with HR processes, such as the applications via our website. When you apply for a job at our company, your data can be transferred in to the Personio HR Operating System. There we can centrally manage your application and control and analyze HR-related processes. All applicants will, of course, be informed separately about the data processing in the context of their application.

Legal basis:
The processing of applicant data with Personio is based on our legitimate interest in the most efficient HR-Management and application management, pursuant to Art. 6 (1) lit. f GDPR.

Right to object / Opt-Out:
Information on your right to object according to Art. 21 of the GDPR can be found in the section on data subject rights.

Provision of data voluntarily or required:
The provision of your data is voluntary. Without the provision of your data, however, we may not be able to enter into a contractual relationship with you.

Storage period:
The applicant data transmitted to Personio is deleted as soon as it is no longer required (after 6 months the latest) or you request us to delete it. If the application leads to an employment relationship, other retention periods apply.

Further notes on data protection:
Personios privacy policy: https://www.personio.com/privacy-policy/.

Data processing addendum:
We have concluded Personio`s data processing addendum, which ensures that Personio only processes the personal data according to our instructions and in compliance with the GDPR.

Salesforce Sales Cloud

Provider:
Salesforce – salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich, Germany.

Purpose:
Efficient customer communication and customer management.

Description of data processing:
To manage our customers, we use the customer relationship management system (CRM) Salesforce Sales Cloud. When you contact us, for example by filling out one of our website forms, your data can be transferred to the Salesforce CRM system. There we can centrally manage your request and control and analyze customer-related processes. This happens in the Salesforce Sales Cloud, which means that personal data is transmitted to Salesforce’s servers. Salesforce has assured us that our customer data is hosted exclusively on servers in the EU. In exceptional cases – for example, in the event of technical problems – data may nevertheless be transferred to the parent company of Salesforce in the USA, salesforce.com inc, Salesforce Tower, 415 Mission Street, San Francisco, CA 94105, USA.

Legal basis:
The processing of customer data with Salesforce Sales Cloud is based on our legitimate interest in the most efficient customer management and customer communication possible, pursuant to Art. 6 (1) lit. f GDPR. The storage of Salesforces` third-party cookies when you visit our website on the other hand requires your consent. This consent is obtained via our Consent Management Tool. Legal basis is therefore Art. 6 (1) lit. a GDPR and §25 (1) TTDSG. The consent can be revoked at any time.

Right to object / Opt-Out:
Information on your right to object according to Art. 21 of the GDPR can be found in the section on data subject rights. Regarding Salesforces’ third-party cookie, you have the option to resubmit your cookie settings in the footer area of the website. Another opt-out option is to manually delete the website cookies in your browser settings.

Provision of data voluntarily or required:
The provision of your data is voluntary. Without the provision of your data, however, we may not be able to enter into a contractual relationship with you.

Storage period:
The customer data transmitted to Salesforce is deleted as soon as it is no longer required or you request us to delete it. If there is a contractual relationship, we are subject to the statutory retention periods and delete your data after six or ten years.

Further notes on data protection:
Salesforce privacy policy: https://www.salesforce.com/de/company/privacy/.

Data Processing Addendum:
We have concluded Salesforces data processing addendum (DPA), which ensures that the personal data of our website visitors is only processed according to our instructions and in compliance with the GDPR. Salesforces DPA can be found here:
https://www.salesforce.com/content/dam/web/en_us/www/documents/legal/Agreements/data-processing-addendum.pdf.

Data transfers to third countries:
In exceptional cases, processing also takes place outside the EU, namely in the USA. Guarantees exist in the form of binding corporate rules (BCR) in accordance with Article 47 of the GDPR, to which Salesforce has committed itself and which have been approved by the French data protection authority and also in the form of concluded Standard Contractual Clauses (SCC) of the European Commission, pursuant to Art. 46 (2) lit. c GDPR. Salesforces SCCs can be found here: https://www.salesforce.com/content/dam/web/en_us/www/documents/legal/Agreements/scc-amendment.pdf.

Vimeo

Provider:
Vimeo – Vimeo Inc., 555 West 18th Street, New Yoirk 10011, USA.

Purpose:
Improving our website by displaying video content.

Description of data processing:
We have embedded videos from the video portal Vimeo on our website, using the “Do-Not-Track” setting. If you choose to play a Vimeo video on our website, a connection to the servers of Vimeo is established. Hereby the provider is informed about your IP address and the information on which of our pages you clicked on the video. The do-not-track setting of the tool, which we have deliberately chosen, ensures that Vimeo itself will not set any analysis cookies that track your user activity.

Legal basis:
The use of Vimeo requires your consent. This consent is obtained via our Consent Management Tool, respectively will be obtained before clicking on the displayed Vimeo content. Legal basis is therefore Art. 6 (1) lit. a GDPR and §25 (1) TTDSG. The consent can be revoked at any time.

Right to object / Opt-Out:
Information on your right to object according to Art. 21 of the GDPR can be found in the section on data subject rights. In the footer area of the website, you have the option of resubmitting your cookie preferences. Another option for opting out is to manually delete the website cookies in your browser settings.

Provision of data voluntarily or required:
The provision of your data is voluntary.

Storage period:
By embedding video content from Vimeo, we do not consciously collect user data. How long Vimeo stores your data, on the other hand, can not be clearly quantified from our side.

Further notes on data protection:
Vimeo privacy policy: https://vimeo.com/privacy.

Transfers to third countries:
The processing also takes place outside the EU, namely in the USA. Vimeo relies here on its “legitimate business interests” as well as on appropriate safeguards in the form of standard contractual clauses, pursuant to Art. 46 (2) lit. c GDPR. You can find more information here: https://vimeo.com/privacy#international_data_transfers_and_certain_user_rights.

YouTube

Provider:
Google – Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Purpose:
Improving our website by displaying video content.

Description of data processing:
We have embedded YouTube videos on our website using the so called “extended data protection mode”. This embedding method ensures that YouTube does not store any information about our visitors before they watch the video on our website. However, the transfer of data to the Google DoubleClick network cannot necessarily be excluded by the extended data protection mode. As soon as you start a YouTube video on our website, your browser establishes a connection to YouTube’s servers. This tells YouTube which page you have visited. If you are logged into your YouTube account at this time, the data is merged. In addition, YouTube sets cookies on your end device when you start a video. In summary, it can be said that after starting a YouTube video, data processing operations are triggered over which we have no influence.

Legal basis:
The use of YouTube requires your consent. This consent is obtained via our Consent Management Tool, respectively will be obtained before clicking on the displayed Vimeo content. Legal basis is therefore Art. 6 (1) lit. a GDPR and §25 (1) TTDSG. The consent can be revoked at any time.

Right to object / Opt-Out:
Information on your right to object according to Art. 21 of the GDPR can be found in the section on data subject rights. In the footer area of the website, you have the option of resubmitting your cookie preferences. Another option for opting out is to manually delete the website cookies in your browser settings.

Provision of data voluntarily or required:
The provision of your data is voluntary.

Storage period:
By embedding video content from YouTube, we do not consciously collect user data. How long Vimeo stores your data, on the other hand, can not be clearly quantified from our side.

Further notes on data protection:
Googles privacy policy, as YouTubes parent company: https://policies.google.com/privacy?hl=de.
For owners of a Google Account:
Link to disable the recording of your YouTube history: https://myactivity.google.com/myactivity.
Link to the data and privacy settings: https://myaccount.google.com/data-and-privacy.

Transfers to third countries:
A transfer of your data also takes place outside the EU, namely in the USA. The European Court of Justice is of the opinion that there is currently no adequate level of data protection for data transfers to the USA. The data transfer in case of viewing YouTube videos on our website is not secured by an effective transfer mechanism that would guarantee a data protection level which is adequate with GDRP. Thus, the transferred data may not be processed anonymously, may be viewed by U.S. government authorities, and may be linked to other Google services with which you have an account.

Use of SalesViewer® technology:

This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes.

In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally.

The data stored by Salesviewer® will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them.

The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on https://www.salesviewer.com/opt-out in order to prevent SalesViewer® from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.

Online presence reference

Data processing resulting from our presence on social media plattforms

We run profiles on various social media platforms. Details on the individual platforms we use can be found in this section.

Purpose:
Provide the most comprehensive online visibility possible.

Description of data processing:
The type of data processing differs from platform to platform. Social networks such as Facebook, Instagram, Twitter, etc. can comprehensively analyze user behavior when you visit the respective platform or a website with integrated social media content (e.g. share/ like buttons or banners). Visiting our profiles on the platforms triggers numerous processing operations relevant to data protection.

For example:
If you are logged into your account and visit our profile, the operator of the platform can assign this visit to your user account. Your personal data transmitted when you visit our profile may also be collected if you are not logged in or do not have an account with the respective social media platform. This is done, for example, via cookies that are stored on your terminal device or by recording your IP address.

The data collected in this way enables the platforms to create user profiles of the visitors, in which the preferences and interests of the users are stored. This helps the operators of the platforms to show you advertising tailored to your respective interests inside and outside platforms. This is how the platforms earn money. Provided you have an account with the respective platform, this advertising can be displayed on all devices on which you are or were logged in.

The data processing that takes place on the individual platforms is very difficult for outsiders to understand: It is therefore not possible for us to trace all the processing operations that actually take place on the individual networks. When visiting the platforms, it is therefore quite possible that further processing operations of your data are carried out by the operators. You can find more information on this in the terms of use and data protection provisions of the individual services.

Legal basis:
The legal basis is our legitimate interest in a comprehensive presence on social media platforms pursuant to Art. 6 (1) lit. f GDPR. The data processing on the social media platforms themselves is based on other legal bases for which the operators themselves are responsible.

Storage period:
Personal data that we have collected directly via the individual platforms will be deleted from our systems as soon as you request us to do so, revoke your consent to storage or the purpose for storing the data no longer applies. Cookies remain on your device until you delete them. We have no direct influence on the storage period of your data on the individual social media platforms.

We run profiles on the following platforms:

Instagram

Provider:
Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA.

Data transfers to the US:
Whilst visiting our Instagram profile, personal data is transferred to servers of Meta (Facebook), as Instagram’s parent company, in the USA. The data transfer to the USA is based on the concluded standard contractual clauses of the EU Commission. These can be viewed here: https://www.facebook.com/legal/EU_data_transfer_addendum.

Information on Instagram and privacy:
Instagram privacy policy: https://help.instagram.com/519522125107875.
Information on the Standard Contractual Clauses: https://de-de.facebook.com/help/566994660333381.

YouTube

Anbieter:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Information on YouTube and privacy:
Google privacy policy as YouTube parent organisation: https://policies.google.com/privacy?hl=de.
For oweners of a Google account:
Link to disable YouTube History: https://myactivity.google.com/myactivity.
Link to the data and privacy account settings: https://myaccount.google.com/data-and-privacy.

LinkedIN

Provider:
LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Data transfers to the US:
Whilst visiting our LinkedIn profile, data is transferred to LinkedIn servers in the USA. The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. These can be viewed here: https://www.linkedin.com/legal/l/eu-sccs.

Information on LinkedIn and privacy:
LinkedIn privacy policy: https://www.linkedin.com/legal/privacy-policy.
Opt-out cookie to disable LinkedIn retargeting: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Meta (Facebook)

Provider:
Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Joint controllership:
When you visit our Meta (Facebook) page, Meta (Facebook)  and we are jointly responsible for the processing of your data under data protection law. Meta`s agreement of joint controllership has been concluded. It can be viewed here: https://www.facebook.com/legal/terms/page_controller_addendum.

Data transfers to the US:
When visiting our Facebook profile, personal data is transferred to Metas` servers in the USA. The transfer of personal data to the USA is based on the standard contractual clauses of the EU Commission. These can be viewed here: https://www.facebook.com/legal/EU_data_transfer_addendum.

Information on Meta (Facebook)  and privacy:
Advertising settings in your Meta (Facebook)  profile: https://www.facebook.com/settings?tab=ads.
Meta (Facebook) privacy policy: https://www.facebook.com/settings?tab=ads.
Information on the Standard Contractual Clauses: https://de-de.facebook.com/help/566994660333381.

Instagram

Provider:
Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA.

Data transfers to the US:
Whilst visiting our Instagram profile, personal data is transferred to servers of Meta (Facebook), as Instagram’s parent company, in the USA. The data transfer to the USA is based on the concluded standard contractual clauses of the EU Commission. These can be viewed here: https://www.facebook.com/legal/EU_data_transfer_addendum.

Information on Instagram and privacy:
Instagram privacy policy: https://help.instagram.com/519522125107875.
Information on the Standard Contractual Clauses: https://de-de.facebook.com/help/566994660333381.

YouTube

Anbieter:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Information on YouTube and privacy:
Google privacy policy as YouTube parent organisation: https://policies.google.com/privacy?hl=de.
For owners of a Google account:
Link to disable YouTube History: https://myactivity.google.com/myactivity.
Link to the data and privacy account settings: https://myaccount.google.com/data-and-privacy.

Vimeo

Provider:
Vimeo, Inc., 555 West 18th Street, New York 10011, USA.

Data transfers to the US:
Whilst visiting our Instagram profile, personal data is transferred to servers of Vimeo in the USA. The data transfer to the USA is based on the concluded standard contractual clauses of the EU Commission.

Information on Vimeo and privacy:
Vimeo privacy policy: https://hvimeo.com/privacy.

LinkedIN

Provider:
LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Data transfers to the US:
Whilst visiting our LinkedIn profile, data is transferred to LinkedIn servers in the USA. The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. These can be viewed here: https://www.linkedin.com/legal/l/eu-sccs.

Information on LinkedIn and privacy:
LinkedIn privacy policy: https://www.linkedin.com/legal/privacy-policy.
Opt-out cookie to disable LinkedIn retargeting: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.