PRIVACY POLICY
Privacy Policy
1. Data Protection at a Glance
General Information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. Detailed information on data protection can be found in our privacy policy below.
Data Collection on this Website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the section “Information on the Responsible Party” in this privacy policy.
How do we collect your data?
On the one hand, your data is collected when you provide it to us. This could include, for example, data that you enter into a contact form.
Other data is collected automatically by our IT systems when you visit the website, either automatically or with your consent. This is primarily technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you access this website.
What do we use your data for?
Some data is collected to ensure the proper functioning of the website. Other data may be used to analyze your user behavior.
What rights do you have regarding your data?
You have the right to receive information free of charge at any time about the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. Furthermore, you have the right, under certain circumstances, to request the restriction of the processing of your personal data. You also have the right to lodge a complaint with the competent supervisory authority.
You can contact us at any time with any questions regarding this or other data protection matters.
Analytics tools and third-party tools
When you visit this website, your browsing behavior may be statistically analyzed. This is primarily done using so-called analytics programs.
Detailed information about these analytics programs can be found in the following privacy policy.
2. Hosting
We host the content of our website with the following provider:
IONOS
The provider is IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany (hereinafter referred to as IONOS). When you visit our website, IONOS collects various log files, including your IP address. For details, please see the IONOS privacy policy:
https://www.ionos.de/terms-gtc/terms-privacy.
The use of IONOS is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in ensuring the most reliable presentation of our website possible. If consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TTDSG (German Telecommunications and Telemedia Data Protection Act), insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TTDSG. Consent can be withdrawn at any time.
Data Processing Agreement
We have concluded a data processing agreement (DPA) for the use of the aforementioned service. This is a legally required agreement under data protection law, which ensures that the personal data of our website visitors is processed only according to our instructions and in compliance with the GDPR.
3. General Information and Mandatory Disclosures Regarding Data Protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
When you use this website, various personal data are collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
Please note that data transmission over the Internet (e.g., when communicating by email) can have security vulnerabilities. Complete protection of data against access by third parties is not possible.
Information on the responsible party
The data controller for this website is:
Björn Neumann, Pleßstr. 5, 36433 Bad Salzungen, Germany
Email: bjoern.neumann@online.de
The data controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g., names, email addresses, etc.).
Data Retention Period
Unless a more specific retention period is stated within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for erasure or withdraw your consent to data processing, your data will be deleted, provided we have no other legally permissible grounds for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, deletion will occur after these grounds cease to apply.
General Information on the Legal Basis for Data Processing on this Website
If you have consented to data processing, we process your personal data on the basis of Article 6(1)(a) GDPR or Article 9(2)(a) GDPR if special categories of data pursuant to Article 9(1) GDPR are processed. In the case of explicit consent to the transfer of personal data to third countries, data processing also takes place on the basis of Article 49(1)(a) GDPR. If you have consented to the storage of cookies or access to information on
your device (e.g., via device fingerprinting), data processing additionally takes place on the basis of Section 25(1) of the German Telecommunications and Telemedia Data Protection Act (TTDSG). You may withdraw your consent at any time. If your data is required for the performance of a contract or for taking steps prior to entering into a contract, we process your data on the basis of Article 6(1)(b) GDPR. Furthermore, we process your data if this is necessary to fulfill a legal obligation, based on Article 6(1)(c) GDPR. Data processing may also be based on our legitimate interest pursuant to Article 6(1)(f) GDPR. The applicable legal bases in each individual case are explained in the following paragraphs of this privacy policy.
Note regarding data transfers to third countries that do not offer adequate data protection standards, as well as transfers to US companies that are not DPF-certified.
We use tools from companies located in third countries with inadequate data protection laws, as well as US tools whose providers are not certified under the EU-US Data Privacy Framework (DPF). When these tools are active, your personal data may be transferred to and processed in these countries. Please note that a level of data protection comparable to that of the EU cannot be guaranteed in third countries with inadequate data protection laws.
Please note that the USA, as a safe third country, generally offers a level of data protection comparable to that of the EU. Data transfers to the USA are therefore permitted if the recipient is certified under the EU-US Data Privacy Framework (DPF) or has appropriate additional safeguards in place. Information on transfers to third countries, including data recipients, can be found in this privacy policy.
Recipients of personal data
In the course of our business activities, we collaborate with various external parties. This sometimes requires the transfer of personal data to these external parties. We only disclose personal data to external parties if this is necessary for the performance of a contract, if we are legally obligated to do so (e.g., disclosure of data to tax authorities), if we have a legitimate interest in the disclosure pursuant to Art. 6 para. 1 lit. f GDPR, or if another legal basis permits the data transfer. When using data processors, we only disclose our customers’ personal data on the basis of a valid data processing agreement. In the case of joint processing, a joint processing agreement is concluded.
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke your consent at any time. The lawfulness of the data processing carried out before the revocation remains unaffected by the revocation.
Right to object to data collection in special cases and to direct marketing (Art. 21 GDPR)
If data processing is based on Article 6(1)(e) or (f) of the GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you; this also applies to profiling based on these provisions. The specific legal basis for each processing operation can be found in this privacy policy. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims (objection pursuant to Article 21(1) GDPR).
… If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object, your personal data will no longer be processed for direct marketing purposes (objection pursuant to Article 21(2) GDPR).
Right to lodge a complaint with the competent supervisory authority
In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work, or the place of the alleged infringement. This right to lodge a complaint exists without prejudice to any other administrative or judicial remedy.
Right to data portability
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us, where the processing is based on consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6(1) and the processing is carried out by automated means. Where technically feasible, you also have the right to have the personal data transmitted directly from us to another controller.
Right to information, rectification, and erasure
Within the framework of the applicable legal provisions, you have the right to obtain, at any time and free of charge, information about your stored personal data, its origin and recipients, and the purpose of the data processing, and, where applicable, the right to rectification or erasure of this data. You can contact us at any time with regard to this and any further questions concerning personal data.
Right to restriction of processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time to do so. The right to restriction of processing exists in the following cases:
If you dispute the accuracy of your personal data stored with us, we generally need time to verify this. For the duration of the verification process, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of erasure.
If we no longer need your personal data, but you require it for the establishment, exercise, or defense of legal claims, you have the right to request the restriction of the processing of your personal data instead of erasure.
If you have objected to processing pursuant to Article 21(1) GDPR, a balancing of interests between your interests and ours must be carried out. Until it is determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data—apart from its storage—may only be processed with your consent or for the establishment, exercise, or defense of legal claims, or for the protection of the rights of another natural or
legal person, or for reasons of important public interest of the European Union or a Member State.
SSL/TLS Encryption
This site uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the browser’s address bar changes from “http://” to “https://” and by the lock symbol in your browser’s address bar.
When SSL/TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Objection to Promotional Emails
We hereby object to the use of contact data published within the scope of the legal notice for sending unsolicited advertising and informational materials. The operators of this website expressly reserve the right to take legal action in the event of unsolicited advertising, such as spam emails.
4. Data Collection on this Website: Cookies
Our website uses so-called “cookies.” Cookies are small data packets that do not harm your device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are automatically deleted after you close your browser. Persistent cookies remain on your device until you delete them yourself or until they are automatically deleted by your web browser.
Cookies can originate from us (first-party cookies) or from third-party companies (third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g., cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary because certain website functions would not work without them (e.g., the shopping cart function or the display of videos). Other cookies can be used to analyze user behavior or for advertising purposes.
Cookies that are necessary for the execution of electronic communication processes, for providing certain functions you have requested (e.g., for the shopping cart function), or for optimizing the website (e.g., cookies for measuring website traffic) (essential cookies) are stored on the basis of Article 6(1)(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing essential cookies to ensure the technically flawless and optimized provision of its services. If consent to the storage of cookies and similar recognition technologies has been requested, processing is carried out exclusively on the basis of this consent (Article 6(1)(a) GDPR and Section 25(1) of the German Telecommunications and Telemedia Data Protection Act (TTDSG)); this consent can be revoked at any time.
You can configure your browser to notify you when cookies are set and to allow cookies only in individual cases, to block cookies in certain cases or entirely, or to automatically delete cookies when you close your browser. Disabling cookies may limit the functionality of this website.
You can find information about which cookies and services are used on this website in this privacy policy.
Server log files
The website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This information includes:
Browser type and version, operating system used, referrer URL, hostname of the accessing computer, time of the server request, and IP address.
This data is not merged with other data sources.
The collection of this data is based on Article 6 Paragraph 1 Letter f of the GDPR. The website operator has a legitimate interest in the technically flawless presentation and optimization of its website – the server log files must be recorded for this purpose.
Contact Form
If you send us inquiries via the contact form, your information from the inquiry form, including the contact details you provide, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We will not share this data without your consent.
The processing of this data is based on Article 6 Paragraph 1 Letter b of the GDPR, provided your inquiry is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the efficient handling of inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR), if such consent has been requested; you may withdraw your consent at any time.
The data you enter in the contact form will remain with us until you request its deletion, withdraw your consent to its storage, or the purpose for data storage no longer applies (e.g., after your inquiry has been processed). Mandatory legal provisions – in particular, retention periods – remain unaffected.
Inquiries via email, telephone, or fax
When you contact us by email, telephone, or fax, your inquiry, including all resulting personal data (name, inquiry), will be stored and processed by us for the purpose of handling your request. We will not share this data without your consent.
The processing of this data is based on Article 6(1)(b) GDPR if your inquiry relates to the performance of a contract or is necessary for taking steps prior to entering into a contract. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries addressed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR), if such consent has been obtained; you may withdraw your consent at any time.
The data you send us via contact requests will remain with us until you request its deletion
revoke your consent to its storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal provisions – in particular statutory retention periods – remain unaffected.
5. Social Media Social Media Elements with Shariff
This website uses elements from social media (e.g., Facebook, X, Instagram, Pinterest, XING, LinkedIn, Tumblr).
You can usually recognize the social media elements by their respective social media logos.
To ensure data protection on this website, we only use these elements in conjunction with the so-called “Shariff” solution. This application prevents the social media elements integrated on this website from transmitting your personal data to the respective provider as soon as you visit the page.
Only when you activate the respective social media element by clicking the corresponding button is a direct connection to the provider’s server established (consent). Once you activate the social media element, the respective provider receives the information that you have visited this website with your IP address. If you are simultaneously logged into your respective social media account (e.g., Facebook), the provider can associate your visit to this website with your user account.
Activating the plugin constitutes consent within the meaning of Article 6(1)(a) GDPR and Section 25(1) TTDSG. You can revoke this consent at any time with effect for the future.
This service is used to obtain the legally required consent for the use of certain technologies. The legal basis for this is Article 6(1)(c) GDPR.
This website integrates elements of the social network Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the collected data is also transferred to the USA and other third countries.
An overview of the Facebook social media elements can be found here: https://developers.facebook.com/docs/plugins/?locale=de_DE.
When the social media element is active, a direct connection is established between your device and the Facebook server. Facebook then receives the information that you have visited this website with your IP address. If you click the Facebook “Like” button while logged into your Facebook account, you can link the content of this website to your Facebook profile. This allows Facebook to associate your visit to this website with your user account. Please note that as the website provider, we have no knowledge of the content of the transmitted data or its use by Facebook. Further information can be found in Facebook’s privacy policy at:
https://de-de.facebook.com/privacy/explanation.
If consent has been obtained, the aforementioned service is used on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 TTDSG. Consent can be withdrawn at any time. If no consent has been obtained, the service is used on the basis of our legitimate interest in achieving the broadest possible visibility on social media.
If personal data is collected on our website using the tool described here and forwarded to
Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). This joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook. The processing carried out by Facebook after the transfer is not part of the joint responsibility. Our joint obligations are set out in a joint processing agreement. The full text of the agreement can be found at:
https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Facebook tool and for implementing the tool on our website in a data protection-compliant manner. Facebook is responsible for the data security of its products. You can assert your data subject rights (e.g., requests for access) regarding data processed by Facebook directly with Facebook. If you assert your data subject rights with us, we are obligated to forward them to Facebook.
Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum, https://de-de.facebook.com/help/566994660333381 and
https://www.facebook.com/policy.php.
The company is certified under the EU-US Data Privacy Framework (DPF). The Data Privacy Framework (DPF) is an agreement between the European Union and the USA designed to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to adhering to these data protection standards. Further information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active
X (formerly Twitter)
This website integrates features of the X service (formerly Twitter). These features are offered by the parent company, X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. For data processing of individuals residing outside the USA, Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland, is responsible.
X (formerly Twitter) When the social media element is active, a direct connection is established between your device and the X server. X (formerly Twitter) then receives information about your visit to this website. By using X (formerly Twitter) and the “Retweet” or “Repost” function, the websites you visit are linked to your X (formerly Twitter) account and made public to other users. Please note that as the provider of this website, we have no knowledge of the content of the
transmitted data or its use by X (formerly Twitter). Further information can be found in X’s (formerly Twitter’s) privacy policy at: https://twitter.com/de/privacy.
Where consent has been obtained, the aforementioned service is used on the basis of Article 6(1)(a) GDPR and Section 25 TTDSG (German Telecommunications and Telemedia Data Protection Act). Consent can be withdrawn at any time. Where consent has not been obtained, the service is used on the basis of our legitimate interest in achieving the broadest possible visibility on social media.
Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses. Details can be found here:
https://gdpr.twitter.com/en/controller-to-controller-transfers.html.
You can change your privacy settings with Twitter (formerly X) in your account settings at:
https://twitter.com/account/settings.
This website integrates functions of the Instagram service. These functions are offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
When the social media element is active, a direct connection is established between your device and the Instagram server. Instagram then receives information about your visit to this website.
If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking the Instagram button. This allows Instagram to associate your visit to this website with your user account. Please note that as the website provider, we have no knowledge of the content of the transmitted data or its use by Instagram.
If consent has been obtained, the use of the aforementioned service is based on Article 6 Paragraph 1 Letter a GDPR and Section 25 TTDSG (German Telemedia Act). Consent can be withdrawn at any time. If no consent has been obtained, the service is used based on our legitimate interest in achieving the broadest possible visibility on social media.
To the extent that personal data is collected on our website using the tool described here and forwarded to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). This joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook or Instagram. The processing carried out by Facebook or Instagram after the transfer is not part of the joint responsibility. Our joint obligations are set out in a joint controllership agreement. You can find the text of the agreement at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Facebook or Instagram tool and for the data protection-compliant implementation of the tool on our website. Facebook is responsible for the data security of its Facebook and Instagram products. Data subject rights
(e.g., requests for access) regarding the data processed by Facebook or Instagram can be asserted directly with Facebook. If you exercise your data subject rights with us, we are obligated to forward them to Facebook.
Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum, https://privacycenter.instagram.com/policy/, and https://de-de.facebook.com/help/566994660333381.
Further information can be found in Instagram’s Privacy Policy: https://privacycenter.instagram.com/policy/.
The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA designed to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to adhering to these data protection standards. Further information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active
Tumblr
This website uses buttons and other elements from the Tumblr service. The provider is Tumblr, Inc., 35 East 21st St, 10th Floor, New York, NY 10010, USA.
When the social media element is active, a direct connection is established between your device and the Tumblr server. This allows Tumblr to receive information about your visit to this website.
The Tumblr buttons allow you to share a post or page on Tumblr or follow the provider on Tumblr. When you visit one of our websites with a Tumblr button, your browser establishes a direct connection to Tumblr’s servers. We have no control over the scope of data that Tumblr collects and transmits using this plugin. Currently, the user’s IP address and the URL of the respective website are transmitted.
If consent has been obtained, the use of the aforementioned service is based on Article 6 Paragraph 1 Letter a GDPR and Section 25 TTDSG. Consent can be withdrawn at any time. If no consent has been obtained, the service is used based on our legitimate interest in achieving the broadest possible visibility on social media.
Further information can be found in Tumblr’s privacy policy at: https://www.tumblr.com/privacy/de.
This website uses elements of the social network Pinterest, operated by Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.
When you visit a page containing such an element, your browser establishes a direct connection to Pinterest’s servers. This social media element transmits log data to Pinterest’s server in the USA. This log data may include your IP address, the address of the websites you visit that also contain Pinterest features, your browser type and settings, the date and time of your request, your use of Pinterest, and cookies.
If consent has been obtained, the use of the aforementioned service is based on Article 6(1)(a) GDPR and Section 25 of the German Telemedia Act (TMG). You can withdraw your consent at any time. If no consent has been obtained, the service is used based on our legitimate interest in achieving the broadest possible reach on social media.
For more information about the purpose, scope, and further processing and use of data by Pinterest, as well as your related rights and options for protecting your privacy, please see Pinterest’s privacy policy:
https://policy.pinterest.com/de/privacy-policy.
6. Analytics Tools and Advertising: IONOS WebAnalytics
This website uses the analytics services of IONOS WebAnalytics (hereinafter: IONOS). The provider is 1&1 IONOS SE, Elgendorfer Straße 57, D – 56410 Montabaur. As part of the analysis with IONOS, you can, among other things, analyze visitor numbers and behavior (e.g., number of page views, duration of a website visit, bounce rates), visitor sources (i.e., the website from which the visitor came), visitor locations, and technical data (browser and operating system versions). For this purpose, IONOS stores the following data in particular:
Referrer (previously visited website)
Requested website or file
Browser type and version
Operating system
Device type
Time of access
IP address in anonymized form (used only to determine the location of access)
According to IONOS, the data collection is completely anonymized, so it cannot be traced back to individual persons. IONOS WebAnalytics does not store cookies.
The storage and analysis of data is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in the statistical analysis of user behavior in order to optimize both its website and its advertising. If consent has been obtained, processing is carried out exclusively on the basis of Article 6(1)(b) GDPR, Article 6(1)(a) GDPR, and Section 25(1) of the German Telecommunications and Telemedia Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TTDSG. Consent can be withdrawn at any time.
Article 6(1)(a) GDPR and Section 25(1) TTDSG also apply, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TTDSG. Consent can be withdrawn at any time. For further information on data collection and processing by IONOS WebAnalytics, please refer to the IONOS privacy policy at the following link: https://www.ionos.de/terms-gtc/datenschutzerklaerung/
Data Processing Agreement
We have concluded a data processing agreement (DPA) for the use of the aforementioned service. This is a legally required agreement under data protection law, which ensures that the personal data of our website visitors is processed only according to our instructions and in compliance with the GDPR.
7. Vimeo Plugins and Tools
This website uses plugins from the Vimeo video portal. The provider is Vimeo Inc., 555 West 18th Street, New York, NY 10011, USA.
When you visit one of our pages featuring a Vimeo video, a connection to Vimeo’s servers is established. This informs the Vimeo server which of our pages you have visited. Vimeo also receives your IP address. This applies even if you are not logged into Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to the Vimeo server in the USA.
If you are logged into your Vimeo account, you allow Vimeo to directly associate your browsing behavior with your personal profile. You can prevent this by logging out of your Vimeo account.
Vimeo uses cookies and similar tracking technologies (e.g., device fingerprinting) to recognize website visitors.
The use of Vimeo is in our legitimate interest in presenting our online content in an appealing way. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to
information on the user’s device (e.g., device fingerprinting) within the meaning of the TTDSG. Consent can be withdrawn at any time.
Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses and, according to Vimeo, on “legitimate business interests.” Details can be found here: https://vimeo.com/privacy.
Further information on how Vimeo handles user data can be found in Vimeo’s privacy policy at: https://vimeo.com/privacy.
Google Fonts (local hosting)
This website uses Google Fonts, provided by Google, for the consistent display of fonts. The Google Fonts are installed locally. No connection to Google servers is established.
Further information about Google Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=de.
MyFonts
This website uses MyFonts. These are fonts that are loaded into your browser when you visit our website to ensure a consistent font display. The provider is Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, Massachusetts 01801, USA.
To verify compliance with the license terms and the number of monthly page views, MyFonts transfers your IP address, along with the URL of our website and our contract data, to its servers in the USA. According to Monotype, your IP address is anonymized immediately after transfer, so that no personal identification is possible (anonymization).
For details, please see Monotype’s privacy policy at:
https://www.monotype.com/de/rechtshinweise/datenschutzrichtlinie/datenschutzrichtlinie-zum-tracking-von-webschriften.
Google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
reCAPTCHA is used to verify whether data entered on this website (e.g., in a contact form) is entered by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various pieces of information (e.g., IP address, the website visitor’s time spent on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run entirely in the background. Website visitors are not notified that an analysis is taking place.
The storage and analysis of the data is based on Article 6(1)(f) GDPR. The
website operator has a legitimate interest in protecting its website from abusive automated access and spam. If consent has been obtained, processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and Section 25(1) TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TTDSG. Consent can be withdrawn at any time.
Further information on Google reCAPTCHA can be found in Google’s Privacy Policy and Terms of Service at the following links:
https://policies.google.com/privacy?hl=de and
https://policies.google.com/terms?hl=de.
The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA designed to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to complying with these data protection standards. Further information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
hCaptcha
We use hCaptcha (hereinafter “hCaptcha”) on this website. The provider is Intuition Machines, Inc., 2211 Selig Drive, Los Angeles, CA 90026, USA (hereinafter “IMI”).
hCaptcha is used to verify whether data entry on this website (e.g., in a contact form) is done by a human or by an automated program. To do this, hCaptcha analyzes the website visitor’s behavior based on various characteristics.
This analysis begins automatically as soon as the website visitor enters a website with hCaptcha activated. For the analysis, hCaptcha evaluates various pieces of information (e.g., IP address, the website visitor’s time spent on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to IMI. If hCaptcha is used in “invisible mode,” the analyses run entirely in the background. Website visitors are not notified that an analysis is taking place.
The storage and analysis of data is based on Article 6 Paragraph 1 Letter f of the GDPR. The website operator has a legitimate interest in protecting its web services from abusive automated access and spam. If consent has been requested, processing is carried out exclusively on the basis of Article 6 Paragraph 1 Letter a of the GDPR and Section 25 Paragraph 1 of the German Telecommunications and Telemedia Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
Data processing is based on standard contractual clauses, which are contained in the data processing addendum to IMI’s General Terms and Conditions or the data processing agreements.
Further information on hCaptcha can be found in the privacy policy and terms of use at the following links:
https://www.hcaptcha.com/privacy and
https://hcaptcha.com/terms.
Source:
https://www.e-recht24.de
