Data privacy - Westfalen AG (PLC)
Please make a selection to see the products and content for your language.
 

Privacy policy of Westfalen AG.

Thank you for visiting the Westfalen AG website. We attach great importance to the secure and confidential use of your data, in particular with regard to the currently applicable legal regulations. In order to meet these requirements, we have taken technical and organisational measures to ensure that these regulations are complied with.

Data protection

As of October 2023

Table of contents

  1. Name and address of the person responsible
  2. Contact details of the data protection officer
  3. General information on data processing
  4. Rights of the data subject
  5. Provision of the website and creation of log files
  6. Use of cookies
  7. Newsletter
  8. E-mail contact
  9. Contact form
  10. Application by email
  11. Corporate appearances
  12. Use of company presence in professional networks
  13. Hosting
  14. Geotargeting
  15. Content Delivery Networks
  16. Used Plugins

I. Name and address of the person responsible

The controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:

Westfalen AG

Industrieweg 43

48155 Münster

Germany

0251 695-0

info@westfalen.com

www.westfalen.com/de/de/

II. Contact details of the data protection officer

The data protection officer of the controller is:

DataCo GmbH

Nymphenburger Str. 86

80636 Munich

Germany

+49 89 7400 45840

datenschutz(at)dataguard.de

www.dataguard.de

III. General information on data processing

1. Scope of processing of personal data

We generally only process our users' personal data to the extent that this is necessary to provide a functional website and our content and services. Our users' personal data is generally only processed with the user's consent. An exception applies in cases where prior consent cannot be obtained for actual reasons and the processing of the data is required by law.

2. Legal basis for the processing of personal data

If we obtain the consent of the data subject for processing personal data, Art. 6 (1) sentence 1 lit. a GDPR serves as the legal basis. If personal data is required to fulfill a contract to which the data subject is a party, Art. 6 (1) sentence 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

If processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 (1) sentence 1 lit. c GDPR serves as the legal basis. If vital interests of the data subject or another natural person require processing of personal data, Art. 6 (1) sentence 1 lit. d GDPR serves as the legal basis.

If processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 (1) sentence 1 lit. f GDPR serves as the legal basis for processing.

3. Data deletion and storage period

The personal data of the data subject will be deleted or blocked as soon as the purpose for which they were stored no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need to continue storing the data for the conclusion or fulfillment of a contract.

IV. Rights of the data subject

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

1. The right to information (Art. 15 GDPR)

You have the right to request confirmation from us as to whether personal data concerning you is being processed.

If this is the case, you have the right to information about this data and the following information:

    • Processing purposes
    • Categories of personal data
    • Recipients or categories of recipients
    • Planned storage period or the criteria for determining this period
    • Existence of the rights to rectification, erasure or restriction or objection
    • Right to lodge a complaint with the competent supervisory authority
    • If applicable, origin of the data (if collected from a third party)
    • If applicable, existence of automated decision-making including profiling with meaningful information about the logic involved, the scope and the expected effects
    • If applicable, transfer of personal data to a third country or international organization

2. Right to rectification (Art. 16 GDPR)

If your personal data is incorrect or incomplete, you have the right to request that the personal data be corrected or completed immediately.

3. Right to restriction of processing (Art. 18 GDPR)

If one of the following conditions is met, you have the right to request restriction of the processing of your personal data:

    • You contest the accuracy of your personal data for a period enabling us to verify the accuracy of the personal data.
    • In the event of unlawful processing, you refuse to delete the personal data and instead request that the use of the personal data be restricted.
    • We no longer need your personal data for the purposes of processing, but you need your personal data to assert, exercise or defend your legal claims or
    • after you have objected to the processing, for the duration of the examination as to whether our legitimate reasons outweigh your reasons.

4. Right to erasure (“right to be forgotten”) (Art. 17 GDPR)

If one of the following reasons applies, you have the right to request immediate deletion of your personal data:

    • Your data is no longer necessary for the processing purposes for which it was originally collected.
    • You withdraw your consent and there is no other legal basis for the processing.
    • You object to the processing and there are no overriding legitimate reasons for the processing or you object in accordance with Art. 21 Para. 2 GDPR.
    • Your personal data is being processed unlawfully.
    • The deletion is necessary to fulfill a legal obligation under Union law or the law of the Member State to which we are subject.
    • The personal data were collected in relation to information society services offered in accordance with Article 8 Para. 1 GDPR.

Please note that the above reasons do not apply if the processing is necessary:

    • To exercise the right to freedom of expression and information;
    • To comply with a legal obligation or to perform a task in the public interest to which we are subject.
    • For reasons of public interest in the area of ​​public health.
    • For archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.
    • To assert, exercise or defend legal claims.

5. Right to data portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, common and machine-readable format or to request that it be transmitted to another controller.

6. Right to object to certain data processing (Art. 21 GDPR)

You have the right to object at any time to the processing of personal data concerning you based on Art. 6 Paragraph 1 Clause 1 Letter e or f of GDPR, for reasons related to your particular situation. This also applies to profiling based on these provisions.

If the personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is related to such direct marketing.

7. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of personal data concerning you violates the GDPR. The supervisory authority to which the complaint was submitted will inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR. A list of the locally responsible supervisory authorities in Germany can be found on the website of the Federal Commissioner for Data Protection at the following link: www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html

V. Provision of the website and creation of log files

1. Description and scope of data processing

Every time our website is accessed, our system automatically records data and information from the computer system of the accessing computer.

The following data is collected:

    • Information about the browser type and version used
    • The user's operating system
    • The user's Internet service provider
    • Date and time of access
    • Websites from which the user's system accesses our website
    • Websites accessed by the user's system via our website

These data are stored in the log files of our system. This does not affect the IP addresses of the user or other data that allow the assignment of the data to a user. This data is not stored together with other personal data of the user.

2. Purpose of data processing

Storage in log files is carried out to ensure the functionality of the website. Additionally, the data helps us optimize the website and ensure the security of our information technology systems. An analysis of the data for marketing purposes does not take place in this context.

Our legitimate interest in data processing according to Art. 6 para. 1 sentence 1 lit. f GDPR also lies in these purposes.

3. Legal basis for data processing

The legal basis for the temporary storage of data is Art. 6 para. 1 sentence 1 lit. f GDPR.

4. Duration of storage

The data is deleted as soon as it is no longer required for the purpose of its collection. In the case of data collection for the provision of the website, this is the case when the respective session is ended.

5. Possibility of objection

The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. The user can object to this. Whether the objection is successful is determined by balancing the interests.

VI. Use of cookies

1. Description and scope of data processing

When you visit our website, we use technical tools for various functions, especially cookies, which can be stored on your device. When you access our website and at any time later, you have the choice to allow the setting of cookies in general or to select individual additional functions. You can make changes in your browser settings or through our Consent Manager. Cookies are text files or information in a database that are stored on your hard drive and associated with the browser you are using, allowing certain information to be relayed to the entity that sets the cookie. Below we describe the types of cookies we use:

We use technically necessary cookies that are required for the technical structure of the website. Without these cookies, our website cannot be displayed correctly (or fully) or support functions are not possible.

The following data are stored and transmitted by technically necessary cookies:

  • Language settings
  • Entered search terms
  • Frequency of page views
  • Use of website functions

We use cookies on our website that are not technically necessary. Technically unnecessary cookies are considered text files that not only serve the functionality of the website but also collect other data.

By setting technically unnecessary cookies, the following data is processed:

  • Location of internet users
  • Date and time of website access
  • Customization of advertisements to the user
  • Tracking of browsing behavior
  • Linking website visits with other social media platforms

2. Purpose of data processing

The purpose of using technically necessary cookies is to ensure the functionality of our website. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.

We need technically necessary cookies for the following applications:

  • Adoption of language settings
  • Functionality of the website
  • Cookie consent management

The use of technically non-essential cookies is for the purpose of improving the quality of our website, its content, and thus our reach and economic efficiency. By setting these cookies, we learn how the website is used and can continuously optimize our offerings. In particular, these cookies serve the following purposes:

We use cookies to personalize content and ads, provide social media features, and analyze our website traffic. We also share information about your use of our website with our social media, advertising, and analytics partners. Our partners may combine this information with other data you have provided to them or that they have collected as part of your use of the services.

3. Legal basis for data processing

The provisions of the Telecommunications-Telemedia Data Protection Act (TTDSG) are relevant for storing information in the end user's terminal equipment and/or accessing information already stored in the end user's terminal equipment. If the setting and reading of cookies is technically necessary, this is done to ensure the functionality of our website. In this case, the storage of and access to cookies on your terminal equipment is based on § 25 para. 2 no. 2 TTDSG. This storage and access to the information in your terminal equipment is to facilitate your use of our website and to provide you with our services as you desire. Some functions of our website do not work without the use of these cookies and therefore cannot be offered. The cookies are generally deleted after the end of the session (e.g., logging out or closing the browser) or after a specified duration. You can find information about different storage periods for cookies in the following sections of this privacy policy.

Where cookies are used that are not technically necessary, this is done based on your explicit consent, which you can give via the cookie banner. The basis for storing and accessing information in this case is § 25 para. 1 TTDSG in conjunction with Art. 6 para. 1 lit. a), Art. 7 GDPR. You can withdraw your consent at any time with effect for the future or re-grant it later by configuring your cookie settings accordingly. Alternatively, you can prevent the storage of cookies by making the appropriate setting in your browser software. Please note that the settings made in the browser apply only to the browser being used. If personal data is processed following the storage of and access to the information in your terminal equipment, the provisions of the GDPR apply. You can find information on this in the following sections of this privacy policy.

VII. Newsletter

1. Description and scope of data processing

On our website, there is the option to subscribe to a free newsletter. When registering for the newsletter, the data from the input mask is transmitted to us.

  • Email address
  • Name
  • First name
  • Date and time of registration
  • Company, title, salutation

No data is transferred to third parties in connection with the data processing for sending newsletters. The data is used exclusively for sending the newsletter.

2. Purpose of data processing

The user's email address is collected to deliver the newsletter.

The collection of other personal data during the registration process is to prevent misuse of the services or the email address used.

3. Legal basis for data processing

The legal basis for processing the data after the user registers for the newsletter is, if the user’s consent has been obtained, Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary for achieving the purpose of its collection. The user’s email address is therefore stored as long as the newsletter subscription is active.

5. Possibility of withdrawal

The newsletter subscription can be canceled by the user at any time. For this purpose, there is a corresponding link in each newsletter.

This also enables the withdrawal of consent to the storage of personal data collected during the registration process.

VII. Email contact

1. Description and scope of data processing

Contact via the provided email address is possible on our website. In this case, the user’s personal data transmitted with the email will be stored.

The data is used exclusively for processing the conversation.

2. Purpose of data processing

In the case of contact by email, this also constitutes the necessary legitimate interest in processing the data.

3. Legal basis for data processing

The legal basis for processing the data transmitted while sending an email is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in responding to your email request in the best possible way.

If the email contact aims to conclude a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For the personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant matter has been conclusively clarified.

The personal data additionally collected during the sending process will be deleted at the latest after seven days.

5. Possibility of objection

If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

We will be happy to comply with your request for correction or deletion of the data stored about you unless there are legal retention obligations. If data cannot be deleted, it will be blocked instead. Furthermore, the data stored about you will be automatically deleted regularly if storage is no longer necessary and there are no legal retention obligations. Tel. 0251/695-0 Email: datenschutz@westfalen.com

All personal data stored in the course of contacting us will be deleted in this case.

IX. Contact form

1. Description and scope of data processing

Our website contains a contact form that can be used for electronic contact. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored.

At the time of sending the message, the following data will be stored:

  • Email address
  • Name
  • First name
  • Address
  • Telephone / mobile number
  • IP address of the calling computer
  • Date and time of contact
  • Product interests, product requirements, tax ID, salutation, company, function

2. Purpose of data processing

The processing of personal data from the input mask of the contact form or via the provided email address serves us solely to process the contact request.

The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

3. Legal basis for data processing

The legal basis for processing the data transmitted in the course of sending an email is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in optimally responding to your inquiry made via the contact form. If the email contact aims to conclude a contract, the additional legal basis for the processing is Art. 6 para. 1 sentence 1 lit. b GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary for achieving the purpose of its collection. For personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant matter has been conclusively clarified.

5. Possibility of objection

If the user contacts us via the input mask in the contact form, they can object to the storage of their personal data at any time.

We will be happy to comply with your request for correction or deletion of the data stored about you unless there are legal retention periods. If deletion of data is not possible, the data will be blocked instead. Furthermore, the data stored about you will be automatically deleted regularly if storage is no longer necessary and there are no legal retention periods. Tel. 0251/695-0 Email: datenschutz@westfalen.com

All personal data stored in the course of contacting us will be deleted in this case.

X. Application by email

1. Scope of processing personal data

You can send us your application by email. We capture your email address and the data you provide in the email.

Additionally, we offer an applicant/talent pool.

  • The application is made via free-text mail. Thus, the applicant is free to provide any personal data they wish to share.

2. Purpose of data processing

The processing of personal data from your application email serves us solely to process your application.

3. Legal basis for data processing

The legal basis for processing your data is the contract initiation requested by the data subject, Art. 6 para. 1 sentence 1 lit. b Alt. 1 GDPR and § 26 para. 1 sentence 1 BDSG.

4. Duration of storage

After the application process is completed, the data will be stored for up to six months. At the latest, after six months, your data will be deleted. In the case of a legal obligation, the data will be stored in accordance with the applicable regulations.

5. Exercising your rights

XI. Company presence

Use of company presence in social networks

Instagram:

Instagram, Part of Meta Platforms Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2 Ireland


On our company page, we provide information and offer Instagram users the opportunity for communication. If you perform an action on our Instagram company presence (e.g., comments, posts, likes, etc.), it is possible that you may publicly disclose personal data (e.g., real name or photo of your user profile). However, as we generally or largely have no influence on the processing of your personal data by Instagram, which is jointly responsible for the Westfalen AG company presence, we cannot make binding statements about the purpose and scope of the processing of your data.

We use our company presence in social networks for communication and information exchange with (potential) customers. In particular, we use the company presence for:

In our social media channels, we share current information and company news in various formats and for different purposes: job postings, company news, product information and advertising, events, videos, competitions, advice, events.

The publications via the company presence may contain the following content:

  • Information about products
  • Information about services
  • Advertising
  • Customer contact
  • Company information, career options

Each user is free to disclose personal data through activities.

As far as we process your personal data to evaluate your online behavior, offer you competitions, or conduct lead campaigns, this is done based on your explicit consent, Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR. The legal basis for processing personal data for communication with customers and interested parties is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in optimally responding to your inquiry or providing the requested information. If the contact aims to conclude a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR.

We store your activities and personal data published via our Instagram company presence until the consent is revoked. We also observe the legal retention periods. We further process data from our company presence in our systems. These are stored there for the following period: Until revoked.

For the processing of your personal data in third countries, we have provided appropriate guarantees in the form of standard data protection clauses according to Art. 46 para. 2 lit. c GDPR. A copy of the standard data protection clauses can be requested from us.

You can object to the processing of your personal data collected in the course of using our Instagram company presence at any time and exercise your rights as a data subject mentioned in section IV of this privacy policy. To do this, send us an informal email to datenschutz@westfalen.com. For information on the processing of your personal data by Instagram and the corresponding objection options, please refer to:

Instagram: https://help.instagram.com/519522125107875

Twitter:

Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland


On our company page, we provide information and offer Twitter users the opportunity for communication. If you perform an action on our Twitter company presence (e.g., comments, posts, likes, etc.), it is possible that you may publicly disclose personal data (e.g., real name or photo of your user profile). However, as we generally or largely have no influence on the processing of your personal data by Twitter, which is jointly responsible for the Westfalen AG company presence, we cannot make binding statements about the purpose and scope of the processing of your data. The data generated by the company presence is not stored in our systems.

We use our company presence in social networks for communication and information exchange with (potential) customers. In particular, we use the company presence for:

In our social media channels, we share current information and company news in various formats and for different purposes: job postings, company news, product information and advertising, events, videos, competitions, advice, events.

The publications via the company presence may contain the following content:

  • Information about products
  • Information about services
  • Advertising
  • Customer contact
  • Company information, career options

Each user is free to disclose personal data through activities.

As far as we process your personal data to evaluate your online behavior, offer you competitions, or conduct lead campaigns, this is done based on your explicit consent, Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR. The legal basis for processing personal data for communication with customers and interested parties is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in optimally responding to your inquiry or providing the requested information. If the contact aims to conclude a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR.


We store your activities and personal data published through our Twitter company presence until the consent is revoked. In addition, we observe the legal retention periods.
We further process data from our company presence in our systems. These are stored there for the following period: Until revoked.

For the processing of your personal data in third countries, we have provided appropriate guarantees in the form of standard data protection clauses in accordance with Art. 46 para. 2 lit. c GDPR. A copy of the standard data protection clauses can be requested from us.


You can object to the processing of your personal data, which we collect as part of your use of our Twitter company presence, at any time and exercise your rights as a data subject mentioned in section IV of this privacy policy. To do this, send us an informal email to datenschutz@westfalen.com. For information on the processing of your personal data by Twitter and the corresponding objection options, please refer to:

Twitter: https://twitter.com/de/privacy

YouTube:

YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, United States


On our company page, we provide information and offer YouTube users the opportunity for communication. If you perform an action on our YouTube company presence (e.g., comments, posts, likes, etc.), it is possible that you may publicly disclose personal data (e.g., real name or photo of your user profile). However, as we generally or largely have no influence on the processing of your personal data by YouTube, which is jointly responsible for the Westfalen AG company presence, we cannot make binding statements about the purpose and scope of the processing of your data.

We use our company presence in social networks for communication and information exchange with (potential) customers. In particular, we use the company presence for:

In our social media channels, we share current information and company news in various formats and for different purposes: job postings, company news, product information and advertising, events, videos, competitions, advice, events.

The publications via the company presence may contain the following content:

  • Information about products
  • Information about services
  • Advertising
  • Customer contact
  • Company information, career options

Each user is free to disclose personal data through activities.

As far as we process your personal data to evaluate your online behavior, offer you competitions, or conduct lead campaigns, this is done based on your explicit consent, Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR. The legal basis for processing personal data for communication with customers and interested parties is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in optimally responding to your inquiry or providing the requested information. If the contact aims to conclude a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR.


We store your activities and personal data published through our YouTube company presence until the consent is revoked. In addition, we observe the legal retention periods.
We further process data from our company presence in our systems. These are stored there for the following period: Until revoked.

For the processing of your personal data in third countries, we have provided appropriate guarantees in the form of standard data protection clauses in accordance with Art. 46 para. 2 lit. c GDPR. A copy of the standard data protection clauses can be requested from us.


You can object to the processing of your personal data, which we collect as part of your use of our YouTube company presence, at any time and exercise your rights as a data subject mentioned in section IV of this privacy policy. To do this, send us an informal email to datenschutz@westfalen.com. For information on the processing of your personal data by YouTube and the corresponding objection options, please refer to:

YouTube: https://policies.google.com/privacy?gl=DE&hl=de

XII. Use of company presence in professional networks

1. Scope of data processing

We use the possibility of company presence in professional networks. We maintain a company presence on the following professional networks:

LinkedIn:

LinkedIn, Unlimited Company Wilton Place, Dublin 2, Ireland

XING:

XING SE, Dammtorstraße 30, 20354 Hamburg, Germany

On our page, we provide information and offer users the opportunity for communication.

The company presence is used for applications, information/PR, and active sourcing.

We have no information on the processing of your personal data by the companies responsible for the company presence. For more information, please refer to the privacy policy of:

LinkedIn: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv

XING: https://privacy.xing.com/de/datenschutzerklaerung

If you perform an action on our company presence (e.g., comments, posts, likes, etc.), it is possible that you may publicly disclose personal data (e.g., real name or photo of your user profile).

2. Legal basis for data processing

The legal basis for processing personal data for communication with customers and interested parties is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in optimally responding to your inquiry or providing the requested information. If the contact aims to conclude a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR.

3. Purpose of data processing

Our company presence serves to inform users about our services. Each user is free to disclose personal data through activities.

4. Duration of storage

We store your activities and personal data published through our company presence until the consent is revoked. In addition, we observe the legal retention periods.

5. Possibility of objection

You can object to the processing of your personal data, which we collect as part of your use of our company presence, at any time and exercise your rights as a data subject mentioned in section IV of this privacy policy. To do this, send us an informal email to the email address mentioned in this privacy policy.

For more information on exercising your rights, please refer to:

LinkedIn: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv

XING: https://privacy.xing.com/de/datenschutzerklaerung

XIII. Hosting

The website is hosted on servers by a service provider commissioned by us.

Our service provider is:

DTS Systeme GmbH www.dts.de/de

The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The stored information is:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Date and time of the server request
  • IP address

This data will not be merged with other data sources. The collection of this data is based on Art. 6 para. 1 lit. f GDPR. Our legitimate interest in processing this data lies in the error-free presentation and optimization of our website.

The server location of the website is geographically in Germany.

XIV. Geotargeting

We use the IP address and other information provided by the user (especially postal code during registration or order) for regional targeting (so-called "geotargeting").

Regional targeting is used, for example, to automatically display regional offers or advertisements that are often of higher relevance to users. The legal basis for using the IP address and possibly other information provided by the user (especially postal code) is Art. 6 para. 1 lit. f GDPR, based on our interest in ensuring more accurate targeting and thus providing users with more relevant offers and advertisements.

Part of the IP address and the additional information provided by the user (especially postal code) are only read and not stored separately.

You can prevent geotargeting by using a VPN or proxy server, which prevents accurate localization. Additionally, depending on the browser used, you can also deactivate location detection in the corresponding browser settings ( if supported by the respective browser).

We use geotargeting on our website for the following purposes:

  • Customer targeting
  • Display of appropriate country and language versions of our website

XV: Content Delivery Networks

Microsoft Azure CDN

1. Description and scope of data processing

We use the functions of the Microsoft Azure CDN content delivery network from Microsoft Corporation, One Microsoft Way, Redmond, WA 8052-6399, USA (hereinafter referred to as Microsoft Azure CDN) on our website. A content delivery network (CDN) is a network of regionally distributed and internet-connected servers that deliver content, especially large media files such as videos. Microsoft Azure CDN offers web optimization and security services that we use to improve the loading times of our website and protect it from misuse. When you access our website, a connection is established to the servers of Microsoft Azure CDN to retrieve content, for example. As a result, personal data can be stored and evaluated in server log files, especially user activity (in particular, which pages were visited) and device and browser information (in particular, the IP address and operating system). Further information on the collection and storage of data by Microsoft Azure CDN can be found here:
https://www.microsoft.com/de-de/TrustCenter/Privacy/default.aspx

2. Purpose of data processing

The use of Microsoft Azure CDN functions serves the delivery and acceleration of online applications and content.

3. Legal basis for data processing

The collection of this data is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - for this, the server log files must be recorded.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law.

5. Possibility of objection

Information on exercising your rights against Microsoft Azure CDN can be found at:
https://www.microsoft.com/de-de/TrustCenter/Privacy/default.aspx

XVI. Used Plugins

We use plugins for various purposes. The plugins used are listed below:

Use of the Google Marketing Platform

1. Scope of processing personal data

We use the marketing platform of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and its representative in the Union Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). Google sets a cookie on your computer. As a result, personal data can be stored and evaluated, especially user activity (in particular, which pages were visited and on which elements were clicked), device and browser information (in particular, the IP address and operating system), data about the displayed advertisements (in particular, which advertisements were shown and whether the user clicked on them), and also data from advertising partners (in particular, pseudonymized user IDs).
Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server.
We have no influence on the scope and further use of the data collected through the use of this tool by Google and therefore inform you according to our knowledge. If you are registered with a Google service, Google can associate your visit with your account. Even if you are not registered with Google or have not logged in, it is possible that the provider will obtain and store your IP address.
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de

2. Purpose of data processing

The use of the Google Marketing Platform serves to display relevant ads to users, improve campaign performance reports, or prevent a user from seeing the same ads multiple times.

3. Legal basis for processing personal data

The legal basis for processing users' personal data is generally the user's consent under Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

The Google Marketing Platform stores your data until the stated purpose is fulfilled, with the maximum storage duration being 18 months.

5. Revocation and elimination options

You have the right to revoke your data protection consent declaration at any time. The revocation of consent does not affect the legality of the processing carried out based on the consent until the revocation.
You can prevent the collection and processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
With the following link, you can deactivate the use of your personal data by Google:
https://adssettings.google.de
Further information on objection and elimination options against Google can be found at:
https://policies.google.com/privacy?gl=DE&hl=de

Use of Google AdSense

1. Scope of processing personal data

We use Google AdSense from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and its representative in the Union Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). With this service, we display advertisements. Google sets a cookie on your computer. As a result, personal data can be stored and evaluated, especially user activity (in particular, which pages have been visited and which elements have been clicked on), device and browser information (in particular, the IP address and the operating system), data about the displayed advertisements (in particular, which advertisements were displayed and whether the user clicked on them), and also data from advertising partners (in particular, pseudonymized user IDs).
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de

2. Purpose of data processing

Google evaluates the data to draw conclusions about your user behavior regarding the AdSense advertisements. The data can also be shared with third parties if there is a legal obligation to do so or if the data is processed on behalf of Google.

3. Legal basis for processing personal data

The legal basis for processing the users' personal data is generally the user's consent according to Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g., for tax and accounting purposes.

5. Revocation and elimination options

You have the right to revoke your data protection consent declaration at any time. The revocation of consent does not affect the legality of the processing carried out based on the consent until the revocation.
You can prevent the collection and processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
With the following link, you can deactivate the use of your personal data by Google:
https://adssettings.google.de
Further information on objection and elimination options against Google can be found at:
https://policies.google.com/privacy?gl=DE&hl=de

Use of Google Ads

1. Scope of processing personal data

We use Google Ads from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and its representative in the Union Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). With this service, we display advertisements. Google sets a cookie on your computer. As a result, personal data can be stored and evaluated, especially user activity (in particular, which pages have been visited and which elements have been clicked on), device and browser information (in particular, the IP address and the operating system), data about the displayed advertisements (in particular, which advertisements were displayed and whether the user clicked on them), and also data from advertising partners (in particular, pseudonymized user IDs).
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de

2. Purpose of data processing

We only receive information about the total number of users who have reacted to our advertisement. No information is shared that could identify you. The use does not serve tracing purposes.

3. Legal basis for processing personal data

The legal basis for processing the users' personal data is generally the user's consent according to Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g., for tax and accounting purposes.

5. Revocation and elimination options

You have the right to revoke your data protection consent declaration at any time. The revocation of consent does not affect the legality of the processing carried out based on the consent until the revocation.
You can prevent the collection and processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
With the following link, you can deactivate the use of your personal data by Google:
https://adssettings.google.de
Further information on objection and elimination options against Google can be found at:
https://policies.google.com/privacy?gl=DE&hl=de

Use of Google Analytics 4 (GA 4)

1. Scope of processing personal data

We use Google Analytics, a web analytics service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as Google). 

Google Analytics examines, among other things, how the website visitor uses our site. Google sets cookies on your device. During the visit, user behavior is recorded in the form of "events". As a result, personal data can be stored and evaluated, including: 

  • First visit to the website 
  • Interaction with the website, usage path 
  • Clicks on external links 
  • Video usage 
  • File downloads 
  • Ad impressions and clicks 
  • Scroll behavior (when reaching the end of the page) 
  • Searches on the website 
  • Language selection 
  • Page visits 
  • Location (region) 
  • Your IP address (in shortened form) 
  • Technical information about your browser and the devices you use (e.g., language settings, screen resolution) 
  • Your internet provider 
  • Referrer URL 

We use the User-ID function. With the help of the User ID, we can assign one or more sessions (and the activities within these sessions) a unique, permanent ID and analyze user behavior across devices.

We use Google Signals. This allows additional information about users who have enabled personalized ads (interests and demographic data) to be collected in Google Analytics, and ads can be delivered to these users in cross-device remarketing campaigns.

By default, IP address anonymization is enabled in GA 4. This means that your IP address is shortened by Google within member states of the European Union or other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google states that the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. 

Further information on the processing of data by Google can be found here: https://policies.google.com/privacy 

2. Purpose of data processing 

The use of GA 4 serves us to evaluate the use of our online presence and generate reports on the activities on our website. The reports serve to analyze the performance of our website and our advertising campaigns, as well as the targeted display of advertising to people who have already shown initial interest by visiting the site. 

3. Legal basis for processing personal data 

The legal basis for processing the users' personal data is generally the user's consent according to Art. 6 para. 1 sentence 1 lit. a) GDPR. 

4. Duration of storage 

After 14 months, your personal data will be deleted. This deletion is automatic once a month. 

5. Revocation, objection, and elimination options 

You have the right to revoke your data protection consent declaration at any time. The revocation of consent does not affect the legality of the processing carried out based on the consent until the revocation. You can revoke your consent via our Cookie Consent Tool.

You can prevent the collection and processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net) or Ghostery (https://www.ghostery.com) in your browser. 

Further information on objection and elimination options against Google can be found at: https://policies.google.com/technologies/partner-sites  

You can also prevent the collection of data generated by the cookie and related to your use of the online presence (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de  

With the following link, you can deactivate the use of your personal data by Google: adssettings.google.de 

Use of Google Ads Remarketing

1. Scope of processing personal data

We use Google Ads Remarketing from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and its representative in the Union Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). Google Remarketing is used to re-target visitors to the online presence for advertising purposes through Google Ads advertisements. With the help of Google Ads Remarketing, target groups ("similar audiences") can be created that have, for example, visited certain pages. This makes it possible to identify the user on other online presences and display targeted advertising to them. Google sets a cookie on the user's computer. As a result, personal data can be stored and evaluated, especially user activity (in particular, which pages have been visited and which elements have been clicked on), device and browser information (in particular, the IP address and the operating system), data about the displayed advertisements (in particular, which advertisements were displayed and whether the user clicked on them), and also data from advertising partners (in particular, pseudonymized user IDs).
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de

2. Purpose of data processing

The purpose of processing personal data is to target a specific audience. The cookies stored on the users' devices recognize them when visiting an online presence and can therefore display interest-based advertising.

3. Legal basis for processing personal data

The legal basis for processing the users' personal data is generally the user's consent according to Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g., for tax and accounting purposes.

5. Revocation and elimination options

You have the right to revoke your data protection consent declaration at any time. The revocation of consent does not affect the legality of the processing carried out based on the consent until the revocation.
You can prevent the collection and processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can also prevent the collection of data generated by the cookie and related to your use of the online presence (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=de
With the following link, you can deactivate the use of your personal data by Google:
https://adssettings.google.de
Further information on objection and elimination options against Google can be found at:
https://policies.google.com/privacy?gl=DE&hl=de

Use of Google Maps

1. Scope of processing personal data

We use the online map service Google Maps from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and its representative in the Union Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). We use the Google Maps plugin to visually display geographic data and embed it on our online presence. By using Google Maps on our online presence, information about your use of our online presence, your IP address, and addresses entered in the route planning function are transmitted to a Google server and stored there.
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de

2. Purpose of data processing

The use of the Google Maps plugin serves to improve user-friendliness and provide an attractive presentation of our online presence.

3. Legal basis for processing personal data

The legal basis for processing the users' personal data is generally the user's consent according to Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored as long as necessary to fulfill the purposes described in this privacy policy or as required by law.

5. Revocation and elimination options

You have the right to revoke your data protection consent declaration at any time. The revocation of consent does not affect the legality of the processing carried out based on the consent until the revocation.
You can prevent the collection and processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
With the following link, you can deactivate the use of your personal data by Google:
https://adssettings.google.de
Further information on objection and elimination options against Google can be found at:
https://policies.google.com/privacy?gl=DE&hl=de

Use of Hotjar

1. Scope of processing personal data

We use the web analysis service Hotjar from Hotjar Ltd., Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta (hereinafter referred to as Hotjar). Hotjar uses, among other things, cookies, which are small text files stored locally in the cache of your web browser on your device, enabling an analysis of your use of our online presence. As a result, personal data can be stored and evaluated, especially user activity (in particular, which pages have been visited and which elements have been clicked on), device and browser information (in particular, the IP address and the operating system), and a tracking code (pseudonymized user ID). The information collected in this way is transmitted to a Hotjar server in Ireland and stored there anonymously.
Further information on the processing of data by Hotjar can be found here:
https://www.hotjar.com/legal/policies/privacy

2. Purpose of data processing

The use of the Hotjar plugin is to better understand the needs of our users and optimize the offering on this online presence.

3. Legal basis for processing personal data

The legal basis for processing the users' personal data is generally the user's consent according to Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored as long as necessary to fulfill the purposes described in this privacy policy or as required by law.

5. Revocation and elimination options

You have the right to revoke your data protection consent declaration at any time. The revocation of consent does not affect the legality of the processing carried out based on the consent until the revocation.
You can prevent the collection and processing of your personal data by Hotjar by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
With the following link, you can deactivate the use of your personal data by Hotjar:
https://www.hotjar.com/legal/compliance/opt-out
Further information on objection and elimination options against Hotjar can be found at:
https://www.hotjar.com/legal/policies/privacy

Use of LinkedIn

1. Scope of processing personal data

We use functions of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter referred to as LinkedIn). Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn's servers is established. LinkedIn is informed that you have visited our website with your IP address. If you click the LinkedIn "Recommend Button" and are logged into your LinkedIn account, LinkedIn can associate your visit to our website with you and your user account. As a result, personal data can be stored and evaluated, especially user activity (in particular, which pages have been visited and which elements have been clicked on), and device and browser information (in particular, the IP address and the operating system).
We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or how it is used by LinkedIn. Further information on the processing of data by LinkedIn can be found here:
https://www.linkedin.com/legal/privacy-policy

2. Purpose of data processing

The use of the LinkedIn plugin serves the user-friendliness of our online presence.

3. Legal basis for processing personal data

The legal basis for processing the users' personal data is generally the user's consent according to Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g., for tax and accounting purposes.

5. Revocation and elimination options

You have the right to revoke your data protection consent declaration at any time. The revocation of consent does not affect the legality of the processing carried out based on the consent until the revocation.
You can prevent the collection and processing of your personal data by LinkedIn by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser. Furthermore, transmission can be prevented by logging out of your LinkedIn account before visiting our website.
With the following links, you can deactivate the use of your personal data by LinkedIn:
https://www.linkedin.com/psettings/guest-controls
Further information on objection and elimination options against LinkedIn can be found at:
https://www.linkedin.com/legal/privacy-policy

Use of Mouseflow

1. Scope of processing personal data

We use the Mouseflow plugin from Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark (hereinafter referred to as Mouseflow). The Mouseflow plugin records individual, randomly selected visits. This creates a log of mouse movements and clicks to randomly replay individual online presence visits and derive potential improvements for the online presence. As a result, personal data can be stored and evaluated, especially user activity (in particular, which pages have been visited and which elements have been clicked on) and device and browser information (in particular, the IP address and the operating system).
Further information on the processing of data by Mouseflow can be found here:
https://mouseflow.de/privacy/

2. Purpose of data processing

The use of the Mouseflow plugin serves to improve the user-friendliness of our online presence and services.

3. Legal basis for processing personal data

The legal basis for processing the users' personal data is generally the user's consent according to Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g., for tax and accounting purposes.

5. Revocation and elimination options

You have the right to revoke your data protection consent declaration at any time. The revocation of consent does not affect the legality of the processing carried out based on the consent until the revocation.
You can prevent the collection and processing of your personal data by Mouseflow by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
With the following link, you can deactivate the use of your personal data by Mouseflow:
https://mouseflow.de/opt-out/
Further information on objection and elimination options against Mouseflow can be found at:
https://mouseflow.de/privacy/

Use of Salesforce - Web-to-Lead

1. Scope of processing personal data

We use Web-to-Lead, an add-on of the CRM platform Salesforce from salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich, Germany (hereinafter referred to as Salesforce). This allows users to provide their contact details to the company that operates the online presence. The Web-to-Lead function in Salesforce can be used to generate lead information from website visitors. A form is created to capture first name, last name, email address, company, city, and state/province. Additionally, personal data such as device and browser information (in particular, the IP address and the operating system) of the user can be stored and evaluated.
If the user reaches our website by clicking on an advertisement, a click ID generated during the click may be linked with the information provided in the form (e.g., Google Click ID).
Further information on the processing of data by Salesforce can be found here:
https://www.salesforce.com/de/company/privacy/full_privacy/

2. Purpose of data processing

The contact form serves to acquire potential new customers and their contact details.

3. Legal basis for processing personal data

The legal basis for processing the users' personal data is generally the user's consent according to Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g., for tax and accounting purposes.

5. Revocation and elimination options

You have the right to revoke your data protection consent declaration at any time. The revocation of consent does not affect the legality of the processing carried out based on the consent until the revocation.
You can prevent the collection and processing of your personal data by Salesforce by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Further information on objection and elimination options against Salesforce can be found at:
https://www.salesforce.com/de/company/privacy/full_privacy/

Use of Shariff

1. Scope of processing

When you visit our page with Shariff (https://de.wordpress.org/plugins/shariff/), an automatic direct connection between your computer and the servers of many social network providers is prevented. Only when you actively use functions of these providers, such as "Share-Buttons" or comment fields, are data transferred to the respective service providers. No data is transmitted to Shariff's servers.
For more information about the service providers supported by Shariff, please visit the following page:
http://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html

2. Purpose of data processing

The use of Shariff serves to prevent the involuntary transfer of data from visitors to social network providers.

3. Legal basis for processing personal data

The legal basis for data processing is Art. 6 para.1 sentence 1 lit. f GDPR. Our legitimate interest lies in the purposes of data processing mentioned in section 2.

4. Duration of storage

Your personal information will be stored as long as necessary to fulfill the purposes described in this privacy policy or as required by law.

5. Objection and elimination options

You can prevent the collection and processing of your personal data by Shariff by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

Use of Shutterstock

1. Scope of processing personal data

We use functions from Shutterstock Inc., 350 Fifth Avenue, 21st Floor, New York, NY 10118 USA (hereinafter referred to as Shutterstock). We use this plugin to display embedded images. When you visit a page with the plugin, a direct connection between your computer and the Shutterstock server is established. Shutterstock thereby receives the information that you have visited our page with your IP address. As a result, personal data can be stored and evaluated, especially user activity (in particular, which pages have been visited and which elements have been clicked on) and device and browser information (in particular, the IP address and the operating system).
We point out that as the provider of the pages, we do not receive any knowledge of the content of the transmitted data or its use by Shutterstock.
Further information on the processing of data by Shutterstock can be found here:
https://www.shutterstock.com/de/privacy

2. Purpose of data processing

The use of the Shutterstock plugin serves to improve the user-friendliness and loading speed of our online presence.

3. Legal basis for processing personal data

The legal basis for processing the users' personal data is generally the user's consent according to Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g., for tax and accounting purposes.

5. Revocation and elimination options

You have the right to revoke your data protection consent declaration at any time. The revocation of consent does not affect the legality of the processing carried out based on the consent until the revocation.
You can prevent the collection and processing of your personal data by Shutterstock by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Further information on objection and elimination options against Shutterstock can be found at:
https://www.shutterstock.com/de/privacy

Use of Xing Share Button

1. Scope of processing personal data

Our online presence uses the XING Share Button from XING SE, Dammtorstraße 29-32, 20354 Hamburg, Germany. When you access this website, a short-term connection is established via your browser to XING SE's servers (hereinafter referred to as XING), which provide the "XING Share Button" functions (in particular, the calculation/display of the counter value). These servers are configured to be particularly data protection-friendly. No data is stored about visitors' access that could be used to derive a direct personal reference. In particular, XING does not store IP addresses of visitors to websites that include the XING Share Button. Further information on the processing of data by XING can be found here:
https://www.xing.com/app/share?op=data_protection

2. Purpose of data processing

The inclusion of the "XING Share Button" serves to improve the user-friendliness of our online presence. When you click this button, you will be redirected to the XING homepage. If you are logged into your profile, you can recommend the link to our online presence.

3. Legal basis for processing personal data

The legal basis for processing the users' personal data is generally the user's consent according to Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g., for tax and accounting purposes.

5. Revocation and elimination options

You have the right to revoke your data protection consent declaration at any time. The revocation of consent does not affect the legality of the processing carried out based on the consent until the revocation.
You can prevent the collection and processing of your personal data by XING by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Further information on objection and elimination options against XING can be found at:
https://www.xing.com/app/share?op=data_protection

Use of YouTube

1. Scope of processing personal data

We use the plugin operated by Google from YouTube, YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, and its representative in the Union Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as Google). We use the YouTube plugin to embed YouTube videos on our online presence. When you visit our online presence, your browser connects to YouTube's servers. As a result, personal data can be stored and evaluated, especially user activity (in particular, which pages have been visited and which elements have been clicked on) and device and browser information (in particular, the IP address and the operating system).
We have no influence on the content of the plugin. If you are logged into your YouTube account during your visit, YouTube can associate your visit to our online presence with your account. By interacting with this plugin, the corresponding information is transmitted directly to YouTube and stored there.
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de

2. Purpose of data processing

The use of the YouTube plugin serves to improve the user-friendliness and provide an attractive presentation of our online presence.

3. Legal basis for processing personal data

The legal basis for processing the users' personal data is generally the user's consent according to Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g., for tax and accounting purposes.

5. Revocation and elimination options

You have the right to revoke your data protection consent declaration at any time. The revocation of consent does not affect the legality of the processing carried out based on the consent until the revocation.
You can prevent the collection and processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
With the following link, you can deactivate the use of your personal data by Google:
https://adssettings.google.de
Further information on objection and elimination options against Google can be found at:
https://policies.google.com/privacy?gl=DE&hl=de

Use of Google Tag Manager

1. Scope of processing personal data

We use the service called Google Tag Manager (https://www.google.com/intl/de/tagmanager/) from Google. "Google" is a group of companies consisting of Google Ireland Ltd. (service provider), Gordon House, Barrow Street, Dublin 3, Ireland, as well as Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and other affiliated companies of Google LLC.

We have concluded a data processing agreement with Google.

2. Purpose of data processing

The Google Tag Manager is an auxiliary service and only processes personal data for technically necessary purposes. The Google Tag Manager loads other components that may collect data. The Google Tag Manager does not access this data.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the user’s consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be retained for as long as necessary to fulfil the purposes described in this privacy policy or as required by law, e.g. for tax and accounting purposes.

5. Possibility of revocation and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
You can prevent the collection and processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link:
tools.google.com/dlpage/gaoptout
You can use the following link to deactivate Google's use of your personal data:
adssettings.google.de

You can find more information about Google Tag Manager in Google's privacy policy under this link
policies.google.com/privacy

Use of DocuSign

1. Scope of processing of personal data

We use functionalities of the e-signature platform DocuSign from Docusign, Inc. 221 Main Street, Suite 1000, San Francisco, CA 94105, USA and its representative in the Union DocuSign, Inc., Broadgate Quarter, 9 Appold Street, 2nd Floor, London, EC2A 2AP, UK (hereinafter referred to as DocuSign). DocuSign allows us to forward offers, contracts or other agreements to customers and partners and have them signed electronically or digitally. As part of this process, DocuSign processes the following personal data in particular:
- Name
- Email address
- Postal address
- Telephone number
- Billing data or electronic signature
- IP address
- Geographical location that you have allowed to be collected by our apps (usually via your mobile device)
- Unique identifiers (UDI) of your device and its properties such as the operating system and browser type
- Web log data
- Referring and exit pages
- Referring and exit URLs
- Platform type
- Number of visits
- Domain names
- Landing pages
- Pages and content viewed and the order in which these pages were viewed
- Time spent on individual pages
- Date and time
- The frequency with which you have used DocuSign services
- Error logs and similar data
- Names and email addresses of parties to an envelope
- Subject of an envelope
- History of actions taken by individuals regarding an envelope (e.g. Verification, signing)
-Authentication methods

DocuSign uses cookies, web beacons, locally shared objects and tracking pixels. The cookies store your settings and your user name; they are also used to target advertising to your interests. All e-document data that DocuSign processes as part of the use of the DocuSign service is automatically encrypted with an AES-256-bit or comparable key. The data is transmitted to third countries, in particular the USA. DocuSign has adopted Binding Corporate Rules (BCR) to enable the transfer of personal data from the EEA to DocuSign locations outside the EEA. You can find DocuSign's Binding Corporate Rules at trust.docusign.com/en-us/trust-certifications/DSGVO/bcr-p-processor-privacy-code and trust.docusign.com/en-us/trust-certifications/DSGVO/bcr-c-csb-privacy-code.

You can find more information about how DocuSign processes data here:

www.docusign.de/unternehmen/datenschutz

2. Purpose of data processing

Using DocuSign enables us to perform electronic or digital signing of offers, contracts or other agreements and to prove their validity by documenting the transaction.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the user’s consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR.

4. Duration of storage

DocuSign will not retain your personal data for longer than is necessary for the purposes for which it is processed. The length of time DocuSign retains data depends on the purpose for which the data was collected and used and/or is as required by applicable law. In the event of technical limitations that prevent deletion or anonymization, DocuSign will protect personal data and limit its active use.

5. Possibility of revocation and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
You can prevent the collection and processing of your personal data by DocuSign by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can revoke your consent to the processing of the data at any time. You can exercise your revocation at any time by emailing us or privacy@docusign.com.
You can find more information on objection and removal options with DocuSign here:
www.docusign.de/unternehmen/datenschutz

Use of Twitter

1. Scope of processing of personal data
We use the Twitter Analytics analysis tool from Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA (hereinafter referred to as Twitter).
With Twitter Analytics, we can measure interaction with Twitter users, learn the interests, locations and origins of our followers and track how our Twitter Cards generate clicks, app installations and retweets. The following data is processed:
- IP address (anonymized)
- Browser type
- Referrer/exit pages
- Operating system
- Time and date of access
- Clickstream data
- Views
- Clicks
- Twitter account data
You can find more information about how Twitter Analytics processes data here:
twitter.com/de/privacy

2. Purpose of data processing

The processing of users' personal data by Twitter Analytics enables us to analyze the performance of our advertising on Twitter and the interactions with Twitter users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our offering. This helps us to continually improve our advertising measures and, in this context, also to increase user-friendliness.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the user’s consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be retained for as long as necessary to fulfill the purposes described in this privacy policy or as required by law.

5. Possibility of revocation and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
You can prevent the collection and processing of your personal data by Twitter by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can deactivate the use of your personal data by Twitter using the following link:
twitter.com/personalization
You can find more information on objection and removal options with Twitter at:
twitter.com/de/privacy

Use of LinkedIn Analytics

1. Scope of processing of personal data

We use the LinkedIn Analytics analysis service from LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter referred to as LinkedIn). By using LinkedIn Analytics, pseudonymized user profiles are created. The profiles are used to analyze user behavior and are used to optimize our offering. The following data is processed:
- Information about the operating system
- Device identifier
- Internet service provider
- IP address
- Referrer URL
- Browser information
You can find more information about how LinkedIn processes data here:
www.linkedin.com/legal/privacy-policy

2. Purpose of data processing

The processing of users' personal data by LinkedIn Analytics enables us to analyse the surfing behaviour of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our offering. This helps us to continuously improve our online presence and, in this context, also to increase user-friendliness.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the user’s consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be retained for as long as necessary to fulfill the purposes described in this privacy policy or as required by law.

5. Possibility of revocation and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
You can prevent the collection and processing of your personal data by LinkedIn by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can deactivate the use of your personal data by LinkedIn using the following link:
www.linkedin.com/help/linkedin/answer/62931/manage-advertising-preferences
You can find more information on objection and removal options with LinkedIn at:
www.linkedin.com/legal/privacy-policy

Use of MyFonts Webfonts

1. Scope of processing of personal data

We use the MyFonts web fonts from Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, Massachusetts, 01801, USA (hereinafter referred to as Monotype). When the page is accessed, the web fonts are transferred from our servers to the browser cache so that they can be used for the visually improved presentation of various information. If the browser does not support the web fonts or prevents access, the text is displayed in a standard font. When the page is accessed, no cookies are stored on the visitor's computer. Only licensing data that must be transmitted in connection with the page access is sent to resource-specific domains such as hello.myfonts.net, in particular the identification number of the web font project (anonymized), the URL of the licensed website, which is linked to our customer number in order to identify the licensee and the licensed web fonts, and the referrer URL. Further information on how Monotype processes data can be found here:
www.monotype.com/de/rechtshinweise/datenschutzrichtlinie/datenschutzrichtlinie-zum-tracking-von-webschriften

2. Purpose of data processing

The use of MyFonts web fonts ensures that our texts are displayed in an appealing manner. If your browser does not support this function, a standard font from your computer will be used for display.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is generally the user’s consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR.

4. Duration of storage

The anonymized Webfont Project Identification Number is stored in encrypted log files for 30 days to determine the monthly number of page views. After such extraction and storage of the number of page views, the log files are deleted.

5. Possibility of revocation and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
For more information on objection and removal options with Monotype, please visit:
www.monotype.com/de/rechtshinweise/datenschutzrichtlinie/datenschutzrichtlinie-zum-tracking-von-webschriften

Use of Cookiebot

1. Scope of processing of personal data

We use functionalities of the Cookiebot cookie consent solution from Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter referred to as Cybot).
Cookiebot offers a software solution that takes over the process of obtaining consent for the use of cookies and tracking online users. Cookiebot informs the users of our website about the cookies used on our website. You also have the option of deactivating cookie groups with the exception of functional cookies (which are necessary for the smooth display of our website). We are obliged to document your consent or refusal in accordance with Art. 7 Para. 1 GDPR.
In particular, the following personal data is processed by Cybot:
- The end user's IP number in anonymized form (the last three digits are set to '0').
- Date and time of consent.
- End user's browser.
- The URL for which consent was given.
- An anonymous, random and encrypted key.
- The end user's consent status, which serves as proof of consent.
Cybot cookies are stored on your device.
The key and consent status are also stored in the end user's browser in the "CookieConsent" cookie, so that the website can automatically read and follow the end user's consent on all subsequent page requests and future end user sessions for up to 12 months. The key is used for proof of consent and for an option to check whether the consent status stored in the end user's browser is unchanged compared to the original consent submitted to Cybot.
If the "Bulk Consent" feature is enabled to regulate consent for multiple websites through a single end user consent, Cybot also stores another separate, random, unique ID with the end user's consent. If all of the following criteria are met, this key is stored in the "CookieConsentBulkTicket" cookie in the end user's browser in encrypted form.
All data is hosted in an Azure data center of the cloud provider Microsoft Ireland Operations Ltd, South County Business Park, One Microsoft Court, Carmanhall and Leopardstown, Dublin, D18 P521, Ireland.
Further information on how Cybot processes data can be found here:
www.cookiebot.com/de/privacy-policy/

2. Purpose of data processing

We use Cookiebot to create and display cookie declarations for end users and to save and display cookie scan reports in the privacy policy. This enables us to fulfill our information obligations to the users of our website in accordance with Art. 13, 14 GDPR and to obtain and document consent to the use of cookies in accordance with data protection law.

Furthermore, we use Cookiebot to obtain aggregated information about end users' selection decisions regarding accepted cookie types and a graphical representation of this in the Service Manager.

3. Legal basis for the processing of personal data

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in the purposes of data processing mentioned under 2. The interests and rights of users are taken into account accordingly by anonymizing the IP address.

4. Duration of storage

Your personal information will be stored by Cybot for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

The cookies used by Cookiebot are stored on the user's end device for up to 12 months.

5. Possibility of objection and removal

You can prevent the collection and processing of your personal data by Cybot by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

Further information on objection and removal options vis-à-vis Cybot can be found at
www.cookiebot.com/de/privacy-policy/

Use of Facebook retargeting

1. Scope of the processing of personal data

We use functionalities of the Facebook Retargeting advertising plugin from Facebook Ireland Limited, 4 Grand Canal Square, Dublin Dublin 2, Ireland (hereinafter referred to as Facebook Retargeting).
Facebook Retargeting is used to carry out advertising campaigns and to interact with them. Facebook Retargeting reminds users of products that they have searched for or viewed but not purchased. Facebook cookies are stored on your end device.
In particular, the following personal data is processed by Facebook:

- Information about the user's activities
- Website accessed
- Which products have been displayed
- Which ads have been clicked on
- Device information, in particular device type, IP address
- Facebook account of the user, if they are logged into Facebook

Data is processed on servers of Facebook Inc, Facebook, Inc, 1601 Willow Road, Menlo Park, California 94025 in the USA.
Other recipients of the data are providers and service providers of Facebook Inc, e.g. for analysis purposes.
Further information on the processing of data by Facebook can be found here:
de-de.facebook.com/privacy/explanation

2. Purpose of data processing

We use Facebook Retargeting to place advertisements on various platforms and to analyze the interaction of users with these advertisements. In this way, we aim to show users personalized advertising that is more relevant to them.

3. Legal basis for the processing of personal data

The legal basis for the processing of users' personal data is generally the consent of the user in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Right of revocation and removal
You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent the collection and processing of your personal data by Facebook by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
The deactivation of personalized advertising for Facebook users is possible for logged-in users here:
www.facebook.com/settings/
Further information on objection and removal options vis-à-vis Facebook can be found at
de-de.facebook.com/privacy/explanation

Use of Google My Business

1. Scope of the processing of personal data
We use the Google My Business marketing platform of Google LLC, Gordon House, Barrow Street, 4, Dublin, Ireland (hereinafter referred to as: Google).
We use Google My Business for customer acquisition with optimized company profiles including the possibility of statistical evaluation and contacting users.
Google cookies are stored on your end device.
In particular, the following personal data is processed by Google My Business:
- Contact data / company data
- address data
- e-mail addresses
- telephone number
- opening hours
- Location data
- Credit card details
- reviews
- IP address

Data may be transmitted to Google servers in the USA. Further information on the processing of data by Google My Business can be found here:
policies.google.com/privacy

2. Purpose of data processing

We use Google My Business to develop statistical methods and to improve user behavior.

3. Legal basis for the processing of personal data

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in the purposes of data processing mentioned under 2.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Right of revocation and removal

You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Use of LinkedIn Insight Tag

1. Scope of the processing of personal data
We use functionalities of the LinkedIn Insight Tag marketing plugin from LinkedIn Ireland, Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter: LinkedIn).
The plugin enables us to obtain information about visitors to the website and to run detailed campaign reports.
In particular, the following personal data is processed by LinkedIn:

- URL
- referrer URL
- IP address shortened or hashed
- Device and browser properties (user agent) and timestamp.
LinkedIn cookies are stored on your end device. Further information on the cookies used can be found here:
www.linkedin.com/legal/cookie-policy
LinkedIn does not share any personal data with us, but only provides aggregated reports on the target group and advertisements. LinkedIn also offers a remarketing function that allows us to show you targeted, personalized advertising outside of our website without us knowing your identity.

Further information on the processing of data by LinkedIn can be found here:
www.linkedin.com/legal/privacy-policy

2. Purpose of data processing

We use the LinkedIn Insight Tag to collect information about visitors to our website.

3. Legal basis for the processing of personal data

The legal basis for the processing of users' personal data is generally the consent of the user in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

4. Duration of storage

The members' direct identifiers are removed within seven days in order to pseudonymize the data. This remaining pseudonymized data is then deleted within 180 days.

5. Right of revocation and removal

You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can prevent the collection and processing of your personal data by LinkedIn by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Further information on objection and removal options vis-à-vis LinkedIn can be found at
www.linkedin.com/legal/privacy-policy

JsDelivr of the provider Prospect One Sp. z.o.o, Czysta 8, Krakow, Poland
Information on exercising your rights vis-à-vis JsDelivr can be found at www.jsdelivr.com/privacy-policy-jsdelivr-net

Use of SalesViewer® technology:

This website uses SalesViewer® technology from SalesViewer® GmbH to collect and store data for marketing, market research and optimization purposes on the basis of the website operator's legitimate interests (Art. 6(1)(f) GDPR).

For this purpose, a javascript-based code is used to collect company-related data and the corresponding use. The data collected using this technology is encrypted using a non-reversible one-way function (known as hashing). The data is immediately pseudonymized and is not used to personally identify the visitor to this website.

The data stored by Salesviewer is deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations.

You can object to the collection and storage of data at any time with effect for the future by clicking on this link www.salesviewer.com/opt-out to prevent SalesViewer® from collecting data on this website in the future. An opt-out cookie for this website will be stored on your device. If you delete your cookies in this browser, you must click on this link again.

Use of Chatbot (Loyjoy)

1. Scope of the processing of personal data

We use the chatbot of our service provider LoyJoy GmbH, Kapuzinerstr. 20, 48149 Münster, Germany (hereinafter referred to as LoyJoy) to improve our offer and to carry out marketing campaigns such as competitions.
This website offers the opportunity to enter into a personal dialog with us. You can ask questions in our chat or take part in surveys or competitions via the chatbot and subscribe to the newsletter. We therefore collect the various communication/interaction data provided by you. This also gives us the opportunity to analyze the data and evaluate it for statistical purposes.

Transfers to third countries are possible. So-called standard contractual clauses pursuant to Art. 46 GDPR have been concluded as suitable guarantees. For third countries/companies for which an adequacy decision exists, the adequacy decision also applies.

You can find further information here: docs.loyjoy.com/docs/guides/data/data_privacy/

2. Purpose of data processing

The purpose of the processing is to improve our offer and to carry out marketing campaigns.

The following data is processed by the chatbot Browser used.
E-mail address and password/code for registration.

Interaction of the logged-in user such as messages entered, change email address, change password, login/logout, opt-in/opt-out, competition participation, etc.

If the user comes via Facebook Messenger or other messaging apps: The user ID provided by Facebook and data provided by the third-party provider (name).

The aforementioned data is aggregated and used anonymously for statistical evaluations in order to measure success and, if advertising consent has been given, to enable the optimized display of messages.

3. Legal basis for the processing of personal data

The legal basis for processing is consent pursuant to Art. 6 (1) a GDPR.

4. Duration of storage and withdrawal of consent

Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

The chat dialogs within the chatbot are automatically deleted after 365 days. The user has the option of deleting the data earlier via the chatbot menu and using other data protection rights.

If a live chat takes place with an agent, these chats are deleted after 30 days. Depending on the request, the chats are used to fulfill your request.

You can deactivate the tool via the cookie settings.

Cookies set via the website are stored for up to 24 months.

Services from Cloudflare (provider: Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA) are used as part of the chatbot.

Cloudflare provides protection functions for the web application (web application firewall). The data transfer between the browser and the chatbot's server flows via Cloudflare's infrastructure and is analyzed there to ward off attacks. The use of Cloudflare is in the interest of secure use of the chatbot and defense against harmful attacks from outside. The legal basis for processing via Cloudflare is therefore our overriding legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

There is no adequacy decision by the EU Commission for data transfers to the USA. Cloudflare ensures an adequate level of data protection by concluding the EU standard contractual clauses. We will provide you with a copy of the contractual clauses on request using the contact details provided above.

Apply online in the Westfalen job portal.

The use of the Westfalen Job Portal including online applications (https://karriere.westfalen.com/) is generally conducted over a secure and encrypted connection. You can recognize the secure connection by the prefix “https://” and the associated SSL certificate.

As part of the "Westfalen Online Application" on our job portal, we require the following personal data from you: salutation, first name, last name, place of residence (street and house number, postal code, city, country), phone number, and email address. Additionally, depending on the offered position, we may require further information such as qualification certificates. You can provide these to us at the appropriate place. Registration on our job portal is necessary to use the online application function. You can manage and delete your account independently at any time.

The data will be used exclusively in the context of the application process for the advertised position(s) for which you have applied. There will be no transfer to third parties. The applicant data will be processed within Westfalen AG and possibly its subsidiaries, depending on the respective job offer, exclusively by persons involved in the application process. You can also manage, restrict, and revoke these release rights independently in your account at any time. If the data you entered and provided are to be used for other purposes, your consent is required, which can be found clearly placed at the respective locations.

After the application process is completed, your data will be deleted unless legal retention periods conflict with this. Further information can be found in the terms of use and explanations at https://karriere.westfalen.com/.

Please use our online job portal for your application and do not send us your documents via email, as an email is generally not a secure communication channel.

Order store / online contact forms and order routes.

The use of the Westfalen AG order shop is generally conducted over a secure and encrypted connection. You can recognize the secure connection by the prefix “https://” and the associated SSL certificate.

The data you provide, such as name(s), customer number, delivery addresses, and email address, will be used exclusively for the purpose of fulfilling the business purpose, processing the order you have placed with Westfalen AG and, if applicable, its subsidiaries. Additionally, you will receive the current safety data sheets via the contact details provided.

Further processing beyond the use as a means for fulfilling the business purpose does not take place. If the data you provide is to be used for other purposes, your consent is required, which can be clearly found at the respective locations.

The storage duration is determined by the statutory retention obligations according to §257 HGB and §147 AO (6 or 10 years).

Credit check.

Bei Nutzung des Bestellshops findet im Rahmen der gesetzlichen Bestimmungen und unter Berücksichtigung des Datenschutzes gegebenenfalls eine Prüfung ihrer Bonität- und Kreditwürdigkeit, unter Weitergabe der notwendigen Daten, statt. Die Westfalen-Gruppe bedient sich hierbei der externen Dienstleister Creditreform Münster Riegel & Riegel KG, Scharnhorststr. 46, 48151 Münster und der Schufa Holding AG, Kormoranweg 5, 65201 Wiesbaden.

Newsletter.

If you choose to subscribe to a newsletter, you only need to provide us with your email address. We use the provided email address exclusively for sending the ordered newsletter to regularly provide you with the requested information via email.

You can unsubscribe from the newsletter at any time. Instructions and options for unsubscribing can be found at the end of each email newsletter.

If the data you provide is to be used for other purposes, your consent is required, which can be clearly found at the respective locations.

The storage duration of the data for newsletter distribution continues until you object to the receipt of the newsletter with effect for the future.

Surveys.

If we collect personal data as part of (online) surveys, this data is used exclusively for the purposes stated in the (online) survey. It will not be passed on to third parties. The data collected is anonymized data if this is expressly indicated. By participating in an (online) survey, the participant confirms that he or she has already reached the age of 16 or that consent has been given by the holder of parental responsibility.

Right to information.

You have the opportunity to obtain information about the personal data stored by Westfalen AG, its origin and purpose of use. We will be happy to comply with your request for information. Please address your written request for information to our data protection officer (see contact details below).

Correction, deletion and objection.

We will be happy to comply with your request to correct or delete the data stored about you, provided that there are no statutory retention periods to the contrary. If it is not possible to delete data, the data will be blocked instead.

In addition, the data stored about you will be automatically deleted on a regular basis if the purpose-related storage is no longer required and the deletion does not conflict with any statutory retention periods.

Amendment and provisions.

We reserve the right to change the privacy policy. The privacy policy may be amended for technical and data protection reasons. We therefore ask you to observe the current version.

Information according to Art. 13 GDPR (valid from 25.05.2018).

Hinweise auf die Rechte der Betroffenen.

Information Obligation according to Art. 13 GDPR

The data subject has the right to obtain from the controller confirmation as to whether or not personal data concerning them is being processed; if so, they have the right to access this personal data and the information listed in detail in Art. 15 GDPR.

The data subject has the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning them and, where applicable, to have incomplete personal data completed (Art. 16 GDPR).

The data subject has the right to obtain from the controller the erasure of personal data concerning them without undue delay where one of the grounds listed in detail in Art. 17 GDPR applies, e.g., if the data is no longer necessary for the purposes pursued (right to erasure), unless legal retention or archiving obligations oppose this.

The data subject has the right to obtain from the controller restriction of processing where one of the conditions listed in Art. 18 GDPR applies, e.g., if the data subject has objected to processing, pending the verification by the controller.

The data subject has the right to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller (Art. 20 GDPR).

The data subject has the right to object, on grounds relating to their particular situation, at any time to processing of personal data concerning them. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defense of legal claims (Art. 21 GDPR).

Every data subject has the right to lodge a complaint with a supervisory authority. The data subject can exercise this right with a supervisory authority in the Member State of their habitual residence, place of work, or place of the alleged infringement.

Before you lodge a complaint with the competent supervisory authority, we kindly ask you to address the matter with our data protection officer.