Data protection

When you use the website, we collect information that you provide yourself. In addition, certain information about your use of the website is automatically collected by us during your visit to the website. Under data protection law, the IP address is also considered personal data. An IP address is assigned to every device connected to the Internet by the Internet provider so that it can send and receive data.

1. processing of server log files

When using our website for purely informational purposes, general information that your browser transmits to our server is initially stored automatically (i.e. not via registration). By default, this includes: browser type/version, operating system used, page accessed, the previously visited page (referrer URL), IP address, date and time of the server request and HTTP status code. The processing is carried out to protect our legitimate interests and is based on the legal basis of Art. 6 para. 1 letter f) GDPR. This processing is for technical administration, website security and internal analysis purposes. The stored data will be deleted after seven days unless there is a justified suspicion of unlawful use based on concrete evidence and further examination and processing of the information is necessary for this reason. We are not in a position to identify you as a data subject on the basis of the stored information. Art. 15 to 22 GDPR therefore do not apply in accordance with Art. 11 para. 2 GDPR, unless you provide additional information that enables your identification in order to exercise your rights set out in these articles.

2nd Newsletter

a. Registration and deregistration

We offer you the opportunity to subscribe to our newsletter. After registration, we will inform you regularly about the latest news on our offers. A valid e-mail address is required to register for the newsletter. To verify your e-mail address, you will first receive a registration e-mail, which you must confirm via a link (double opt-in). If you subscribe to the newsletter on our website, we process personal data such as your e-mail address and your name on the basis of the consent you have given. The processing is based on the legal basis of Art. 6 para. 1 letter a) GDPR. You can revoke your consent at any time with effect for the future, for example via the “Unsubscribe” link in the newsletter or by contacting us via the channels mentioned above. The legality of the data processing operations that have already taken place remains unaffected by the revocation. When you register for the newsletter, we also store your IP address and the date and time of registration. The processing of this data is necessary in order to be able to prove that consent has been given. The legal basis arises from our legal obligation to document your consent (Art. 6 para. 1 letter c) in conjunction with Art. 7 para. 1 GDPR). Art. 7 para. 1 GDPR).

b. Newsletter analysis

We also analyze the reading behavior and opening rates of our newsletter. We evaluate the data generated when our emails are delivered and retrieved in aggregated and anonymized form (delivery rate, opening rate, click rates, unsubscribe rate, bounce rate, visits, completions) in order to measure the use and success of the emails. The legal basis for the analysis of our newsletter is Art. 6 para. 1 letter f GDPR and the processing serves our legitimate interest in optimizing our newsletter. You can object to this at any time by contacting one of the contact channels listed above.

On the other hand, we also evaluate the data generated when you access and use these e-mails (time of opening, hyperlinks clicked on, documents downloaded) as well as transaction data on downstream websites in connection with your e-mail address in order to provide you with personalized information on this basis in the future, which takes your interests and needs into account in the best possible way. We use the anonymous and personal data collected to provide you with personalized content and individualized information in our advertising emails and downstream websites. The legal basis for data processing in the context of e-mails is Art. 6 para. 1 letter a) GDPR. You can revoke your consent at any time with effect for the future, for example via the “unsubscribe” link in the newsletter or by contacting us via the channels mentioned above.

c. Service provider

We use the Pardot service of salesforce.com, inc. (USA) to manage subscribers, send the newsletter and analyze it. Your e-mail address is therefore transmitted by us to Salesforce. The processing is carried out on our behalf and is based on the legal basis of Art. 6 letter f GDPR and serves our legitimate interest in the optimization and economic dispatch of our newsletter. If you do not want your data to be processed by Salesforce, you should not subscribe to the newsletter or unsubscribe from it.

We use Salesforce’s Processor Binding Corporate Rules for the Processing of Personal Data as appropriate safeguards for transfers to third countries: https://c1.sfdcstatic.com/content/dam/web/en_us/www/documents/legal/misc/Salesforce-Processor-BCR.pdf

Users can find further information on data protection at Salesforce in Salesforce’s privacy policy: https://www.salesforce.com/company/privacy/

3. whitepaper

a. Whitepaper Download

We offer a white paper on our website, which you will receive from us if you allow us to contact you for marketing purposes in the future. A valid e-mail address is required to receive the white paper. To verify your e-mail address, you will first receive a registration e-mail, which you must confirm via a link (double opt-in). We process your e-mail address for advertising purposes on the basis of your consent. The processing is based on the legal basis of Art. 6 para. 1 letter a) GDPR. You can revoke your consent at any time with effect for the future, for example via the link provided for this purpose at the end of every message from us or by contacting us in any other way. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

b. Service provider

We use the Pardot service of salesforce.com, inc. (USA) to send the white paper. Your e-mail address as a mandatory field and optionally name, position, company, telephone number are therefore transmitted by us to Pardot of salesforce.com, inc. (USA).

The processing is carried out on our behalf and is based on the legal basis of Art. 6 letter f) GDPR and serves our legitimate interest in customer acquisition and customer loyalty. If you do not want your data to be processed by Pardot of salesforce.com, inc. (USA), you should not request a whitepaper or unsubscribe.

We use Salesforce’s Processor Binding Corporate Rules for the Processing of Personal Data as appropriate safeguards for transfers to third countries: https://c1.sfdcstatic.com/content/dam/web/en_us/www/documents/legal/misc/Salesforce-Processor-BCR.pdf

Users can find further information on data protection at Salesforce in Salesforce’s privacy policy: https://www.salesforce.com/company/privacy/

4. webinars

We organize online webinars for our customers and interested parties. Registration requires the processing of personal data (name, e-mail address and, if applicable, employer), which you provide to us via the input mask. The processing of the data provided is carried out for the purpose of providing the service and is based on the legal basis of Art. 6 para. 1 letter b GDPR.

To conduct the webinar, we use Teams, a service provided by Microsoft Ireland Operations Limited. (Ireland, EU). Before entering the webinar room, you will be asked to enter your name. Please note that this name may be seen by other webinar participants. If you do not wish this to happen, you can enter only your initials instead.

By registering for the webinar, you agree to be contacted by our sales team afterwards. We offer you participation in our webinar in return for your contact details and your consent to receive further information about our services. This processing is carried out on the legal basis of Art. 6 para. 1 letter a GDPR. You can withdraw your consent at any time by clicking on the unsubscribe link in the email or by contacting us at the above address.

We use salesforce, a service of salesforce.com, inc. (USA), to manage your data. We use Salesforce’s Processor Binding Corporate Rules for the Processing of Personal Data as appropriate safeguards for transfers to third countries: https://c1.sfdcstatic.com/content/dam/web/en_us/www/documents/legal/misc/Salesforce-Processor-BCR.pdf

The data will be deleted as soon as it is no longer required for the purpose for which it was collected.

5. cookies

We use cookies and similar technologies on our website. Cookies are small text files that are stored by your browser when you visit a website. This identifies the browser used and can be recognized by our web server. We use so-called “session cookies”, which are deleted when the browser session ends. Other cookies (“persistent cookies”) are automatically deleted after a specified period, which may vary depending on the cookie.

The use of cookies is in part technically necessary for the operation of our website. We also use cookies and similar technologies to measure analytics about the reach of our website and to analyze the use of our website. We also use cookies and similar technologies to track user behavior across websites and devices.

Cookies are stored on the user’s computer. As a user, you therefore have full control over the use of cookies. You can delete cookies in the security settings of your browser at any time. You can object to the use of cookies through your browser settings in principle or for specific cases. The Federal Office for Information Security provides further information on this at https://www.bsi.bund.de/DE/Themen/Verbraucherinnen-und-Verbraucher/Informationen-und-Empfehlungen/Cyber-Sicherheitsempfehlungen/Updates-Browser-Open-Source-Software/Der-Browser/JavaScript-Cookies-Fingerprints/javascript-cookies-fingerprints_node.html

Information on how cookies and similar technologies are used by us can be found below under the description of the specific processing activity. Further information on the cookies used on our website can also be found on our consent banner.

You can also change your cookie settings here:

6. consent management via Borlabs

This website uses Borlabs. The Borlabs consent banner enables users of our website to give their consent to certain data processing operations or to withdraw their consent. Borlabs also supports us in being able to provide proof of the declaration of consent. For this purpose, Borlabs processes information on the declaration of consent and further log data on this declaration. Cookies are also used to collect this data.

The processing of this data is necessary in order to be able to prove that consent has been given. The legal basis arises from our legal obligation to document your consent (Art. 6 para. 1 letter c) in conjunction with Art. 7 para. 1 GDPR). Art. 7 para. 1 GDPR).

7. google analytics

We use the Google Analytics service provided by Google Ireland Limited (Ireland, EU) on our website.

Google Analytics is a web analytics service that allows us to collect and analyze data about user behavior on our website. Google Analytics enables us to measure interaction data from different devices and from different sessions. This allows us to put individual user actions into context and analyze long-term relationships.

Google Analytics uses cookies for this purpose, which enable us to analyze the use of our website. In addition, personal data in the form of IP addresses, device identifiers and information about interaction with our website is processed. Some of this data is information that is stored on the device you are using. In addition, further information is stored on your device via the cookies used.

Google will process the data collected in this way on our behalf in order to evaluate the use of our website by users, to compile reports on the activities within our website and to provide us with further services associated with the use of our website and the use of the Internet.

The setting of cookies and the further processing of personal data described here takes place with your consent. The legal basis for data processing in connection with the service is Article 6(1)(a) GDPR. You can revoke this consent at any time via our consent management tool with effect for the future.

We only use Google Analytics with activated IP anonymization. This means that the IP address transmitted by the user’s browser is shortened by Google. The transmitted IP address is not merged with other data. The IP address is truncated on servers in the EU.

The data on user actions is stored for a period of 2 months and then automatically deleted. Data whose storage period has expired is automatically deleted once a month.

Further information on how data from websites or apps in the Google network is used for advertising purposes can be found in Google’s information at: www.google.com/policies/technologies/ads/.

8. cloudflare

We use the Cloudflare service from Cloudflare Inc (USA) on our website to display content. For such integration, it is technically necessary to process your IP address so that the content can be sent to your browser.

Your data is processed on the basis of Art. 6 para. 1 letter f GDPR and is based on our legitimate interest in the optimization and economic operation of our website.

When using the service, a transfer of your data to the USA cannot be ruled out. Please note the information in the section “Data transfer to third countries”. Further information on data protection at Cloudflare can be found in Cloudflare’s privacy policy at https://www.cloudflare.com/privacypolicy/.

9. integrated third-party services and content

We use services and content provided by third-party providers on our website (hereinafter collectively referred to as “content”). We use a two-click solution for integration. When using the two-click solution, no connection to the third-party provider is initially established, but a placeholder is first loaded from our own server. This can be a preview image for the integrated maps or videos. Contact with the “third-party server” is only established after a further click on the respective placeholder. The IP address is therefore only transmitted when you confirm this by clicking on it.

The data processing takes place with your consent and is based on Art. 6 para. 1 letter a) GDPR.

We have integrated content from the following services provided by third parties into our website:

• “YouTube” of YouTube LLC (USA) for displaying videos.

When using Google services, we cannot rule out the transmission of the processed data to Google LLC (USA), which is based in the USA. Please note the information in the section “Data transfer to third countries”.

10. pardot marketing automation system

We use the Pardot Marketing Automation System (“Pardot MAS”) from salesforce.com, Inc (USA) on our website. Pardot MAS is a special software for recording and analyzing the use of a website by website visitors. When you visit our website, Pardot MAS records your click path and uses this to create an individual user profile using a pseudonym. Insofar as Pardot MAS processes personal data, the processing is carried out exclusively on our behalf and in accordance with our instructions.

Your data is processed on the basis of your consent in accordance with Art. 6 (1) (a) GDPR.

Cookies are set on your end device to integrate the service. The setting of cookies and access to information stored on the device you are using takes place with your consent in accordance with Section 25 (1) TDDDG, which you can revoke at any time with effect for the future via our Consent Management Tool. When using the service, a transfer of your data to the USA cannot be ruled out. We use Salesforce’s Processor Binding Corporate Rules for the Processing of Personal Data as suitable guarantees for the transfer to third countries: https://c1.sfdcstatic.com/content/dam/web/en_us/www/documents/legal/misc/Salesforce-Processor-BCR.pdf. Further information on data protection at Salesforce can be found in Salesforce’s privacy policy at https://www.salesforce.com/company/privacy/

We have a company page on several social media platforms. In this way, we would like to offer further opportunities for information about our company and for exchange. Our company has company pages on the following social media platforms:

• Facebook of Meta Platforms Ireland Limited, (Ireland, EU), hereinafter referred to as “Meta”;
• Instagram of Meta Platforms Ireland Limited, (Ireland, EU), hereinafter referred to as “Meta”;
• LinkedIn of LinkedIn Ireland Unlimited Company, (Ireland, EU), hereinafter referred to as “LinkedIn”;
• XING of NEW WORK SE, (Germany, EU), hereinafter referred to as “XING”;

When you visit or interact with a profile on a social media platform, personal data about you may be processed. The information associated with a social media profile used also regularly constitutes personal data. This also includes messages and statements made using the profile. In addition, certain information is often automatically collected during your visit to a social media profile, which may also constitute personal data.

1. visiting a social media page

When you visit our social media page, which we use to present our company or individual products from our range, certain information about you is processed. The operators of the social media platforms are solely responsible for this processing of personal data. Further information on the processing of personal data can be found in their privacy policies, which we link to below:

• Meta (https://www.facebook.com/privacy/explanation). Meta offers the option of objecting to certain data processing; information and opt-out options in this regard can be found at https://www.facebook.com/settings?tab=ads;
• LinkedIn (https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy);
• XING (https://privacy.xing.com/de/datenschutzerklaerung/druckversion)

Some social media platform operators collect and process event data and profile data and provide us with statistics and insights for our pages in anonymized form, which help us gain insights into the types of actions people take on our site (so-called “page insights”). These Page Insights are created on the basis of certain information about people who have visited our site. This processing of personal data is carried out by the social media operators and us as joint controllers. The processing serves our legitimate interest in evaluating the types of actions taken on our site and improving our site based on these findings. The legal basis for this processing is Article 6(1)(f) GDPR.

We cannot assign the information obtained via Page Insights to individual user profiles that interact with our pages. We have entered into agreements with the operators of the social media platforms on processing as joint controllers, in which the distribution of data protection obligations between us and the operators is defined. Details on the processing of personal data for the creation of Page Insights and the agreement concluded between us and the operators can be found at the following links:

• Meta (https://www.facebook.com/legal/terms/information_about_page_insights_data);
• LinkedIn (https://legal.linkedin.com/pages-joint-controller-addendum;
• XING (https://www.xing.com/terms/onlyfy-one#h2-vereinbarung-zur-gemeinsamen-datenschutzrechtlichen-verantwortlichkeit).

You also have the option of asserting your rights against the operators. You can find further information on this under the following links:

• Meta (https://www.facebook.com/privacy/explanation);
• LinkedIn (https://www.linkedin.com/help/linkedin/ask/PPQ?lang=de);
• XING (https://privacy.xing.com/de/datenschutzerklaerung/welche-rechte-koennen-sie-geltend-machen).

We have agreed with Meta and LinkedIn that the Irish Data Protection Commission is the lead supervisory authority overseeing processing for Page Insights. You always have the right to lodge a complaint with the Irish Data Protection Commission (see www.dataprotection.ie) or any other supervisory authority.

2. communication via social media sites

We also process information that you have provided to us via our company page on the respective social media platform. Such information may include the username used, contact details or a message to us. This processing is carried out by us as the sole controller. We process this data on the basis of our legitimate interest in contacting people who make inquiries. The legal basis for data processing is Article 6(1)(f) GDPR. Further data processing may take place if you have given your consent (Art. 6 para. 1 letter a GDPR) or if this is necessary to fulfill a legal obligation (Art. 6 para. 1 letter c GDPR).