Welcome to our website. The protection of your personal data is important to us. Below we will inform you about the processing of your personal data and your rights in connection with the use of our website. If you have any questions about data protection or the processing of personal data, please see the imprint the contact details of the responsible person or body.

General information on data processing

It is generally possible to use our website without providing any personal data. As far as personal data (e.g. name, address or e-mail addresses) is collected on our pages, this is done on a voluntary basis, as far as possible. This data will not be passed on to third parties without your express consent.

As a responsible company, we have taken numerous technical and organizational measures to ensure the most comprehensive protection possible for the data collected via this website.

As a responsible company, we consciously avoid automatic decision-making or profiling. The responsible body within the meaning of the General Data Protection Regulation, other data protection laws of the member states of the European Union and other regulations with a data protection nature is clearly defined.

scope of application

This data protection declaration applies to all personal data that is processed on our online presence, as well as to all personal data that is processed by companies commissioned by us (contract processors). By personal data we mean information within the meaning of Article 4 No. 1 GDPR, such as names, email addresses, IP addresses and postal addresses of people. The processing of personal data enables us to offer and bill for our services and products, whether online or offline. The scope of this data protection declaration extends to:

• Our online presence: websites, online shops
• Social media appearances
• Newsletter
• Customer communication via email and messenger
• Mobile apps for smartphones and other devices.

Server log files

Every time our website is accessed, information is automatically collected by the web hosting provider and stored in so-called server log files. This information includes:

• IP address
• Date and time of access
• Name of the page accessed
• Referrer URL (the previously visited page)
• Amount of data transferred
• Browser type and browser version
• operating system

This data is processed out of legitimate interest in accordance with Article 6 (1) (f) GDPR. The data is used exclusively for statistical evaluations and to improve the website. The IP addresses are automatically anonymized after 7 days.

SSL encryption

We use SSL certificates for secure communication between client and website. This is particularly necessary when transferring confidential data, such as form entries, which is why SSL or TLS encryption is used on this page. An encrypted connection can be easily recognized by the fact that the address bar of the browser shows “https://”; a lock symbol is usually displayed in your address bar of the browser. By using SSL or TLS encryption, the data you transmit cannot be read by third parties.

Cookies

Our website uses cookies. Cookies are small text files that are stored on your computer and that your browser stores. We use cookies to make our website easier to use and to carry out statistical evaluations. You can prevent the storage of cookies by setting your browser software accordingly. Further information about the cookies used, their respective purpose and storage period can be found here Cookie Policy.

Legal basis

We process your data exclusively on the basis of the following legal bases

• Legitimate interests (Article 6 paragraph 1 lit. f GDPR): If legitimate interests require it, the processing of the data is possible without active consent, for example to deliver the website to your computer.
• Consent (Article 6 paragraph 1 lit. a GDPR): Your consent enables us to process data for a specific purpose, for example when entering forms.
• Contract (Article 6 paragraph 1 lit. b GDPR): In order to fulfill a contract or pre-contractual obligations with you, we may also process your data, for example to create invoices.
• Legal obligation (Article 6 paragraph 1 lit. c GDPR): We also process your data if we have to fulfill a legal requirement, for example the legal obligation to retain invoices.

Rights of those affected in accordance with GDPR

You have the right to information, correction, deletion, restriction of processing, data portability and objection. Further information about your rights can be found in Section 8 of our privacy policy. Further information about the GDPR: https://eur-lex.europa.eu/legal-content/DE/ALL/?uri=celex%3A32016R0679.

• Right to information (Article 15 GDPR): You have the right to know whether we are processing your data. If this is the case, you have the right to receive a copy of the data as well as information about the purpose of processing, the categories of data processed, the recipients (including any transfers to third countries), the storage period, your right to rectification, deletion, restriction of processing and Objection, the right to lodge a complaint with a supervisory authority (link to the authority below), the origin of the data (if not collected by you), and the possible implementation of profiling.
• Right to rectification (Article 16 GDPR): You have the right to have incorrect data corrected.
• Right to deletion (Article 17 GDPR – “Right to be forgotten”): You can request the deletion of your data.
• Right to restriction of processing (Article 18 GDPR): Under certain circumstances we may only store your data but not process it further.
• Right to data portability (Article 20 GDPR): Upon request, we will provide you with your data in a common format.
• Right to object (Article 21 GDPR): You can object to processing based on public interest or legitimate interest. We will check whether we can comply with the objection.
• Right to object to direct advertising and profiling: You can object to the use of your data for direct advertising or profiling at any time.
• Automated decisions (Article 22 GDPR): Under certain circumstances, you have the right not to be subject to actions based solely on automated decisions.
• Right to complain (Article 77 GDPR): You have the right to complain to the data protection authority if you believe that the processing of your data violates the GDPR.

Use of WordPress

Our website is based on the content management system WordPress. WordPress also uses cookies to ensure the functionality of the website. Further information can be found in the WordPress privacy policy.

Storage period

The data processed while using our website will be deleted as soon as the purpose for which it was stored no longer exists. This is done on the condition that deletion does not conflict with any legal retention obligations and there is no differing information about specific processing procedures. In some cases, we are legally obliged to store certain data even after the original purpose has ceased, for example due to tax requirements.

External services

contact form

If you send us data via a contact form, your details from the inquiry form, including the contact details you provided there, will be stored in order to process the inquiry and in case of follow-up questions. We will not pass on this data without your consent. The data will be automatically deleted after 30 days.

Matomo

To record usage and optimize the website, we use Matomo, a visitor tracking and analysis software for websites, provided by InnoCraft Ltd, 7 Waterloo Quay PO625, 6140 Wellington, New Zealand. All data is recorded completely anonymously and only evaluated in aggregated form.

• https://matomo.org/privacy-policy/

Cloudflare

On our website we may use the Content Delivery Network (CDN) from Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA) to reduce the loading time of the website and protect it from misuse. Cloudflare may set cookies and process user data such as the IP address.

• https://www.cloudflare.com/de-de/privacypolicy/

Mailgun

We use Mailgun, an email API service, for our email communication on our website. The service provider is the American company Mailgun Technologies Inc., located at 112 E Pecan St #1135, San Antonio, TX 78205, USA. Mailgun processes your data, including in the USA.

• https://www.mailgun.com/de/rechtliches/datenschutzerklaerung/?tid=331687690232

Wordfence Security

We use Wordfence, a firewall plugin for WordPress, on our website. The manufacturer is the American company Defiant, Inc., located at 1700 Westlake Ave N Ste 200, Seattle, WA 98109, USA. Wordfence processes your data, including in the USA.

• https://www.wordfence.com/help/general-data-protection-regulation/
• https://www.wordfence.com/privacy-policyL.

hCaptcha

We use technology on our website to prevent spam entries in forms. The service provider is the American company Intuition Machines Inc., based at 350 Alabama St, San Francisco, CA 94110, USA. hCaptcha processes your data, including in the USA.

• https://newassets.hcaptcha.com/dpa/IMI.DPA.9.23.21.New.SCCs.pdf
• https://www.hcaptcha.com/privacy.