Privacy policy

We are pleased that you are visiting our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to inform you at this point about which of your personal data we collect when you visit our website and for what purposes it is used. Personal data is individual information about personal or factual circumstances of an identified or identifiable natural person (data subject), e.g. name, address, e-mail addresses, user behavior. This is therefore data with which we can identify you. In addition, you will occasionally find information on data processing processes outside this website (e.g. video conferences or newsletters). 

Responsible for data processing 

Person in charge 

for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR) 

FERRO DUO GmbH
Salzstraße 40-41 
48143 Münster
DE
+49 203 8048096
info@ferroduo.de

Data Protection Officer

exkulpa gmbh
Waldfeuchter Str. 266
52525 Heinsberg
Phone: +49 2452 - 99 33 11
datenschutz@ferroduo.de

General

This privacy policy meets the legal requirements for transparency in the processing of personal data. This is any information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, e-mail address, IP address or user behaviour when visiting a website. Information for which we cannot (or only with a disproportionate effort) relate to your person, e.g. through anonymization, is not personal data. The processing of personal data (e.g. collection, retrieval, use, storage or transmission) always requires a legal basis and a defined purpose. 
Stored personal data will be deleted as soon as the purpose of the processing has been achieved and there are no legitimate reasons for further storage of the data. We inform you in the individual processing operations about the specific storage periods or criteria for storage. Irrespective of this, we store your personal data in individual cases to assert, exercise or defend legal claims and in the presence of statutory retention obligations. 

Information according to Art. 13 GDPR 

This information is aimed at customers, interested parties, suppliers and employees. Your personal data will be processed by us for the following purposes: 

• To fulfil our contractual obligations to which we are obliged to you (Art. 6 para. 1 lit. b GDPR). 
• To carry out pre-contractual obligations (Art. 6 para. 1 lit. b GDPR). 
• To answer inquiries (Art. 6 para. 1 lit. b GDPR). 
• If you have given us your consent to process your personal data for specific purposes (e.g. to receive our newsletter), the data processing takes place on the basis of your consent (Art. 6 para. 1 lit. a GDPR). 
• To fulfil legal obligations to which our company is subject (Art. 6 para. 1 lit. c GDPR). 
• If necessary, we also process your data to safeguard our legitimate interests, in particular to assert legal claims and defend in legal disputes or to ensure IT security, to consult and exchange data with credit agencies to determine creditworthiness and default risks, for direct advertising and market research, unless you have objected to the use of your data for this purpose,  measures for business management and further development of services and products, for measures for product and sales optimisation, for measures for risk management, for the prevention or investigation of criminal offences (Art. 6 para. 1 lit. f GDPR). 

Categories of recipients of personal data

Within our company, only those employees have access to the data who absolutely need it to fulfil their tasks (need-to-know principle). Individual processes and services are carried out by carefully selected service providers commissioned in compliance with data protection regulations, who are based within the EEA. If service providers commissioned by us receive access to personal data in the performance of their services, these order processing contracts have been concluded in accordance with Art. 28 (3) GDPR.

Duration of data storage

The data processed by us will be stored for the duration of the existence and execution of the contractual relationship as well as in compliance with statutory retention periods. These are in particular commercial and tax retention obligations under the German Commercial Code (HGB) and the German Tax Code (AO). The regular retention and documentation periods amount to up to ten years. If there is no contractual relationship, we process the data only as long as the specific purpose requires.

Your rights as

a data subject As a data subject, you have the following rights vis-à-vis us with regard to your personal data:

• Right to information about your personal data processed by us. 
• Right to rectification or erasure if these have been incorrect, not current or unlawfully collected by us. 
• Right to restriction of processing, if complete deletion is not possible, e.g. because we have to comply with statutory retention obligations. 
• Right to object to processing, provided that the data processing is based on a balance of interests (the so-called legitimate interest), as described above under "Purpose of processing". This is the case if, in particular, the processing is not necessary for the performance of a contract with you. When asserting your right to object, we ask you to explain the reasons why we should not process your data as we have done. 

Of course, you can also object to the processing of your personal data for advertising purposes at any time. Please address your objection to our address given in the imprint or send us an e-mail to the address given in the imprint. 

• Right of revocation if you have given us your consent to process your data. You can assert your revocation against our company at any time without giving reasons. To do so, please contact the address given in the imprint. 
• In addition, you have the right to complain to a data protection supervisory authority about the processing of your personal data by our company. 

If you have any questions regarding data protection, please contact us by E-Mail at the address given in the imprint.

Cookies 

Cookies are small text files that are sent by us to the browser of your device during your visit to our website and stored there. As an alternative to the use of cookies, information may also be stored in the local storage of your browser. Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). Other cookies, on the other hand, enable us to carry out various analyses, so that, for example, we are able to recognise the browser you are using when you visit our website again and to transmit various information to us (non-essential cookies). With the help of cookies, we can, among other things, make our website more user-friendly and effective for you, for example by tracking your use of our website and changing your preferred settings (e.g. Regional and language settings). If third parties process information via cookies, they collect the information directly via your browser. Cookies do not cause any damage to your device. They cannot run programs or contain viruses. 
We provide information about the respective services for which we use cookies in the individual processing operations. Detailed information on the cookies used can be found in the cookie settings or in the Consent Manager of this website. 

Consent with Cookiebot 

Our website uses the consent technology of Cookiebot to obtain your consent to the storage of certain cookies on your device or to the use of certain technologies and to document them in compliance with data protection regulations. The provider of this technology is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter referred to as "Cookiebot"). 
When you enter our website, a connection is established to Cookiebot's servers to obtain your consent and other explanations regarding the use of cookies. In order to be able to assign and document your consent or revocation, a cookie is set in your browser. This data is stored until you delete the cookie, ask us to delete the data or the purpose for data processing no longer applies. Statutory retention obligations remain unaffected. 
Cookiebot is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR. 

Order processing

In order to ensure that personal data is processed in accordance with our specifications and in compliance with the GDPR, we have concluded a contract processing agreement (DPA) with the provider. 

Your rights

Under the conditions of the statutory provisions of the General Data Protection Regulation (GDPR), you as a data subject have the following rights: 

• Information pursuant to Article 15 GDPR about the data stored about you in the form of meaningful information on the details of the processing and a copy of your data; 
• Correction pursuant to Article 16 GDPR of incorrect or incomplete data stored by us; 
• Deletion in accordance with Article 17 GDPR of the data stored by us, insofar as the processing is not necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims; 
• Restriction of processing in accordance with Article 18 GDPR, insofar as the accuracy of the data is disputed, the processing is unlawful, we no longer need the data and you reject its deletion because you need it to assert, exercise or defend legal claims or you have objected to the processing pursuant to Article 21 GDPR.
• Data portability pursuant to Art. 20 GDPR, insofar as you have provided us with personal data within the scope of consent pursuant to Art. 6 para. 1 lit. a GDPR or on the basis of a contract pursuant to Art. 6 para. 1 lit. b GDPR and these have been processed by us using automated procedures. You will receive your data in a structured, common and machine-readable format or we will transmit the data directly to another person responsible, as far as this is technically feasible.  
• Objection pursuant to Art. 21 GDPR against the processing of your personal data, insofar as this is based on Art. 6 para. 1 lit. e, f GDPR and there are reasons for this arising from your particular situation or the objection is directed against direct advertising. The right to object does not exist if overriding, compelling legitimate grounds for the processing are proven or the processing is carried out to assert, exercise or defend legal claims. Insofar as the right to object to individual processing operations does not exist, this is stated there. 
• Revocation in accordance with Article 7 (3) GDPR of your consent with effect for the future. 
• Complaint pursuant to Article 77 GDPR to a supervisory authority if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or our company headquarters. 

Data processing in detail 

Below we inform you about the individual processing operations, the scope and purpose of data processing, the legal basis, the obligation to provide your data and the respective storage period. An automated decision in individual cases, including profiling, does not take place. 

Provision of the website

When you access and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file: 

• IP address of the requesting computer 
• Date and time of access 
• Name and URL of the retrieved file 
• Website from which access is made (referrer URL) 
• Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider 

Our website is not hosted by ourselves, but by a service provider who, for the purpose of providing the website, processes the aforementioned data on our behalf pursuant to Art. 28 GDPR. 
The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR). 
We use the following hoster: 
Websmart GmbH & Co. KGFürst-Leopold-Platz 146284 Dorsten 

Contact

Type and scope of processing 

If you send us inquiries (e.g. via contact form, e-mail or telephone), we store all data resulting from this (e.g. name, e-mail address, subject of the request, etc.). We need this data to process your request and to be able to answer follow-up questions. We will not pass on this data without your consent. 

Purpose and legal basis 

The processing of this data takes place on the basis of Art. 6 para. 1 lit. b GDPR, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. Otherwise, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if you have previously given it. 

Speicherdauer 

The data you enter in the contact form will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected. 

Contact form for applicants 

Type and scope of processing 

You have the opportunity to apply to us on our website (e.g. by e-mail, post or via the online application form). 

Purpose and legal basis 

We process the personal data of applicants in accordance with the legal requirements for the purpose of handling the application process and for carrying out pre-contractual measures within the meaning of Art. 6 para. 1 lit. b. DSGVO and § 26 BDSG according to German law (initiation of an employment relationship) and – if you have given your consent – Art. 6 para. 1 lit. a GDPR. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application. 
If the application is successful, the data submitted by you will be processed on the basis of § 26 BDSG and Art. 6 para. 1 lit. b GDPR for the purpose of carrying out the employment relationship in our data processing systems. 

Storage period 

Your data will be stored for a period of 6 months after the end of the application process. As a rule, this is done to fulfil legal obligations or to defend against any claims arising from legal regulations. Subsequently, we are obliged to delete or anonymize your data. In this case, the data is only available to us as so-called metadata without direct personal reference for statistical evaluations (e.g. proportion of women or men in applications, number of applications per period, etc.). 
If it is apparent that the data will be required after expiry of the 6-month period (e.g. due to an imminent or pending legal dispute), deletion will only take place when the purpose for further storage no longer applies. 

Inclusion in the applicant pool 

As part of the application, we offer applicants the opportunity to join our "talent pool" for a period of 12 months on the basis of consent within the meaning of Art. 6 para. 1 lit. a. GDPR. 
The application documents in the talent pool will only be processed in the context of future job advertisements and the search for employees and will be destroyed at the latest after the deadline. Applicants are informed that their consent to inclusion in the talent pool is voluntary, has no influence on the current application process and they can revoke this consent at any time for the future. 
If you receive an offer for employment with us as part of the application process and accept it, we will store the personal data collected during the application process for at least the duration of the employment relationship. 

Prescreen 

The data transmitted as part of your application will be transmitted via TLS encryption and stored in a database. This database is operated by Prescreen International GmbH, Mariahilfer Straße 17, 1060 Vienna, Austria, which offers personnel administration and applicant management software. In this context, Prescreen is our processor according to Art. 28 GDPR. The basis for the processing is a contract for order processing between us as the responsible body and Prescreen. Further information on data processing by Prescreen can be found under https://prescreen.io/de/datenschutzerklaerung/. 

Communication via WhatsApp

For communication with our customers and other third parties, we use, among other things, the instant messaging service WhatsApp Business, WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. 
When you communicate with us via WhatsApp, the chats are end-to-end encrypted. This is to prevent WhatsApp or third parties from gaining access to the contents of the chat. However, WhatsApp has access to metadata that is generated in the course of the communication process (e.g. sender, recipient and time). WhatsApp shares collected personal data with the US-based parent company Meta. Further details on data processing can be found in WhatsApp's privacy policy at: https://www.whatsapp.com/legal/#privacy-policy. 
The use of WhatsApp is based on our legitimate interest in the fastest and most effective communication possible with customers, interested parties and other business and contractual partners (Art. 6 para. 1 lit. f DSGVO). If you have previously given your consent to data processing, the processing of your data will take place solely on the basis of Art. 6 (1) (a) GDPR; the consent can be revoked at any time. 
The communication content exchanged between and on WhatsApp will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected. 
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.whatsapp.com/legal/business-data-transfer-addendum. 
The company is certified according to the "EU-US Data Privacy Framework" (DPF), an agreement between the European Union and the USA, which aims to ensure compliance with European data protection standards for data processing in the USA. Certification according to the DPF obliges companies to comply with these data protection standards. For more information, please visit: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt00000011sfnAAA&status=Active 
We have set our WhatsApp accounts in such a way that it does not automatically synchronize data with the address book on the smartphones in use. 
In order to ensure that personal data is processed in accordance with our specifications and in compliance with the GDPR, we have concluded a contract for order processing (AVV) with the provider. 

Newsletter

We offer you our newsletter on this website. If you would like to subscribe to this, we need your e-mail address and other data that prove that it is your e-mail address and that you agree to receive the newsletter. In addition, no personal data is collected unless you voluntarily provide it (e.g. name, telephone number, place of residence, etc.). 
When processing the data that you provide when registering for the newsletter, we rely exclusively on your consent in accordance with Art. 6 para. 1 lit. a GDPR serves as the legal basis. You can revoke your consent to the processing and storage of your personal data at any time (e.g. via the "unsubscribe" link in the newsletter) for the future. 
We store your personal data, which you have provided for the purpose of receiving the newsletter, until you unsubscribe from the newsletter with us or the shipping service provider. This does not apply to data that we have stored from you for other purposes. 
If you unsubscribe from the newsletter distribution list, your e-mail address will be stored in a blacklist by us or the shipping service provider for an indefinite period of time. This is done to prevent future mailings to you. The data from the blacklist will be used exclusively for this purpose and will not be merged with other data. This is not only in your interest, but also in our legitimate interest according to Art. 6 para. 1 lit. f GDPR, to fulfil our legal obligations when sending newsletters. You can object to the storage if your personal interests outweigh our legitimate interest. 

MailChimp

On this website, we use MailChimp services to send newsletters offered by Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. 
We use MailChimp to send our newsletters and analyze newsletter campaigns. We can determine whether recipients open a newsletter e-mail and whether they click on certain links in the e-mail. For this purpose, an e-mail sent with MailChimp contains a file (a so-called web beacon), which establishes a connection to the MailChimp servers in the USA after opening the mail. Your data that you have provided for the purpose of receiving the newsletter (e.g. Your e-mail address) will therefore also be stored on MailChimp's servers in the USA. Furthermore, MailChimp collects technical data (e.g. time of retrieval, IP address and operating system), which, however, cannot be assigned to a specific newsletter recipient and are used exclusively for statistical evaluation or the analysis of campaigns. We can use this analysis to optimize future newsletter mails for you. If you do not want your data to be evaluated by MailChimp for analysis, you can unsubscribe from our newsletter (via the "unsubscribe" link in the newsletter) at any time. 
The transfer of your personal data to the USA is based on the EU Commission's Standard Contractual Clauses. For more information, see https://mailchimp.com/eu-us-data-transfer-statement/ and https://mailchimp.com/legal/data-processing-addendum/#Annex_C_-_Standard_Contractual_Clauses. 
When processing the data that you provide when registering for the newsletter, we rely exclusively on your consent in accordance with Art. 6 para. 1 lit. a GDPR serves as the legal basis. You can revoke your consent to the processing and storage of your personal data at any time (e.g. via the "unsubscribe" link in the newsletter) for the future. 
We store your personal data, which you have provided for the purpose of receiving the newsletter, until you unsubscribe from the newsletter with us or the shipping service provider. This does not apply to data that we have stored from you for other purposes. 
If you unsubscribe from the newsletter distribution list, your e-mail address will be stored in a blacklist by us or the shipping service provider for an indefinite period of time. This is done to prevent future mailings to you. The data from the blacklist will be used exclusively for this purpose and will not be merged with other data. This is not only in your interest, but also in our legitimate interest according to Art. 6 para. 1 lit. f GDPR, to fulfil our legal obligations when sending newsletters. You can object to the storage if your personal interests outweigh our legitimate interest. 
Further information can be found in MailChimp's privacy policy under https://mailchimp.com/legal/terms/. 

Conclusion of a data processing agreement

In order to ensure that personal data is processed in accordance with our specifications and in compliance with the GDPR, we have concluded a contract processing agreement (DPA) with the provider. 

Presence on social media platforms

Data processing by social networks 

We operate publicly accessible profiles on social networks. The social networks we use in detail can be found below. 
Social networks such as Facebook, Twitter etc. can usually comprehensively analyze your user behavior. Visiting our social media presences triggers the following data protection-relevant processing operations: 
If you are logged into your social media account and visit our profile, the operator of this social medium can track this visit. Irrespective of this, the operator may process your data (e.g. IP address) even if you are not logged into your account or you do not have an account at all. 
The operator summarizes this data in user profiles in which your preferences and interests are stored. These profiles are used to place personalized advertising inside and outside the respective social media presence. If you have an account with the respective social network, the personalized advertising can be displayed on all devices on which you are logged in or were logged in. 
Depending on the platform, further processing operations may be carried out by the operators of the social media portals, we have no influence on this. Details can be found in the terms of use and data protection provisions of the respective social media portals. 

Legal basis

Our social media appearances are intended to ensure the widest possible presence on the Internet within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes carried out by the operators of the social networks may be based on different legal bases, which must be specified by the respective providers. 

Controller and assertion of rights 

If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both against us and vis-à-vis .dem operators of the respective social media portal (e.g. Facebook). 
Despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the portals. Our options are largely based on the corporate policy of the respective provider. 

Storage period

The data collected directly by us via the social media presence will be deleted from our systems as soon as you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Mandatory legal provisions – esp. Retention periods – remain unaffected. 
We have no influence on the storage period of the data collected by the social networks. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below). 

Facebook page

We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The data collected will also be transferred to the USA and other third countries. 
We have concluded a joint processing agreement with Facebook (Controller Addendum), which specifies which data processing operations we or Facebook are responsible for. This agreement can be viewed at the following link: https://www.facebook.com/legal/terms/page_controller_addendum. 

You can adjust your advertising settings independently in your user account. To do so, click on the following link and log in: https://www.facebook.com/settings?tab=ads.

For details, please refer to Facebook's privacy policy (https://www.facebook.com/about/privacy/) and terms and conditions: https://de-de.facebook.com/terms.

LinkedIn page

We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.

If you would like to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

For details on how they handle your personal data, please see LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.

XING page 

We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. Details on how they handle your personal data can be found in XING's privacy policy: https://privacy.xing.com/de/datenschutzerklaerung. 

Video conferencing 

Data processing 

We use online conferencing tools to communicate with our customers. The tools we use in detail are listed below. If you communicate with us via video or audio conference, your personal data will be collected and processed by us and the provider of the respective tool. 
The tools collect the information you provide, including your email address and phone number. They also process the duration of the conference, when you attended the conference, number of participants and other metadata. 
In addition, the provider of the tool processes all technical data necessary for the handling of the conference. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection. 
If you share content in this service, it will be stored on the servers of the providers. This includes cloud recordings, chat messages, voice messages, and photos and videos you have shared while using this service. 
Please note that we do not have full influence on the data processing operations of the tools used. Further information on data processing by the conference tools can be found in the data protection declarations of the respective tools used. 

Purpose and legal basis 

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 para. 1 lit. b GDPR). Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). If you have previously given your consent to data processing, the processing of your data takes place solely on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time. 

Speicherdauer 
The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your device until you delete them. Mandatory statutory retention periods remain unaffected. 
We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

Conferencing tools used 
We use the following conference tools: 
Microsoft Teams 
We use Microsoft Teams. Provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Details on data processing can be found in the privacy statement of Microsoft Teams: https://privacy.microsoft.com/de-de/privacystatement. 

Zoom 
We use Zoom. The provider of this service is Zoom Communications Inc., San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. Details on data processing can be found in Zoom's privacy policy: https://zoom.us/de-de/privacy.html. 
The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://zoom.us/de-de/privacy.html.

Cookiebot CDN

Type and scope of processing 

We use Cookiebot CDN to properly provide the content of our website. Cookiebot CDN is a service of Cybot A/S, which acts as a Content Delivery Network (CDN) on our website to ensure the functionality of other services of Cybot A/S. For said services, you will find a separate section in this Privacy Policy. This section is only about using the CDN. 
A CDN helps to make content of our online offer, especially files such as graphics or scripts, available faster with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark, transmitting your IP address and, if applicable, browser data such as your user agent. These data are processed exclusively for the purposes indicated above and to maintain the security and functionality of Cookiebot CDN. 

Purpose and legal basis

The use of the Content Delivery Network is based on our legitimate interests, i.e. interest in secure and efficient provision as well as the optimization of our online offer in accordance with Art. 6 para. 1 lit. f. GDPR. 

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Cybot A/S. Further information can be found in the privacy policy for Cookiebot CDN: https://www.cookiebot.com/de/privacy-policy/.

Google Tag Manager 

Type and scope of processing 

On this website we use services and functions of Google Tag Manager, which are offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. 
Google Tag Manager is a tool that allows us to use other tools on our website. It does not create user profiles, it does not store cookies and it does not carry out independent analyses. However, your IP address will be collected and, if necessary, transmitted to the USA. Google Tag Manager itself is only used to manage these tools, which are integrated through it. 

Purpose and legal basis 

When using Google Tag Manager on this website, we rely on Art. 6 para. 1 lit. f GDPR serves as a legal basis, as we have a legitimate interest in implementing and directing tracking tools on this website quickly and easily. If you have previously given your consent to data processing on this website by Google Tag Manager, the processing of your data takes place solely on the legal basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time. 

Google reCAPTCHA 

Type and scope of processing 

This website uses Google reCAPTCHA. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. 
With the help of reCAPTCHA, the data entry (e.g. in a contact form) on this website is to be checked. Specifically, whether this is done by a human or by an automated program. Google reCAPTCHA analyzes the behavior of the visitor to the website based on various characteristics. The analysis begins automatically as soon as the visitor accesses the website. The data collected during the analysis, such as the IP address, the length of stay of the website visitor or the mouse movements made, will be forwarded to Google. 
Visitors to the website are not informed that an analysis is taking place, these run completely in the background. 
Google's privacy policy and terms of use can be found at the following links: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de. 
Purpose and legal basis 
The data is stored and analysed on the basis of our legitimate interest in protecting our websites from abusive automated spying and SPAM (Art. 6 para. 1 lit. f GDPR). If a corresponding consent has been requested, the processing of the data takes place exclusively on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR. This can be revoked at any time. 

JSDelivr CDN

Type and scope of processing 

We use JSDelivr CDN to properly provide the content of our website. JSDelivr CDN is a service of Prospect One, which acts as a content delivery network (CDN) on our website. 
A CDN helps to make content of our online offer, especially files such as graphics or scripts, available faster with the help of regionally or internationally distributed servers. When you access this content, you connect to servers of Prospect One, Krolewska 65a, Krakow, Malopolskie 30-081, Poland, whereby your IP address and, if applicable, browser data such as your user agent are transmitted. This data is processed exclusively for the purposes mentioned above and to maintain the security and functionality of JSDelivr CDN. 

Purpose and legal basis

The use of the Content Delivery Network is based on our legitimate interests, i.e. interest in secure and efficient provision as well as the optimization of our online offer in accordance with Art. 6 para. 1 lit. f. GDPR. 

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Prospect One. Further information can be found in the privacy policy for JSDelivr CDN: https://www.jsdelivr.com/privacy-policy-jsdelivr-net.

Mono Sources 

Type and scope of processing 

We use Mono Fonts from Mono Solutions ApS, Amagerfælledvej 106, 2300 Copenhagen, Denmark, as a service to provide fonts for our online offer. To obtain these fonts, connect to Mono Solutions ApS servers, transmitting your IP address. 

Purpose and legal basis 

The use of Mono Fonts is based on your consent in accordance with Art. 6 para. 1 lit. a. DSGVO and § 25 para. 1 TTDSG. 

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Mono Solutions ApS. Further information can be found in the privacy policy for Mono Fonts: https://www.monosolutions.com/. 

Mono website builder 

Type and scope of processing 

Our website was created using the Mono website builder website builder. Mono website builder is a service of Mono Solutions ApS and offers web development technology, web design and layout tools, domain hosting and other applications for marketing and workflow management. 
We use Mono website builder, among other things, for web hosting and the presentation of our website. In addition, Mono website builder collects statistical data about the visit to our website. 
The following data is usually transmitted: retrieved website, date and time of access, amount of data transferred, notification of whether a retrieval was successful, browser type and browser version, operating system of the user, the previously visited website (referrer) and the IP address. 
This log data is processed exclusively for the above-mentioned purposes, as well as to maintain the security, functionality and optimization of the offer of Mono website builder. 

Purpose and legal basis 

The use of the service is based on our legitimate interests, i.e. interest in secure and efficient provision, as well as the optimization of our online offer in accordance with Art. 6 para. 1 lit. f. GDPR. 

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Mono Solutions ApS. Further information can be found in the privacy policy for Mono website builder: https://www.monosolutions.com/. 

OpenStreetMap 

Type and scope of processing 

Diese Website nutzt OpenStreetMap.  Der Anbieter ist die Open-Street-Map Foundation (OSMF), 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom. 
OpenStreetMap is used, among other things. Your IP address and other information about your behaviour on this website will be forwarded to the OSMF. Cookies or similar recognition technologies may be used in your browser. If you have allowed this in your device settings, your location may be recorded. The provider of this website has no influence on this data transfer. 
OpenStreetMap's privacy policy can be found here: https://wiki.osmfoundation.org/wiki/Privacy_Policy. 

Purpose and legal basis 

The use of OpenStreetMap is based on our legitimate interest in an appealing presentation of our online offers and in an easy findability of the places specified by us (Art. 6 para. 1 lit. f GDPR). If a corresponding consent has been requested, the processing of the data takes place exclusively on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR. This can be revoked at any time. 

Salesforce DMP 

Type and scope of processing 

Salesforce DMP is a web hosting service provided by Salesforce, Inc. and offers web development technology, web design and layout tools, domain hosting, and other marketing and workflow management applications. 
Salesforce DMP is used, among other things, for web hosting and the presentation of our website. In addition, Salesforce DMP collects statistical data about visits to our website. 
In this context, the following data may be processed: website accessed, date and time of retrieval, amount of data transferred, notification of whether a retrieval was successful, browser type and version, user's operating system, the previously visited page (referrer URL) and IP address. 
This log data is processed solely for the purposes mentioned above and to maintain security and functionality and optimize Salesforce DMP's offering. 

Purpose and legal basis 

Salesforce DMP is used on the basis of your consent in accordance with Art. 6 para. 1 lit. a. DSGVO and § 25 para. 1 TTDSG. 

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Salesforce, Inc. For more information, see the Salesforce DMP Privacy Statement: https://www.salesforce.com/de/company/privacy/.