What rights do I have?
Under the conditions set out in the legal provisions of the General Data Protection Regulation (GDPR), you, as a data subject, have the following rights:

• Information according to Art. 15 GDPR about the data stored about you in the form of meaningful information on the details of the processing, as well as a copy of your data; please submit a request for information here.

• Correction according to Art. 16 GDPR of inaccurate or incomplete data stored with us;

• Deletion according to Art. 17 GDPR of the data stored with us, provided that processing is not necessary for the exercise of the right to freedom of expression and information, to fulfill a legal obligation, for public interest reasons, or for the assertion, exercise, or defense of legal claims;

• Restriction of processing according to Art. 18 GDPR, provided that the accuracy of the data is contested, the processing is unlawful, we no longer need the data, and you refuse their deletion because you need it for the assertion, exercise, or defense of legal claims, or you have lodged a complaint against the processing according to Art. 21 GDPR.

• Data portability according to Art. 20 GDPR, provided that you have provided us with personal data based on consent according to Art. 6 para. 1 lit. a GDPR or based on a contract according to Art. 6 para. 1 lit. b GDPR, and that these have been processed by us using automated methods. You will receive your data in a structured, common, and machine-readable format, or we will transfer the data directly to another controller, as far as this is technically feasible.

• Objection according to Art. 21 GDPR against the processing of your personal data, provided that this is based on Art. 6 para. 1 lit. e, f GDPR and there are reasons arising from your particular situation or the objection is directed against direct marketing. The right to object does not exist if there are overriding, compelling legitimate reasons for the processing or if the processing is for the assertion, exercise, or defense of legal claims. Where the right to object does not exist for individual processing operations, this is indicated.

• Revocation according to Art. 7 para. 3 GDPR of your granted consent with effect for the future.

• Complaint according to Art. 77 GDPR with a supervisory authority if you believe that the processing of your personal data violates the GDPR. In general, you can contact the supervisory authority of your usual place of residence, your workplace, or our company headquarters.

How are my data processed in detail?
Below we inform you about the individual processing operations, the scope and purpose of data processing, the legal basis, the obligation to provide your data, and the respective retention period. An automated decision in an individual case, including profiling does not take place.

Provision of the website

Type and scope of processing
When accessing and using our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:

• IP address of the requesting computer

• Date and time of access

• Name and URL of the retrieved file

• Website from which access occurs (referrer URL)

• Browser used and possibly the operating system of your computer, as well as the name of your access provider

[Our website is not hosted by ourselves, but by a service provider who processes the aforementioned data on our behalf according to Art. 28 GDPR.]

Purpose and legal basis
The processing is carried out to safeguard our overriding legitimate interest in displaying our website and ensuring security and stability based on Art. 6 para. 1 lit. f GDPR. The collection of data and storage in log files is essential for the operation of the website. A right to object to the processing does not exist due to the exception under Art. 21 para. 1 GDPR. If the further storage of log files is required by law, processing is based on Art. 6 para. 1 lit. c GDPR. There is no legal or contractual obligation to provide the data; however, accessing our website is not technically possible without providing the data.

Retention period
The aforementioned data is stored for the duration of the display of the website [as well as for technical reasons beyond that for a maximum of [7 days]].

Contact form

Type and scope of processing
On our website, we offer you the option to contact us via a provided form. The information collected through required fields is necessary to process the request. In addition, you can voluntarily provide additional information that you consider necessary for processing the contact request. When using the contact form, your personal data is not passed on to third parties.

Purpose and legal basis
The processing of your data through the use of our contact form is for the purpose of communication and processing your request based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. If your request relates to an existing contractual relationship with us, processing is for the purpose of contract fulfillment based on Art. 6 para. 1 lit. b GDPR. There is no legal or contractual obligation to provide your data; however, processing your request without providing the required field information is not possible. If you do not wish to provide this data, please contact us by other means.

Retention period
If you use the contact form based on your consent, we will store the collected data of each request for a period of three years, starting from the completion of your request or until you revoke your consent. [If you use the contact form in the context of a contractual relationship, we will store the collected data of each request for a period of [three years] from the end of the contractual relationship.] 

KYC Identity verification for vendors

Type and scope of processing
We collect and process your personal data exclusively for the purpose of identity verification, risk assessment, and fulfilling our legal obligations in the context of anti-money laundering. Your data is used to create an appropriate customer profile and identify potential risks associated with money laundering and terrorist financing. 

Purpose and legal basis:
We collect and process your personal data exclusively for the purpose of identity verification, risk assessment, and fulfilling our legal obligations in the context of anti-money laundering. Your data is used to create an appropriate customer profile and identify potential risks associated with money laundering and terrorist financing. The legal basis for processing your personal data is derived from Article 6 paragraph 1 lit. c GDPR (fulfillment of a legal obligation) and Article 6 paragraph 1 lit. f GDPR (legitimate interest). Our legitimate interest is the fulfillment of our legal obligations to prevent money laundering and terrorist financing. We collect and process master data, identification data, financial data, and communication data. This data is used exclusively for identity verification, risk assessment, and fulfilling our legal obligations. Your data is forwarded within our company to the departments responsible for fulfilling the legal obligations. 

Retention period:
Your personal data will be stored for the duration of the business relationship and beyond, as long as it is necessary to fulfill our legal obligations. The retention period is determined by the statutory retention periods. 

Newsletter

Type and scope of processing
If you sign up for our newsletter on our website, we collect your email address [as well as your name…] and store this information along with the date of registration and your IP address. Subsequently, you will receive an email in which you must confirm your newsletter subscription (double opt-in). If you do not confirm the subscription within [XX hours], it will automatically expire, and the data will not be processed for newsletter distribution. [The newsletter is sent directly by us. Your data is not passed on to third parties or processors within the meaning of Art. 28 GDPR.] [For sending the newsletter, we use a service from [provider], who processes your personal data on our behalf according to Art. 28 GDPR. Your data is not passed on to third parties.]

Purpose and legal basis
We process your data for the purpose of sending the newsletter based on your consent according to Art. 6 para. 1 lit. a GDPR. By unsubscribing from the newsletter, you can declare your revocation of consent according to Art. 7 para. 3 GDPR at any time with effect for the future. There is no legal or contractual obligation to provide your data; however, sending the newsletter is not possible without providing your data.

Retention period
After signing up for the newsletter, we store the data for a maximum of [XX hours] until the confirmation of the registration. After successful confirmation, we store your data until you revoke your consent (unsubscribe from the newsletter) [as well as for technical reasons beyond that for a maximum of [7 days].]

AWS CloudFront

Type and scope of processing
We use AWS CloudFront to properly provide the content of our website. AWS CloudFront is a service of Amazon Web Services, Inc., which functions as a content delivery network (CDN) on our website. A CDN helps to provide content from our online offering, especially files like graphics or scripts, faster through regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Amazon Web Services, Inc., where your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the aforementioned purposes and to maintain the security and functionality of AWS CloudFront.

Purpose and legal basis
The use of the content delivery network is based on our legitimate interests, i.e., interest in secure and efficient provision as well as optimization of our online offering in accordance with Art. 6 para. 1 lit. f. GDPR.

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Amazon Web Services, Inc. For further information, please refer to the privacy policy for AWS CloudFront: https://aws.amazon.com/de/privacy/.

ActiveCampaign

Type and scope of processing
We have integrated components of the ActiveCampaign service on our website. ActiveCampaign is a service of ActiveCampaign, LLC that offers marketing automation for companies. ActiveCampaign is used to store, transfer data entered in forms via cookies, to send marketing emails and automated messages, and to create targeted campaigns. Additionally, ActiveCampaign gives us the ability to analyze whether the sent emails have been opened, how many users have received an email, and whether users have unsubscribed from the newsletter after receiving an email. Your data is passed on to the operator of ActiveCampaign, ActiveCampaign, LLC, 1 North Dearborn Street, 5th floor Chicago, IL 60602, USA.

Purpose and legal basis
The use of ActiveCampaign is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 Abs. 1 TDDDG.

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by ActiveCampaign, LLC. Further information can be found in the privacy policy for ActiveCampaign: https://www.activecampaign.com/legal/privacy-policy.

Bing Ads

Type and scope of processing
We have integrated Bing Ads on our website. Bing Ads is a service of Microsoft Corporation that displays targeted advertising to users. Bing Ads uses cookies and other browser technologies to evaluate user behavior and to recognize users. Bing Ads collects information about the visitor behavior on various websites. This information is used to optimize the relevance of the advertising. Furthermore, Bing Ads delivers targeted advertising based on behavioral profiles and geographical location. Your IP address and other identifying features such as your user agent are transmitted to the provider. The data is passed on to the operator of Bing Ads, Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399, United States.

Purpose and legal basis
The use of Bing Ads is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 Abs. 1 TDDDG.

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Microsoft Corporation. Further information can be found in the privacy policy for Bing Ads: https://privacy.microsoft.com/de-de/privacystatement.

Bing Pixel

Type and scope of processing
We use Bing Pixel from Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399, United States, to create so-called custom audiences, i.e., to segment visitor groups of our online offering, determine conversion rates, and subsequently optimize them. This happens particularly when you interact with advertisements that we have placed with Microsoft Corporation.

Purpose and legal basis
The use of Bing Pixel is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 Abs. 1 TDDDG.

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Microsoft Corporation. Further information can be found in the privacy policy for Bing Pixel: https://privacy.microsoft.com/en-us/privacystatement.

CDNJS

Type and scope of processing
We use CDNJS to properly provide the content of our website. CDNJS is a service of Cloudflare, Inc., which functions as a content delivery network (CDN) on our website. A CDN helps to provide content from our online offering, especially files like graphics or scripts, faster through regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Cloudflare, Inc., where your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the aforementioned purposes and to maintain the security and functionality of CDNJS.

Purpose and legal basis
The use of the content delivery network is based on our legitimate interests, i.e., interest in secure and efficient provision as well as optimization of our online offering in accordance with Art. 6 para. 1 lit. f. GDPR.

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Cloudflare, Inc. Further information can be found in the privacy policy for CDNJS: https://www.cloudflare.com/privacypolicy/.

Clarity

Type and scope of processing
We have integrated Clarity on our website. Clarity is a service of Microsoft Corporation that provides optimization tools, which analyze the behavior and feedback of users of our website through analysis and feedback tools. Clarity uses cookies and other browser technologies to evaluate user behavior and recognize users. This information is used, among other things, to compile reports on website activity and statistically analyze visitor data. In addition, Clarity records clicks, mouse movements, and scroll heights to create so-called heatmaps and session replays. Your data is passed on to the operator of Clarity, Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399, United States.

Purpose and legal basis
The use of Clarity is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 Abs. 1 TDDDG.

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Microsoft Corporation. Further information can be found in the privacy policy for Clarity: https://privacy.microsoft.com/en-us/privacystatement.

Cookiebot

Type and scope of processing
We have integrated Cookiebot on our website. Cookiebot is a consent solution from Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark, which allows you to obtain and document consent for the storage of cookies. Cookiebot uses cookies or other web technologies to recognize users and store the granted or revoked consent.

Purpose and legal basis
The use of the service is based on the legally required consent for the use of cookies according to Art. 6 para. 1 lit. c. GDPR.

Retention period

The concrete retention period of the processed data is not influenced by us but is determined by Cybot A/S. Further information can be found in the privacy policy for Cookiebot: https://www.cookiebot.com/de/privacy-policy/.

Cookiebot CDN

Type and scope of processing
We use Cookiebot CDN to properly provide the content of our website. Cookiebot CDN is a service of Cybot A/S, which functions as a content delivery network (CDN) on our website, to ensure the functionality of other services of Cybot A/S. For the mentioned services, you will find a separate section in this privacy policy. This section only concerns the use of the CDN. A CDN helps to provide content from our online offering, especially files like graphics or scripts, faster through regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark, where your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the aforementioned purposes and to maintain the security and functionality of Cookiebot CDN.

Purpose and legal basis
The use of the content delivery network is based on our legitimate interests, i.e., interest in secure and efficient provision as well as optimization of our online offering in accordance with Art. 6 para. 1 lit. f. GDPR.

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Cybot A/S. Further information can be found in the privacy policy for Cookiebot CDN: https://www.cookiebot.com/de/privacy-policy/.

Facebook Pixel

Type and scope of processing
We use Facebook Pixel from Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, to create so-called custom audiences, i.e., to segment visitor groups of our online offering, determine conversion rates, and subsequently optimize them. This happens particularly when you interact with advertisements that we have placed with Meta Platforms Ireland Limited.

Purpose and legal basis
The use of Facebook Pixel is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 Abs. 1 TDDDG. We intend to transfer personal data to third countries outside the European Economic Area, especially the USA. In cases where no adequacy decision by the European Commission exists (e.g. in the USA), we have established other appropriate guarantees with the recipients of the data in accordance with Articles 44 et seq. GDPR. These are, unless otherwise specified, standard contractual clauses of the EU Commission in accordance with the implementing decision (EU) 2021/914 of June 4, 2021. You can view a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE. Furthermore, before such a transfer to a third country, we obtain your consent under Art. 49 para. 1 sentence 1 lit. a. GDPR, which you grant through the consent manager (or other forms, registrations, etc.). We would like to point out that there may be unknown risks with respect to transfers to third countries (e.g., data processing by the security authorities of the third country, the exact scope and consequences for you are unknown to us, we have no control over them, and you may be unaware of them).

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Meta Platforms Ireland Limited. Further information can be found in the privacy policy for Facebook Pixel: https://www.facebook.com/privacy/explanation.

Google Ads

Type and scope of processing
We have integrated Google Ads on our website. Google Ads is a service of Google Ireland Limited that displays targeted advertising to users. Google Ads uses cookies and other browser technologies to evaluate user behavior and recognize users. Google Ads collects information about visitor behavior on various websites. This information is used to optimize the relevance of the advertising. Furthermore, Google Ads delivers targeted advertising based on behavioral profiles and geographical location. Your IP address and other identifying features such as your user agent are transmitted to the provider. If you are registered with a Google Ireland Limited service, Google Ads may associate the visit with your account. Even if you are not registered with Google Ireland Limited or logged in, it is possible that the provider determines and stores your IP address and other identifying features. The data is passed on to the operator of Google Ads, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Purpose and legal basis
The use of Google Ads is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 Abs. 1 TDDDG. We intend to transfer personal data to third countries outside the European Economic Area, especially the USA. In cases where no adequacy decision by the European Commission exists (e.g., in the USA), we have established other appropriate guarantees with the recipients of the data in accordance with Articles 44 et seq. GDPR. These are, unless otherwise specified, standard contractual clauses of the EU Commission in accordance with the implementing decision (EU) 2021/914 of June 4, 2021. You can view a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE. Furthermore, before such a transfer to a third country, we obtain your consent under Art. 49 para. 1 sentence 1 lit. a. GDPR, which you grant through the consent manager (or other forms, registrations, etc.). We would like to point out that there may be unknown risks with respect to transfers to third countries (e.g., data processing by the security authorities of the third country, the exact scope and consequences for you are unknown to us, we have no control over them, and you may be unaware of them).

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Ads: https://policies.google.com/privacy.

Google Analytics

Type and scope of processing
We use Google Analytics from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as an analysis service for the statistical evaluation of our online offering. This includes, for example, the number of views of our online offering, visited subpages, and the duration of stay of visitors. Google Analytics uses cookies and other browser technologies to evaluate user behavior and recognize users. This information is used, among other things, to compile reports on website activity.

Purpose and legal basis
The use of Google Analytics is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 Abs. 1 TDDDG. We intend to transfer personal data to third countries outside the European Economic Area, especially the USA. In cases where no adequacy decision by the European Commission exists (e.g., in the USA), we have established other appropriate guarantees with the recipients of the data in accordance with Articles 44 et seq. GDPR. These are, unless otherwise specified, standard contractual clauses of the EU Commission in accordance with the implementing decision (EU) 2021/914 of June 4, 2021. You can view a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE. Furthermore, before such a transfer to a third country, we obtain your consent under Art. 49 para. 1 sentence 1 lit. a. GDPR, which you grant through the consent manager (or other forms, registrations, etc.). We would like to point out that there may be unknown risks with respect to transfers to third countries (e.g., data processing by the security authorities of the third country, the exact scope and consequences for you are unknown to us, we have no control over them, and you may be unaware of them).

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Analytics: https://policies.google.com/privacy.

Google CDN

Type and scope of processing
We use Google CDN to properly provide the content of our website. Google CDN is a service of Google Ireland Limited, which functions as a content delivery network (CDN) on our website. A CDN helps to provide content from our online offering, especially files like graphics or scripts, faster through regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, where your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the aforementioned purposes and to maintain the security and functionality of Google CDN.

Purpose and legal basis
The use of the content delivery network is based on our legitimate interests, i.e., interest in secure and efficient provision as well as optimization of our online offering in accordance with Art. 6 para. 1 lit. f. GDPR.

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google CDN: https://policies.google.com/privacy.

Google DoubleClick

Type and scope of processing
We have integrated components of DoubleClick by Google on our website. DoubleClick is a brand of Google, under which specific online marketing solutions are primarily marketed to advertising agencies and publishers. DoubleClick by Google transmits data to the DoubleClick server with each impression as well as with clicks or other activities. Each of these data transmissions triggers a cookie request to the browser of the affected person. If the browser accepts this request, DoubleClick sets a cookie in your browser. DoubleClick uses a cookie ID, which is necessary for processing the technical procedure. The cookie ID is needed, for example, to display an advertisement in a browser. DoubleClick can also use the cookie ID to determine which ads have already been displayed in a browser to avoid duplicate displays. Furthermore, it is possible for DoubleClick to capture conversions through the cookie ID. Conversions are recorded, for example, when a DoubleClick advertisement was displayed to a user before and the user subsequently completes a purchase on the website of the advertiser using the same internet browser. A cookie from DoubleClick does not contain personal data but may contain additional campaign identifiers. A campaign identifier serves to identify the campaigns you have already contacted on other websites. In this context, Google becomes aware of data that also helps Google to create commission settlements. Among other things, Google can determine that you clicked on certain links on our website. The data is passed on to the operator of DoubleClick, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Further information and applicable privacy regulations of DoubleClick by Google can be retrieved at https://policies.google.com/privacy.

Purpose and legal basis
We process your data using the DoubleClick cookie for the purpose of optimizing and displaying advertising based on your consent according to Art. 6 para. 1 lit. a GDPR and § 25 Abs. 1 TDDDG. You grant your consent through the cookie settings (cookie banner / consent manager), with which you can also revoke your consent at any time with effect for the future according to Art. 7 Abs. 3 GDPR. The cookie is used, among other things, to display user-relevant advertising and create reports on advertising campaigns or improve them. Furthermore, the cookie serves to avoid multiple displays of the same advertisement. With each call to one of the individual pages of our website on which a DoubleClick component is integrated, your browser is automatically prompted by the respective DoubleClick component to transmit data for the purpose of online advertising and commission settlement to Google. There is no legal or contractual obligation to provide your data. If you do not give us your consent, a visit to our website is possible without any restrictions, but some functions may not be fully available. We intend to transfer personal data to third countries outside the European Economic Area, especially the USA. In cases where no adequacy decision by the European Commission exists (e.g. in the USA), we have established other appropriate guarantees with the recipients of the data in accordance with Articles 44 et seq. GDPR. These are, unless otherwise specified, standard contractual clauses of the EU Commission in accordance with the implementing decision (EU) 2021/914 of June 4, 2021. You can view a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE. Furthermore, we will obtain your consent prior to such a transfer to a third country under Art. 49 para. 1 sentence 1 lit. a. GDPR, which you grant through the consent manager (or other forms, registrations, etc.). We would like to point out that there may be unknown risks associated with third-country transfers (e.g. data processing by security authorities of the third country, the exact scope and consequences for you are unknown to us, we have no control over them, and you may not be aware of them).

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google DoubleClick: https://policies.google.com/privacy.

Google Fonts

Type and scope of processing
We use Google Fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as a service for providing fonts for our online offering. To obtain these fonts, you establish a connection to servers of Google Ireland Limited, during which your IP address is transmitted.

Purpose and legal basis
The use of Google Fonts is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 Abs. 1 TDDDG. We intend to transfer personal data to third countries outside the European Economic Area, especially the USA. In cases where no adequacy decision by the European Commission exists (e.g., in the USA), we have established other appropriate guarantees with the recipients of the data in accordance with Articles 44 et seq. GDPR. These are, unless otherwise specified, standard contractual clauses of the EU Commission in accordance with the implementing decision (EU) 2021/914 of June 4, 2021. You can view a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE. Furthermore, before such a transfer to a third country, we obtain your consent under Art. 49 para. 1 sentence 1 lit. a. GDPR, which you grant through the consent manager (or other forms, registrations, etc.). We would like to point out that there may be unknown risks with respect to transfers to third countries (e.g., data processing by the security authorities of the third country, the exact scope and consequences for you are unknown to us, we have no control over them, and you may be unaware of them).

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Fonts: https://policies.google.com/privacy.

Google Tag Manager

Type and scope of processing
We use the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags through an interface and allows us to control the precise integration of services on our website. This enables us to flexibly integrate additional services to evaluate user access to our website.

Purpose and legal basis
The use of Google Tag Manager is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 Abs. 1 TDDDG.

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Tag Manager: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/.

Google reCAPTCHA

Type and scope of processing
We have integrated components of Google reCAPTCHA on our website. Google reCAPTCHA is a service of Google Ireland Limited and allows us to distinguish whether a contact request originates from a natural person or is automated using a program. When you access this content, you establish a connection to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, during which your IP address and possibly browser data such as your user agent are transmitted. Additionally, Google reCAPTCHA records the duration of stay and mouse movements of the user to distinguish automated requests from human ones. This data is processed exclusively for the aforementioned purposes and to maintain the security and functionality of Google reCAPTCHA.

Purpose and legal basis
The use of Google reCAPTCHA is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 Abs. 1 TDDDG. We intend to transfer personal data to third countries outside the European Economic Area, especially the USA. In cases where no adequacy decision by the European Commission exists (e.g., in the USA), we have established other appropriate guarantees with the recipients of the data in accordance with Articles 44 et seq. GDPR. These are, unless otherwise specified, standard contractual clauses of the EU Commission in accordance with the implementing decision (EU) 2021/914 of June 4, 2021. You can view a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE. Furthermore, before such a transfer to a third country, we obtain your consent under Art. 49 para. 1 sentence 1 lit. a. GDPR, which you grant through the consent manager (or other forms, registrations, etc.). We would like to point out that there may be unknown risks with respect to transfers to third countries (e.g. data processing by the security authorities of the third country, the exact scope and consequences for you are unknown to us, we have no control over them, and you may be unaware of them).

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google reCAPTCHA: https://policies.google.com/privacy?hl=en-US.

Hotjar Behavior Analytics

Type and scope of processing
We have integrated Hotjar Behavior Analytics on our website. Hotjar Behavior Analytics is a service of Hotjar Ltd. and offers optimization tools that analyze the behavior and feedback of users of our website through analysis and feedback tools. Hotjar Behavior Analytics uses cookies and other browser technologies to evaluate user behavior and recognize users. This information is used, among other things, to compile reports on website activity and statistically analyze visitor data. In addition, Hotjar Behavior Analytics records clicks, mouse movements, and scroll heights to create so-called heatmaps and session replays. Your data is passed on to the operator of Hotjar Behavior Analytics, Hotjar Ltd., Hotjar Ltd, Level 2, St Julians Business Centre 3 Elia Zammit Street St Julians STJ 3155 Malta.

Purpose and legal basis
The use of Hotjar Behavior Analytics is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 Abs. 1 TDDDG.

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Hotjar Ltd. Further information can be found in the privacy policy for Hotjar Behavior Analytics: https://www.hotjar.com/privacy/.

Hotjar CDN

Type and scope of processing
We use Hotjar CDN to properly provide the content of our website. Hotjar CDN is a service of Hotjar Ltd., which functions as a content delivery network (CDN) on our website to ensure the functionality of other services of Hotjar Ltd. For the mentioned services, you will find a separate section in this privacy policy. This section only concerns the use of the CDN. A CDN helps to provide content from our online offering, especially files like graphics or scripts, faster through regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Hotjar Ltd., Hotjar Ltd, Level 2, St Julians Business Centre 3 Elia Zammit Street St Julians STJ 3155 Malta, where your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the aforementioned purposes and to maintain the security and functionality of Hotjar CDN.

Purpose and legal basis
The use of the content delivery network is based on our legitimate interests, i.e., interest in secure and efficient provision as well as optimization of our online offering in accordance with Art. 6 para. 1 lit. f. GDPR.

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Hotjar Ltd. Further information can be found in the privacy policy for Hotjar CDN: https://www.hotjar.com/privacy/.

Intercom API

Type and scope of processing
We have integrated components of the customer communication platform Intercom API on our website. Intercom API is a service of Intercom, Inc. and allows us to communicate via chat with visitors to our website and provide targeted assistance for inquiries. Intercom API uses cookies and other browser technologies to evaluate user behavior and recognize users. Additionally, Intercom API is used to store and transmit data entered in chats via cookies, along with your IP address. Your data is passed on to the operator of Intercom API, Intercom, Inc.

Purpose and legal basis
The use of Intercom API is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 Abs. 1 TDDDG.

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Intercom, Inc. Further information can be found in the privacy policy for Intercom API: https://www.intercom.com/terms-and-policies#privacy.

Intercom CDN

Type and scope of processing
We use Intercom CDN to properly provide the content of our website. Intercom CDN is a service of Intercom, Inc., which functions as a content delivery network (CDN) on our website to ensure the functionality of other services of Intercom, Inc. For the mentioned services, you will find a separate section in this privacy policy. This section only concerns the use of the CDN. A CDN helps to provide content from our online offering, especially files like graphics or scripts, faster through regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Intercom, Inc., where your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the aforementioned purposes and to maintain the security and functionality of Intercom CDN.

Purpose and legal basis
The use of the content delivery network is based on our legitimate interests, i.e., interest in secure and efficient provision as well as optimization of our online offering in accordance with Art. 6 para. 1 lit. f. GDPR.

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Intercom, Inc. Further information can be found in the privacy policy for Intercom CDN: https://www.intercom.com/legal/privacy.

Intercom Widget

Type and scope of processing
We have integrated components of the customer communication platform Intercom Widget on our website. Intercom Widget is a service of Intercom, Inc. and allows us to communicate via chat with visitors to our website and provide targeted assistance for inquiries. Intercom Widget uses cookies and other browser technologies to evaluate user behavior and recognize users. Additionally, Intercom Widget is used to store and transmit data entered in chats via cookies, along with your IP address. Your data is passed on to the operator of Intercom Widget, Intercom, Inc.

Purpose and legal basis
The use of Intercom Widget is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 Abs. 1 TDDDG.

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by Intercom, Inc. Further information can be found in the privacy policy for Intercom Widget: https://www.intercom.com/terms-and-policies#privacy.

LinkedIn Ads

Type and scope of processing
We have integrated LinkedIn Ads on our website. LinkedIn Ads is a service of LinkedIn Corporation that displays targeted advertising to users. LinkedIn Ads uses cookies and other browser technologies to evaluate user behavior and recognize users. LinkedIn Ads collects information about visitor behavior on various websites. This information is used to optimize the relevance of the advertising. Furthermore, LinkedIn Ads delivers targeted advertising based on behavioral profiles and geographical location. Your IP address and other identifying features such as your user agent are transmitted to the provider. The data is passed on to the operator of LinkedIn Ads, LinkedIn Corporation, Sunnyvale, California, US. Web tracking technologies are used to create pseudonymized user profiles. These profiles cannot be merged with you as a natural person but are used, for example, for segmentation when displaying advertisements.

Purpose and legal basis
The use of LinkedIn Ads is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 Abs. 1 TDDDG.

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by LinkedIn Corporation. Further information can be found in the privacy policy for LinkedIn Ads: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.

LinkedIn Insight-Tag

Type and scope of processing
We use LinkedIn Insight-Tag from LinkedIn Corporation, Sunnyvale, California, US, to create target groups, segment visitor groups of our online offering, determine conversion rates, and subsequently optimize them. This happens particularly when you interact with advertisements that we have placed with LinkedIn Corporation. LinkedIn Corporation offers retargeting for website visitors to display targeted advertising outside our website. LinkedIn Insight-Tag captures data on visits to our website, including URL, referrer URL, IP address, device and browser properties (user agent), as well as timestamps. This data is used to present anonymized reports on website audience and ad performance.

Purpose and legal basis
The use of LinkedIn Insight-Tag is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 Abs. 1 TDDDG.

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by LinkedIn Corporation. Further information can be found in the privacy policy for LinkedIn Insight-Tag: https://www.linkedin.com/legal/privacy-policy.

TikTok Pixel

Type and scope of processing
We use the TikTok Pixel from TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland, to create so-called custom audiences, i.e., to segment visitor groups of our online offering, determine conversion rates, and subsequently optimize them. This happens particularly when you interact with advertisements that we have placed with TikTok Technology Limited.

Purpose and legal basis
The use of the TikTok Pixel is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 Abs. 1 TDDDG.

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by TikTok Technology Limited. Further information can be found in the privacy policy for TikTok Pixel: https://www.tiktok.com/legal/privacy-policy. 

YouTube Video

Type and scope of processing
We have integrated YouTube Video on our website. YouTube Video is a component of the video platform of YouTube, LLC, where users can upload content, share over the internet, and receive detailed statistics. YouTube Video allows us to integrate content from the platform into our website. YouTube Video uses cookies and other browser technologies to evaluate user behavior, recognize users, and create user profiles. This information is used, among other things, to analyze the activity of the retrieved content and create reports. If a user is registered with YouTube, LLC, YouTube Video can associate the played videos with the profile. When you access this content, you establish a connection to servers of YouTube, LLC, Google Ireland Limited, Gordon House, Barrow Street Dublin 4 Ireland, during which your IP address and possibly browser data such as your user agent are transmitted.

Purpose and legal basis

The use of the service is based on your consent according to Art. 6 para. 1 lit. a. GDPR and § 25 Abs. 1 TDDDG. We intend to transfer personal data to third countries outside the European Economic Area, especially the USA. In cases where no adequacy decision by the European Commission exists (e.g., in the USA), we have established other appropriate guarantees with the recipients of the data in accordance with Articles 44 et seq. GDPR. These are, unless otherwise specified, standard contractual clauses of the EU Commission in accordance with the implementing decision (EU) 2021/914 of June 4, 2021. You can view a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE. Furthermore, before such a transfer to a third country, we obtain your consent under Art. 49 para. 1 sentence 1 lit. a. GDPR, which you grant through the consent manager (or other forms, registrations, etc.). We would like to point out that there may be unknown risks associated with third-country transfers (e.g., data processing by security authorities of the third country, the exact scope and consequences for you are unknown to us, we have no control over them, and you may not be aware of them).

Retention period
The concrete retention period of the processed data is not influenced by us but is determined by YouTube, LLC. Further information can be found in the privacy policy for YouTube Video: https://policies.google.com/privacy.