General Information
You can use our website without providing any personal information; registration is not required to access our offers. This privacy statement informs you about the nature, scope, and purpose of the processing of personal data (referred to as "data") within our online services and the associated websites, functions, and content, as well as external online platforms, such as our social media profiles (collectively referred to as "the online offer"). For definitions of terms like "Processing" or "Data Controller," please refer to Article 4 of the General Data Protection Regulation (GDPR).
Personal Data
Generally, we collect and use personal data from our users only to the extent necessary to provide a functional website along with our content and services. The collection and use of personal data from our users typically occur with the user's consent. An exception is made in cases where, for legitimate reasons, obtaining prior consent is not feasible and data processing is permitted by law.
Types of Data Processed
– Content data (e.g., text entries, photographs, videos).
– Usage data (e.g., websites visited, content interests, access times).
– Metadata/communication data (e.g., device information, IP addresses).
Processing of Special Categories of Data (Article 9, Paragraph 1 GDPR)
No special categories of data are processed.
Categories of Individuals Affected by Processing
– Customers, interested parties, visitors and users of the online offer, business partners (collectively referred to as "users").
Purpose of Processing
– Provision of the online offer, its content, and functionalities.
– Delivery of contractual services, customer service, and support.
– Responding to inquiries and communicating with users.
– Marketing, advertising, and market research.
– Security measures.
Effective from: February 11, 2020
Legal Basis
In accordance with Article 13 of the GDPR, we inform you about the legal basis for our data processing. • The legal basis for obtaining consent is Article 6(1)(a) and Article 7 of the GDPR.
• The legal basis for processing to fulfill our services and perform contractual obligations, as well as to respond to inquiries, is Article 6(1)(b) GDPR.
• The legal basis for processing to comply with our legal obligations is Article 6(1)(c) GDPR.
• The legal basis for processing necessary to protect our or third parties' legitimate interests, where those interests do not override the fundamental rights and freedoms of the data subject, is Article 6(1)(f) GDPR.
• If processing personal data is required to protect the vital interests of the data subject or another natural person, the legal basis is Article 6(1)(d) GDPR.
Changes and Updates to the Privacy Policy
Please regularly review our privacy statement to stay informed about its content. We will update the privacy statement as soon as changes in our data processing necessitate such updates.
Security Measures
In accordance with Article 32 of the GDPR, we consider the current technical standards, implementation costs, the nature, scope, context, and purposes of processing, as well as the varying likelihood and severity of risks to the rights and freedoms of individuals. We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including securing the confidentiality, integrity, and availability of data, controlling physical access to data, as well as access, input, transfer, securing availability, and separation of data. Additionally, we establish procedures to ensure the exercise of data subjects' rights, data deletion, and response to data threats. We also integrate data protection into the development or selection of hardware, software, and processes following the principles of data protection by design and by default (Article 25 GDPR).
Our security measures include, in particular, encrypted data transmission between your browser and our server.
Collaboration with Processors and Third Parties
If, as part of our processing activities, we disclose data to other individuals or companies (processors or third parties), transfer data to them, or otherwise grant them access to the data, this will only occur on the basis of legal authorization (e.g., data transfer to third parties like payment service providers is necessary for the performance of the contract according to Article 6(1) GDPR), user consent, legal obligations, or based on our legitimate interests (e.g., using agents, web hosts, etc.). If we permit third parties to process data under a "data processing agreement," this will be in accordance with Article 28 GDPR.
Transfers to Third Countries
If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or as part of the use of third-party services or disclosure or transfer, this will only occur if it is necessary to fulfill our (pre-)contractual obligations, based on your consent, a legal obligation, or our legitimate interests. Subject to legal or contractual permissions, we only process or have data processed in a third country if the specific requirements of Articles 44 et seq. GDPR are met. This means, for example, that processing is based on adequate safeguards, such as the officially recognized determination of an adequate level of data protection by the EU (e.g., via "Privacy Shield" for the USA) or compliance with officially recognized standard contractual clauses.
Rights of Data Subjects
• You have the right to request confirmation as to whether your personal data is being processed and to request access to that data, as well as additional information and a copy of the data pursuant to Article 15 GDPR.
• According to Article 16 GDPR, you have the right to request the completion of data concerning you or the correction of inaccurate data.
• Under Article 17 GDPR, you have the right to request the immediate deletion of your data or, alternatively, pursuant to Article 18 GDPR, to request a restriction of the processing of your data.
• You have the right to request that your data be transmitted to you or to another data controller in accordance with Article 20 GDPR.
• You also have the right to file a complaint with the relevant supervisory authority in accordance with Article 77 GDPR.
Right of Withdrawal
You have the right to withdraw your consent in accordance with Article 7(3) GDPR, with effect for future processing.
Right to Object
You may object to the future processing of your data at any time in accordance with Article 21 GDPR. In particular, you can object to processing for direct advertising purposes.
Cookies and the Right to Object to Direct Advertising
We use temporary and permanent cookies, which are small files stored on users' devices (for an explanation of the concept and function, see the last section of this privacy statement). Some cookies serve security purposes or are necessary for operating our online offer (e.g., to display the website) or to save the user's choice when accepting the cookie banner. Additionally, we or our technology partners use cookies to measure reach and for marketing purposes, as detailed in the privacy statement. A general objection to the use of cookies for online marketing purposes can be made for many services, especially for tracking, via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/. Furthermore, cookies can be disabled in the browser settings. Please note that not all features of this online offer may be available if cookies are disabled.
Data Deletion
The data we process will be deleted or its processing limited in accordance with Articles 17 and 18 GDPR. Unless explicitly stated in this privacy statement, data stored by us is deleted as soon as it is no longer necessary for the intended purpose and deletion does not conflict with any legal retention requirements. Unless the data is retained for other legally permissible purposes, your data processing will be restricted. This means that the data is blocked and not processed for other purposes, such as data that must be stored for commercial or tax reasons.
• Germany: In accordance with legal requirements, data is stored for up to 6 years pursuant to § 257 paragraph 1 HGB (business books, inventories, opening balances, annual accounts, commercial letters, accounting documents, etc.), and for up to 10 years pursuant to § 147 §1 AO (books, archives, management reports, accounting annexes, business and trade letters, tax-relevant documents, etc.).
• Austria: In accordance with legal requirements, data is primarily stored for 7 years pursuant to § 132, subsection 1 BAO (accounting documents, receipts/invoices, bills, receipts, trade documents, statements of income and expenses, etc.), for 22 years concerning real estate, and for 10 years concerning documents related to electronic services, telecommunications, radio, and television services provided to non-entrepreneurs in EU member states utilizing the Mini One-Stop-Shop (MOSS).
Collection of Access Data and Log Files
• Based on our legitimate interests under Article 6(1)(f) GDPR, we collect data regarding each individual access to the server hosting this service (server log files). Access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, user's operating system, referring URL (previously visited page), IP address, and requesting provider.
• Log file information is stored for security reasons (e.g., to investigate abuse or fraud) for a maximum of seven days and then deleted. Data that must be retained for evidentiary purposes is excluded from deletion until the respective incident is resolved.
Online Presence on Social Media
• We maintain an online presence on social networks and platforms to communicate with customers, interested parties, and active users, and to inform them about our services. When you access the respective networks and platforms, you agree to the terms and conditions and data processing guidelines of those operators.
• Unless otherwise stated in our privacy statement, we process user data when users interact with us on social networks and platforms, such as posting about our online presence or sending us messages.
Cookies and Reach Measurement Cookies
• Cookies are data transferred from our web server or third-party servers to users' browsers and stored there for later retrieval. Cookies can be small text files or other types of information storage.
• Some cookies we use are "session cookies," which are only stored during the current visit to our online presence (e.g., to save your login status or language preference, enabling the use of our online offer). A randomly generated unique identifier called a session ID is stored in a session cookie. Cookies also contain information about their origin and storage duration. These cookies cannot store other data. Session cookies are deleted once you finish using our online offer, such as logging out or closing the browser.
• Cookies that persist beyond the session allow us to recognize your browser on subsequent visits (persistent cookies). We only use these cookies to enhance the user experience.
• Users will be informed about the use of cookies as part of the reach measurement in connection with this privacy statement.
• If you do not wish for cookies to be stored on your device, you can disable this option in your browser settings. Saved cookies can also be deleted via your browser settings. Deleting cookies may result in limited functionality of this online offer.
• You can opt out of the use of cookies for reach measurement and advertising purposes via the Network Advertising Initiative's opt-out page (http://optout.networkadvertising.org/), the US website (http://www.aboutads.info/choices), or the EU website (http://www.youronlinechoices.com/uk/your-ad-choices/).
Google Analytics
• Based on our legitimate interests (i.e., interest in analyzing, optimizing, and economically operating our online offer in accordance with Article 6(1)(f) GDPR), we use Google Analytics, a web analytics service provided by Google LLC ("Google"). Google utilizes cookies. The information generated by the cookie regarding users' use of the online offer is generally transferred to a Google server in the USA and stored there.
• Google is certified under the Privacy Shield framework, ensuring compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
• Google uses this information on our behalf to evaluate users' use of the online offer, prepare reports on activities within this online offer, and provide other services related to the use of the online offer and internet usage. Pseudonymous user profiles may be created from the processed data.
• We only use Google Analytics with IP anonymization enabled, meaning the user's IP address is truncated by Google within EU member states or other EEA countries. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there.
• The IP address transmitted by the user's browser is not combined with other Google data. Users can prevent the storage of cookies by configuring their browser accordingly; they can also prevent Google from collecting data generated by cookies and processing this data by downloading and installing the browser add-on available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
Opt-out cookies prevent future data collection when you visit this website. To prevent Universal Analytics from collecting data across different devices, disable all systems used. If you click here, the opt-out cookie is set: Deactivate Google Analytics. • More information about Google's data usage, settings, and objection options can be found on Google's websites: https://www.google.com/intl/de/policies/privacy/partners (“Google's use of data when you use our partners' websites or apps”), https://policies.google.com/technologies/ads (“use of data for advertising purposes”), https://adssettings.google.com/authenticated (“Manage information Google uses to show you ads”).
Facebook, Custom Audiences and Facebook Marketing Services
• Within our online offer, due to our legitimate interests in analyzing, optimizing, and economically utilizing our online offer, we use the "Facebook Pixel" from the social network Facebook, operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook").
• Facebook is certified under the Privacy Shield framework, ensuring compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
• Using the Facebook Pixel, Facebook can identify visitors to our online offer as a target audience for displaying advertisements (so-called "Facebook Ads"). Therefore, we use the Facebook Pixel to display Facebook Ads only to Facebook users who have shown interest in our online offer or who have certain characteristics (e.g., interests in specific topics or products) based on their website visits, which we transfer to Facebook (so-called "Custom Audiences").
• The Facebook Pixel also allows us to ensure that our Facebook Ads are relevant to users' potential interests and do not have a disruptive effect. Additionally, the Facebook Pixel helps us assess the effectiveness of Facebook Ads for statistical and market research purposes by tracking whether users were redirected to our website after clicking on a Facebook Ad (so-called "conversion").
• Data processing by Facebook occurs in accordance with Facebook's data usage policy. Therefore, general information about running Facebook Ads can be found in Facebook's data usage policy: https://www.facebook.com/policy.php. Specific information and details about the Facebook Pixel and its functionality are available in the Facebook Help section: https://www.facebook.com/business/help/651294705016616.
• You can object to the collection of data via the Facebook Pixel and the use of your data for displaying Facebook Ads. To manage the types of ads shown on Facebook, visit Facebook's advertising preferences page and follow the instructions: https://www.facebook.com/settings?tab=ads. These settings are platform-independent and apply to all devices, such as desktops and mobile devices.
• To prevent data collection through the Facebook Pixel on our website, click the following link: Facebook Deactivation.
Note: Clicking the link will set an "opt-out" cookie on your device. If you delete cookies in this browser, you must click the link again. Additionally, the opt-out only applies to the browser used and to our web domain from which the link was clicked. • You can also opt out of using cookies for reach measurement and advertising purposes via the Network Advertising Initiative's opt-out page (http://optout.networkadvertising.org/), the US website (http://www.aboutads.info/choices), or the EU website (http://www.youronlinechoices.com/uk/your-ad-choices/).
Facebook Social Plugins
• Based on our legitimate interests (i.e., interest in analyzing, optimizing, and economically operating our online offer in accordance with Article 6(1)(f) GDPR), we use social plugins ("plugins") from the social network Facebook.com, provided by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). Plugins can display interactive elements or content (e.g., videos, graphics, or text articles) and can be identified by Facebook logos ("white f" in a blue box, "Like", "Share", or "thumbs up" sign) or marked with "Facebook Social Plugin." The list and appearance of Facebook social plugins can be found here: https://developers.facebook.com/docs/plugins/.
• Facebook is certified under the Privacy Shield framework, ensuring compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
• When a user accesses a feature of our online offer containing such a plugin, their device establishes a direct connection to Facebook servers. The plugin content is transferred directly from Facebook to the user's device and integrated into the online offer. User profiles may be created from the processed data. Consequently, we have no control over the amount of data Facebook collects using this plugin, and we inform users to the best of our knowledge.
• By integrating plugins, Facebook receives information that a user has accessed the corresponding page in the online offer. If the user is logged into Facebook, Facebook can associate the visit with their Facebook account. When users interact with plugins, for example by clicking the Like button or leaving a comment, the corresponding information is directly transferred to Facebook and stored there. If a user is not a Facebook member, Facebook can still detect and store their IP address. According to Facebook, only an anonymous IP address is stored in Germany.
• The purpose and scope of data collection, subsequent processing, and Facebook's use of data, as well as the relevant rights and configuration options to protect users' privacy, can be found in Facebook's privacy information: https://www.facebook.com/about/privacy/.
• If a user is a Facebook member and does not want Facebook to collect data about them through this online offer and link it to their Facebook account, they must log out of Facebook and delete their cookies before using our online offer. Additional settings and objections to data use for advertising purposes can be made in their Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US site http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/. These settings are platform-independent, meaning they apply to all devices, such as desktops or mobile devices.
• To prevent your data from being collected via the Facebook Pixel on our website, please click on the following link.
Affiliate
We engage with affiliate programs based on our legitimate interests (i.e., interest in the economic operation of our online offer in accordance with Article 6(1)(f) GDPR). To facilitate this, we use tracking cookies on our website to accurately record sales and/or partner leads. Cookies are small text files saved on your computer when you visit a website. These tracking cookies do not store any personal data; instead, they only record our partner's identification number and the serial number of the advertising material that the website visitor clicks on. This information is necessary to process payments between us and the advertising partner. When a transaction is completed, the partner identification number is used to assign the corresponding commission to the affiliate partner. You can prevent the installation of cookies by properly configuring your browser software; however, please note that doing so may limit the functionality of our website.