Khan Coaching

___________________________________________________

 

You are my Focus.

 

 

 
 

 
Data Protection

Introduction:

The terms used are not gender-specific.

As of January 9th, 2024

In Charge

Overview of Processing:

The following overview summarizes the types of processed data, the purposes of their processing, and refers to the affected individuals.

Overview of Processing:

  • 1. Event Data (Facebook): "Event Data" refers to data that can be transmitted to Facebook, for example, via the Facebook Pixel (through apps or other means), relating to individuals or their actions. This includes information about website visits, interactions with content, features, app installations, product purchases, etc. Event Data is processed to create target audiences for content and advertising information (Custom Audiences). Event Data does not include actual content (such as written comments), login information, or contact details (i.e., no names, email addresses, and phone numbers). Facebook deletes Event Data after a maximum of two years, along with the deletion of our Facebook account.

  • • Inventory Data (e.g., names, addresses).
    • Content Data (e.g., entries in online forms).
    • Contact Data (e.g., email, phone numbers).
    • Meta-/Communication Data (e.g., device information, IP addresses).
    • Usage Data (e.g., visited websites, interest in content, access times).
    • Location Data (information about the geographical position of a device or person).
    • Contract Data (e.g., contract subject, duration, customer category).
    • Payment Data (e.g., bank details, invoices, payment history).

Special Categories of Data:

• Data revealing racial and ethnic origin.

Kategorien betroffener Personen

  • Geschäfts- und Vertragspartner.

  • Interessenten.

  • Kommunikationspartner.

  • Kunden.

  • Nutzer (z.B. Webseitenbesucher, Nutzer von Onlinediensten).

Categories of Affected Persons:

• Affiliate tracking.
• Registration procedures.
• Providing our online offering and user-friendliness.
• Office and organizational procedures.
• Cross-device tracking (cross-device processing of user data for marketing purposes).
• Direct marketing (e.g., via email or postal).
• Feedback (e.g., collecting feedback via online form).
• Interest-based and behavior-based marketing.
• Contact inquiries and communication.
• Profiling (creating user profiles).
• Remarketing.
• Range measurement (e.g., access statistics, detection of recurring visitors).
• Security measures.
• Tracking (e.g., interest/behavior-based profiling, use of cookies).
• Provision of contractual services and customer service.
• Administration and response to inquiries.
 

Relevant Legal Bases:

Below, we specify the legal bases of the General Data Protection Regulation (GDPR) on which we process personal data. Please note that, in addition to the provisions of the GDPR, national data protection regulations in your respective country of residence or domicile may apply. If more specific legal bases are applicable in individual cases, we will inform you of these in the privacy policy.

• Consent (Art. 6(1) S. 1 lit. a. GDPR): The data subject has given consent to the processing of their personal data for a specific purpose or multiple specified purposes.
• Contractual Performance and Pre-contractual Inquiries (Art. 6(1) S. 1 lit. b. GDPR): Processing is necessary for the performance of a contract with the data subject or for the implementation of pre-contractual measures at the request of the data subject.
• Legal Obligation (Art. 6(1) S. 1 lit. c. GDPR): Processing is necessary for compliance with a legal obligation to which the controller is subject.
• Legitimate Interests (Art. 6(1) S. 1 lit. f. GDPR): Processing is necessary to protect the legitimate interests of the controller or a third party, unless the interests or fundamental rights and freedoms of the data subject, requiring the protection of personal data, prevail.
 

National Data Protection Regulations in Germany:

In addition to the data protection regulations of the General Data Protection Regulation, national regulations on data protection apply in Germany. This includes, in particular, the Act to Protect against Misuse of Personal Data in Data Processing (Bundesdatenschutzgesetz – BDSG). The BDSG contains specific provisions on the right to information, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes, and transmission, as well as automated decision-making in individual cases, including profiling. Furthermore, it regulates data processing for employment purposes (§ 26 BDSG), especially regarding the establishment, implementation, or termination of employment relationships, as well as the consent of employees. Additionally, state data protection laws of individual federal states may apply.

Security Measures:

In accordance with legal requirements and considering the state of the art, implementation costs, the nature, scope, circumstances, and purposes of processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, we implement suitable technical and organizational measures to ensure a level of protection appropriate to the risk.

These measures include, in particular, securing the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data, as well as the related access, input, disclosure, availability, and separation. Furthermore, we have established procedures to ensure the exercise of data subjects' rights, the deletion of data, and responses to data threats. We also consider the protection of personal data in the development or selection of hardware, software, and procedures in accordance with the principles of data protection, through technology design, and by implementing privacy-friendly settings.

SSL Encryption (https):

To protect data transmitted via our online offering, we use SSL encryption. You can recognize such encrypted connections by the prefix https:// in the address bar of your browser.

Transmission and Disclosure of Personal Data:

In the course of processing personal data, it may occur that the data is transmitted to other entities, companies, legally independent organizational units, or individuals or disclosed to them. Recipients of this data may include, for example, payment institutions in the context of payment transactions, IT service providers tasked with IT-related duties, or providers of services and content embedded in a website. In such cases, we comply with legal requirements and, in particular, conclude appropriate contracts or agreements that serve to protect your data with the recipients of your data.

Data Processing in Third Countries:

If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if the processing takes place in connection with the use of third-party services or the disclosure or transmission of data to other individuals, entities, or companies, this is done only in accordance with legal requirements.

Subject to express consent or contractually or legally required transmission, we process or allow the data to be processed in third countries only with a recognized level of data protection, contractual obligation through the so-called standard data protection clauses of the EU Commission, in the presence of certifications, or binding internal data protection regulations (Art. 44 to 49 GDPR, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_en ).

Use of Cookies:

Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user's computer. A cookie primarily serves to store information about a user during or after their visit within an online offering. Stored information may include, for example, language settings on a website, login status, a shopping cart, or the point at which a video was viewed. The term "cookies" also includes other technologies that fulfill the same functions as cookies (e.g., when user information is stored based on pseudonymous online identifiers, also referred to as "user IDs").

The following types of cookies and functions are distinguished:

  • Temporary Cookies (also: Session or Session Cookies): Temporary cookies are deleted at the latest after a user leaves an online offering and closes their browser.

  • Permanent Cookies: Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved, or preferred content can be displayed directly when the user revisits a website. The interests of users, which are used for reach measurement or marketing purposes, can also be stored in such a cookie.

  • First-Party Cookies: First-party cookies are set by us.

  • Third-Party Cookies (also: third-party cookies): Third-party cookies are primarily used by advertisers (so-called third parties) to process user information.

  • Necessary (also: essential or strictly necessary) Cookies: Cookies can be strictly necessary for the operation of a website (e.g., to save logins or other user inputs or for security reasons).

  • Statistics, Marketing, and Personalization Cookies: Furthermore, cookies are usually used in the context of reach measurement and when the interests or behavior of a user (e.g., viewing certain content, using features, etc.) are stored in a user profile on individual websites. Such profiles are used to display content to users that corresponds to their potential interests. This process is also referred to as "tracking," i.e., tracking the potential interests of users. If we use cookies or "tracking" technologies, we will inform you separately in our privacy policy or as part of obtaining consent.

Information on Legal Bases: The legal basis on which we process your personal data using cookies depends on whether we request your consent. If this is the case, and you consent to the use of cookies, the legal basis for processing your data is the provided consent. Otherwise, data processed using cookies is based on our legitimate interests (e.g., in the operational management and improvement of our online offering) or, if the use of cookies is necessary, to fulfill our contractual obligations.

Storage Duration: Unless we provide explicit information on the storage duration of permanent cookies (e.g., within a so-called Cookie Opt-In), please assume that the storage duration can be up to two years.

General Information on Revocation and Objection (Opt-Out): Depending on whether the processing is based on consent or legal permission, you have the option to revoke your given consent or object to the processing of your data through cookie technologies (collectively referred to as "Opt-Out") at any time. You can initially express your objection through the settings of your browser, such as by disabling the use of cookies (note that this may also restrict the functionality of our online offering). Objection to the use of cookies for online marketing purposes can also be declared through various services, especially in the case of tracking, via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/. Additionally, you can find further information on objection in the context of the details about the service providers and cookies used.

Processing of Cookie Data Based on Consent: Before processing data as part of using cookies or having them processed, we request users' revocable consent. Until consent is given, only cookies that are strictly necessary for the operation of our online offering may be used.

  • Processed Data Types: Usage data (e.g., visited web pages, interest in content, access times), meta/communication data (e.g., device information, IP addresses).

  • Data Subjects: Users (e.g., website visitors, users of online services).

  • Legal Bases: Consent (Art. 6 (1) (a) GDPR), Legitimate Interests (Art. 6 (1) (f) GDPR).

Commercial and Business Services:

We process data of our contractual and business partners, such as customers and prospects (collectively referred to as "contractual partners"), within the scope of contractual and similar legal relationships, as well as related measures and communication with contractual partners (or pre-contractually), for example, to respond to inquiries. The processing of this data is carried out to fulfill our contractual obligations, safeguard our rights, for the purposes of administrative tasks associated with this information, and business organization.

The data of contractual partners is only disclosed to third parties within the framework of applicable laws, insofar as this is necessary for the aforementioned purposes or to fulfill legal obligations, or with the consent of the individuals concerned (for example, to telecommunications, transport, and other auxiliary services, subcontractors, banks, tax and legal advisors, payment service providers, or tax authorities). Contractual partners will be informed about other forms of processing, such as for marketing purposes, within the scope of this privacy policy.

We inform contractual partners which data is necessary for the aforementioned purposes, either before or during data collection, for example, in online forms, through special labeling (e.g., colors) or symbols (e.g., asterisks), or personally.

We delete the data after the expiration of statutory warranty and comparable obligations, usually after 4 years. Exceptions may apply if the data is stored in a customer account, for example, as long as it needs to be kept for legal archiving purposes (e.g., 10 years for tax purposes). Data disclosed to us as part of an order by the contractual partner will be deleted in accordance with the specifications of the order, generally after the completion of the order.

To the extent that we use third-party providers or platforms to provide our services, the terms and privacy policies of the respective third-party providers or platforms apply in the relationship between users and providers.

Coaching:

We process the data of our clients, prospective clients, and other contracting parties or partners (collectively referred to as "clients") to provide our services to them. The processed data, the type, scope, purpose, and necessity of their processing are determined by the underlying contractual and client relationship.

In the course of our activities, we may also process special categories of data, particularly information regarding the health of the clients, possibly related to their sexual life or sexual orientation, as well as data revealing racial and ethnic origin, political opinions, religious or philosophical beliefs.

Consulting:

We process data of our clients, clients' representatives, and other contracting parties or partners (collectively referred to as "clients") to provide consulting services to them. The processed data, the type, scope, purpose, and necessity of their processing are determined by the underlying contractual and client relationship.

Therapeutic Services: We process data of our clients, clients' representatives, and other contracting parties or partners (collectively referred to as "clients") to provide therapeutic services to them. The processed data, the type, scope, purpose, and necessity of their processing are determined by the underlying contractual and client relationship.

In the course of our activities, we may also process special categories of data, particularly information regarding the health of the clients, possibly related to their sexual life or sexual orientation, as well as data revealing racial and ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership. We obtain explicit consent from the clients, if necessary, and process special categories of data otherwise when it serves the health of the clients, the data is public, or other legal permissions exist.

If it is necessary for the fulfillment of our contract, to protect vital interests, or required by law, or with the clients' consent, we disclose or transmit the clients' data in accordance with professional regulations to third parties or agents, such as authorities, medical institutions, laboratories, billing centers, and in the field of IT, office, or comparable services.

  • Processed Data Types:  Inventory data (e.g., names, addresses) Payment data (e.g., bank details, invoices, payment history) Contact data (e.g., email, phone numbers) Contract data (e.g., contract subject, duration, customer category)

  • Special Categories of Personal Data: Health data (Art. 9 Abs. 1 GDPR) Data on sexual life or sexual orientation (Art. 9 Abs. 1 GDPR) Religious or philosophical beliefs (Art. 9 Abs. 1 GDPR) Data revealing racial and ethnic origin

  • Data Subjects: Prospective clients Business and contractual partners

  • Processing Purposes: Provision of contractual services and customer service Handling contact inquiries and communication Office and organizational procedures Administration and response to inquiries

  • Legal Bases: Contract performance and pre-contractual inquiries (Art. 6 Abs. 1 S. 1 lit. b. GDPR) Legal obligation (Art. 6 Abs. 1 S. 1 lit. c. GDPR) Legitimate interests (Art. 6 Abs. 1 S. 1 lit. f. GDPR)

Payment Service Providers:

In the context of contractual and other legal relationships, legal obligations, or based on our legitimate interests, we offer efficient and secure payment options to individuals and utilize various payment service providers (collectively "Payment Service Providers").

The data processed by the payment service providers includes inventory data, such as names and addresses, bank data, such as account numbers or credit card numbers, passwords, TANs, and checksums, as well as contract, sum, and recipient-related information. This information is necessary to carry out transactions. However, the entered data is processed and stored only by the payment service providers. In other words, we do not receive account or credit card-related information but only information confirming or negating the payment. Under certain circumstances, the data may be transmitted to credit reporting agencies by the payment service providers for identity and credit checks. For further information on this, please refer to the terms and conditions and the privacy policies of the payment service providers.

The terms and conditions and privacy policies of the respective payment service providers apply to payment transactions and can be accessed within the respective websites or transaction applications. We also refer to these for further information and the exercise of withdrawal, information, and other data subject rights.

  • Processed Data Types: Inventory data (e.g., names, addresses) Payment data (e.g., bank details, invoices, payment history) Contract data (e.g., contract subject, duration, customer category) Usage data (e.g., visited websites, interest in content, access times) Meta/communication data (e.g., device information, IP addresses)

  • Data Subjects: Customers Prospective customers

  • Processing Purposes: Provision of contractual services and customer service Handling contact inquiries and communication Affiliate tracking

  • Legal Bases: Contract performance and pre-contractual inquiries (Art. 6 Abs. 1 S. 1 lit. b. DSGVO) Legitimate interests (Art. 6 Abs. 1 S. 1 lit. f. DSGVO)

Utilized Services and Service Providers:

  • Klarna / Sofortüberweisung:  Payment Services  Service Provider: Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden Website: Klarna Privacy Policy: Klarna Datenschutzerklärung

  •  Mastercard: Payment Services Service Provider: Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium Website: Mastercard Deutschland Privacy Policy: Mastercard Datenschutz

  • PayPal: Payment Services and Solutions (e.g., PayPal, PayPal Plus, Braintree) Service Provider: PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg Website: PayPal Deutschland Privacy Policy: PayPal Datenschutzerklärung

  •  Visa: Payment Services Service Provider: Visa Europe Services Inc., Zweigniederlassung London, 1 Sheldon Square, London W2 6TT, GB Website: Visa Deutschland Privacy Policy: Visa Datenschutzerklärung

Provision of the Online Offering and Web Hosting

To securely and efficiently provide our online offering, we use the services of one or more web hosting providers whose servers (or servers managed by them) can retrieve the online offering. For these purposes, we may use infrastructure and platform services, computing capacity, storage space, and database services, as well as security services and technical maintenance services.

The data processed in the context of providing the hosting service may include all information concerning the users of our online offering that arises during use and communication. This regularly includes the IP address, which is necessary to deliver the content of online offerings to browsers, and all entries made within our online offering or on websites.

Email Sending and Hosting: The web hosting services we use also include the sending, receiving, and storage of emails. For these purposes, the addresses of recipients and senders, as well as further information regarding email sending (e.g., the involved providers) and the contents of the respective emails, are processed. The aforementioned data may also be processed for the purpose of detecting spam. Please note that emails on the internet are generally not sent encrypted. While emails are typically encrypted during transport, they are not encrypted on the servers from which they are sent and received unless an end-to-end encryption method is used. Therefore, we cannot assume responsibility for the transmission path of emails between the sender and our server.

Collection of Access Data and Log Files: We (or our web hosting provider) collect data on every access to the server (so-called server log files). Server log files may include the address and name of the accessed web pages and files, date and time of access, transferred data volumes, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), and usually IP addresses and the requesting provider.

Server log files may be used for security purposes, such as avoiding server overload (especially in the case of abusive attacks, so-called DDoS attacks), and to ensure the load on the servers and their stability.

  • Processed Data Types: Content data (e.g., entries in online forms), usage data (e.g., visited web pages, interest in content, access times), meta/communication data (e.g., device information, IP addresses).

  • Data Subjects: Users (e.g., website visitors, users of online services).

  • Legal Basis: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f GDPR).

Blogs and Publishing Media

We utilize blogs or similar means of online communication and publication (hereinafter "publishing medium"). Reader data is processed for the purposes of the publishing medium only to the extent necessary for its presentation and communication between authors and readers or for security reasons. For further information on the processing of visitors to our publishing medium, please refer to the information in this privacy policy.

  • Processed Data Types: Inventory data (e.g., names, addresses), contact data (e.g., email, phone numbers), content data (e.g., entries in online forms), usage data (e.g., visited websites, interest in content, access times), meta/communication data (e.g., device information, IP addresses).

  • Data Subjects: Users (e.g., website visitors, users of online services).

  • Processing Purposes: Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b GDPR), Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f GDPR).

Contact

When contacting us (e.g., via contact form, email, phone, or social media), the information provided by the inquiring individuals is processed to the extent necessary to respond to the contact inquiries and any requested measures.

The response to contact inquiries within the scope of contractual or pre-contractual relationships is carried out to fulfill our contractual obligations or to respond to (pre)contractual inquiries. In other cases, the processing is based on legitimate interests in responding to inquiries.

  • Processed Data Types: Inventory data (e.g., names, addresses), contact data (e.g., email, phone numbers), content data (e.g., entries in online forms).

  • Data Subjects: Communication partners.

  • Processing Purposes: Contact inquiries and communication.

  • Legal Bases: Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b GDPR), Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f GDPR).

Chatbots and Chat Functions

We offer online chat and chatbot functions as communication options (collectively referred to as "Chat Services"). A chat involves real-time online conversations, while a chatbot is software that answers user questions or provides information through messages. When you use our chat functions, we may process your personal data.

If you use our chat services within an online platform, your identification number within the respective platform is additionally stored. We may also collect information about which users interact with our chat services and when. Furthermore, we store the content of your conversations via the chat services and log registration and consent processes to comply with legal requirements.

Users should be aware that the platform provider may learn when and how users communicate with our chat services, as well as technical information about the user's device and, depending on the device settings, location information (metadata) for service optimization and security purposes. The metadata of communication via chat services (e.g., information about who communicated with whom) may also be used by platform providers for marketing purposes or displaying tailored advertisements, subject to their regulations, to which we refer for further information.

If users agree to activate information with regular messages to a chatbot, they have the option to unsubscribe from the information at any time. The chatbot informs users about how to unsubscribe and with which terms. Unsubscribing from chatbot messages deletes user data from the list of message recipients.

We use the information mentioned above to operate our chat services, such as addressing users personally, answering their queries, transmitting requested content, and improving our chat services (e.g., teaching chatbots responses to frequently asked questions or identifying unanswered queries).

Legal Bases: We deploy chat services based on consent, obtained when users have given permission for their data to be processed within the scope of our chat services (applies to cases where users are asked for consent, e.g., for a chatbot to regularly send them messages). If we use chat services to respond to user inquiries about our services or our company, this is done for contractual and pre-contractual communication. In other cases, we use chat services based on our legitimate interests in optimizing chat services, their business efficiency, and enhancing positive user experiences.

Revocation, Objection, and Deletion: Users can revoke granted consent or object to the processing of their data within the scope of our chat services at any time.

  • Processed Data Types: Contact data (e.g., email, phone numbers), content data (e.g., entries in online forms), usage data (e.g., visited websites, interest in content, access times), meta/communication data (e.g., device information, IP addresses).

  • Data Subjects: Communication partners.

  • Processing Purposes: Contact inquiries and communication, direct marketing (e.g., by email or postal).

  • Legal Bases: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f GDPR).

Push Notifications

With the users' consent, we can send users so-called "push notifications." These are messages displayed on users' screens, devices, or browsers, even when our online service is not actively being used.

To subscribe to push notifications, users must confirm the request of their browser or device to receive push notifications. This consent process is documented and stored. Storage is necessary to determine whether users have agreed to receive push notifications.

Processing Purposes: Provision of contractual services and customer service.
Legal Bases: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), Contract performance and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b GDPR).

Video Conferences, Online Meetings, Webinars, and Screen Sharing

We use platforms and applications from other providers (hereinafter referred to as "third-party providers") for the purpose of conducting video and audio conferences, webinars, and other types of video and audio meetings. When selecting third-party providers and their services, we comply with legal requirements.

In this context, data of communication participants are processed and stored on the servers of third-party providers, to the extent that they are part of communication processes with us. This data may include, in particular, login and contact details, visual and vocal contributions, as well as entries in chats and shared screen contents.

If users are referred to the third-party providers, their software, or platforms as part of communication, business, or other relationships with us, the third-party providers may process usage data and metadata for security purposes, service optimization, or marketing purposes. Therefore, we ask you to observe the privacy policies of the respective third-party providers.

Information on Legal Bases: If we ask users for their consent to the use of third-party services or specific functions (e.g., consent to recording conversations), the legal basis for processing is consent. Furthermore, their use may be a component of our (pre)contractual services if the use of third-party services has been agreed within this framework. Otherwise, user data is processed based on our legitimate interests in efficient and secure communication with our communication partners. In this context, we would also like to refer you to the information on the use of cookies in this privacy policy.

  • Processed Data Types: Inventory data (e.g., names, addresses), contact data (e.g., email, phone numbers), content data (e.g., entries in online forms), usage data (e.g., visited websites, interest in content, access times), meta-/communication data (e.g., device information, IP addresses).

  • Affected Persons: Communication partners, users (e.g., website visitors, users of online services).

  • Purposes of Processing: Provision of contractual services and customer service, handling of contact inquiries and communication, office and organizational procedures.

  • Legal Bases: Consent (Art. 6 Abs. 1 S. 1 lit. a. GDPR), Contract performance and pre-contractual inquiries (Art. 6 Abs. 1 S. 1 lit. b. GDPR), Legitimate interests (Art. 6 Abs. 1 S. 1 lit. f. GDPR).

Utilized Services and Service Providers:

  • Skype: Messenger and conference software; Service Provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA; Website: https://www.skype.com/de/; Privacy Policy: https://privacy.microsoft.com/de-de/privacystatement, Security Information: https://www.microsoft.com/de-de/trustcenter

Newsletter and Electronic Notifications

We only send newsletters, emails, and other electronic notifications (hereinafter "newsletter") with the consent of the recipients or a legal permission. If the content of a newsletter is specifically described within the context of a registration, it is decisive for the user's consent. Otherwise, our newsletters contain information about our services and us.

To subscribe to our newsletters, it generally suffices to provide your email address. However, we may ask you to provide a name for personal addressing in the newsletter or additional information if necessary for the purposes of the newsletter.

Double-Opt-In Procedure: The registration for our newsletter generally takes place in a so-called double-opt-in procedure. This means that after registration, you will receive an email asking you to confirm your registration. This confirmation is necessary to prevent someone from registering with other people's email addresses. Newsletter registrations are logged to be able to prove the registration process in accordance with legal requirements. This includes the storage of the registration and confirmation time, as well as the IP address. Changes to your data stored with the mailing service provider are also logged.

Deletion and Restriction of Processing: We can store unsubscribed email addresses for up to three years based on our legitimate interests before deleting them to be able to prove a previously given consent. The processing of this data is limited to the purpose of potential defense against claims. An individual deletion request is possible at any time, provided that the former existence of consent is confirmed simultaneously. In the case of obligations to permanently observe objections, we reserve the storage of the email address solely for this purpose in a blocklist.

The logging of the registration process is based on our legitimate interests for the purpose of proving its proper execution. If we commission a service provider with the dispatch of emails, this is done based on our legitimate interests in an efficient and secure mailing system.

Information on Legal Bases: The dispatch of newsletters is based on the consent of the recipients or, if consent is not required, on our legitimate interests in direct marketing, as far as this is legally permitted, e.g., in the case of advertising to existing customers. If we commission a service provider with the dispatch of emails, this is done based on our legitimate interests. The registration process is recorded based on our legitimate interests to prove that it was carried out in accordance with the law.

Contents: Information about us, our services, promotions, and offers.

  • Processed Data Types: Inventory data (e.g., names, addresses), contact data (e.g., email, phone numbers), meta-/communication data (e.g., device information, IP addresses).

  • Affected Persons: Communication partners.

  • Purposes of Processing: Direct marketing (e.g., by email or postal mail).

  • Legal Bases: Consent (Art. 6 Abs. 1 S. 1 lit. a. GDPR), Legitimate interests (Art. 6 Abs. 1 S. 1 lit. f. GDPR).

  • Opt-Out Option: You can cancel the receipt of our newsletter at any time, i.e., revoke your consent or object to further receipt. You can find a link to unsubscribe from the newsletter either at the end of each newsletter or can use one of the contact options provided above, preferably by email, for this purpose.

Social Media Presences

We maintain online presences within social networks and process user data within this framework to communicate with active users or to provide information about us.

Please note that user data may be processed outside the European Union. This may pose risks for users, as, for example, the enforcement of user rights could be more challenging.

Furthermore, user data within social networks is generally processed for market research and advertising purposes. For instance, user profiles can be created based on user behavior and resulting interests. These user profiles, in turn, can be used to display advertisements within and outside the networks that presumably correspond to the interests of users. For these purposes, cookies are usually stored on users' computers, containing information about user behavior and interests. Additionally, data can be stored in user profiles independently of the devices used by users, especially when users are members of the respective platforms and are logged into them.

For a detailed presentation of the respective processing methods and opt-out options, we refer to the privacy policies and information provided by the operators of the respective networks

Even in the case of information requests and the exercise of data subject rights, we would like to point out that these can be most effectively asserted with the providers. Only the providers have access to user data and can take direct measures and provide information. If you still need assistance, you can contact us.

Facebook: We, together with Facebook Ireland Ltd., are jointly responsible for the collection (but not for further processing) of data from visitors to our Facebook page (so-called "Fanpage"). This data includes information about the types of content that users view or interact with, or actions they take (see "Things You and Others Do and Provide" in the Facebook Data Policy: https://www.facebook.com/policy), as well as information about the devices users use (e.g., IP addresses, operating system, browser type, language settings, cookie data; see "Device Information" in the Facebook Data Policy: https://www.facebook.com/policy). As explained in the Facebook Data Policy under "How do we use this information?" Facebook also collects and uses information to provide analytical services, called "Page Insights," for page operators, so that they gain insights into how people interact with their pages and associated content. We have entered into a specific agreement with Facebook ("Page Insights Information," https://www.facebook.com/legal/terms/page_controller_addendum), which regulates, in particular, the security measures that Facebook must observe, and in which Facebook has agreed to fulfill the rights of data subjects (i.e., users can, for example, address inquiries or deletion requests directly to Facebook). The rights of users (especially regarding information, deletion, objection, and complaint to the competent supervisory authority) are not limited by the agreements with Facebook. Further information can be found in the "Page Insights Information" (https://www.facebook.com/legal/terms/information_about_page_insights_data).

  • Processed Data Types: Inventory data (e.g., names, addresses), contact data (e.g., email, phone numbers), content data (e.g., entries in online forms), usage data (e.g., visited websites, interest in content, access times), meta-/communication data (e.g., device information, IP addresses).

  • Affected Persons: Users (e.g., website visitors, users of online services).

  • Purposes of Processing: Contact inquiries and communication, tracking (e.g., interest/behavior-related profiling, use of cookies), remarketing, reach measurement (e.g., access statistics, identification of recurring visitors), affiliate tracking.

  • Legal Bases: Legitimate interests (Art. 6 Abs. 1 S. 1 lit. f. GDPR).

Used Services and Service Providers:

  • Instagram: Social network; Service provider: Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; Parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; Website: https://www.instagram.com; Privacy Policy: https://instagram.com/about/legal/privacy.
    Facebook: Social network; Service provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; Parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; Website: https://www.facebook.com; Privacy Policy: https://www.facebook.com/about/privacy; Opt-Out: Ad Settings: https://www.facebook.com/settings?tab=ads.
    Flickr: Social network; Service provider: Flickr Inc., 475 Sansome St San Francisco, California 94111, USA; Website: https://www.flickr.com; Privacy Policy: https://www.flickr.com/help/privacy.

  • LinkedIn: Social network; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Privacy Policy: https://www.linkedin.com/legal/privacy-policy; Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

  • Pinterest: Social network; Service provider: Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA; Website: https://www.pinterest.com; Privacy Policy: https://about.pinterest.com/de/privacy-policy; Opt-Out: https://about.pinterest.com/de/privacy-policy.

  • SlideShare: Presentation platform; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Privacy Policy: https://www.linkedin.com/legal/privacy-policy.

  • Snapchat: Social network; Service provider: Snap Inc., 3000 31st Street, Santa Monica, California 90405, USA; Website: https://www.snapchat.com/; Privacy Policy: https://www.snap.com/de-DE/privacy/privacy-policy; Cookie Policy: https://www.snap.com/de-DE/cookie-policy; Standard Contractual Clauses (Ensuring Data Protection Level for Processing in Third Countries): https://www.snap.com/en-US/terms/standard-contractual-clauses.

  • TikTok: Social network / Video platform; Service provider: musical.ly Inc., 10351 Santa Monica Blvd #310, Los Angeles, CA 90025, USA; Website: https://www.tiktok.com; Privacy Policy: https://www.tiktok.com/de/privacy-policy.

  •  Twitter: Social network; Service provider: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland; Parent company: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA; Privacy Policy: https://twitter.com/de/privacy; Settings: https://twitter.com/personalization.

  •  YouTube: Social network; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Privacy Policy: https://policies.google.com/privacy; Opt-Out: https://adssettings.google.com/authenticated.

  •  Xing: Social network; Service provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; Website: https://www.xing.de; Privacy Policy: https://privacy.xing.com/de/datenschutzerklaerung.

Plugins and Embedded Functions as well as Content

We integrate functional and content elements into our online offering that are sourced from the servers of their respective providers (hereinafter referred to as "third-party providers"). These elements may include, for example, graphics, videos, social media buttons, as well as posts (hereinafter collectively referred to as "content").

The integration always requires that the third-party providers of this content process the IP address of users, as without the IP address, they could not send the content to their browsers. The IP address is therefore necessary for the presentation of these content or functions. We strive to only use content whose respective providers use the IP address solely for delivering the content.

Third-party providers may also use so-called pixel tags (invisible graphics, also referred to as "web beacons") for statistical or marketing purposes. Through "pixel tags," information such as visitor traffic on the pages of this website can be evaluated. The pseudonymous information can also be stored in cookies on users' devices and may include technical information about the browser and operating system, referring websites, visit time, as well as other details regarding the use of our online offering, and may also be linked with such information from other sources.

Notes on Legal Bases: If we ask users for their consent to the use of third-party providers, the legal basis for data processing is consent. Otherwise, user data is processed based on our legitimate interests (i.e., an interest in efficient, economical, and user-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this privacy policy.

Algolia Places:

Integration of Third-Party Software, Scripts, or Frameworks (e.g., jQuery): We integrate software into our online offering that we retrieve from servers of other providers (e.g., function libraries that we use for the presentation or user-friendliness of our online offering). In this process, the respective providers collect the IP address of users and may process it for the purpose of transmitting the software to the users' browsers, as well as for security, evaluation, and optimization of their offering.

Facebook Plugins and Content: Together with Facebook Ireland Ltd., we are jointly responsible for the collection or receipt as part of a transmission (but not for further processing) of "Event Data" that Facebook collects through Facebook Social Plugins (and embedding functions for content) executed on our online platform or received as part of a transmission for the following purposes, jointly: a) Display of content and advertising information that corresponds to the presumed interests of users; b) Delivery of commercial and transaction-related messages (e.g., addressing users via Facebook Messenger); c) Improvement of ad delivery and personalization of features and content (e.g., improving the identification of content or advertising information that presumably corresponds to the interests of users). We have entered into a specific agreement with Facebook ("Controller Addendum," https://www.facebook.com/legal/controller_addendum), which regulates, in particular, the security measures that Facebook must observe (https://www.facebook.com/legal/terms/data_security_terms), and in which Facebook has agreed to fulfill the rights of data subjects (i.e., users can, for example, address inquiries or deletion requests directly to Facebook). Note: If Facebook provides us with metrics, analyses, and reports (which are aggregated, i.e., do not contain information about individual users and are anonymous to us), this processing does not take place within the framework of joint responsibility but based on a data processing agreement ("Data Processing Terms," https://www.facebook.com/legal/terms/dataprocessing), the "Data Security Terms" (https://www.facebook.com/legal/terms/data_security_terms), and with regard to processing in the USA, based on standard contractual clauses ("Facebook EU Data Transfer Addendum," https://www.facebook.com/legal/EU_data_transfer_addendum). The rights of users (especially regarding information, deletion, objection, and complaint to the competent supervisory authority) are not limited by the agreements with Facebook.

Google Custom Search:

Google Maps APIs und SDKs:

Imgur:

Instagram Plugins and Content: We, together with Facebook Ireland Ltd., are jointly responsible for the collection or receipt as part of a transmission (but not for further processing) of "Event Data" that Facebook collects through features of Instagram (e.g., embedding functions for content) that are executed on our online offering or received as part of a transmission for the following purposes: a) Display of content and advertising information that corresponds to the presumed interests of users; b) Delivery of commercial and transaction-related messages (e.g., addressing users via Facebook Messenger); c) Improvement of ad delivery and personalization of features and content (e.g., improving the identification of content or advertising information that presumably corresponds to the interests of users). We have entered into a specific agreement with Facebook ("Controller Addendum," https://www.facebook.com/legal/controller_addendum), which regulates in particular the security measures that Facebook must observe (https://www.facebook.com/legal/terms/data_security_terms), and in which Facebook has agreed to fulfill the rights of data subjects (i.e., users can, for example, address inquiries or deletion requests directly to Facebook). Note: If Facebook provides us with metrics, analyses, and reports (which are aggregated, i.e., do not contain information about individual users and are anonymous to us), this processing does not take place within the framework of joint responsibility but based on a data processing agreement ("Data Processing Terms," https://www.facebook.com/legal/terms/dataprocessing), the "Data Security Terms" (https://www.facebook.com/legal/terms/data_security_terms), and with regard to processing in the USA, based on standard contractual clauses ("Facebook EU Data Transfer Addendum," https://www.facebook.com/legal/EU_data_transfer_addendum). The rights of users (especially regarding information, deletion, objection, and complaint to the competent supervisory authority) are not limited by the agreements with Facebook.

OpenWeather:

pretix Booking Widget:

Reddit:

Rumble:

Snap Kit:

  • Processed data types: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), contact data (e.g. email, telephone numbers), content data (e.g. entries in online forms), event data (Facebook) ("event data" is data that can be transmitted by us to Facebook via Facebook pixels (via apps or other means), for example, and relates to individuals or their actions; the data includes, for example, information about visits to websites, interactions with content, installations of apps, purchases of products, etc.; the event data is processed for the purpose of creating target groups for content and advertising information, etc.; the event data is processed for the purpose of creating target groups for content and advertising information. For example, information about visits to websites, interactions with content, functions, app installations, product purchases, etc.; the event data is processed for the purpose of creating target groups for content and advertising information (custom audiences); event data does not include the actual content (such as comments written), no login information and no contact information (i.e. no names, email addresses and telephone numbers). Event data will be deleted by Facebook after a maximum of two years, the target groups formed from them with the deletion of our Facebook account), location data (information on the geographical position of a device or person), inventory data (e.g. names, addresses), payment data (e.g. bank details, invoices, payment history), contract data (e.g. subject matter of the contract, term, customer category).

  • Data subjects: Users (e.g. website visitors, users of online services), communication partners, customers.

  • Purposes of Processing: Provision of our online services and usability, Targeting (e.g. profiling based on interests and behavior, use of cookies), Feedback (e.g. collecting feedback via online form), Provision of contractual services and customer support, Contact requests and communication, Direct marketing (e.g. by e-mail or postal), Interest-based and behavioral marketing, Profiling (Creating user profiles), Registration procedures, Cross-Device Tracking (Device-independent processing of user data for marketing purposes) by e-mail or postal mail), Interest-based and behavioral marketing, Profiling (Creating user profiles), Registration process, Cross-device tracking (Device-independent processing of user data for marketing purposes), Web Analytics (e.g. access statistics, recognition of returning visitors), Security measures, Managing and responding to inquiries.

  • Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a. GDPR), Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR), Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR)

Services used and service providers:

  • AddThis: AddThis - functions for sharing content in social networks, AddThis uses the personal information of the users for the provision and execution of the sharing functions. In addition, AddThis may use pseudonymous user information for marketing purposes; Service provider: AddThis, 1595 Spring Hill Rd Suite 300 Vienna, VA 22182, USA; Website: https://www.addthis.com; Privacy Policy: https://www.addthis.com/privacy; Opt-Out: https://www.addthis.com/privacy/opt-out.

  • 1666622019.3302753 659804825.7304348 1548219217.7922912 1239633363.4552429 125427594.70339856 79383484.37791286 2869543098.187692 2417276682.054381 544517601.1931465 465782579.5518018 3374216559.818815 144780160.12330458 456765526.28644764 900935971.7586207 13995209.362660944 2197161432.537433 466165227.13846153 32311585.212376934 854851401.8871166 5145546873.340782

  • Facebook plugins and content: Facebook social plugins and content - This may include, for example, content such as images, videos or text and buttons with which users can share content from this online offering within Facebook. The list and appearance of Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins/; Service provider: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; Website: https://www.facebook.com; Privacy Policy: https://www.facebook.com/about/privacy; Opt-Out: Settings for advertisements: https://www.facebook.com/settings?tab=ads.

  • Font Awesome: Darstellung von Schriftarten und Symbolen; Dienstanbieter: Fonticons, Inc. ,6 Porter Road Apartment 3R, Cambridge, MA 02140, USA; Website: https://fontawesome.com/; Datenschutzerklärung: https://fontawesome.com/privacy.

  • Giphy: Eingebettete Plugins und -Inhalte - Hierzu können z.B. Inhalte wie Bilder, Videos oder Texte und Schaltflächen gehören; Dienstanbieter: Giphy, Inc., 416 West 13th Street, Suite 207 New York, NY 10014, USA; Website: https://giphy.com; Datenschutzerklärung: https://support.giphy.com/hc/en-us/articles/360032872931.

  • Google Fonts: We integrate the fonts ("Google Fonts") of the provider Google, whereby the user's data is used solely for the purpose of displaying the fonts in the user's browser. The integration is based on our legitimate interests in a technically secure, maintenance-free and efficient use of fonts, their uniform presentation and taking into account possible licensing restrictions for their integration. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://fonts.google.com/; Privacy Policy: https://policies.google.com/privacy.

  • 373626285.92248064 197516955.33953488 3799179030.068027 637551066.5938865 875783357.7738516 1019224224.3992395 166169173.52108434 1746160090.4392765 2264678981.9015746 962971757.3560371 256353647.24242425 1217696811.160296 3312632211.5470085 461472707.56474257 717212068.6783919 5461544824.085366 2032884684.8527608 375105709.42616034 3768345208.3333335 3208610894.6307693

  • Google Maps: Wir binden die Landkarten des Dienstes “Google Maps” des Anbieters Google ein. Zu den verarbeiteten Daten können insbesondere IP-Adressen und Standortdaten der Nutzer gehören, die jedoch nicht ohne deren Einwilligung (im Regelfall im Rahmen der Einstellungen ihrer Mobilgeräte vollzogen), erhoben werden; Dienstanbieter: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, Mutterunternehmen: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://cloud.google.com/maps-platform; Datenschutzerklärung: https://policies.google.com/privacy; Widerspruchsmöglichkeit (Opt-Out): Opt-Out-Plugin: https://tools.google.com/dlpage/gaoptout?hl=de, Einstellungen für die Darstellung von Werbeeinblendungen: https://adssettings.google.com/authenticated.

  • 1571396023.2793593 1890776242.9181142 15426628915.615385 138604609.32334048 390664220.8864388 717259307.7304236 1756649097.7580645 6249646656.038462 782960599.3693416 14783429573.416666 139375708.54939517 846790515.117647 796107698.0796915 420597884.10515875 1446789308.250368 47885607.13916256 6596663350.319445 791039439.342634 691625780.3035715 308035480.4760234

  • 401557766.6051502 143472807.23698193 236699737.58426967 2722351433.438914 575435124.9002169 917628792.2272727 466631460.2228654 3803156129.879699 310349147.7805343 199728560.82696176 973691245.0868421 1251916203.118971 483721138.75757575 1736665614.287411 3154522076.4712043 1010843488.9555556 660352438.0524535 929417864.5374732 832518041.9236947 1223234520.3181818

  • Content from Getty Images: Integration of Getty Images images; Service provider: Getty Images, Inc., 605 5th Avenue South, Suite 400, Seattle, Washington 98104, USA; Website: https://www.gettyimages.de; Privacy Policy: https://www.gettyimages.de/company/privacy-policy.

  • Instagram plugins and content: Instagram plugins and content - This may include, for example, content such as images, videos or text and buttons with which users can share content from this online service within Instagram. Service provider: https://www.instagram.com, Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA; Website: https://www.instagram.com; Privacy Policy: https://instagram.com/about/legal/privacy.

  • LinkedIn plugins and content: LinkedIn plugins and content- This may include, for example, content such as images, videos or text and buttons with which users can share content from this online offering within LinkedIn. Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Privacy Policy: https://www.linkedin.com/legal/privacy-policy; Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

  • MyFonts: Fonts; data processed as part of the font retrieval process the web font project identification number (anonymized), the URL of the licensed website linked to a customer number to identify the licensee and the licensed web fonts, and the referrer URL; the anonymized web font project identification number is stored in encrypted log files with such data for 30 days to determine the monthly number of page views; after such extraction and storage of the number of page views, the log files are deleted; Service provider: Monotype Imaging Holdings Inc, 600 Unicorn Park Drive, Woburn, Massachusetts 01801, USA; Website: https://www.myfonts.co; Privacy Policy: https://www.myfonts.com/info/legal/#Privacy.

  • OpenStreetMap: We integrate the maps of the "OpenStreetMap" service, which are offered on the basis of the Open Data Commons Open Database License (ODbL) by the OpenStreetMap Foundation (OSMF). The user data is used by OpenStreetMap exclusively for the purpose of displaying the map functions and for caching the selected settings. This data may include, in particular, users' IP addresses and location data, which are not collected without their consent (usually as part of the settings of their mobile devices). Service provider: OpenStreetMap Foundation (OSMF); Website: https://www.openstreetmap.de; Privacy Policy: https://wiki.openstreetmap.org/wiki/Privacy_Policy.

  • 983385583.4436401 984453709.035222 1373699866.2307692 845312394.6448829 7746428192.283464 891176022.4704403 62442168.842857145 1197494854.4800637 2751007549.647059 1396815808.7258065 57261319.989795916 584628122.6396588 708045372.024581 130731861.49053857 210167707.196195 1197731477.7713068 685492477.3703704 514824982.89228004 205051451.45360824 563647108.9474359

  • Pinterest plugins and content: Pinterest plugins and content - This may include, for example, content such as images, videos or text and buttons with which users can share content from this online offering within Pinterest. Service provider: Pinterest Inc, 635 High Street, Palo Alto, CA, 94301, USA; Website: https://www.pinterest.com; Privacy Policy: https://about.pinterest.com/de/privacy-policy.

  • 690828302.9817518 805386058.4961039 1072844781.8733975 2224333727.889423 1423955274.2834759 1171611481.318766 1971386816.684375 1709663246.5380118 297940078.7071651 242180203.5317919 767270547.1662163 78662350127.85715 435586423.97761196 43316342.53430657 3368410902.4653063 1830770751.3966005 667295388.4230236 1283858709.9149253 2032383615.893401 17964655.92583732

  • ReCaptcha: We integrate the "ReCaptcha" function to recognize bots, e.g. for entries in online forms. The user's behavioral data (e.g. mouse movements or queries) are evaluated in order to distinguish between humans and bots. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://www.google.com/recaptcha/; Privacy Policy: https://policies.google.com/privacy; Opt-Out: Opt-out plug-in: https://tools.google.com/dlpage/gaoptout?hl=de; Settings for the display of advertisements: https://adssettings.google.com/authenticated.

  • 2944598145.0676327 476900065.731569 399305357.49148935 2080768077.6453202 409115272.1169014 1469164599.7634783 16011135442.82353 551660589.2760736 2540004550.974138 555559331.9543307 1659049052.4429905 2263774800.090909 995970052.2050939 1079308152.7756097 8495215056.309859 24473437611.863636 381324875.7875 1244024457.03367 24768171.71870605 415427419.57543105

  • 469556195.7307692 1566080360.0253165 1400410593.586626 1183274210.3014607 4975805672.300752 680541086.0814558 985824627.3892276 1321173420.226601 19599946699.783783 1848645419.8380282 344050027.23138833 269740788.3745318 134439793.1851852 104472826.80576308 745006596.3877193 1443395865.2096386 1951980937.8322296 39838080.9367647 1292565205.12 1439925269.4780877

  • Shariff: We use the privacy-safe "Shariff" buttons. "Shariff" was developed to enable more privacy on the internet and to replace the usual "Share" buttons of social networks. Instead of the user's browser, the server on which this online offer is located establishes a connection with the server of the respective social media platforms and queries the number of likes, for example. The user remains anonymous. You can find more information about the Shariff project from the developers of c't magazine: https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html; Service provider: Heise Medien GmbH & Co. KG, Karl-Wiechert-Allee 10, 30625 Hannover, Germany; Website: https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html; Privacy Policy: https://www.heise.de/Datenschutzerklaerung-der-Heise-Medien-GmbH-Co-KG-4860.html.

  • SlideShare presentations: Integration of SlideShare presentations; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Privacy Policy: https://www.linkedin.com/legal/privacy-policy.

  • 1089807281.698347 138592007636 493607819.0294906 497025283.8476821 2379267326.7349396 969688319.6360153 1116786095.819802 1672733664.0352113 1677322457.024024 223289241.62281603 406902116.63733333 19008168489.258064 146191176.54535276 7426616439.856 3492313139.405128 5034080714.77193 11238617284.428572 1547894270.3950617 14333288.544416243 119423602.96078432

  • Soundcloud Music Player Widget: Soundcloud Music Player Widget; Service provider: SoundCloud Limited, Rheinsberger Str. 76/77, 10115 Berlin, Germany; Website: https://soundcloud.com; Privacy Policy: https://soundcloud.com/pages/privacy.

  • Spotify Music Player Widget: Spotify Music Player Widget; Service provider: Spotify AB, Regeringsgatan 19, SE-111 53 Stockholm, Sweden; Website: https://www.spotify.com/de; Privacy Policy: https://www.spotify.com/de/legal/privacy-policy/.

  • TikTok plugins and content: TikTok plugins and content - This may include, for example, content such as images, videos or text and buttons. Service provider: musical.ly Inc, 10351 Santa Monica Blvd #310, Los Angeles, CA 90025 USA; Website: https://www.tiktok.com; Privacy Policy: https://www.tiktok.com/de/privacy-policy.

  • Twitter plugins and content: Twitter plugins and buttons - This may include, for example, content such as images, videos or text and buttons with which users can share content from this online service within Twitter. Service provider: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland, parent company: Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA; Website: https://twitter.com/de; Privacy Policy: https://twitter.com/de/privacy.

  • Typekit fonts from Adobe: We integrate the fonts ("Typekit fonts") of the provider Adobe, whereby the user's data is used solely for the purpose of displaying the fonts in the user's browser. The integration is based on our legitimate interests in a technically secure, maintenance-free and efficient use of fonts, their uniform presentation and taking into account possible licensing restrictions for their integration. Service provider: Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland; Website: https://www.adobe.com/de; Privacy Policy: https://www.adobe.com/de/privacy.html.

  • YouTube videos: Video content; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://www.youtube.com; Privacy Policy: https://policies.google.com/privacy; Opt-Out: Opt-out plug-in: https://tools.google.com/dlpage/gaoptout?hl=de; Settings for the display of advertisements: https://adssettings.google.com/authenticated.

  • Xing plugins and buttons: Xing plugins and buttons - This may include, for example, content such as images, videos or text and buttons with which users can share content from this online service within Xing. Service provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; Website: https://www.xing.com; Privacy Policy: https://privacy.xing.com/de/datenschutzerklaerung.

  • Vimeo videos: Video content; Service provider: Vimeo Inc, Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA; Website: https://vimeo.com; Privacy Policy: https://vimeo.com/privacy; Opt-Out: We would like to point out that Vimeo may use Google Analytics and refer you to the privacy policy (https://policies.google.com/privacy) and the opt-out options for Google Analytics (https://tools.google.com/dlpage/gaoptout?hl=de) or Google's settings for the use of data for marketing purposes (https://adssettings.google.com/).

Deletion of data

The data processed by us will be deleted in accordance with the legal requirements as soon as the consent given for processing is revoked or other permissions no longer apply (e.g. if the purpose for processing this data no longer applies or it is not required for the purpose).

If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted to these purposes. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons or whose storage is necessary for the assertion, exercise or defense of legal claims or to protect the rights of another natural or legal person.

Further information on the deletion of personal data can also be found in the individual data protection notices of this privacy policy.

Changes and updates to the privacy policy

We ask you to inform yourself regularly about the content of our privacy policy. We will amend the privacy policy as soon as changes to the data processing we carry out make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g. consent) or other individual notification.

If we provide addresses and contact information of companies and organizations in this privacy policy, please note that the addresses may change over time and please check the information before contacting us.

Rights of the data subjects

As a data subject, you have various rights under the GDPR, which arise in particular from Art. 15 to 21 GDPR:

  • Right to object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions. If the personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

  • Right to withdraw consent: You have the right to withdraw your consent at any time.

  • Right of access: You have the right to obtain confirmation as to whether or not personal data concerning you is being processed and access to this data as well as further information and a copy of the data in accordance with the legal requirements.

  • Right to rectification: You have the right to request the completion of data concerning you or the rectification of inaccurate data concerning you in accordance with the legal requirements.

  • Right to erasure and restriction of processing: In accordance with the legal requirements, you have the right to demand that data concerning you be erased immediately or, alternatively, to demand that the processing of the data be restricted in accordance with the legal requirements.

  • Right to data portability: You have the right to receive the data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format in accordance with the legal requirements or to request its transmission to another controller.

  • Complaint to the supervisory authority: You also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

Definitions of terms

This section provides you with an overview of the terms used in this privacy policy. Many of the terms are taken from the law and are defined above all in Art. 4 GDPR. The legal definitions are binding. The following explanations, on the other hand, are primarily intended to aid understanding. The terms are listed in alphabetical order.

  • Affiliate tracking: As part of affiliate tracking, links that the linking websites use to refer users to websites with product or other offers are logged. The operators of the respective linking websites can receive a commission if users follow these so-called affiliate links and subsequently take advantage of the offers (e.g. buy goods or use services). For this purpose, it is necessary for the providers to be able to track whether users who are interested in certain offers subsequently take advantage of them at the instigation of the affiliate links. It is therefore necessary for the functionality of affiliate links that they are supplemented by certain values that become part of the link or are otherwise stored, e.g. in a cookie. The values include, in particular, the source website (referrer), the time, an online identifier of the operator of the website on which the affiliate link was located, an online identifier of the respective offer, an online identifier of the user as well as tracking-specific values, such as advertising material ID, partner ID and categorizations

  • Cross-device tracking: Cross-device tracking is a form of tracking in which user behavior and interest information is recorded across devices in so-called profiles by assigning users an online identifier. This allows user information to be analyzed for marketing purposes, regardless of the browsers or devices used (e.g. cell phones or desktop computers). For most providers, the online identifier is not linked to clear data such as names, postal addresses or email addresses.

  • Interest-based and behavioral marketing: Interest-based and/or behavioral marketing is when users' potential interests in ads and other content are predetermined as precisely as possible. This is done on the basis of information about their previous behavior (e.g. visiting certain websites and spending time on them, purchasing behavior or interaction with other users), which is stored in a so-called profile. Cookies are generally used for these purposes.

  • Personal data: "Personal data" means any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. a cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

  • Profiling: "Profiling" means any form of automated processing of personal data consisting of the use of personal data to analyze, evaluate or predict certain personal aspects relating to a natural person (depending on the type of profiling, this includes information relating to age, gender, location data and movement data, interaction with websites and their content, shopping behavior, social interactions with other people) (e.g. interests in certain content or products, click behavior on a website or location). Cookies and web beacons are often used for profiling purposes.

  • Reach measurement: Reach measurement (also known as web analytics) is used to evaluate the flow of visitors to an online offering and can include the behavior or interests of visitors in certain information, such as website content. With the help of reach analysis, website owners can, for example, recognize at what time visitors visit their website and what content they are interested in. This allows them to better adapt the content of the website to the needs of their visitors, for example. For the purposes of reach analysis, pseudonymous cookies and web beacons are often used to recognize returning visitors and thus obtain more precise analyses of the use of an online offer.

  • Remarketing: The term "remarketing" or "retargeting" is used when, for example, it is noted for advertising purposes which products a user was interested in on a website in order to remind the user of these products on other websites, e.g. in advertisements.

  • Location data: Location data is generated when a mobile device (or another device with the technical requirements for location determination) connects to a radio cell, a WLAN or similar technical means and functions of location determination. Location data is used to indicate the geographically determinable position on earth at which the respective device is located. Location data can be used, for example, to display map functions or other location-dependent information.

  • Tracking: The term "tracking" is used when the behavior of users can be traced across several online offers. As a rule, behavioral and interest information is stored in cookies or on the servers of the providers of the tracking technologies with regard to the online offers used (so-called profiling). This information can then be used, for example, to display advertisements to users that are likely to correspond to their interests.

  • Controller: "Controller" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

  • Processing: "Processing" means any operation or set of operations which is performed on personal data, whether or not by automated means. The term is broad and covers practically every handling of data, be it collection, analysis, storage, transmission or deletion.