Pri­vacy policy
This data pro­tec­tion decla­ra­tion informs you about the nature, scope and pur­pose of the pro­ces­sing of per­so­nal data ( in the fol­lo­wing refer­red to as “data”) within our online offer and the web­sites, func­tions and con­tent con­nec­ted with it as well as exter­nal online pre­sen­ces, such as our social media pro­files (in the fol­lo­wing jointly refer­red to as “online offer”). With regard to the terms used, such as “pro­ces­sing” or “con­trol­ler”, we refer to the defi­ni­ti­ons in Article 4 of the Gene­ral Data Pro­tec­tion Regu­la­tion (GDPR).
Responsible
MAAS+ROOS Signage GmbH
An der Auto­bahn N 3–9
91161 Hilpoltstein
Germany
e‑mail address: info@maasroos.com

Chief Exe­cu­tive Officer:
Alex­an­der von der Grün, Sebas­tian Gemählich

Link to the imprint:

TYPES OF DATA PROCESSED:

– Inven­tory data (e.g., names, addresses).
– Cont­act data (e.g., email, phone numbers).
– Con­tent data (e.g., text input, pho­to­graphs, videos).
– web pages visi­ted, inte­rest in con­tent, access times).
– Meta/communication data (e.g., device infor­ma­tion, IP addresses).

CATE­GO­RIES OF AFFEC­TED PERSONS

Visi­tors and users of the online offer (her­ein­af­ter we also refer to the data sub­jects coll­ec­tively as “users”).

PUR­POSE OF PROCESSING

– Pro­vi­sion of the online offer, its func­tions and contents.
– Ans­we­ring cont­act requests and com­mu­ni­ca­tion with users.
– Secu­rity measures.
– Reach measurement/marketing

TERMS USED

“Per­so­nal data” means any infor­ma­tion rela­ting to an iden­ti­fied or iden­ti­fia­ble natu­ral per­son (in the fol­lo­wing “data sub­ject”); an iden­ti­fia­ble natu­ral per­son is one who can be iden­ti­fied, directly or indi­rectly, in par­ti­cu­lar by refe­rence to an iden­ti­fier such as a name, an iden­ti­fi­ca­tion num­ber, loca­tion data, an online iden­ti­fier (e.g. coo­kie) or to one or more fac­tors spe­ci­fic to the phy­si­cal, phy­sio­lo­gi­cal, gene­tic, men­tal, eco­no­mic, cul­tu­ral or social iden­tity of that natu­ral person.

“Pro­ces­sing” means any ope­ra­tion or set of ope­ra­ti­ons which is per­for­med upon per­so­nal data, whe­ther or not by auto­ma­tic means. The term is broad and includes vir­tually any hand­ling of data.

“Pseud­ony­miza­tion” means the pro­ces­sing of per­so­nal data in such a way that the per­so­nal data can no lon­ger be attri­bu­ted to a spe­ci­fic data sub­ject wit­hout the use of addi­tio­nal infor­ma­tion, pro­vi­ded that such addi­tio­nal infor­ma­tion is kept sepa­ra­tely and is sub­ject to tech­ni­cal and orga­niza­tio­nal mea­su­res which ensure that the per­so­nal data are not attri­bu­ted to an iden­ti­fied or iden­ti­fia­ble natu­ral person.

“Pro­fil­ing” means any auto­ma­ted pro­ces­sing of per­so­nal data which con­sists in using such per­so­nal data to eva­luate cer­tain per­so­nal aspects rela­ting to a natu­ral per­son, in par­ti­cu­lar to ana­lyze or pre­dict aspects rela­ting to that natu­ral person’s per­for­mance at work, eco­no­mic situa­tion, health, per­so­nal pre­fe­ren­ces, inte­rests, relia­bi­lity, beha­vior, loca­tion or change of location.

“Con­trol­ler” means the natu­ral or legal per­son, public aut­ho­rity, agency or other body which alone or jointly with others deter­mi­nes the pur­po­ses and means of the pro­ces­sing of per­so­nal data.

“Pro­ces­sor” means a natu­ral or legal per­son, public aut­ho­rity, agency or other body which pro­ces­ses per­so­nal data on behalf of the Controller.

RELE­VANT LEGAL BASES

In accordance with Art. 13 GDPR, we inform you about the legal basis of our data pro­ces­sing. If the legal basis is not men­tio­ned in the pri­vacy policy, the fol­lo­wing applies: The legal basis for obtai­ning con­sent is Art. 6(1)(a) and Art. 7 GDPR, the legal basis for pro­ces­sing to ful­fill our ser­vices and carry out con­trac­tual mea­su­res and respond to inqui­ries is Art. 6(1)(b) GDPR, the legal basis for pro­ces­sing to ful­fill our legal obli­ga­ti­ons is Art. 6(1)© GDPR, and the legal basis for pro­ces­sing to pro­tect our legi­ti­mate inte­rests is Art. 6(1)(f) GDPR. In the event that vital inte­rests of the data sub­ject or ano­ther natu­ral per­son make pro­ces­sing of per­so­nal data neces­sary, Art. 6 (1) lit. d GDPR ser­ves as the legal basis.

SAFETY MEA­SU­RES

We take appro­priate tech­ni­cal and orga­niza­tio­nal mea­su­res to ensure a level of pro­tec­tion appro­priate to the risk in accordance with Article 32 of the GDPR, taking into account the state of the art, the costs of imple­men­ta­tion and the nature, scope, cir­cum­s­tances and pur­po­ses of the pro­ces­sing, as well as the vary­ing likeli­hood and seve­rity of the risk to the rights and free­doms of natu­ral persons.

The mea­su­res include, in par­ti­cu­lar, safe­guar­ding the con­fi­den­tia­lity, inte­grity and avai­la­bi­lity of data by con­trol­ling phy­si­cal access to the data, as well as the access, input, trans­fer, safe­guar­ding of avai­la­bi­lity and its sepa­ra­tion. Fur­ther­more, we have estab­lished pro­ce­du­res to ensure the exer­cise of data sub­jects’ rights, dele­tion of data, and response to data com­pro­mise. Fur­ther­more, we alre­ady take the pro­tec­tion of per­so­nal data into account during the deve­lo­p­ment and sel­ec­tion of hard­ware, soft­ware and pro­ces­ses, in accordance with the prin­ci­ple of data pro­tec­tion through tech­no­logy design and through data pro­tec­tion-fri­endly default set­tings (Article 25 of the GDPR).

COOPE­RA­TION WITH CON­TRACT PRO­CES­SORS AND THIRD PARTIES

If, in the course of our pro­ces­sing, we dis­c­lose data to other per­sons and com­pa­nies (order pro­ces­sors or third par­ties), trans­mit it to them or other­wise grant them access to the data, this will only be done on the basis of a legal per­mis­sion (e.g. if a trans­mis­sion of the data to third par­ties, such as pay­ment ser­vice pro­vi­ders, is requi­red for the per­for­mance of the con­tract pur­su­ant to Art. 6 (1) lit. b GDPR), you have con­sen­ted, a legal obli­ga­tion pro­vi­des for this or on the basis of our legi­ti­mate inte­rests (e.g. when using agents, web hosts, etc.).

If we com­mis­sion third par­ties with the pro­ces­sing of data on the basis of a so-cal­led “order pro­ces­sing agree­ment”, this is done on the basis of Art. 28 GDPR.

TRANS­FERS TO THIRD COUNTRIES

If we pro­cess data in a third coun­try (i.e. out­side the Euro­pean Union (EU) or the Euro­pean Eco­no­mic Area (EEA)) or if this is done in the con­text of using third-party ser­vices or dis­clo­sing or trans­fer­ring data to third par­ties, this is only done if it is done to ful­fill our (pre-)contractual obli­ga­ti­ons, on the basis of your con­sent, due to a legal obli­ga­tion or on the basis of our legi­ti­mate inte­rests. Sub­ject to legal or con­trac­tual per­mis­si­ons, we pro­cess or allow the pro­ces­sing of data in a third coun­try only if the spe­cial requi­re­ments of Art. 44 et seq. GDPR are met. This means that the pro­ces­sing is car­ried out, for exam­ple, on the basis of spe­cial gua­ran­tees, such as the offi­ci­ally reco­gni­zed deter­mi­na­tion of a level of data pro­tec­tion that cor­re­sponds to the EU (e.g. for the USA by the “Pri­vacy Shield”) or com­pli­ance with offi­ci­ally reco­gni­zed spe­cial con­trac­tual obli­ga­ti­ons (so-cal­led “stan­dard con­trac­tual clauses”).

RIGHTS OF THE PER­SONS CONCERNED

You have the right to request con­fir­ma­tion as to whe­ther data in ques­tion is being pro­ces­sed and to infor­ma­tion about this data, as well as fur­ther infor­ma­tion and a copy of the data in accordance with Art. 15 of the GDPR.

You have accor­ding to. Art. 16 GDPR the right to request the com­ple­tion of the data con­cer­ning you or the cor­rec­tion of incor­rect data con­cer­ning you.

You have the right, in accordance with Art. 17 GDPR, to request that data con­cer­ning you be dele­ted wit­hout delay, or alter­na­tively, in accordance with Art. 18 GDPR, to request rest­ric­tion of the pro­ces­sing of the data.

You have the right to request that the data con­cer­ning you that you have pro­vi­ded to us be recei­ved in accordance with Art. 20 GDPR and to request that it be trans­fer­red to other data controllers.

You also have the right to lodge a com­plaint with the com­pe­tent super­vi­sory aut­ho­rity pur­su­ant to Art. 77 GDPR.

RIGHT OF REVOCATION

You have the right to revoke given cons­ents accor­ding to Art. 7 para. 3 GDPR with effect for the future

RIGHT OF OBJECTION

You may object to the future pro­ces­sing of data rela­ting to you in accordance with Art. 21 GDPR at any time. The objec­tion can be made in par­ti­cu­lar against the pro­ces­sing for pur­po­ses of direct marketing.

COO­KIES AND RIGHT TO OBJECT TO DIRECT ADVERTISING

Coo­kies” are small files that are stored on users’ com­pu­ters. Dif­fe­rent infor­ma­tion can be stored within the coo­kies. A coo­kie is pri­ma­rily used to store infor­ma­tion about a user (or the device on which the coo­kie is stored) during or after his visit to an online offer. Tem­po­rary coo­kies, or “ses­sion coo­kies” or “tran­si­ent coo­kies”, are coo­kies that are dele­ted after a user lea­ves an online offer and clo­ses his brow­ser. Such a coo­kie may store, for exam­ple, the con­tents of a shop­ping cart in an online store or a login sta­tus. Coo­kies that remain stored even after the brow­ser is clo­sed are refer­red to as “per­ma­nent” or “per­sis­tent”. For exam­ple, the login sta­tus can be stored if users visit them after seve­ral days. Like­wise, the inte­rests of users can be stored in such a coo­kie, which is used for range mea­su­re­ment or mar­ke­ting pur­po­ses. Third-party coo­kies” are coo­kies that are offe­red by pro­vi­ders other than the respon­si­ble party that ope­ra­tes the online offer (other­wise, if they are only its coo­kies, they are refer­red to as “first-party cookies”).

We may use tem­po­rary and per­ma­nent coo­kies and pro­vide infor­ma­tion about this in our pri­vacy policy.

If users do not want coo­kies to be stored on their com­pu­ter, they are asked to deac­ti­vate the cor­re­spon­ding option in the sys­tem set­tings of their brow­ser. Stored coo­kies can be dele­ted in the sys­tem set­tings of the brow­ser. The exclu­sion of coo­kies can lead to func­tional rest­ric­tions of this online offer.

A gene­ral objec­tion to the use of coo­kies used for online mar­ke­ting pur­po­ses can be declared for a large num­ber of the ser­vices, espe­ci­ally in the case of track­ing, via the U.S. site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. Fur­ther­more, the sto­rage of coo­kies can be achie­ved by dis­ab­ling them in the brow­ser set­tings. Please note that in this case not all func­tions of this online offer can be used.

DATA DELE­TION

The data pro­ces­sed by us will be dele­ted or rest­ric­ted in its pro­ces­sing in accordance with Artic­les 17 and 18 GDPR. Unless expressly sta­ted within the scope of this data pro­tec­tion decla­ra­tion, the data stored by us will be dele­ted as soon as it is no lon­ger requi­red for its inten­ded pur­pose and the dele­tion does not con­flict with any sta­tu­tory reten­tion obli­ga­ti­ons. If the data is not dele­ted because it is requi­red for other and legally per­mis­si­ble pur­po­ses, its pro­ces­sing will be rest­ric­ted. I.e. the data is blo­cked and not pro­ces­sed for other pur­po­ses. This applies, for exam­ple, to data that must be retai­ned for reasons of com­mer­cial or tax law.

Accor­ding to legal requi­re­ments in Ger­many, the sto­rage takes place in par­ti­cu­lar for 10 years in accordance with §§ 147 Abs. 1 AO, 257 Abs. 1 No. 1 and 4, Abs. 4 Ger­man Com­mer­cial Code (HGB) (books, records, manage­ment reports, accoun­ting vou­ch­ers, com­mer­cial books, for taxa­tion rele­vant docu­ments, etc.) and 6 years in accordance with § 257 Abs. 1 No. 2 and 3, Abs. 4 HGB (com­mer­cial letters).

Accor­ding to legal requi­re­ments in Aus­tria, sto­rage is car­ried out in par­ti­cu­lar for 7 years in accordance with § 132 (1) BAO (accoun­ting records, vouchers/invoices, accounts, receipts, busi­ness papers, state­ment of income and expen­ses, etc.), for 22 years in con­nec­tion with real estate and for 10 years for docu­ments in con­nec­tion with elec­tro­ni­cally pro­vi­ded ser­vices, tele­com­mu­ni­ca­ti­ons, radio and tele­vi­sion ser­vices pro­vi­ded to non-entre­pre­neurs in EU mem­ber sta­tes and for which the Mini-One-Stop-Shop (MOSS) is used.

AGENCY SER­VICES

We pro­cess our cus­to­mers’ data as part of our con­trac­tual ser­vices which include con­cep­tual and stra­te­gic con­sul­ting, cam­paign plan­ning, soft­ware and design development/consulting or main­ten­ance, imple­men­ta­tion of cam­paigns and processes/handling, ser­ver admi­nis­tra­tion, data analysis/consulting ser­vices and trai­ning services.

In doing so, we pro­cess inven­tory data (e.g., cus­to­mer mas­ter data, such as names or addres­ses), cont­act data (e.g., e‑mail, tele­phone num­bers), con­tent data (e.g., text ent­ries, pho­to­graphs, videos), con­tract data (e.g., sub­ject mat­ter of con­tract, term), pay­ment data (e.g., bank details, pay­ment history), usage data and meta­data (e.g., in the con­text of eva­lua­ting and mea­su­ring the suc­cess of mar­ke­ting mea­su­res). As a mat­ter of prin­ci­ple, we do not pro­cess spe­cial cate­go­ries of per­so­nal data, unless these are com­pon­ents of com­mis­sio­ned pro­ces­sing. Data sub­jects include our cus­to­mers, pro­s­pec­tive cus­to­mers as well as their cus­to­mers, users, web­site visi­tors or employees as well as third par­ties. The pur­pose of the pro­ces­sing is the pro­vi­sion of con­trac­tual ser­vices, bil­ling and our cus­to­mer ser­vice. The legal basis for the pro­ces­sing results from Art. 6 para. 1 lit. b GDPR (con­trac­tual ser­vices), Art. 6 para. 1 lit. f GDPR (ana­ly­sis, sta­tis­tics, opti­miza­tion, secu­rity mea­su­res). We pro­cess data that are neces­sary for the jus­ti­fi­ca­tion and ful­fill­ment of the con­trac­tual ser­vices and point out the neces­sity of their indi­ca­tion. Dis­clo­sure to exter­nal par­ties only takes place if it is neces­sary in the con­text of an order. When pro­ces­sing the data pro­vi­ded to us as part of an order, we act in accordance with the ins­truc­tions of the cli­ent as well as the legal requi­re­ments of a com­mis­sio­ned pro­ces­sing pur­su­ant to Art. 28 GDPR and do not pro­cess the data for any other pur­po­ses than those spe­ci­fied in the order.

We delete the data after the expiry of sta­tu­tory war­ranty and com­pa­ra­ble obli­ga­ti­ons. The neces­sity of sto­ring the data is reviewed every three years; in the case of sta­tu­tory archi­ving obli­ga­ti­ons, dele­tion takes place after their expiry (6 years, in accordance with § 257 para. 1 HGB, 10 years, in accordance with § 147 para. 1 AO). In the case of data dis­c­lo­sed to us by the cli­ent as part of an order, we delete the data in accordance with the spe­ci­fi­ca­ti­ons of the order, gene­rally after the end of the order.

ADMI­NIS­TRA­TION, FINAN­CIAL ACCOUN­TING, OFFICE ORGA­NIZA­TION, CONT­ACT MANAGEMENT

We pro­cess data in the con­text of admi­nis­tra­tive tasks as well as orga­niza­tion of our ope­ra­ti­ons, finan­cial accoun­ting and com­pli­ance with legal obli­ga­ti­ons, such as archi­ving. In this con­text, we pro­cess the same data that we pro­cess in the course of pro­vi­ding our con­trac­tual ser­vices. The pro­ces­sing bases are Art. 6 para. 1 lit. c. GDPR, Art. 6 para. 1 lit. f. GDPR. Cus­to­mers, inte­res­ted par­ties, busi­ness part­ners and web­site visi­tors are affec­ted by the pro­ces­sing. The pur­pose and our inte­rest in the pro­ces­sing lies in the admi­nis­tra­tion, finan­cial accoun­ting, office orga­niza­tion, archi­ving of data, i.e. tasks that serve the main­ten­ance of our busi­ness acti­vi­ties, per­for­mance of our tasks and pro­vi­sion of our ser­vices. The dele­tion of data with regard to con­trac­tual ser­vices and con­trac­tual com­mu­ni­ca­tion cor­re­sponds to the infor­ma­tion men­tio­ned in these pro­ces­sing activities.

In this con­text, we dis­c­lose or trans­mit data to the tax aut­ho­ri­ties, con­sul­tants, such as tax advi­sors or audi­tors, as well as other fee offices and pay­ment ser­vice providers.

Fur­ther­more, based on our busi­ness inte­rests, we store infor­ma­tion about sup­pli­ers, orga­ni­zers and other busi­ness part­ners, e.g. for the pur­pose of later cont­act. This data, most of which is com­pany-rela­ted, is gene­rally stored permanently.

BUSI­NESS ANA­LY­SIS AND MAR­KET RESEARCH

In order to ope­rate our busi­ness eco­no­mic­ally and to be able to iden­tify mar­ket trends and the wis­hes of con­trac­tual part­ners and users, we ana­lyze the data we have on busi­ness tran­sac­tions, con­tracts, inqui­ries, etc.. In doing so, we pro­cess inven­tory data, com­mu­ni­ca­tion data, con­tract data, pay­ment data, usage data, meta­data on the basis of Art. 6 para. 1 lit. f. GDPR, wher­eby the data sub­jects include con­trac­tual part­ners, inte­res­ted par­ties, cus­to­mers, visi­tors and users of our online offer.

The ana­ly­ses are car­ried out for the pur­pose of busi­ness eva­lua­tions, mar­ke­ting and mar­ket rese­arch. In doing so, we may take into account the pro­files of regis­tered users with details, for exam­ple, of the ser­vices they have used. The ana­ly­ses serve us to increase the user-fri­end­li­ness, the opti­miza­tion of our offer and the busi­ness manage­ment. The ana­ly­ses serve us alone and are not dis­c­lo­sed extern­ally, unless they are anony­mous ana­ly­ses with aggre­ga­ted values.

If these ana­ly­ses or pro­files are per­so­nal, they will be dele­ted or anony­mi­zed upon ter­mi­na­tion by the user, other­wise after two years from the con­clu­sion of the con­tract. Other­wise, the macroe­co­no­mic ana­ly­ses and gene­ral ten­dency deter­mi­na­ti­ons are crea­ted anony­mously, if possible.

DATA PRO­TEC­TION INFOR­MA­TION IN THE APPLI­CA­TION PROCESS

We pro­cess the appli­cant data only for the pur­pose and within the scope of the appli­ca­tion pro­ce­dure in accordance with the legal requi­re­ments. The appli­cant data is pro­ces­sed to ful­fill our (pre)contractual obli­ga­ti­ons within the scope of the appli­ca­tion pro­ce­dure in accordance with Art. 6 para. 1 lit. b. GDPR Art. 6 para. 1 lit. f. GDPR inso­far as the data pro­ces­sing beco­mes neces­sary for us, e.g. within the scope of legal pro­ce­du­res (in Ger­many, § 26 BDSG also applies).

The appli­ca­tion pro­cess requi­res appli­cants to pro­vide us with appli­cant data. The neces­sary appli­cant data are marked if we offer an online form, other­wise result from the job descrip­ti­ons and basi­cally include the per­so­nal details, pos­tal and cont­act addres­ses and the docu­ments belon­ging to the appli­ca­tion, such as cover let­ter, resume and the cer­ti­fi­ca­tes. In addi­tion, appli­cants can vol­un­t­a­rily pro­vide us with addi­tio­nal information.

By sub­mit­ting the appli­ca­tion to us, appli­cants con­sent to the pro­ces­sing of their data for the pur­po­ses of the appli­ca­tion pro­cess in accordance with the nature and scope set out in this pri­vacy policy.

As far as spe­cial cate­go­ries of per­so­nal data within the mea­ning of Art. 9 (1) GDPR are vol­un­t­a­rily com­mu­ni­ca­ted within the scope of the appli­ca­tion pro­ce­dure, their pro­ces­sing shall addi­tio­nally be car­ried out in accordance with Art. 9 (2) lit. b GDPR (e.g. health data, such as sever­ely dis­ab­led sta­tus or eth­nic ori­gin). Inso­far as spe­cial cate­go­ries of per­so­nal data within the mea­ning of Art. 9 (1) GDPR are reques­ted from appli­cants as part of the appli­ca­tion pro­cess, their pro­ces­sing is addi­tio­nally car­ried out in accordance with Art. 9 (2) a GDPR (e.g. health data, if this is neces­sary for the exer­cise of the profession).

If pro­vi­ded, appli­cants can sub­mit their appli­ca­ti­ons to us using an online form on our web­site. The data is trans­mit­ted to us in encrypted form in accordance with the state of the art.
Appli­cants can also send us their appli­ca­ti­ons by e‑mail. Please note, howe­ver, that e‑mails are gene­rally not sent in encrypted form and appli­cants must ensure that they are encrypted them­sel­ves. We can­not the­r­e­fore accept any respon­si­bi­lity for the trans­mis­sion path of the appli­ca­tion bet­ween the sen­der and receipt on our ser­ver and the­r­e­fore recom­mend rather using an online form or sen­ding by post. Because ins­tead of app­ly­ing via the online form and e‑mail, appli­cants still have the option of sen­ding us the appli­ca­tion by post.

The data pro­vi­ded by appli­cants may be pro­ces­sed by us for the pur­po­ses of the employ­ment rela­ti­onship in the event of a suc­cessful appli­ca­tion. Other­wise, if the appli­ca­tion for a job offer is not suc­cessful, the appli­cants’ data will be dele­ted. Appli­cants’ data will also be dele­ted if an appli­ca­tion is with­drawn, which appli­cants are entit­led to do at any time.

Sub­ject to a jus­ti­fied revo­ca­tion by the appli­cant, the data will be dele­ted after a period of six months so that we can ans­wer any fol­low-up ques­ti­ons about the appli­ca­tion and meet our obli­ga­ti­ons to pro­vide evi­dence under the Equal Tre­at­ment Act. Invoices for any reim­bur­se­ment of tra­vel expen­ses will be archi­ved in accordance with tax law requirements.

CONT­ACT

When cont­ac­ting us (e.g. by cont­act form, e‑mail, tele­phone or via social media), the user’s data will be used to pro­cess the cont­act request and its sett­le­ment pur­su­ant to Art. 6 para. 1 lit. b. (in the con­text of con­trac­tual/pre-con­trac­tual rela­ti­ons), Art. 6 para. 1 lit. f. (other requests) GDPR pro­ces­sed… The user’s details may be stored in a cus­to­mer rela­ti­onship manage­ment sys­tem (“CRM sys­tem”) or com­pa­ra­ble inquiry organization.

We delete the requests if they are no lon­ger neces­sary. We review the neces­sity every two years; Fur­ther­more, the legal archi­ving obli­ga­ti­ons apply.

HOS­TING AND E‑MAILING

The hos­ting ser­vices used by us serve to pro­vide the fol­lo­wing ser­vices: Infra­struc­ture and plat­form ser­vices, com­pu­ting capa­city, sto­rage space and data­base ser­vices, e‑mail dis­patch, secu­rity ser­vices and tech­ni­cal main­ten­ance ser­vices, which we use for the pur­pose of ope­ra­ting this online offering.

In doing so, we, or our hos­ting pro­vi­der, pro­cess inven­tory data, cont­act data, con­tent data, con­tract data, usage data, meta data and com­mu­ni­ca­tion data of cus­to­mers, inte­res­ted par­ties and visi­tors of this online offer on the basis of our legi­ti­mate inte­rests in an effi­ci­ent and secure pro­vi­sion of this online offer pur­su­ant to Art. 6 (1) lit. f GDPR in con­junc­tion with Art. 28 GDPR. Art. 28 DSGVO (con­clu­sion of order pro­ces­sing contract).

COLL­EC­TION OF ACCESS DATA AND LOG FILES
We, or rather our hos­ting pro­vi­der, coll­ects on the basis of our legi­ti­mate inte­rests within the mea­ning of Art. 6 para. 1 lit. f. GDPR data about each access to the ser­ver on which this ser­vice is loca­ted (so-cal­led ser­ver log files). The access data includes the name of the web­site acces­sed, file, date and time of access, amount of data trans­fer­red, noti­fi­ca­tion of suc­cessful access, brow­ser type and ver­sion, the user’s ope­ra­ting sys­tem, refer­rer URL (the pre­viously visi­ted page), IP address and the reques­t­ing provider.

Log file infor­ma­tion is stored for secu­rity reasons (e.g. for the cla­ri­fi­ca­tion of abuse or fraud) for a maxi­mum of 7 days and then dele­ted. Data whose fur­ther sto­rage is requi­red for evi­den­tiary pur­po­ses is excluded from dele­tion until the final cla­ri­fi­ca­tion of the respec­tive incident.

JET­PACK (WORD­PRESS STATS)

We use the plugin Jet­pack (here the sub-func­tion “Word­press Stats”) on the basis of our legi­ti­mate inte­rests (i.e. inte­rest in the ana­ly­sis, opti­miza­tion and eco­no­mic ope­ra­tion of our online offer within the mea­ning of Art. 6 para. 1 lit. f. GDPR). DSGVO) the plugin Jet­pack (here the sub-func­tion “Word­press Stats”), which embeds a tool for sta­tis­ti­cal ana­ly­sis of visi­tor traf­fic and is pro­vi­ded by Auto­mat­tic Inc., 60 29th Street #343, San Fran­cisco, CA 94110, USA. Jet­pack uses “coo­kies”, which are text files pla­ced on your com­pu­ter, to help the web­site ana­lyze how users use the site.

The infor­ma­tion gene­ra­ted by the coo­kie about your use of this web­site is stored on a ser­ver in the USA. In the pro­cess, user pro­files can be crea­ted from the pro­ces­sed data, alt­hough these are only used for ana­ly­sis pur­po­ses and not for adver­ti­sing pur­po­ses. For more infor­ma­tion, please refer to the pri­vacy state­ments of Auto­mat­tic: https://automattic.com/privacy/ and notes on Jet­pack coo­kies: https://jetpack.com/support/cookies/.

ONLINE PRE­SEN­CES IN SOCIAL MEDIA

We main­tain online pre­sen­ces within social net­works and plat­forms in order to be able to com­mu­ni­cate with the cus­to­mers, inte­res­ted par­ties and users active there and to inform them about our ser­vices there.

We would like to point out that user data may be pro­ces­sed out­side the Euro­pean Union. This may result in risks for users because, for exam­ple, it could make it more dif­fi­cult to enforce users’ rights. With regard to U.S. pro­vi­ders that are cer­ti­fied under the Pri­vacy Shield, we point out that they ther­eby com­mit them­sel­ves to com­ply with the data pro­tec­tion stan­dards of the EU.

Fur­ther­more, user data is usually pro­ces­sed for mar­ket rese­arch and adver­ti­sing pur­po­ses. For exam­ple, usage pro­files can be crea­ted from the usage beha­vior and resul­ting inte­rests of the users. The usage pro­files can in turn be used, for exam­ple, to place adver­ti­se­ments within and out­side the plat­forms that pre­su­ma­bly cor­re­spond to the inte­rests of the users. For these pur­po­ses, coo­kies are usually stored on the users’ com­pu­ters, in which the usage beha­vior and inte­rests of the users are stored. Fur­ther­more, data may also be stored in the usage pro­files regard­less of the devices used by the users (espe­ci­ally if the users are mem­bers of the respec­tive plat­forms and are log­ged in to them).

The pro­ces­sing of users’ per­so­nal data is based on our legi­ti­mate inte­rests in pro­vi­ding users with effec­tive infor­ma­tion and com­mu­ni­ca­tion with users pur­su­ant to Art. 6 para. 1 lit. f. GDPR. If users are asked by the respec­tive pro­vi­ders for con­sent to data pro­ces­sing (i.e. declare their con­sent, e.g. by ticking a check­box or con­fir­ming a but­ton), the legal basis for pro­ces­sing is Art. 6 (1) lit. a., Art. 7 GDPR.

For a detailed descrip­tion of the respec­tive pro­ces­sing and the opt-out opti­ons, please refer to the infor­ma­tion of the pro­vi­ders lin­ked below.

Also in the case of requests for infor­ma­tion and the asser­tion of user rights, we point out that these can be asser­ted most effec­tively with the pro­vi­ders. Only the pro­vi­ders have access to the users’ data and can take appro­priate mea­su­res and pro­vide infor­ma­tion directly. If you still need help, you can cont­act us.

– Face­book (Face­book Ire­land Ltd., 4 Grand Canal Square, Grand Canal Har­bour, Dub­lin 2, Ire­land) – Pri­vacy Policy: https://www.facebook.com/about/privacy/, Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com, Pri­vacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.

– Google/ You­Tube (Google LLC, 1600 Amphi­theatre Park­way, Moun­tain View, CA 94043, USA) – Pri­vacy Policy: https://policies.google.com/privacy, Opt-Out: https://adssettings.google.com/authenticated, Pri­vacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

– Insta­gram (Insta­gram Inc., 1601 Wil­low Road, Menlo Park, CA, 94025, USA) – Pri­vacy Policy/ Opt-Out: http://instagram.com/about/legal/privacy/.

– Twit­ter (Twit­ter Inc., 1355 Mar­ket Street, Suite 900, San Fran­cisco, CA 94103, USA) – Pri­vacy Policy: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization, Pri­vacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.

– Pin­te­rest (Pin­te­rest Inc., 635 High Street, Palo Alto, CA, 94301, USA) – Pri­vacy Policy/ Opt-Out: https://about.pinterest.com/de/privacy-policy.

– Lin­ke­dIn (Lin­ke­dIn Ire­land Unli­mi­ted Com­pany Wil­ton Place, Dub­lin 2, Ire­land) – Pri­vacy Policy https://www.linkedin.com/legal/privacy-policy , Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out, Pri­vacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.

– Xing (XING AG, Damm­tor­straße 29–32, 20354 Ham­burg, Ger­many) – Pri­vacy Policy/ Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung.

INTE­GRA­TION OF THIRD PARTY SER­VICES AND CONTENT

Within our online offer, we use con­tent or ser­vice offers of third party pro­vi­ders on the basis of our legi­ti­mate inte­rests (i.e. inte­rest in the ana­ly­sis, opti­miza­tion and eco­no­mic ope­ra­tion of our online offer within the mea­ning of Art. 6 para. 1 lit. f. GDPR) con­tent or ser­vice offers from third party pro­vi­ders in order to inte­grate their con­tent and ser­vices, such as videos or fonts (her­ein­af­ter uni­formly refer­red to as “con­tent”).

This always requi­res that the third-party pro­vi­ders of this con­tent per­ceive the IP address of the user, since wit­hout the IP address they could not send the con­tent to their brow­ser. The IP address is thus requi­red for the dis­play of this con­tent. We endea­vor to use only such con­tent whose respec­tive pro­vi­ders use the IP address only for the deli­very of the con­tent. Third-party pro­vi­ders may also use so-cal­led pixel tags (invi­si­ble gra­phics, also known as “web bea­cons”) for sta­tis­ti­cal or mar­ke­ting pur­po­ses. The “pixel tags” can be used to eva­luate infor­ma­tion such as visi­tor traf­fic on the pages of this web­site. The pseud­ony­mous infor­ma­tion may also be stored in coo­kies on the user’s device and may con­tain, among other things, tech­ni­cal infor­ma­tion about the brow­ser and ope­ra­ting sys­tem, refer­ring web­sites, time of visit and other infor­ma­tion about the use of our online offer, as well as be com­bi­ned with such infor­ma­tion from other sources.

GOOGLE FONTS

We inte­grate the fonts (“Google Fonts”) of the pro­vi­der Google LLC, 1600 Amphi­theatre Park­way, Moun­tain View, CA 94043, USA. Pri­vacy policy: https://www.google.com/policies/privacy/, Opt-Out:
https://adssettings.google.com/authenticated.

GOOGLE RECAPTCHA

We inte­grate the func­tion for the reco­gni­tion of bots, e.g. for ent­ries in online forms (“ReCaptcha”) of the pro­vi­der Google LLC, 1600 Amphi­theatre Park­way, Moun­tain View, CA 94043, USA. Pri­vacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated

GOOGLE MAPS

We inte­grate the maps of the ser­vice “Google Maps” of the pro­vi­der Google LLC, 1600 Amphi­theatre Park­way, Moun­tain View, CA 94043, USA. The pro­ces­sed data may include, in par­ti­cu­lar, IP addres­ses and loca­tion data of the users, which, howe­ver, are not coll­ec­ted wit­hout their con­sent (usually exe­cu­ted as part of the set­tings of their mobile devices). The data may be pro­ces­sed in the USA. Pri­vacy policy: https://www.google.com/policies/privacy/, Opt-Out:
https://adssettings.google.com/authenticated.

INSTA­GRAM

Within our online offer, func­tions and con­tents of the ser­vice Insta­gram, offe­red by Insta­gram Inc., 1601 Wil­low Road, Menlo Park, CA, 94025, USA, may be inte­gra­ted. This may include, for exam­ple, con­tent such as images, videos or texts and but­tons with which users can share con­tent of this online offer within Insta­gram. If the users are mem­bers of the Insta­gram plat­form, Insta­gram can assign the call of the above-men­tio­ned con­tent and func­tions to the pro­files of the users there. Pri­vacy policy of Insta­gram: http://instagram.com/about/legal/privacy/.

Crea­ted with Datenschutz-Generator.de by RA Dr. Tho­mas Schwenke