top of page

Legal Notice & Privacy Policy

LEGAL NOTICE

Side note: Please beware that this section has been (automatically) translated into an English version based on the original German version available on this website. The respective paragraphs and regulations are referring to and defined in the German/EU legislation.

Responsible for content according to Section 5 of the German Telemedia Act (TMG):
Sergej Pfeifer
Hieronymusstr. 34
81241 Munich / Germany
contact@zeitgeistpayments.com
VAT ID: DE341828336
 
Disclaimer:
The contents of our pages have been created with the utmost care. However, we cannot guarantee the accuracy, completeness, and timeliness of the content. As a service provider, we are responsible for our own content on these pages in accordance with Section 7(1) of the TMG. According to §§ 8 to 10 TMG, we are not obligated as a service provider to monitor transmitted or stored third-party information or to investigate circumstances that indicate illegal activity. Obligations to remove or block the use of information under general laws remain unaffected by this. However, liability in this regard is only possible from the time of knowledge of a specific legal violation. Upon becoming aware of corresponding legal violations, we will remove these contents immediately.

External Links:
Our offer contains links to external websites of third parties, the contents of which we have no influence on. Therefore, we cannot assume any liability for these external contents. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time of linking. Illegal content was not recognizable at the time of linking. However, a permanent content control of the linked pages is not reasonable without concrete evidence of a violation of the law. If we become aware of legal violations, we will remove such links immediately.

© Copyright Notice:
The rights for all texts and images published on this website, unless otherwise indicated, belong to Sergej Pfeifer. Any further use requires the explicit permission of the rights owner.

PRIVACY POLICY

Side note: Please beware that this section has been (automatically) translated into an English version based on the original German version available on this website. The respective paragraphs and regulations are referring to and defined in the German/EU legislation.

This privacy policy informs you about the nature, scope, and purpose of the processing of personal data (hereinafter referred to as "data") within the scope of our services, as well as within our online offerings and associated websites, functions, and content, including external online presences such as our social media profiles (hereinafter collectively referred to as the "online offering"). With regard to the terminology used, such as "processing" or "controller," we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

 

Responsible:

Sergej Pfeifer

Hieronymusstr. 34

81241 Munich, Germany 

privacy@zeitgeistpayments.com

 

Types of processed data:

  • Inventory data (e.g., personal master data, names, or addresses).

  • Contact data (e.g., email, phone numbers).

  • Content data (e.g., text entries, photographs, videos).

  • Usage data (e.g., visited websites, interest in content, access times).

  • Meta/communication data (e.g., device information, IP addresses).

 

Categories of data subjects:

Visitors and users of the online offering (hereinafter also collectively referred to as "users").

 

Purpose of processing:

  • Provision of the online offering, its functions, and content.

  • Responding to contact inquiries and communicating with users.

  • Security measures.

  • Range measurement/marketing.

 

Terminology used:

"Personal data" refers to all information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., cookie), or one or more specific characteristics expressing the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

 

"Processing" is any operation or set of operations performed on personal data, whether or not by automated means. The term is broad and encompasses virtually any handling of data.

 

"Pseudonymization" means processing personal data in a way that the personal data can no longer be attributed to a specific data subject without additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

 

"Profiling" means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movement. The "controller" is the natural or legal person, authority, body, or other entity that alone or jointly with others determines the purposes and means of the processing of personal data.

 

"Processor" means a natural or legal person, authority, body, or other entity that processes personal data on behalf of the controller.

Relevant Legal Bases:

In accordance with Article 13 of the GDPR, we inform you about the legal bases for our data processing. For users within the scope of the General Data Protection Regulation (GDPR), i.e., the EU and the EEA, the following applies if the legal basis is not mentioned in the privacy policy: The legal basis for obtaining consent is Article 6(1)(a) and Article 7 of the GDPR. The legal basis for processing to fulfill our services and carry out contractual measures as well as responding to inquiries is Article 6(1)(b) of the GDPR. The legal basis for processing to fulfill our legal obligations is Article 6(1)(c) of the GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6(1)(d) of the GDPR serves as the legal basis. The legal basis for the necessary processing to perform a task carried out in the public interest or in the exercise of official authority vested in the controller is Article 6(1)(e) of the GDPR. The legal basis for processing to safeguard our legitimate interests is Article 6(1)(f) of the GDPR. The processing of data for purposes other than those for which the data was collected is determined in accordance with the provisions of Article 6(4) of the GDPR. The processing of special categories of data (according to Article 9(1) of the GDPR) is determined in accordance with the provisions of Article 9(2) of the GDPR.

Security Measures:

We implement, in accordance with legal requirements, appropriate technical and organizational measures, taking into account the state of the art, implementation costs, the nature, scope, circumstances, and purposes of processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, to ensure a level of protection appropriate to the risk. These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical access to the data, as well as the relevant access, input, disclosure, availability, and separation thereof. Furthermore, we have established procedures to ensure the exercise of data subjects' rights, data deletion, and response to data breaches. We also consider the protection of personal data from the outset in the development or selection of hardware, software, and procedures, in accordance with the principle of data protection by design and by default. Cooperation with processors, joint controllers, and third parties: If, in the course of our processing, we disclose data to other individuals and companies (processors, joint controllers, or third parties), transmit it to them, or otherwise grant them access to the data, this is done only on the basis of a legal permission (e.g., if a transmission of the data to third parties, such as payment service providers, is necessary for the fulfillment of the contract), if users have consented, if a legal obligation provides for it, or based on our legitimate interests (e.g., when using agents, web hosts, etc.). If we disclose, transmit, or otherwise grant access to data to other companies within our corporate group, this is done particularly for administrative purposes as a legitimate interest and beyond that on a legal basis in accordance with the statutory requirements.

Transfers to Third Countries:

If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA), or the Swiss Confederation) or if this occurs in the context of using third-party services or disclosing/transmitting data to other individuals or companies, this only takes place if it is necessary to fulfill our (pre)contractual obligations, based on your consent, due to a legal obligation, or based on our legitimate interests. Subject to explicit consent or contractually required transmission, we process or allow data to be processed only in third countries with a recognized level of data protection, including US processors certified under the Privacy Shield, or based on special guarantees, such as contractual obligations through the so-called standard protection clauses of the EU Commission, the existence of certifications, or binding internal data protection regulations (Articles 44 to 49 of the GDPR, Information page of the EU Commission).

 

Rights of Data Subjects: Right to Information: You have the right to request confirmation as to whether data concerning you are being processed and to obtain information about these data and further information and a copy of the data in accordance with legal requirements.

Right to Rectification: You have the right to request the completion of data concerning you or the correction of inaccurate data concerning you in accordance with legal requirements.

Right to Erasure and Restriction of Processing: You have the right to demand that relevant data be deleted immediately, or alternatively, in accordance with legal requirements, to request a restriction of the processing of data.

Right to Data Portability: You have the right to receive the data concerning you that you have provided to us in accordance with legal requirements in a structured, common, and machine-readable format or to request its transmission to another controller.

Complaint to the Supervisory Authority: Furthermore, in accordance with legal requirements, you have the right to file a complaint with the competent supervisory authority.

 

Right of Withdrawal: You have the right to revoke granted consents with effect for the future.

 

Right to Object: You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning you, which is carried out based on Article 6(1)(e) or (f) of the GDPR; this also applies to profiling based on these provisions. If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is related to such direct marketing.

Cookies:

What are Cookies?

Cookies and similar technologies are very small text documents or pieces of code that often contain a unique identification code. When you visit a website or use a mobile application, a computer requests permission from your computer or mobile device to store this file on your computer or mobile device and access information. Information collected through cookies and similar technologies may include the date and time of the visit, as well as how you use a specific website or mobile application.

 

Why do we use Cookies? Cookies ensure that you stay logged in during your visit to our online store, all items remain in your shopping cart, you can shop securely, and the website continues to function smoothly. Cookies also ensure that we can see how our website is used and how we can improve it. In addition, depending on your preferences, our own cookies may be used to present targeted advertising that corresponds to your personal interests.

 

What Types of Cookies Do We Use?

  1. Necessary Cookies:

    • Save items in a shopping cart for online purchases

    • Save your cookie settings for this website

    • Save language settings

    • Log in to our portal; we need to check if you are logged in

  2. Performance Cookies:

    • Collect statistical information about the usage of our website (also called analytics cookies) for performance improvement and website optimization.

  3. Functional Cookies:

    • Enable additional functionality for our website visitors. These cookies may be set by our external service providers or our own website.

    • Examples include live chat services, watching online videos, social media sharing buttons, and signing in with social media on our website.

  4. Advertising/Tracking Cookies:

    • Set by external advertising partners, these cookies are used for profiling and data tracking across multiple websites.

    • If you accept these cookies, we can display our ads on other websites based on your user profile and preferences.

    • These cookies also store data on how many visitors have seen or clicked on our ads to optimize advertising campaigns.

 

How Can I Disable or Remove Cookies?

You can choose to disable all cookies except necessary ones. In your browser settings, you can change the settings to block cookies. Most browsers have an explanation of how to do this in the "Help" function. However, if you block cookies, it may be possible that you cannot use all technical features of our website, which may negatively impact your user experience.

Data Deletion: The data processed by us will be deleted or restricted in accordance with legal requirements. Data stored by us will be deleted as soon as it is no longer required for its intended purpose, and deletion does not conflict with legal retention obligations. If data is not deleted because it is necessary for other legally permissible purposes, its processing will be restricted. This means the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.

Changes and Updates to the Privacy Policy: We ask you to regularly inform yourself about the content of our privacy policy. We will adjust the privacy policy as soon as changes in the data processing carried out by us make this necessary. We will inform you as soon as the changes require your cooperation (e.g., consent) or other individual notification.

Agency Services:

We process the data of our customers as part of our contractual services, which include conceptual and strategic consulting, campaign planning, software and design development/consulting, maintenance, implementation of campaigns and processes/handling, server administration, data analysis/consulting services, and training services.

In this context, we process inventory data (e.g., customer master data, such as names or addresses), contact data (e.g., email, phone numbers), content data (e.g., text entries, photographs, videos), contract data (e.g., contract object, duration), payment data (e.g., bank details, payment history), usage, and metadata (e.g., in the context of evaluating and measuring the success of marketing measures). We do not generally process special categories of personal data unless they are part of an authorized processing. The data subjects include our customers, prospects, as well as their customers, users, website visitors, or employees, and third parties. The purpose of processing is to provide contractual services, billing, and customer service. The legal basis for processing is derived from Art. 6 Para. 1 lit. b GDPR (contractual services), Art. 6 Para. 1 lit. f GDPR (analysis, statistics, optimization, security measures). We process data that is necessary for establishing and fulfilling contractual services and indicate the necessity of their provision. Disclosure to external parties only occurs if it is necessary within the scope of an order. When processing the data provided to us in the context of an order, we act in accordance with the instructions of the client and legal requirements for order processing according to Art. 28 GDPR and do not process the data for other purposes than the ordered ones. We delete the data after the expiration of legal warranty and comparable obligations. The necessity of retaining the data is reviewed every three years; in the case of legal archiving obligations, deletion occurs after their expiration (6 years, according to § 257 Para. 1 HGB, 10 years, according to § 147 Para. 1 AO). In the case of data disclosed to us in the course of an order by the client, we delete the data in accordance with the specifications of the order, generally after the end of the order.

Administration, Accounting, Office Organization, Contact Management:

We process data as part of administrative tasks and organization of our business, accounting, and compliance with legal obligations, such as archiving. Here, we process the same data that we process within the scope of providing our contractual services. The legal bases for processing are Art. 6 Para. 1 lit. c. GDPR, Art. 6 Para. 1 lit. f. GDPR. The data subjects affected are customers, prospects, business partners, and website visitors. The purpose and our interest in processing lie in administration, accounting, office organization, archiving of data, i.e., tasks that serve to maintain our business activities, perform our tasks, and provide our services. The deletion of data concerning contractual services and contractual communication corresponds to the information provided in these processing activities. We disclose or transmit data to the tax authorities, consultants, such as tax consultants or auditors, as well as other fee offices and payment service providers. Furthermore, based on our business interests, we store information about suppliers, organizers, and other business partners, e.g., for subsequent contact. We generally store this predominantly company-related data permanently.

Business Analysis and Market Research:

To operate our business economically, recognize market trends, and understand the wishes of contractual partners and users, we analyze the data available to us on business transactions, contracts, inquiries, etc. We process inventory data, communication data, contract data, payment data, usage data, metadata based on Art. 6 Para. 1 lit. f. GDPR, with the data subjects being contractual partners, prospects, customers, visitors, and users of our online offering. The analyses are carried out for business evaluations, marketing, and market research. We can consider the profiles of registered users, including information about their services used. The analyses serve us to increase user-friendliness, optimize our offer, and business efficiency. The analyses are for our use only and are not disclosed externally unless they are anonymous analyses with aggregated values. If these analyses or profiles are personal, they will be deleted or anonymized upon termination of the users, otherwise after two years from the conclusion of the contract. In all other respects, the overall business analyses and general trend determinations are created as anonymously as possible.

Google Cloud Services:

We use the cloud offered by Google and cloud software services (so-called Software as a Service, e.g., Google Suite) for the following purposes: document storage and management, calendar management, email delivery, spreadsheets and presentations, exchanging documents, content, and information with specific recipients or publishing websites, forms, or other content and information, as well as participating in chats and audio and video conferences. In this process, the personal data of users is processed to the extent that it becomes part of the documents and content processed within the described services or is part of communication processes. This may include, for example, user master data and contact data, data on transactions, contracts, other processes, and their content. Google also processes usage data and metadata used for security purposes and service optimization. In the context of using publicly accessible documents, websites, or other content, Google may store cookies on users' computers for the purpose of web analysis or to remember user settings. We use Google Cloud Services based on our legitimate interests according to Art. 6 Para. 1 lit. f GDPR in efficient and secure administration and collaboration processes. Furthermore, the processing is based on a data processing agreement with Google (https://cloud.google.com/terms/data-processing-terms). For further information, refer to Google's privacy policy (https://www.google.com/policies/privacy) and security information on Google Cloud Services (https://cloud.google.com/security/privacy/). You can object to the processing of your data in the Google Cloud according to the legal requirements. The deletion of data within Google's Cloud Services is determined by the other processing processes in which the data is processed (e.g., deletion of data no longer required for contract purposes or storage of data required for tax purposes).

Contact:

When contacting us (e.g., via contact form, email, telephone, or social media), the user's details are processed to handle the contact request and its processing according to Art. 6 Para. 1 lit. b (within contractual/pre-contractual relationships), Art. 6 Para. 1 lit. f (other inquiries) GDPR. The user's details may be stored in a Customer Relationship Management System ("CRM System") or a comparable request organization. We delete inquiries if they are no longer necessary. We review the necessity every two years, and legal archiving obligations also apply.

 

Hosting and Email Delivery:

The hosting services we use provide infrastructure and platform services, computing capacity, storage space, and database services, email delivery, security services, and technical maintenance services that we use to operate this online offering. In this process, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta- and communication data of customers, prospects, and visitors to this online offering based on our legitimate interests in an efficient and secure provision of this online offering according to Art. 6 Para. 1 lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of a data processing agreement).

Collection of Access Data and Log Files:

We, or our hosting provider, collect data based on our legitimate interests according to Art. 6 Para. 1 lit. f GDPR on each access to the server on which this service is located (so-called server log files). Access data includes the name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, user's operating system, referrer URL (previously visited page), IP address, and requesting provider. Log file information is stored for security reasons (e.g., to clarify misuse or fraud) for a maximum of 7 days and then deleted. Data that needs to be retained for evidentiary purposes is excluded from deletion until the respective incident is finally clarified.

Google Tag Manager:

Google Tag Manager is a solution that allows us to manage so-called website tags via an interface (and thus integrate, for example, Google Analytics and other Google marketing services into our online offering). The Tag Manager itself (which implements the tags) does not process personal user data. Regarding the processing of users' personal data, reference is made to the following information on Google services. Usage policies: https://www.google.com/intl/de/tagmanager/use-policy.html.

Google Analytics:

We use Google Analytics, a web analysis service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google uses cookies. The information generated by the cookie about the use of the online offering by users is usually transmitted to a server of Google in the USA and stored there. Google will use this information on our behalf to evaluate the use of our online offering by users, to compile reports on the activities within this online offering, and to provide us with other services related to the use of this online offering and internet usage. Pseudonymous usage profiles of users can be created from the processed data. We use Google Analytics only with activated IP anonymization. This means that the IP address of the users is truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a server of Google in the USA and truncated there. The IP address transmitted by the user's browser is not combined with other data from Google. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent the collection of data generated by the cookie and related to their use of the online offering to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de. If we ask users for consent (e.g., as part of a cookie consent), the legal basis for this processing is Art. 6 Para. 1 lit. a. GDPR. Otherwise, users' personal data is processed based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 Para. 1 lit. f. GDPR). If data is processed in the USA, we would like to point out that Google is certified under the Privacy Shield agreement and thereby assures compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). For more information on data usage by Google, settings, and opt-out options, please refer to Google's privacy policy (https://policies.google.com/privacy) and settings for displaying advertisements by Google (https://adssettings.google.com/authenticated). Users' personal data will be deleted or anonymized after 14 months.

Audience Targeting with Google Analytics:

We utilize Google Analytics to display advertisements within Google's advertising services and its partners only to users who have shown an interest in our online offering or exhibit certain characteristics (e.g., interests in specific topics or products determined based on visited websites), which we transmit to Google (so-called "Remarketing" or "Google Analytics Audiences"). With the help of Remarketing Audiences, we aim to ensure that our ads correspond to the potential interests of users.

 

Google AdWords and Conversion Tracking:

We employ the online marketing method Google "AdWords" to place ads in the Google advertising network (e.g., in search results, videos, on websites, etc.), targeting users who have a presumed interest in the ads. This allows us to display ads for and within our online offering more specifically, showing users only ads that potentially match their interests. For instance, if a user is shown ads for products they have shown interest in on other online platforms, this is referred to as "Remarketing." To achieve this, when our website and other websites where the Google advertising network is active are visited, Google immediately executes a code, and so-called (re)marketing tags (invisible graphics or code, also known as "web beacons") are embedded in the website. These tags enable an individual cookie, i.e., a small file, to be stored on the user's device (instead of cookies, comparable technologies can also be used). This file records which websites the user has visited, which content they are interested in, and which offers the user has clicked on. Additionally, technical information about the browser and operating system, referring websites, visit time, and other details about the use of the online offering are included. We also receive an individual "conversion cookie." The information obtained through the cookie helps Google create conversion statistics for us. However, we only learn the anonymous total number of users who clicked on our ad and were redirected to a page with a conversion tracking tag. We do not receive any information that would allow us to personally identify users. User data is pseudonymously processed within the Google advertising network. This means that Google does not store or process the names or email addresses of users, but processes relevant data based on cookies within pseudonymous user profiles. From Google's perspective, ads are managed and displayed not for a specifically identified person but for the cookie holder, regardless of who that cookie holder is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymization. The information collected about users is transmitted to Google and stored on Google's servers in the United States. If we ask users for consent (e.g., as part of a cookie consent), the legal basis for this processing is Art. 6 Para. 1 lit. a. GDPR. Otherwise, users' personal data is processed based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 Para. 1 lit. f. GDPR). If data is processed in the USA, we would like to point out that Google is certified under the Privacy Shield agreement and thereby assures compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). For more information on data usage by Google, settings, and opt-out options, please refer to Google's privacy policy (https://policies.google.com/technologies/ads) and settings for displaying advertisements by Google (https://adssettings.google.com/authenticated).

LinkedIn Marketing Services:

We utilize the marketing services of the social network LinkedIn, provided by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. With the help of LinkedIn's marketing services, we can display ads more targetedly within the social network and the advertising partner offerings of LinkedIn or show ads to users that potentially match their interests. If, for example, a user is shown ads for products they have shown interest in on other online platforms, this is referred to as "Remarketing." Furthermore, we can track the success of our ads (so-called "Conversion Measurement"). However, we only learn the anonymous total number of users who clicked on our ad and were redirected to a page with a conversion tracking tag. We do not receive any information that would allow us to personally identify users. For these purposes, when our website and other websites where LinkedIn's marketing services are active are visited, a code from LinkedIn is executed, and so-called "Insights tags" (invisible graphics or code, also known as "Web Beacons") are embedded in the websites. With their help, an individual cookie is stored on the user's device, recording which websites the user has visited, which content they are interested in, and which offers the user has clicked on. Technical information about the browser and operating system, referring websites, visit time, and other details about the use of the online offering are also included. User data is pseudonymously processed within LinkedIn's marketing services. This means that LinkedIn does not store or process the names or email addresses of users but processes relevant data based on cookies within pseudonymous user profiles. From LinkedIn's perspective, ads are managed and displayed not for a specifically identified person but for the cookie holder, regardless of who that cookie holder is. This does not apply if a user has expressly allowed LinkedIn to process the data without this pseudonymization. Even if you are registered with LinkedIn, LinkedIn can associate your interaction with our online offering with your user account. If we ask users for consent (e.g., as part of a cookie consent), the legal basis for this processing is Art. 6 Para. 1 lit. a. GDPR. Otherwise, users' personal data is processed based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 Para. 1 lit. f. GDPR). The information collected about users is transmitted to LinkedIn and stored on LinkedIn's servers in the United States, with LinkedIn being certified under the Privacy Shield agreement, thereby assuring compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active). For more information on data usage by LinkedIn, refer to the Privacy Policy (https://www.linkedin.com/legal/privacy-policy) and LinkedIn's Cookie Policy (https://www.linkedin.com/legal/cookie_policy). You can object to the aforementioned use of your data on LinkedIn: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Hotjar Analysis and Optimization Service:

We use Hotjar, an analysis software from Hotjar Ltd., 3 Lyons Range, 20 Bisazza Street, Sliema SLM 1640, Malta ("Hotjar"). With the information obtained through Hotjar, we can analyze and improve the use of our online offering. Data of users of our online offering is stored and evaluated solely for this purpose. We use Hotjar to analyze our online offering and not individual users. Therefore, user data is pseudonymized and processed within the European Union based on the framework of the order processing contract offered by Hotjar. User inputs, e.g., in forms or key presses, are not processed, i.e., neither stored nor transmitted to Hotjar (unless these inputs are recognizable to users for evaluation purposes, such as in feedback forms). For the aforementioned purposes, Hotjar stores cookies with a pseudonymous identification number on users' devices and evaluates them. The cookies used by Hotjar have different "lifespans"; some remain valid for up to 365 days, while others are only valid during the current visit. Processed user data includes, in particular:

  • Device and metadata: IP address of the end device (collected and stored in anonymized form), resolution of the screen/display of the end device, type of end device (individual end device identification features), operating system, and browser type, referring URL and domain;

  • Geographical location (only country);

  • Usage data and log data: Date and time of access to the online offering, preferred language, user interactions such as mouse events (movements, position, and clicks), keyboard inputs, accessed websites, and interactions with their content and functions.

  • Content data: Entries in surveys and feedback forms.

If we ask users for consent (e.g., as part of a cookie consent), the legal basis for this processing is Art. 6 Para. 1 lit. a. GDPR. Otherwise, users' personal data is processed based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 Para. 1 lit. f. GDPR). Users can prevent the collection of data by Hotjar by using their browser's "Do Not Track" settings or by clicking on the following link and following the instructions there: https://www.hotjar.com/legal/compliance/opt-out.

Hotjar Privacy Policy: https://www.hotjar.com/legal/policies/privacy. Cookie Policy: https://www.hotjar.com/legal/policies/cookie-information.

Facebook Pixel, Custom Audiences, and Facebook Conversion:

Within our online offering, the so-called "Facebook Pixel" of the social network Facebook, operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"), is used. With the Facebook Pixel, Facebook can determine the visitors of our online offering as a target group for the display of ads (so-called "Facebook Ads"). Accordingly, we use the Facebook Pixel to display Facebook Ads only to Facebook users who have shown an interest in our online offering or who exhibit certain characteristics (e.g., interests in specific topics or products determined based on visited websites) that we transmit to Facebook (so-called "Custom Audiences"). With the Facebook Pixel, we also want to ensure that our Facebook Ads correspond to the potential interests of users and do not appear intrusive. Furthermore, with the help of the Facebook Pixel, we can track the effectiveness of Facebook ads for statistical and market research purposes by determining whether users were redirected to our website after clicking on a Facebook ad (so-called "Conversion"). Data processing by Facebook is carried out in accordance with Facebook's data usage policy. Therefore, general information on displaying Facebook Ads can be found in Facebook's data usage policy: https://www.facebook.com/policy. Specific information and details about the Facebook Pixel and how it works can be found in the Help section of Facebook: https://www.facebook.com/business/help/651294705016616. If we ask users for consent (e.g., as part of a cookie consent), the legal basis for this processing is Art. 6 Para. 1 lit. a. GDPR. Otherwise, users' personal data is processed based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 Para. 1 lit. f. GDPR). Facebook is certified under the Privacy Shield agreement, thereby ensuring compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

You can object to the collection by the Facebook Pixel and the use of your data for displaying Facebook Ads. To adjust the types of ads shown to you within Facebook, you can visit the page set up by Facebook and follow the instructions for configuring interest-based advertising settings: https://www.facebook.com/settings?tab=ads. These settings apply across platforms, meaning they are adopted for all devices such as desktop computers or mobile devices. Additionally, you can oppose the use of cookies for reach measurement and advertising purposes through the deactivation page of the Network Advertising Initiative (http://optout.networkadvertising.org/) and, for users in the United States, the additional US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

 

Bing Ads

We use the conversion and tracking tool "Bing Ads" from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA, within our online offering. Microsoft stores cookies on users' devices to analyze the usage of our online offering by users who have accessed our online offering via a Microsoft Bing ad (so-called "conversion measurement"). This allows Microsoft and us to recognize when someone has clicked on an ad, was redirected to our online offering, and reached a pre-determined target page (so-called "conversion page"). We only learn the total number of users who clicked on a Bing ad and were then redirected to the conversion page. No IP addresses are stored, and no personal information regarding the identity of users is disclosed. If we ask users for consent (e.g., as part of a cookie consent), the legal basis for this processing is Art. 6 Para. 1 lit. a. GDPR. Otherwise, users' personal data is processed based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 Para. 1 lit. f. GDPR). Microsoft is certified under the Privacy Shield agreement, thereby ensuring compliance with European and Swiss data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active). If users do not want to participate in Bing Ads' tracking process, they can disable the setting of cookies required for this purpose through their browser settings or use Microsoft's opt-out page: http://choice.microsoft.com/de-DE/opt-out. Further information on data protection and the cookies used by Microsoft Bing Ads can be found in Microsoft's privacy statement: https://privacy.microsoft.com/de-de/privacystatement.

 

Online Presences in Social Media

We maintain online presences within social networks and platforms to communicate with customers, interested parties, and users active there, and to inform them about our services. We point out that user data may be processed outside the European Union. This may pose risks for users because, for example, the enforcement of user rights could be more challenging. Regarding US providers certified under the Privacy Shield, we emphasize that they commit to complying with EU data protection standards. User data is generally processed for market research and advertising purposes. For instance, user behavior and resulting interests can be used to create user profiles. These profiles can, in turn, be used to display advertisements inside and outside the platforms that presumably correspond to users' interests. Cookies are typically stored on users' computers for these purposes, storing user behavior and interests. Data in user profiles may also be stored independently of the devices used by users (especially if users are members of the respective platforms and logged in to them). The processing of users' personal data is based on our legitimate interests in effective user information and communication with users pursuant to Art. 6 Para. 1 lit. f. GDPR. If users are asked by the respective platform providers for consent to the described data processing, the legal basis for processing is Art. 6 Para. 1 lit. a., Art. 7 GDPR. For a detailed presentation of the respective processing and the options for objection (opt-out), we refer to the linked information provided by the providers. In the case of information requests and the assertion of user rights, we point out that these can be most effectively asserted with the providers. Only the providers have access to the data of the users and can take appropriate measures and provide information directly. If you still need assistance, you can contact us.

– Facebook, -Seiten, -Gruppen, (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland) auf Grundlage einer Vereinbarung über gemeinsame Verarbeitung personenbezogener Daten – Datenschutzerklärung: https://www.facebook.com/about/privacy/, speziell für Seiten: https://www.facebook.com/legal/terms/information_about_page_insights_data , Opt-Out: https://www.facebook.com/settings?tab=ads und http://www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.

– Google/ YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland) – Datenschutzerklärung:  https://policies.google.com/privacy, Opt-Out: https://adssettings.google.com/authenticated, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

– Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) – Datenschutzerklärung/ Opt-Out: http://instagram.com/about/legal/privacy/.

– Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – Datenschutzerklärung: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.

– Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA) – Datenschutzerklärung/ Opt-Out: https://about.pinterest.com/de/privacy-policy.

– LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Irland) – Datenschutzerklärung https://www.linkedin.com/legal/privacy-policy , Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.

– Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Deutschland) – Datenschutzerklärung/ Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung.

– Wakalet (Wakelet Limited, 76 Quay Street, Manchester, M3 4PR, United Kingdom) – Datenschutzerklärung/ Opt-Out: https://wakelet.com/privacy.html.

– Soundcloud (SoundCloud Limited, Rheinsberger Str. 76/77, 10115 Berlin, Deutschland) – Datenschutzerklärung/ Opt-Out: https://soundcloud.com/pages/privacy.

Integration of Third-Party Services and Content

We use content or service offerings from third-party providers within our online offering based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 Para. 1 lit. f. GDPR) to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content"). This always requires that the third-party providers of this content perceive the IP address of the users, as they could not send the content to their browser without the IP address. The IP address is therefore necessary for the display of this content. We make every effort to use only those contents whose respective providers use the IP address solely for the delivery of the contents. Third-party providers may also use so-called pixel tags (invisible graphics, also called "web beacons") for statistical or marketing purposes. "Pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. Pseudonymous information may also be stored in cookies on users' devices and may include technical information about the browser and operating system, referring websites, visit time, as well as other information about the use of our online offering, and may also be linked with such information from other sources.

 

YouTube

We integrate videos from the "YouTube" platform provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Privacy Policy, Opt-Out.

 

Google Fonts

We integrate fonts ("Google Fonts") from the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. According to Google, user data is used solely for the purpose of displaying fonts in users' browsers. The integration is based on our legitimate interests in a technically secure, maintenance-free, and efficient use of fonts, their consistent presentation, and consideration of possible license restrictions for their integration. Privacy Policy.

 

Google ReCaptcha

We integrate the function for bot detection, e.g., for entries in online forms ("ReCaptcha") provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Privacy Policy, Opt-Out.

 

Google Maps

We integrate maps from the "Google Maps" service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The processed data may include IP addresses and user location data, which, however, are not collected without their consent (usually within the settings of their mobile devices). The data may be processed in the USA. Privacy Policy, Opt-Out.

 

Twitter

Within our online offering, functions and content of the Twitter service, offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, may be integrated. This may include content such as images, videos, or texts and buttons with which users can share content from this online offering within Twitter. If users are members of the Twitter platform, Twitter can assign the call of the above content and functions to the user profiles there. Twitter is certified under the Privacy Shield agreement, providing a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active). Privacy Policy, Opt-Out.

 

LinkedIn

Within our online offering, functions and content of the LinkedIn service, offered by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland, may be integrated. This may include content such as images, videos, or texts and buttons with which users can share content from this online offering within LinkedIn. If users are members of the LinkedIn platform, LinkedIn can assign the call of the above content and functions to the user profiles there. LinkedIn is certified under the Privacy Shield agreement, providing a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active). Privacy Policy, Opt-Out.

bottom of page