Security and protection of your personal data

We consider it our primary task to maintain the confidentiality of the personal data you provide and to protect it from unauthorized access. We therefore apply the utmost care and the latest security standards to ensure maximum protection of your personal data.

As a private company, we are subject to the provisions of the European General Data Protection Regulation (GDPR) and the regulations of the Federal Data Protection Act (BDSG). We have taken technical and organizational measures to ensure that the data protection regulations are observed by both us and our external service providers.

Definitions

The legislator requires that personal data be processed lawfully, in good faith and in a manner that is comprehensible to the person concerned ("lawfulness, processing in good faith, transparency"). To ensure this, we inform you about the individual legal definitions that are also used in this data protection declaration:

1. Personal data

"Personal data" is all information that relates to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an online identifier or to one or more special characteristics that express the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2. Processing

“Processing” is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparison or linking, restriction, erasure or destruction.

3. Restriction of processing

“Restriction of processing” is the marking of stored personal data with the aim of restricting its future processing.

4. Profiling

“Profiling” is any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

5. Pseudonymization

"Pseudonymization" is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data cannot be attributed to an identified or identifiable natural person.

6. File system

"File system" is any structured collection of personal data that is accessible according to specific criteria, regardless of whether this collection is centralized, decentralized or organized according to functional or geographical aspects.

7. Controller

"Controller" is a natural or legal person, public authority, agency or other body that alone or jointly with others decides on the purposes and means of processing personal data; if the purposes and means of such processing are specified by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

8. Processor

“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

9. Recipient

“Recipient” means a natural or legal person, public authority, agency or other body to which personal data are disclosed, whether a third party or not. Authorities which may receive personal data in the framework of a particular investigation in accordance with Union or Member State law shall be deemed to have 

However, they are not recipients; the processing of these data by the authorities mentioned is carried out in accordance with the applicable data protection rules in accordance with the purposes of the processing.

10.Third party

“Third party” means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or processor.

11.Consent

“Consent” of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes in the form of a statement or other unambiguous affirmative action by which the data subject signifies agreement to the processing of personal data concerning him or her.

Legality of processing
The processing of personal data is only lawful if there is a legal basis for the processing. The legal basis for processing may be, in particular, according to Article 6 (1) (a) – (f) GDPR:

The data subject has given his or her consent to the processing of personal data concerning him or her for one or more specific purposes;

The processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures taken at the request of the data subject;

The processing is necessary to fulfil a legal obligation to which the controller is subject;

The processing is necessary to protect the vital interests of the data subject or of another natural person;

The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

The processing is necessary to safeguard the legitimate interests of the controller or of a third party, unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data prevail, in particular if the data subject is a child.

Information about the collection of personal data

(1) Below we provide information about the collection of personal data when using our website. Personal data includes, for example, name, address, email addresses, user behavior.

(2) If you contact us by email, the data you provide (your email address, if applicable, your name and your telephone number) will be stored by us in order to answer your questions. We delete the data collected in this context after storage is no longer required, or processing will be restricted if there are statutory retention periods.

Collection of personal data when visiting our website
If you use the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you would like to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (the legal basis is Art. 6 Para. 1 Clause 1 Letter f of GDPR):

IP ​​address
Date and time of the request
Time zone difference to Greenwich Mean Time (GMT)
Content of the request (specific page)
Access status/HTTP status code
Amount of data transferred in each case
Website from which the request comes
Browser
Operating system and its interface
Language and version of the browser software.

Use of cookies
(1) In addition to the data mentioned above, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard disk and associated with the browser you use; they allow certain information to be sent to the location that placed the cookies. Cookies cannot run programs or transmit viruses to your computer. They are designed to make the Internet more user-friendly and effective overall.

(2) This website uses the following types of cookies, the scope and functionality of which are explained below:

Transient cookies (see a.)

Persistent cookies (see b.).

a. Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a so-called session ID, which can be used to assign various requests from your browser to the shared session. This allows your computer to be recognized when you return to our website. The session cookies

However, they are not recipients; the processing of these data by the authorities mentioned is carried out in accordance with the applicable data protection rules in accordance with the purposes of the processing.

10.Third party

“Third party” means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or processor.

11.Consent

“Consent” of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes in the form of a statement or other unambiguous affirmative action by which the data subject signifies agreement to the processing of personal data concerning him or her.

Legality of processing
The processing of personal data is only lawful if there is a legal basis for the processing. The legal basis for processing may be, in particular, according to Article 6 (1) (a) – (f) GDPR:

The data subject has given his or her consent to the processing of personal data concerning him or her for one or more specific purposes;

The processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures taken at the request of the data subject;

The processing is necessary to fulfil a legal obligation to which the controller is subject;

The processing is necessary to protect the vital interests of the data subject or of another natural person;

The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

The processing is necessary to safeguard the legitimate interests of the controller or of a third party, unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data prevail, in particular if the data subject is a child.

Information about the collection of personal data

(1) Below we provide information about the collection of personal data when using our website. Personal data includes, for example, name, address, email addresses, user behavior.

(2) If you contact us by email, the data you provide (your email address, if applicable, your name and your telephone number) will be stored by us in order to answer your questions. We delete the data collected in this context after storage is no longer required, or processing will be restricted if there are statutory retention periods.

Collection of personal data when visiting our website
If you use the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you would like to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (the legal basis is Art. 6 Para. 1 Clause 1 Letter f of GDPR):

IP ​​address
Date and time of the request
Time zone difference to Greenwich Mean Time (GMT)
Content of the request (specific page)
Access status/HTTP status code
Amount of data transferred in each case
Website from which the request comes
Browser
Operating system and its interface
Language and version of the browser software.

Use of cookies
(1) In addition to the data mentioned above, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard disk and associated with the browser you use; they allow certain information to be sent to the location that placed the cookies. Cookies cannot run programs or transmit viruses to your computer. They are designed to make the Internet more user-friendly and effective overall.

(2) This website uses the following types of cookies, the scope and functionality of which are explained below:

Transient cookies (see a.)

Persistent cookies (see b.).

a. Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a so-called session ID, which can be used to assign various requests from your browser to the shared session. This allows your computer to be recognized when you return to our website. The session cookies