- Data protection officer
- Types of data processed
- Categories of persons concerned by the processing
- Purposes of processing
- Relevant legal basis
- Data subject rights
- Information about your right to object according to Art. 21 GDPR
- Data transmission to third parties
- Data transmission within group one
- Data processing in third countries
- Website visitors
- Collection of general data and information
- Error logging with Sentry
- Consent Manager
- Security measures
- SSL encryption
- IP address shortening
- TLS encryption
- Contact form & e-mail
- Use of shipping service providers - sendinblue
- What data is processed by tracking?
- Purpose of tracking:
- Safety measures:
- On what legal basis does the tracking take place?
- Technically required cookies
- Technically unnecessary cookies
- Tracking methods/service providers used in detail
- Google Analytics
- Google Tag Manager
- Included third party content
- Friendly Captcha
Data protection is a high priority for the group one. Ultimately, however, it is unfortunately the case that hardly anyone is likely to read through all this 'data protection stuff'. It's really all about trust. You don't want to be surprised unexpectedly. We make this need, along with your other goals that you want to achieve with our products, the starting point of our actions.
The use of group one's websites is generally possible without any indication of personal data. Only your IP address is processed by the web server for the duration of your visit. This is a technical necessity and therefore unavoidable. The processing of personal data becomes necessary when services are used via our website.
For the processing of all other personal data, we generally obtain your consent if there is no other legal basis for such processing.
group one has implemented numerous technical and organizational measures to ensure the most complete protection of your personal data. Nevertheless, internet-based data transmissions can have security gaps, so that absolute protection cannot be guaranteed. For this reason, you are free to transmit personal data to us by alternative means, for example by telephone.
The responsible party within the meaning of the GDPR and other national data protection laws of the Member States and other data protection provisions is:
Data protection officer
If you have any questions or suggestions regarding data protection, please write them directly to our data protection officer.
You can reach him by mail at:
Langelinie Allé 35
2100 Copenhagen, Denmark
+45 72 27 30 02
or also by e-mail at firstname.lastname@example.org.
Types of data processed
We process the following types of data:
- Inventory data (e.g., names, addresses).
- Content data (e.g. text entries, photographs).
- Contact data (e.g. e-mail, telephone numbers).
- Meta/communication data (e.g., device information, IP addresses).
- Usage data (e.g. web pages visited, interest in content, access times).
- Location data (information about the geographical position of a computer or person).
- Contract data (e.g. subject matter of contract, term, customer category).
- Payment data (e.g. bank details, invoices, payment history).
- (Payment) card data (card number, card type, expiration date).
No special categories of data, according to Art. 9 para 1 GDPR, are processed by us, unless they are processed by you as our customer on your own responsibility. For example, if you let us host a server, then we are not responsible for what data you store there.
Categories of persons concerned by the processing
We process the data of the following categories of persons:
- Interested parties
- Visitors and users of the online offer
- Business partners
- Communication partners (callers, webinar participants, etc.)
In the following, we also refer to the persons concerned as users.
Purposes of processing
Among other things, we process data for the following purposes:
- Provision & optimization of the online offer, its contents and functions.
- Provision of contractual services, services and customer care
- Answering contact requests and communication with users
- Marketing, advertising and market research
- Security measures
- Fulfillment of legal obligations, e.g., fulfillment of commercial and tax retention obligations or comparison with so-called sanctions lists (there is also a comparison with U.S. sanctions lists due to our legitimate interest in avoiding fines and reputational damage on the American market)
Relevant legal basis
In accordance with the provisions of Art. 13 GDPR, we inform you of the legal basis for our data processing.
If the legal basis is not mentioned in the data protection information, the following applies:
- Insofar as we obtain your consent for processing operations of personal data, Art. 6 (1) lit. a GDPR serves as the legal basis for the processing of the data.
- When processing personal data that is necessary for the performance of a contract with you as a contractual partner, Art. 6 (1) lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
- Insofar as processing of personal data is necessary for the fulfillment of a legal obligation, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
- In the event that vital interests of you or another natural person make processing of personal data necessary, Art. 6 (1) lit. d GDPR serves as the legal basis. We do not yet know how this might be the case in our business field but have included it for the sake of completeness.
- If the processing is necessary to protect a legitimate interest of our company or a third party and your interests, fundamental rights and freedoms do not override the former interest(s), Art. 6 (1) lit. f GDPR serves as the legal basis for the processing.
Data subject rights
According to the provisions of the GDPR, you are generally entitled to the following rights:
- Right to information (Article 15 GDPR)
- Right to rectification (Article 16 GDPR)
- Right to erasure ("right to be forgotten") (Article 17 GDPR)
- Right to restriction of processing (Article 18 GDPR)
- Right to notification - obligation to notify in connection with rectification or erasure of personal data or restriction of processing (Article 19 GDPR)
- Right to data portability (Article 20 GDPR)
- Right to object (Article 21 GDPR)
- Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 GDPR)
If you have given us your consent, you can revoke it at any time with effect for the future.
If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can contact email@example.com.
You can also file a complaint with a supervisory authority at any time, e.g. the competent supervisory authority in the state of your residence or the authority responsible for us as the controller.
A list of the supervisory authorities (for the non-public sector) with address can be found at: https://edpb.europa.eu/about-edpb/about-edpb/members_en.
Information about your right to object according to Art. 21 GDPR
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6(1)(f) GDPR (data processing on the basis of a balance of interests); this also applies to profiling based on this provision within the meaning of Art. 4 No. 4 GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the assertion, exercise or defense of legal claims.
You can assert the objection against the responsible person.
|"Personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
|"Processing" means any operation or set of operations which is performed upon personal data, whether or not by automatic means. The term is broad and includes virtually any handling of data.
|Controller" means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data.
|By computer, we mean any device, including tablets, smartphones, and whatever else is invented soon to open web pages.
|personal data special categories of data
|personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade-union membership, and the processing of genetic data, biometric data uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation
|A browser is a computer program. It is used to access the Internet. You are currently using a browser to view this web page.
|An operating system is located on your computer or cell phone. It includes many 'computer' programs that have different tasks. Without the operating system, your computer can't start, can't run other programs. Examples of operating systems are 'Windows', 'Linux' or 'Android'.
|Internet Service Provider
|Telecommunications service provider that offers its customers access to the Internet and related services.
|IP is the abbreviation for Internet Protocol. Every computer, server. Device, cell phone, etc. connected to the Internet is assigned a globally unique IP address.
|File in which processes running in a computer or network system are logged. Log files provide important data for analyzing networks or accesses to web servers or websites.
Data transmission to third parties
If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as to payment service providers, is necessary for the performance of the contract pursuant to Art. 6 (1) lit. b GDPR), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, etc.).
If we commission third parties with the processing of data on the basis of a so-called "order processing agreement", this is done in accordance with Art. 28 GDPR.
Data transmission within group one
The group one is the head of the eponymous group of companies group one (www.group.one).
We may transfer personal data to other companies within our group of companies or grant them access to this data. If this transfer is for administrative purposes, the transfer of the data is based on our legitimate business and commercial interests or, if it is necessary for the fulfillment of our contract-related obligations, if your consent or a legal permission has been obtained.
Data processing in third countries
If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA)) or the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, entities or companies, this is only done in accordance with the legal requirements.
Subject to express consent or contractually or legally required transfer, we only process or have data processed in third countries with a recognized level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations (Art. 44 to 49 GDPR, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_dehttps://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de ).
Collection of general data and information
Our websites collect a series of general data and information with each call. This general data and information is stored in the server's log files. The following can be recorded
- browser types and versions used,
- the operating system used by the accessing computer,
- the website from which an accessing computer arrives at our website (so-called referrer),
- the sub-websites that are accessed via an accessing computer on our website,
- the date and time of an access to the website,
- IP address,
- the Internet service provider of the accessing computer and
- other similar data and information that serve to avert danger in the event of attacks on our IT systems.
When using this general data and information, we do not draw any conclusions about you or other visitors. This information is rather needed to
- to deliver the contents of our website correctly,
- to optimize the content of our website and the advertising for it,
- to ensure the permanent operability of our IT systems and the technology of our website, and
- to provide law enforcement authorities with the information necessary for prosecution in the event of a cyberattack.
Therefore, these anonymously collected data and information are evaluated by us on the one hand statistically and on the other hand with the aim of increasing the data protection and data security of our enterprise, in order to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by you.
Types of data processed:
- Usage data (e.g. web pages visited, interest in content, access times);
- Meta/communication data (e.g. device information, IP addresses)
- Visitors and users of our websites
Purposes of processing:
- Provision of the online offer, its contents and functions,
- Security measures
- Legitimate interest (Art. 6 para. 1 p. 1 lit. f. GDPR);
- Legal obligation (Art. 6 para. 1 lit. c GDPR)
Error logging with Sentry
For error logging, we use our own installation of Sentry (https.senztry.io) The software runs exclusively on our self-hosted web servers. There is no data transfer to Sentry as a service provider. It helps us to react on errors without the need to report them by the visitor.
- What is logged:
- IP address
- Operating system/browser used
- possible steps that led to the error, incl. stack trace
- other HTTP headers
- Visitors and users of our websites
Purpose of processing:
The software helps us to react to display errors on our website without the need to report them by the visitor. This helps us to constantly improve our website and its usability.
The error logs are stored based on our legitimate interest. We have a legitimate interest in storing them for the technically error-free and optimized provision of our services. After 90 days, this data is deleted.
The provision of the aforementioned personal data is neither legally nor contractually required. However, the storage of the data is mandatory for the operation of the website. Consequently, there is no possibility to object to this data collection.
The processing may be objected to. The right to object exists for reasons arising from the particular situation of the data subject(s). To object, please send an e-mail to firstname.lastname@example.org.
We ensure an adequate level of protection for your data. To this end, we take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons.
Our websites use SSL encryption. This encryption is used, for example, for requests that you send to us via our websites. Please make sure that SSL encryption is activated for corresponding activities on your side. The use of encryption is easy to recognize: the display in your browser address bar shows "https://". Data encrypted via SSL cannot be read by third parties.
IP address shortening
If it is possible for us or if it is not necessary to store the IP address, we will shorten your IP address or have it shortened. In the case of IP address shortening, also known as "IP masking", the last octet, i.e. the last two numbers of an IP address, are deleted (in this context, the IP address is an identifier individually assigned to an Internet connection by the online access provider). The purpose of shortening the IP address is to prevent or make it significantly more difficult to identify a person by their IP address.
Primarily, when transmitting data, we try to establish an encrypted communication path according to current security standards (e.g. TLS encryption), if supported by the other party.
We use communication channels for our internal communication according to current standards (e.g. TLS encryption, VPN).
In addition, the products booked by customers, hopefully including you, must be explicitly activated via encrypted transmission.
If you wish to contact us (e.g. by contact form, e-mail, telephone or via social media), your information will be processed to the extent necessary to respond to your inquiry and any requested action.
The response to a contact request in the context of contractual or pre-contractual relationships is made to fulfill our contractual obligations or to respond to (pre)contractual inquiries and otherwise on the basis of our legitimate interest in responding to the inquiries.
We are a group one company and as such we use the customer support of our 100% subsidiaries, see www.group.one, in addition to our own customer support to answer customer support requests. So if you write emails to our service addresses or call our customer support, these requests will also be answered by our colleagues of the mentioned brands. Accordingly, the colleagues of these brands also have access to your data. Otherwise, they would not be able to answer your inquiry.
Contact form & e-mail
We offer a contact form on our website so that you can contact us with questions about us, our website and other inquiries. In addition, you can contact us by e-mail.
When you contact us via the contact form or by e-mail to one of our support addresses, the data you provide (in particular your e-mail address, your first and last name and the text of your request, as well as any other information you have provided in the contact form or by e-mail) will be stored by us in order to process your request and answer your questions. We therefore ask you to provide us only with those things that are needed for the processing of your request.
The provision of the contact form is in our legitimate interest in successful customer and interest communication.
We delete your request if the storage is no longer necessary. We review the necessity every two years; If you have a customer account with us, we store your requests permanently and refer to your customer account details for deletion. Otherwise, the legal archiving obligations apply.
- Types of data processed:
- Inventory data (e.g. name, organization, product),
- Contact data (e-mail address),
- meta/communication data (IP address, country)
- Interested parties,
- visitors and
Purposes of processing:
- Provision of contractual services and customer service.
- Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 p. 1 lit. b GDPR),
- Legitimate interests (Art. 6 para. 1 p. 1 lit. f GDPR).
Provision of data:
The provision of your personal data is voluntary. However, we can only process your request if you provide us with the corresponding data.
With the following information we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedure and your rights of objection. By subscribing to our newsletter, you agree to receive it and to the described procedures.
We send newsletters, e-mails and other electronic notifications with promotional information (hereinafter "newsletter") only with your consent (Art. 6 para. 1 lit. a GDPR). Your name and e-mail address will be stored in order to enable the delivery of the newsletter. In the case of our existing customers, we reserve the right to provide them with information on similar products to those already sold in our newsletter, provided they have not objected to this procedure (Section 7 (3) UWG). If the contents of the newsletter are specifically described in the course of registration, these are decisive for your consent. In addition, our newsletters contain information about products and services in the area of domains, hosting and web presences.
For an effective registration we need a valid e-mail address. In order to verify that a registration is actually made by you as the owner of your e-mail address, we use the "double opt-in" procedure. For this purpose, we log the registration for the newsletter, the sending of a confirmation e-mail and the receipt of the response requested herewith. Further data is not collected.
Use of shipping service providers - sendinblue
Since operating a larger e-mail newsletter is anything but technically trivial, we use a technical service provider where the processing and use of the data takes place. We chose a service provider that is able to carry out mailings to numerous e-mail recipients and recipient groups in a technically variable and, above all, secure manner. Price was an issue in the selection process, but not a decisive factor. We placed particular emphasis on the issue of 'data security' during the selection process. We looked at a number of providers. Unfortunately, this was sobering.
After this careful research we decided to use the service 'sedinblue' of Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin;
Insofar as we use a dispatch service provider, the dispatch service provider may, according to its own information, use this data in pseudonymous form, i.e. without assigning it to a user, to optimize or improve its own services, e.g. to technically optimize the dispatch and presentation of the newsletter or for statistical purposes to determine which countries the recipients come from. However, the dispatch service provider does not use the data of our newsletter recipients to address them itself or to pass them on to third parties.
Registration data: To register for the newsletter, it is sufficient to enter your e-mail address. Optionally, we ask you to enter a name in order to address you personally in the newsletter.
Performance measurement - The newsletters contain a so-called "web beacon", i.e. a pixel-sized file that is retrieved from the servers of the dispatch service provider when the newsletter is opened. In the course of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and the time of the retrieval are collected. This information is used for the technical improvement of our services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined with the help of the IP address) or the access times. Statistical surveys also include determining whether newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our intention nor that of the dispatch service provider to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
The dispatch of the newsletter and the measurement of its success are based on the consent of the recipients pursuant to Art. 6 (1) lit. a GDPR.
The logging of the registration process is based on our legitimate interests according to Art. 6 para. 1 lit. f GDPR and serves as proof of consent to receive the newsletter.
You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter.
Types of data processed:
- Inventory data (e.g. name, organization, product),
- Contact data (email address),
- Meta/communication data (IP address, country).
- Newsletter subscribers
- Existing customers
Purposes of processing:
- Direct marketing (e.g., via e-mail or postal mail).
- Consent (Art. 6 para. 1 p. 1 lit. a. GDPR),
- Legitimate interests (Art. 6 para. 1 p. 1 lit. f. GDPR).
You can cancel the receipt of our newsletter at any time, i.e. revoke your consent or object to further receipt. You will find a link to cancel the newsletter either at the end of each newsletter or you can otherwise use one of the contact options given above, preferably e-mail, for this purpose.
Data will only be processed in this context as long as the corresponding consent exists or until you object to the sending of the newsletter. After that, the data will be deleted.
Provision of data:
The provision of your personal data is voluntary, based solely on your consent. Without existing consent, we can unfortunately not send you our newsletter.
We are engaged in online marketing. One activity of this is placing advertisements on the Internet in order to address new and existing customers. The advantage of online marketing over traditional advertising channels, such as TV or radio, is a more targeted approach to users and the more precise measurability of success. This is achieved through tracking. For this purpose, personal data may be processed by us as well as by our advertising partners. This includes location data, if you have consented to its use in your browser, as well as your IP address. As far as our advertising partners offer this, we use the so-called IP masking procedure, in which your IP address is shortened and thus anonymized. This is done to protect your data. Under no circumstances do we share clear data about you or other users with our advertising partners. Clear data is master data such as your name, your address or your e-mail address. However, our advertising partners usually create a pseudonymized advertising profile in which your surfing behavior and technical data such as your browser version and screen resolution are stored. Pseudonymized means that our advertising partners do not know your true identity, but you are assigned an advertising identification number. This advertising identification number and other technical data are stored locally on your end device (for example, in a cookie, a small text file). With the help of this file, it is then possible for our advertising partner and us to recognize you again. Since our advertising partners now also work with many other companies, our advertising partners can thus gradually fill the pseudonymized advertising profiles with data from, for example, website visits, app usage and other sources, and thus assess your interests. In special cases, it is also possible for our advertising partners to link the pseudonymized profiles with clear data known to you. This is the case, for example, with social networks, because here you usually provide your clear data voluntarily. With use of the advertising platform, however, we do not have access to this clear data in any case. We only gain access to information that helps us to assess the success of our advertisements. In the context of so-called conversion measurements, we can check which of the online marketing methods used has led to a contract being concluded. You can contact the provider of the social network to make any other arrangements or adjust the settings in your profile on the social network. We have no influence on this. We do not process your data without a legal basis. Therefore, we ask you for your consent before processing your data. This then represents the legal basis for the data processing. If we do not ask for your consent, your data will be processed based on our legitimate interest in effective, successful and recipient-friendly services.
What data is processed by tracking?
- Usage data (e.g. web pages visited, interest in content, access times),
- Meta/communication data (e.g. device information, IP addresses),
- Location data (information about the geographical position of a device or person),
- Event Data (Facebook) ("Event Data" is data that may be transmitted by us to Facebook, e.g. via Facebook Pixel (via apps or other means), and relates to individuals or their actions; the data includes, for example, information about visits to websites, interactions with content, functions, installations of apps, purchases of products, etc.; the Event Data is processed for the purpose of creating target groups for content and advertising information (Custom Audiences). Event data is processed for the purpose of creating target groups for content and advertising information (Custom Audiences); Event data does not include the actual content (such as written comments), no login information and no contact information (i.e. no names, email addresses and phone numbers). Event data is deleted by Facebook after a maximum of two years, the target groups formed from them with the deletion of our Facebook account).
Purpose of tracking:
- Remarketing, conversion measurement (measuring the effectiveness of marketing measures),
- Interest-based and behavioral marketing, profiling (creation of user profiles),
- Reach measurement (e.g. access statistics, recognition of returning visitors),
- Target group formation (determination of target groups relevant for marketing purposes or other output of content),
- Cross-device tracking (processing of user data across devices for marketing purposes).
- IP masking (pseudonymization of the IP address)
On what legal basis does the tracking take place?
Due to the described purposes of use, the legal basis for the processing of personal data using tracking cookies is Art. 6 (1) lit. f GDPR. If you have given us your consent to the use of tracking/cookies on the basis of a notice given by us on the website ("cookie banner"), the lawfulness of the use is additionally based on Art. 6 para. 1 sentence 1 lit. a GDPR.
Technically required cookies
The use of technically necessary cookies is necessary for the operation of our website. The use is based on our legitimate interest from Art. 6 para. 1 lit. f GDPR: Our legitimate interest here is to provide the most efficient attractive service possible. We pursue this by analyzing the information obtained through tracking about user behavior on our website.
The provision of the aforementioned personal data is neither legally nor contractually required. However, without this data, the service and functionality of our website cannot be guaranteed. In addition, individual services and services may not be available or may be limited.
Technically unnecessary cookies
Finally, we may perform tracking based on your consent. This consent is voluntary. It is given, for example, by clicking the "OK" button on our services after a corresponding notice has been displayed. You can revoke this consent at any time. You give your consent via Cookie First.
We use these cookies to:
- to determine key data on the use of our services (reach, intensity of use, surfing behavior of users) statistically - on the basis of uniform standard procedures - and thus to obtain values that are comparable across the market.
- measure the success of advertising campaigns, optimize our ads for the future, and enable marketers and advertisers to optimize their ads accordingly as well.
- to enable correct commission settlement for transactions.
- to be able to show you optimized advertising and content that is tailored as closely as possible to your interests, and thus to market our services optimally and adapt them to the needs of users.
However, we do not pursue any purposes on this basis for which the behavior of data subjects on the Internet must be made traceable or user profiles created.
Tracking methods/service providers used in detail
|Google Analytics is a web analytics service that enables us to examine the origin of visitors, the time they spend on individual pages, and the use of search engines, and thus to monitor the success of our advertising campaigns. The data stored using the cookies is transferred and stored by Google in the USA for evaluation. Google transmits the data to third parties only within the scope of legal regulations or within the scope of commissioned data processing. Google will not combine the collected data with other data collected by Google. We use Google Analytics with the extension "_anonymizeIp()". As a result, your IP address is shortened by Google within member states of the EU or in other EEA contracting states before being transmitted to the USA. Only in exceptional cases will the complete IP address be transmitted to Google servers in the USA and shortened there. Google Inc. will use this information on our behalf for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage.
Beyond the browser setting, you can prevent the collection of data generated by the cookie and related to your use of the website to Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
This plugin is provided by Google; we point out that we can neither verify nor control its function.
To prevent collection by Google Analytics across different devices, you must opt-out on all systems used.
|Data transfer to third countries:
Yes, to the USA.
The transfer takes place with your consent.
|Appropriateness Resolution, if applicable:
|not available for the USA
|EU standard contractual clauses
Google Tag Manager
|Google Tag Manager is a solution that allows us to implement and manage code on our website without any development effort. The Tag Manager itself (which implements the code) does not process any personal data of the users. It acts as a mere 'manager' of the implemented code. Data is collected via the Tag Manager embedded tools, such as Google Analytics. The data is passed through to the individual solutions in the Google Tag Manager and is not stored.
|Opt-out via consentmanager.net
|Data transfer to third countries:
|Yes, to the USA. The transfer takes place with your consent.
|Appropriateness Resolution, if applicable:
|not available for the USA
|EU standard contractual clauses
Included third party content
We partly integrate third-party content on our website.
This content is integrated in "extended data protection mode", which means that no data about you as a user is transmitted if you do not play or click on the content. Only if you agree to the data transfer and play or click on the content, the data mentioned in the next paragraph will be transferred. We have no influence on this data transmission. The legal basis for the processing of data after your consent is Art. 6 para. 1 p. 1 lit. a GDPR.
We use Friendly Captcha (hereinafter "Friendly Captcha") on this website. Provider is Friendly Captcha GmbH, Am Anger 3-5, 82237 Woerthsee, Germany.
Friendly Captcha is intended to verify whether the data input on this website (e.g. in a contact form) is made by a human or by an automated program. For this purpose, Friendly Captcha analyzes the behavior of the website visitor based on various characteristics. For the analysis, Friendly Captcha evaluates various information (e.g. anonymized IP address, referrer, visit time, etc.). You can find more information about this at: https://friendlycaptcha.com/legal/privacy-end-users/.
The storage and analysis of the data is based on Art. 6 (1) lit. f GDPR. We have a legitimate interest in protecting our web offers from abusive automated spying and from SPAM. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting). The consent can be revoked at any time.
Last update 04/17/2023