We take privacy and data protection seriously
The protection of your privacy rights, when processing personal data, is extremely important to us. When you visit our website, our web servers store the IP of your internet service provider, the website from which you visit us, the web pages you visit on our site and the date and duration of the visit as standard. This information is of compelling importance for the technical transmission of the websites and the secure service operation. There will not be any personalised evaluation of this data.
If you send us data via the contact form, this data will be stored on our servers as part of the data backup process. Your data will be used by us exclusively to process your request. Your data will be treated with the strictest confidentiality The data will not be transferred to any third party
Table of contents
1. Controller and data protection officer
2. Personal data
3. Visiting the website
3.1 General use
3.2 Automatically saved data
3.3 Contacting us
3.4 Cookies
4. Service optimation
4.1 Platform and hosting
4.2 Newsletter and forms
5. Tools and services for analysis, statistics and marketing
5.1 Analysis and statistics
5.2 Advertising and marketing
5.3 Social media and communication
6. Economic analyses and market research
7. Safety
8. Processing personal data for promotional purposes
9. Who receives my data?
10. How long will my data be saved for?
11. What data protection rights do I have?
12. Amendments to this data privacy statement
1. Controller and data protection officer
Data controller:
DEHN SE
Hans-Dehn-Straße 1
92318 Neumarkt
Phone: +49 9181 906-0
Fax: +49 9181 906-1100
E-mail: info@dehn.de
The company's data protection officer is
Mr Christian Volkmer
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
E-mail: anfragen@projekt29.de
Tel.: 0941-2986930
2. Personal data
Personal data is data about your person. This includes your name, your address and your email address. You do not have to disclose personal data in order to visit our internet page. In certain cases, we will require your name and address, as well as other information, so that we can provide you with the required services.
This also applies in cases where you have requested us to provide you with information, material and/or when we answer your requests. In such cases, you will always be notified of this. We also only save data which you have automatically or voluntarily submitted to us.
When you utilise our services, we generally collect only the data which is necessary for us to provide the services required. Sometimes we may request additional information, but this is always voluntary. When we process personal data, we only do this to be able to provide you with our services, or in order to pursue our commercial objectives.
3. Visiting the website
3.1 General use
When you visit our website, our web servers store the IP of your internet service provider, the website from which you visit us, the web pages you visit on our site and the date and duration of the visit as standard. The processing of this information is obligatory for the technical transmission of the web pages, the convenient use of our services and secure server operation Our legitimate interest arises from Art. 6, Para. 1, lit. f of the GDPR.
It is not possible to draw any direct conclusions about your identity from this information and we will not do so. The information is stored and automatically erased once the aforementioned purposes have been achieved. The standard periods for erasure are based on the criterion of necessity.
3.2 Automatically saved data
Server log files
The website provider uses server log files to automatically collect and store information that your browser automatically transmits to us. This information is:
- Date and time of the request
- Name of the requested data file
- Page from which the data file was requested
- Access status (file transferred, file not found, etc.)
- Type of browser and operating system used
- Complete IP address of the requesting computer
- Volume of data transferred
These data are not combined with data from other sources. The basis for data processing is Art. 6 (1) (f) of the GDPR, which allows the processing of data for the purposes of our legitimate interest in improving the stability and functionality of our website.
For reasons of technical security, in particular to defend against attempts to attack our web server, these data are stored by us temporarily. These data do not allow us to identify specific individuals. After seven days at the latest, the data are anonymised by shortening the IP address at the domain level, at which point it is no longer possible to associate the data with an individual user. Data, in their anonymised form, are processed for statistical purposes; there is no comparison with other databases or transfer to third parties, even in excerpts.
3.3 Contacting us
When contacting us (e.g. via the contact form, email, telephone or social media), the details of the enquiring person are processed, provided this is necessary in order to respond to contact queries and any requested actions.
Responding to contact queries as part of contractual or precontractual relationships is performed for the fulfilment of our contractual obligations or to respond to (pre)contractual queries and is based furthermore on the legitimate interests in responding to queries.
- Types of processed data: User data (e.g. names, addresses), contact data (e.g. email, telephone numbers), content data (e.g. entries in online forms).
- Data subject: communication partner.
- Purpose of processing: contact queries and communication.
- Legal basis: Contract fulfilment and precontractual queries (Art. 6 [1] [b] of the GDPR), legitimate interests (Art. 6 [1] [f] of the GDPR).
3.4 Cookies
When you visit our website, we may store information on your computer in the form of cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie It consists of a string of characters by which internet pages and servers can be assigned to the specific internet browser in which the cookie was stored. This enables the websites and servers visited to distinguish the individual browser of the data subject from other internet browsers that contain other cookies. A specific internet browser can be recognised and identified via the unique cookie ID.
Through the use of session cookies, the controller can provide the users of this website with more user-friendly services that would not be possible without the cookie setting. Without consent, we only use technically necessary cookies on the legal basis of legitimate interest pursuant to Art. 6 (1) (f) of the GDPR.
We only use personal cookies to improve our website or for marketing/advertising purposes with your consent. During your first visit, you can voluntarily agree to tracking or analysis via the cookie banner that appears. Your data may be passed on to partners or third-party providers. These cookies will only be stored if you explicitly agree to this; the legal basis is then your consent pursuant to Art. 6 (1) (f) of the GDPR.
You can change your settings for the use of cookies here at any time: https://www.dehn-international.com/en#
4. Service optimation
4.1 Platform and hosting
Amazon Web Services (AWS)
We host our website with AWS. The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg (hereinafter: "AWS").
When you visit our website, your personal data is processed on the servers of AWS. Personal data may also be transferred to the parent company of AWS in the USA.
Data transfer to the USA is based on standard EU contractual clauses, among other things. You can find details here:
https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/.
Further information can be found in the AWS privacy policy: https://aws.amazon.com/de/privacy/?nc1=f_pr.
Amazon is also certified in accordance with the Data Privacy Framework and therefore fulfils the requirements of the EU Commission.
The use of AWS is based on Art. 6, Para. 1, lit. f of the GDPR. We have a legitimate interest in ensuring that our website is displayed as reliably as possible.
Amazon CloudFront CDN
We use the Amazon CloudFront content delivery network (CDN). The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855, Luxembourg (hereinafter: "Amazon").
Amazon CloudFront is a globally distributed content delivery network (CDN). The information transfer between your browser and our website is technically routed via the content delivery network. This enables us to increase the global accessibility and performance of our website.
The use of Amazon CloudFront CDN is based on our legitimate interest in providing our Web content in the most error-free and secure way possible (Art. 6, Para. 1, lit. f of the GDPR).
The transmission of data to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/.
Further information on Amazon CloudFront CDN is available here: https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice__German_Translation.pdf.
Bootstrap CDN
A Web service of the company StackPath, LLC, 2021 McKinney Avenue, Suite 1100, 75201 Texas, United States of America (hereinafter: "Bootstrap CDN") is reloaded on our website.
We use this data to ensure the full functionality of our website. The legal basis for this data processing is Art. 6, Para. 1, lit. f of the GDPR. The legitimate interest lies in the error-free functioning of the website.
The standard contractual clauses concluded between us and StackPath, LLC serve as the legal basis for the transfer to a third country without an adequacy decision. According to Art. 46 of the GDPR, this constitutes a suitable guarantee within the meaning of the GDPR.
The data will be erased as soon as the purpose for which it was collected has been fulfilled. Further information on the handling of the transferred data can be found in Bootstrap CDN's privacy policy: https://www.bootstrapcdn.com/privacy-policy/
We have concluded an order processing contract with the aforementioned provider in accordance with Art. 28 of the GDPR. This is a contract prescribed by data protection law that ensures that this service provider only processes the personal data of our website visitors upon our instructions and in compliance with the GDPR.
jsDelivr CDN
This website uses a so-called content delivery network (CDN) from jsDelivr.
A CDN is a service with the help of which our online content, in particular large media files such as graphics or scripts, is delivered more quickly by means of regionally distributed servers connected via the Internet. User data is processed exclusively for the aforementioned purposes and to maintain the security and functionality of the CDN.
For this purpose, the browser you are using must establish a connection to the CDN servers. This informs them that our website has been accessed via your IP address.
The use is based on our legitimate interests, namely the interest in secure and efficient provision, analysis and optimisation of our online content in accordance with Art. 6, Para. 1, lit. f. of the GDPR.
Cloudflare
We use the "Cloudflare" service. The provider is Cloudflare Inc, 101 Townsend St., San Francisco, CA 94107, USA (hereinafter: "Cloudflare").
Cloudflare offers a globally distributed content delivery network with DNS. The information transfer between your browser and our website is routed in terms of technology via the Cloudflare network. This enables Cloudflare to analyse the data traffic between your browser and our website and to act as a filter between our servers and potentially malicious traffic from the internet. Cloudflare may also use cookies or other technologies to recognise Internet users, but these are used solely for the purpose described here.
The use of Cloudflare is based on our legitimate interest in providing our Web content in the most error-free and secure way possible (Art. 6, Para. 1, lit. f of the GDPR).
The transmission of data to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://www.cloudflare.com/privacypolicy/.
Cloudflare, Inc. is also certified in accordance with the Data Privacy Framework and therefore fulfils the requirements of the EU Commission.
You can find more information about security and data protection at Cloudflare here: https://www.cloudflare.com/privacypolicy/.
We have concluded an order processing contract with the aforementioned provider in accordance with Art. 28 of the GDPR. This is a contract prescribed by data protection law that ensures that this service provider only processes the personal data of our website visitors upon our instructions and in compliance with the GDPR.
https://www.jsdelivr.com/privacy-policy-jsdelivr-net/
jQuery CDN
This site uses jQuery Migrate for the stability of jQuery technologies. The provider of the CDN is StackPath LLC, 2021 McKinney Ave, Suite 1100, Dallas, TX 75201, USA. For this purpose, programme libraries are accessed from jQuery servers using Google's CDN (content delivery network). If you have previously used jQuery Migrate on another Web page of the Google CDN, your browser will retrieve the copy stored in the cache. Should this not be the case, then downloading will be required. For this purpose, the browser you are using must establish a connection to the jQuery Foundation ("jQuery.org") servers. In this way, the jQuery Foundation becomes aware that our website has been accessed via your IP address. The use of code.jquery.com and jQuery Migrate is in the interest of optimising the loading speed of our online services. This constitutes a legitimate interest within the meaning of Art. 6, Para. 1, lit. f of the GDPR.
You can find more information on jQuery at https://code.jquery.com/. The jQuery Foundation's code of conduct can be found at https://js.foundation/community/code-of-conduct.
Fast Fonts
This site uses Web fonts from Monotype GmbH (fonts.com or fast.fonts.net) for the standardised display of fonts. When you open a page, your browser loads the required Web fonts into your browser cache.
For this purpose, your browser connects to the servers of fonts.com.
fonts.com may also log this request for access. This means that fonts.com associates your IP address with our website.
The use of these Web fonts is in the interest of a uniform and appealing presentation. This constitutes a legitimate interest within the meaning of Art. 6, Para. 1, lit. f of the GDPR.
If your browser does not support Web fonts, a standard font will be used by your computer.
You can find more information on fonts.com at: https://www.fonts.com/info/legal and in the privacy policy of Fonts.com: https://www.fonts.com/info/legal/privacy/ and in the privacy policy of Monotype GmbH: https://www.monotype.com/legal/privacy-policy/
4.2 Newsletter and forms
Use of forms and newsletter
Newsletter
We send our newsletter using the provider Mailingwork GmbH, Birkenweg 7, 09569 Oederan, Germany ("Mailingwork"). The email addresses and data of our newsletter recipients are stored on our behalf on Mailingwork's servers in Germany.
On our website we offer the possibility to subscribe to our newsletter. If you have expressly consented in accordance with Art. 6, Para. 1, sentence 1, lit. a of the General Data Protection Regulation (GDPR), we will use your email address to send you information on a regular basis. To receive the information, it is sufficient to provide your title, surname and email address. You may be able to voluntarily provide further information about yourself (e.g. first name, company).
You will then receive a registration notification by email, which you must confirm in order to receive the newsletter (referred to as a "double opt-in" procedure). This serves as proof that the registration was actually initiated by you.
You can unsubscribe at any time, e.g. via a link at the end of each newsletter. Your email address will be deleted 4 weeks after cancellation of your consent to receive the newsletter.
Mailingwork uses this information to send and analyse the newsletter on our behalf. We have concluded an order processing contract with Mailingwork for this purpose. Through this contract, Mailingwork ensures that it processes the data in accordance with the GDPR and guarantees the protection of the rights of the data subject.
Mailingwork ensures that personal data is comprehensively protected against unauthorised access. Mailingwork does not use the data of our newsletter recipients to write to them itself or pass the data on to third parties. Mailingwork is also certified by the Certified Senders Alliance as a reputable email sender.
Microsoft Azure
We rely on the external service provider Microsoft Azure to provide our service. When using the login and download functions, data and certain content is retrieved from the Microsoft Azure infrastructure by the end users' terminal devices. For security reasons and for load minimisation, the Azure Web Application Firewall stores your IP address. We have no influence on the further processing and/or storage of your IP address and other data by the provider. The data centre is located in Germany and there is no intention to transfer personal data to the USA. The order processing is carried out in compliance with legal requirements in accordance with Art. 28 ff. of the GDPR. All our service providers are carefully selected, regularly checked and contractually obliged to process all personal data exclusively in accordance with our instructions.
Further information from Microsoft on the subject of data protection and Azure can be found at https://privacy.microsoft.com/en-gb/privacystatement and https://azure.microsoft.com/en-gb/support/legal/.
5. Tools and services for analysis, statistics and marketing
5.1 Analysis and statistics
Google Tag Manager
We use Google Tag Manager. This is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is a tool that we can use to integrate tracking or statistics tools and other technologies on our website. Google Tag Manager itself does not create any user profiles, does not store any cookies and does not carry out any independent analyses. It is only used to manage and display the tools integrated within it. However, Google Tag Manager records your IP address, which may also be transmitted to Google's parent company in the United States.
Google Tag Manager is used on the basis of Art. 6, Para. 1, lit. f of the GDPR.
Google Analytics (4)
This website uses functions from the Google Analytics Web analysis service. This is provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyse the behaviour of website visitors. The website operator obtains various usage data, such as page impressions, duration of the visit, operating systems used and the origin of the user. This data is compiled in a user ID and assigned to the respective terminal device of the website visitor.
With Google Analytics, we can also record your mouse and scrolling movements and clicks, among other things. Furthermore, Google Analytics uses various modelling approaches to supplement data records and uses machine learning technology for data analysis.
Google Analytics uses technologies that enable the user to be recognised for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information about the use of this website recorded by Google is usually sent to a Google server in the USA where it is stored. The use of this service is based on your consent as per Art. 6, Para. 1, lit. a of the GDPR. You can revoke your consent at any time.
The transmission of data to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://privacy.google.com/businesses/controllerterms/mccs/.
The European Commission has issued an adequacy decision for the USA, provided that companies are certified under the Data Privacy Framework Programme. Google is certified in this respect and therefore fulfils the requirements of the EU Commission.
Browser plugin
You can prevent the recording and processing of your data by Google by downloading and installing the browser plugin available via the following link: https://tools.google.com/dlpage/gaoptout?hl=de. You can find more information on the handling of user data by Google Analytics in Google’s privacy statement. https://support.google.com/analytics/answer/6004245?hl=de.
Google-Signals
We use Google Signals. When you visit our website, Google Analytics records your location, search history, YouTube history and demographic data, among other things (visitor data). With the aid of Google Signals, this data can be used for personalised advertising. If you have a Google account, the visitor data is linked to your Google account by Google Signals and used for personalised advertisements. The data is also used for creating anonymised statistics on the usage behaviour of our users.
Google Analytics e-commerce measurement
This website uses the function “e-commerce measurement” from Google Analytics. With the help of e-commerce measurement, the website operator can analyse the purchasing behaviour of website visitors to improve its online marketing campaigns. Consequently, information such as orders placed, average order values, shipping costs and the time between viewing and purchasing a product can be recorded. This data can be compiled by Google under a transaction ID, which is assigned to the respective user or their terminal device.
Mouseflow
This website uses Mouseflow. The service provider is Mouseflow Ltd., Flaesketorvet 68, 1711 Copenhagen V, Denmark (Europe) (website: https://www.mouseflow.com).
Mouseflow is a tool for analysing your usage behaviour on this website. With Mouseflow, we can record your mouse and scrolling movements and clicks, among other things. Mouseflow can determine how long your mouse pointer rests on a particular place. Mouseflow uses this information to generate so-called heat maps, which enable them to determine which parts of a website the visitors prefer looking at.
We can also determine how long you stay on a page and when you leave it. We can also determine at which point you cancel your entries in a contact form (so-called conversion funnels).
Moreover, direct feedback can be collected from website visitors with Mouseflow. This function is used for improving the web content of the website operator.
Mouseflow uses technologies that enable the user to be recognised for the purpose of analysing user behaviour (e.g. cookies or the use of device fingerprinting).
Since express consent was requested (e.g. consent to the storing of cookies), processing is performed exclusively based on Art. 6, Para. 1, lit. a of the GDPR; consent can be revoked at any time.
We have concluded a contract for order processing with the aforementioned service provider. This is a contract prescribed by data protection law that ensures that this service provider only processes the personal data of our website visitors upon our instructions and in compliance with the GDPR.
5.2 Advertising and marketing
Google Ads
The website operator uses Google Ads. Google Ads is an online advertising program from Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display adverts in the Google search engine or on third-party websites when the user enters certain search terms in Google (keyword targeting). Furthermore, targeted adverts can be displayed based on the user data available at Google (e.g. location data and interests) (target group targeting). We as the website operator can evaluate this data quantitatively, for example by analysing which search terms led to the display of our advertisements and how many advertisements led to subsequent clicks.
The use of this service is based on your consent as per Art. 6, Para. 1, lit. a of the GDPR. You can revoke your consent at any time.
The European Commission has issued an adequacy decision for the USA, provided that companies are certified under the Data Privacy Framework Programme. Google is certified in this respect and therefore fulfils the requirements of the EU Commission.
Facebook & Instagram pixels
This website uses Facebook's visitor action pixel to measure conversions. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.
In this way, the behaviour of site visitors can be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimised.
The data collected is anonymous for us as the operator of this website; we cannot draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a link can be made to the respective user profile and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data Usage Policy. As a result, Facebook can enable the placement of adverts on Facebook pages and outside of Facebook. This use of the data cannot be influenced by us as the website operator.
The use of this service is based on your consent as per Art. 6, Para. 1, lit. a of the GDPR. You can revoke your consent at any time.
The transmission of data to the USA is based on the standard contractual clauses of the EU Commission.
Facebook is also certified in accordance with the Data Privacy Framework Programme.
https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
Facebook is also certified in accordance with the Date Privacy Framework.
If personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 of the GDPR). The joint responsibility is limited exclusively to the collection of data and its forwarding on to Facebook. The processing carried out by Facebook after forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in an agreement on joint processing. The text of the agreement can be found at:
https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the data protection information when using the Facebook tool and for the secure implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook.
You can find further information on protecting your privacy in Facebook's privacy policy: https://de-de.facebook.com/about/privacy/.
You can also deactivate the remarketing function "Custom Audiences" in the settings for
advertisements section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You must be logged in to Facebook to do this.
LinkedIn Insight Tag
This website uses the Insight tag from LinkedIn. The provider of this service is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
With the help of the LinkedIn Insight Tag, we receive information about visitors to our website. If a website visitor is registered with LinkedIn, we can, among other things, analyse the key professional data (e.g. career level, company size, country, location, industry and job title) of our website visitors and thus better align our site to the respective target groups. Furthermore, we can use LinkedIn Insight Tags to measure whether visitors to our websites make a purchase or take another action (conversion measurement). Conversion measurement can also be carried out across devices (e.g. from PC to tablet). LinkedIn Insight Tag also offers a retargeting function that we can use to display targeted advertising to visitors to our website outside the website, whereby, according to LinkedIn, no identification of the advertising recipient takes place.
LinkedIn itself also records log files (URL, referrer URL, IP address, device and browser properties and time of access). The IP addresses are truncated or (if they are used to reach LinkedIn members across devices) hashed (pseudonymised). The direct identifiers of LinkedIn members are erased by LinkedIn after seven days. The remaining pseudonymised data will then be erased within 180 days.
The data collected by LinkedIn cannot be associated with specific individuals by us as the website operator. LinkedIn will store the personal data collected from website visitors on its servers in the USA and use it for its own advertising purposes. Details can be found in LinkedIn's data privacy statement at
https://www.linkedin.com/legal/privacy-policy#choices-oblig.
The use of LinkedIn Insight is based on Art. 6, Para. 1, lit. f of the GDPR. The website operator has a legitimate interest in effective advertising measures, including social media. If express consent was requested, processing is performed exclusively based on Art. 6, Para. 1, lit. a of the GDPR. You can revoke your consent at any time.
The transmission of data to the USA is based on the standard contractual clauses of the EU Commission.
You can find details here: https://www.linkedin.com/legal/l/dpa und https://www.linkedin.com/legal/l/eu-sccs.
The European Commission has also issued an adequacy decision for the USA, provided that companies are certified under the Data Privacy Framework Programme. LinkedIn is certified in this respect and therefore fulfils the requirements of the EU Commission.
Object to the analysis of user behaviour and targeted advertising by LinkedIn under the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Furthermore, LinkedIn members can control the use of their personal data for advertising purposes in their account settings. To prevent LinkedIn from linking data collected on our website with your LinkedIn account, you must log out of your LinkedIn account before visiting our website.
We have concluded an order processing contract with the aforementioned provider in accordance with Art. 28 of the GDPR. This is a contract prescribed by data protection law that ensures that this service provider only processes the personal data of our website visitors upon our instructions and in compliance with the GDPR.
5.3 Social media and communication
YouTube
This website incorporates videos from YouTube. The operator of these web pages is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
We use YouTube in an enhanced data protection mode. According to YouTube, this mode prevents YouTube from saving any information about the visitors to this website before they watch the video. However, the enhanced data protection mode does not necessarily prevent the transmission of data to YouTube partners. YouTube establishes a connection to the Google DoubleClick network regardless of whether you watch a video.
When you start a YouTube video on this website, a connection is established to YouTube’s servers. The YouTube server is then informed about which of our pages you have visited. When you are logged in to your YouTube account, you enable YouTube to directly assign your surfing behaviour to your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, after starting a video, YouTube can save various cookies to your terminal device, or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about the visitors to this website. This information is used, among other things, to record video statistics, improve user-friendliness and prevent fraud attempts.
Once a YouTube video is started, additional data processing operations are triggered over which we have no influence. Processing is performed exclusively based on Art. 6, Para. 1, lit. a of the GDPR. You can revoke your consent at any time.
Further information about data protection at YouTube can be found in its privacy statement at: https://policies.google.com/privacy?hl=de
SOCIAL PLUGINS
Social buttons from social networks are used on our website. They are integrated into the page simply as HTML links, so that a connection to the servers of the respective provider is not yet established when accessing our website. When you click on one of the buttons, the website of the respective social network opens in a new window in your browser. There you can press the "like" or "share" button, for example.
Online presence on social media
If you have granted your consent to this to the respective social media operator as per Art. 6 (1) (1) (a) of the GDPR, when visiting our online presences on the aforementioned social media, your data is automatically collected and saved for the purposes of market research and advertising, from which usage profiles are created using pseudonyms. These can be used, for example, to switch advertising banners inside and outside the platforms which are presumed to match your interests. Cookies are usually used to this end. For detailed information on the processing and use of the data by the respective social media operator, contact options and your rights and setting options in this regard for the protection of your privacy, please refer to the privacy notices of the provider linked to below. Should you still require any assistance in this regard, you can also get in touch with us.
6. Economic analyses and market research
For business reasons and in order to identify market trends and the wishes of contractual partners and users, we analyse the data we have on business transactions, contracts, enquiries, etc., whereby the group of data subjects may include contractual partners, prospects, customers, visitors and users of our online services.
The analyses are carried out for the purpose of business evaluations, marketing and market research (e.g. to determine customer groups with different characteristics). If available, we can take into account the profiles of registered users together with the information they provide, e.g. on services used. The analyses serve us alone and are not disclosed externally, unless they are anonymous analyses with summarised – i.e. anonymised – values. Furthermore, we take the privacy of users into consideration and process the data for analysis purposes as pseudonymously as possible and, where feasible, anonymously (e.g. as summarised data).
7. Safety
We have implemented technical and administrative security precautions to protect your personal data against loss, destruction, manipulation and unauthorised access. All our employees, as well as service providers who work for us, are obligated to comply with the valid data protection laws.
Whenever we collect and process personal data, it is encrypted before it is transmitted. This means that your data cannot be misused by any third parties. Our protection measures are subjected to constant, on-going improvement processes and our data privacy statements are constantly updated. Please ensure that you have the current, valid version.
8. Processing personal data for promotional purposes
You can object to the use of your personal data for promotional purposes at any time, generally or just for individual measures, without any costs being incurred other than the transmission costs at the basic tariffs.
We authorised under the statutory regulations of §7, Para. 3 of the German Unfair Competition Act to use the email address that you specified upon contract conclusion for the direct marketing of similar goods or services of our own. You receive these product recommendations from us irrespective of whether you have subscribed to a newsletter.
If you do not want to receive such recommendations from us via email, you can object to the use of your email address for this purpose at any time without any costs being incurred other than the transmission costs at the basic tariffs. A notification in text form will suffice for this. A link to unsubscribe is always included in every email.
9. Who receives my data?
If we employ a service provider within the context of order processing, we continue to remain responsible for the protection of your data. All processors are contractually obligated to treat your data confidentially and only to process it within the course of service provision. The processors commissioned by us obtain your data, provided they require this data for the fulfilment of their respective task. Such processors may be, for example, IT service providers, who we require for the operation and security of our IT system, as well as commercial publishers and list brokers for our own marketing activities.
This data is provided to group companies, provided this is necessary for contract implementation. Customer data is saved in a company-related and separated manner, whereby our parent company acts as a service provider for the individual participating companies.
In the event of a legal obligation or as part of litigation, authorities, courts and external auditors could be the recipients of your data.
Furthermore, for the purpose of contract initiation and fulfilment, insurance providers, banks, credit agencies and service providers could be the recipients of your data.
10. How long will my data be saved for?
We will process your data until the end of the contractual relationship or until the expiry of any legal retention periods that apply (such as under the German Commercial Code, the German Fiscal Code or the German Working Hours Act); and also until the end of any legal disputes for which data is required as evidence.
11. What data protection rights do I have?
You have a right at all times to information, rectification, erasure or restriction of processing of your stored data, the right to object to processing and the right to data portability or to lodge a complaint according to the requirements of data protection law.
Right to information:
You have the right to obtain information from us as to whether and to what extent we process your personal data.
Right to rectification:
You have the right to demand rectification of any incomplete or inaccurate personal data that we process.
Right to erasure:
You have the right to demand that we erase your data if we process any of it unlawfully, or if the processing excessively interferes with your legitimate data-protection interests. Please note that there may be reasons why we might not be able to effect immediate erasure – e.g., in the case of data storage requirements stipulated by law.
Regardless of whether you exercise your right to erasure, we will immediately and completely erase your data as long as there is no transactional, contractual or legal retention requirement that would prevent this.
Right to restriction of processing:
You have the right to demand that we restrict the processing of your data if
- you contest the accuracy of the data, in which case the restriction will apply for a period enabling us to verify the accuracy of the data,
- the processing is unlawful but you decline erasure of the personal data and instead request the restriction of their use,
- we no longer need the personal data for the purposes of processing, but you need the data in order to exercise or defend legal claims, or
- you have objected to the processing of your personal data.
Right to data portability:
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. Furthermore, you have the right to transmit those data to another controller without hindrance from us, provided
- that we are processing these data on the basis of a revocable consent issued by you or to meet the requirements of a contract between us, and
- this processing is carried out by automated means.
If technically possible, we can directly transmit your data to another controller upon your request.
Right to object:
If we process your data for legitimate reasons, you can object to this processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms or the processing is for the purpose of asserting, exercising or defending legal claims. You may object to the processing of your data for the purposes of direct marketing without providing a reason.
Right to lodge a complaint:
If you believe that we are processing your data in violation of German or European data protection law, we ask that you contact us so that we can resolve the matter. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection.
If you intend to assert one of the above rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.
Do I have an obligation to submit data?
The processing of your data is required for the conclusion/fulfilment of the contract you enter with us. If you do not supply us with this data, we will usually have to decline concluding a contract with you or will no longer be able to implement an existing contract and must ultimately terminate it. However, you are not obligated to grant consent to data processing which is not relevant or not legally required for the fulfilment of a contract.
12. Amendments to this data privacy statement
We retain the right to amend our data privacy statements if this should be necessary due to new technologies. Please ensure that you have the current, valid version. If any fundamental amendments are made to this data privacy statement, we will post them on our website.
All information on the processing of your personal data can be found here.