DATA PROTECTION OVERVIEW

General

The following gives a simple overview of what happens to your personal information when you visit our website. Personal information is any data with which you could be personally identified. Detailed information on the subject of data protection can be found in our privacy policy found below.

Data acquisition on our website

Who is responsible for the data collection on this website?

The data collected on this website are processed by the website operator. The operator's contact details can be found in the website's required legal notice.

How do we collect your data?

Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.

Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.

What do we use your data for?

Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyse how visitors use the site.

What rights do you have regarding your data?

You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.

Analytic & third-party tools

When visiting our website, statistical analyses may be made of your surfing behaviour. This happens primarily using cookies and analytics. The analysis of your surfing behaviour is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy.

You can object to this analysis. We will inform you below about how to exercise your options in this regard.

HOSTING AND CONTENT DELIVERY NETWORKS (CDN)

Google Cloud CDN

We use the Google Cloud CDN Content Delivery Network. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google offers a globally distributed Content Delivery Network. Technically, the transfer of information between your browser and our website is routed through Google’s network. This allows us to increase the global accessibility and performance of our website.

The use of Google Cloud CDN is based on our legitimate interest in providing our web services as error-free and securely as possible (Art. 6(1)(f) GDPR).

Data transfer to the USA is based on the EU Commission’s standard contractual clauses. Details can be found here:
https://cloud.google.com/terms/eu-model-contract-clause

For more information about Google Cloud CDN, please visit:
https://cloud.google.com/cdn/docs/overview?hl=en

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that ensures compliance with European data protection standards in data processing activities in the USA. Every company certified under the DPF is committed to adhering to these data protection standards. For more information, please refer to the provider’s information at the following link:
https://www.dataprivacyframework.gov/participant/5780

Data Processing Agreement

We have entered into a Data Processing Agreement (DPA) for the use of the aforementioned service. This is a legally required agreement that ensures that Google processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

GENERAL INFORMATION AND MANDATORY INFORMATION

Data protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy policy.

If you use this website, various pieces of personal data will be collected. Personal information is any data with which you could be personally identified. This privacy policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens.

Please note that data transmitted via the internet (e.g. via e-mail communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.

Notice concerning the party responsible for this website

The party responsible for processing data on this website is:

Otto Christ AG
Memminger Strasse 51
87734 Benningen, Germany

Telephone: +49 8331 857 0
E-mail: info@christ-ag.com

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, e-mail addresses, etc.).

Retention Period

Unless a more specific retention period is stated within this privacy policy, your personal data will remain with us until the purpose for the data processing no longer applies. If you submit a legitimate request for deletion or revoke your consent to data processing, your data will be deleted, provided there are no other legally permissible reasons for retaining your personal data (e.g., tax or commercial law retention periods); in such cases, the data will be deleted once these reasons no longer apply.

 

General Information on the Legal Bases for Data Processing on This Website

If you have consented to data processing, we process your personal data based on Art. 6(1)(a) GDPR or, if special categories of data under Art. 9(1) GDPR are processed, based on Art. 9(2)(a) GDPR. In the case of explicit consent to the transfer of personal data to third countries, data processing is also carried out based on Art. 49(1)(a) GDPR. If you have consented to the storage of cookies or access to information on your device (e.g., via device fingerprinting), data processing is additionally based on § 25(1) TDDG. Consent can be revoked at any time.If your data is necessary for the fulfillment of a contract or for the implementation of pre-contractual measures, we process your data based on Art. 6(1)(b) GDPR. Furthermore, we process your data if it is necessary to fulfill a legal obligation, based on Art. 6(1)(c) GDPR. Data processing may also be based on our legitimate interest according to Art. 6(1)(f) GDPR. The specific legal bases applicable in each case are outlined in the following sections of this privacy policy.

 

Data Protection Officer

We have appointed a Data Protection Officer.

ANTILEAKS.DE GmbH
Siegfried Honold

Schwabenstraße 4
87766 Memmingerberg

Telefon: +49 (0) 8331 9429 900
E-Mail: dsb@~@antileaks.de

 

Recipients of Personal Data

In the course of our business activities, we collaborate with various external entities. This may sometimes require the transfer of personal data to these external parties. We only share personal data with external entities if it is necessary for fulfilling a contract, if we are legally obligated to do so (e.g., transfer of data to tax authorities), if we have a legitimate interest under Art. 6(1)(f) GDPR in sharing the data, or if another legal basis permits the transfer of data. When using data processors, we only transfer personal data of our customers based on a valid data processing agreement. In cases of joint processing, a joint processing agreement is concluded.

 

REVOCATION OF YOUR CONSENT TO THE PROCESSING OF YOUR DATA

Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal e-mail making this request is sufficient. The data processed before we receive your request may still be legally processed.

Right to Object to Data Collection in Special Cases and to Direct Marketing (Art. 21 GDPR)

IF DATA PROCESSING IS BASED ON ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR THE PROCESSING SERVES TO ASSERT, EXERCISE, OR DEFEND LEGAL CLAIMS (OBJECTION UNDER ART. 21(1) GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION UNDER ART. 21(2) GDPR).

Right to Lodge a Complaint with the Competent Supervisory Authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, workplace, or the location of the alleged infringement. The right to lodge a complaint is without prejudice to any other administrative or judicial remedies.

 

Right to data portability

You have the right to have data which we process based on your consent or in fulfilment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.

Right to Information, Correction, and Deletion

Within the framework of applicable legal provisions, you have the right at any time to obtain free information about your stored personal data, its origin, recipients, and the purpose of the data processing. You also have the right, if applicable, to request the correction or deletion of this data. For this purpose, or for any further questions regarding personal data, you can contact us at any time.

 

Right to Restriction of Processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time to exercise this right. The right to restriction of processing applies in the following cases:

  • If you contest the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
  • If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of deletion.
  • If we no longer need your personal data, but you need it to assert, exercise, or defend legal claims, you have the right to request the restriction of processing instead of deletion.
  • If you have lodged an objection pursuant to Art. 21(1) GDPR, a balancing of your interests and ours must be carried out. As long as it is not determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If the processing of your personal data has been restricted, these data – aside from being stored – may only be processed with your consent, or for the assertion, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the European Union or a Member State.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries or orders you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.

If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

Information, blocking, deletion

As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.

Objection to advertising emails

The use of contact data published within the scope of the legal notice obligation to send unsolicited advertising and information materials is hereby objected to. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, for example by spam e-mails.

DATA ACQUISITION ON OUR WEBSITE

Cookies

Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called "session cookies". They are automatically deleted after your visit. Other cookies remain in your device's memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.

You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.

Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored pursuant to Art. 6 paragraph 1, letter f of DSGVO. The website operator has a legitimate interest in the storage of cookies to ensure an optimised service provided free of technical errors. If other cookies (such as those used to analyse your surfing behaviour) are also stored, they will be treated separately in this privacy policy.

Consent with Usercentrics

This website uses Usercentrics’ consent technology to obtain your consent for the storage of certain cookies on your device or the use of specific technologies and to document this in compliance with data protection regulations. The provider of this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany, Website: https://usercentrics.com/de/ (hereinafter “Usercentrics”).

When you visit our website, the following personal data is transmitted to Usercentrics:

  • Your consent(s) or the withdrawal of your consent(s)
  • Your IP address
  • Information about your browser
  • Information about your device
  • Time of your visit to the website
  • Geolocation

Furthermore, Usercentrics stores a cookie in your browser to be able to assign the consents you have given or their withdrawal. The data collected in this way is stored until you request us to delete it, delete the Usercentrics cookie yourself, or the purpose for data storage no longer applies. Mandatory legal retention periods remain unaffected.

The use of Usercentrics is to obtain the legally required consents for the use of certain technologies. The legal basis for this is Art. 6(1)(c) GDPR.

Data Processing Agreement

We have entered into a Data Processing Agreement (DPA) with Usercentrics for the use of the aforementioned service. This is a data protection law-required contract that ensures Usercentrics processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Contact form

Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.

We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time. An informal e-mail making this request is sufficient. The data processed before we receive your request may still be legally processed.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.

Inquiry via Email, Phone, or Fax

If you contact us via email, phone, or fax, your inquiry, including all personal data resulting from it (name, inquiry), will be stored and processed by us for the purpose of handling your request. This data will not be shared with third parties without your consent.

The processing of this data is based on Art. 6(1)(b) GDPR, provided your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries directed to us (Art. 6(1)(f) GDPR) or your consent (Art. 6(1)(a) GDPR), if requested; consent can be revoked at any time.

The data you send to us via contact inquiries will remain with us until you request its deletion, revoke your consent for storage, or the purpose for data storage no longer applies (e.g., after your inquiry has been processed). Mandatory legal provisions – especially statutory retention periods – remain unaffected.

ANALYTICS & ADVERTISING

Google Tag Manager

We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies into our website. Google Tag Manager itself does not create user profiles, store cookies, or perform any independent analysis. It is used solely to manage and deploy the tools integrated through it. However, Google Tag Manager does collect your IP address, which may also be transmitted to Google’s parent company in the United States.

The use of Google Tag Manager is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the fast and uncomplicated integration and management of various tools on their website. If corresponding consent has been requested, the processing is based exclusively on Art. 6(1)(a) GDPR and § 25(1) TDDG, insofar as the consent involves the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) under the TDDG. Consent can be revoked at any time.

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the United States that ensures compliance with European data protection standards when processing data in the USA. Each company certified under the DPF is committed to adhering to these data protection standards. More information can be found at the following link:
https://www.dataprivacyframework.gov/participant/5780.

GOOGLE ANALYTICS

This website uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

Google Analytics cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analysing user behaviour to optimise both its website and its advertising.

IP anonymisation

We have activated the IP anonymisation feature on this website. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. The IP address will be transmitted only in exceptional cases to a server of Google in the USA and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.

Browser plugin

You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de

Objecting to the collection of data

You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics.

For more information about how Google Analytics handles user data, see Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=en

Demographic data collection by Google Analytics

This website uses Google Analytics' demographic features. This allows reports to be generated containing statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This collected data cannot be attributed to any specific individual person. You can disable this feature at any time by adjusting the ads settings in your Google account or you can forbid the collection of your data by Google Analytics as described in the section "Refusal of data collection".

Google Ads

The website operator uses Google Ads. Google Ads is an online advertising program provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads allows us to display advertisements in the Google search engine or on third-party websites when users enter specific search terms on Google (keyword targeting). Additionally, targeted advertisements can be displayed based on user data available on Google (e.g., location data and interests) (audience targeting). As the website operator, we can quantitatively analyze this data by evaluating which search terms led to the display of our ads and how many ads resulted in corresponding clicks.

The use of this service is based on your consent according to Art. 6(1)(a) GDPR and § 25(1) TDDG. Consent can be revoked at any time.

Data transfer to the USA is based on the EU Commission’s standard contractual clauses. Details can be found here:
https://policies.google.com/privacy/frameworks and
https://business.safety.google/controllerterms/.

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the United States that ensures compliance with European data protection standards in data processing activities in the USA. Each company certified under the DPF is committed to adhering to these data protection standards. More information can be found at the following link:
https://www.dataprivacyframework.gov/participant/5780.

Facebook Conversion API

We have integrated Facebook Conversion API on this website. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the collected data is also transferred to the USA and other third countries.

The Facebook Conversion API allows us to track the interactions of website visitors with our website and share this information with Facebook to improve advertising performance on Facebook.

In particular, the time of the visit, the webpage visited, your IP address, your user agent, and possibly other specific data (e.g., purchased products, shopping cart value, and currency) are collected. A complete overview of the data that can be collected can be found here:
https://developers.facebook.com/docs/marketing-api/conversions-api/parameters.

The use of this service is based on your consent according to Art. 6(1)(a) GDPR and § 25(1) TDDG. Consent can be revoked at any time.

As far as personal data is collected on our website using the tool described here and transmitted to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its transmission to Facebook. Any subsequent processing by Facebook is not part of the joint responsibility. Our mutual obligations have been outlined in an agreement on joint processing. You can find the text of the agreement here:
https://www.facebook.com/legal/controller_addendum.

According to this agreement, we are responsible for providing the data protection information when using the Facebook tool and for securely implementing the tool on our website in compliance with data protection regulations. Facebook is responsible for the data security of Facebook products. You can directly assert data subject rights (e.g., requests for information) regarding data processed by Facebook. If you assert your data subject rights with us, we are obligated to forward them to Facebook.

The data transfer to the USA is based on the EU Commission’s standard contractual clauses. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum and
https://de-de.facebook.com/help/566994660333381.

 

Further information on protecting your privacy can be found in Facebook’s privacy policy:
https://de-de.facebook.com/about/privacy/.

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards when processing data in the USA. Every company certified under the DPF is committed to adhering to these data protection standards. Further information can be found at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt0000000GnywAAC&status=Active.

Data Processing Agreement

We have entered into a Data Processing Agreement (DPA) for the use of the aforementioned service. This is a legally required contract that ensures the service processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

NEWSLETTER

Newsletter data

If you wish to receive the newsletter offered on the website, we require your e-mail address and information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data will not be collected or will only be collected on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.

We will, therefore, process any data you enter into the newsletter registration form only with your consent per Art. 6 (1)(a) DSGVO. You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The data processed before we receive your request may still be legally processed.

The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted after unsubscribing from the newsletter. Data that has been stored with us for other purposes (e.g. e-mail addresses for the member area) remains unaffected by this.

PLUGINS & TOOLS

YouTube

Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.

If you're logged in to your YouTube account, YouTube allows you to associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.

Further information about handling user data can be found in the privacy statement of YouTube under: https://policies.google.com/privacy

Google Fonts (local Hosting)

For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.

When you call up a page of our website that contains a social plugin, your browser makes a direct connection with Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.

If your browser does not support web fonts, a standard font is used by your computer.

For more information about Google Web Fonts please visit https://developers.google.com/fonts/faq and see Google's Privacy Statement: https://policies.google.com/privacy

Google Maps

This site uses the Google Maps service. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. This service allows us to integrate map content into our website.

To use the functions of Google Maps, it is necessary to store your IP address. This information is typically transmitted to a Google server in the USA and stored there. The provider of this site has no control over this data transmission. When Google Maps is activated, Google may use Google Fonts for the uniform display of fonts. When you access Google Maps, your browser loads the required web fonts into its browser cache to display texts and fonts correctly.

The use of Google Maps is in the interest of an attractive presentation of our online services and easy location of the places indicated on our website. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR. If consent is requested, the processing will take place exclusively based on Art. 6(1)(a) GDPR and § 25(1) TDDG, as long as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) under the TDDG. Consent can be revoked at any time.

The data transfer to the USA is based on the EU Commission’s standard contractual clauses. Details can be found here:
https://privacy.google.com/businesses/gdprcontrollerterms/ and
https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

For more information on handling user data, please refer to Google’s privacy policy:
https://policies.google.com/privacy?hl=en.

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA, which ensures compliance with European data protection standards in data processing activities in the USA. Every company certified under the DPF is committed to adhering to these data protection standards. For more information, please refer to the provider’s information at the following link:
https://www.dataprivacyframework.gov/participant/5780.

Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

The purpose of reCAPTCHA is to verify whether data entered on this website (e.g., in a contact form) is done by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor accesses the website. reCAPTCHA evaluates different information for the analysis (e.g., IP address, the time the visitor spends on the website, or mouse movements made by the user). The data collected during the analysis is transmitted to Google.

The reCAPTCHA analysis runs entirely in the background. Website visitors are not informed that an analysis is taking place.

The storage and analysis of the data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in protecting its web services from abusive automated surveillance and from SPAM. If consent has been requested, processing will take place exclusively based on Art. 6(1)(a) GDPR and § 25(1) TDDG, as long as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) under TDDG. Consent can be revoked at any time.

For more information about Google reCAPTCHA, please refer to Google’s privacy policy and terms of service at the following links:
https://policies.google.com/privacy?hl=en and
https://policies.google.com/terms?hl=en.

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that ensures compliance with European data protection standards in data processing activities in the USA. Every company certified under the DPF is committed to adhering to these data protection standards. More information can be found at the following link:
https://www.dataprivacyframework.gov/participant/5780.

Cloudfare Turnstile

We use Cloudflare Turnstile (hereinafter “Turnstile”) on this website. The provider is Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA (hereinafter “Cloudflare”).

Turnstile is used to verify whether data input on this website (e.g., in a contact form) is being made by a human or by an automated program. To do this, Turnstile analyzes the behavior of the website visitor based on various characteristics.

This analysis begins automatically once the website visitor accesses a site with Turnstile enabled. Turnstile evaluates various information for the analysis (e.g., IP address, the time the visitor spends on the website, or mouse movements made by the user). The data collected during the analysis is transmitted to Cloudflare.

The storage and analysis of the data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in protecting its web services from abusive automated surveillance and SPAM. If consent has been requested, processing will take place exclusively based on Art. 6(1)(a) GDPR and § 25(1) TDDG, as long as the consent involves the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) under TDDG. Consent can be revoked at any time.

Data processing is based on standard contractual clauses, which you can find here:
https://www.cloudflare.com/cloudflare-customer-scc/.

For more information about Cloudflare Turnstile, please refer to the data protection provisions at:
https://www.cloudflare.com/cloudflare-customer-dpa/.

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards when processing data in the USA. Every company certified under the DPF is committed to adhering to these data protection standards. More information can be found at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt0000000GnZKAA0&status=Active.

OWN SERVICES

Handling of Applicant Data

We offer you the opportunity to apply with us (e.g., via email, by post, or through an online application form). Below, we inform you about the scope, purpose, and use of your personal data collected during the application process. We assure you that the collection, processing, and use of your data is carried out in accordance with applicable data protection laws and all other legal regulations, and that your data is treated with strict confidentiality.

Scope and Purpose of Data Collection

When you submit an application to us, we process the personal data associated with it (e.g., contact and communication details, application documents, notes from interviews, etc.) as far as this is necessary to make a decision about establishing an employment relationship. The legal basis for this is § 26 BDSG under German law (initiation of an employment relationship), Art. 6(1)(b) GDPR (general contract initiation), and – if you have given consent – Art. 6(1)(a) GDPR. Consent can be revoked at any time. Your personal data will only be shared within our company with persons involved in processing your application.

If the application is successful, the data you provided will be stored in our data processing systems for the purpose of conducting the employment relationship based on § 26 BDSG and Art. 6(1)(b) GDPR.

Data Retention Period

If we are unable to offer you a position, if you reject a job offer, or if you withdraw your application, we reserve the right to retain the data you have provided based on our legitimate interests (Art. 6(1)(f) GDPR) for up to 6 months after the end of the application process (rejection or withdrawal of the application). After this period, the data will be deleted, and physical application documents will be destroyed. The retention serves in particular as evidence in case of a legal dispute. If it becomes apparent that the data will be required after the 6-month period (e.g., due to a pending or potential legal dispute), deletion will only take place once the purpose for further retention no longer applies.

A longer retention period may also occur if you have given consent (Art. 6(1)(a) GDPR) or if statutory retention obligations prevent deletion.