Privacy policy

Table of Contents

• Introduction and Overview
• Contact Details of the Data Protection Officer
• Rights Under the General Data Protection Regulation
• Cookies
• Web Hosting Introduction
• Web Analytics Introduction
• Email Marketing Introduction
• Online Marketing Introduction
• Audio & Video Introduction
• Web Design Introduction

Introduction and Overview

We have written this privacy policy (version 27.03.2026-311714923) to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (data for short) we as the controller – and the processors commissioned by us (e.g. providers) – process, will process in the future, and what lawful options you have. The terms used are to be understood as gender-neutral. In short: We provide you with comprehensive information about the data we process about you. Privacy policies usually sound very technical and use legal jargon. This privacy policy, however, is intended to describe the most important things to you as simply and transparently as possible. Where it aids transparency, technical terms are explained in a reader-friendly manner, links to further information are provided, and graphics are used. We thereby inform you in clear and simple language that we only process personal data in the course of our business activities when there is a corresponding legal basis. This is certainly not possible by providing brief, unclear, and legalistic-technical explanations, as is often the standard on the internet when it comes to data protection. We hope you find the following explanations interesting and informative, and perhaps there is some information you were not previously aware of. If you still have questions, we would like to ask you to contact the responsible body named below or in the legal notice, to follow the available links, and to look at further information on third-party sites. You can of course also find our contact details in the legal notice.

Contact Details of the Data Protection Officer

Below you will find the contact details of the data protection officer: PANTOPIX GmbH & Co. KG Frau Dalibor Josephine-Hirner-Straße 2 88131 Lindau Email: datenschutz@pantopix.com

Rights Under the General Data Protection Regulation

In accordance with Article 13, 14 DSGVO, we inform you of the following rights to which you are entitled in order to ensure fair and transparent processing of data:

• Under Article 15 DSGVO, you have the right to information about whether we process your data. If this is the case, you have the right to receive a copy of the data and to be informed of the following:
  • the purpose for which we carry out the processing;
  • the categories, i.e. the types of data being processed;
  • who receives this data and, if the data is transferred to third countries, how security can be guaranteed;
  • how long the data is stored;
  • the existence of the right to rectification, erasure, or restriction of processing and the right to object to processing;
  • that you can lodge a complaint with a supervisory authority (links to these authorities can be found further below);
  • the origin of the data if we did not collect it from you;
  • whether profiling is carried out, i.e. whether data is automatically evaluated to create a personal profile of you.
• Under Article 16 DSGVO, you have the right to rectification of data, which means we must correct data if you find errors.
• Under Article 17 DSGVO, you have the right to erasure (“right to be forgotten”), which specifically means you may request the deletion of your data.
• Under Article 18 DSGVO, you have the right to restriction of processing, which means we may only store the data but not use it further.
• Under Article 20 DSGVO, you have the right to data portability, which means that upon request we will provide you with your data in a commonly used format.
• Under Article 21 DSGVO, you have the right to object, which, once enforced, entails a change in processing.
  • If the processing of your data is based on Article 6 Abs. 1 lit. e (public interest, exercise of official authority) or Article 6 Abs. 1 lit. f (legitimate interest), you may object to the processing. We will then check as quickly as possible whether we can legally comply with this objection.
  • If data is used for direct advertising purposes, you may object to this type of data processing at any time. We may then no longer use your data for direct marketing.
  • If data is used for profiling purposes, you may object to this type of data processing at any time. We may then no longer use your data for profiling.
• Under Article 22 DSGVO, you may have the right not to be subject to a decision based solely on automated processing (e.g. profiling).
• Under Article 77 DSGVO, you have the right to lodge a complaint. This means you can complain to the data protection authority at any time if you believe that the processing of personal data violates the GDPR.

In short: You have rights – do not hesitate to contact the responsible body listed above! If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can lodge a complaint with the supervisory authority. For Austria, this is the Data Protection Authority, whose website you can find at https://www.dsb.gv.at/. In Germany, there is a data protection officer for each federal state. For further information, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI). The following local data protection authority is responsible for our company:

Cookies

Cookies Summary 👥 Affected parties: Visitors to the website 🤝 Purpose: Depends on the respective cookie. More details can be found below or from the manufacturer of the software that sets the cookie. 📓 Data processed: Depends on the respective cookie used. More details can be found below or from the manufacturer of the software that sets the cookie. 📅 Storage duration: Depends on the respective cookie, can vary from hours to years ⚖️ Legal basis: Art. 6 Abs. 1 lit. a DSGVO (Consent), Art. 6 Abs. 1 lit.f DSGVO (Legitimate Interests)

What are cookies?

Our website uses HTTP cookies to store user-specific data. Below we explain what cookies are and why they are used, so that you can better understand the following privacy policy. Whenever you browse the internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies. One thing cannot be denied: cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are also other cookies for other areas of application. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically placed in the cookie folder, essentially the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified. Cookies store certain user data about you, such as language or personal page settings. When you revisit our site, your browser transmits the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you the settings you are accustomed to. In some browsers, each cookie has its own file; in others, such as Firefox, all cookies are stored in a single file. The following graphic shows a possible interaction between a web browser such as Chrome and the web server. The web browser requests a website and receives a cookie back from the server, which the browser uses again when another page is requested. There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, while third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, trojans, or other “malware.” Cookies also cannot access information on your PC. For example, cookie data can look like this: Name: _ga Value: GA1.2.1326744211.152311714923-9 Purpose: Distinguishing website visitors Expiration date: after 2 years A browser should be able to support these minimum sizes:

• At least 4096 bytes per cookie
• At least 50 cookies per domain
• At least 3000 cookies in total

What types of cookies are there?

The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the privacy policy. At this point, we would like to briefly discuss the different types of HTTP cookies. There are 4 types of cookies: Essential cookies These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user adds a product to the shopping cart, then continues browsing other pages, and only goes to checkout later. These cookies ensure that the shopping cart is not deleted even if the user closes the browser window. Functional cookies These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are used to measure the loading time and behavior of the website in different browsers. Targeting cookies These cookies ensure a better user experience. For example, entered locations, font sizes, or form data are saved. Advertising cookies These cookies are also called targeting cookies. They serve to deliver individually tailored advertising to the user. This can be very practical but also very annoying. Usually, when you first visit a website, you are asked which of these cookie types you wish to allow. And of course, this decision is also stored in a cookie. If you want to learn more about cookies and are not afraid of technical documentation, we recommend https://datatracker.ietf.org/doc/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism.”

Purpose of processing via cookies

The purpose ultimately depends on the respective cookie. More details can be found below or from the manufacturer of the software that sets the cookie.

What data is processed?

Cookies are small helpers for many different tasks. Unfortunately, it is not possible to generalize what data is stored in cookies, but we will inform you about the processed or stored data in the following privacy policy.

Storage duration of cookies

The storage duration depends on the respective cookie and is specified further below. Some cookies are deleted after less than an hour, while others can remain stored on a computer for several years. You also have an influence on the storage duration yourself. You can manually delete all cookies at any time via your browser (see also “Right to object” below). Furthermore, cookies based on consent will be deleted at the latest after you revoke your consent, although the lawfulness of storage until that point remains unaffected.

Right to object – how can I delete cookies?

How and whether you want to use cookies is your own decision. Regardless of which service or website the cookies come from, you always have the option of deleting, deactivating, or only partially allowing cookies. For example, you can block third-party cookies but allow all other cookies. If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings: Chrome: Delete, enable, and manage cookies in Chrome Safari: Manage cookies and website data in Safari Firefox: Delete cookies to remove data that websites have placed on your computer Internet Explorer: Delete and manage cookies Microsoft Edge: Delete and manage cookies If you generally do not want cookies, you can set up your browser to always inform you when a cookie is about to be set. This way, you can decide for each individual cookie whether you allow it or not. The procedure varies depending on the browser. The best approach is to search for the instructions in Google using the search term “delete cookies Chrome” or “disable cookies Chrome” in the case of a Chrome browser.

Legal basis

Since 2009, the so-called “Cookie Directives” have been in place. They stipulate that the storage of cookies requires your consent (Artikel 6 Abs. 1 lit. a DSGVO). However, there are still very different reactions to these directives within EU countries. In Austria, this directive was implemented in Section 165(3) of the Telecommunications Act (2021). In Germany, the Cookie Directives were not implemented as national law. Instead, this directive was largely implemented in Section 15(3) of the Telemedia Act (TMG), which has been replaced by the Digital Services Act (DDG) since May 2024. For strictly necessary cookies, even where no consent is given, there are legitimate interests (Artikel 6 Abs. 1 lit. f DSGVO), which in most cases are of an economic nature. We want to provide visitors to the website with a pleasant user experience, and certain cookies are often strictly necessary for this. Where non-essential cookies are used, this only occurs with your consent. The legal basis in this regard is Art. 6 Abs. 1 lit. a DSGVO. In the following sections, you will be informed in more detail about the use of cookies, provided the software used employs cookies.

Web Hosting Introduction

Web Hosting Summary 👥 Data subjects: Visitors to the website 🤝 Purpose: Professional hosting of the website and ensuring operational security 📓 Data processed: IP address, time of website visit, browser used and other data. More details can be found below or from the respective web hosting provider. 📅 Storage duration: Depends on the respective provider, but generally 2 weeks ⚖️ Legal basis: Art. 6 Abs. 1 lit.f DSGVO (Legitimate Interests)

What is Web Hosting?

When you visit websites these days, certain information ‚Äì including personal data ‚Äì is automatically created and stored, including on this website. This data should be processed as sparingly as possible and only with justification. By website, we mean the entirety of all web pages on a domain, i.e. everything from the start page (homepage) to the very last subpage (like this one). By domain, we mean, for example, beispiel.de or musterbeispiel.com. When you want to view a website on a computer, tablet or smartphone, you use a program called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox and Apple Safari. We refer to them simply as browsers or web browsers. To display the website, the browser must connect to another computer where the website’s code is stored: the web server. Operating a web server is a complex and demanding task, which is why it is usually handled by professional providers. These providers offer web hosting and thus ensure reliable and error-free storage of website data. Quite a lot of technical terms, but please bear with us, it gets better! When your computer’s browser (desktop, laptop, tablet or smartphone) connects and during data transfer to and from the web server, personal data may be processed. On the one hand, your computer stores data, and on the other hand, the web server must also store data for a period of time to ensure proper operation. A picture says more than a thousand words, which is why the following graphic illustrates the interaction between the browser, the internet and the hosting provider.

Why do we process personal data?

The purposes of data processing are:

1. Professional hosting of the website and ensuring operational security
2. To maintain operational and IT security
3. Anonymous evaluation of access behavior to improve our offerings and, if necessary, for prosecution or pursuit of claims

What data is processed?

Even while you are visiting our website right now, our web server, which is the computer on which this website is stored, typically stores data automatically such as

• the complete internet address (URL) of the accessed web page
• browser and browser version (e.g. Chrome 87)
• the operating system used (e.g. Windows 10)
• the address (URL) of the previously visited page (referrer URL) (e.g. https://www.beispielquellsite.de/vondabinichgekommen/)
• the hostname and IP address of the device from which access is made (e.g. COMPUTERNAME and 194.23.43.121)
• date and time
• in files, known as web server log files

How long is data stored?

As a rule, the above-mentioned data is stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out the possibility that this data may be viewed by authorities in the event of unlawful conduct. In short: Your visit is logged by our provider (the company that runs our website on special computers (servers)), but we do not share your data without consent!

Legal Basis

The lawfulness of processing personal data in the context of web hosting is based on Art. 6 Abs. 1 lit. f DSGVO (safeguarding legitimate interests), as the use of professional hosting with a provider is necessary to present the company on the internet in a secure and user-friendly manner and to be able to pursue attacks and claims arising therefrom if necessary. Between us and the hosting provider, there is generally a data processing agreement in accordance with Art. 28 f. DSGVO, which ensures compliance with data protection and guarantees data security.

1&1 IONOS Web Hosting Privacy Policy

1&1 IONOS Web Hosting Privacy Policy Summary 👥 Data subjects: Visitors to the website 🤝 Purpose: Website storage and accessibility on the internet 📓 Data processed: IP address, but also technical data in particular 📅 Storage duration: Visitor data is deleted after 8 weeks ⚖️ Legal basis: Art. 6 Abs. 1 lit. f DSGVO (Legitimate Interests)

What is 1&1 IONOS Web Hosting?

To host our website, we use the web hosting services of the company IONOS by 1&1. In Germany, 1&1 IONOS SE is located at Elgendorfer Str. 57 in 56410 Montabaur. In Austria, you can find 1&1 IONOS SE at Gumpendorfer Straße 142/PF 266 in 1060 Wien. IONOS offers the following services related to web hosting: Domain, Website & Shop, Hosting & WordPress, Marketing, E-Mail & Office, IONOS Cloud and Server. With over 22 million domains, almost 9 million customer contracts and 100,000 servers, IONOS is one of the largest German players in the web hosting sector. As we already mentioned in our introductory words on the topic of web hosting: through hosting, data from you or your device is also stored on the IONOS servers. First and foremost, your IP address, which is known to be personal data, is stored. In addition, technical data such as the URL of our website, the name of the internet browser or the operating system you use is also stored.

Why do we use 1&1 IONOS Web Hosting?

IONOS was founded in Germany back in 1988 and thus has over 30 years of experience under its belt. However, this does not mean that the company has not continuously evolved in terms of technology. It is precisely this combination of experience and innovative spirit that, in our view, provides a good foundation for our website. After all, we want our website to function smoothly 24 hours a day while ensuring a high level of security. Since IONOS does not limit monthly data traffic and provides plenty of storage space, our website remains performant even with many visitors. We are very satisfied with the speed of the website and the price-performance ratio currently meets our requirements.

What data is processed by 1&1 IONOS Web Hosting?

1&1 IONOS Web Hosting may also process personal data from you. When you visit our website, the following data from you or your computer is stored at IONOS:

• the previously visited website (also known as referrer)
• the requested website (i.e. in this case our website)
• browser type and browser version
• your operating system and your device type
• time of page access
• your IP address in anonymized form

The collected data is used to enhance the security of the website, to detect potential errors and to conduct anonymous statistical analyses. According to IONOS, the anonymized IP address is only used to determine the location of access.

How long and where is data stored?

The data is stored on IONOS’s own servers. In principle, IONOS stores data for as long as is necessary to fulfill its obligations. Visitor data is stored for 8 weeks. However, it may also happen that data is stored for longer periods, for example to have evidence for possible legal disputes. Visitor data is not shared with third parties and is not transferred to a country outside the EU.

How can I delete my data or prevent data storage?

You have the right at any time to access, rectify or delete and restrict the processing of your personal data. You can also revoke your consent to the processing of data at any time. If you generally want to disable, delete or manage cookies, you will find the corresponding links to the respective instructions of the most popular browsers in the “Cookies” section.

Legal Basis

On our part, there is a legitimate interest in using IONOS in order to be able to offer our online service. Professional hosting with a provider is necessary to present our company on the internet in a secure and user-friendly manner and to be able to pursue possible cyber attacks. The corresponding legal basis is Art. 6 Abs. 1 lit. f DSGVO (Legitimate Interests). You can find much more information about data protection at IONOS in their privacy policy at https://www.ionos.de/terms-gtc/datenschutzerklaerung/. If you have any further questions about data protection, you can also contact the IONOS data protection team by email at datenschutz@ionos.de.

Kinsta Privacy Policy

We use the web hosting services of Kinsta to host our website. The service provider is the American company Kinsta Inc., 8605 Santa Monica Blvd #92581, West Hollywood, CA 90069, USA. Kinsta processes data from you, including in the USA. Kinsta is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en. In addition, Kinsta uses so-called Standard Contractual Clauses (= Art. 46. Abs. 2 und 3 DSGVO). Standard Contractual Clauses (SCC) are template clauses provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even when it is transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Kinsta commits to complying with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de More information about the Standard Contractual Clauses at Kinsta can be found in the Data Processing Addendum at https://kinsta.com/legal/data-processing-addendum/. You can learn more about the data processed through the use of Kinsta in their privacy policy at https://kinsta.com/legal/privacy-policy/.

Web Analytics Introduction

Web Analytics Privacy Policy Summary 👥 Affected: Visitors to the website 🤝 Purpose: Evaluation of visitor information to optimize the web offering. 📓 Processed Data: Access statistics containing data such as access locations, device data, access duration and time, navigation behavior, click behavior, and IP addresses. More details can be found under the respective web analytics tool used. 📅 Storage Duration: depends on the web analytics tool used ⚖️ Legal Bases: Art. 6 Abs. 1 lit. a DSGVO (Consent), Art. 6 Abs. 1 lit. f DSGVO (Legitimate Interests)

What is Web Analytics?

We use software on our website to evaluate the behavior of website visitors, commonly referred to as web analytics or web analysis. In doing so, data is collected, which the respective analytics tool provider (also called a tracking tool) stores, manages, and processes. Using this data, analyses of user behavior on our website are created and made available to us as the website operator. In addition, most tools offer various testing options. For example, we can test which offers or content are most popular with our visitors. To do this, we show you two different offers for a limited period of time. After the test (known as an A/B test), we know which product or content our website visitors find more interesting. For such testing procedures, as well as for other analytics procedures, user profiles may also be created and the data stored in cookies.

Why do we use Web Analytics?

With our website, we have a clear goal in mind: we want to deliver the best web offering on the market for our industry. To achieve this goal, we want to offer the best and most interesting content on the one hand, and on the other hand, ensure that you feel completely comfortable on our website. With the help of web analytics tools, we can take a closer look at the behavior of our website visitors and then improve our web offering accordingly for both you and us. For example, we can identify the average age of our visitors, where they come from, when our website is visited most frequently, or which content or products are particularly popular. All this information helps us optimize the website and thus best adapt it to your needs, interests, and wishes.

What data is processed?

Exactly which data is stored depends, of course, on the analytics tools used. However, as a rule, data such as what content you view on our website, which buttons or links you click, when you access a page, which browser you use, which device (PC, tablet, smartphone, etc.) you use to visit the website, or which computer system you use is stored. If you have agreed that location data may also be collected, this data can also be processed by the web analytics tool provider. In addition, your IP address is also stored. According to the General Data Protection Regulation (GDPR), IP addresses are personal data. However, your IP address is generally stored in pseudonymized form (i.e., in an unrecognizable and abbreviated form). For the purposes of testing, web analytics, and web optimization, no direct data such as your name, age, address, or email address is stored as a matter of principle. All such data, if collected, is stored in pseudonymized form. This means you cannot be identified as a person. The following example schematically shows how Google Analytics works as an example of client-based web tracking using JavaScript code. How long the respective data is stored always depends on the provider. Some cookies store data for only a few minutes or until you leave the website again, while other cookies can store data for several years.

Duration of Data Processing

We will inform you below about the duration of data processing, provided we have further information on this. In general, we only process personal data for as long as is absolutely necessary for the provision of our services and products. If required by law, for example in the case of accounting, this storage period may also be exceeded.

Right to Object

You also have the right and the option at any time to revoke your consent to the use of cookies or third-party providers. This works either through our cookie management tool or through other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating, or deleting cookies in your browser.

Legal Basis

The use of web analytics requires your consent, which we have obtained through our cookie popup. This consent constitutes the legal basis for the processing of personal data, as may occur when collected by web analytics tools, pursuant to Art. 6 Abs. 1 lit. a DSGVO (Consent). In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors in order to improve our offering both technically and commercially. With the help of web analytics, we can identify errors on the website, detect attacks, and improve cost-effectiveness. The legal basis for this is Art. 6 Abs. 1 lit. f DSGVO (Legitimate Interests). However, we only use the tools insofar as you have given your consent. Since cookies are used in web analytics tools, we also recommend reading our general privacy policy on cookies. To find out exactly which data is stored and processed by you, you should read the privacy policies of the respective tools. Information on specific web analytics tools can be found — if available — in the following sections.

Google Analytics Privacy Policy

Google Analytics Privacy Policy Summary 👥 Affected parties: Visitors to the website 🤝 Purpose: Evaluation of visitor information to optimize the website. 📓 Data processed: Access statistics containing data such as access locations, device data, access duration and time, navigation behavior, and click behavior. More details can be found further below in this privacy policy. 📅 Storage duration: individually configurable, by default Google Analytics 4 stores data for 14 months ⚖️ Rechtsgrundlagen: Art. 6 Abs. 1 lit. a DSGVO (Einwilligung), Art. 6 Abs. 1 lit. f DSGVO (Berechtigte Interessen)

What is Google Analytics?

We use the analytics tracking tool Google Analytics in the version Google Analytics 4 (GA4) from the American company Google Inc. on our website. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. Google Analytics collects data about your actions on our website. Through the combination of various technologies such as cookies, device IDs, and login information, you as a user can be identified across different devices. This means your actions can also be analyzed across platforms. For example, when you click a link, this event is stored in a cookie and sent to Google Analytics. Using the reports we receive from Google Analytics, we can better tailor our website and our service to your needs. In the following, we will go into more detail about the tracking tool and inform you above all about what data is processed and how you can prevent this. Google Analytics is a tracking tool used for traffic analysis of our website. The basis of these measurements and analyses is a pseudonymous user identification number. This number does not contain any personal data such as name or address, but is used to assign events to a device. GA4 uses an event-based model that captures detailed information about user interactions such as page views, clicks, scrolling, and conversion events. In addition, various machine learning functions have been built into GA4 to better understand user behavior and certain trends. GA4 uses machine learning functions for modeling. This means that based on the collected data, missing data can also be extrapolated to optimize analysis and to provide forecasts. For Google Analytics to function, a tracking code is built into the code of our website. When you visit our website, this code records various events that you perform on our website. With GA4’s event-based data model, we as website operators can define and track specific events to obtain analyses of user interactions. Thus, in addition to general information such as clicks or page views, special events that are important for our business can also be tracked. Such special events can be, for example, submitting a contact form or purchasing a product. Once you leave our website, this data is sent to the Google Analytics servers and stored there. Google processes the data and we receive reports about your user behavior. These may include the following reports, among others:

• Audience reports: Through audience reports, we get to know our users better and know more precisely who is interested in our service.
• Advertising reports: Advertising reports make it easier for us to analyze and improve our online advertising.
• Acquisition reports: Acquisition reports give us helpful information about how we can attract more people to our service.
• Behavior reports: Here we learn how you interact with our website. We can understand what path you take on our site and what links you click.
• Conversion reports: Conversion is the term for a process in which you perform a desired action as a result of a marketing message. For example, when you go from being a mere website visitor to a buyer or newsletter subscriber. With the help of these reports, we learn more about how our marketing measures resonate with you. This is how we want to increase our conversion rate.
• Real-time reports: Here we always find out immediately what is currently happening on our website. For example, we can see how many users are currently reading this text.

In addition to the above-mentioned analysis reports, Google Analytics 4 also offers the following features, among others:

• Event-based data model: This model captures very specific events that can take place on our website. For example, playing a video, purchasing a product, or signing up for our newsletter.
• Advanced analytics features: With these features, we can better understand your behavior on our website or certain general trends. For example, we can segment user groups, perform comparative analyses of audiences, or trace your journey or path on our website.
• Predictive modeling: Based on collected data, machine learning can be used to extrapolate missing data that predicts future events and trends. This can help us develop better marketing strategies.
• Cross-platform analysis: Data collection and analysis is possible from both websites and apps. This gives us the ability to analyze user behavior across platforms, provided you have of course consented to data processing.

Why do we use Google Analytics on our website?

Our goal with this website is clear: We want to offer you the best possible service. The statistics and data from Google Analytics help us achieve this goal. The statistically evaluated data show us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimize our site so that it is more easily found by interested people on Google. On the other hand, the data helps us to better understand you as a visitor. We therefore know very precisely what we need to improve on our website in order to offer you the best possible service. The data also helps us to carry out our advertising and marketing measures in a more individualized and cost-effective manner. After all, it only makes sense to show our products and services to people who are interested in them.

What data is stored by Google Analytics?

Google Analytics creates a random, unique ID associated with your browser cookie using a tracking code. This is how Google Analytics recognizes you as a new user and a user ID is assigned to you. The next time you visit our site, you will be recognized as a “returning” user. All collected data is stored together with this user ID. This makes it possible to evaluate pseudonymous user profiles. In order to analyze our website with Google Analytics, a property ID must be inserted into the tracking code. The data is then stored in the corresponding property. The Google Analytics 4 property is the default for every newly created property. Depending on the property used, data is stored for different lengths of time. Through identifiers such as cookies, app instance IDs, user IDs, or custom event parameters, your interactions are measured across platforms, provided you have consented. Interactions are all types of actions you perform on our website. If you also use other Google systems (such as a Google account), data generated via Google Analytics may be linked with third-party cookies. Google does not share Google Analytics data unless we as the website operator authorize it. Exceptions may occur if required by law. According to Google, no IP addresses are logged or stored in Google Analytics 4. However, Google uses the IP address data to derive location data and deletes it immediately afterwards. All IP addresses collected from users in the EU are deleted before the data is stored in a data center or on a server. Since Google Analytics 4 focuses on event-based data, the tool uses significantly fewer cookies compared to previous versions (such as Google Universal Analytics). Nevertheless, there are some specific cookies used by GA4. These include, for example: Name: _ga Value: 2.1326744211.152311714923-5 Purpose: By default, analytics.js uses the _ga cookie to store the user ID. It is essentially used to distinguish website visitors. Expiration date: after 2 years Name: _gid Value: 2.1687193234.152311714923-1 Purpose: The cookie is also used to distinguish website visitors. Expiration date: after 24 hours Name: _gat_gtag_UA_<property-id> Value: 1 Purpose: Used to throttle the request rate. When Google Analytics is deployed via Google Tag Manager, this cookie is named _dc_gtm_ <property-id>. Expiration date: after 1 minute Note: This list cannot claim to be exhaustive, as Google regularly changes its choice of cookies. The goal of GA4 is also to improve data protection. Therefore, the tool offers several options for controlling data collection. For example, we can set the storage duration ourselves and also control data collection. Here we show you an overview of the most important types of data collected with Google Analytics: Heatmaps: Google creates so-called heatmaps. Heatmaps show exactly the areas that you click on. This gives us information about where you “navigate” on our site. Session duration: Google defines session duration as the time you spend on our site without leaving it. If you have been inactive for 20 minutes, the session ends automatically. Bounce rate: A bounce occurs when you view only one page on our website and then leave our website again. Account creation: When you create an account on our website or place an order, Google Analytics collects this data. Location: IP addresses are not logged or stored in Google Analytics. However, shortly before the IP address is deleted, derivations for location data are used. Technical information: Technical information includes, among other things, your browser type, your internet provider, or your screen resolution. Source of origin: Google Analytics and we are naturally also interested in which website or which advertisement brought you to our site. Other data includes contact details, any reviews, the playing of media (e.g., when you play a video on our site), sharing of content via social media, or adding to your favorites. This list does not claim to be exhaustive and serves only as a general guide to data storage by Google Analytics.

How long and where is the data stored?

Google has its servers distributed around the world. You can read exactly where the Google data centers are located here: https://datacenters.google/ Your data is distributed across various physical storage media. This has the advantage that the data can be retrieved more quickly and is better protected against manipulation. Every Google data center has appropriate emergency programs for your data. For example, if Google’s hardware fails or natural disasters paralyze servers, the risk of a service interruption at Google remains low. The retention period of the data depends on the properties used. The storage duration is always set individually for each property. Google Analytics offers us four options for controlling the storage duration:

• 2 months: this is the shortest storage duration.
• 14 months: by default, data is stored in GA4 for 14 months.
• 26 months: the data can also be stored for 26 months.
• Data is only deleted when we delete it manually.

Additionally, there is also the option that data is only deleted when you no longer visit our website within the period we have chosen. In this case, the retention period is reset each time you visit our website again within the specified period. When the specified period has expired, the data is deleted once a month. This retention period applies to your data that is linked to cookies, user recognition, and advertising IDs (e.g., cookies of the DoubleClick domain). Report results are based on aggregated data and are stored independently of user data. Aggregated data is the merging of individual data into a larger unit.

How can I delete my data or prevent data storage?

Under the data protection law of the European Union, you have the right to obtain information about your data, to update it, to delete it, or to restrict it. By using the browser add-on to disable Google Analytics JavaScript (analytics.js, gtag.js), you can prevent Google Analytics 4 from using your data. You can download and install the browser add-on at https://tools.google.com/dlpage/gaoptout?hl=de. Please note that this add-on only disables data collection by Google Analytics. If you generally want to disable, delete, or manage cookies, you will find the corresponding links to the respective instructions for the most popular browsers in the “Cookies” section.

Legal Basis

The use of Google Analytics requires your consent, which we have obtained with our cookie popup. This consent constitutes the legal basis pursuant to Art. 6 Abs. 1 lit. a DSGVO (Einwilligung) for the processing of personal data, as may occur when collected by web analytics tools. In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors in order to improve our offering technically and economically. With the help of Google Analytics, we can identify errors on the website, detect attacks, and improve cost-effectiveness. The legal basis for this is Art. 6 Abs. 1 lit. f DSGVO (Berechtigte Interessen). Nevertheless, we only use Google Analytics if you have given your consent. Google also processes your data in the USA, among other locations. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en. In addition, Google uses so-called Standard Contractual Clauses (= Art. 46. Abs. 2 und 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even when transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Google commits to complying with the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de The Google Ads Data Processing Terms, which reference the Standard Contractual Clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/. We hope we have been able to provide you with the most important information about data processing by Google Analytics. If you want to learn more about the tracking service, we recommend these two links: https://marketingplatform.google.com/about/analytics/terms/de/ and https://support.google.com/analytics/answer/6004245?hl=de. If you want to learn more about data processing, please refer to the Google Privacy Policy at https://policies.google.com/privacy?hl=de.

Data Processing Agreement (DPA) Google Analytics

We have concluded a Data Processing Agreement (DPA) with Google in accordance with Article 28 of the General Data Protection Regulation (DSGVO). You can read about what a DPA is exactly and, in particular, what must be included in a DPA in our general section “Data Processing Agreement (DPA)”. This contract is required by law because Google processes personal data on our behalf. It clarifies that Google may only process data it receives from us in accordance with our instructions and must comply with the DSGVO. You can find the link to the data processing terms at https://business.safety.google/intl/de/adsprocessorterms/

Google Analytics Reports on Demographics and Interests

We have enabled the advertising reporting features in Google Analytics. The reports on demographics and interests contain information about age, gender, and interests. This allows us to get a better picture of our users without being able to attribute this data to individual persons. You can learn more about the advertising features at https://support.google.com/analytics/answer/3450482?hl=de_AT&utm_id=ad. You can opt out of the use of your Google Account activities and information under “Ad Settings” at https://myadcenter.google.com/home by unchecking the relevant checkbox.

Google Analytics Google Signals Privacy Policy

We have enabled Google Signals in Google Analytics. This updates the existing Google Analytics features (advertising reports, remarketing, cross-device reports, and reports on interests and demographics) to receive aggregated and anonymized data from you, provided you have allowed personalized ads in your Google Account. What makes this special is that it involves cross-device tracking. This means your data can be analyzed across devices. By enabling Google Signals, data is collected and linked to your Google Account. This allows Google to recognize, for example, when you view a product on our website via a smartphone and only later purchase the product via a laptop. Thanks to the activation of Google Signals, we can launch cross-device remarketing campaigns that would otherwise not be possible in this form. Remarketing means that we can show you our offers on other websites as well. In Google Analytics, Google Signals also captures additional visitor data such as location, search history, YouTube history, and data about your actions on our website. This provides us with better advertising reports and more useful information about your interests and demographics from Google. This includes your age, which language you speak, where you live, or which gender you belong to. Additionally, social criteria such as your occupation, marital status, or income are also included. All these characteristics help Google Analytics define user groups or target audiences. The reports also help us better assess your behavior, wishes, and interests. This allows us to optimize and adapt our services and products for you. This data expires by default after 26 months. Please note that this data collection only takes place if you have allowed personalized advertising in your Google Account. The data is always aggregated and anonymous and never relates to individual persons. You can manage or delete this data in your Google Account.

Google Analytics in Consent Mode

Depending on your consent, your personal data will be processed by Google Analytics in the so-called consent mode. You can choose whether or not to agree to Google Analytics cookies. This also determines which data Google Analytics is allowed to process from you. This collected data is primarily used to measure user behavior on the website, deliver targeted advertising, and provide us with web analytics reports. As a rule, you consent to data processing by Google via a cookie consent tool. If you do not consent to data processing, only aggregated data is collected and processed. This means that data cannot be attributed to individual users, and no user profile is created for you. You can also consent only to statistical measurement. In this case, no personal data is processed and consequently not used for advertising or measuring advertising success.

Google Analytics IP Anonymization

We have implemented IP address anonymization from Google Analytics on this website. This feature was developed by Google so that this website can comply with applicable data protection regulations and recommendations from local data protection authorities when they prohibit the storage of full IP addresses. The anonymization or masking of the IP address takes place as soon as the IP addresses arrive in the Google Analytics data collection network and before any storage or processing of the data occurs. You can find more information about IP anonymization at https://support.google.com/analytics/answer/2763052?hl=de.

Google Tag Manager Privacy Policy

Google Tag Manager Privacy Policy Summary 👥 Affected parties: Website visitors 🤝 Purpose: Organization of individual tracking tools 📓 Data processed: The Google Tag Manager itself does not store any data. The tags of the web analytics tools used collect the data. 📅 Storage duration: Depends on the web analytics tool used ⚖️ Legal Basis: Art. 6 Abs. 1 lit. a DSGVO (Einwilligung), Art. 6 Abs. 1 lit. f DSGVO (Berechtigte Interessen)

What is Google Tag Manager?

For our website, we use the Google Tag Manager from Google Inc. For the European region, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. This Tag Manager is one of many helpful marketing products from Google. The Google Tag Manager allows us to centrally integrate and manage code sections from various tracking tools that we use on our website. In this privacy policy, we want to explain in more detail what the Google Tag Manager does, why we use it, and how data is processed. The Google Tag Manager is an organizational tool that allows us to integrate and manage website tags centrally via a user interface. Tags are small code sections that, for example, record (track) your activities on our website. For this purpose, JavaScript code sections are inserted into the source code of our pages. The tags often come from Google’s own products such as Google Ads or Google Analytics, but tags from other companies can also be integrated and managed through the Manager. Such tags perform different tasks. They can collect browser data, feed marketing tools with data, embed buttons, set cookies, and also track users across multiple websites.

Why do we use Google Tag Manager for our website?

As the saying goes: organization is half the battle! And that naturally also applies to maintaining our website. To make our website as good as possible for you and all people who are interested in our products and services, we need various tracking tools such as Google Analytics. The collected data from these tools shows us what interests you the most, where we can improve our services, and to which people we should still show our offers. And for this tracking to work, we need to embed corresponding JavaScript codes into our website. In principle, we could embed each code section of the individual tracking tools separately into our source code. However, this requires a relatively large amount of time and it is easy to lose track. That is why we use the Google Tag Manager. We can easily embed the necessary scripts and manage them from one place. In addition, the Google Tag Manager offers an easy-to-use user interface and no programming skills are required. This is how we manage to keep order in our tag jungle.

What data does the Google Tag Manager store?

The Tag Manager itself is a domain that does not set cookies and does not store data. It acts as a mere “manager” of the implemented tags. The data is collected by the individual tags of the various web analytics tools. The data is essentially passed through the Google Tag Manager to the individual tracking tools and is not stored. However, the situation is quite different with the embedded tags of the various web analytics tools, such as Google Analytics. Depending on the analytics tool, various data about your web behavior is usually collected, stored, and processed with the help of cookies. For this, please read our privacy texts on the individual analytics and tracking tools that we use on our website. In the Tag Manager account settings, we have allowed Google to receive anonymized data from us. However, this only relates to the use and utilization of our Tag Manager and not to your data that is stored via the code sections. We enable Google and others to receive selected data in anonymized form. We thus consent to the anonymous sharing of our website data. We were unable to determine ‚Äî despite extensive research ‚Äî exactly which aggregated and anonymous data is forwarded. In any case, Google deletes all information that could identify our website. Google aggregates the data with hundreds of other anonymous website data and creates user trends as part of benchmarking measures. In benchmarking, one’s own results are compared with those of competitors. Processes can be optimized based on the information collected.

How long and where is the data stored?

When Google stores data, this data is stored on Google’s own servers. The servers are distributed around the world. Most of them are located in America. At https://datacenters.google/ you can read exactly where Google’s servers are located. How long the individual tracking tools store your data can be found in our individual privacy texts on the respective tools.

How can I delete my data or prevent data storage?

The Google Tag Manager itself does not set cookies but manages tags from various tracking websites. In our privacy texts on the individual tracking tools, you will find detailed information on how you can delete or manage your data. Please note that when using this tool, your data may also be stored and processed outside the EU. Most third countries (including the USA) are not considered secure under current European data protection law. Data may therefore not simply be transferred to, stored in, and processed in insecure third countries unless there are appropriate safeguards (such as EU standard contractual clauses) between us and the non-European service provider.

Legal Basis

The use of the Google Tag Manager requires your consent, which we have obtained through our cookie popup. This consent constitutes the legal basis pursuant to Art. 6 Abs. 1 lit. a DSGVO (Einwilligung) for the processing of personal data as may occur through collection by web analytics tools. In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors in order to improve our offering both technically and economically. With the help of the Google Tag Manager, we can improve our economic efficiency. The legal basis for this is Art. 6 Abs. 1 lit. f DSGVO (Berechtigte Interessen). Nevertheless, we only use the Google Tag Manager insofar as you have given your consent. Google also processes your data in the USA, among other locations. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en. In addition, Google uses so-called Standard Contractual Clauses (= Art. 46. Abs. 2 und 3 DSGVO). Standard Contractual Clauses (SCC) are template clauses provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even when it is transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Google commits to complying with the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de The Google Ads Data Processing Terms, which refer to the Standard Contractual Clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/. If you would like to learn more about the Google Tag Manager, we recommend the FAQs at https://support.google.com/tagmanager/?hl=de#topic=3441530. You can read about what data Google generally collects and what it uses this data for at https://policies.google.com/privacy?hl=de.

Data Processing Agreement (DPA) Google Tag Manager

We have concluded a Data Processing Agreement (DPA) with Google in accordance with Article 28 of the General Data Protection Regulation (DSGVO). You can read about what a DPA is exactly and, in particular, what must be included in a DPA in our general section “Data Processing Agreement (DPA)”. This contract is required by law because Google processes personal data on our behalf. It clarifies that Google may only process data it receives from us in accordance with our instructions and must comply with the DSGVO. You can find the link to the Data Processing Agreement (DPA) at https://business.safety.google/adsprocessorterms/.

Rank Math Privacy Policy

We use the SEO plugin Rank Math. The service provider is the Indian company One.com India Private Limited, Office No. 2, Floor 5, Tower A, Building. 9 DLF Cyber City Complex, Phase III, Haryana, Gurgaon, India. Through this service, data may be transferred to India. We point out that India is a third country that is not subject to the scope of the DSGVO. This may result in limitations regarding data protection and data security. You can learn more about the data processed through the use of Rank Math in their privacy policy at https://rankmath.com/privacy-policy/.

Email Marketing Introduction

Email Marketing Summary 👥 Affected parties: Newsletter subscribers 🤝 Purpose: Direct advertising via email, notification of system-relevant events 📓 Data processed: Data entered during registration, but at minimum the email address. More details can be found under the respective email marketing tool used. 📅 Storage duration: Duration of the subscription ⚖️ Legal bases: Art. 6 Abs. 1 lit. a DSGVO (Consent), Art. 6 Abs. 1 lit. f DSGVO (Legitimate interests)

What is email marketing?

To keep you up to date at all times, we also use the option of email marketing. In this process, provided you have consented to receiving our emails or newsletters, your data is also processed and stored. Email marketing is a subset of online marketing. It involves sending news or general information about a company, products, or services via email to a specific group of interested people. If you wish to participate in our email marketing (usually via newsletter), you normally just need to register with your email address. To do so, you fill out an online form and submit it. However, we may also ask you for your salutation and name so that we can address you personally. Basically, signing up for newsletters works with the help of the so-called “double opt-in procedure.” After you have signed up for our newsletter on our website, you will receive an email through which you confirm the newsletter registration. This ensures that the email address belongs to you and that no one has registered with someone else’s email address. We or a notification tool we use logs each individual registration. This is necessary so that we can also prove the legally correct registration process. As a rule, the time of registration, the time of registration confirmation, and your IP address are stored. In addition, it is also logged when you make changes to your stored data.

Why do we use email marketing?

We naturally want to stay in contact with you and always present the most important news about our company. Among other things, we use email marketing ‚Äì often simply referred to as “newsletters” ‚Äì as an essential part of our online marketing. Provided you agree to this or it is permitted by law, we will send you newsletters, system emails, or other notifications by email. When we use the term “newsletter” in the following text, we primarily mean regularly sent emails. Of course, we do not want to bother you in any way with our newsletters. That is why we always make a genuine effort to provide only relevant and interesting content. For example, you can learn more about our company, our services, or products. Since we are constantly improving our offerings, you will also always learn through our newsletter when there is news or when we are offering special, attractive promotions. If we engage a service provider that offers a professional sending tool for our email marketing, we do so in order to be able to offer you fast and secure newsletters. The purpose of our email marketing is fundamentally to inform you about new offers and also to get closer to our business goals.

What data is processed?

When you become a subscriber to our newsletter through our website, you confirm membership in an email list via email. In addition to your IP address and email address, your salutation, name, address, and telephone number may also be stored. However, only if you consent to this data storage. The data marked as such is necessary for you to participate in the offered service. Providing this information is voluntary, but failure to do so will mean that you cannot use the service. In addition, information about your device or your preferred content on our website may also be stored. You can find more about data storage when you visit a website in the section “Automatic data storage.” We record your declaration of consent so that we can always prove that it complies with our laws.

Duration of data processing

If you unsubscribe your email address from our email/newsletter distribution list, we may store your address for up to three years on the basis of our legitimate interests, so that we can still prove your prior consent. We may only process this data if we need to defend ourselves against any claims. However, if you confirm that you have given us consent to subscribe to the newsletter, you can submit an individual deletion request at any time. If you permanently object to the consent, we reserve the right to store your email address on a blocklist. As long as you have voluntarily subscribed to our newsletter, we will of course also retain your email address.

Right to object

You have the option at any time to cancel your newsletter subscription. To do so, you simply need to revoke your consent to the newsletter subscription. This normally takes only a few seconds or one or two clicks. In most cases, you will find a link to cancel the newsletter subscription directly at the end of each email. If the link really cannot be found in the newsletter, please contact us by email and we will cancel your newsletter subscription without delay.

Legal basis

Our newsletter is sent on the basis of your consent (Article 6 Abs. 1 lit. a DSGVO). This means that we may only send you a newsletter if you have previously actively signed up for it. Where applicable, we may also send you advertising messages if you have become our customer and have not objected to the use of your email address for direct advertising. Information on specific email marketing services and how they process personal data can be found – where available – in the following sections.

HubSpot Email Privacy Policy

We also use the email marketing tool HubSpot Email. The service provider is the American company HubSpot Inc., 25 First Street, Cambridge, MA 02141, USA. The company also has a registered office in Ireland at 1 Sir John Rogerson’s Quay, Dublin 2, Ireland. You can learn more about the data and standard contractual clauses processed through the use of HubSpot Email in the privacy policy at https://legal.hubspot.com/de/privacy-policy.

Data Storage by HubSpot Email in the EU

HubSpot stores and processes your data within the European Union (EU). The data is hosted in a data center in Germany. In addition, there is also a backup location in Ireland. This ensures that HubSpot processes your personal data in accordance with the requirements of the General Data Protection Regulation (DSGVO). Further information on data processing by HubSpot can be found at: https://legal.hubspot.com/dpa.

Online Marketing Introduction

Online Marketing Privacy Policy Summary 👥 Affected parties: Visitors to the website 🤝 Purpose: Evaluation of visitor information to optimize the web offering. 📓 Data processed: Access statistics containing data such as access locations, device data, access duration and time, navigation behavior, click behavior, and IP addresses. Personal data such as name or email address may also be processed. More details can be found under the respective online marketing tool used. 📅 Storage duration: Depends on the online marketing tools used ⚖️ Legal bases: Art. 6 Abs. 1 lit. a DSGVO (Consent), Art. 6 Abs. 1 lit.f DSGVO (Legitimate interests)

What is online marketing?

Online marketing refers to all measures carried out online to achieve marketing goals such as increasing brand awareness or closing a business deal. Furthermore, our online marketing measures aim to draw people’s attention to our website. In order to be able to show our offering to many interested people, we therefore engage in online marketing. In most cases, this involves online advertising, content marketing, or search engine optimization. In order to use online marketing efficiently and in a targeted manner, personal data is also stored and processed. The data helps us, on the one hand, to show our content only to people who are genuinely interested in it, and on the other hand, we can measure the advertising success of our online marketing measures.

Why do we use online marketing tools?

We want to show our website to everyone who is interested in our offering. We are aware that this is not possible without deliberately taken measures. That is why we engage in online marketing. There are various tools that make our work on online marketing measures easier and additionally provide suggestions for improvement based on data. This allows us to target our campaigns more precisely to our target audience. The purpose of these online marketing tools is therefore ultimately to optimize our offering.

What data is processed?

In order for our online marketing to work and for the success of the measures to be measured, user profiles are created and data is stored, for example, in cookies (these are small text files). With the help of this data, we can not only place advertising in the traditional sense but also display content directly on our website in the way that you prefer. There are various third-party tools that offer these functions and that accordingly also collect and store data from you. The named cookies store, for example, which web pages you visited on our website, how long you viewed those pages, which links or buttons you clicked, or from which website you came to us. In addition, technical information may also be stored. For example, your IP address, which browser you use, from which device you visit our website, or the time at which you accessed our website and when you left it. If you have consented to us determining your location, we can also store and process this. Your IP address is stored in pseudonymized form (i.e., shortened). Unique data that directly identifies you as a person, such as name, address, or email address, is also stored only in pseudonymized form in the context of advertising and online marketing procedures. We therefore cannot identify you as a person; we only have the pseudonymized, stored information in the user profiles. The cookies may under certain circumstances also be used, analyzed, and utilized for advertising purposes on other websites that work with the same advertising tools. The data can then also be stored on the servers of the advertising tool providers. In exceptional cases, unique data (names, email address, etc.) may also be stored in the user profiles. This storage occurs, for example, when you are a member of a social media channel that we use for our online marketing measures and the network links previously received data with the user profile. With all advertising tools we use that store data from you on their servers, we only ever receive aggregated information and never data that makes you identifiable as an individual. The data merely shows how well the advertising measures that were placed performed. For example, we see which measures prompted you or other users to come to our website and purchase a service or product there. Based on the analyses, we can improve our advertising offering in the future and tailor it even more precisely to the needs and wishes of interested people.

Duration of data processing

We will inform you about the duration of data processing below, provided we have further information on this. In general, we process personal data only for as long as is absolutely necessary for the provision of our services and products. Data stored in cookies is stored for varying lengths of time. Some cookies are deleted after leaving the website, while others may be stored in your browser for several years. In the respective privacy policies of the individual providers, you will generally receive precise information about the individual cookies that the provider uses.

Right to object

You also have the right and the option at any time to revoke your consent to the use of cookies or third-party providers. This works either through our cookie management tool or through other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating, or deleting cookies in your browser. The lawfulness of processing until revocation remains unaffected. Since cookies are generally used with online marketing tools, we also recommend our general privacy policy on cookies. To find out exactly which data is stored and processed about you, you should read the privacy policies of the respective tools.

Legal basis

If you have consented to the use of third-party providers, the legal basis for the corresponding data processing is this consent. This consent constitutes, pursuant to Art. 6 Abs. 1 lit. a DSGVO (Consent), the legal basis for the processing of personal data as it may occur when collected by online marketing tools. On our part, there is also a legitimate interest in measuring online marketing measures in anonymized form in order to use the data obtained to optimize our offering and our measures. The corresponding legal basis for this is Art. 6 Abs. 1 lit. f DSGVO (Legitimate interests). We nevertheless only use the tools insofar as you have given your consent. Information on specific online marketing tools can be found – where available – in the following sections.

Google Ads (Google AdWords) Conversion Tracking Privacy Policy

Google Ads (Google AdWords) Conversion Tracking Privacy Policy Summary 👥 Affected parties: Visitors to the website 🤝 Purpose: economic success and the optimization of our services. 📓 Processed data: Access statistics containing data such as access locations, device data, access duration and time, navigation behavior, click behavior and IP addresses. Personal data such as name or email address may also be processed. 📅 Storage duration: Conversion cookies generally expire after 30 days and do not transmit any personal data ⚖️ Legal bases: Art. 6 Abs. 1 lit. a DSGVO (Consent), Art. 6 Abs. 1 lit.f DSGVO (Legitimate Interests)

What is Google Ads Conversion Tracking?

We use Google Ads (formerly Google AdWords) as an online marketing measure to advertise our products and services. In this way, we want to draw more people’s attention to the high quality of our offerings on the internet. As part of our advertising activities through Google Ads, we use conversion tracking from Google Inc. on our website. In Europe, however, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. With the help of this free tracking tool, we can better tailor our advertising to your interests and needs. In the following article, we would like to explain in more detail why we use conversion tracking, what data is stored in the process, and how you can prevent this data storage.

Google Ads (formerly Google AdWords) is Google Inc.’s own online advertising system. We are convinced of the quality of our offering and want as many people as possible to get to know our website. In the online space, Google Ads offers the best platform for this. Of course, we also want to gain a precise overview of the cost-benefit factor of our advertising activities. That is why we use the conversion tracking tool from Google Ads.

But what is a conversion exactly? A conversion occurs when you go from being a purely interested website visitor to an acting visitor. This happens whenever you click on one of our ads and subsequently perform another action, such as visiting our website. With Google’s conversion tracking tool, we record what happens after a user clicks on our Google Ads advertisement. For example, we can see whether products are purchased, services are used, or whether users have signed up for our newsletter.

Why do we use Google Ads Conversion Tracking on our website?

We use Google Ads to draw attention to our offering on other websites as well. The goal is for our advertising campaigns to really only reach those people who are interested in our offerings. With the conversion tracking tool, we can see which keywords, ads, ad groups, and campaigns lead to the desired customer actions. We can see how many customers interact with our ads on a device and then complete a conversion. Through this data, we can calculate our cost-benefit factor, measure the success of individual advertising measures, and consequently optimize our online marketing activities. Furthermore, we can use the data obtained to make our website more interesting for you and tailor our advertising even more individually to your needs.

What data is stored during Google Ads Conversion Tracking?

We have integrated a conversion tracking tag or code snippet on our website in order to better analyze certain user actions. When you click on one of our Google Ads advertisements, the “Conversion” cookie from a Google domain is stored on your computer (usually in the browser) or mobile device. Cookies are small text files that store information on your computer.

Here is the data of the most important cookies for Google’s conversion tracking:

Name: Conversion
Value: EhMI_aySuoyv4gIVled3Ch0llweVGAEgt-mr6aXd7dYlSAGQ311714923-3
Purpose: This cookie stores every conversion you make on our site after you have come to us via a Google Ad.
Expiry date: after 3 months

Name: _gac
Value: 1.1558695989.EAIaIQobChMIiOmEgYO04gIVj5AYCh2CBAPrEAAYASAAEgIYQfD_BwE
Purpose: This is a classic Google Analytics cookie and is used to record various actions on our website.
Expiry date: after 3 months

Note: The _gac cookie only appears in connection with Google Analytics. The list above makes no claim to completeness, as Google also regularly uses other cookies for analytical evaluation.

As soon as you complete an action on our website, Google recognizes the cookie and saves your action as a so-called conversion. As long as you are browsing our website and the cookie has not yet expired, we and Google can recognize that you found us via our Google Ads advertisement. The cookie is read and sent back to Google Ads along with the conversion data. It is also possible that other cookies are used to measure conversions. Google Ads conversion tracking can be further refined and improved with the help of Google Analytics. For ads that Google displays in various places on the web, cookies named “__gads” or “_gac” may be set under our domain. Since September 2017, various campaign information from analytics.js has been stored with the _gac cookie. The cookie stores this data as soon as you visit one of our pages for which automatic tag labeling from Google Ads has been set up. Unlike cookies set for Google domains, Google can only read these conversion cookies when you are on our website. We do not collect or receive any personal data. We receive a report from Google with statistical evaluations. This way, for example, we learn the total number of users who clicked on our ad, and we can see which advertising measures were well received.

How long and where is the data stored?

At this point, we would like to point out that we have no influence over how Google further uses the collected data. According to Google, the data is encrypted and stored on secure servers. In most cases, conversion cookies expire after 30 days and do not transmit any personal data. The cookies named “Conversion” and “_gac” (which is used in conjunction with Google Analytics) have an expiry date of 3 months.

How can I delete my data or prevent data storage?

You have the option to not participate in Google Ads conversion tracking. If you deactivate the Google conversion tracking cookie via your browser, you will block conversion tracking. In this case, you will not be included in the statistics of the tracking tool. You can change the cookie settings in your browser at any time. This works slightly differently in each browser. Under the “Cookies” section you will find the relevant links to the instructions for the most well-known browsers.

If you generally do not want any cookies, you can set up your browser so that it always informs you when a cookie is about to be set. This way you can decide for each individual cookie whether you allow it or not. By downloading and installing this browser plug-in at https://support.google.com/My-Ad-Center-Help/answer/12155656?visit_id=639113954817917267-578246688&rd=1 all “advertising cookies” will also be deactivated. Please note that by deactivating these cookies, you do not prevent the advertisements themselves, but only the personalized advertising.

Legal basis

If you have consented to the use of Google Ads Conversion Tracking, the legal basis for the corresponding data processing is this consent. According to Art. 6 Abs. 1 lit. a DSGVO (Consent), this consent constitutes the legal basis for the processing of personal data, as may occur during collection by Google Ads Conversion Tracking.

On our part, there is also a legitimate interest in using Google Ads Conversion Tracking to optimize our online service and our marketing measures. The corresponding legal basis for this is Art. 6 Abs. 1 lit. f DSGVO (Legitimate Interests). We use Google Ads Conversion Tracking only to the extent that you have given your consent.

Google processes data from you, among other things, also in the USA. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the USA. You can find more information on this at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

In addition, Google uses so-called Standard Contractual Clauses (= Art. 46. Abs. 2 and 3 DSGVO). Standard Contractual Clauses (SCC) are template clauses provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even when transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Google commits to maintaining the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision by the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses, among other places, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Processing Terms, which refer to the Standard Contractual Clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.

If you would like to find out more about data protection at Google, we recommend Google’s general privacy policy: https://policies.google.com/privacy?hl=de.

Google Ads Similar Audiences Privacy Policy

We also use the advertising tool Google Ads Similar Audiences. The service provider is the American company Google LLC. For the European region, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible.

Google processes data from you, among other things, also in the USA. Google LLC is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the USA. You can find more information on this at:
https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en

In addition, Google uses so-called Standard Contractual Clauses (= Art. 46 Abs. 2 and 3 DSGVO). These template clauses from the EU Commission are intended to ensure that your data complies with European data protection standards even when transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Google commits to maintaining the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. You can find the relevant implementing decision and the Standard Contractual Clauses, among other places, here:
https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

You can learn more about the data processed through the use of Google Ads Similar Audiences at https://policies.google.com/privacy.

HubSpot Privacy Policy

We use HubSpot on our website, a digital marketing tool. The service provider is the American company HubSpot, Inc., 25 First Street, 2nd Floor Cambridge, MA, USA. HubSpot stores and processes your data within the European Union (EU). The data is hosted in a data center in Germany. There is also a backup location in Ireland (1 Sir John Rogerson’s Quay, Dublin 2, Ireland). This ensures that HubSpot processes your personal data in accordance with the requirements of the General Data Protection Regulation (GDPR).

You can learn more about the data processed through the use of HubSpot in the Privacy Policy at https://legal.hubspot.com/de/privacy-policy
.

Data Storage by HubSpot in the EU

HubSpot stores and processes your data within the European Union (EU). The data is hosted in a data center in Germany. There is also a backup location in Ireland. This ensures that HubSpot processes your personal data in accordance with the requirements of the General Data Protection Regulation (GDPR).

Further information on data processing by HubSpot can be found at: https://legal.hubspot.com/dpa.

LinkedIn Ads Privacy Policy

We also use the advertising service LinkedIn Ads. The service provider is the American company LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

LinkedIn processes data from you, among other things, also in the USA. LinkedIn is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. You can find more information about this at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

LinkedIn also uses so-called standard contractual clauses (= Art. 46. Abs. 2 und 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data also complies with European data protection standards when transferred to third countries (such as the USA) and stored there. Through the EU-US Data Privacy Framework and through the standard contractual clauses, LinkedIn commits to maintaining the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses, among other places, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de.

More information on the standard contractual clauses at LinkedIn can be found at https://www.linkedin.com/legal/l/customer-sccs.

You can find out more about the data processed through the use of LinkedIn Ads in the privacy policy at https://www.linkedin.com/legal/privacy-policy.

LinkedIn Insight Tag Privacy Policy

LinkedIn Insight Tag Privacy Policy Summary üë• Affected parties: Website visitors ü§ù Purpose: Analysis of visitor information to optimize the web offering. üìì Processed data: Access statistics containing data such as access locations, device data, access duration and time, navigation behavior, click behavior and IP addresses. More details can be found below and in LinkedIn’s privacy policy. üìÖ Storage duration: direct identifiers via LinkedIn Insight Tag are removed within seven days ‚öñÔ∏è Legal bases: Art. 6 Abs. 1 lit. a DSGVO (Consent), Art. 6 Abs. 1 lit. f DSGVO (Legitimate Interests)

What is LinkedIn Insight Tag?

We use the conversion tracking tool LinkedIn Insight Tag on our website. The service provider is the American company LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. The company LinkedIn Ireland Unlimited (Wilton Place, Dublin 2, Ireland) is responsible for data protection-relevant aspects in the European Economic Area (EEA), the EU and Switzerland.

By embedding the tracking tool, data can be sent to LinkedIn, stored and processed there. In this privacy policy, we want to inform you about what data is involved, how the network uses this data and how you can manage or prevent data storage.

LinkedIn is the largest social network for business contacts. Unlike Facebook, for example, the company focuses exclusively on building business contacts. Companies can present services and products on the platform and establish business relationships. Many people also use LinkedIn to look for jobs or to find suitable employees for their own company. In Germany alone, the network has over 11 million members. In Austria, there are approximately 1.3 million.

The conversion tracking tool from LinkedIn is a small piece of JavaScript code that we have embedded in our website. This feature helps us to better tailor our advertising offering to your interests and needs. In the following article, we want to go into more detail about why we use LinkedIn Insight Tag, what data is stored in the process and how you can prevent this data storage.

Why do we use LinkedIn Insight Tag on our website?

We use LinkedIn Insight Tag to draw attention to our offering. The goal is to ensure that our advertising campaigns really only reach those people who are interested in our offerings. With the LinkedIn Insight Tag, we can collect detailed information about your website behavior, provided you are also a LinkedIn member. This allows us to see which keywords, ads, ad groups and campaigns on LinkedIn lead to the desired customer actions. We can see how many customers interact with our ads on a device and then complete a conversion. This data allows us to calculate our cost-benefit ratio, measure the success of individual advertising measures and consequently optimize our online marketing activities. We can also use the data obtained to make our website more interesting for you and tailor our advertising offering even more individually to your needs.

What data is stored by LinkedIn Insight Tag?

As already mentioned above, we have embedded a conversion tracking tag or code snippet on our website in order to better analyze certain user actions. When you click on one of our LinkedIn ads, a cookie may be stored on your computer (usually in the browser) or mobile device. In principle, LinkedIn processes data using a combination of cookies and server-side functions.

Once you complete an action on the website, LinkedIn recognizes the cookie and stores your action as a so-called conversion. As long as you are browsing on our website, we and LinkedIn can see that you found us via our LinkedIn ad. The cookie is read and sent back to LinkedIn along with the conversion data. It is also possible that additional cookies are used to measure conversions.

In addition to your IP address, the URL, referrer URL, device and browser properties and the timestamp are also stored. The IP address is considered personal data and is truncated or hashed at LinkedIn.

You may be wondering what conversions actually are. A conversion occurs when you go from being a purely interested website visitor to an active visitor. This happens whenever you click on our ad and subsequently carry out another action, such as visiting our website or purchasing a product. With LinkedIn’s conversion tracking tool, we record what happens after a user clicks on our LinkedIn ad. For example, we can see whether products are purchased, services are used, or whether you have signed up for our newsletter, for instance.

Additionally, demographic data that you have provided in your LinkedIn profile may also be processed. This can include information about your occupation, geographical location, your industry or your company.

We receive a report from LinkedIn with statistical analyses. This allows us to find out, for example, the total number of users who clicked on our ad, and we can see which advertising measures were well received.

How long and where is the data stored?

In general, LinkedIn retains your personal data for as long as the company considers necessary to provide its own services. LinkedIn does, however, delete your personal data when you delete your account. In some exceptional cases, LinkedIn retains some data in aggregated and anonymized form even after your account has been deleted.

Direct identifiers via LinkedIn Insight Tag are removed within seven days in order to pseudonymize the data. The resulting pseudonymized data is deleted within 180 days.

The data is stored on various servers in America and presumably also in Europe.

How can I delete my data or prevent data storage?

You have the right to access and delete your personal data at any time.

You have the option of not participating in LinkedIn’s conversion tracking. If you deactivate the Google conversion tracking cookie via your browser or do not consent to data processing via the consent manager (pop-up), you will block conversion tracking. In this case, you will not be included in the statistics of the tracking tool. You can change the cookie settings in your browser at any time. This works slightly differently in each browser. Under the “Cookies” section you will find the corresponding links to the instructions for the most well-known browsers.

You can also manage, change and delete your data in your LinkedIn account. You can also request a copy of your personal data from LinkedIn.

Here is how to access the account data in your LinkedIn profile:

Click on your profile icon in LinkedIn and select the “Settings & Privacy” section. Now click on “Privacy” and then in the section “How LinkedIn uses your data” click on “Change”. In just a short time, you can download selected data about your web activity and account history.

Legal basis

If you have consented to LinkedIn Insight Tag being used, the legal basis for the corresponding data processing is this consent. According to Art. 6 Abs. 1 lit. a DSGVO (Consent), this consent constitutes the legal basis for the processing of personal data, as may occur when collected by the LinkedIn Insight Tag.

On our part, there is also a legitimate interest in using the LinkedIn Insight Tag to optimize our online service and our marketing activities. The corresponding legal basis for this is Art. 6 Abs. 1 lit. f DSGVO (Legitimate Interests). Nevertheless, we only use the LinkedIn Insight Tag to the extent that you have given your consent.

LinkedIn processes data from you, among other things, also in the USA. We point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may be associated with various risks to the legality and security of data processing.

As a basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, in particular in the USA) or for data transfer there, LinkedIn uses so-called standard contractual clauses (= Art. 46. Abs. 2 und 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data also complies with European data protection standards when transferred to third countries (such as the USA) and stored there. Through these clauses, LinkedIn commits to maintaining the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses, among other places, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

More information on the standard contractual clauses at LinkedIn can be found at https://de.linkedin.com/legal/l/dpa or https://www.linkedin.com/legal/l/eu-sccs

You can find out more about LinkedIn Insight Tag at https://www.linkedin.com/help/linkedin/answer/a427660. You can also find out more about the data processed through the use of LinkedIn Insight Tag in the privacy policy at https://de.linkedin.com/legal/privacy-policy.

LinkedIn Website Retargeting Privacy Policy

We also use the marketing tool LinkedIn Website Retargeting. The service provider is the American company LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

LinkedIn processes data from you, among other things, also in the USA. LinkedIn is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. You can find more information about this at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

LinkedIn also uses so-called standard contractual clauses (= Art. 46. Abs. 2 und 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data also complies with European data protection standards when transferred to third countries (such as the USA) and stored there. Through the EU-US Data Privacy Framework and through the standard contractual clauses, LinkedIn commits to maintaining the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses, among other places, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de.

More information on the standard contractual clauses at LinkedIn can be found at https://www.linkedin.com/legal/l/customer-sccs.

You can find out more about the data processed through the use of LinkedIn Website Retargeting in the privacy policy at https://www.linkedin.com/legal/privacy-policy.

Audio & Video Introduction

Audio & Video Privacy Policy Summary 👥 Affected parties: Visitors to the website 🤝 Purpose: Optimization of our services 📓 Data processed: Data such as contact details, user behavior data, information about your device and your IP address may be stored. More details can be found below in the respective privacy policy texts. 📅 Storage duration: Data is generally stored as long as it is necessary for the purpose of the service ⚖️ Legal bases: Art. 6 Abs. 1 lit. a DSGVO (Consent), Art. 6 Abs. 1 lit. f DSGVO (Legitimate Interests)

What are audio and video elements?

We have integrated audio and video elements into our website so that you can watch videos or listen to music/podcasts directly on our website. The content is provided by service providers. All content is therefore also obtained from the respective servers of the providers. These are integrated functional elements of platforms such as YouTube, Vimeo or Spotify. The use of these portals is generally free of charge, although paid content may also be published. By means of these integrated elements, you can view or listen to the respective content via our website. When you use audio or video elements on our website, personal data from you may also be transmitted to, processed and stored by the service providers.

Why do we use audio & video elements on our website?

Of course, we want to provide you with the best possible experience on our website. And we are aware that content is no longer conveyed solely through text and static images. Instead of simply giving you a link to a video, we offer you audio and video formats directly on our website that are entertaining or informative and ideally even both. This extends our service and makes it easier for you to access interesting content. Thus, in addition to our texts and images, we also offer video and/or audio content.

What data is stored by audio & video elements?

When you visit a page on our website that has, for example, an embedded video, your server connects to the server of the service provider. In doing so, data from you is also transferred to and stored by the third-party provider. Some data is collected and stored regardless of whether or not you have an account with the third-party provider. This typically includes your IP address, browser type, operating system, and other general information about your device. Furthermore, most providers also collect information about your web activity. This includes, for example, session duration, bounce rate, which button you clicked or which website you used to access the service. All this information is usually stored via cookies or pixel tags (also known as web beacons). Pseudonymized data is usually stored in cookies in your browser. You can always find out exactly what data is stored and processed in the privacy policy of the respective provider.

Duration of data processing

You can find out exactly how long the data is stored on the servers of third-party providers either below in the privacy policy text of the respective tool or in the provider’s privacy policy. In principle, personal data is only processed for as long as is absolutely necessary to provide our services or products. This generally also applies to third-party providers. In most cases, you can assume that certain data will be stored on the servers of third-party providers for several years. Data may be stored in cookies for varying lengths of time. Some cookies are deleted as soon as you leave the website, while others may be stored in your browser for several years.

Right to object

You also have the right and the option at any time to revoke your consent to the use of cookies or third-party providers. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser. The lawfulness of the processing up to the point of revocation remains unaffected. Since the integrated audio and video functions on our website usually also use cookies, you should also read our general privacy policy on cookies. The privacy policies of the respective third-party providers contain more details about how your data is handled and stored.

Legal basis

If you have consented to your data being processed and stored by integrated audio and video elements, this consent constitutes the legal basis for data processing (Art. 6 Abs. 1 lit. a DSGVO). In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 Abs. 1 lit. f DSGVO) in fast and effective communication with you or other customers and business partners. However, we only use the integrated audio and video elements insofar as you have given your consent.

YouTube Privacy Policy

YouTube Privacy Policy Summary 👥 Affected parties: Visitors to the website 🤝 Purpose: Optimization of our services 📓 Data processed: Data such as contact details, user behavior data, information about your device and your IP address may be stored. More details can be found below in this privacy policy. 📅 Storage duration: Data is generally stored as long as it is necessary for the purpose of the service ⚖️ Legal bases: Art. 6 Abs. 1 lit. a DSGVO (Consent), Art. 6 Abs. 1 lit. f DSGVO (Legitimate Interests)

What is YouTube?

We have embedded YouTube videos on our website. This allows us to present interesting videos directly on our site. YouTube is a video portal that has been a subsidiary of Google since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page on our website that has an embedded YouTube video, your browser automatically connects to the servers of YouTube or Google. In doing so, various data is transferred (depending on the settings). Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all data processing in the European area. In the following, we would like to explain in more detail what data is processed, why we have embedded YouTube videos and how you can manage or delete your data. On YouTube, users can watch, rate, comment on and upload videos free of charge. Over the past few years, YouTube has become one of the most important social media channels worldwide. To display videos on our website, YouTube provides a code snippet that we have embedded on our site.

Why do we use YouTube videos on our website?

YouTube is the video platform with the most visitors and the best content. We strive to provide you with the best possible user experience on our website. And of course, interesting videos are an essential part of that. With the help of our embedded videos, we provide you with additional helpful content alongside our texts and images. In addition, our website is more easily found on the Google search engine thanks to the embedded videos. Even when we run advertisements through Google Ads, Google can – thanks to the collected data – show these ads only to people who are interested in our offerings.

What data is stored by YouTube?

As soon as you visit one of our pages that has an embedded YouTube video, YouTube sets at least one cookie that stores your IP address and our URL. If you are logged into your YouTube account, YouTube can usually associate your interactions on our website with your profile using cookies. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution or your internet provider. Additional data may include contact details, any ratings, sharing of content via social media or adding to your favorites on YouTube. If you are not logged into a Google account or a YouTube account, Google stores data with a unique identifier linked to your device, browser or app. This way, for example, your preferred language setting is maintained. However, many interaction data cannot be stored because fewer cookies are set. In the following list, we show cookies that were set in a test in the browser. On the one hand, we show cookies that are set without a logged-in YouTube account. On the other hand, we show cookies that are set with a logged-in account. The list cannot claim to be complete because the user data always depends on the interactions on YouTube. Name: YSC Value: b9-CV6ojI5Y311714923-1 Purpose: This cookie registers a unique ID to store statistics of the video viewed. Expiry date: after session end Name: PREF Value: f1=50000000 Purpose: This cookie also registers your unique ID. Google receives statistics via PREF on how you use YouTube videos on our website. Expiry date: after 8 months Name: GPS Value: 1 Purpose: This cookie registers your unique ID on mobile devices to track GPS location. Expiry date: after 30 minutes Name: VISITOR_INFO1_LIVE Value: 95Chz8bagyU Purpose: This cookie attempts to estimate the user’s bandwidth on our web pages (with embedded YouTube video). Expiry date: after 8 months Additional cookies that are set when you are logged into your YouTube account: Name: APISID Value: zILlvClZSkqGsSwI/AU1aZI6HY7311714923- Purpose: This cookie is used to create a profile of your interests. The data is used for personalized advertisements. Expiry date: after 2 years Name: CONSENT Value: YES+AT.de+20150628-20-0 Purpose: The cookie stores the status of a user’s consent to the use of various Google services. CONSENT also serves security purposes, to verify users and protect user data from unauthorized attacks. Expiry date: after 19 years Name: HSID Value: AcRwpgUik9Dveht0I Purpose: This cookie is used to create a profile of your interests. This data helps to display personalized advertising. Expiry date: after 2 years Name: LOGIN_INFO Value: AFmmF2swRQIhALl6aL‚Ķ Purpose: This cookie stores information about your login data. Expiry date: after 2 years Name: SAPISID Value: 7oaPxoG-pZsJuuF5/AnUdDUIsJ9iJz2vdM Purpose: This cookie works by uniquely identifying your browser and device. It is used to create a profile of your interests. Expiry date: after 2 years Name: SID Value: oQfNKjAsI311714923- Purpose: This cookie stores your Google account ID and your last login time in digitally signed and encrypted form. Expiry date: after 2 years Name: SIDCC Value: AN0-TYuqub2JOcDTyL Purpose: This cookie stores information about how you use the website and what advertisements you may have seen before visiting our site. Expiry date: after 3 months

How long and where is the data stored?

The data that YouTube receives from you and processes is stored on Google servers. Most of these servers are located in America. At https://datacenters.google/ you can see exactly where Google’s data centers are located. Your data is distributed across the servers. This means the data can be retrieved more quickly and is better protected against manipulation. Google stores the collected data for varying lengths of time. You can delete some data at any time, other data is automatically deleted after a limited period of time, and still other data is stored by Google for a longer period. Some data (such as items from “My Activity”, photos or documents, products) that are stored in your Google account remain stored until you delete them. Even if you are not logged into a Google account, you can delete some data that is linked to your device, browser or app.

How can I delete my data or prevent data storage?

In principle, you can manually delete data in your Google account. With the automatic deletion function for location and activity data introduced in 2019, information is stored for either 3 or 18 months depending on your decision and then deleted. Regardless of whether you have a Google account or not, you can configure your browser to delete or deactivate cookies from Google. Depending on which browser you use, this works in different ways. Under the “Cookies” section, you will find the relevant links to the instructions for the most popular browsers. If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is about to be set. This way, you can decide for each individual cookie whether to allow it or not.

Legal basis

If you have consented to your data being processed and stored by embedded YouTube elements, this consent constitutes the legal basis for data processing (Art. 6 Abs. 1 lit. a DSGVO). In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 Abs. 1 lit. f DSGVO) in fast and effective communication with you or other customers and business partners. However, we only use the embedded YouTube elements insofar as you have given your consent. YouTube also sets cookies in your browser to store data. Therefore, we recommend that you read our privacy policy text about cookies carefully and review the privacy policy or cookie guidelines of the respective service provider. YouTube also processes your data in the USA, among other locations. YouTube or Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en. In addition, Google uses so-called Standard Contractual Clauses (= Art. 46. Abs. 2 und 3 DSGVO). Standard Contractual Clauses (SCC) are template clauses provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even when it is transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Google commits to maintaining the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de The Google Ads Data Processing Terms, which reference the Standard Contractual Clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/. Since YouTube is a subsidiary of Google, there is a shared privacy policy. If you would like to learn more about how your data is handled, we recommend the privacy policy at https://policies.google.com/privacy?hl=de.

Web Design Introduction

Web Design Privacy Policy Summary 👥 Affected parties: Visitors to the website 🤝 Purpose: Improving the user experience 📓 Data processed: Which data is processed depends heavily on the services used. This typically includes IP address, technical data, language settings, browser version, screen resolution and browser name. More details can be found under the respective web design tools used. 📅 Storage duration: depends on the tools used ⚖️ Legal bases: Art. 6 Abs. 1 lit. a DSGVO (Consent), Art. 6 Abs. 1 lit. f DSGVO (Legitimate Interests)

What is web design?

We use various tools on our website that serve our web design. Web design is not, as is often assumed, just about making our website look attractive, but also about functionality and performance. Of course, the appropriate appearance of a website is also one of the major goals of professional web design. Web design is a sub-area of media design and deals with both the visual as well as the structural and functional design of a website. The goal is to improve your experience on our website through web design. In web design jargon, this is referred to as user experience (UX) and usability. User experience refers to all the impressions and experiences that a website visitor has on a website. A subcategory of user experience is usability. This concerns the user-friendliness of a website. The focus here is primarily on ensuring that content, subpages or products are clearly structured and that you can find what you are looking for easily and quickly. In order to provide you with the best possible experience on our website, we also use so-called web design tools from third-party providers. In this privacy policy, the category “web design” therefore includes all services that improve our website in terms of design. These can be, for example, fonts, various plugins or other integrated web design functions.

Why do we use web design tools?

How you absorb information on a website depends heavily on the structure, functionality and visual perception of the website. Therefore, good and professional web design has also become increasingly important for us. We are constantly working on improving our website and see this as an extended service for you as a website visitor. Furthermore, an attractive and functioning website also has economic benefits for us. After all, you will only visit us and make use of our offers if you feel completely comfortable.

What data is stored by web design tools?

When you visit our website, web design elements may be integrated into our pages that can also process data. The exact data involved naturally depends heavily on the tools used. Below you can see exactly which tools we use for our website. We recommend that you also read the respective privacy policy of the tools used for more detailed information about data processing. In most cases, you will find out what data is processed, whether cookies are used and how long the data is retained. Fonts such as Google Fonts, for example, also automatically transmit information such as language settings, IP address, browser version, browser screen resolution and browser name to Google servers.

Duration of data processing

How long data is processed is very individual and depends on the web design elements used. When cookies are used, for example, the retention period can range from just one minute to several years. Please inform yourself in this regard. We recommend our general text section on cookies as well as the privacy policies of the tools used. There you will usually find out exactly which cookies are used and what information is stored in them. Google Font files, for example, are stored for one year. This is intended to improve the loading time of a website. In principle, data is only retained for as long as is necessary to provide the service. Where legal requirements apply, data may also be stored for longer.

Right to object

You also have the right and the option at any time to revoke your consent to the use of cookies or third-party providers. This works either via our cookie management tool or via other opt-out functions. You can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser. Among web design elements (mostly fonts), however, there is also data that cannot be deleted quite so easily. This is the case when data is automatically collected upon a page visit and transmitted to a third-party provider (such as Google). In this case, please contact the support of the respective provider. In the case of Google, you can reach support at https://support.google.com/?hl=de.

Legal basis

If you have consented to the use of web design tools, the legal basis for the corresponding data processing is this consent. This consent constitutes the legal basis pursuant to Art. 6 Abs. 1 lit. a DSGVO (Consent) for the processing of personal data as may occur through the collection by web design tools. On our part, there is also a legitimate interest in improving the web design on our website. After all, we can only provide you with an attractive and professional web experience this way. The corresponding legal basis for this is Art. 6 Abs. 1 lit. f DSGVO (Legitimate Interests). Nevertheless, we only use web design tools insofar as you have given your consent. We definitely want to emphasize this point once more. Information about specific web design tools can be found – where available – in the following sections.

Google Fonts Local Privacy Policy

On our website, we use Google Fonts from Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible. We have integrated the Google fonts locally, i.e. on our web server ‚Äì not on Google’s servers. As a result, there is no connection to Google servers and therefore no data transfer or storage.

What are Google Fonts?

Google Fonts used to be called Google Web Fonts. It is an interactive directory of over 800 fonts that Google provides free of charge. With Google Fonts, one could use fonts without uploading them to one’s own server. However, in order to prevent any transfer of information to Google servers in this regard, we have downloaded the fonts to our server. In this way, we act in compliance with data protection regulations and do not send any data to Google Fonts. All texts are protected by copyright. Last updated: April 2026