REHKATSCH ATTORNEYS AT LAW
1. name and contact details of the person responsible for processing the data
This data protection information applies to data processing by:
Person responsible: Patrick-Marvin Rehkatsch, Zülpicher Platz 7, 50674 Cologne, Germany, Email: info@rehkatsch.de, Phone: Tel: +49 (0) 221-4201074, Fax: +49 (0) 221-4206640
2. collection and storage of personal data as well as type and purpose of their use
When visiting the website
Beim Aufrufen unserer Website https://rehkatsch.de werden durch den auf Ihrem Endgerät zum Einsatz kommenden Browser automatisch Informationen an den Server unserer Website gesendet. Diese Informationen werden temporär in einem sog. Logfile gespeichert. Folgende Informationen werden dabei ohne Ihr Zutun erfasst und bis zur automatisierten Löschung gespeichert:
- IP address of the requesting computer,
Date and time of access,
- Name and URL of the retrieved file,
- Website from which the access is made (referrer URL),
- The browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
The aforementioned data will be processed by us for the following purposes:
- Ensuring a smooth connection of the website,
- Ensuring a comfortable use of our website,
- Evaluation of system security and stability, and
- for other administrative purposes.
The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person.
In addition, we use cookies and analysis services when you visit our website. You can find more detailed explanations in this privacy policy.
When using our contact form
For questions of any kind, we offer you the possibility to contact us via a form provided on the website. In doing so, it is necessary to provide your name and a valid e-mail address so that we know from whom the request originates and so that we can answer it. Additional information can be provided voluntarily.
Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO on the basis of your voluntarily given consent.
The personal data collected by us for the use of the contact form will be automatically deleted after completion of your request and expiration of the corresponding legal retention periods.
Phone
When you call us, the call data is stored pseudonymously on the respective terminal device and with the telecommunications provider used. In addition, data such as name and telephone number can subsequently be sent by e-mail and stored for the purpose of responding to inquiries. The data is deleted as soon as the business case has been terminated and legal requirements permit.
If you communicate with us by e-mail, data may be stored on the respective end device (computer, laptop, smartphone) and data is stored on the e-mail server. The data is deleted as soon as the business case has been terminated and legal requirements permit.
3. disclosure of data
Your personal data will not be transferred to third parties for purposes other than those listed below.
We will only share your personal information with third parties if:
- You have provided us with your personal data in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO have given express consent to this,
- the disclosure according to Art. 6 para. 1 p. 1 lit. f DSGVO is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data,
- in the event that for the transfer according to Art. 6 para. 1 p. 1 lit. c DSGVO a legal obligation exists, as well as
this is legally permissible and in accordance with Art. 6 para. 1 p. 1 lit. b DSGVO is necessary for the processing of contractual relationships with you.
4. data transmission to third countries
We only transfer or process data to countries outside the EU (third countries) if you consent to this processing, if this is required by law or contractually necessary and in any case only to the extent that this is generally permitted. Your consent is in most cases the most important reason for us to have data processed in third countries. Processing personal data in third countries such as the U.S., where many software vendors provide services and have their server locations, may mean that personal data is processed and stored in unexpected ways.
We expressly point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. Data processing by US services (such as Google Analytics) may result in data not being processed and stored anonymously where applicable. In addition, U.S. government authorities may have access to individual data. In addition, collected data may be linked to data from other services of the same provider, if you have a corresponding user account. If possible, we try to use server locations within the EU, if this is offered.
We will inform you in more detail about data transfer to third countries, if applicable, at the appropriate places in this privacy policy.
5. cookies
We use cookies on our site. These are small files that your browser automatically creates and that are stored on your end device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your end device, do not contain viruses, Trojans or other malware.
Information is stored in the cookie that arises in each case in connection with the specific end device used. This does not mean, however, that we thereby gain direct knowledge of your identity.
The use of cookies serves on the one hand to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after leaving our site.
In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your terminal device for a certain specified period of time. If you visit our site again to use our services, it is automatically recognized that you have already been with us and which entries and settings you have made so that you do not have to enter them again.
On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you (see section 5). These cookies allow us to automatically recognize that you have already been with us when you visit our site again. These cookies are automatically deleted after a defined period of time.
The data processed by cookies are necessary for the aforementioned purposes to protect our legitimate interests as well as those of third parties pursuant to Art. 6 para. 1 p. 1 lit. f DSGVO required.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.
6. analysis tools / tracking tools
The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 p. 1 lit. f DSGVO carried out. With the tracking measures used, we want to ensure a needs-based design and the ongoing optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These interests are to be considered legitimate within the meaning of the aforementioned provision.
The respective data processing purposes and data categories can be found in the corresponding tracking tools.
Google Analytics
For the purpose of demand-oriented design and continuous optimization of our pages, we use Google Analytics, a web analytics service provided by Google, Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). In this context, pseudonymized usage profiles are created and cookies (see under item 4) are used. The information generated by the cookie about your use of this website such as
- Browser type/version,
- operating system used,
- Referrer URL (the previously visited page),
- Host name of the accessing computer (IP address),
- Time of the server request,
are transferred to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to the use of the website and the Internet for the purposes of market research and demand-oriented design of these Internet pages. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. In no case will your IP address be merged with other data from Google. The IP addresses are anonymized so that an assignment is not possible (IP masking).
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on(https://tools.google.com/dlpage/gaoptout?hl=de).
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent the collection by Google Analytics by clicking on this link. An opt-out cookie is set that prevents future collection of your data when visiting this website. The opt-out cookie is valid only in this browser and only for our website and is placed on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
Further information on data protection in connection with Google Analytics can be found, for example, in the Google Analytics Help(https://support.google.com/analytics/answer/6004245?hl=de).
Data protection authorities require the conclusion of a commissioned data processing agreement for the permissible use of Google Analytics. A corresponding template is offered by Google at http://www.google.com/analytics/terms/de.pdf.
Google Adwords Conversion Tracking
In order to statistically record the use of our website and to evaluate it for the purpose of optimizing our website for you, we also use Google Conversion Tracking. Google Adwords sets a cookie (see above) on your computer if you have accessed our website via a Google ad.
These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords customer’s website and the cookie has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page.
Each Adwords customer receives a different cookie. Cookies can therefore not be tracked through the websites of Adwords customers. The information collected using the conversion cookie is used to create conversion statistics for Adwords customers who have opted for conversion tracking. Adwords clients will learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information with which users can be personally identified.
If you do not wish to participate in the tracking procedure, you can also refuse the setting of a cookie required for this – for example, by means of a browser setting that generally deactivates the automatic setting of cookies. You can also disable cookies for conversion tracking by setting your browser to block cookies from the “www.googleadservices.com” domain. Google’s privacy policy on conversion tracking can be found here(https://services.google.com/sitestats/de.html).
7. messenger and other communication
We offer various options on our website (such as messenger and chat functions, online or contact forms, e-mail, telephone) to communicate with us. In the process, your data will also be processed and stored to the extent necessary to respond to your inquiry and our subsequent actions.
In addition to traditional means of communication such as e-mail, contact forms or telephone, we also use chats or messengers. Currently, the most commonly used messenger function is WhatsApp, but there are of course many different providers that offer messenger functions specifically for websites. If content is end-to-end encrypted, this is indicated in the individual data protection texts or in the privacy policy of the respective provider. End-to-end encryption means nothing other than that the contents of a message are not visible even to the provider. However, information about your device, location settings and other technical data may still be processed and stored.
Communication possibilities with you are of great importance for us. Finally, we want to talk to you and answer all possible questions about our service in the best possible way. Well-functioning communication is an important part of our service. With the convenient messenger & communication features, you can always choose the ones you like the most. In exceptional cases, however, we may not be able to answer certain questions via chat or messenger. Here we recommend other means of communication such as e-mail or telephone.
We generally assume that we remain responsible under data protection law, even if we use services of a social media platform. However, the European Court of Justice has ruled that in certain cases the operator of the social media platform may be jointly responsible with us within the meaning of Art. 26 GDPR. Insofar as this is the case, we will point this out separately and work on the basis of an agreement to this effect. The essence of the agreement is reproduced below under the platform concerned.
Please note that when using our built-in elements, data from you may also be processed outside the European Union, as many providers, for example Facebook Messenger or WhatsApp are American companies. As a result, you may no longer be able to claim or enforce your rights with respect to your personal data as easily.
Exactly which data is stored and processed depends on the respective provider of the messenger & communication functions. Basically, this is data such as name, address, telephone number, e-mail address and content data such as any information you enter in a contact form. In most cases, information about your device and the IP address are also stored. Data collected via a messenger & communication function is also stored on the providers’ servers.
If you want to know exactly what data is stored and processed by the respective providers and how you can object to the data processing, you should carefully read the respective privacy policy of the company.
You also have the right and the possibility to revoke your consent to the use of cookies or third-party providers at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection through cookies by managing, disabling or deleting cookies in your browser. For more information, please refer to the consent section.
Since Messenger & Communication features may use cookies, we also recommend that you read our general privacy policy on cookies. To find out exactly which of your data is stored and processed, you should read the privacy statements of the respective tools.
If you have consented that data of you can be processed and stored by integrated messenger & communication functions, this consent is considered the legal basis of the data processing (Art. 6 para. 1 lit. a DSGVO). We process your request and manage your data in the context of contractual or pre-contractual relationships in order to fulfill our pre-contractual and contractual obligations or to respond to requests. The basis for this is Art. 6 para. 1 p. 1 lit. b. GDPR. In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners if consent has been given.
Facebook Messenger
We use the communication tool Facebook Messenger on our website. The service provider is the American company Meta Platforms Inc. The company Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) is responsible for the European region.
Facebook also processes data from you in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may be accompanied by various risks to the lawfulness and security of data processing.
Facebook uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO) as the basis for data processing for recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries (such as the USA). Through these clauses, Facebook undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
The Facebook Data Processing Term, which complies with the Standard Contractual Clauses, can be found at https://www.facebook.com/legal/terms/dataprocessing.
You can learn more about the data processed through the use of Facebook in the Privacy Policy at https://www.facebook.com/about/privacy.
We have concluded an order processing agreement (AVV) with Facebook within the meaning of Article 28 of the General Data Protection Regulation (DSGVO).
This contract is required by law because Facebook processes personal data on our behalf. This clarifies that Facebook may only process data they receive from us according to our instructions and must comply with the GDPR. The link to the order processing agreement (AVV) can be found at https://www.facebook.com/legal/terms/dataprocessing.
Telegram Privacy Policy
We also use the instant messaging service Telegram. Service provider is the international company Telegram Messenger LLP, which is managed at a London address (71-75 Shelton Street, Covent Garden, London, United Kingdom). You can learn more about the data processed through the use of Telegram in the Privacy Policy at https://telegram.org/privacy.
WhatsApp privacy policy
We use the instant messaging service WhatsApp on our website. The service provider is the American company WhatsApp Inc. a subsidiary of Meta Platforms Inc. The company WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, is responsible for the European region.
WhatsApp also processes data from you in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may be accompanied by various risks to the lawfulness and security of data processing.
WhatsApp uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO) as the basis for data processing for recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries (such as the USA). Through these clauses, WhatsApp undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
For information on WhatsApp data transfer, which complies with the standard contractual clauses, please visit https://www.whatsapp.com/legal/business-data-transfer-addendum-20210927
You can learn more about the data processed through the use of WhatsApp in the Privacy Policy at https://www.whatsapp.com/privacy.
8. social media
In addition to our website, we are also active on various social media platforms. In the process, user data may be processed so that we can target users who are interested in us via the social networks. In addition, elements of a social media platform may also be embedded directly in our website. This is the case, for example, when you click on a so-called social button on our website and are redirected directly to our social media presence. So-called social media or social media are websites and apps through which logged-in members can produce content, share content openly or in specific groups, and network with other members.
For years, social media platforms have been the place where people communicate and connect online. Our social media presences enable us to bring our products and services closer to prospective customers. The social media elements embedded on our website help you to quickly switch to our social media content without complications.
The data that is stored and processed through your use of a social media channel is primarily for the purpose of being able to perform web analyses. The aim of these analyses is to be able to develop more precise and personalized marketing and advertising strategies. Depending on your behavior on a social media platform, appropriate conclusions can be drawn about your interests with the help of the evaluated data and so-called user profiles can be created. This also allows the platforms to present you with customized advertisements. Mostly, cookies are set in your browser for this purpose, which store data about your usage behavior.
We generally assume that we remain responsible under data protection law, even if we use services of a social media platform. However, the European Court of Justice has ruled that in certain cases the operator of the social media platform may be jointly responsible with us within the meaning of Art. 26 GDPR. Insofar as this is the case, we will point this out separately and work on the basis of an agreement to this effect. The essence of the agreement is then reproduced below with the platform concerned.
Please note that when using social media platforms or our built-in elements, data from you may also be processed outside the European Union, as many social media channels, for example Facebook or Twitter, are American companies. As a result, you may no longer be able to claim or enforce your rights with respect to your personal data as easily.
Exactly which data is stored and processed depends on the respective provider of the social media platform. But usually it is data such as phone numbers, email addresses, data you enter in a contact form, user data such as which buttons you click, who you like or follow, when you visited which pages, information about your device and your IP address. Most of this data is stored in cookies. Especially if you yourself have a profile on the visited social media channel and are logged in, data can be linked to your profile.
All data collected via a social media platform is also stored on the providers’ servers. Thus, only the providers have access to the data and can give you the appropriate information or make changes.
If you want to know exactly what data is stored and processed by the social media providers and how to object to the data processing, you should carefully read the respective privacy policy of the company. Also, if you have questions about data storage and data processing or wish to assert corresponding rights, we recommend that you contact the provider directly.
We will inform you about the duration of the data processing below, provided that we have further information on this. For example, the social media platform Facebook stores data until it is no longer needed for its own purpose. However, customer data that is matched with the user’s own data is deleted within two days. In general, we process personal data only as long as it is absolutely necessary for the provision of our services and products. If it is required by law, as in the case of accounting, for example, this storage period may also be exceeded.
You also have the right and the possibility to revoke your consent to the use of cookies or third-party providers such as embedded social media elements at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection through cookies by managing, disabling or deleting cookies in your browser.
Since social media tools may use cookies, we also recommend that you read our general privacy policy on cookies. To find out exactly which of your data is stored and processed, you should read the privacy statements of the respective tools.
If you have consented that data from you can be processed and stored by integrated social media elements, this consent is considered the legal basis of the data processing (Art. 6 para. 1 lit. a DSGVO). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners if consent has been given. Nevertheless, we only use the tools if you have given your consent. Most social media platforms also set cookies in your browser to store data. That is why we recommend that you read our privacy text about cookies carefully and view the privacy policy or cookie policy of the respective service provider.
Information on specific social media platforms – if available – can be found in the following sections.
We use selected tools from Facebook on our website. Facebook is a social media network of the company Meta Platforms Inc. or for the European area of the company Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. With the help of these tools, we can offer you and people who are interested in our products and services the best possible offer.
If data is collected from you and forwarded via our embedded Facebook elements or via our Facebook page (Fanpage), both we and Facebook Ireland Ltd. are responsible for this. Facebook is solely responsible for the further processing of this data. Our shared commitments have also been embodied in a publicly available agreement at https://www.facebook.com/legal/controller_addendum. This states, for example, that we must clearly inform you about the use of Facebook tools on our site. Furthermore, we are also responsible for ensuring that the tools are securely integrated into our website in accordance with data protection law. Facebook, on the other hand, is responsible for the data security of Facebook products, for example. If you have any questions about data collection and processing by Facebook, you can contact the company directly. If you submit the question to us, we are required to forward it to Facebook.
Below we provide an overview of the different Facebook tools, what data is sent to Facebook and how you can delete this data.
Among many other products, Facebook also offers the so-called “Facebook Business Tools”. This is the official name of Facebook. However, since the term is hardly known, we decided to just call them Facebook tools. Among them are:
- Facebook Pixel
- social plug-ins (such as the “Like” or “Share” button)
- Facebook Login
- Account Kit
- APIs (Application Programming Interface)
- SDKs (collection of programming tools)
- Platform integrations
- Plugins
- Codes
- Specifications
- Documentations
- Technologies and services
Through these tools, Facebook extends services and has the ability to obtain information about user activity outside of Facebook.
We only want to show our services and products to people who are really interested in them. With the help of advertisements (Facebook Ads), we can reach exactly these people. However, in order to show users suitable advertising, Facebook needs information about people’s wishes and needs. This provides the company with information about user behavior (and contact information) on our website. As a result, Facebook collects better user data and can show interested people the appropriate ads about our products or services. The tools thus enable customized advertising campaigns on Facebook.
Facebook calls data about your behavior on our website “event data”. These are also used for measurement and analysis services. Facebook can thus generate “campaign reports” on our behalf about the impact of our advertising campaigns. Furthermore, through analytics we get a better insight into how you use our services, website or products. As a result, we use some of these tools to optimize your user experience on our website. For example, you can use the social plug-ins to share content on our site directly on Facebook.
By using individual Facebook tools, personal data (customer data) may be sent to Facebook. Depending on the tools used, customer data such as name, address, phone number and IP address can be sent.
Facebook uses this information to match the data with the data it itself has from you (if you are a Facebook member). Before customer data is transmitted to Facebook, a so-called “hashing” takes place. This means that a data set of any size is transformed into a string. This also serves to encrypt data.
In addition to contact data, “event data” is also transmitted. “Event Data” means that information we receive about you on our website. For example, which subpages you visit or which products you buy from us. Facebook does not share the information it receives with third parties (such as advertisers) unless the company has explicit permission or is legally required to do so. “Event data” can also be associated with contact data. This allows Facebook to offer better personalized advertising. After the aforementioned matching process, Facebook deletes the contact data again.
In order to deliver ads in an optimized manner, Facebook only uses event data when it has been aggregated with other data (collected by Facebook in other ways). Facebook also uses this event data for security, safety, development, and research purposes. Much of this data is transferred to Facebook via cookies. Cookies are small text files that are used to store data or information in browsers. Depending on the tools you use and whether you are a Facebook member, different numbers of cookies are created in your browser. In the descriptions of the individual Facebook tools, we go into more detail about individual Facebook cookies. General information about the use of Facebook cookies can also be found at https://www.facebook.com/policies/cookies.
Basically, Facebook stores data until it is no longer needed for its own services and Facebook products. Facebook has servers spread all over the world where its data is stored. However, customer data is deleted within 48 hours after it has been compared with the user’s own data.
In accordance with the Basic Data Protection Regulation, you have the right to information, correction, transferability and deletion of your data. A complete deletion of the data only occurs if you delete your Facebook account completely.
The storage of data that Facebook receives via our site takes place, among other things, via cookies (e.g. for social plugins). In your browser, you can disable, delete or manage individual or all cookies. Depending on which browser you use, this works in different ways. Under the section “Cookies” you will find the corresponding links to the respective instructions of the most popular browsers.
If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. Thus, for each individual cookie, you can decide whether to allow it or not.
If you have consented that data from you can be processed and stored by integrated Facebook tools, this consent is considered the legal basis of the data processing (Art. 6 para. 1 lit. a DSGVO). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the tools if you have given your consent. Most social media platforms also set cookies in your browser to store data. That is why we recommend that you read our privacy text about cookies carefully and view Facebook’s privacy policy or cookie policy.
Facebook also processes data from you in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may be accompanied by various risks to the lawfulness and security of data processing.
Facebook uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO) as the basis for data processing for recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries (such as the USA). Through these clauses, Facebook undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
Facebook’s data processing terms and conditions, which comply with the standard contractual clauses, can be found at https://www.facebook.com/legal/terms/dataprocessing.
If you want to learn more about how Facebook uses your data, we recommend that you read the data policy at https://www.facebook.com/about/privacy/update.
We have integrated the convenient Facebook login on our site. So you can easily log in to us with your Facebook account without having to create another user account. If you choose to make your registration through the Facebook login, you will be redirected to the Facebook social media network. There, the login takes place via your Facebook user data. Through this login process, data about you or your user behavior is stored and transmitted to Facebook.
To store the data, Facebook uses various cookies. You can find more information in the “Cookies” section.
The Facebook login offers you on the one hand a quick and easy registration process, on the other hand it gives us the opportunity to share data with Facebook. This allows us to better tailor our offer and promotions to your interests and needs. Data we receive from Facebook in this way is public data such as.
- Your Facebook name
- Your profile picture
- a deposited e-mail address
- Friends lists
- Buttons indications (e.g. “Like” button)
- Birthday date
- Language
- Residence
In return, we provide Facebook with information about your activities on our website. This includes, among other things, information about the device you are using, which of our sub-pages you visit or which products you have purchased from us.
By using Facebook Login, you consent to data processing. You can revoke this agreement at any time. If you want to learn more information about data processing by Facebook, we recommend that you read the Facebook privacy statement at https://www.facebook.com/policy.php?tid=312271331.
Provided you are logged in to Facebook, you can change your ad settings at https://www.facebook.com/adpreferences/advertisers/?entry_product=ad_settings_screen
change itself.
Our website contains so-called social plug-ins of the company Meta Platforms Inc. built in. You can recognize these buttons by the classic Facebook logo, such as the “Like” button (the hand with raised thumb) or by a clear “Facebook Plug-in” label. A social plug-in is a small part of Facebook that is integrated into our site. Each plug-in has its own function. The most commonly used functions are the well-known “Like” and “Share” buttons.
When you visit a page of our website that contains such a plugin, your browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser, which then integrates it into the website.
By integrating the plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there.
The following social plug-ins are offered by Facebook:
- “Save” button
- “Like” button, share, send and quote
- Page plug-in
- Comments
- Messenger plug-in
- Embedded posts and video player
- Group plug-in
If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook account. If you interact with the plugins, for example by clicking the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information will also be published on Facebook and displayed to your Facebook friends.
Facebook may use this information for the purposes of advertising, market research, and customization of Facebook pages. For this purpose, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.
Visit https://developers.facebook.com/docs/plugins for more information on how to use each plug-in. We use the social plug-ins on the one hand to offer you a better user experience on our site, and on the other hand because Facebook can optimize our advertisements as a result.
If you have a Facebook account or have visited https://www.facebook.com/ before, Facebook has already set at least one cookie in your browser. In this case, your browser sends information to Facebook via this cookie as soon as you visit our site or interact with social plug-ins (e.g. the “Like” button).
The information obtained is deleted or anonymized again within 90 days. According to Facebook, this data includes your IP address, which website you visited, the date, time and other information concerning your browser.
To prevent Facebook from collecting a lot of data during your visit to our website and connecting it with Facebook data, you must log out of Facebook while visiting the website.
If you are not logged into Facebook or do not have a Facebook account, your browser sends less information to Facebook because you have fewer Facebook cookies. Nevertheless, data such as your IP address or which website you visit may be transferred to Facebook. We would like to point out that we do not know the exact content of the data. However, we try to inform you about the data processing as good as possible according to our current knowledge. You can also read about how Facebook uses data in the company’s data policy at https://www.facebook.com/about/privacy/update.
Provided you are logged in to Facebook, you can change your ad settings yourself at https://www.facebook.com/adpreferences/advertisers/. If you are not a Facebook user, you can click on
https://www.youronlinechoices.com/de/praferenzmanagement/?tid=312271331 basically manage your usage-based online advertising. There you have the option to disable or enable providers.
If you want to learn more about Facebook’s privacy policy, we recommend that you read the company’s own data policy at https://www.facebook.com/policy.php?tip=312271331.
Facebook uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO) as the basis for data processing for recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries (such as the USA). Through these clauses, Facebook undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
The Facebook Data Processing Term, which complies with the Standard Contractual Clauses, can be found at https://www.facebook.com/legal/terms/dataprocessing.
For the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights in this regard and setting options for protecting your privacy, please refer to Facebook’s privacy policy (https://www.facebook.com/about/privacy/).
We also have a Facebook fan page for our website. The service provider is the American company Meta Platforms Inc. The company Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) is responsible for the European region.
Facebook also processes data from you in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may be accompanied by various risks to the lawfulness and security of data processing.
Facebook uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO) as the basis for data processing for recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries (such as the USA). Through these clauses, Facebook undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
The Facebook Data Processing Term, which complies with the Standard Contractual Clauses, can be found at https://www.facebook.com/legal/terms/dataprocessing.
You can learn more about the data processed through the use of Facebook in the Privacy Policy at https://www.facebook.com/about/privacy.
We have incorporated Instagram features on our website. Instagram is a social media platform of the company Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Instagram has been a subsidiary of Meta Platforms Inc. since 2012. and belongs to the Facebook products. Embedding Instagram content on our website is called embedding. This allows us to show you content like buttons, photos or videos from Instagram directly on our website. When you access web pages of our website that have an Instagram function integrated, data is transmitted to Instagram, stored and processed. Instagram uses the same systems and technologies as Facebook. Your data is thus processed across all Facebook companies.
The plugins are marked with an Instagram logo, for example in the form of an “Instagram camera”. When you visit a page of our website that contains such a plugin, your browser establishes a direct connection to the servers of Instagram. The content of the plugin is transmitted by Instagram directly to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has called up the corresponding page of our website, even if you do not have an Instagram profile or are not currently logged in to Instagram.
This information (including your IP address) is transmitted from your browser directly to an Instagram server in the USA and stored there. If you are logged in to Instagram, Instagram can directly assign your visit to our website to your Instagram account. If you interact with the plugins, for example by clicking the “Instagram” button, this information is also transmitted directly to an Instagram server and stored there.
The information will also be published on your Instagram account and shown to your contacts there.
If you do not want Instagram to directly assign the data collected via our website to your Instagram account, you must log out of Instagram before visiting our website.
In the following, we want to give you a more detailed insight into why Instagram collects data, what kind of data it is and how you can largely control the data processing. Since Instagram is part of Meta Platforms Inc. we obtain our information from Instagram’s policies on the one hand, but also from the meta-privacy policies themselves on the other.
Instagram is one of the most popular social media networks in the world. Instagram combines the advantages of a blog with those of audiovisual platforms like YouTube or Vimeo. You can upload photos and short videos on Instagram, edit them with various filters and share them on other social networks as well. And if you don’t want to be active yourself, you can just follow other interesting users.
Since Instagram is a subsidiary of Facebook, the data collected may also serve us for personalized advertising on Facebook. This way, only people who are really interested in our products or services receive our advertisements.
Instagram also uses the collected data for measurement and analytics purposes. We get aggregated statistics and thus more insight about your wishes and interests. It is important to note that these reports do not identify you personally.
When you come across one of our pages that have Instagram features (such as Instagram images or plug-ins) built in, your browser automatically connects to Instagram’s servers. In the process, data is sent to Instagram, stored and processed. And that’s whether you have an Instagram account or not. This includes information about our website, about your computer, about purchases you have made, about advertisements you see and how you use our services. Furthermore, the date and time of your interaction with Instagram is also stored. If you have an Instagram account or are logged in, Instagram stores significantly more data about you.
Facebook distinguishes between customer data and event data. We assume that this is exactly the case with Instagram. Customer data are, for example, name, address, telephone number and IP address. This customer data will only be transmitted to Instagram if you have been “hashed” beforehand. Hashing means that a data set is transformed into a character string. This allows you to encrypt the contact information. In addition, the above-mentioned “event data” are also transmitted. By “event data” Facebook – and consequently Instagram – means data about your user behavior. It may also happen that contact data is combined with event data. The contact data collected is matched with the data Instagram already has from you.
Via small text files (cookies), which are usually set in your browser, the collected data is transmitted to Facebook. Depending on the Instagram features used and whether you have an Instagram account yourself, different amounts of data are stored.
We assume that Instagram’s data processing works the same way as Facebook’s. This means that if you have an Instagram account or have visited www.instagram.com, Instagram has set at least one cookie. If this is the case, your browser sends info to Instagram via the cookie as soon as you come into contact with an Instagram function. After 90 days at the latest (after matching), this data is deleted or anonymized again.
Instagram shares the information it receives between Facebook companies with external partners and with people you connect with around the world. Data processing is carried out in compliance with its own data policy. For security reasons, among others, your data is distributed on Facebook servers around the world. Most of these servers are located in the USA.
Thanks to the Basic Data Protection Regulation, you have the right of access, portability, rectification and deletion of your data. You can manage your data in the Instagram settings. If you want to delete your data on Instagram completely, you need to delete your Instagram account permanently.If you delete your account completely, Instagram will delete posts such as your photos and status updates. Information that other people have shared about you does not belong to your account and consequently will not be deleted.
As mentioned above, Instagram stores your data primarily via cookies. You can manage, disable or delete these cookies in your browser. Depending on your browser, the management always works a bit differently.
You can also basically set up your browser so that you are always informed when a cookie is to be set. Then you can always decide individually whether you want to allow the cookie or not.
If you have consented that data from you can be processed and stored by integrated social media elements, this consent is considered the legal basis of the data processing (Art. 6 para. 1 lit. a DSGVO). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the integrated social media elements if you have given your consent. Most social media platforms also set cookies in your browser to store data. That is why we recommend that you read our privacy text about cookies carefully and view the privacy policy or cookie policy of the respective service provider.
Instagram and Facebook, respectively, also process data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may be accompanied by various risks to the lawfulness and security of data processing.
Facebook uses standard contractual clauses approved by the EU Commission (= Art. 46. para. 2 and 3 DSGVO) as the basis for data processing for recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there. These clauses oblige Facebook to comply with the EU level of data protection when processing relevant data outside the EU. These clauses are based on an implementing decision of the EU Commission. You can find the decision as well as the clauses, among others, here: https://germany.representation.ec.europa.eu/index_de.
We have tried to bring you closer to the most important information about Instagram’s data processing. You can learn more about Instagram’s data policies at https://help.instagram.com/519522125107875. For more information, please also see Instagram’s privacy policy (https://help.instagram.com/155833707900388).
When you call up a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. Twitter thereby receives the information that you have visited our site with your IP address. If you click the Twitter “tweet button” while logged into your Twitter account, you can link the contents of our pages on your Twitter profile. This allows Twitter to assign the visit to our pages to your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter.
If you do not want Twitter to be able to associate your visit to our pages, please log out of your Twitter user account.
We have integrated Twitter functions on our website. These are, for example, embedded tweets, timelines, buttons or hashtags. Twitter is a short message service and a social media platform of the company Twitter Inc, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland.
To our knowledge, in the European Economic Area and Switzerland, no personal data or data relating to your web activities is transferred to Twitter by the mere inclusion of the Twitter function. Only when you interact with the Twitter functions, such as clicking on a button, can data be sent to Twitter, stored there and processed. We have no influence on this data processing and bear no responsibility for it. Within the framework of this privacy policy, we want to give you an overview of what data Twitter stores, what Twitter does with this data and how you can protect yourself to a large extent from the data transfer.
Both individuals and businesses use Twitter to communicate with interested parties via short messages. Twitter only allows 280 characters per message. These messages are called “tweets. Unlike Facebook, for example, the service does not focus on expanding a network for “friends,” but wants to be understood as a worldwide and open news platform. On Twitter, it is also possible to have an anonymous account and tweets can be deleted by the company on the one hand and by the users themselves on the other.
On some of our subpages you will find the built-in Twitter functions. When you interact with Twitter content, such as clicking on a button, Twitter may collect and store data. And that’s even if you don’t have a Twitter account yourself. Twitter calls this data “log data.” This includes demographic data, browser cookie IDs, your smartphone ID, hashed email addresses, and information about what pages you visited on Twitter and what actions you took. Twitter stores more data, of course, if you have a Twitter account and are logged in. Most often, this storage happens via cookies. Cookies are small text files that are usually set in your browser and transmit different information to Twitter. You can find more information in the “Cookies” section.
Twitter uses the collected data on the one hand to better understand user behavior and thus improve its own services and advertising offers, and on the other hand the data also serves internal security measures.
When Twitter collects data from other websites, it is deleted, aggregated, or otherwise obscured after a maximum of 30 days. Twitter’s servers are located on various server centers in the United States. Accordingly, it can be assumed that the data collected will be collected and stored in America. In principle, Twitter may store the data collected until it is no longer useful to the company, you delete the data or there is a statutory deletion period.
Twitter repeatedly emphasizes in its privacy policy that it does not store data from external website visits if you or your browser are located in the European Economic Area or Switzerland. However, if you interact with Twitter directly, Twitter will of course store data about you.
Most data is stored via cookies, as mentioned above, and you can manage, disable or delete them in your browser. Please note that you “edit” cookies only in the browser you choose. This means that if you use a different browser in the future, you will have to manage your cookies there again according to your wishes.
You can also manage your browser so that you are informed each time a cookie is sent. Then you can always decide individually whether to allow a cookie or not.
Twitter also uses the data for personalized advertising inside and outside of Twitter. You can disable personalized advertising in the settings under “Individualization and data”. If you are using Twitter on a browser, you can disable personalized advertising at https://optout.aboutads.info/?c=2&lang=EN.
If you have consented that data from you can be processed and stored by integrated social media elements, this consent is considered the legal basis of the data processing (Art. 6 para. 1 lit. a DSGVO). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the integrated social media elements if you have given your consent. Most social media platforms also set cookies in your browser to store data. That is why we recommend that you read our privacy text about cookies carefully and view the privacy policy or cookie policy of the respective service provider.
Twitter also processes data from you in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may be accompanied by various risks to the lawfulness and security of data processing.
Twitter uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO) as the basis for data processing for recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries (such as the USA). Through these clauses, Twitter undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
More information about Twitter’s standard contractual clauses can be found at https://gdpr.twitter.com/en/controller-to-controller-transfers.html.
We hope we have given you a basic overview of Twitter’s data processing. We do not receive any data from Twitter, nor do we bear any responsibility for what Twitter does with your data. If you have any further questions on this topic, we recommend that you read the Twitter privacy statement at https://twitter.com/de/privacy.
We use social plugins of the social media network Xing, of the company Xing SE, Dammtorstraße 30, 20354 Hamburg, Germany, on our website. Through these functions, you can, for example, share content on Xing directly from our website, log in via Xing or follow interesting content. You can recognize the plug-ins by the company name or the Xing logo. When you visit a website that uses a Xing plug-in, data may be transmitted to the “Xing servers”, stored and analyzed. In this privacy policy, we want to inform you about what data is involved and how to manage or prevent this data storage.
Xing is a social network headquartered in Hamburg, Germany. The company specializes in managing professional contacts. That is, unlike other networks, Xing is primarily about professional networking. The platform is often used for job hunting or to find employees for one’s own company. In addition, Xing offers interesting content on various professional topics. The global counterpart to this is the American company LinkedIn.
Xing offers the share button, the follow button, and the log-in button as plug-ins for websites. As soon as you open a page where a social plug-in from Xing is installed, your browser connects to servers in a data center used by Xing. In the case of the share button, no data should be stored – according to Xing – that could derive a direct reference to a person. In particular, Xing does not store your IP address. Furthermore, no cookies are set in connection with the share button. Thus, no evaluation of your user behavior takes place. For more information, please visit https://dev.xing.com/plugins/share_button/privacy_policy
For the other Xing plug-ins, cookies are only set in your browser when you interact with or click on the plug-in. Personal data such as your IP address, browser data, date and time of your page view on Xing may be stored here. If you have a XING account and are logged in, collected data will be assigned to your personal account and the data stored in it.
As soon as you are logged in to Xing or become a member, further personal data is collected, processed and stored. Xing also discloses personal data to third parties if this is necessary for the fulfillment of its own business purposes, if you have given your consent, or if a legal obligation exists.
Xing stores the data on different servers in various data centers. The company stores this data until you delete the data or until a user account is deleted. Of course, this only affects users who are already Xing members.
You have the right to access and also delete your personal data at any time. Even if you are not a Xing member, you can use your browser to prevent possible data processing or manage it according to your wishes. Most of the data is stored via cookies. Depending on which browser you have, the management works slightly differently.
You can also basically set up your browser so that you are always informed when a cookie is to be set. Then you can always decide individually whether you want to allow the cookie or not.
If you have consented that data from you can be processed and stored by integrated social media elements, this consent is considered the legal basis of the data processing (Art. 6 para. 1 lit. a DSGVO). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the integrated social media elements if you have given your consent. Most social media platforms also set cookies in your browser to store data. That is why we recommend that you read our privacy text about cookies carefully and view the privacy policy or cookie policy of the respective service provider.
At https://privacy.xing.com/de/datenschutzerklaerung you can learn even more about the data processing of the social media network Xing.
Our website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our web pages with your IP address. If you click the “Recommend Button” of LinkedIn and are logged into your account at LinkedIn, it is possible for LinkedIn to assign your visit to our website to you and your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by LinkedIn.
If you have consented that data from you can be processed and stored by integrated social media elements, this consent is considered the legal basis of the data processing (Art. 6 para. 1 lit. a DSGVO). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the integrated social media elements if you have given your consent. Most social media platforms also set cookies in your browser to store data. That is why we recommend that you read our privacy text about cookies carefully and view the privacy policy or cookie policy of the respective service provider.
As a basis for data processing with recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there, LinkedIn uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries (such as the USA). Through these clauses, LinkedIn undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
For more information, please see LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy.
Video conferencing
We use software programs that allow us to hold video conferences, online meetings, webinars, display sharing and/or streaming. During a videoconference or streaming, information is transmitted simultaneously via sound and moving image. With the help of such video conferencing or streaming tools, we can communicate with customers, business partners, clients and even employees quickly and easily over the Internet. Of course, we pay attention to the specified legal framework when selecting the service provider.
Basically, third-party providers can process data as soon as you interact with the software program. Third-party video conferencing or streaming solutions use your data and metadata for different purposes. The data helps, for example, to make the tool more secure and to improve the service. In most cases, the data may also be used for the third-party provider’s own marketing purposes.
Most tools work directly from your browser. The tools also offer helpful additional features such as a chat and screensharing function or the ability to share content between meeting participants.
If you participate in our video conference or in a streaming, data about you will also be processed and stored on the servers of the respective service provider.
Exactly what data is stored depends on the solutions used. Each provider stores and processes different and varying amounts of data. But as a rule, most providers store your name, address, contact information such as your email address or phone number, and IP address. Furthermore, information about the device you are using, usage data such as which websites you visit, when you visit a website or which buttons you click on may also be stored. Data shared within the video conference (photos, videos, texts) can also be saved.
In general, we process personal data only as long as it is absolutely necessary for the provision of our services and products. It may be that the provider stores data from you according to its own specifications, over which we then have no control.
You always have the right to information, correction and deletion of your personal data. If you have any questions, you can also contact the person responsible for the video conferencing or streaming tool used at any time. Contact details can be found either in our specific privacy policy or on the website of the relevant provider.
You can delete, disable or manage cookies that providers use for their functions in your browser. Depending on which browser you use, this works in different ways. Please note, however, that not all functions may then work as usual.
If you have consented that data of you can be processed and stored by the video or streaming solution, this consent is considered the legal basis of the data processing (Art. 6 para. 1 lit. a DSGVO). In addition, we may also offer a video conference as part of our services if this has been contractually agreed with you in advance (Art. 6 para. 1 lit. b DSGVO). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners, but only if you have at least consented. Most video or streaming solutions also set cookies in your browser to store data. That is why we recommend that you read our privacy text about cookies carefully and view the privacy policy or cookie policy of the respective service provider.
For information on specific videoconferencing and streaming solutions, see the following sections, if available.
Skype
We use Skype, a service for chat and video conferencing solutions, on our website. The service provider is the American company Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
Microsoft also processes data from you in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may be accompanied by various risks to the lawfulness and security of data processing.
Microsoft uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO) as the basis for data processing for recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries (such as the USA). Through these clauses, Microsoft undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
More information about Microsoft’s standard contractual clauses can be found at https://learn.microsoft.com/en-us/compliance/regulatory/offering-eu-model-clauses.
You can learn more about the data processed by using Microsoft in the privacy policy at https://privacy.microsoft.com/de-de/privacystatement.
Zoom
We use the Zoom video conferencing tool from the American software company Zoom Video Communications for our website. The company is headquartered in San Jose, California at 55 Almaden Boulevard, 6th Floor, CA 95113. Thanks to “Zoom” we can hold a video conference with customers, business partners, clients and even employees very easily and without installing any software. In this privacy policy, we go into more detail about the service and inform you about the most important aspects relevant to data protection.
Zoom is one of the world’s most popular video conferencing solutions. With the “Zoom Meetings” service, for example, we can hold an online video conference with you, but also with employees or other users via a digital conference room. This makes it very easy for us to get in touch digitally, exchange ideas on various topics, send text messages or even talk on the phone. Furthermore, you can also share the screen, exchange files and use a whiteboard via Zoom.
When you use Zoom, data is also collected from you to enable Zoom to provide its services. On the one hand, this is data that you consciously make available to the company. This includes, for example, name, telephone number or your e-mail address. However, data is also automatically transmitted to Zoom and stored. This includes, for example, technical data of your browser or your IP address.
If you provide data such as your name, your user name, your e-mail address or your telephone number, this data will be stored by Zoom. Content that you upload while using Zoom is also saved. This includes, for example, files or chat logs.
The technical data that Zoom automatically stores includes the IP address already mentioned above, as well as the MAC address, other device IDs, device type, which operating system you use, which client you use, camera type, microphone type, and speaker type. Your approximate location is also determined and stored. Furthermore, Zoom also stores information about how you use the service. So, for example, whether you “zoom in” via desktop or smartphone, whether you use a phone call or VoIP, whether you participate with or without video, or whether you request a password. Zoom also records so-called metadata such as duration of the meeting/call, start and end of meeting participation, meeting name and chat status.
Zoom mentions in its own privacy policy that the company does not use advertising cookies or tracking technologies for your services. Only on the company’s own marketing websites, such as https://explore.zoom.us/docs/de-de/home.html, are these tracking methods used. Zoom does not resell personal data or use it for advertising purposes.
Zoom does not disclose a specific time frame in this regard, but emphasizes that the collected data will be stored for as long as it is necessary to provide the services or for its own purposes. Data is only stored for longer if this is required for legal reasons.
Basically, Zoom stores the data it collects on U.S. servers, but data can arrive at different data centers around the world.
If you do not want data to be saved during the Zoom meeting, you will have to forgo the meeting. However, you always have the right and the possibility to have all your personal data deleted. If you have a Zoom account, please visit https://support.zoom.us/hc/en-us/articles/201363243-How-Do-I-Delete-Terminate-My-Account for instructions on how to delete your account.
Please note that when using this tool, data from you may also be stored and processed outside the EU. Most third countries (including the USA) are not considered secure under current European data protection law. So data may not simply be transferred to, stored in, and processed in insecure third countries unless there are appropriate safeguards (such as EU standard contractual clauses) between us and the non-European service provider.
If you have consented that data of you can be processed and stored by the video or streaming solution, this consent is considered the legal basis of the data processing (Art. 6 para. 1 lit. a DSGVO). In addition, we may also offer a video conference as part of our services if this has been contractually agreed with you in advance (Art. 6 para. 1 lit. b DSGVO). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners, but only if you have at least consented.
Zoom also processes data from you in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may be accompanied by various risks to the lawfulness and security of data processing.
Zoom uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO) as the basis for data processing for recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries (such as the USA). Through these clauses, Zoom undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
For more information, visit https://explore.zoom.us/de/privacy/?tid=312271331.
In accordance with Article 28 of the General Data Protection Regulation (GDPR), we have concluded an order processing agreement (OPA) with Zoom.
This contract is required by law because Zoom processes personal data on our behalf. This clarifies that Zoom may only process data they receive from us in accordance with our instructions and must comply with the GDPR. The link to the order processing agreement (AVV) can be found at https://explore.zoom.us/docs/doc/Zoom_GLOBAL_DPA.pdf.
Google customer review
We also use the Google Customer Reviews rating platform for our website. The service provider is the American company Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.
Google also processes data from you in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may be accompanied by various risks to the lawfulness and security of data processing.
Google uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO) as the basis for data processing for recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries (such as the USA). Through these clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
The data processing terms for Google advertising products (Google Ads Controller Data Protection Terms), which refer to the standard contractual clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.
You can learn more about the data processed through the use of Google in the privacy policy at https://policies.google.com/privacy?hl=de.
9. application
We also offer you the opportunity on our website to apply for jobs and send us your application by e-mail or post.
When you send us your application, we will process the information that you provide to us as part of the application (e.g. the e-mail address if you send us your application by e-mail).
If you send us your application electronically, we process your e-mail address in order to process the application and to be able to contact the applicant in order to respond to the request. In the case of postal delivery, we process the data provided by you. The purpose of processing the personal data resulting from the application documents sent by you is to be able to identify a suitable applicant.
The legal basis for the processing of your e-mail address is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is to offer you the possibility to contact us at any time and to be able to answer your inquiries. The legal basis for the processing of personal data resulting from the application is Art. 6 para. 1 lit. b), Art. 88 para. 1 DSGVO, § 26 para. 1 BDSG-new.
The application e-mail and the documents sent will be kept until a decision has been made for or against the applicant and will then be deleted. If you have sent us your application documents by mail, we will return your submitted application documents to you after the application process has been completed.
The provision of personal data is required for the submission of an application. Failure to do so will result in our inability to process and consider your application.
- Data subject rights
You have the right:
- to request information about your personal data processed by us in accordance with Art. 15 DSGVO. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
- in accordance with Art. 16 DSGVO to immediately demand the correction of incorrect or completion of your personal data stored by us;
- pursuant to Art. 17 DSGVO to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
- to request the restriction of the processing of your personal data in accordance with Art. 18 DSGVO, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 DSGVO;
- pursuant to Art. 20 DSGVO to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller;
- according to Art. 7 par. 3 DSGVO to revoke your consent once given to us at any time. This has the consequence that we may no longer continue the data processing that was based on this consent for the future, and
complain to a supervisory authority in accordance with Art. 77 DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office for this purpose.
11. right of objection
If your personal data is collected on the basis of legitimate interests pursuant to Art. 6 para. 1 p. 1 lit. f DSGVO, you have the right to object to the processing of your personal data in accordance with Art. 21 DSGVO, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation.
If you wish to exercise your right of revocation or objection, simply send an e-mail to info@rehkatsch.de.
12. data security
Within the website visit, we use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
13. up-to-dateness and modification of this privacy policy
This privacy policy is currently valid and has the status June 2023.
Due to the further development of our website and offers on it or due to changed legal or regulatory requirements, it may become necessary to change this privacy policy. You can access and print out the current data protection declaration at any time on the website at https://rehkatsch.de/datenschutzerklaerung/.