1. Types of data and affected persons

a. Types of processed data:

• Metadata / communication data (such as IP addresses)
• User-related data (such as names and addresses)
• Contact data (such as email addresses)
• Content data (such as text input)

b. Categories of affected persons

• Visitors to our website

2. Legal basis of data gathering

a. Visiting the website without entering any data

A number of different forms of data are gathered automatically when you visit the website. This mainly comprises technical data (e.g. browser type, type of operating system and time of site visit). This data is gathered automatically as soon as you enter our website and is required to establish a connection between you and our website. This gathering of data takes place on the basis of our legitimate interest (Article 6 (1) (f) GDPR).

b. Use of the contact form

Your data is also collected when you use our contact and/or order forms. This takes place on the basis of your consent (Article 6 (1) (a) GDPR) or, with regard to mandatory information, for the purposes of establishing contact prior to entering into a contract or providing the desired information (Article 6 (1) (b) GDPR). In respect of the fact that our products and services are solely aimed at commercial entities, the company name is also gathered on the basis of our legitimate interest (Article 6 (1) (f) GDPR).

After you use the contact and/or order forms, we only gather, process and use the personal data you have entered on the form to the extent required to substantiate, structure or amend our contract with you (user-related data). We only gather, process and use personal data relating to the use of our website (usage data) to the extent necessary to allow you to use our services. User-related and usage data is used for the performance of a contract or in order to take steps prior to entering into a contract (Article 6 (1) (b) GDPR).

Data that users can enter in the contact form or elsewhere on a voluntary basis is labelled as such. This data is gathered on the basis of your consent (Article 6 (1) (a) GDPR).

c. Use of password-protected area

When users access the password-protected area of our website, we gather data to perform a subsequent service (Article 6 (1) (b) GDPR) and, with regard to login attempts, to ensure IT system security on the basis of our legitimate interest (Article 6 (1) (f) GDPR).

d. Transfer to third parties

We always request your permission before transferring data to third parties (companies) (Article 6 (1) (a) GDPR).

e. Analysis software

We use the Matomo analysis software as part of our website (Article 6 (1) (f) GDPR) on the basis of our legitimate interest in the analysis, optimisation and efficient operation of our website.

3. Data retention

We only retain your data for the necessary period of time or rather in accordance with legal requirements (Articles 17 and 18 GDPR).

4. Access to personal data

You have the right to receive information regarding the origin, recipients and purpose of the personal data stored in relation to you at any time free of charge (Article 13 (2) (b) GDPR).

You also have the right to request that data be corrected, blocked or erased (Article 13 (2) (b) GDPR). You may also revoke your consent to the gathering of data subject to your consent at any time (Article 13 (2) (b) GDPR).

You can contact us at any time via our contact form. Please use the reference "data protection" if you have questions concerning our data protection policy. In addition, you also have the right to submit a complaint to the responsible regulatory authority (Article 13 (2) (d) GDPR).

5. Data portability

You have the right to access the data that we automatically process on the basis of your consent or in the performance of a contract or have it transferred to a third party in a common machine-readable format. If you request the direct transfer of data to another responsible party, this only takes place to the extent that is technically possible (Article 20 GDPR).

6. Cooperation with processors and third parties

If we disclose, transfer or otherwise grant access to data to other persons and/or companies, such as data processors or third parties, this only takes place

• to the extent permitted by law
• with your consent
• if we are required to do so by law or
• on the basis of our legitimate interests.

If we assign third parties with the task of processing data on the basis of a processor contract, data is transferred on the basis of Article 28 GDPR.

7. Protecting data from website visitors

We use safeguards such as the HTTPS protocol to protect your personal data. We regularly review our systems to identify any potential vulnerabilities. In spite of this, we are not able to guarantee that data will not be accessed, disclosed, amended or destroyed as a result of our security systems being breached.

1. Visiting our website without entering any data

Our IT systems automatically gather a number of different forms of data when you visit the website. This mainly comprises technical data (e.g. browser type, type of operating system and time of site visit). This data is gathered automatically as soon as you visit our website. Some of this data is gathered to enable the website to function without issue. Other data may be used to analyse your browsing activity. We do not combine this data with your personal data. This technical data remains anonymous.

2. Data when using a password-protected area

We offer visitors to our website who have a commercial relationship with our company the opportunity to use a password-protected area of the website. This requires the disclosure of personal data such as full name, email address and password. In addition, during their active use of the password-protected area users must agree that a cookies is being stored on their device. This is a small text file that is used to authenticate the user against our system. Upon logout, the cookie is deleted from the users device. Recent log-in attempts are logged to ensure that the account is not being used unlawfully by third parties.

3. Data when using the contact form

We offer visitors to our website who wish to contact us the opportunity to use the contact form. The form requires the disclosure of personal data such as the user’s full name, email address, telephone number or also the company name. This data is not published and only serves the purpose of communication between you and our company or the sending of the requested information.

Unsere Dienste auf unserem Webauftritt sind dynamisch und wir führen von Zeit zu Zeit neue Funktionen ein. Daher kann es sein, dass neue Informationen erfasst werden müssen. Wenn wir neue persönliche Daten erfassen oder wesentlich ändern, wie wir Ihre Daten verwenden, benachrichtigen wir Sie und modifizieren – sofern notwendig – auch diese Datenschutzrichtlinie.