imprint

Introduction and Overview

We have drawn up this privacy policy (version 11.09.2025-123054147) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (hereinafter referred to as "data") we as the controller – and the processors commissioned by us (e.g., providers) – process and will process in the future, and what legal options you have. The terms used are to be understood as gender-neutral.
In short: We provide you with comprehensive information about the data we process about you.

Data protection declarations usually sound very technical and use legal jargon. This data protection declaration, on the other hand, is intended to describe the most important things to you as simply and transparently as possible. Wherever it promotes transparency, technical terms are explained in a reader-friendly manner , links to further information are provided, and graphics are used. We are thus informing you in clear and simple language that we only process personal data in the context of our business activities if there is a corresponding legal basis. This is certainly not possible if you give explanations that are as brief, unclear, and legal-technical as possible, as is often the case on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative and that you may find some information in there that you were not aware of.
If you still have any questions, we would like to ask you to contact the responsible body named below or in the imprint, follow the links provided, and look at further information on third-party websites. You can of course also find our contact details in the imprint.

scope

This privacy policy applies to all personal data processed by us within the company and to all personal data processed by companies commissioned by us (contract processors). By personal data, we mean information within the meaning of Art. 4 No. 1 GDPR, such as a person's name, email address, and postal address. The processing of personal data ensures that we can offer and bill our services and products, whether online or offline. The scope of this privacy policy includes:

• all online presences (websites, online shops) that we operate
• Social media presence and email communication
• mobile apps for smartphones and other devices

In short: This privacy policy applies to all areas in which personal data is processed in a structured manner within the company via the aforementioned channels. Should we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.

Legal basis

In the following privacy policy, we provide you with transparent information on the legal principles and regulations, i.e., the legal bases of the General Data Protection Regulation, that allow us to process personal data.
Regarding EU law, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. You can, of course, read this EU General Data Protection Regulation online on EUR-Lex, the gateway to EU law, at https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=celex%3A32016R0679 .

We only process your data if at least one of the following conditions applies:

1. Consent (Article 6 (1) (a) GDPR): You have given us your consent to process data for a specific purpose. An example would be storing the data you entered in a contact form.
2. Contract (Article 6 (1) (b) GDPR): We process your data to fulfill a contract or pre-contractual obligations with you. For example, if we conclude a purchase agreement with you, we require personal information in advance.
3. Legal obligation (Article 6 (1) (c) GDPR): We process your data if we are subject to a legal obligation. For example, we are legally obligated to retain invoices for accounting purposes. These usually contain personal data.
4. Legitimate interests (Article 6 (1) (f) GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to operate our website securely and economically efficiently. This processing therefore constitutes a legitimate interest.

We generally do not apply other conditions, such as the processing of recordings in the public interest, the exercise of official authority, or the protection of vital interests. Should such a legal basis be applicable, it will be indicated at the appropriate point.

In addition to the EU regulation, national laws also apply:

• In Austria this is the Federal Act on the Protection of Natural Persons with regard to the Processing of Personal Data ( Data Protection Act ), or DSG .
• In Germany, Federal Data Protection Act ( BDSG) applies .

If other regional or national laws apply, we will inform you about them in the following sections.

Storage period

Our general principle is that we only store personal data for as long as it is absolutely necessary to provide our services and products. This means that we delete personal data as soon as the reason for processing it no longer exists. In some cases, we are legally obligated to retain certain data even after the original purpose no longer applies, for example, for accounting purposes.

If you wish to have your data deleted or withdraw your consent to data processing, the data will be deleted as quickly as possible and unless there is an obligation to store it.

We will inform you below about the specific duration of the respective data processing, provided we have further information on this.

Rights under the General Data Protection Regulation

In accordance with Articles 13 and 14 of the GDPR, we inform you of the following rights to which you are entitled to ensure fair and transparent data processing:

• According to Article 15 of the GDPR, you have the right to information about whether we process your data. If so, you have the right to receive a copy of the data and the following information:
  • for what purpose we carry out the processing;
  • the categories, i.e. the types of data that are processed;
  • who receives this data and, if the data is transferred to third countries, how security can be guaranteed;
  • how long the data is stored;
  • the existence of the right to rectification, erasure or restriction of processing and the right to object to processing;
  • that you can complain to a supervisory authority (links to these authorities can be found below);
  • the origin of the data if we did not collect it from you;
  • whether profiling is carried out, i.e. whether data is automatically evaluated to create a personal profile of you.
• According to Article 16 of the GDPR, you have the right to rectification of data, which means that we must correct data if you find any errors.
• According to Article 17 GDPR, you have the right to erasure (“right to be forgotten”), which specifically means that you can request that your data be deleted.
• According to Article 18 GDPR, you have the right to restriction of processing, which means that we may only store the data but not use it further.
• According to Article 20 GDPR, you have the right to data portability, which means that we will provide you with your data in a common format upon request.
• According to Article 21 GDPR, you have the right to object, which, once enforced, will result in a change in the processing.
  • If the processing of your data is based on Article 6 (1) (e) (public interest, exercise of official authority) or Article 6 (1) (f) (legitimate interest), you may object to the processing. We will then examine as quickly as possible whether we can legally comply with this objection.
  • If data is used for direct marketing purposes, you can object to this type of data processing at any time. We may then no longer use your data for direct marketing purposes.
  • If data is used for profiling, you can object to this type of data processing at any time. We may no longer use your data for profiling after this time.
• According to Article 22 GDPR, you may have the right not to be subjected to a decision based solely on automated processing (e.g. profiling).
• According to Article 77 of the GDPR, you have the right to lodge a complaint. This means you can lodge a complaint with the data protection authority at any time if you believe that the processing of personal data violates the GDPR.

In short: You have rights – do not hesitate to contact the responsible body listed above!

If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can file a complaint with the supervisory authority. In Austria, this is the Data Protection Authority, whose website can be found at https://www.dsb.gv.at/ . In Germany, each federal state has a data protection officer. For further information, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI) . The following local data protection authority is responsible for our company:

Austrian Data Protection Authority

Director: Dr. Matthias Schmidl
Address: Barichgasse 40-42, 1030 Vienna
Telephone number: +43 1 52 152-0
E-mail address: This email address is being protected from spambots. JavaScript must be enabled to view it.
Website: https://www.dsb.gv.at/

Security of data processing

To protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymize personal data. This makes it as difficult as possible for third parties to derive personal information from our data.

Article 25 of the GDPR refers to "data protection through design and through data protection-friendly default settings," meaning that security must always be considered and appropriate measures implemented, both in software (e.g., forms) and hardware (e.g., access to the server room). Below, we will discuss specific measures where necessary.

TLS encryption with https

TLS, encryption, and https sound very technical, and they are. We use HTTPS (Hypertext Transfer Protocol Secure) to securely transmit data over the internet.
This means that the entire transmission of all data from your browser to our web server is secure—no one can eavesdrop.

We have thus introduced an additional security layer and comply with data protection by design ( Article 25, Paragraph 1 GDPR ). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission over the Internet, we can ensure the protection of confidential data.
You can recognize the use of this data transmission security by the small lock symbol in the top left of the browser, to the left of the Internet address (e.g., examplesite.de), and the use of the https scheme (instead of http) as part of our Internet address.
If you would like to learn more about encryption, we recommend doing a Google search for "Hypertext Transfer Protocol Secure wiki" to find good links to further information.

communication

If you contact us and communicate by phone, email or online form, personal data may be processed.

The data will be processed for the purpose of handling and processing your inquiry and the related business transaction. The data will be stored for as long as required by law.

Affected persons

The above-mentioned processes affect everyone who contacts us via the communication channels we provide.

Phone

When you call us, the call data is stored pseudonymously on the respective device and by the telecommunications provider used. Furthermore, data such as name and telephone number may subsequently be sent via email and stored for the purpose of responding to your inquiry. The data will be deleted as soon as the transaction is completed and legal requirements permit.

E-Mail

If you communicate with us via email, data may be stored on your device (computer, laptop, smartphone, etc.) and stored on the email server. The data will be deleted as soon as the transaction is completed and legal requirements permit.

Online forms

If you communicate with us via an online form, data will be stored on our web server and, if applicable, forwarded to an email address provided by us. The data will be deleted as soon as the transaction is completed and legal requirements permit.

Legal basis

The processing of data is based on the following legal bases:

• Art. 6 (1) (a) GDPR (consent): You give us your consent to store your data and to use it further for the purposes related to the business case;
• Art. 6 (1) (b) GDPR (contract): There is a need to fulfil a contract with you or a processor such as the telephone provider or we have to process the data for pre-contractual activities, such as preparing an offer;
• Art. 6 (1) (f) GDPR (Legitimate Interests): We want to handle customer inquiries and business communications in a professional manner. To enable efficient communication, certain technical facilities, such as email programs, Exchange servers, and mobile operators, are necessary.

Cookies

What are cookies?

Our website uses HTTP cookies to store user-specific data.
Below, we explain what cookies are and why they are used to help you better understand our privacy policy.

Whenever you surf the internet, you use a browser. Common browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing is undeniable: cookies are truly useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are other cookies for other purposes as well. HTTP cookies are small files that our website stores on your computer. These cookie files are automatically stored in the cookie folder, the "brain" of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data about you, such as language or personal site settings. When you visit our site again, your browser transmits the "user-related" information back to our site. Thanks to cookies, our website knows who you are and offers you the settings you are used to. In some browsers, each cookie has its own file; in others, such as Firefox, all cookies are stored in a single file.

The following graphic shows a possible interaction between a web browser, such as Chrome, and the web server. The web browser requests a website and receives a cookie from the server, which the browser reuses whenever another page is requested.

There are both first-party and third-party cookies. First-party cookies are created directly by our site, while third-party cookies are created by partner websites (e.g., Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies, from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans, or other "malware." Cookies also cannot access information on your PC.

For example, cookie data can look like this:

Name: _ga
Value: GA1.2.1326744211.152123054147-9
Purpose: Differentiation of website visitors
Expiry date: after 2 years

A browser should be able to support these minimum sizes:

• At least 4096 bytes per cookie
• At least 50 cookies per domain
• At least 3000 cookies in total

What types of cookies are there?

The specific cookies we use depend on the services used and are explained in the following sections of this privacy policy. At this point, we would like to briefly discuss the different types of HTTP cookies.

There are four types of cookies:

Essential cookies
These cookies are necessary to ensure basic website functionality. For example, these cookies are needed when a user adds a product to their shopping cart, then continues browsing to other pages and only proceeds to checkout later. These cookies ensure that the shopping cart is not deleted even when the user closes their browser window.

Functional cookies
These cookies collect information about user behavior and whether the user receives any error messages. These cookies also measure the loading time and behavior of the website in different browsers.

Targeted cookies:
These cookies improve the user experience. For example, they store entered locations, font sizes, or form data.

Advertising cookies:
These cookies are also called targeting cookies. They are used to deliver customized advertising to the user. This can be very useful, but also very annoying.

Typically, when you first visit a website, you'll be asked which of these cookie types you'd like to allow. And, of course, this decision will also be saved in a cookie.

If you would like to know more about cookies and are not afraid of technical documentation, we recommend https://datatracker.ietf.org/doc/html/rfc6265 , the Internet Engineering Task Force (IETF) Request for Comments called “HTTP State Management Mechanism”.

Purpose of processing via cookies

The purpose ultimately depends on the cookie in question. You can find more details below or contact the manufacturer of the software that sets the cookie.

What data is processed?

Cookies are small helpers for a variety of tasks. Unfortunately, it's not possible to generalize what data is stored in cookies, but we will inform you about the data processed and stored in the following privacy policy.

Storage duration of cookies

The storage period depends on the respective cookie and is further specified below. Some cookies are deleted after less than an hour, while others can remain stored on a computer for several years.

You also have control over the storage period. You can manually delete all cookies via your browser at any time (see also "Right of Objection" below). Furthermore, cookies based on consent will be deleted at the latest after you revoke your consent, although the legality of their storage remains unaffected until then.

Right of objection – how can I delete cookies?

You decide how and whether you want to use cookies. Regardless of the service or website from which the cookies originate, you always have the option to delete, deactivate, or only partially accept cookies. For example, you can block third-party cookies but allow all other cookies.

If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, enable, and manage cookies in Chrome

Safari: Managing cookies and website data with Safari

Firefox: Clear cookies to remove data that websites have stored on your computer

Internet Explorer: Deleting and managing cookies

Microsoft Edge: Delete and manage cookies

If you don't want cookies at all, you can set your browser to always notify you when a cookie is about to be set. This allows you to decide for each individual cookie whether or not to accept it. The process varies depending on your browser. The best way to find instructions is to search for "delete cookies in Chrome" or "disable cookies in Chrome" in the case of a Chrome browser.

Legal basis

The so-called "Cookie Directive" has been in place since 2009. It stipulates that the storage of cookies consent (Article 6 (1) (a) GDPR). However, reactions to these guidelines vary greatly within the EU countries. In Austria, however, this directive was implemented in Section 165 (3) of the Telecommunications Act (2021). In Germany, the Cookie Directive was not implemented as national law. Instead, this directive was largely implemented in Section 15 (3) of the Telemedia Act (TMG), which was replaced by the Digital Services Act (DDG) in May 2024.

For strictly necessary cookies, even if consent is not given, legitimate interests (Article 6 (1) (f) GDPR), which in most cases are of an economic nature. We want to provide website visitors with a pleasant user experience, and for this, certain cookies are often absolutely necessary.

If non-essential cookies are used, this only happens with your consent. The legal basis for this is Art. 6 (1) (a) GDPR.

In the following sections you will be informed in more detail about the use of cookies, if the software used uses cookies.

Application data

What are application data?

You can apply for a position at our company via email, online form, or through a recruiting tool. All data we receive and process from you as part of an application counts as application data. In doing so, you always disclose personal information such as your name, date of birth, address, and telephone number.

Why do we process application data?

We process your data so that we can conduct a proper selection process for the advertised position. We are also happy to keep your application documents in our application archive. Often, for a variety of reasons, a collaboration for the advertised position doesn't work out, but we are impressed by you and your application and can very well imagine working together in the future. If you give us your consent, we will archive your documents so that we can easily contact you about future opportunities within our company.

We guarantee that we will handle your data with the utmost care and always process it within the legal framework. Within our company, your data will only be shared with people who are directly involved with your application. In short: Your data is safe with us!

What data is processed?

For example, if you apply to us by email, we will of course also receive personal data, as mentioned above. Even your email address is considered personal data. However, during the application process, we only process data that is relevant to our decision as to whether or not we want to welcome you to our team.

Exactly which data is processed depends primarily on the job posting. However, this usually includes name, date of birth, contact details, and proof of qualifications. If you submit your application via an online form, the data will be transmitted to us in encrypted form. If you send us your application by email, this encryption will not take place. We therefore cannot accept any responsibility for the method of transmission. However, once the data is on our servers, we are responsible for its lawful handling.

During an application process, in addition to the data listed above, information about your health or ethnic origin may be requested so that we and you can exercise your rights related to employment law, social security, and social protection, while simultaneously fulfilling your corresponding obligations. This data constitutes special category data.

Here is a list of possible data that we receive and process from you:

• name
• Contact address
• E-mail address
• Telephone number
• birth date
• Information provided in the cover letter and CV
• Proof of qualifications (e.g.) certificates
• Special category data (e.g. ethnic origin, health data, religious beliefs)
• Usage data (websites visited, access data, etc.)
• Metadata (IP address, device information)

How long is the data stored?

If we accept you as a team member in our company, your data will be processed for the purposes of the employment relationship and retained by us at least until the employment relationship ends. All application documents will then be added to your employee file.

If we do not offer you the job, you reject our offer, or withdraw your application, we may retain your data for up to 6 months after completion of the application process based on our legitimate interest (Art. 6 (1) (f) GDPR). After that, both your electronic data and all data from physical application documents will be completely deleted or destroyed. We retain your data, for example, so that we can answer any further queries or so that we can provide evidence of your application in the event of a legal dispute. If legal proceedings arise and we may still need the data after the 6 months have expired, we will only delete the data when there is no longer any reason to retain it. If there are statutory retention periods to be fulfilled, we must generally store the data for longer than 6 months.

Furthermore, we can retain your data for longer periods if you have given specific consent. We do this, for example, if we can envision working with you in the future. In this case, it is helpful to have your data archived so that we can easily reach you. In this case, the data will be added to our applicant pool. Of course, you can revoke your consent to retain your data for a longer period at any time. If you do not revoke your consent and do not provide new consent, your data will be deleted after two years at the latest.

Legal basis

The legal basis for the processing of your data is Art. 6 (1) (a) GDPR (consent), Art. 6 (1) (b) GDPR (contract or pre-contractual measures), Art. 6 (1) (f) GDPR (legitimate interests) and Art. 9 (2) (a) GDPR (processing of special categories).

If we include you in our application tool, this is done on the basis of your consent (Art. 6 (1) (a) GDPR). Please note that your consent to our application pool is voluntary, has no influence on the application process, and you have the option to revoke your consent at any time. The legality of the processing up to the time of revocation remains unaffected.

In the case of the protection of vital interests, data processing is carried out in accordance with Art. 9 (2) (c) GDPR. For the purposes of healthcare, occupational medicine, medical diagnostics, care or treatment in the healthcare or social sector, or for the administration of healthcare or social systems and services, personal data is processed in accordance with Art. 9 (2) (h) GDPR. If you voluntarily provide special category data, processing is carried out on the basis of Art. 9 (2) (a) GDPR.

Contact form

What is a contact form?

A contact form is a web form that you can fill out on our website to easily get in touch with us. Personal data such as your name, email address, and message are usually transmitted to us. This information helps us process your inquiries specifically and get in touch with you.

Why do we use a contact form?

We offer a contact form so you can communicate with us quickly and easily. Whether you have questions about our services, feedback, or other concerns, you can reach us directly using the contact form. We will use the data you enter exclusively to process your request and to contact you. If the contact results in further steps, such as a quote or a contractual relationship, we will also use the data for this purpose.

What data is processed?

Which data is processed depends on the information you provide in the contact form. Typically, this includes:

• name
• E-mail address
• Telephone number (optional)
• Content of the message
• Date and time of transmission
• IP address and technical metadata (for security and traceability)

This information helps us to better classify and answer your request.

How long is the data stored?

We only store data from the contact form for as long as necessary to process your request. If a business relationship arises, the corresponding retention periods apply as for customer data. In special cases (e.g., legal disputes), longer retention periods may apply. Of course, we will not share your data with third parties without your consent.

Legal basis

The legal basis for processing your data via the contact form is Art. 6 (1) (a) GDPR (consent - by submitting the form), Art. 6 (1) (b) GDPR (pre-contractual measures), and Art. 6 (1) (f) GDPR (legitimate interest - efficient communication and organization of inquiries). If you voluntarily provide special categories of personal data, the processing will be carried out in accordance with Art. 9 (2) (a) GDPR (consent).

Webhosting Introduction

What is web hosting?

When you visit websites these days, certain information—including personal data—is automatically created and stored, including on this website. This data should be processed as sparingly as possible and only with justification. By "website," we mean the entirety of all web pages on a domain, i.e., everything from the home page to the very last subpage (like this one). By "domain," we mean, for example, example.de or sampleexample.com.

If you want to view a website on a computer, tablet, or smartphone, you use a program called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari. We simply refer to them as "browsers" or "web browsers."

To display the website, the browser must connect to another computer where the website's code is stored: the web server. Operating a web server is a complex and time-consuming task, which is why it's usually handled by professional providers. They offer web hosting and thus ensure reliable and error-free storage of website data. A lot of technical terms, but please stay tuned, it gets even better!

When the browser connects to your computer (desktop, laptop, tablet, or smartphone) and during data transfer to and from the web server, personal data may be processed. On the one hand, your computer stores data, and on the other hand, the web server must also store data for a period of time to ensure proper operation.

A picture is worth a thousand words, so the following graphic illustrates the interaction between the browser, the Internet and the hosting provider.

Why do we process personal data?

The purposes of data processing are:

1. Professional website hosting and operational security
2. to maintain operational and IT security
3. Anonymous evaluation of access behavior to improve our service and, if necessary, for criminal prosecution or the pursuit of claims

What data is processed?

Even while you are currently visiting our website, our web server, which is the computer on which this website is stored, usually automatically saves data such as

• the complete Internet address (URL) of the website accessed
• Browser and browser version (e.g. Chrome 87)
• the operating system used (e.g. Windows 10)
• the address (URL) of the previously visited page (referrer URL) (e.g. https://www.beispielquellsite.de/vondabinichgekommen/ )
• the hostname and IP address of the device from which access is made (e.g. COMPUTERNAME and 194.23.43.121)
• Date and time
• in files, the so-called web server log files

How long is data stored?

As a rule, the above-mentioned data is stored for two weeks and then automatically deleted. We do not share this data, but cannot rule out the possibility that it may be viewed by authorities in the event of illegal activity.

In short: Your visit is logged by our provider (the company that runs our website on special computers (servers)), but we do not share your data without your consent!

Legal basis

The legality of the processing of personal data within the framework of web hosting arises from Art. 6 (1) (f) GDPR (protection of legitimate interests), because the use of professional hosting with a provider is necessary in order to present the company securely and user-friendly on the Internet and to be able to pursue attacks and claims arising from this if necessary.

As a rule, there is a contract for order processing between us and the hosting provider in accordance with Art. 28 f. GDPR, which ensures compliance with data protection and guarantees data security.

Plesk Obsidian Privacy Policy

We use the Plesk Obsidian web server distribution for our website. This is a server administration tool from the Swiss company Plesk International GmbH, Vordergasse 59, 8200 Schaffhausen, Switzerland.

The EU Commission has determined, by means of an adequacy decision pursuant to Art. 45 GDPR, that Switzerland, as a third country, offers an adequate level of protection compared to the scope of the GDPR. The decision and corresponding decisions for other third countries can be found here: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de .

You can learn more about the data processed through the use of Plesk Obsidian in the privacy policy at https://www.plesk.com/legal/#privacy-policy .

Website Modular Systems Introduction

What are website builders?

We use a website builder system for our website. Builder systems are special forms of content management systems (CMS). With a builder system, website operators can create a website very easily and without any programming knowledge. Many web hosts also offer builder systems. Using a builder system may also collect, store, and process your personal data. This privacy policy provides you with general information about data processing by builder systems. Further information can be found in the provider's privacy policy.

Why do we use website builders for our website?

The biggest advantage of a modular system is its ease of use. We want to offer you a clear, simple, and well-organized website that we can easily operate and maintain ourselves—without external support. A modular system now offers many helpful features that we can use even without programming knowledge. This allows us to design our web presence according to our wishes and offer you an informative and enjoyable experience on our website.

What data is stored by a modular system?

Which data is stored depends, of course, on the website builder system used. Each provider processes and collects different types of website visitor data. However, technical usage information such as operating system, browser, screen resolution, language and keyboard settings, hosting provider, and the date of your website visit are generally collected. Tracking data (e.g., browser activity, clickstream activity, session heatmaps, etc.) may also be processed. Personal data may also be collected and stored. This usually includes contact information such as email address, telephone number (if you have provided one), IP address, and geographic location data. You can find out exactly which data is stored in the provider's privacy policy.

How long and where is the data stored?

We will inform you about the duration of data processing below in connection with the website modular system used, if we have further information about it. You can find detailed information about this in the provider's privacy policy. In general, we only process personal data for as long as it is absolutely necessary to provide our services and products. The provider may store your data according to its own specifications, over which we have no control.

Right of objection

You always have the right to access, correct, and delete your personal data. If you have any questions, you can also contact the person responsible for the website building block system you use at any time. You can find contact information either in our privacy policy or on the website of the respective provider.

You can delete, deactivate, or manage cookies that providers use for their functions in your browser. Depending on the browser you use, this works differently. Please note, however, that if you do this, not all functions may work as usual.

Legal basis

We have a legitimate interest in using a website builder system to optimize our online service and present it in an efficient and user-friendly manner. The legal basis for this is Art. 6 (1) (f) GDPR (legitimate interests). However, we only use the builder system if you have given your consent.

If the processing of data is not absolutely necessary for the operation of the website, the data will only be processed with your consent. This particularly applies to tracking activities. The legal basis in this regard is Art. 6 (1) (a) GDPR.

This privacy policy provides you with the most important general information regarding data processing. If you would like more detailed information, you can find further information – if available – in the following section or in the provider's privacy policy.

YOOtheme Privacy Policy

We use YOOtheme, a Jommla!/WordPress theme and website builder, for our website. The service provider is the German company YOOtheme GmbH, Hongkongstraße 8, 20457 Hamburg, Germany. You can learn more about the data processed through the use of YOOtheme in the privacy policy at https://yootheme.com/privacy .

Web Analytics Introduction

What is web analytics?

We use software on our website to evaluate the behavior of website visitors, known as web analytics or web analysis for short. This data is collected and stored, managed and processed by the respective analytics tool provider (also known as a tracking tool). This data is used to create analyses of user behavior on our website and make them available to us as the website operator. In addition, most tools offer various testing options. For example, we can test which offers or content are most popular with our visitors. To do this, we show you two different offers for a limited period of time. After the test (a so-called A/B test), we know which product or content our website visitors find more interesting. For such testing procedures, as for other analytics procedures, user profiles can be created and the data stored in cookies.

Why do we use web analytics?

We have a clear goal in mind with our website: to provide the best web offering on the market for our industry. To achieve this goal, we want to offer the best and most interesting offering on the market, while also ensuring that you feel completely at home on our website. With the help of web analysis tools, we can take a closer look at the behavior of our website visitors and then improve our website accordingly for you and us. For example, we can determine the average age of our visitors, where they come from, when our website is most frequently visited, or which content or products are particularly popular. All of this information helps us optimize the website and thus adapt it to your needs, interests, and wishes.

What data is processed?

Exactly which data is stored depends, of course, on the analysis tools used. However, as a general rule, we store information such as the content you view on our website, the buttons or links you click, the time you access a page, the browser you use, the device (PC, tablet, smartphone, etc.) you use to visit the website, and the computer system you use. If you have consented to the collection of location data, this may also be processed by the web analysis tool provider.

Your IP address is also stored. According to the General Data Protection Regulation (GDPR), IP addresses are personal data. However, your IP address is generally stored pseudonymously (i.e., in an unrecognizable and abbreviated form). For the purposes of testing, web analysis, and web optimization, no direct data such as your name, age, address, or email address is stored. All of this data, if collected, is stored pseudonymously. This means that you cannot be identified as an individual.

The following example shows schematically how Google Analytics works as an example of client-based web tracking with JavaScript code.

How long the respective data is stored always depends on the provider. Some cookies only store data for a few minutes or until you leave the website again; other cookies can store data for several years.

Duration of data processing

We will inform you below about the duration of data processing, as soon as we have further information. Generally, we only process personal data for as long as it is absolutely necessary to provide our services and products. If required by law, such as in the case of accounting, this retention period may be exceeded.

Right of objection

You also have the right and option to revoke your consent to the use of cookies or third-party services at any time. This can be done either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection through cookies by managing, deactivating, or deleting cookies in your browser.

Legal basis

The use of web analytics requires your consent, which we have obtained through our cookie popup. According to Art. 6 (1) (a) GDPR (consent), constitutes the legal basis for the processing of personal data, as may occur when collected through web analytics tools.

In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors and thus improving our offering technically and economically. Web analytics helps us detect website errors, identify attacks, and improve efficiency. The legal basis for this is Art. 6 (1) (f) GDPR (legitimate interests) . However, we only use these tools if you have given your consent.

Since web analytics tools use cookies, we also recommend reading our general privacy policy on cookies. To learn exactly which of your data is stored and processed, you should read the privacy policies of the respective tools.

Information on specific web analytics tools, if available, can be found in the following sections.

GoSquared Analytics Privacy Policy

What is GoSquared Analytics?

We use GoSquared Analytics, a website analytics software, on our website. The service provider is the British company Go Squared Ltd, 3 Barn Hawe, High Street, Edenbridge, Kent, United Kingdom.

GoSquared Analytics was founded in 2006 with the goal of offering a simpler alternative to Google Analytics. GoSquared Analytics is also a software that collects and evaluates data about your actions on our website. At GoSquared, data collection occurs in real time. We receive direct analysis reports on how you use our website, allowing us to continually tailor our offerings to your needs. In this privacy policy, we go into more detail about the analytics tool and, above all, show you what data is stored, when, how, and where.

Why do we use GoSquared Analytics?

We use this software tool to improve the quality of our website and our offerings. Our goal is to provide you with the best possible service. We want you to feel comfortable on our website and get exactly what you expect. To achieve this, we naturally need to tailor our offerings to your wishes and requirements as closely as possible. The data also helps us implement our online marketing and advertising measures more cost-effectively and individually. After all, we only want to show our offerings to people who are truly interested.

What data does GoSquared Analytics store?

GoSquared Analytics is an analytics tool that can measure and analyze the performance of our website and online campaigns. Among other things, the software uses cookies to collect data about how long you spend on our website, how many users visit our website, and where you came from. We also receive detailed evaluations of visitor behavior on our website. For example, we can find out which buttons you like to click or which subpages you like and which you tend to avoid. In addition, your IP address, location data, device type, and operating system are stored and processed. Through real-time analysis, the software provides current information about visitor behavior. Exactly which data is processed also depends on the individual settings in the tool.

How long and where is the data stored?

The data may also be transferred to servers in the USA, i.e., outside the European Economic Area (EEA). However, GoSquared maintains that appropriate security procedures are in place to protect your personal data. Generally, GoSquared stores data for as long as required for business purposes and as long as GoSquared is contractually and legally obligated to do so. Unfortunately, we cannot provide precise retention periods at this point, as these also depend on individual configurations.

How can I delete my data or prevent data storage?

You have the right to access, correct, or delete your personal data, and to restrict the processing of your personal data at any time. You can also revoke your consent to the processing of your data at any time.

If you generally want to deactivate, delete or manage cookies, you will find the relevant links to the instructions for the most popular browsers in the “Cookies” section.

Legal basis

The use of GoSquared requires your consent, which we have obtained through our cookie popup. According to Art. 6 (1) (a) GDPR (consent), constitutes the legal basis for the processing of personal data, as may occur when collected through web analytics tools.

In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors and thus improving our offering technically and economically. With the help of GoSquared, we identify optimization potential of the website, can identify potential attacks, and improve its economic efficiency. The legal basis for this is Art. 6 (1) (f) GDPR (legitimate interests) . However, we only use GoSquared if you have given your consent.

With the UK's exit from the European Union, the GDPR no longer applies to data transfers there. However, the European Commission has decided, based on Article 45 GDPR, that the UK offers an adequate level of protection compared to the GDPR. Data transfers there are therefore permissible. You can view the decision here (download): https://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32021D1772

You can learn more about the data processed through the use of GoSquared Analytics in the Privacy Policy at https://www.gosquared.com/legal/privacy/ .

Audio & Video Introduction

What are audio and video elements?

We have integrated audio and video elements into our website so that you can watch videos or listen to music/podcasts directly through our website. The content is provided by service providers. All content is therefore also retrieved from the providers' respective servers.

These are integrated functional elements from platforms such as YouTube, Vimeo, or Spotify. Using these portals is generally free, but paid content may also be published. Using these integrated elements, you can listen to or watch the respective content on our website.

If you use audio or video elements on our website, your personal data may also be transmitted, processed and stored by the service providers.

Why do we use audio and video elements on our website?

Naturally, we want to provide you with the best possible service on our website. And we're aware that content is no longer conveyed solely through text and static images. Instead of simply providing you with a link to a video, we offer audio and video formats directly on our website that are entertaining or informative, or ideally even both. This expands our service and makes it easier for you to access interesting content. Therefore, in addition to our text and images, we also offer video and/or audio content.

What data is stored by audio and video elements?

When you visit a page on our website that, for example, has an embedded video, your server connects to the service provider's server. In the process, your data is also transferred to the third-party provider and stored there. Some data is collected and stored regardless of whether you have an account with the third-party provider or not. This usually includes your IP address, browser type, operating system, and other general information about your device. Furthermore, most providers also collect information about your web activity. This includes session duration, bounce rate, which button you clicked on or which website you used to access the service. All of this information is usually stored via cookies or pixel tags (also called web beacons). Pseudonymized data is usually stored in cookies in your browser. You can always find out exactly which data is stored and processed in the privacy policy of the respective provider.

Duration of data processing

You can find out exactly how long the data is stored on the third-party providers' servers either further down in the privacy policy of the respective tool or in the provider's privacy policy. As a general rule, personal data is only processed for as long as is absolutely necessary to provide our services or products. This generally also applies to third-party providers. You can usually assume that certain data will be stored on third-party servers for several years. Data can be stored for different lengths of time, especially in cookies. Some cookies are deleted as soon as you leave the website, while others can remain stored in your browser for several years.

Right of objection

You also have the right and option to revoke your consent to the use of cookies or third-party providers at any time. This can be done either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection through cookies by managing, deactivating, or deleting cookies in your browser. The legality of the processing up to the point of revocation remains unaffected.

Since the integrated audio and video features on our site usually also use cookies, you should also read our general privacy policy regarding cookies. The privacy policies of the respective third-party providers provide detailed information about how your data is handled and stored.

Legal basis

If you have consented to the processing and storage of your data through embedded audio and video elements, this consent serves as the legal basis for data processing (Art. 6 (1) (a) GDPR) . In principle, your data will also be stored and processed based on our legitimate interest (Art. 6 (1) (f) GDPR) in fast and effective communication with you or other customers and business partners. However, we only use the embedded audio and video elements if you have given your consent.

Vimeo Privacy Policy

What is Vimeo?

We also use videos from Vimeo on our website. This video portal is operated by Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA. Using a plug-in, we can display interesting video material directly on our website. Certain data may be transferred to Vimeo. This privacy policy explains what data is involved, why we use Vimeo, and how you can manage or prevent your data and data transfer.

Vimeo is a video platform founded in 2004 and offering HD video streaming since 2007. 4K Ultra HD streaming has been available since 2015. The portal is free to use, but content can also be published for a fee. Unlike market leader YouTube, Vimeo prioritizes high-quality content. The portal offers a wealth of artistic content, such as music videos and short films, as well as informative documentaries on a wide variety of topics.

Why do we use Vimeo on our website?

The goal of our website is to provide you with the best possible content, as easily accessible as possible. We are only satisfied with our service once we have achieved this. The video service Vimeo helps us achieve this goal. Vimeo offers us the opportunity to present you with high-quality content directly on our website. Instead of just providing you with a link to an interesting video, you can watch the video directly on our website. This expands our service and makes it easier for you to access interesting content. Thus, in addition to our text and images, we also offer video content.

What data is stored on Vimeo?

When you visit a page on our website that has an embedded Vimeo video, your browser connects to Vimeo's servers. This results in data being transferred. This data is collected, stored and processed on Vimeo's servers. Regardless of whether you have a Vimeo account or not, Vimeo collects data about you. This includes your IP address, technical information about your browser type, your operating system and very basic device information. Vimeo also stores information about which website you use the Vimeo service on and which actions (web activities) you perform on our website. These web activities include, for example, session duration, bounce rate or which button you clicked on our website with the built-in Vimeo function. Vimeo can track and store these actions using cookies and similar technologies.

If you are logged in as a registered Vimeo member, more data can usually be collected, as more cookies may already be set in your browser. Furthermore, your actions on our website are directly linked to your Vimeo account. To prevent this, you must log out of Vimeo while browsing our website.

Below we show you the cookies that Vimeo sets when you visit a website with integrated Vimeo functionality. This list is not exhaustive and assumes that you do not have a Vimeo account.

Name: player
Value: ""
Purpose: This cookie saves your preferences before playing an embedded Vimeo video. This ensures that your preferred settings are applied the next time you watch a Vimeo video.
Expiry date: after one year

Name : vuid
Value: pl1046149876.614422590123054147-4
Purpose: This cookie collects information about your actions on websites that have embedded Vimeo videos.
Expiry date: after 2 years

Note: These two cookies are always set whenever you visit a website with an embedded Vimeo video. If you watch the video and click the button, for example, to "share" or "like" the video, additional cookies are set. These include third-party cookies such as _ga or _gat_UA-76641-8 from Google Analytics or _fbp from Facebook. Which cookies are set here depends on your interaction with the video.

The following list shows a selection of possible cookies that are set when you interact with the Vimeo video:

Name: _abexps
Value: %5B%5D
Purpose: This Vimeo cookie helps Vimeo remember the settings you have chosen. These can be, for example, a preset language, region, or user name. In general, the cookie stores data about how you use Vimeo.
Expiry date: after one year

Name: continuous_play_v3
Value: 1
Purpose: This cookie is a first-party cookie from Vimeo. The cookie collects information about how you use the Vimeo service. For example, the cookie stores when you pause or play a video.
Expiry date: after one year

Name: _ga
Value: GA1.2.1522249635.1578401280123054147-7
Purpose: This cookie is a third-party cookie from Google. By default, analytics.js uses the _ga cookie to store the user ID. It is generally used to distinguish between website visitors.
Expiry date: after 2 years

Name: _gcl_au
Value: 1.1.770887836.1578401279123054147-3
Purpose: This third-party cookie from Google AdSense is used to improve the efficiency of advertisements on websites.
Expiry date: after 3 months

Name: _fbp
Value: fb.1.1578401280585.310434968
Purpose: This is a Facebook cookie. This cookie is used to display ads or advertising products from Facebook or other advertisers.
Expiry date: after 3 months

Vimeo uses this data, among other things, to improve its own service, to communicate with you, and to implement its own targeted advertising measures. Vimeo emphasizes on its website that only first-party cookies (i.e., cookies from Vimeo itself) are used for embedded videos as long as you do not interact with the video.

How long and where is the data stored?

Vimeo is headquartered in White Plains, New York (USA). However, its services are offered worldwide. The company uses computer systems, databases, and servers in the USA and other countries. Your data may therefore also be stored and processed on servers in America. Vimeo stores the data until the company no longer has a commercial reason to store it. At that time, the data is deleted or anonymized.

How can I delete my data or prevent data storage?

You always have the option to manage cookies in your browser according to your preferences. For example, if you do not want Vimeo to set cookies and thus collect information about you, you can delete or deactivate cookies at any time in your browser settings. This works slightly differently depending on the browser. Please note that after deactivating/deleting cookies, certain functions may no longer be fully available. You will find the relevant links to the respective instructions for the most popular browsers under the "Cookies" section.

If you are a registered Vimeo member, you can also manage the cookies used in the Vimeo settings.

Legal basis

If you have consented to your data being processed and stored through embedded Vimeo elements, this consent serves as the legal basis for data processing (Art. 6 (1) (a) GDPR) . In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 (1) (f) GDPR) in fast and effective communication with you or other customers and business partners. However, we only use the embedded Vimeo elements if you have given your consent. Vimeo also sets cookies in your browser to store data. We therefore recommend that you read our privacy policy on cookies carefully and view the privacy policy or cookie guidelines of the respective service provider.

Vimeo processes your data, among other places, in the USA. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may entail various risks to the legality and security of data processing.

Vimeo uses so-called standard contractual clauses (= Art. 46 (2) and (3) GDPR) as the basis for data processing with recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, and therefore in particular in the USA) or for data transfers there. Standard contractual clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries (such as the USA). Through these clauses, Vimeo undertakes to comply with European data protection standards when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

More information about Vimeo’s standard contractual clauses can be found at https://vimeo.com/privacy#international_data_transfers_and_certain_user_rights .

You can find out more about the use of cookies at Vimeo at https://vimeo.com/cookie_policy , and information about data protection at Vimeo at https://vimeo.com/privacy .

YouTube IFrame Player Privacy Policy

We also use the YouTube IFrame Player to embed videos on our website. This service provider is the American company Google Inc. For the European region, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all Google services.

Google processes your data, among other places, in the USA. YouTube and Google are active participants in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the USA. Further information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en .

In addition, Google uses so-called standard contractual clauses (= Art. 46 (2) and (3) GDPR). Standard contractual clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the standard contractual clauses, Google undertakes to comply with European data protection standards when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Processing Terms, which refer to the standard contractual clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/ .

You can find out more about the data processed through the use of the YouTube IFrame Player in the Privacy Policy at https://policies.google.com/privacy?hl=de .

Web design introduction

What is web design?

We use various tools on our website to support our web design. Web design is not, as is often assumed, just about making our website look pretty, but also about functionality and performance. But of course, the right look and feel for a website is also one of the major goals of professional web design. Web design is a sub-area of ​​media design and deals with the visual, structural, and functional design of a website. The goal is to use web design to improve your experience on our website. In web design jargon, this is referred to as user experience (UX) and usability. User experience refers to all the impressions and experiences that website visitors have on a website. A sub-section of user experience is usability. This refers to the user-friendliness of a website. We place particular emphasis on ensuring that content, subpages, and products are clearly structured and that you can find what you're looking for quickly and easily. To offer you the best possible experience on our website, we also use so-called third-party web design tools. In this privacy policy, the category "web design" includes all services that enhance the design of our website. These could include, for example, fonts, various plugins, or other integrated web design features.

Why do we use web design tools?

How you absorb information on a website depends heavily on its structure, functionality, and visual perception. Therefore, good and professional web design has become increasingly important to us. We are constantly working on improving our website and see this as an extended service for you as a website visitor. Furthermore, a beautiful and functional website also has financial advantages for us. After all, you will only visit us and take advantage of our services if you feel completely comfortable.

What data are stored by web design tools?

When you visit our website, web design elements may be integrated into our pages that can also process data. The exact nature of this data depends largely on the tools used. Below you can see exactly which tools we use for our website. For more detailed information about data processing, we recommend reading the privacy policy of the tools used. This usually tells you which data is processed, whether cookies are used, and how long the data is stored. Fonts such as Google Fonts, for example, also automatically transmit information such as language settings, IP address, browser version, browser screen resolution, and browser name to Google's servers.

Duration of data processing

How long data is processed varies greatly from person to person and depends on the web design elements used. If cookies are used, for example, the retention period can be as little as one minute or as long as several years. Please inform yourself about this. We recommend that you read our general section on cookies as well as the privacy policies of the tools used. There you will usually find out which cookies are used and what information is stored in them. Google Font files, for example, are stored for one year. This is intended to improve the loading time of a website. As a general rule, data is only stored for as long as necessary to provide the service. If required by law, data can be stored for longer.

Right of objection

You also have the right and the option to revoke your consent to the use of cookies or third-party providers at any time. This works either via our cookie management tool or via other opt-out functions. You can also prevent data collection through cookies by managing, deactivating or deleting cookies in your browser. However, some web design elements (usually fonts) also contain data that cannot be deleted so easily. This is the case when data is automatically collected when a page is accessed and transmitted to a third party provider (such as Google). In this case, please contact the support of the respective provider. In the case of Google, you can reach support at https://support.google.com/?hl=de .

Legal basis

If you have consented to the use of web design tools, this consent forms the legal basis for the corresponding data processing. According to Art. 6 (1) (a) GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as may occur when collected by web design tools. We also have a legitimate interest in improving the web design on our website. After all, only then can we provide you with an attractive and professional website. The corresponding legal basis for this is Art. 6 (1) (f) GDPR (legitimate interests). However, we only use web design tools if you have given your consent. We would like to emphasize this again here.

Information on specific web design tools – where available – can be found in the following sections.

Google Fonts Local Privacy Policy

We use Google Fonts from Google Inc. on our website. Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for the European region. We have embedded the Google Fonts locally, i.e., on our web server – not on Google's servers. This means there is no connection to Google servers and therefore no data is transferred or stored.

What are Google Fonts?

Google Fonts was formerly known as Google Web Fonts. This is an interactive directory of over 800 fonts by Google . With Google Fonts, you can use fonts without uploading them to your own server. However, to prevent any data transfer to Google servers, we have downloaded the fonts to our server. This way, we comply with data protection regulations and do not send any data to Google Fonts.

All texts are protected by copyright.

Source: Privacy Policy created with the Data Protection Generator for Austria from AdSimple