Privacy Policy
last change 06.10.2024
IMPORTANT NOTE:
The legally binding version of the Privacy Policy is in German and can be accessed via the following file: GERMAN VERSION
Please note that while every effort has been made to ensure the accuracy of this translation, there may be inaccuracies. The German version of the Privacy Policy is the only legally valid and authoritative version. In the event of discrepancies or disputes, the German version shall prevail.
1. Data Protection at a Glance
General Information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data by which you can be personally identified. Detailed information on the topic of data protection can be found in our privacy policy listed below this text.
Data Collection on This Website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the section "Notice on the Responsible Party" in this privacy policy.
How do we collect your data?
Your data is collected in part when you provide it to us. This can include data you enter into a contact form. Other data is collected automatically or with your consent when you visit the website through our IT systems. This mainly includes technical data (e.g., internet browser, operating system, or the time the page was accessed). This data is collected automatically as soon as you enter this website.
What do we use your data for?
Part of the data is collected to ensure the error-free provision of the website. Other data may be used to analyze your user behavior.
What rights do you have regarding your data?
You have the right to receive information about the origin, recipients, and purposes of your stored personal data at any time free of charge. You also have the right to request the correction or deletion of your data. If you have given consent to data processing, you can revoke this consent at any time for the future. Additionally, you have the right to request the restriction of processing your personal data under certain circumstances. Furthermore, you have the right to lodge a complaint with the competent supervisory authority. For this and other questions on the topic of data protection, you can contact us at any time.
Analysis Tools and Tools from Third Parties
When visiting this website, your surfing behavior can be statistically analyzed. This is primarily done using analysis programs. Detailed information about these analysis programs can be found in the following privacy policy.
2. Hosting
We host the content of our website with the following providers:
Squarespace
The provider is Squarespace Ireland Ltd., Le Pole House, Ship Street Great, Dublin 8, Ireland (hereinafter Squarespace). Squarespace is a tool for creating and hosting websites. When you visit our website, your data is processed on Squarespace servers. This may also include the transfer of personal data to Squarespace's parent company, Squarespace Inc., 8 Clarkson St, New York, NY 10014, USA.
Squarespace also stores cookies that are necessary for the display of the page and to ensure security (necessary cookies).
The use of Squarespace is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the most reliable possible presentation of our website. If a corresponding consent has been requested, processing takes place exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TTDSG, as far as the consent includes the storage of cookies or access to information on the user's end device (e.g., device fingerprinting) under the TTDSG. The consent can be revoked at any time.
Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: Squarespace GDPR Compliance.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards in data processing in the USA. Every company certified under the DPF commits to these data protection standards. Further information can be obtained from the provider at the following link: EU-US Data Privacy Framework Participation.
External Hosting
This website is externally hosted. The personal data collected on this website is stored on the servers of the hosting provider(s). This may include IP addresses, contact requests, metadata, and communication data, contract data, contact details, names, website accesses, and other data generated via a website.
External hosting is carried out for the purpose of fulfilling contracts with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of a secure, fast, and efficient provision of our online offer by a professional provider (Art. 6(1)(f) GDPR). If a corresponding consent has been requested, processing takes place exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TTDSG, as far as the consent includes the storage of cookies or access to information on the user's end device (e.g., device fingerprinting) under the TTDSG. The consent can be revoked at any time.
Our hosting provider(s) will only process your data to the extent necessary to fulfill their performance obligations and follow our instructions regarding this data.
We use the following hosting provider(s):
Domain Provider:
Namecheap, Inc., 4600 East Washington Street, Suite 305, Phoenix, AZ 85034, USA
Processing Agreement (AVV)
We have concluded a processing agreement (AVV) for the use of the aforementioned service. This is a data protection agreement required by law, which ensures that the service only processes personal data of our website visitors according to our instructions and in compliance with the GDPR.
3. General Information and Mandatory Details
Data Protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.
When you use this website, various personal data are collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
We would like to point out that data transmission over the internet (e.g., when communicating via email) may have security vulnerabilities. Complete protection of data against access by third parties is not possible.
Notice Regarding the Responsible Party
The responsible party for data processing on this website is:
Farmbotic UG (haftungsbeschränkt)
Hammfelddamm 4A
41460 Neuss
Phone: 02131 7768292
Email: help@farmbotic.net
The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).
Storage Duration
Unless a more specific retention period is specified in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you make a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, deletion takes place after these reasons cease to apply.
General Information About the Legal Basis for Data Processing on This Website
If you have consented to data processing, we process your personal data based on Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR if special categories of data are processed according to Art. 9(1) GDPR. In the case of explicit consent for transferring personal data to third countries, data processing is also based on Art. 49(1)(a) GDPR. If you have consented to the storage of cookies or access to information on your end device (e.g., via device fingerprinting), the data processing is additionally based on § 25(1) TTDSG. Consent is revocable at any time.
If your data is required to fulfill a contract or to carry out pre-contractual measures, we process your data based on Art. 6(1)(b) GDPR. Furthermore, if your data is necessary for compliance with a legal obligation, we process it based on Art. 6(1)(c) GDPR. Data processing may also be carried out based on our legitimate interest pursuant to Art. 6(1)(f) GDPR. The relevant legal bases in each individual case are explained in the following paragraphs of this privacy policy.
Recipients of Personal Data
In the course of our business activities, we work with various external parties. In some cases, it is also necessary to transfer personal data to these external parties.
We only share personal data with external parties when it is necessary for the performance of a contract, when we are legally obliged to do so (e.g., disclosure to tax authorities), when we have a legitimate interest in disclosure pursuant to Art. 6(1)(f) GDPR, or if another legal basis permits data sharing.
When using data processors, we share personal data of our customers based only on a valid data processing agreement. In cases of joint processing, a joint processing agreement is concluded.
Revocation of Your Consent to Data Processing
Many data processing operations are only possible with your explicit consent. You may revoke consent already given at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to Object to Data Collection in Special Cases and to Direct Advertising (Art. 21 GDPR)
IF THE DATA PROCESSING IS BASED ON ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR THE PROCESSING IS FOR THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS (OBJECTION UNDER ART. 21(1) GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT ADVERTISING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSES OF SUCH ADVERTISING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS RELATED TO SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL THEN NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION UNDER ART. 21(2) GDPR).
Right to Lodge a Complaint with the Competent Supervisory Authority
In the case of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, particularly in the Member State of their habitual residence, place of work, or place of the alleged violation. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.
Right to Data Portability
You have the right to have data that we process based on your consent or in fulfillment of a contract handed over to you or a third party in a standard, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done to the extent technically feasible.
Access, Rectification, and Erasure
Within the framework of applicable legal provisions, you have the right to free access to your stored personal data, its origin and recipients, and the purpose of data processing, and, if applicable, a right to rectification or erasure of this data at any time. For further information on this and other questions regarding personal data, you can contact us at any time.
Right to Restriction of Processing
You have the right to request the restriction of the processing of your personal data. To do so, you can contact us at any time. The right to restriction of processing exists in the following cases:
If you contest the accuracy of your personal data stored with us, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of processing of your personal data.
If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of erasure.
If we no longer need your personal data, but you need it to exercise, defend, or assert legal claims, you have the right to request the restriction of processing instead of erasure.
If you have filed an objection pursuant to Art. 21(1) GDPR, a balance must be struck between your interests and ours. As long as it is not yet clear whose interests prevail, you have the right to request the restriction of processing of your personal data.
If you have restricted the processing of your personal data, this data – apart from being stored – may only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
SSL or TLS Encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator. You can recognize an encrypted connection by the address line of the browser changing from "http://" to "https://" and the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
4. Data Collection on This Website
Cookies
Our internet pages use so-called "cookies." Cookies are small data packets that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted after your visit. Persistent cookies remain on your device until you delete them or your web browser automatically removes them.
Cookies can originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies allow the integration of certain services from third-party companies within websites (e.g., cookies for processing payment services).
Cookies serve various purposes. Many cookies are technically necessary, as certain website functions would not work without them (e.g., the shopping cart function or video display). Other cookies may be used to analyze user behavior or for advertising purposes.
Cookies required to carry out the electronic communication process, provide specific functions requested by you (e.g., for the shopping cart function), or optimize the website (e.g., cookies to measure web audience) are stored based on Art. 6(1)(f) GDPR unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies to ensure technically error-free and optimized provision of their services.
If consent for the storage of cookies and similar recognition technologies has been requested, processing will be carried out exclusively on the basis of this consent (Art. 6(1)(a) GDPR and § 25(1) of the Telecommunications-Telemedia Data Protection Act [TTDSG]); consent can be revoked at any time.
You can set your browser to notify you about the setting of cookies and only allow cookies on a case-by-case basis, exclude the acceptance of cookies for specific cases or generally, and activate the automatic deletion of cookies when closing the browser. Deactivating cookies may limit the functionality of this website.
Which cookies and services are used on this website can be found in this privacy policy.
Consent via CookieYes
We use CookieYes, a service provided by CookieYes Limited, located at 3 Warren Yard, Warren Park, Wolverton Mill, Milton Keynes, MK12 5NW, United Kingdom, to manage cookie consent on our website. The CookieYes tool enhances the user experience by displaying a cookie banner or popup when a user visits our website. This feature allows users to consent to the use of cookies, reject them, or adjust their preferences.
Users can consent to all cookies, reject them entirely, or provide detailed consent by enabling or disabling specific cookie categories. Except for strictly necessary cookies, which do not require consent, this tool enables users to control the use of cookies on their devices. Users may withdraw their consent at any time.
The CookieYes service includes a permanent "cookie widget" or recall button on our website, enabling users to adjust their cookie settings as needed. The only personal data collected by CookieYes is the masked IP addresses of visitors, used exclusively to maintain a log of user decisions regarding cookies. CookieYes does not collect any additional personal data from visitors.
The CookieYes application is hosted in AWS data centers. Data transfers may occur internationally, but these transfers are safeguarded by robust data processing agreements compliant with GDPR standards. The European Commission recognizes the United Kingdom, where CookieYes is based, as providing adequate protection under GDPR.
For further details on how CookieYes manages and protects user data, see their Privacy Policy and Data Processing Agreement.
As a user, you have the right to review and modify your cookie settings at any time through the cookie management widget on our website.
Contact Form
When you send us inquiries via the contact form, the information you provide in the inquiry form, including your contact details, is stored for the purpose of processing the inquiry and for follow-up questions. We do not share this data without your consent.
The processing of this data is based on Art. 6(1)(b) GDPR, provided that your inquiry is related to the performance of a contract or necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively handling inquiries directed to us (Art. 6(1)(f) GDPR) or your consent (Art. 6(1)(a) GDPR), if requested; consent can be revoked at any time.
The data you provide in the contact form remains with us until you request its deletion, revoke your consent to store it, or the purpose for data storage ceases (e.g., after your inquiry has been fully processed). Mandatory statutory provisions – particularly retention periods – remain unaffected.
Inquiry by Email, Telephone, or Fax
If you contact us by email, telephone, or fax, your inquiry, including all personal data (name, inquiry), will be stored and processed for the purpose of handling your request. We do not share this data without your consent.
The processing of this data is based on Art. 6(1)(b) GDPR if your inquiry is related to the performance of a contract or necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively handling inquiries directed to us (Art. 6(1)(f) GDPR) or your consent (Art. 6(1)(a) GDPR), if requested; consent can be revoked at any time.
The data sent to us via contact inquiries remains with us until you request its deletion, revoke your consent to store it, or the purpose for data storage ceases (e.g., after your inquiry has been fully processed). Mandatory statutory provisions – particularly statutory retention periods – remain unaffected.
Communication via WhatsApp
For communication with our customers and other third parties, we use the WhatsApp instant messaging service. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Communication is encrypted end-to-end (peer-to-peer), preventing WhatsApp or other third parties from accessing the communication content. However, WhatsApp has access to metadata generated during the communication process (e.g., sender, recipient, and timestamp).
Additionally, WhatsApp states that it shares personal data of its users with its U.S.-based parent company Meta. For more details on data processing, see WhatsApp’s Privacy Policy.
Using WhatsApp is based on our legitimate interest in rapid and effective communication with customers, interested parties, and other business and contractual partners (Art. 6(1)(f) GDPR). If consent is requested, processing is carried out exclusively based on Art. 6(1)(a) GDPR, and consent is revocable at any time.
Messages exchanged between you and us via WhatsApp remain stored with us until you request deletion, revoke your consent, or the purpose for data storage ceases (e.g., after processing your request). Mandatory statutory provisions – particularly retention periods – remain unaffected.
WhatsApp is certified under the "EU-US Data Privacy Framework" (DPF). Further details are available here: Data Privacy Framework Participant Details. We use WhatsApp in its "WhatsApp Business" variant.
The data transfer to the USA is based on the EU Commission’s standard contractual clauses. Details are available here: WhatsApp Business Data Transfer Addendum. We have configured our WhatsApp accounts so that there is no automatic data synchronization with the address book on the smartphones being used.
Google Forms
We have integrated Google Forms on this website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as "Google").
Google Forms allows us to create online forms to structure inquiries, messages, and other inputs from our website visitors. All inputs you provide are processed on Google’s servers. Google Forms stores a cookie in your browser containing a unique ID (NID cookie). This cookie stores various details such as your language preferences.
The use of Google Forms is based on our legitimate interest in a user-friendly method to handle your requests (Art. 6(1)(f) GDPR). If consent is requested, processing occurs solely based on Art. 6(1)(a) GDPR and § 25(1) TTDSG, insofar as consent includes storing cookies or accessing information on the user’s device (e.g., device fingerprinting). Consent can be revoked at any time.
The data you input in the form remains with us until you request deletion, revoke your consent to store it, or the purpose for the data storage ceases (e.g., after completing your inquiry). Mandatory statutory provisions – especially retention periods – remain unaffected.
For further information, see Google's Privacy Policy.
Google is certified under the "EU-US Data Privacy Framework" (DPF). This framework ensures compliance with European data protection standards for processing data in the United States. Details about the DPF certification for Google are available here.
Calendly
Our website allows you to schedule appointments with us. For appointment booking, we use the tool "Calendly." The provider is Calendly LLC, 271 17th St NW, 10th Floor, Atlanta, Georgia 30363, USA (hereinafter "Calendly").
To schedule an appointment, you enter the requested data and your preferred time into the designated form. The entered data is used for planning, executing, and potentially following up on the appointment. Appointment data is stored on Calendly’s servers. Calendly's Privacy Policy provides additional information.
The data you provide remains with us until you request deletion, revoke your consent to store it, or the purpose for the data storage ceases. Mandatory statutory provisions – especially retention periods – remain unaffected.
The legal basis for data processing is Art. 6(1)(f) GDPR. The website operator has a legitimate interest in facilitating appointment scheduling for customers and interested parties. If consent is requested, processing occurs exclusively based on Art. 6(1)(a) GDPR and § 25(1) TTDSG, insofar as consent includes storing cookies or accessing user device information (e.g., device fingerprinting). Consent can be revoked at any time.
Data transfers to the USA rely on the EU Commission’s standard contractual clauses. Details are available here.
Calendly is certified under the "EU-US Data Privacy Framework" (DPF). Details are available here.
Google Calendar
Our website allows you to schedule appointments with us using Google Calendar. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter "Google").
For appointment scheduling, you enter the requested data and your preferred time into the designated form. The entered data is used for planning, executing, and potentially following up on the appointment. Appointment data is stored on Google Calendar’s servers. Google’s Privacy Policy provides additional information.
The data you provide remains with us until you request deletion, revoke your consent to store it, or the purpose for the data storage ceases. Mandatory statutory provisions – especially retention periods – remain unaffected.
The legal basis for data processing is Art. 6(1)(f) GDPR. The website operator has a legitimate interest in facilitating appointment scheduling for customers and interested parties. If consent is requested, processing occurs exclusively based on Art. 6(1)(a) GDPR and § 25(1) TTDSG, insofar as consent includes storing cookies or accessing user device information (e.g., device fingerprinting). Consent can be revoked at any time.
Data transfers to the USA rely on the EU Commission’s standard contractual clauses. Details are available here and here.
Google is certified under the "EU-US Data Privacy Framework" (DPF). Details about Google’s certification are available here.
Loom (Atlassian, Inc.)
Purpose of Data Processing:
We use the video creation service Loom, offered by Atlassian Inc., to present drafts of our website through screen-sharing videos and provide customers with Loom links to review them. This allows customers to view the website’s current design and provide feedback.
What Data Is Transferred Through Loom?
When using Loom, the following data is transmitted to Atlassian:
Video Content: All visual and audio information recorded during a Loom video session.
User Interactions Within the Video: This includes actions such as starting, pausing, and stopping the video, as well as comments or annotations added while viewing the video.
Technical Data: Information about the user’s device, browser version, IP address, and other technical data necessary for optimizing the service and diagnosing issues.
Data Transmission and Storage:
Interactions with Loom may involve transmitting certain user data, including customer contact details displayed within Loom videos, to Atlassian. According to Atlassian’s Privacy Policy, this data may be transferred to locations in the United States and other countries where Atlassian or its third-party providers operate.
Privacy and Data Security for International Transfers:
Atlassian uses standard contractual clauses and other legal mechanisms to ensure adequate data protection levels when personal data is transferred from the EU to the United States or other countries with potentially lower data protection standards. These measures aim to protect your data during transmission and meet EU Commission requirements.
EU-US Data Privacy Framework (DPF):
Atlassian is certified under the EU-US Data Privacy Framework. This framework ensures compliance with European data protection standards when processing data in the United States. Atlassian has committed to adhering to these standards.
Rights of Affected Individuals:
You have the right to object to the processing of your personal data at any time, particularly if it pertains to your specific situation. Further information about Atlassian's data protection practices can be found in Atlassian’s Privacy Policy and Loom’s Cookie Policy.
Security Measures:
Atlassian employs industry-standard technical and organizational measures to safeguard stored information. However, absolute security cannot be guaranteed for data transmission over the internet.
markup.io
Provider and Purpose of Data Processing:
markup.io is a tool by Ceros, Inc., located at 228 Park Avenue South, Suite 16327, New York, NY 10003-1502, USA. We use this tool to gather feedback on the current website design and facilitate user interaction. By sending the URL of the website’s current design to markup.io, the design becomes visible to the customer. Customers can leave notes directly within the tool by clicking and adding comments, significantly streamlining the feedback collection and processing workflow.
What Data Is Transferred?
When customers use markup.io, the following data is transmitted to Ceros:
Website URL: This allows the current website design to be displayed within the tool.
Notes and Feedback: Each note or comment the customer provides regarding the website design is saved along with the corresponding area of the website.
User Interactions: This includes clicks and entries within the tool during use.
Technical Data: Information such as the user’s IP address, browser type, browser version, and other details helpful for managing the session and diagnosing technical issues.
Data Use and Transmission:
The collected data is used to enhance the user experience, process feedback effectively, and adapt the website design accordingly. By using markup.io, users consent to the transmission of this data to Ceros.
Data Transmission and Security Measures:
Data collected through markup.io, including any contact details displayed on the website, is transmitted to Ceros, Inc., and may be transferred to the United States or other countries with potentially lower data protection standards. Ceros uses standard contractual clauses to ensure data security during international transfers and compliance with European Union requirements.
EU-US Data Privacy Framework (DPF):
Ceros is certified under the EU-US Data Privacy Framework, which ensures compliance with European data protection standards when processing data in the United States. Further information about Ceros’ certification can be found here.
Your Rights:
You have the right to object to the processing of your personal data, particularly if it pertains to your specific situation. For more information about Ceros’ privacy practices, see markup.io’s Privacy Policy and Ceros’ Privacy Policy.
5. Analysis Tools and Advertising
Google Tag Manager
We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. Google Tag Manager itself does not create user profiles, store cookies, or conduct independent analyses. It merely manages and delivers the tools integrated through it.
Google Tag Manager processes your IP address, which may also be transmitted to Google’s parent company in the United States.
The use of Google Tag Manager is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the fast and uncomplicated integration and management of various tools on their website. If consent has been requested, processing is based exclusively on Art. 6(1)(a) GDPR and § 25(1) TTDSG, provided the consent includes storing cookies or accessing information on the user's device (e.g., device fingerprinting); consent is revocable at any time.
Google Tag Manager is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards when processing data in the USA. Each company certified under the DPF commits to these data protection standards. More information is available at the following link: EU-US Data Privacy Framework.
Google Analytics
This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics allows the website operator to analyze the behavior of website visitors. Various usage data is collected, such as page views, duration of visits, operating systems used, and user origin. These data may be summarized under a user ID and assigned to the respective user device.
Google Analytics also enables us to record mouse and scroll movements and clicks, among other things. Google Analytics uses machine-learning technologies and various modeling approaches to complement the data sets.
Google Analytics uses technologies that enable the recognition of users for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting). The information collected by Google about the use of this website is usually transmitted to a Google server in the USA and stored there.
The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. The consent is revocable at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: Google Privacy.
Google Analytics is certified under the "EU-US Data Privacy Framework" (DPF). More information is available here: EU-US Data Privacy Framework.
IP Anonymization
We have activated IP anonymization on this website. This means that your IP address is truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there.
On behalf of the operator of this website, Google uses this information to evaluate your use of the website, compile reports on website activity, and provide other services related to website activity and internet usage.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
Browser Plugin
You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link: Google Analytics Opt-Out.
More information on how Google Analytics handles user data can be found in Google's privacy policy: Google Privacy.
Google Signals
We use Google Signals. When you visit our website, Google Analytics collects, among other things, your location, search history, and YouTube history, as well as demographic data (visitor data). These data can be used for personalized advertising with the help of Google Signals. If you have a Google account, Google Signals aggregates your visitor data from multiple devices.
The aggregated data is also used to create anonymized statistics on user behavior.
Data Processing Agreement
We have entered into a data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Google Ads
The website operator uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads allows us to display advertisements in Google’s search engine or on third-party websites when the user enters specific search terms (keyword targeting). In addition, targeted ads can be displayed based on user data available on Google (e.g., location data and interests) (audience targeting).
We can analyze the effectiveness of these advertising campaigns by, for example, determining which search terms led to the display of our ads and how many ads resulted in clicks.
The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. The consent is revocable at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: Google Privacy.
Google is certified under the "EU-US Data Privacy Framework" (DPF). More information is available here: EU-US Data Privacy Framework.
Google Conversion Tracking
This website uses Google Conversion Tracking. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
With the help of Google Conversion Tracking, Google and we can recognize whether the user has performed specific actions. For example, we can evaluate which buttons on our website are clicked, how often, and which products are viewed or purchased most frequently.
The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. The consent is revocable at any time.
More information on Google Conversion Tracking can be found in Google's privacy policy: Google Privacy.
6. Plugins and Tools
Google Fonts (Local Hosting)
This site uses so-called Google Fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. A connection to Google servers does not take place.
For more information about Google Fonts, please visit: Google Fonts FAQ and review Google's privacy policy: Google Privacy.
Google reCAPTCHA
We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on this website. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA is to determine whether the data entered on this website (e.g., in a contact form) is provided by a human or an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website.
To conduct the analysis, reCAPTCHA evaluates various information (e.g., IP address, time spent on the website, or user mouse movements). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses run entirely in the background.
Website visitors are not notified that an analysis is taking place.
The storage and analysis of data are based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in protecting its web offers from abusive automated crawling and spam. If consent has been requested, processing is carried out exclusively based on Art. 6(1)(a) GDPR and § 25(1) TTDSG, provided the consent includes storing cookies or accessing information in the user's terminal device (e.g., device fingerprinting); consent is revocable at any time.
Further information about Google reCAPTCHA can be found in the Google privacy policy and terms of service at the following links:
Google Privacy
Google Terms
Google is certified under the "EU-US Data Privacy Framework" (DPF). More information is available here: EU-US Data Privacy Framework.
7. eCommerce and Payment Providers
Processing of Customer and Contract Data
We collect, process, and use personal customer and contract data to establish, design, and modify our contractual relationships. We collect, process, and use personal data about the use of this website (usage data) only insofar as this is necessary to enable the user to use the service or to bill the user.
The legal basis for this is Art. 6(1)(b) GDPR. The collected customer data will be deleted after the completion of the order or termination of the business relationship and the expiry of any existing legal retention periods. Legal retention periods remain unaffected.
8. Audio and Video Conferencing
Data Processing
For communication with our customers, we use various online conferencing tools. The tools we use are listed below. When you communicate with us via video or audio conferencing through the Internet, your personal data is collected and processed by us and the provider of the respective conferencing tool.
The conferencing tools collect data that you provide when using the tools (e.g., your email address and/or phone number). Additionally, the tools process the duration of the conference, start and end times, number of participants, and other "context information" related to the communication process (metadata).
The provider of the tool also processes all technical data required for handling online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.
If content is exchanged, uploaded, or otherwise made available within the tool, this is also stored on the servers of the tool provider. Such content includes, but is not limited to, cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared during the use of the service.
Please note that we do not have full control over the data processing operations of the tools used. Our possibilities are largely determined by the corporate policies of the respective provider. For further details on data processing by the conference tools, please refer to the privacy policies of the respective tools used, which are listed below.
Purpose and Legal Basis
The conferencing tools are used to communicate with prospective or existing contractual partners or to provide certain services to our customers (Article 6(1)(b) GDPR). Additionally, the use of the tools serves to simplify and expedite communication with us or our company (legitimate interest as defined in Article 6(1)(f) GDPR). If consent has been requested, the tools are used based on this consent (Article 6(1)(a) GDPR); the consent can be revoked at any time with effect for the future.
Storage Duration
The data collected directly by us through video and conferencing tools will be deleted from our systems as soon as you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies. Cookies stored remain on your device until you delete them. Mandatory statutory retention periods remain unaffected.
We have no influence on the storage duration of your data that is stored by the operators of the conferencing tools for their purposes. For details, please refer directly to the privacy policies of the respective conference tool providers.
Used Conference Tools
We use the following conference tools:
Zoom
We use Zoom. The provider of this service is Zoom Communications Inc., 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. Details about data processing can be found in Zoom's privacy policy: Zoom Privacy Policy.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: Zoom Privacy Policy.
The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the United States that ensures compliance with European data protection standards when processing data in the US. Each company certified under the DPF commits to upholding these data protection standards. More information is available at the following link: EU-US Data Privacy Framework - Zoom.
Microsoft Teams
We use Microsoft Teams. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. Details about data processing can be found in Microsoft Teams’ privacy policy: Microsoft Privacy Statement.
The company is certified under the “EU-US Data Privacy Framework” (DPF). More information can be found at the following link: EU-US Data Privacy Framework - Microsoft.
Google Meet
We use Google Meet. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details about data processing can be found in Google’s privacy policy: Google Privacy Policy.
The company is certified under the “EU-US Data Privacy Framework” (DPF). More information can be found at the following link: EU-US Data Privacy Framework - Google.
Order Processing
We have entered into data processing agreements (DPAs) with the above-mentioned providers. These are contracts required under data protection law that ensure that the providers process the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
9. Proprietary Services
OneDrive
We have integrated OneDrive on this website. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland (hereinafter "OneDrive").
OneDrive allows us to integrate an upload area on our website where you can upload content. When you upload content, it is stored on OneDrive's servers. Additionally, when you visit our website, a connection to OneDrive is established, enabling OneDrive to recognize that you visited our website.
The use of OneDrive is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in providing a reliable upload area on their website.
If consent has been obtained, the processing is carried out exclusively based on Art. 6(1)(a) GDPR; consent is revocable at any time.
Microsoft is certified under the "EU-US Data Privacy Framework" (DPF). This framework ensures adherence to European data protection standards for data processing in the USA. Microsoft has committed to complying with these data protection standards. Further information is available here: EU-US Data Privacy Framework.
Google Drive
We have integrated Google Drive on this website. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Drive allows us to integrate an upload area on our website where you can upload content. When you upload content, it is stored on Google Drive's servers. Additionally, when you visit our website, a connection to Google Drive is established, enabling Google Drive to recognize that you visited our website.
The use of Google Drive is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in providing a reliable upload area on their website.
If consent has been obtained, the processing is carried out exclusively based on Art. 6(1)(a) GDPR; consent is revocable at any time.
Google is certified under the "EU-US Data Privacy Framework" (DPF). This framework ensures adherence to European data protection standards for data processing in the USA. Google has committed to complying with these data protection standards. Further information is available here: EU-US Data Privacy Framework.