Privacy

Status February 2023

‍

I. Name and address of the responsible person

II. contact details of the data protection officer

III. General information on data processing

IV. Rights of the data subject

V. Provision of the website and creation of the log files

VI. use of cookies

VII. Newsletter

VIII. email contact

IX. Contact form

X. Use of company presences in job-oriented networks

XI. Hosting

XII. Third party services used

XIII Change of our privacy policy

I. Name and address of the responsible person

The controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:

Codept Ltd.

Dircksenstrasse 3

10179 Berlin

Germany

030 629 393 70

hello@codept.de

https://www.codept.de/

II. contact details of the data protection officer

The data protection officer of the controller is:

DataCo Ltd.

Dachauer Street 65

80335 Munich

Germany

+49 89 7400 45840

www.dataguard.de

III. General information on data processing

1. scope of the processing of personal data

We process personal data of our users only insofar as this is necessary for the provision of a functional website and our content and services. The processing of personal data of our users is regularly only carried out with the consent of the user. An exception applies in those cases where obtaining prior consent is not possible for actual reasons and the processing of the data is required by legal regulations.

2. legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) sentence 1 lit. a DSGVO serves as the legal basis.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Article 6 (1) sentence 1 lit. b DSGVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

Insofar as the processing of personal data is necessary for the fulfillment of a legal obligation to which our company is subject, Art. 6 (1) sentence 1 lit. c DSGVO serves as the legal basis.

In the event that vital interests of the data subject or another natural person make it necessary to process personal data, Article 6 (1) sentence 1 lit. d DSGVO serves as the legal basis.

If the processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Article 6 (1) sentence 1 lit. f DSGVO serves as the legal basis for the processing.

3. data deletion and storage period

The personal data of the data subject shall be deleted or blocked as soon as the purpose of the storage no longer applies. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.

IV. Rights of the data subject

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

1. the right of access (Art. 15 GDPR)

You have the right to request confirmation from us as to whether personal data concerning you is being processed.

If this is the case, you have a right of access to this data and to the following information:

- Processing purposes

- Categories of personal data

- Recipients or categories of recipients

- Planned storage duration or the criteria for determining this duration

- the existence of the rights of rectification, cancellation or restriction or opposition

- Right of appeal to the competent supervisory authority

- If applicable, origin of the data (if collected from a third party)

- If applicable, existence of automated decision-making including profiling with meaningful information about the logic involved, the scope and the effects to be expected

- If applicable, transfer of personal data to a third country or international organization

2. right to rectification (Art. 16 GDPR)

If your personal data is incorrect or incomplete, you have the right to request that the personal data be corrected or completed without delay.

3. right to restriction of processing (Art. 18 DSGVO)

If one of the following conditions is met, you have the right to request restriction of the processing of your personal data:

- You dispute the accuracy of your personal data for a period of time that allows us to verify the accuracy of the personal data.

- In the context of unlawful processing, refuse to erase the personal data and instead request the restriction of the use of the personal data.

- We no longer need your personal data for the purposes of processing, but you need your personal data for the assertion, exercise or defense of your legal claims or

- after you have objected to the processing, for the duration of the examination as to whether our legitimate reasons outweigh your reasons.

4. right to erasure ("right to be forgotten") (Art. 17 GDPR)

If one of the following reasons applies, you have the right to request immediate deletion of your personal data:

- Your data is no longer necessary for the processing purposes for which it was originally collected.

- you withdraw your consent and there is no other legal basis for the processing.

- You object to the processing and there are no overriding legitimate grounds for the processing or you object pursuant to Art. 21 (2) DSGVO.

- Your personal data is processed unlawfully.

- The deletion is necessary for compliance with a legal obligation under Union law or the law of the member state to which we are subject.

- The personal data was collected in relation to information society services offered pursuant to Article 8 (1) DSGVO.

‍

Please note that the above reasons do not apply insofar as the processing is necessary:

- To exercise the right to freedom of expression and information;

- To fulfill a legal obligation or to perform a task that is in the public interest and to which we are subject.

- For reasons of public interest in the area of public health.

- For archival purposes in the public interest, scientific or historical research purposes, or statistical purposes.

- for the assertion, exercise or defense of legal claims.

5. right to data portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, common and machine-readable format or to request the transfer to another controller.

6. right to object to certain data processing (Art. 21 DSGVO)

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6 (1) sentence 1 lit. e or f DSGVO. This also applies to profiling based on these provisions.

If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing.

7. right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data concerning you infringes the GDPR. The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR. A list of the supervisory authorities with local jurisdiction in Germany can be found on the website of the Federal Commissioner for Data Protection at the following link: https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html

V. Provision of the website and creation of the log files

1. description and scope of data processing

Each time you visit our website, our system automatically collects data and information from the computer system of the calling computer.

The following data is collected:

- Information about the browser type and version used

- The operating system of the user

- The IP address of the user

- Date and time of access

- Websites from which the user's system accesses our website

- Host name of the accessing computer

This data is stored in the log files of our system. A storage of this data together with other personal data of the user does not take place.

2. purpose of data processing

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the IP address of the user must remain stored for the duration of the session.

The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

These purposes are also our legitimate interest in data processing according to Art. 6 para. 1 p. 1 lit. f DSGVO.

3. legal basis for data processing

The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 p. 1 lit. f DSGVO.

4. duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

In the case of storage of data in log files, this is the case after the purpose has been achieved. Storage beyond this is possible. In this case, the IP addresses of the users are deleted or alienated so that an assignment of the calling client is no longer possible.

5. possibility of opposition

The collection of data for the provision of the website and the storage of the data in log files is mandatory for the operation of the website. The user can object to this. Whether the objection is successful is to be determined in the context of a balancing of interests.

VI. use of cookies

1. description and scope of data processing

When you visit our website, we use technical aids for various functions, in particular cookies, which can be stored on your terminal device. When you call up our website and at any time later, you have the choice of whether you generally permit the setting of cookies or which individual additional functions you would like to select. You can make changes in your browser settings or via our Consent Manager. Cookies are text files or information in a database that are stored on your hard drive and assigned to the browser you are using so that certain information can flow to the entity that sets the cookie. Below we describe what kind of cookies we use:

We use technically necessary cookies, which are required for the technical structure of the website. Without these cookies, our website cannot be displayed (completely correctly) or the support functions are not possible.

The following data is stored and transmitted by the technically necessary cookies:

- Language settings

- Use of website functions

- Cookie consent status, distinction between humans ud bots, browser cookie support, internal analysis, website performance.

We use cookies on our website that are not technically necessary. Technically unnecessary cookies are text files that are not solely used for the functionality of the website, but also collect other data.

By setting technically unnecessary cookies, the following data is processed:

- IP address

- Internet user location

- Date and time of the call of the web page

- Customization of advertisements to the user

- Tracking of the surfing behavior

- Linking the website visit with other social media platforms

- Statistics, storage of user settings

2. purpose of data processing

The purpose of using technically necessary cookies is to ensure the functionality of our website. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.

For the following applications we need the technically necessary cookies:

- Adoption of language settings

- Functionality of the website

The use of technically unnecessary cookies is for the purpose of improving the quality of our website, its content and thus our reach and profitability. By setting these cookies, we learn how the website is used and can thus constantly improve our offer optimise. In particular, these cookies serve the following purposes:

We use cookies to analyze traffic to our website, personalize content and ads, offer social media features.

3. legal basis for data processing

The provisions of the Telecommunications Telemedia Data Protection Act (TTDSG) are relevant for the storage of information in the end user's terminal equipment and/or access to information already stored in the end user's terminal equipment. If the setting and reading of cookies is technically necessary, this is done to ensure the functionality of our website. In this case, the storage of and access to cookies on your terminal equipment is carried out on the basis of § 25 para. 2 no. 2 TTDSG. This storage and access to the information in your terminal equipment serves to facilitate your use of our website and to be able to offer you our services as you have requested. Some functions of our website also do not work without the use of these cookies and could therefore not be offered. The cookies are generally deleted after the session ends (e.g. logging out or closing the browser) or after the expiry of a specified duration. Information about different storage periods for cookies can be found in the following sections of this privacy policy.

Insofar as cookies are used that are not technically necessary, this is done on the basis of your express consent, which you can give via the cookie banner. The basis for the storage and access to information in this case is § 25 para. 1TTDSG in conjunction with. Art. 6 para. 1 lit. a), Art. 7 DSGVO. You can revoke your consent at any time with effect for the future or subsequently re-give it by configuring your cookie settings accordingly. Alternatively, you can prevent the storage of cookies by making appropriate settings in your browser software. Please note that the browser settings you make only affect the browser you are using. If personal data is processed following the storage of and access to the information on your terminal equipment, the provisions of the DSGVO are relevant. Information on this can be found in the following sections of this privacy policy.

VII. Newsletter

1. description and scope of data processing

On our website there is the possibility to subscribe to a free newsletter. When registering for the newsletter, the data from the input mask is transmitted to us.

- Email address

For the processing of data, your consent is obtained during the registration process and reference is made to this privacy policy.

No data will be passed on to third parties in connection with the data processing for sending newsletters. The data is used exclusively for sending the newsletter.

2. purpose of data processing

The collection of the user's email address serves to deliver the newsletter.

The collection of other personal data during the registration process serves to prevent misuse of the services or the email address used.

3. legal basis for data processing

The legal basis for the processing of data after registration for the newsletter by the user is Art. 6 para. 1 p. 1 lit. a DSGVO if the user has given his consent.

4. duration of storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. Accordingly, the email address of the user is stored as long as the subscription to the newsletter is active.

The other personal data collected during the registration process is usually deleted after a period of 90 days.

5. possibility of revocation

The subscription to the newsletter can be cancelled by the user concerned at any time. For this purpose, a corresponding link can be found in each newsletter.

This also enables the revocation of consent to the storage of personal data collected during the registration process.

VIII. email contact

1. description and scope of data processing

On our website, it is possible to contact us via the email address provided. In this case, the personal data of the user transmitted with the email will be stored.

The data is used exclusively for the processing of the conversation.

2. purpose of data processing

In the case of contact by email, this also constitutes the necessary legitimate interest in processing the data.

3. legal basis for data processing

The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6Abs. 1 lit. f DSGVO. Our legitimate interest is to optimally answer your inquiry that you send by e-mail.

If the e-mail contact aims at the conclusion of a contract, the additional legal basis for the processing isArt. 6 (1) lit. b DSGVO.

4. duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.

In the case of storage of the additional personal data collected during the sending process, this is the case after the purpose has been achieved.

5. possibility of opposition

If the user contacts us by email, he can object to the storage of his personal data by email to hello@codept.de at any time. In such a case, the conversation cannot be continued.

You can unsubscribe from these notifications at any time. For more information about unsubscribing and our privacy practices, please see our Privacy Policy.

All personal data stored in the course of contacting us will be deleted in this case.

IX. Contact form

1. description and scope of data processing

Our website contains a contact form that can be used for electronic contact. If a user uses this option, the data entered in the input mask will be transmitted to us and stored.

At the time of sending the message, the following data will be stored:

- Email address

- Name

- First name

- Voluntary: Telephone / mobile phone number

- IP address of the calling computer

- Voluntary information: company name, message, job title, order volume

- Statistics

2. purpose of data processing

The processing of personal data from the input mask of the contact form or via the provided email address serves us solely to process the contact.

The other personal data processed during the submission process are used to prevent misuse of the contact form and to ensure the security of our information technology systems.

3. legal basis for data processing

The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest is to optimally answer your inquiry that you send to us via contact form. If the email contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 p. 1 lit. b DSGVO.

4. duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.

The additional personal data collected during the sending process will be deleted after a period of 90 days at the latest.

5. possibility of opposition

If the user contacts us via the input mask in the contact form, he or she can object to the storage of his or her personal data at any time by sending an email to hello@codept.de.

You can unsubscribe from these notifications at any time. For more information about unsubscribing and our privacy practices, please see our Privacy Policy.

All personal data stored in the course of contacting us will be deleted in this case.

X. Use of company presences in job-oriented networks

1. scope of data processing

We use the possibility of company appearances in profession-oriented networks. We maintain a company presence on the following job-oriented networks:

LinkedIn:

LinkedIn, Unlimited Company Wilton Place, Dublin 2, Ireland

On our site we provide information and offer users the opportunity to communicate.

The company website is used for job applications, information/PR and active sourcing.

We do not have any information on the processing of your personal data by the companies jointly responsible for the corporate presence. For more information, please refer to the privacy policy of:

LinkedIn:

https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv

If you carry out an action on our company website (e.g. comments, posts, likes, etc.), it is possible that you make personal data (e.g. clear name or photo of your user profile) public.

2. legal basis for data processing

The legal basis for the processing of personal data for the purpose of communication with customers and interested parties is Art. 6 para. 1 p.1 lit. f DSGVO. Our legitimate interest is to answer your request optimally or to be able to provide the requested information. If the aim of contacting you is to conclude a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO.

3. purpose of data processing

Our company website serves to inform users about our services. In doing so, every user is free to publish personal data through activities.

4. duration of storage

We store your activities and personal data published via our corporate website until you revoke your consent. In addition, we comply with the statutory retention periods.

5. possibility of opposition

You can object at any time to the processing of your personal data that we collect in the course of your use of our company website and assert your data subject rights as stated under IV. of this data protection declaration. To do so, send us an informal email to the email address stated in this data protection declaration.

For the processing of your personal data in third countries, we have provided appropriate safeguards in the form of standard data protection clauses pursuant to Art. 46 (2) lit. c DSGVO. We have concluded these standard data protection clauses with the above-mentioned social network providers. A copy of the standard data protection clauses can be requested from us.

You can find more information about exercising your rights here:

LinkedIn:

https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv

XI. Hosting

The website is hosted on servers of a service provider contracted by us.

Our service provider is:

Webflow, Inc., 398 11th Street, San Francisco, United States

The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The information stored is:

- Browser type and version

- Operating system used

- Referrer URL

- Host name of the accessing computer

- Date and time of the server request

- IP address

This data is not merged with other data sources. This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. Our legitimate interest in processing this data is to display our website without errors and to ensure its functions optimise.

We have concluded an order processing agreement with the relevant service provider, in which we oblige the relevant service provider to protect user data and not to disclose it to third parties.

The location of the website's server is geographically in the United States of America.

For the processing of your personal data in third countries, we have provided suitable guarantees in the form of standard data protection clauses pursuant to Art. 46 (2) lit. c DSGVO. We have concluded these standard data protection clauses with the above-mentioned provider.

XII. Third party services used

We use third-party services for various purposes.

When using some services, personal data may be transferred to servers in the USA. The legal basis for this transfer is consent according to Art. 6 para. 1 p.1 lit. a DSGVO. The United States of America does not provide an adequate level of data protection based on a decision of the European Union. The essential risk of the transfer lies in the obligation of the plug-in providers to make user data accessible to American authorities under certain circumstances. An order processing agreement with standard data protection clauses is currently in place with all providers in order to make the third-country transfer as data protection-friendly and secure as possible. Adjustments to the ECJ ruling of 16.07.2020 (Schrems II, ref. C-311/18) including additional security measures are currently being sought by us.

The third-party services used are listed below:

‍

Use of Google AdWords
‍

1. scope of processing of personal data‍

We use Google AdWords of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter: Google). We use this service to place advertisements. Google sets a cookie on your computer. Personal data can be stored and evaluated, especially the activity of the user (in particular which pages have been visited and on which elements have been clicked), device and browser information (in particular the IP address and the operating system), data about the displayed advertisements (in particular which advertisements have been displayed and whether the user has clicked on them) and also data from advertising partners (in particular pseudonymized user IDs).
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de

‍

2. purpose of data processing‍

We only get to know about the total number of users who have responded to our ad. No information is shared that could identify you to us. The use is not for tracking purposes.

‍

3. legal basis for the processing of personal data‍

The legal basis for the processing of the personal data of the users is basically the consent of the user according to Art. 6 para. 1 p.1 lit. a DSGVO.

‍

4. duration of storage
Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

‍

5. revocation and removal options
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You can prevent the collection as well as the processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do NotTrack" function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as.e.g. NoScript(https://noscript.net/) or Ghostery(https://www.ghostery.com) in your browser.
You can deactivate the use of your personal data by Google using the following link:
https://adssettings.google.de
You can find further information on objection and removal options vis-à-vis Google at:
https://policies.google.com/privacy?gl=DE&hl=de

‍

Use of Google Analytics

‍‍
1. Scope of processing of personal data
We use Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter: Google). Google Analytics examines, among other things, the origin of visitors, the time they spend on individual pages, and the use of search engines, thus allowing better monitoring of the success of advertising campaigns. Google sets a cookie on your computer. As a result, personal data can be stored and evaluated, especially the activity of the user (in particular, which pages have been visited and on which elements have been clicked), device and browser information (in particular, the IP address and operating system), data about the advertisements displayed (in particular, which advertisements were displayed and whether the user clicked on them) and also data from advertising partners (in particular, pseudonymized user IDs).
We use Google Analytics (GA4) to evaluate your use of our online presence, to compile reports on your activities and to use other Google services related to the use of our online presence and internet usage.
We have requested the anonymization of IP addresses, whereby Google shortens your IP address as close in time as technically possible. However, it cannot be ruled out that your data will be transmitted to the servers of Google LLC, which is based in the USA.
On behalf of the operator of this online presence, Google will use this information to evaluate your use of the online presence, to compile reports on the activities of the online presence and to provide the operator of the online presence with further services associated with the use of the online presence and the use of the Internet.
You can obtain further information on the processing of data by Google here: https://policies.google.com/privacy?gl=DE&hl=de.

‍

2. purpose of data processing
The use of Google Analytics (GA4) serves us to evaluate the use of our online presence as well as the targeted playout of advertising, to the people who have already expressed an initial interest through their page visit.

‍

3. legal basis for the processing of personal data
The legal basis for the processing of personal data of the users is in principle the consent of the user according to Art. 6 para. 1 p.1 lit. a DSGVO.

‍

4. duration of storage
Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or until you exercise your right of withdrawal.

‍

5. revocation option
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You can prevent the collection as well as the processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do NotTrack" function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript(https://noscript.net/) or Ghostery(https://www.ghostery.com) in your browser.
You can also prevent the collection of data generated by the cookie and related to your use of the online presence (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=de
You can deactivate the use of your personal data by Google using the following link:
https://adssettings.google.de
For more information on objection and removal options vis-à-vis Google, please visit:
https://policies.google.com/privacy?gl=DE&hl=de

‍

6. danger notice
Your personal data will also be transferred to the USA. There is no adequacy decision for the USA pursuant to Art. 45 (3) DSGVO. We would like to point out that data transfer without an adequacy decision entails certain risks, which we would like to inform you about below:
Intelligence services in the USA use certain online identifiers (such as the IP address or unique identification numbers) as a starting point for monitoring individuals. In particular, it cannot be ruled out that these intelligence services have already collected information about you, with the help of which the data transmitted here can be traced back to you.
Providers of electronic communications services headquartered in the U.S. are subject to monitoring by U.S. intelligence services pursuant to 50 U.S. Code §1881a ("FISA 702"). Accordingly, providers of electronic communications services headquartered in the U.S. have an obligation to provide personally identifiable information to U.S. authorities pursuant to 50 U.S. Code§ 1881a, without any potential remedy available to you. Even encryption of data at the electronic communications service provider's data centers may not provide adequate protection because an electronic communications service provider has a direct obligation with respect to imported data in its possession or custody or under its control to provide access to or surrender such data. This obligation may explicitly extend to the cryptographic keys without which the data cannot be read.
The fact that this is not merely a "theoretical risk" is demonstrated by the ECJ's ruling of July 16, 2020 (Case C 311/18,,,Schrems-II").
We have concluded guarantees with Google in the form of standard data protection clauses pursuant to Art. 46 (2) lit. c DSGVO. A copy of the standard data protection clauses can be requested from us.

‍

Use of Google Ads Remarketing

‍
1. Scope of the processing of personal data
We use Google Ads Remarketing of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter: Google). Google Remarketing is used for retargeting visitors to the online presence for advertising purposes via Google Ads ads. With the help of Google Ads Remarketing, target groups ("similar target groups") can be created, which have called up certain pages, for example. This makes it possible to identify the user on other online presences and display targeted advertising. Google sets a cookie on the user's computer. Personal data can be stored and evaluated, especially the activity of the user (in particular, which pages have been visited and on which elements have been clicked), device and browser information (in particular, the IP address and operating system), data about the advertisements displayed (in particular, which advertisements were displayed and whether the user clicked on them) and also data from advertising partners (in particular, pseudonymized user IDs).
For more information on the processing of data by Google, please click here:
https://policies.google.com/privacy?gl=DE&hl=de

‍

2. purpose of data processing
The purpose of processing personal data is to address a specific target group. The cookies stored on the end device of the users recognize them when they visit an online presence and can therefore show them interest-based advertising.

‍

5. revocation and removal options
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You can prevent the collection as well as the processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do NotTrack" function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript(https://noscript.net/) or Ghostery(https://www.ghostery.com) in your browser.
You can also prevent the collection of data generated by the cookie and related to your use of the online presence (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=de
With the following link you can deactivate the use of your personal data by Google:
https://adssettings.google.de
For more information on objection and removal options vis-à-vis Google, please visit:
https://policies.google.com/privacy?gl=DE&hl=de

‍

Use of Hotjar

‍
1. Scope of processing personal data
We use the web analytics service Hotjar provided by Hotjar Ltd, Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta (hereinafter: Hotjar). Among other things, Hotjar uses cookies, i.e. small text files that are stored locally in the cache of your web browser on your terminal device and that enable an analysis of your use of our online presence. This allows personal data to be stored and analyzed, in particular the user's activity (especially which pages have been visited and which elements have been clicked on), device and browser information (especially the IP address and the operating system) and a tracking code (pseudonymized user ID). The information collected in this way is transmitted by Hotjar to a server in Ireland and stored there anonymously.
Further information on the processing of data by Hotjar can be found here:
https://www.hotjar.com/legal/policies/privacy

‍

2. purpose of data processing
The use of the Hotjar plug-in serves to better understand the needs of our users and to improve the offer on this online presence optimise.

‍

4. duration of storage
Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law.5. revocation and removal options
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.
You can prevent the collection as well as the processing of your personal data by Hotjar by preventing third-party cookies from being stored on your computer, by using the "Do NotTrack" function of a supporting browser, by disabling the execution of script code in your browser or by using a script blocker such as.e.g. NoScript(https://noscript.net/) or Ghostery(https://www.ghostery.com) in your browser.
You can deactivate the use of your personal data by Hotjar with the following link:
https://www.hotjar.com/legal/compliance/opt-out
You can find further information on objection and removal options vis-à-vis Hotjar at:
https://www.hotjar.com/legal/policies/privacy

‍

Use of HubSpot

‍
1. Scope of processing personal data
We use functions of HubSpot Inc, 2nd Floor, 25 First Street, Cambridge, MA 02141, USA (hereinafter: HubSpot). This is an integrated software solution that we use to cover various aspects of our online marketing. These include: Email marketing (newsletters as well as automated mailings, e.g. for the provision of downloads), social media publishing & reporting, reporting (in particular traffic sources, accesses, etc. ...), contact management (in particular user segmentation & CRM), landing pages and contact forms. HubSpot sets a cookie on your computer. As a result, personal data can be stored and evaluated, especially the activity of the user (in particular, which pages have been visited and which elements have been clicked on), device and browser information (in particular, the IP address and the operating system), data about the advertisements displayed (in particular, which advertisements were displayed and whether the user clicked on them) and also data from advertising partners (in particular, pseudonymized user IDs).
For more information about the processing of data by HubSpot, please click here:
https://legal.hubspot.com/de/privacy-policy

‍

2. purpose of data processing
The use of the HubSpot plug-in serves exclusively to optimize our marketing.

‍

Use of LinkedIn‍

‍
1. Scope of processing personal data
We use functions of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland / hereinafter referred to as: LinkedIn). Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our web pages with your IP address. If you click the "Recommend Button" of LinkedIn and are logged into your account at LinkedIn, it is possible for LinkedIn to assign your visit to our website to you and your user account. As a result, personal data can be stored and evaluated, especially the user's activity (in particular, which pages have been visited and which elements have been clicked on) and device and browser information (in particular, the IP address and operating system).
We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by LinkedIn. Further information on the processing of data by LinkedIn can be found here:
https://www.linkedin.com/legal/privacy-policy

‍

2. purpose of data processing
The use of the LinkedIn third-party service serves the user-friendliness of our online presence.

‍

5. revocation and removal options
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You can prevent the collection as well as the processing of your personal data by LinkedIn by preventing the storage of third-party cookies on your computer, using the "Do NotTrack" function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery(https://www.ghostery.com) in your browser. Furthermore, the transmission can be prevented by logging out of your LinkedIn account before accessing our website.
You can deactivate the use of your personal data by LinkedIn using the following links:
https://www.linkedin.com/psettings/guest-controls
You can find further information on objection and elimination options vis-à-vis LinkedIn at:
https://www.linkedin.com/legal/privacy-policy

‍

Use of YouTube‍

‍

‍1. scope of processing of personal data
We use the plugin from YouTube operated by Google, YouTube LLC, 901Cherry Ave, San Bruno, CA 94066, USA and its representative in the Union Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: Google). We use the plugin from YouTube to embed videos from YouTube on our online presence. When visiting our online presence, your browser establishes a connection with the servers of YouTube. As a result, personal data can be stored and evaluated, especially the user's activity (in particular, which pages have been visited and which elements have been clicked on) as well as device and browser information (in particular, the IP address and operating system).
We have no influence on the content of the plugin. If you are logged into your YouTube account during the visit, YouTube can assign your online presence visit to this account. By interacting with this plug-in, this corresponding information is transmitted directly to YouTube and stored there.
You can obtain further information on the processing of data by Google here:
https://policies.google.com/privacy?gl=DE&hl=de

‍

2. purpose of data processing
The use of the YouTube third-party service serves to improve user-friendliness and an appealing presentation of our online presence.

‍

5. revocation and elimination options
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You can prevent the collection as well as the processing of your personal data by Google by preventing the storage of third-party cookies on your computer, by using the "Do NotTrack" function of a supporting browser, by deactivating the execution of script code in your browser or by installing a script blocker such as NoScript ( ) or Ghostery ( ) in your browser.e.g. NoScript(https://noscript.net/) or Ghostery(https://www.ghostery.com) in your browser.
You can use the following link to deactivate Google's use of your personal data:
https://adssettings.google.de
You can find further information on objection and removal options vis-à-vis Google at:
https://policies.google.com/privacy?gl=DE&hl=de

‍

Use of Google Tag Manager

‍
1. Scope of the processing of personal data
We use the Google Tag Manager(https://www.google.com/intl/de/tagmanager/) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as: Google). Google Tag Manager can be used to manage and bundle tags from Google and third-party services and embed them on an online presence. Tags are small code elements on an online presence that are used, among other things, to measure visitor numbers and behavior, to record the impact of online advertising and social channels, to use remarketing and targeting and to test online presences and to optimise. When a user visits the online presence, the current tag configuration is sent to the user's browser. It contains instructions as to which tags should be triggered. Google Tag Manager triggers other tags, which in turn may collect data. Information on this can be found in the sections on the use of the corresponding services in this privacy policy. Google Tag Manager does not access this data.
Further information on Google Tag Manager can be found at https://www.google.com/intl/de/tagmanager/faq.html and in Google's privacy policy: https://policies.google.com/privacy?hl=de

‍

2. purpose of the data processing
The purpose of the processing of the personal data is the collected and clear management as well as an efficient integration of the services of third party providers.

‍

4. duration of storage
Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law. Advertising data in server logs is anonymized by Google deleting parts of the IP address and cookie information after 9 and 18 months respectively.

‍

5. revocation and removal options
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You can prevent the collection as well as the processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do NotTrack" function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript(https://noscript.net/) or Ghostery(https://www.ghostery.com) in your browser.
You can also prevent the collection of data generated by the cookie and related to your use of the online presence (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=de
With the following link you can deactivate the use of your personal data by Google:
https://adssettings.google.de
For more information on objection and removal options vis-à-vis Google, please visit:
https://policies.google.com/privacy?gl=DE&hl=de

‍

Use of Cookiebot

‍
1. Scope of processing of personal data
We use functionalities of the cookie consent solution Cookiebot of CybotA/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter: Cybot).
Cookiebot provides a software solution that removes the need to obtain consent about cookie use as well as tracking of online users. Cookiebot informs users of our website about the cookies used on our website. You also have the option to disable cookie groups except for functional cookies (which are necessary for the smooth display of our website). We are obliged to document your consent or refusal in accordance with Art. 7 para. 1 DSGVO.
‍

In particular, the following personal data is processed by Cybot as a result:
- The end user's IP number in anonymized form (the last three digitsare set to '0').
- The date and time of consent.
- The end user's browser.
- The URL for which consent was given.
- An anonymous, random and encrypted key.
- The end user's consent status, which serves as proof of consent.
‍

Cookies from Cybot will be stored on your end device.
The Key and consent status will also be stored in the end user's browser in the cookie "CookieConsent" so that the website can automatically read and follow the end user's consent in all subsequent page requests and future end user sessions for up to 12 months. The key is used for proof of consent and for an option to verify that the consent status stored in the end-user's browser is unchanged from the original consent submitted to Cybot.
When the "collective consent" feature is enabled to govern consent for multiple websites through a single end-user consent, Cybot also stores another separate random unique ID with the end-user's consent. If all of the following criteria are met, this key is stored in the cookie "CookieConsentBulkTicket" in the end user's browser in encrypted form.
All data is hosted in an Azure data center operated by cloud provider Microsoft Ireland Operations Ltd, South County Business Park, One Microsoft Court, Carmanhall and Leopardstown, Dublin, D18 P521, Ireland.
For more information about Cybot's processing of data, please click here:
https://www.cookiebot.com/de/privacy-policy/

‍

2. purpose of data processing
The use of Cookiebot serves us to create and display cookie statements for end users and to store and display cookie scan reports in the privacy policy. This enables us to comply with our information obligations towards the users of our website in accordance with Art, 13, 14DSGVO and to obtain and document consent to the use of cookies in accordance with data protection law.

Furthermore, we use Cookiebot to obtain aggregated information about the end users' selection decisions regarding accepted cookie types and a graphical representation thereof in the Service Manager.

‍

Legal basis for the processing of personal data
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f DSGVO. Our legitimate interest here lies in the purposes of data processing stated under 2. The interests and rights of users are taken into account accordingly by anonymizing the IP address.

‍

4. duration of storage
Your personal information will be stored by Cybot for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

The cookies used by Cookiebot will be stored on the users' terminal device for up to 12 months.

‍

5. objection and removal options
You can prevent the collection as well as the processing of your personal data by Cybot by preventing the storage of third-party cookies on your computer, using the "Do NotTrack" function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript ( ) or Ghostery ( ) in your browser.e.g. NoScript(https://noscript.net/) or Ghostery(https://www.ghostery.com) in your browser.

For more information on objection and removal options vis-à-vis Cybot, please visit:
https://www.cookiebot.com/de/privacy-policy/

‍

Use of LinkedIn Insight Tag‍

‍
1. Scope of processing of personal data
We use functionalities of the third-party marketing service LinkedIn Insight Tag of LinkedIn Ireland, Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter: LinkedIn).
The plugin enables us to obtain information about visitors to the website and to run detailed campaign reports.
In particular, the following personal data is processed by LinkedIn as a result:
- URL
- Referrer URL
- IP address shortened or hashed
- Device and browser properties (user agent) and timestamp.

‍
Cookies from LinkedIn are stored on your terminal device in the process. You can find more information about the cookies used here:
https://www.linkedin.com/legal/cookie-policy
LinkedIn does not share any personal data with us, but only provides aggregated reports about the target group and advertisements. LinkedIn also offers a remarketing function that allows us to show you targeted personalized advertising outside of our website without revealing your identity.
You can find more information about how LinkedIn processes data here:
https://www.linkedin.com/legal/privacy-policy?_l=de_DE

‍

2. purpose of data processing
The use of LinkedIn Insight Tag serves us to collect information about visitors to our website.

‍

4. duration of storage
The direct identifiers of the members are removed within seven days in order to pseudonymize the data. This remaining pseudonymized data is then deleted within 180 days.

‍

XIII Change of our privacy policy

We reserve the right to make changes to this privacy policy at any time. The privacy policy is updated regularly and all changes are automatically published on our website.

This privacy policy was created with the support of DataGuard.

‍

This is a translation of the German privacy policy. The German version of the privacy policy shall prevail.

Table of contents

I. Name and address of the responsible person

II. contact details of the data protection officer

III. General information on data processing

1. scope of the processing of personal data

2. legal basis for the processing of personal data

3. data deletion and storage period

IV. Rights of the data subject

1. the right of access (Art. 15 GDPR)

2. right to rectification (Art. 16 GDPR)

3. right to restriction of processing (Art. 18 DSGVO)

4. right to erasure ("right to be forgotten") (Art. 17 GDPR)

5. right to data portability (Art. 20 GDPR)

6. right to object to certain data processing (Art. 21 DSGVO)

7. right to complain to a supervisory authority

V. Provision of the website and creation of the log files

1. description and scope of data processing

2. purpose of data processing

3. legal basis for data processing

4. duration of storage

5. possibility of opposition

VI. use of cookies

1. description and scope of data processing

2. purpose of data processing

3. legal basis for data processing

VII. Newsletter

1. description and scope of data processing

2. purpose of data processing

3. legal basis for data processing

4. duration of storage

5. possibility of revocation

VIII. email contact

1. description and scope of data processing

2. purpose of data processing

3. legal basis for data processing

4. duration of storage

5. possibility of opposition

IX. Contact form

1. description and scope of data processing

2. purpose of data processing

3. legal basis for data processing

4. duration of storage

5. possibility of opposition

X. Use of company presences in job-oriented networks

1. scope of data processing

2. legal basis for data processing

3. purpose of data processing

4. duration of storage

5. possibility of opposition

XI. Hosting

XII. Third party services used

Use of Google AdWords‍

Use of Google Analytics

Use of Google Ads Remarketing

Use of Hotjar

Use of HubSpot

Use of LinkedIn‍

Use of YouTube‍

Use of Google Tag Manager

Use of Cookiebot

Use of LinkedIn Insight Tag‍

XIII Change of our privacy policy

Use of Google AdWords
‍