Privacy policy

Thank you for your interest in our website and our company.

The protection of your personal data when it is collected, processed and used during your visit to our website is important to us. Your data is protected in accordance with the statutory provisions. Below you will find information on what data is collected during your visit to our website and how it is used.

Name and address of the controller

The controller is the body that alone – or jointly with others – decides on the purposes and means of processing personal data. The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

Stolze GmbH
Dennis Götsch, Hubertus Berberich
Schwertfegerstraße 12
23556 Lübeck
Germany
Tel.: 0451 / 890 02-0
E-Mail: info@stolze-gmbh.de
Website: www.stolze-gmbh.de

Name and adress of the data protection officer
Astrid Lex
equeo CompCor GmbH
Kissinger Str. 1-2
14199 Berlin
Germany
E-Mail: Datenschutz@rs-group.de
Website: www.equeo-compcor.de

I. General information on data processing

1. Scope of the processsing of personal data

The controller collects and uses the personal data of its users (hereinafter also referred to as “data subject”, “person concerned” or “visitor”) only insofar as this is necessary to provide a functional website and to display the content and services. The collection and processing of users’ personal data for other purposes only takes place regularly with the user’s consent. An exception applies in cases where it is not possible to obtain prior consent for factual reasons, the processing is based on pre-contractual or contractual measures, the processing of the data is permitted by law and/or the controller has a legitimate interest in the processing.

Your personal data is generally collected directly from you, e.g. when you contact us, consent to services on this website or use forms on this website. In addition, technical data that is absolutely necessary for the operation of the site is automatically collected when you enter the site.

2. legal basis for the processing of personal data

Insofar as the controller obtains the consent of the data subject for the processing of personal data, Art. 6 para. 1 sentence 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data. If special categories of data are processed in accordance with Art. 9 para. 1 GDPR, Art. 9 para. 2 lit. a GDPR serves as the legal basis. For any transfer to a non-secure third country, processing is carried out on the basis of Art. 49 para. 1 sentence 1 lit. a GDPR. If you have consented to the storage of cookies or access to information in your end device, data processing is also carried out on the basis of Section 25 (1) of the German Data Protection Act (TTDSG).

When processing personal data that is necessary for the fulfilment of a contract to which the data subject is a party, Art. 6 para. 1 sentence 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

Insofar as the processing of personal data is necessary to fulfil a legal obligation to which the controller is subject, Art. 6 para. 1 sentence 1 lit. c GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 sentence 1 lit. d GDPR serves as the legal basis.

If the processing is necessary to safeguard a legitimate interest of the controller or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 sentence 1 lit. f GDPR serves as the legal basis for the processing.

3. data deletion and storage duration

If no exact storage period has been specified in this data protection information, the personal data of our website visitors will remain with us until the purpose for data processing no longer applies. The personal data of the data subject will be erased or blocked as soon as the purpose of storage ceases to apply or consent given by the data subject is withdrawn or processing is objected to. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

4. data transfer to a third country or an international organisation

The European General Data Protection Regulation (GDPR) requires that the transfer of personal data that is already being processed or is to be processed after its transfer to a third country or an international organisation is only permitted if a level of data protection comparable to the requirements of the GDPR is guaranteed. If it is therefore ensured that the provisions of the GDPR are complied with – this may include, for example, the existence of an adequacy decision by the EU Commission within the meaning of Art. 45 para. 1, 3 GDPR or the introduction of internal data protection regulations approved by a supervisory authority (so-called “appropriate safeguards”, Art. 46 para. 2, 3 GDPR). If there is no level of data protection comparable to the requirements of the GDPR, there may be risks associated with processing in a third country.

Risks of a transfer to a non-secure third country: Personal data could possibly be passed on by the provider to other third parties beyond the actual purpose of order fulfilment, who could use the data for advertising purposes, for example. In addition, it is probably not possible to effectively enforce any data subject rights against the provider. There may be a higher probability that incorrect data processing may occur, as the provider’s technical and organisational measures for the protection of personal data do not fully meet the requirements of the GDPR in terms of quantity and quality. It is also possible for government agencies to access the personal data provided without the data subject being aware of this. In principle, this also corresponds to the European legal regulations, e.g. for the purpose of security. However, the admissibility threshold for such data processing is higher in the European Union than in the country of the data recipient concerned. In summary, there is no level of data protection comparable to the requirements of the GDPR in non-secure third countries.

Among other things, we use tools on our website from providers whose headquarters or the headquarters of the parent company (or its affiliates) are located in a third country from a data protection perspective. We also transfer data to the USA. The transfer of data to the USA is permitted if the recipient is certified under the “EU-US Data Privacy Framework” (DPF) or has suitable additional guarantees. The DPF is an (individual) agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every DPF-certified company undertakes to comply with these data protection standards. If data is transmitted to a provider that is certified in accordance with the DPF, a separate notice is provided by the respective service provider.

In addition, tools from US providers that are not certified in accordance with the EU-US Data Privacy Framework (DPF) may also be used on our website. The transfer and processing of personal data of data subjects in connection with these tools takes place under the conditions of Art. 49 para. 1 sentence 1 lit. a GDPR – on the basis of consent given by the data subject. If data is transferred on the basis of consent to processors whose processing takes place in a non-secure third country, a separate notice is provided by the respective service provider.

5. necessity of the provision of personal data

The provision of your personal data is not required by law or contract. There is no obligation to provide it. However, failure to provide it may mean that you are unable to use functions, services, forms and other processing on our website. We recommend that you only provide the personal data that is required, for example, to process your enquiry, to carry out your requested offer and to use the functions we offer. If the provision of your personal data is required by law or contract, we will inform you of this by means of a separate reference to the respective processing in this data protection information.

The collection of technical data (and possibly the collection of your IP address as a personal date) for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website and takes place automatically when you enter this website. If you do not wish this to happen, you must leave this page.

II. rights of the data subject

If we process your personal data, you as the data subject have the following rights vis-à-vis us as the controller

1. right to information, Art. 15 GDPR

Within the framework of the applicable legal provisions, you have the right to (free) information about your collected and stored personal data at any time. This also includes information about the purposes of processing, its origin and recipients, the storage period and the existence of various rights.

2. right to rectification, Art. 16 GDPR

You have the right to obtain from the controller rectification (also in the sense of completion) of your data if the processed personal data concerning you is inaccurate or incomplete for the purposes of the processing. The controller must rectify the data without undue delay.

3. right to erasure, Art. 17 GDPR

You can request the erasure of your personal data at any time under the conditions of Art. 17 GDPR, unless there are still circumstances that authorise or oblige the controller to continue processing your personal data (such as statutory retention obligations).

4. right to restriction of processing, Art. 18 GDPR

If the legal requirements are met, you can request that the processing of your personal data be restricted in accordance with Art. 18 GDPR.

5. right to information, Art. 19 GDPR

If your personal data has been processed by recipients to whom the controller has disclosed the data, the controller is obliged to inform them of your request for rectification, erasure or restriction of processing, unless this proves impossible or involves a disproportionate effort. You can request that the controller inform you about these recipients.

6. right to data portability, Art. 20 GDPR

If you have provided us with personal data and automated processing is carried out on the basis of your consent or on the basis of a contract, you have the right to transfer the data provided by you within the scope of Art. 20 GDPR, provided that this does not adversely affect the rights and freedoms of other persons. The data will be provided in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done to the extent that it is technically feasible.

7. right to object, Art. 21 GDPR

You have the right to object to the processing of your data at any time, provided that the processing is carried out on the basis of a balancing of interests. This is the case if the controller relies on the public interest or its legitimate interest for processing (see Art. 6 para. 1 sentence 1 lit. e and f). The prerequisite is that you assert reasons arising from your particular situation which outweigh the interests of the controller. The controller will no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

Art. 21 para. 2 GDPR contains a special, deviating regulation if the personal data concerning you is used for direct marketing. In this case, you have the right to object to the processing of your personal data at any time without further requirements. The personal data concerning you will no longer be processed for the purpose of direct marketing. If profiling is associated with direct advertising, you can also object to this.

In connection with the use of information society services, you have the option of exercising your right to object by automated means using technical specifications.

8. automated decision-making in individual cases, Art. 22 GDPR

Pursuant to Art. 22 GDPR, you have the right that decisions which produce legal effects concerning you or similarly affect you are not based solely on automated processing, including profiling. Exceptions may exist if appropriate measures for the protection of your person are guaranteed and there are necessary contractual regulations or a legal provision or you have expressly consented.

9. Right to withdraw your consent, Art. 7 para. 3 GDPR

You have the right to withdraw your declaration of consent under data protection law at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation. You can send your revocation to the controller by email or post.

10. right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority for data protection, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority responsible for us is the Hessian Commissioner for Data Protection and Freedom of Information. If you are in another federal state or not in Germany, you can also contact the data protection authority there.

III. SSL/TLS encryption

This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as the enquiries you send to us as the site operator. An encrypted connection can be recognised by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in the browser line. If SSL/TLS encryption is activated, the data you transmit to us cannot be read by third parties.

IV. External Hosting

1. Description and scope of data processing

This website is hosted by an external service provider (so-called hoster). The personal data collected on this website is stored on the host’s servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contract data, contact details, names, page views and other data generated via a website.

2. Legal basis for data processing

The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f GDPR for the provision of the website.

3. Purpose of data processing

The hoster is used for the purpose of secure, fast and efficient provision of our online offer as well as the reliable presentation and provision of our website by a professional provider. Our legitimate interest lies in these purposes.

4. Duration of storage, possibility of objection and removal

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

5. Conclusion of a contract for data processing

In connection with the data processing described above, the data will be passed on and processed by our external hoster: [Raidboxes GmbH, Hafenstraße 32, 48153 Münster]. We have concluded a contract with our hoster for order processing. This is a contract prescribed by data protection law, which ensures that Raidboxes processes the personal data of our site visitors only in accordance with our instructions and in compliance with the data protection regulations (GDPR, BDSG, etc. ).

V. Provision of the website and creation of log files

1. Description and scope of data processing

Every time our website is accessed, our system automatically collects data and information from the system of the accessing device.

The following data is collected:

Information about the type of browser and the version used
The user’s operating system
The user’s internet service provider
The user’s IP address in anonymized form
Date and time of access
Websites from which the user’s system reaches our website
Websites that are accessed by the user’s system via our website

The data is also stored in the log files of our system. The log files do not contain IP addresses or other data that can be assigned to a user. This data is not stored together with other personal data of the user.

2. Legal basis for data processing

The legal basis for the temporary storage of data and log files is Art. 6 para. 1 p. 1 lit. f GDPR.

3. Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the IP address of the user must be stored for the duration of the session.

These purposes also constitute our legitimate interest in data processing pursuant to Art. 6 para. 1 p. 1 lit. f GDPR.

4. Duration of storage, possibility of objection and removal

The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. There is therefore no possibility of objection on the part of the user.

VI. Use of cookies

1. Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s system. If a user calls up our website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that allows a clear identification of the browser when the website is accessed again.

When accessing our website, users are informed about the use of cookies by a consent management from the provider Borlab and referred to this privacy policy. Further information on the Consent Management used can be found under point VII of this data protection information.

We also use cookies on our website that enable an analysis of the surfing behaviour of users.

In this way, the following data can be transmitted:

Entered search terms
Frequency of website visits
Use of website functions

When accessing our website, the user is informed about the use of cookies for analysis purposes and his consent to the processing of the personal data used in this context is obtained. In this context, reference is also made to this data protection information.

Transfer to a third country: The data collected through the aforementioned cookies for analysis purposes may be transmitted to a service provider based in a third country. For more information, please refer to this privacy policy with the respective service provider. The provider is certified according to the “EU-US Data Privacy Framework” (DPF). Further information on the DPF can be found in this data protection information under “I. General information on data processing – 4. Data transfer to a third country or an international organisation”.

In general, you can prevent or block the storage of cookies on your device in the settings of your browser. To do this, you must call up the respective settings of your browser. In addition, you can delete your stored cookie data in your browser settings.

2. Legal basis for data processing

The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 p. 1 lit. f GDPR; Cookies are stored on your device on the basis of § 25 para. 2 No. 2 TTDSG.

The legal basis for the processing of personal data using cookies for [analysis purposes] is the presence of your consent pursuant to Art. Art. 6 para. 1 p. 1 lit. a GDPR; for a transfer to a non-secure third country additionally on the basis of Art. 49 para. 1 lit. a GDPR. The cookie is stored on your device on the basis of § 25 para. 1 S. 1 TTDSG.

3. Purpose of data processing

The purpose of using technically necessary cookies is to simplify the use of the website for you. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a change of website. In addition, cookies are required to manage your consents and refusals.

We need cookies for the following applications:

Maintaining the session
Storage of the shopping cart
Transfer of language settings / font size settings
Remembering search terms
Consent Management

These purposes also constitute our legitimate interest in the processing of personal data pursuant to Art. 6 para. 1 p. 1 lit. f GDPR. The user data collected by technically necessary cookies is not used to create user profiles.

The analysis cookies are used for the purpose of improving the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus continuously optimize our offer.

4. Duration of storage, possibility of objection, revocation and removal

Cookies are stored on the user’s computer and transmitted by the user to our website. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Already stored cookies can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.

The cookies we use are stored in detail for the following duration:

Borlabs Cookie – Storage period: 12 months

Google Analytics (_ga,_gat,_gid) – Storage period: 24 months

Polylang (pll_language) – storage period: 12 months

As a user, you have the right to revoke your declaration of consent under data protection law for cookies that are not technically necessary at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent before its withdrawal. You can revoke your consent at any time by clicking on the blue button “Edit cookie settings” (at the bottom left of this page).

VII. Cookie Consent Consent with Borlabs

1. Description and scope of data processing

This website uses the cookie consent technology of Borlabs Cookie to obtain consent to the storage of certain cookies on the end device of data subjects or to the use of certain technologies and to document these in compliance with data protection regulations. The provider of this technology is Borlabs GmbH.

When you enter our website, no personal data is transmitted.

Furthermore, Borlabs stores a cookie in your browser in order to be able to assign you your consents or their revocation. It contains the following information:

Cookie Duration
Cookie Version
Domain and path of the website
Consent
UID (The UID is a randomly generated ID and not personally identifiable information)

2. Legal basis for data processing

Borlabs are used to obtain legally required consents for the use of certain technologies. The legal basis for this is Art. 6 para. 1 p. 1 lit. c GDPR; the cookie is stored on your device on the basis of § 25 para. 2 No. 2 TTDSG.

3. Purpose of data processing

The processing of personal data serves to comply with the legal requirements of the GDPR and the TTDSG for obtaining and documenting consents.

4. Duration of storage, possibility of objection, revocation and removal

The data collected by Borlabs is stored until you request us to delete it, delete the Borlabs cookie yourself or the purpose for the data storage ceases to exist. Mandatory statutory retention obligations remain unaffected.

As a user, you have the right to revoke your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent before its withdrawal. You can revoke your consent at any time by clicking on the blue button “Edit cookie settings” (at the bottom left of this page).

VIII. Contact by e-mail and/or phone

1. Description and scope of data processing

E-mail addresses and telephone numbers are provided on our website and our signatures, which can be used to contact us electronically and/or by telephone. In this case, the personal data of the data subject transmitted with the e-mail will be stored. If you contact us by telephone, personal data may also be stored in order to process your request.

In this context, the data will not be passed on to third parties. The data will only be used to contact you and to conduct the conversation.

2. Legal basis for data processing

The legal basis for the processing of data transmitted in the course of sending an e-mail or in the course of a telephone call is Art. 6 para. 1 sentence 1 lit. f GDPR. If the contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 p. 1 lit. b GDPR.

3. Purpose of data processing

The processing of personal data serves us solely for the purpose of processing the contact. This is also the basis of the necessary legitimate interest in the processing of the data.

4. Duration of storage, possibility of objection and removal

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of personal data sent by e-mail or transmitted by telephone, this is the case when the respective conversation with the data subject has ended. The conversation is terminated when it can be inferred from the circumstances that the matter in question has been conclusively clarified. If a contract is concluded as a result of the contact, the corresponding (legal) retention obligations and regulations apply.

If a data subject contacts us by e-mail or telephone, he or she can object to the storage of his or her personal data at any time. In such a case, the conversation cannot continue. In this case, all personal data stored in the course of contacting us will be deleted.

IX. Contact

1. Description and scope of data processing

There is a contact form on our website, which you can use to contact us electronically. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored. These data are:

Surname, first name
E-mail address
subject
Other personal data that you submit to us via the message field in the contact form.
Captcha

At the time of sending the message, the following data is also stored:

Date and time of registration

For the processing of the data, reference is made to this data protection information in the context of the sending process.

The legal basis for the processing of the data transmitted via the contact form is Art. 6 para. 1 p. 1 lit. f GDPR. If the contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 sentence 1 lit. b GDPR.

The legal basis for the processing of all other personal data processed during the sending process and transmitted via the contact form is Art. 6 para. 1 p. 1 lit. f GDPR.

2. Purpose of data processing

The processing of the personal data from the input mask serves us solely to process the contact. The other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems. Our legitimate interest lies in these purposes.

3. Duration of storage, possibility of objection, revocation and removal

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

If a user contacts us via the form, he or she can object to the storage of his personal data at any time. In such a case, the conversation cannot continue. In this case, all personal data stored in the course of contacting us will be deleted.

X. Online application

1. Description and scope of data processing

The controller collects and processes the personal data of applicants for the purpose of handling the application process. The processing may also be carried out electronically. This is particularly the case if an applicant submits relevant application documents to the controller by electronic means [e. g. by e-mail or via a web form on the website].

In the course of your online application, we will collect and process the following personal application data from you:

Your master data (such as title, first name, last name, name additions, date of birth)
Work Permit / Residence Permit, Nationality
contact details (e. g. home address, (mobile) telephone number, e-mail address),
Skill data (e. g. special knowledge and skills)
if relevant to the advertised position: health suitability
Application documents (cover letter, curriculum vitae, application photo, job certificates, references, certificates, proofs, etc. )
Other data that you provide to us as part of the application process.

As a matter of principle, your personal data will be collected directly from you as part of the recruitment process, in particular from the application documents, the interview and the personnel questionnaire. Furthermore, we may process personal data from publicly accessible sources (e. g. websites, professional networks) which we use lawfully and only for the respective purpose.

If you wish to be included in our applicant pool in the event of a cancellation, we require a declaration of consent from you. You can explain these electronically within the application process.

Your personal data will only be passed on by us for the purpose of processing your application within the group of companies. The transfer is made to the Group companies.

Your personal application data will not be passed on to third parties without your prior express consent.

2. Legal basis for data processing

The legal basis for the processing of applicant data is Art. 6 para. 1 sentence 1 lit. b DSGVO in conjunction with § 26 para. 1 BDSG for the establishment of an employment relationship.

The storage in our applicant pool takes place on the basis of Art. 6 para. 1 sentence 1 lit. a GDPR (your consent).

The legal basis for the processing of all other personal data processed during the sending process and transmitted via your online application is Art. 6 para. 1 p. 1 lit. f GDPR.

3. Purpose of data processing

The collection and processing of your personal application data takes place exclusively for the purpose of filling positions within our company. The primary purpose of data processing is therefore to establish an employment relationship with the controller.

In principle, your data will only be forwarded to the internal departments and specialist departments of our company responsible for the specific application procedure.

The other personal data processed during the sending process serves to prevent misuse of the application form and to ensure the security of our information technology systems. Our legitimate interest lies in these purposes.

4. Duration of storage, possibility of objection, revocation and removal

If you are hired, we will transfer your application documents to your personnel file. After termination of the employment relationship, the personal data that we are legally obliged to retain will continue to be stored. This is regularly the result of legal documentation and storage obligations, which are regulated, inter alia, by the Commercial Code and the Tax Code. The storage periods are then up to ten years. In addition, personal data may be retained for the period during which claims can be asserted against us (statutory limitation period of three or up to thirty years).

In the event of a rejection, your application documents will be deleted no later than six months after the completion of the application process, unless you have given us your consent for longer storage (applicant pool).

You have the right to revoke your data protection declaration of consent for inclusion in our applicant pool at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent before its withdrawal. You may revoke your consent at any time using the contact details provided in the imprint.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

XI. Friendly Captcha

1. Description and scope of data processing

This website uses Friendly Captcha to protect against mass requests of contact forms. The provider is Friendly Captcha GmbH, Am Anger 3-5, 82237 Woerthsee. The tool serves to prevent automated and abusive requests by so-called “bots”. As part of this process, Friendly Captcha collects your IP address in order to send a cryptographic task to your end device. This task is solved in the background and as soon as it is solved, Friendly Captcha confirms to the server that it is a natural person. For more information on the features of Friendly Captcha, please visit: https://friendlycaptcha. com/de/privacy

2. Legal basis for data processing

The data is processed on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR. The site operator has a legitimate interest in preventing abusive access or spam attacks by bots.

3. Purpose of data processing

The tool serves to prevent automated and abusive requests by so-called “bots”. As part of this process, Friendly Captcha collects your IP address in order to send a cryptographic task to your end device. This task is solved in the background and as soon as it is solved, Friendly Captcha confirms to the server that it is a natural person.

Friendly Captcha processes and stores the following data in the aforementioned process:

Anonymized IP address of the requesting computer
Information about the browser used, as well as the operating system
Anonymized counter per IP address to control cryptographic tasks
Website from which the access took place (so-called referer URL)

4. Duration of storage, possibility of objection, revocation and removal

If personal data is processed when using Friendly Captcha, it will be deleted after 30 days.

5. Conclusion of a contract for data processing

In connection with the data processing described above, the data is passed on and processed by our service provider Friendly Captcha. We have concluded a contract with him for order processing. This is a contract prescribed by data protection law, which ensures that Friendly Captcha only processes the personal data of our site visitors in accordance with our instructions and in compliance with the data protection regulations (GDPR, BDSG, etc. ) processed.

XII. Google Analytics

1. Description and scope of data processing

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is a subsidiary of Google LLC based in the United States.

Google Analytics enables the site operator to analyze the behavior of site visitors. In doing so, the site operator receives various usage data, such as website views, length of stay, operating systems used and origin of the user. Among other things, the following personal data can be collected and evaluated: user activities, device and browser information (in particular user information). IP address), data about the displayed advertisements (click-through rates) and data from advertising partners. This data may be summarized by Google in a profile that is assigned to the respective user or their device.

Google Analytics uses cookies and other browser technologies that enable the recognition of the user for the purpose of analyzing user behavior. This information is used, among other things, to compile reports on website activity. The information collected by Google about the use of this website is generally transmitted to a Google server in the USA and stored there. Google also transfers your data to Google affiliates and other partners.

IP address anonymization (Google Analytics 4)

We use Google Analytics 4 on this site. Your IP address is automatically anonymized. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the activities and to provide the website operator with other services related to the use of the website and the use of the internet. The IP address transmitted by your browser as part of Google Analytics is not merged with other data held by Google.

The provider is certified in accordance with the “EU-US Data Privacy Framework” (DPF). Further information on the DPF can be found in this data protection information under “I. General information on data processing – 4. Data transfer to a third country or an international organisation”. Further information on the supplier’s DPF can be found at the following link:https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active

2. Legal basis fpr data processing

The use of this analysis tool is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. The storage of information in your terminal equipment is based on § 25 para. 1 p. 1 TTDSG.

3. Purpose of data processing

The use of Google Analytics on our website serves to analyse the user behaviour of our website visitors in order to optimise and display both our website and our advertising.

4. Duration of storage, possibility of objection and removal

The data collected will be stored until you delete the cookies set by Google Analytics yourself or the purpose for which the data was stored no longer applies. As a user, you have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation. You can revoke your consent at any time at the end of the privacy policy “Edit cookie settings”.

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. User and event-level data stored by Google that is linked to cookies, user identifiers (e. g. user ID) or advertising IDs (e. g. DoubleClick cookies, Android advertising ID) will be anonymized or deleted after 14 months. Details can be found at the following link: https://support. google. com/analytics/answer/7667196?hl=de

For site visitors who do not want their data to be used in Google Analytics, Google has developed a browser add-on to opt out of Google Analytics. You can download and install the available browser plugin at the following link: https://tools. google. com/dlpage/gaoptout?hl=de

You can find more information on how Google Analytics handles user data in Google’s privacy policy: https://support. google. com/analytics/answer/6004245?hl=de

Further information on data protection can also be found in the privacy policy for Google Analytics: https://policies. google. com/privacy.

5. conclusion of a contract for order processing

We have concluded an order processing contract with GOOGLE. This is a contract required by data protection law, which ensures that Google processes the personal data of our website visitors only in accordance with our instructions and in compliance with data protection regulations (GDPR, BDSG, etc.).

XIII Polylang

1. description and scope of data processing

Polylang uses a cookie to remember the language chosen by the user when they visit the website again. This cookie is also used to retain the language information if it is not available by other means.

2. legal basis for data processing

The data is processed on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR. The website operator has a legitimate interest in making the language settings available to the user.

3. purpose of data processing

The use of Polylang is in the interest of an appealing and clear presentation of our online offers, products and services.

4. duration of storage, objection and removal options

The cookie has a duration of 12 months. You have the option of deleting this cookie at any time.