Privacy Policy

Privacy policy

1 Introduction

This website is operated by: Maschinenkanzlei Dipl.-Ing. Flammer.

It is very important to us to handle our website visitors’ data with confidence and to protect it in the best possible way. For this reason, we make every effort to meet the requirements of the GDPR.

Below we will explain to you how we process your data on our website. To do this, we use language that is as clear and transparent as possible so that you really understand what happens to your data.

2. General information

2.1 Processing of personal data and other terms

Data protection applies when processing personal data. Personal data means all data with which you can be personally identified. This is, for example, the IP address of the device (PC, laptop, smartphone, etc.) you are currently sitting in front of. Such data is processed when ‘something happens to it’. Here, for example, the IP is transmitted from the browser to our provider and automatically saved there. This is then a processing (according to Art. 4 No. 2 GDPR) of personal data (according to Art. 4 No. 1 GDPR).

These and other legal definitions can be found in Art. 4 GDPR.

2.2 Applicable regulations/laws – GDPR, BDSG and TDDDG

The scope of data protection is regulated by law. In this case, these are the GDPR (General Data Protection Regulation) as a European regulation and the BDSG (Federal Data Protection Act) as a national law.

In addition, the TDDDG supplements the provisions of the GDPR as far as the use of cookies is concerned.

2.3 The person responsible

The controller within the meaning of the GDPR is responsible for data processing on this website. This is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data.

You can reach the person responsible at:

Maschinenkanzlei Dipl.-Ing. Flammer, Bahnhofstr. 8, 30159 Hannover, Hannover@Maschinenkanzlei.de

2.4 This is how data is generally processed on this website

As we have already established, there is data (e.g. IP address) that is collected automatically. This data is mainly required for the technical provision of the homepage. If we use personal data or collect other data, we will inform you about this or ask for your consent.

You knowingly share other personal data with us.

You will find detailed information about this below.

2.5 Your rights

The GDPR provides you with comprehensive rights. These include, for example, free information about the origin, recipient and purpose of your stored personal data. You can also request the correction, blocking or deletion of this data or complain to the responsible data protection supervisory authority. You can revoke your consent at any time.

You can find out what these rights look like in detail and how they should be exercised in the last section of this data protection declaration.

2.6 Data protection – Our view

For us, data protection is more than just a chore! Personal data has great value and careful handling of this data should be a matter of course in our digitalized world. In addition, as a website visitor, you should be able to decide for yourself what, when and by whom “happens” to your data. That’s why we undertake to comply with all legal regulations, only collect the data we need and, of course, treat it confidentially.

2.7 Disclosure and deletion

The sharing and deletion of data are also important and sensitive issues. That is why we would like to briefly inform you in advance about our general approach to this.

The data will only be passed on if there is a legal basis and only if this is unavoidable. This can be the case in particular if it is a so-called processor and an order processing contract has been concluded in accordance with Art. 28 GDPR.

We will delete your data if the purpose and legal basis for processing no longer apply and there are no other legal obligations to prevent deletion. Art. 17 GDPR also provides a ‘good’ overview of this.

For further information, please refer to this privacy policy and contact the person responsible if you have any specific questions.

2.8 Hosting

This website is hosted externally. The personal data collected on this website is stored on the host’s servers. This includes the automatically collected and stored log files (see below for more details), as well as all other data provided by website visitors.

The external hosting is carried out for the purpose of providing our website securely, quickly and reliably and in this context serves to fulfill the contract with our potential and existing customers.

The legal basis for the processing is Article 6 Paragraph. 1 lit. a, b and f GDPR, as well as Section 25 Para. 1 TDDDG, insofar as consent includes the storage of cookies or access to information in the terminal device of the website visitor or user within the meaning of the TDDDG.

Our hoster only processes data that is necessary to fulfill its service obligation and acts as our processor, which means that it is subject to our instructions. We have concluded a corresponding contract for order processing with our host.

We use the following hoster:

IONOS

IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany.

info@ionos.de

https://www.ionos.de/terms-gtc/datenschutzerklaerung/ .

2.9 Legal basis

The processing of personal data always requires a legal basis. The GDPR provides in Art. 6 Para. 1 sentence 1 provides the following options:

(a) the data subject has given consent to the processing of personal data concerning him or her for one or more specific purposes;

b) the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps prior to entering into a contract at the data subject’s request;

c) the processing is necessary for compliance with a legal obligation to which the controller is subject;

(d) processing is necessary to protect the vital interests of the data subject or of another natural person;

e) the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

(f) processing is necessary to protect the legitimate interests of the controller or of a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

In the following sections we will tell you the specific legal basis for each processing.

3. This happens on our website

When you visit our website, we process your personal data.

In order to protect this data as best as possible against unauthorized access by third parties, we use SSL or TLS encryption. You can recognize this encrypted connection because there is an https:// or a lock symbol in the address bar of your browser.

Below you will find out which data is collected when you visit our website, for what purpose this happens and on what legal basis.

3.1 Data collection when you access the website

When you access the website, information is automatically stored in so-called server log files. This information is as follows:

Browser type and version

operating system used

Referrer URL

Hostname of the accessing computer

Time of server request

IP address

This data is required temporarily in order to be able to display our website to you permanently and without problems. In particular, this data serves the following purposes:

Website system security

System stability of the website

Troubleshooting the website

Establishing a connection to the website

Presentation of the website

Data processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR and is based on our legitimate interest in processing this data, in particular our interest in the functionality of the website and its security.

If possible, this data is stored pseudonymously and deleted after the respective purpose has been achieved.

If the server log files enable the identification of the data subject, the data will be stored for a maximum period of 14 days. An exception exists if a safety-relevant event occurs. In this case, the server log files will be stored until the security-relevant event has been eliminated and finally clarified.

Otherwise, there will be no merging with other data.

3.2 Cookies

3.2.1 General

This website uses so-called cookies. This is a data set, a piece of information that is stored in the browser of your device and is related to our website.

By setting cookies, the navigation of the website can be made easier for the visitor.

In our Cookie Consent Tool you will find all information about the cookies we use on our website (possibly with your consent).

3.2.2 Reject cookies

You can manage all cookies that are not technically necessary directly using our cookie consent tool.

The setting of cookies can be prevented by adjusting your browser settings.

Here you will find the corresponding links to frequently used browsers:

Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen?redirectslug=Cookies+l %C3% B6schen&redirectlocale=de

Google Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=en

Microsoft Edge: https://support.microsoft.com/de-de/windows/l %C3% B6schen-und-verwalten-von-cookies-168dab11-0753-043d-7c16-ede5947fc64d

Safari: https://support.apple.com/de-de/guide/mdm/mdmf7d5714d4/web and https://support.apple.com/de-de/guide/safari/sfri11471/mac

If you use another browser, we recommend entering the name of your browser and ‘Delete and manage cookies’ into a search engine and following the official link to your browser.

Alternatively, you can change your cookie settings at www.aboutads.info/choices/
or www.youronlinechoices.com .

However, we must point out that comprehensive blocking/deleting of cookies can lead to impairments in the use of the website.

3.2.3 Technically necessary cookies

We use technically necessary cookies on this website so that our website functions error-free and in accordance with applicable laws. They help to make the website user-friendly. Some functions of our website cannot be displayed without the use of cookies.

The legal basis for this, depending on the individual case, is Article 6 paragraph. 1 lit. b, c and/or f
GDPR.

3.2.4 Cookies that are not technically necessary

We also use cookies on our website that are not technically necessary. These cookies are used, among other things, to analyze the surfing behavior of the website visitor or to offer functions of the website that are, however, not technically necessary.

The legal basis for this is your consent in accordance with Art. 6 Paragraph. 1 lit. a GDPR.

Cookies that are not technically necessary are only set with your consent, which you can revoke at any time in the cookie consent tool.

3.3 Data processing through user input

3.3.1 Own data collection

We offer the following services on our website: expert services, consultations.

For this purpose, we collect the following data:

Name

, email address,

telephone number,

name, first name, company, email

The legal basis for this data processing is Article 6 Paragraph. 1 lit. b GDPR.

The data will be deleted as soon as the respective purpose no longer applies and this is possible in accordance with the legal requirements.

3.3.2 Contacting us

a) Email

If you contact us by email, we will process your email address and, if necessary. other data contained in the email. These are stored on the mail server and partly on the respective end devices. Depending on the issue, the legal basis for this is usually Article 6 Paragraph. 1 lit. f GDPR or Art. 6 Para. 1 lit. b GDPR. The data will be deleted as soon as the respective purpose no longer applies and it is possible in accordance with the legal requirements.

b) Telephone

If you contact us by telephone, the call data may be stored pseudonymously on the respective end device and by the telecommunications provider used. Personal data collected during the telephone call will only be processed to process your request. Depending on the issue, the legal basis for this is usually Article 6 Paragraph. 1 lit. f GDPR or Art. 6 Para. 1 lit. b GDPR. The data will be deleted as soon as the respective purpose no longer applies and it is possible in accordance with the legal requirements.

c) Contact form

We offer a contact form. This is used to contact our company.

In this form we usually process your first and last name, your telephone number, your email address, a postal address and the content of the message. The data is stored on our web server and forwarded internally to the relevant email addresses.

The legal basis for data processing is Art. 6 Para. 1 lit. f GDPR, as we have a legitimate interest in answering your request and in an uncomplicated way to contact you. If the aim of the contact is to conclude a contract, the additional legal basis for the processing is Art. 6 Para. 1 lit. b GDPR.

We delete this data no later than 3 months after receipt, unless it is needed for a contractual relationship that has arisen.

We bind the contact form from

WPForms

WPForms LLC, WPForms 7732 Maywood Crest Dr, West Palm Beach, FL 33412, USA

https://wpforms.com/privacy-policy/ .

on our website.

d) Telegram

To communicate with customers or third parties, we use Telegram as an instant messaging service. This service is offered by Telegram Messenger Inc., 71-75 Shelton Street Covent Garden London United Kingdom.

Telegram only encrypts between the device and the server. There is no end-to-end encryption (with the exception of so-called secret chats). Data stored in the Telegram Cloud can be viewed by Telegram and third parties at any time.

Telegram also collects user data to prevent misuse of the service. This user data includes in particular the IP address, device information, metadata (to create movement profiles), phone book/synchronized contacts and joining groups/channels. The information is stored on Telegram’s servers for 12 months.

The legal basis for this is Article 6 Paragraph. 1 lit. f GDPR. The legitimate interest here lies in communication with customers and third parties as quickly and effectively as possible.

If consent has been requested, the legal basis is Art. 6 Para. 1 lit. a GDPR. This consent can be revoked at any time.

Additional Information:

https://telegram.org/privacy/de .

e) WhatsApp

To communicate with customers or third parties, we use WhatsApp as an instant messaging service. This service is offered by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

To prevent WhatsApp or third parties from gaining access to communication content, communication takes place via end-to-end encryption. However, this creates metadata to which WhatsApp has access and which WhatsApp shares with its parent company Meta in the USA.

Further information can be found here:

https://www.whatsapp.com/legal/#privacy-policy .

This data will be stored until the person concerned requests deletion, revokes consent to storage or the purpose for storage no longer applies. Mandatory legal provisions regarding retention periods remain unaffected.

When data is transferred to the USA, the EU Commission’s standard contractual clauses (SCC) apply.

Details:

https://www.whatsapp.com/legal/business-data-transfer-addendum .

The legal basis for this is Article 6 Paragraph. 1 lit. f GDPR. The legitimate interest here lies in communication with customers and third parties as quickly and effectively as possible.

If consent has been requested, the legal basis is Art. 6 Para. 1 lit. a GDPR. This consent can be revoked at any time.

f) Appointment scheduling tool

SimplyMeet.me

In order to be able to arrange appointments with us, we integrate the functions of SimplyMeet.me on our website. This service is offered by SIMPLYBOOK.ME Ltd., 30 Gladstonos Street, P. Makedonas Court, Mezzanine Floor, 3041, Limassol, Cyprus.

To book an appointment, personal data and the desired date are requested and entered in the form provided. The data entered is used for planning, carrying out and, if necessary, for follow-up to the appointment. The appointment data is stored for us on the SimplyMeet.me servers in Europe.

SimplyMeet.me uses cookies to improve the products and services offered and to ensure technical implementation. Advertising and analysis cookies are also used.

These cookies are only set with consent. This consent can be revoked and managed at any time in our cookie consent tool. The legal basis for this is Art. 6 Para. 1 lit. a GDPR and Section 25 Para. 1 TDDDG, insofar as this consent includes access to information in the user’s terminal device or the storage of cookies within the meaning of the TDDDG.

Furthermore, the legal basis for the use of SimplyMeet.me is Art. 6 para. 1 lit. f GDPR, as we have a legitimate interest in communicating directly with customers, potential customers and other interested parties and in processing enquiries immediately and as quickly as possible.

The data will be stored until the data subject requests deletion, revokes consent to storage or the purpose for storage no longer applies. Mandatory statutory provisions regarding retention periods remain unaffected.

Further information can be found here:
https://simplymeet.me/de/policy .

3.4 Cookie Consent Tool

3.4.1 Borlabs Cookie

To ensure that only cookies for which there is a legal basis are set on our website, we use the consent management tool Borlabs Cookie from Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany.

This service is used to obtain the website visitor’s consent to store certain cookies in their browser or to use certain technologies and to document this in accordance with data protection regulations.

When this website is accessed, the consent given by the website visitor or the revocation of consent is stored as a Borlabs cookie in the website visitor’s browser without passing this data on to the provider of the Borlabs cookie.

The collected data will be stored until the website visitor asks us to delete them or deletes Borlabs cookies themselves or the purpose for storing the data no longer applies. The mandatory statutory retention periods remain unaffected by this.

The legal basis is Article 6 Paragraph. 1 lit. c GDPR. Borlabs Cookies is used to obtain the legally required consent for the use of cookies.

More details:

https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/ .

3.5 Newsletter

3.5.1 Rapidmail

We use Rapidmail to provide our newsletter. This service is offered by rapidmail GmbH, Augustinerplatz 2, 79098 Freiburg i.Br., Germany.

This service can be used to organize and analyze the sending of newsletters. The data entered to receive the newsletter is stored on Rapidmail’s servers.

With the help of Rapidmail, interactions with the newsletter can be analyzed and the users of the newsletter can be categorized in order to adapt the newsletter to the different target groups.

You can object to this analysis via the link in every newsletter message.

The legal basis for the processing is Article 6 Paragraph. 1 lit. a GDPR and Section 25 Para. 1 TDDDG. Consent can be revoked at any time by unsubscribing from the newsletter. The legality of the processing that has already taken place remains unaffected by any revocation.

The data will be deleted at the end of the contract between us and Rapidmail, unless the website visitor revokes their consent beforehand. If this is the case, the data will be deleted from the distribution list.

In addition, after unsubscribing from the newsletter, the email address will be stored on a blacklist separately from other data for an indefinite period of time. The legal basis for this is Article 6 Paragraph. 1 lit.f GDPR. It serves the interest of the website visitor as well as our interest to use/operate a newsletter in accordance with the legal requirements.

Further details:

https://de.rapidmail.wiki/kategorien/statistiken/

https://www.rapidmail.de/datensicherheit .

3.5.2 email

www.maschinenkanzlei.de

3.6 Analysis and tracking tools

3.6.1 Google Analytics

We use Google Analytics on this website. Google Analytics is a web analytics service. This service is offered by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics uses cookies to recognize the user and thus analyze usage behavior. These cookies are only set with consent. Consent can be revoked at any time and managed in our cookie consent tool.

The legal basis for the processing is Article 6 Paragraph. 1 lit. a GDPR and Section 25 Para. 1 TDDDG.

The information collected here is usually transferred to a Google server in the USA and stored there.

On July 10, 2023, the European Commission adopted an adequacy decision for the USA. Goggle LLC is certified according to the EU-US Privacy Framework. However, since Google servers are located worldwide and data transfer to third countries (e.g. Singapore) cannot be ruled out, the EU Commission’s standard contractual clauses (SCC) apply.

By using Google Analytics, IP anonymization takes effect. The IP address of the respective user is shortened on servers within the EU member states (or the European Economic Area) in such a way that it is no longer possible to trace it back to a natural person. In addition, Google commits itself to an appropriate level of data protection through the Google Ads data processing terms and conditions and evaluates website usage and website activity and provides services associated with usage. The Google Ads Data Processing Terms apply to companies subject to the EU General Data Protection Regulation (GDPR), the European Economic Area (EEA), the California Consumer Privacy Act (CCPA), or similar regulations.

An additional browser plug-in can prevent the collected information (such as the IP address) from being sent to and used by Google. The plugin and further information can be found at https://tools.google.com/dlpage/gaoptout?hl=de .

Otherwise, the storage period depends on the type of data processed. Each customer can choose how long Google Analytics stores data before it is automatically deleted. The maximum lifespan of a Google Analytics cookie is two years.

Further information on how Google uses data can also be found at https://support.google.com/analytics/answer/6004245?hl=de . For any further questions, please contact support-deutschland@google.com
turn around.

3.6.2 Google Maps

We use Google Maps on this website. Google Maps is a web mapping service. This service is offered by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

When using Google Maps, the IP address is saved. This data is usually transferred to a Google server in the USA and stored there. We have no influence on this. Google can use Google Fonts to ensure uniform presentation. These fonts are loaded into the browser cache of the website visitor.

Google Maps uses cookies. These cookies are only set with appropriate consent. Consent can be revoked at any time.

The legal basis is Article 6 Paragraph. 1 lit. a GDPR and Section 25 Para. 1 TDDDG, insofar as this consent includes access to information in the user’s terminal device or the storage of cookies within the meaning of the TDDDG.

When data is transferred to the USA, the standard contractual clauses (SCC) of the EU Commission apply.

Further details:

https://privacy.google.com/businesses/gdprcontrollerterms/ and

https://privacy.google.com/businesses/gdprcontrollerterms/sccs/

https://policies.google.com/privacy?hl=de .

3.6.3 YouTube

We embed YouTube videos on this website. YouTube is an online video platform. This service is offered by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

As soon as you start a video on our website, a connection to the YouTube servers is established. After starting a video, YouTube can set cookies on the website visitor’s device in order to save settings and preferences and subsequently display personalized advertising. The information obtained from this is also used for video statistics, improving user-friendliness and preventing attempted fraud.

The legal basis for the processing is Article 6 Paragraph. 1 lit. a GDPR and Section 25 Para. 1 TDDDG, insofar as this consent includes access to information on the user’s terminal device or the storage of cookies within the meaning of the TDDDG. This consent can be revoked at any time.

Further information:

https://policies.google.com/privacy?hl=de .

3.7 Social Media Plugins

3.7.1 Twitter

This website includes elements of the social network Twitter. This service is provided by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02AX07, Ireland.

If the social media element is activated, a direct connection is established between the website visitor and the Twitter servers and their IP address is transmitted to Twitter. If the website visitor has a user account, the visit to this website can be assigned to the corresponding user account. The website operator has no knowledge of the content of the transmitted data.

The legal basis for the processing is Article 6 Paragraph. 1 lit. a GDPR and Section 25 Para. 1 TDDDG. Consent can be revoked at any time.

When data is transferred to the USA, the standard contractual clauses (SCC) of the EU Commission apply.

Further information:

https://twitter.com/de/privacy

https://gdpr.twitter.com/en/controller-to-controller-transfers.html .

3.7.2 Instagram

This website includes elements of the social network Instagram. This service is offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

If the social media element is activated, a direct connection is established between the website visitor and the Instagram servers and their IP address is transmitted to Instagram. If the website visitor has a user account, the visit to this website can be assigned to the corresponding user account. As website operators, we have no knowledge of the content of the transmitted data.

The legal basis for the processing is Article 6 Paragraph. 1 lit. a GDPR and Section 25 Para. 1 TDDDG. Consent can be revoked at any time.

If personal data is collected on this website with the help of Facebook or Instagram and forwarded to Meta, the website operator and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Habour, Dublin 2, Ireland in accordance with. Art. 26 GDPR jointly responsible for data processing. This joint responsibility is limited exclusively to the collection and forwarding of data to Facebook or Instagram. There is an agreement on joint processing for this purpose:

https://www.facebook.com/legal/controller_addendum .

The website operator is responsible for providing data protection information when using the Instagram tool and for integrating the tool on the corresponding website in a way that complies with data protection law. Facebook and Instagram, on the other hand, are responsible for the data security of their products. It follows from this that the rights of those affected with regard to the data processed by Facebook or Instagram must be asserted directly with Facebook or Instagram.

When data is transferred to the USA, the standard contractual clauses (SCC) of the EU Commission apply.

https://www.facebook.com/legal/EU_data_transfer_addendum

https://de-de.facebook.com/help/566994660333381

https://www.facebook.com/policy.php

https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect .

3.7.3 LinkedIn

This website includes elements of the social network LinkedIn. This service is offered by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

If the social media element is activated, a direct connection is established between the website visitor and LinkedIn’s servers and their IP address is transmitted to LinkedIn. If the website visitor has a user account, the visit to this website can be assigned to the corresponding user account. The website operator has no knowledge of the content of the transmitted data.

The legal basis for the processing is Article 6 Paragraph. 1 lit. a GDPR and Section 25 Para. 1 TDDDG. Consent can be revoked at any time.

When data is transferred to the USA, the standard contractual clauses (SCC) of the EU Commission apply.

https://www.linkedin.com/help/linkedin/answer/a1350117 .

Further information:

https://www.linkedin.com/legal/privacy-policy .

3.7.4 XING

Elements of the social network XING are integrated into this website. This service is offered by New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany.

If the social media element is activated, a direct connection is established between the website visitor and the XING servers. Personal data and the IP address are not stored. User behavior is not evaluated.

The legal basis for the processing is Article 6 Paragraph. 1 lit. a GDPR and Section 25 Para. 1 TDDDG. Consent can be revoked at any time.

More details:

https://privacy.xing.com/de/datenschutzerklaerung .

3.7.5 GitHub

We integrate functions from GitHub, a social media platform and hosting service for software development, on our website. GitHub is operated by GitHub, Inc., 88 Colin P Kelly Jr St, San Francisco, CA 94107, USA.
GitHub allows users to host, manage, and version control source code. The platform also supports social interactions between development teams working on shared projects, including discussion forums, pull requests, and issues.
The data processed includes technical data such as IP address, browser information and interactions with GitHub content, e.g. by creating, commenting or editing repositories.
The purpose of the data processing is to provide a platform for collaboration and the exchange of source code as well as to optimize the user experience and interactions on GitHub.
The legal basis for data processing is Art. 6 para. 1 lit. f GDPR, as there is a legitimate interest in providing and optimising the functions for software development.
GitHub uses cookies and similar technologies to analyze the use of the platform and improve the user experience. These cookies are only set with the consent of the user and can be revoked at any time. The legal basis for this is Art. 6 Para. 1 lit. a GDPR in conjunction with Section 25 Para. 1 TTDSG.
Data is transferred to the USA. GitHub, Inc. uses the EU Commission’s standard contractual clauses (SCC) as guarantees for data protection when transferring data to third countries.
The data will be stored until the purpose of storage no longer applies or deletion is requested. Mandatory statutory retention periods remain unaffected.
Further information on data processing can be found here:
https://docs.github.com/de/site-policy/privacy-policies/github-general-privacy-statement .

3.8 Social Media Profile

In addition to our website, our company is also present on social networks.
We want to present our company and create the opportunity to get in touch with us.

We also use the opportunity to place advertisements and job postings on social media.

In the following we inform you about which data we and the respective social network process when you visit and
interaction with our profile.

3.8.1 LinkedIn

We operate a LinkedIn profile on https://www.linkedin.com/ . This social network is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

a) Interaction with our company profile

When you visit our LinkedIn profile and interact with us, we process
personal data. On the one hand, the data made publicly available on the profile. On the other hand, the personal data contained in posts, comments or direct messages to us. Through interactions such as liking or sharing, we can see the user profile with the public information.

The legal basis for this processing is Art. 6 Para. 1 lit. f GDPR. It is within our legitimate
Interest in providing relevant and interesting content and enabling the use and functionality of our LinkedIn profile

Insofar as a request is related to the performance of a contract or to the implementation of pre-contractual
measures are necessary, our processing is based on Art. 6 Para. 1 lit. b GDPR.

b) Page Insights

LinkedIn provides us with aggregated statistics and insights (so-called Page Insights) that tell us how people interact with our company page. Among other things, we receive information about the number of profiles that view, comment on or otherwise interact with our posts, as well as aggregated demographic and other information that helps us learn about interaction with our page or our LinkedIn profile. Page Insights provided to us by LinkedIn consist of aggregated data, and LinkedIn does not provide us with any personal data about members in relation to Page Insights. We also have no way of linking the Page Insights to individual members.

When placing ads, LinkedIn provides us with information about the types of people who see our ads and the success of our ads. Personal data is only shared with us if that person has consented to such processing. We also receive information from LinkedIn that allows us to understand which of our ads led to a purchase being made or an action being taken.

The processing of this data serves the purpose of analyzing our reach and adapting our content and advertisements to user interests. Based on the evaluation of this data, we can see how our content, our profile and our advertising are consumed. This enables us to create content tailored to the target group and place advertisements in order to better market our company and our services.

The processing is based on our legitimate interest in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR.

When processing personal data in the course of so-called Page Insights, the processing is carried out under joint responsibility with LinkedIn in accordance with Art. 26 Para. 1 GDPR.

For this purpose, we have concluded a corresponding agreement with LinkedIn, which can be viewed here ( https://legal.linkedin.com/pages-joint-controller-addendum ).

LinkedIn’s contact details are:

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

For LinkedIn, you can contact the data protection officer using the following link:

https://www.linkedin.com/help/linkedin/ask/TSO-DPO .

3.8.2 Processing by LinkedIn

In connection with your visit to our company profile, LinkedIn may also process personal data. In this case, the processing is carried out under the sole responsibility of LinkedIn and without our knowledge. You can find more information from LinkedIn on this at:

https://de.linkedin.com/legal/privacy-policy .

3.9 Instagram

We operate an Instagram profile. This social media platform is offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

3.9.1 Interaction with our company profile

When you visit our Instagram profile and interact with us through it, we process personal data. On the one hand, the data made publicly available on the profile. On the other hand, the personal data contained in posts, comments or direct messages to us. Through interactions such as liking or sharing, we can see the user profile with the public information.

The legal basis for this processing is Art. 6 Para. 1 lit. f GDPR. It is in our legitimate interest to provide relevant and interesting content and to enable the use and functionality of our Instagram profile.

Insofar as a request is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures, our processing is based on Art. 6 Para. 1 lit. b GDPR.

3.9.2 Insights

As explained in the Meta privacy policy under “How do we use your information?” (https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect), Meta also collects and uses information to provide analysis services, so-called insights, for site operators. This also applies to our Instagram profile.

Insights are aggregated statistics that are created based on certain interactions of visitors with pages and the content associated with them and are logged by the meta servers. This includes the following information

  • How many people see and interact with our products, services or content, such as posts, videos, Instagram pages, listings, shops and advertisements (if the advertisement is shown on meta-products);
  • How people interact with our content, websites, apps and services;
  • Which group of people interacts with our content or which group of people uses our services.

Meta provides us with aggregated reports and insights that help us understand how well our content, features, products and services are performing.

We do not receive access to personal data, only to the summarized reports.

To evaluate the reach, we can make settings or set appropriate filters with regard to the selection of a time period, the viewing of a specific post and the demographic groupings. This data is anonymized. It is not possible for us to draw conclusions about specific people.

The processing of this data serves the purpose of analyzing our reach and adapting our content and advertisements to user interests so that visitors can derive the greatest possible benefit from them. By evaluating this data, we can see how our content, our profile and our advertising are consumed. This enables us to create content tailored to the target group and place advertisements in order to better market our company and our services.

The processing is based on our legitimate interest in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR.

When processing personal data in the course of so-called insights, the processing is carried out in joint responsibility with Meta in accordance with Art. 26 Para. 1 GDPR.

For this purpose, we have concluded a corresponding agreement with Meta, which can be viewed here (https://www.facebook.com/legal/terms/page_controller_addendum.).

Meta’s contact details are:

Online contact: https://www.facebook.com/help/contact/1650115808681298

Postal: Meta Platforms Ireland Limited, ATTN: Privacy Operations, Merrion Road, Dublin 4, D04 X2K5, Ireland.

For Instagram, you can contact the data protection officer using the following link:

https://www.facebook.com/help/contact/540977946302970.

More information about the insights:

https://de-de.facebook.com/help/1735443093393986/?helpref=hc_fnav.

You can find Instagram’s full privacy policy here:

https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect

3.9.3 Processing of personal data and cookies by Meta

When you access an Instagram page, the IP address assigned to your device is transmitted to Meta. According to Meta, this IP address is anonymized (for “German” IP addresses). Meta also stores information about the devices of its users (e.g. as part of the “login notification” function); this may enable Meta to assign IP addresses to individual users. If you are currently logged in to Instagram as a user, there is a cookie with your Instagram ID on your device. This enables Meta to track that you have visited this page and how you have used it. Meta buttons integrated into websites enable Meta to record your visits to these websites and assign them to your Instagram profile. This data can be used to offer content or advertising tailored to you.

Further information:

https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect .

3.10 Xing

We operate a Xing page. This social media platform is offered by New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany.

3.10.1 Interaction with our company profile

When you visit our Xing profile and interact with us through it, we process personal data. On the one hand, the data made publicly available on the profile. On the other hand, the personal data contained in posts, comments or direct messages to us. Through interactions such as liking or sharing, we can see the user profile with the public information.

Via the company profile you also have the possibility to reach us as the operator via the specified contact channels.

If users are logged in to their XING user account when they access the company page, information about the access to the service can be assigned to the respective user account. This information is also available to us as the operator of the company profile. The provision of this information can be avoided by logging out of the XING user account before accessing the company page.

The legal basis for the processing is Article 6 Paragraph. 1 lit. f GDPR. It is in our legitimate interest to provide relevant and interesting content, to maintain business contacts, to draw attention to our services and job advertisements and to get in touch with visitors to our profile and interested parties.

Insofar as a request is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures, our processing is based on Art. 6 Para. 1 lit. b GDPR.

3.10.2 Processing of personal data and cookies by Xing

When you use and access our company profile, personal data is also processed by Xing. This processing is carried out under the sole responsibility of Xing. We have no influence on the processing by Xing.

If you have given your consent (for example by setting your XING status to “actively looking for a job”), Xing will contact you directly to suggest suitable job offers.

The processing of data can be restricted in the privacy settings.

Xing’s privacy policy can be viewed here:

https://privacy.xing.com/de/datenschutzerklaerung

3.11 Third-party content

3.11.1 Google Fonts

We have integrated Google Fonts locally on our server. This means that, despite use, no data is transferred to Google.

3.11.2 Google reCAPTCHA

This website uses Google reCAPTCHA. Google reCAPTCHA is a plugin offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The service makes it possible to determine whether data entry is carried out by a human or by an automated program. This analysis begins automatically in the background as soon as the website is accessed. For this purpose, various information is collected and transmitted to Google. There is no reference to this analysis.

The legal basis for the processing is Article 6 Paragraph. 1 lit. a GDPR and Section 25 Para. 1 TDDDG. Consent can be revoked at any time.

Further details:

https://policies.google.com/privacy?hl=de

https://policies.google.com/terms?hl=de .

3.11.3 hCaptcha

We use Google hCaptcha on this website. hCaptcha is a plugin provided by Intuition Machines, Inc., 2211 Selig Drive, Los Angeles, CA 90026, USA.

The service makes it possible to determine whether data entry is carried out by a human or by an automated program. This analysis begins automatically in the background as soon as the website is accessed. For this purpose, various information is recorded, which is transmitted to hCaptcha. There is no indication of this analysis when using the “invisible mode”.

The legal basis for the processing is Article 6 Paragraph. 1 lit. a GDPR and Section 25 Para. 1 TDDDG. Consent can be revoked at any time.

Further details:

https://www.hcaptcha.com/privacy

https://hcaptcha.com/terms .

3.12 Audio and video conferences

3.12.1 Zoom

We use Zoom to communicate with customers. Zoom is an online conferencing tool. This service is offered by Zoom Communications Inc., San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA.

When communicating with this tool via video or audio conferences, personal data is processed by us and the tool provider. The data collected includes all information that you provide when using the tool. Metadata relating to the conference is also processed. Furthermore, technical information is processed that is required for the online communication to function. Furthermore, all files that are shared within the tool are stored on the tool provider’s servers.

Zoom may also set cookies. These cookies are only set with consent. Consent can be revoked at any time. The legal basis for this is Article 6 paragraph. 1 lit. a GDPR.

Furthermore, the legal basis for the processing of data by Zoom is Art. 6 Para. 1 lit. b GDPR. The communication is related to the performance of a contract or is necessary to fulfill pre-contractual obligations. Furthermore, this tool is used to simplify communication with our company. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR.

This data will be stored until the data subject requests deletion, consent to storage has been revoked or the purpose for storage no longer applies. Cookies remain on the device until the user deletes them. Mandatory statutory provisions regarding retention periods remain unaffected.

When data is transferred to the USA, the EU Commission’s standard contractual clauses (SCC) apply.

Further information:

https://zoom.us/de-de/privacy.html .

3.12.2 Microsoft Teams

We use Microsoft Teams to communicate with customers. Microsoft Teams is an online conferencing tool. This service is offered by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.

When communicating with this tool via video or audio conferences, personal data is processed by us and the tool provider. The data collected includes all information you provide when using the tool. Metadata relating to the conference is also processed. Furthermore, technical information is processed that is required for the online communication to function. Furthermore, all files that are shared within the tool are stored on the tool provider’s servers.

Microsoft Teams can also set cookies. These cookies are only set with consent. This consent can be revoked at any time. The legal basis for this is Article 6 paragraph. 1 lit. a GDPR.

Furthermore, the legal basis for the processing of data by Microsoft Teams is Art. 6 Para. 1 lit. b GDPR. The communication is related to the performance of a contract or is necessary to fulfill pre-contractual obligations. Furthermore, this tool is used to simplify communication with our company. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR.

This data will be stored until the data subject requests deletion, consent to storage has been revoked or the purpose for storage no longer applies. Cookies remain on the device until the user deletes them. Mandatory statutory provisions regarding retention periods remain unaffected.

More details:

https://privacy.microsoft.com/de-de/privacystatement .

3.13 Cloud backups

We use cloud backup functions on our website to protect the data and content of the website from data loss, corruption or security incidents. This ensures that in the event of a server failure, hacker attack or other unforeseen events, the website can be restored quickly and completely.

If personal data is stored on our website, this will be transferred to the servers of the respective provider during backups.
The legal basis for data processing is Art. 6 para. 1 lit. f GDPR, as we have a legitimate interest in securing our data.

We use the following cloud backup service:

One Drive

Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.

https://privacy.microsoft.com/de-de/privacystatement .

4. This is also important

Finally, we would like to inform you comprehensively and in detail about your rights and tell you how you will be informed about changes in data protection requirements.

4.1 Your rights in detail

4.1.1 Right to information according to Art. 15 GDPR

You can request information about whether your personal data is being processed. If this is the case, you can request further information on the type and manner of processing. A detailed list can be found in Art. 15 Paragraph. 1 lit. a to h GDPR.

4.1.2 Right to correction according to Art. 16 GDPR

This right includes the correction of incorrect data and the completion of incomplete personal data.

4.1.3 Right to erasure according to Art. 17 GDPR

This so-called ‘right to be forgotten’ gives you the right, under certain conditions, to request that the controller delete your personal data. This is generally the case if the purpose of the data processing no longer applies, if consent has been withdrawn or if the initial processing took place without a legal basis. A detailed list of reasons can be found in Art. 17 para. 1 lit. a to f GDPR. This “right to be forgotten” also corresponds to the duty of the person responsible under Article 17 paragraph. 2 GDPR, to take appropriate measures to ensure general erasure of the data.

4.1.4 Right to restriction of processing according to Art. 18 GDPR

This right is subject to the conditions set out in Article 18 paragraph. 1 lit. a to d tied.

4.1.5 Right to data portability according to Art. 20 GDPR

This regulates the fundamental right to receive one’s own data in a common form and to transmit it to another responsible party. However, this only applies to data processed based on consent or contract in accordance with Art. 20 Para. 1 lit. a and b and as far as this is technically feasible.

4.1.6 Right to object according to Art. 21 GDPR

You can generally object to the processing of your personal data. This applies in particular if your interest in objecting outweighs the legitimate interest of the controller in the processing and if the processing relates to direct advertising and/or profiling.

4.1.7 Right to “individual decision” according to Art. 22 GDPR

In principle, you have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you. However, this right also finds restrictions and additions in Article 22 paragraph. 2 and 4 GDPR.

4.1.8 Further rights

The GDPR includes comprehensive rights to inform third parties about whether or how you have asserted rights under Art. 16, 17, 18 GDPR. However, this is only to the extent that this is possible or can be carried out with reasonable effort.

At this point we would like to remind you again of your right to revoke your consent in accordance with Art. 7 Para. 3 GDPR. However, this does not affect the lawfulness of the processing carried out up to that point.

We would also like to point out your rights according to §§ 32 ff. BDSG, the content of which is largely the same as the rights just described.

4.1.9 Right to lodge a complaint under Art. 77 GDPR

You also have the right to complain to a data protection supervisory authority if you consider that the processing of personal data concerning you infringes this Regulation.

5. What if the GDPR is abolished tomorrow or other changes take place?

The current status of this privacy policy is October 25, 2024. From time to time it is necessary to adapt the content of the privacy policy in order to respond to actual and legal changes. We therefore reserve the right to change this privacy policy at any time. We will publish the amended version in the same place and recommend that you read the privacy policy regularly.

Created with the kind support of Dieter Macht data protection