General Notes
The following notes provide a simple overview of what happens to your personal data when you visit our website. Personal data includes all data that can be used to personally identify you. Detailed information about data protection can be found in our privacy policy below this text.
Data Collection on This Website
Analytics Tools and Tools from Third-Party Providers
When visiting this website, your browsing behavior may be statistically analyzed. This mainly occurs using analysis programs.
Detailed information about these analysis programs can be found in the following privacy policy.
External Hosting
This website is hosted externally. Personal data collected on this website is stored on the servers of the hosting provider(s). This may include IP addresses, contact requests, meta and communication data, contractual data, contact details, names, website access logs, and other data generated via the website.
External hosting occurs for the purposes of fulfilling contracts with our potential and existing customers (Art. 6(1)(b) GDPR) and ensuring secure, fast, and efficient provision of our online offerings by a professional provider (Art. 6(1)(f) GDPR). Where consent has been obtained, processing is based solely on Art. 6(1)(a) GDPR and § 25(1) TTDSG, provided consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting). Consent can be withdrawn at any time.
Our hosting provider(s) will only process your data to the extent necessary to fulfill its performance obligations and follow our instructions regarding this data.
We use the following hosting provider(s):
Order Processing Agreement
We have entered into an Order Processing Agreement (OPA) with the provider mentioned above. This agreement ensures that the provider processes personal data of our website visitors only in accordance with our instructions and complies with the GDPR.
Data Protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations and this privacy policy.
When you use this website, various personal data are collected. Personal data refers to data that can personally identify you. This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose this happens.
We point out that data transmission on the internet (e.g., via email communication) may have security vulnerabilities. A complete protection of data from access by third parties is not possible.
Notice on the Responsible Entity
The responsible entity for data processing on this website is:
The responsible entity is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).
Storage Duration
Unless a specific retention period has been stated within this privacy policy, your personal data will remain with us until the purpose for the data processing ceases. If you request deletion of your data or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons to retain your personal data (e.g., retention periods required by tax or commercial law). In such cases, deletion will occur after these reasons cease to apply.
General Information on Legal Bases for Data Processing on This Website
If you have consented to data processing, we process your personal data based on Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR if special categories of data are processed under Art. 9(1) GDPR. If explicit consent to the transfer of personal data to third countries has been obtained, processing is additionally based on Art. 49(1)(a) GDPR.
For data required to fulfill a contract or pre-contractual measures, processing is based on Art. 6(1)(b) GDPR. If data processing is necessary for compliance with a legal obligation, processing is based on Art. 6(1)(c) GDPR.
Processing may also be carried out based on our legitimate interest (Art. 6(1)(f) GDPR). Detailed information on the respective legal basis for each processing purpose is provided in the relevant sections of this privacy policy.
Data Protection Officer
We have appointed a data protection officer:
We use tools from companies located in non-secure third countries and US tools whose providers are not certified under the EU-US Data Privacy Framework (DPF). When these tools are active, your personal data may be transferred to these countries and processed there.
We must note that non-secure third countries may not guarantee a level of data protection equivalent to that in the EU. For example, US companies not certified under the DPF may not provide adequate safeguards for your data. Consequently, authorities in such countries (e.g., intelligence services) may access your personal data without you being able to assert effective legal remedies or enforce your rights.
Transfers to non-secure third countries occur only if the use of specific tools requires this data transfer, or you have explicitly consented to such use. You will be informed of this in this privacy policy.
As part of our business activities, we work with various external parties. This sometimes involves transferring personal data to these external parties. Personal data is only shared with external entities when necessary to fulfill contractual obligations, comply with legal requirements (e.g., sharing data with tax authorities), serve our legitimate interests under Art. 6(1)(f) GDPR, or when other legal bases permit the data transfer.
When working with data processors, we share personal data of our customers only under a valid Data Processing Agreement (DPA). In cases of joint processing, a Joint Processing Agreement (JPA) will be established.
Many data processing operations are only possible with your explicit consent. You can revoke previously given consent at any time. The legality of the data processing carried out before the revocation remains unaffected.
If your personal data is processed based on Art. 6(1)(e) or (f) GDPR, you have the right to object at any time for reasons related to your specific situation. This also applies to profiling based on these provisions. The relevant legal basis for processing can be found in this privacy policy.
If you file an objection, we will no longer process your affected personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms or the processing is necessary for the establishment, exercise, or defense of legal claims.
If your personal data is processed for direct marketing purposes, you have the right to object to its use for such advertising at any time. This also applies to profiling related to such direct marketing. If you object, your personal data will no longer be used for direct marketing.
If you believe your data is being processed unlawfully under GDPR, you have the right to file a complaint with a supervisory authority, particularly in the EU member state where you reside, work, or where the alleged violation occurred. This right to file a complaint exists without prejudice to other administrative or judicial remedies.
You have the right to receive data we process based on your consent or in the performance of a contract in a commonly used, machine-readable format. You may also request the transfer of this data directly to another controller, provided it is technically feasible.
Under applicable legal provisions, you have the right to request access to your stored personal data, its origin, recipients, and the purpose of its processing free of charge. You also have the right to request the rectification or erasure of your personal data.
For further questions regarding your personal data, you can contact us at any time.
You have the right to request the restriction of your personal data under certain circumstances:
If you contest the accuracy of your personal data: We may need time to verify its accuracy. During this period, you have the right to request restriction of processing.
If the processing is unlawful: Instead of erasure, you may request the restriction of data use.
If we no longer need your data: If you need the data to assert, exercise, or defend legal claims, you can request restriction instead of erasure.
If you have objected to processing under Art. 21(1) GDPR: While we assess whether our legitimate grounds override yours, processing will be restricted.
When processing is restricted, your data will only be stored or processed with your consent, for legal claims, to protect the rights of another individual or entity, or for reasons of significant public interest.
This site uses SSL or TLS encryption for security and to protect the transmission of sensitive content (e.g., orders or inquiries). You can identify an encrypted connection by the change in the browser’s address bar from “http://” to “https://” and the padlock symbol.
With SSL or TLS encryption enabled, data you transmit to us cannot be read by third parties.
Our website uses "cookies." Cookies are small text files that do not harm your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are automatically deleted after your visit. Persistent cookies remain stored on your device until you delete them manually or your web browser performs an automatic deletion.
Cookies can come from us (first-party cookies) or third-party providers (third-party cookies). Third-party cookies enable the integration of certain third-party services (e.g., cookies for processing payment services).
Cookies serve various purposes. Many cookies are technically necessary to ensure the functionality of the website (e.g., shopping cart functions or video displays). Other cookies are used to analyze user behavior or for advertising purposes.
Cookies necessary for electronic communication or for providing specific functions requested by you (e.g., shopping cart functionality) are processed under Art. 6(1)(f) GDPR unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the proper and optimized provision of its services.
If consent has been requested for the storage of cookies, the processing is based solely on Art. 6(1)(a) GDPR and § 25(1) TTDSG. This consent can be withdrawn at any time.
You can configure your browser settings to notify you about cookies and allow them only in specific cases, exclude the acceptance of cookies altogether, or enable the automatic deletion of cookies upon browser closure. If cookies are disabled, the functionality of the website may be restricted.
Detailed information about the cookies and third-party services used on this website can be found in this privacy policy.
The website provider automatically collects and stores information in server log files, which your browser transmits to us automatically. These include:
These data are not combined with other data sources.
The collection of this data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of the website. Server log files must be recorded for this purpose.
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provide, will be stored by us for the purpose of processing the inquiry and for follow-up questions. These data will not be passed on without your consent.
The processing of this data is based on Art. 6(1)(b) GDPR if your request is related to the performance of a contract or pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively processing inquiries directed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR), where this has been requested.
The data you enter in the contact form will remain with us until you request deletion, withdraw your consent, or the purpose for data storage ceases (e.g., after your inquiry has been processed). Mandatory legal provisions, particularly retention periods, remain unaffected.
If you contact us via email, telephone, or fax, your inquiry, including all resulting personal data (name, request), will be stored and processed by us for the purpose of handling your request. We do not share this data without your consent.
The processing of this data is based on Art. 6(1)(b) GDPR if your request is related to the performance of a contract or necessary pre-contractual measures. In all other cases, the processing is based on our legitimate interest in effectively handling inquiries directed to us (Art. 6(1)(f) GDPR) or your consent (Art. 6(1)(a) GDPR), where this has been requested.
The data you provide in inquiries will remain with us until you request deletion, withdraw your consent, or the purpose for data storage ceases (e.g., after your request has been fully processed). Mandatory statutory provisions, especially legal retention periods, remain unaffected.
This website uses features of the web analytics service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics allows the website operator to analyze the behavior of website visitors. It provides various usage data, such as page views, session duration, operating systems, and the origin of the user. These data are assigned to a user ID and linked to the respective device of the website visitor.
In addition, Google Analytics can record mouse movements, scroll activities, and clicks. It uses various modeling approaches to complement collected data and employs machine learning technologies for data analysis.
Google Analytics utilizes technologies that enable user recognition for the analysis of user behavior (e.g., cookies or device fingerprinting). The information collected by Google about your use of this website is usually transferred to a Google server in the USA and stored there.
The use of this service is based on your consent under Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent can be withdrawn at any time.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.
The company is certified under the "EU-US Data Privacy Framework" (DPF), which ensures compliance with European data protection standards for data processing in the USA. More information is available here: https://www.dataprivacyframework.gov/participant/5780.
Google Analytics’ IP anonymization feature is activated. As a result, your IP address will be truncated by Google within the European Union member states or other states party to the Agreement on the European Economic Area before transmission to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on website activity, and provide other services related to website and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
You can prevent Google from collecting and processing your data by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
More information on how Google Analytics handles user data can be found in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.
We use Google Signals. When you visit our website, Google Analytics collects, among other data, your location, search history, and YouTube history as well as demographic data (visitor data). This data can be used for personalized advertising with the help of Google Signals. If you have a Google account, the visitor data collected by Google Signals will be linked to your Google account and used for personalized advertising messages. The data is also used to create anonymized statistics on user behavior.
We have entered into a Data Processing Agreement (DPA) with Google and fully comply with the stringent requirements of the German data protection authorities when using Google Analytics.
This website uses the "E-Commerce Tracking" feature of Google Analytics. E-Commerce Tracking allows the website operator to analyze the purchasing behavior of website visitors to improve online marketing campaigns. For example, this captures the number of orders placed, average order values, shipping costs, and the time from product viewing to purchase. These data may be aggregated by Google under a transaction ID, which is assigned to the respective user or device.
This website uses Hotjar. The provider is Hotjar Ltd., Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (Website: https://www.hotjar.com).
Hotjar is a tool used to analyze your user behavior on this website. With Hotjar, we can record, for example, mouse and scroll movements as well as clicks. Hotjar can also determine how long your mouse pointer stayed at a certain position. Based on this information, Hotjar creates heatmaps to identify which areas of the website are most frequently viewed by visitors.
Additionally, we can analyze how long you stayed on a page and when you left it. We can also identify where you abandoned input in a contact form (so-called conversion funnels).
Furthermore, Hotjar can be used to collect direct feedback from website visitors. This function is used to improve the website operator’s offerings.
Hotjar uses technologies that enable user recognition for behavior analysis purposes (e.g., cookies or device fingerprinting).
Where consent has been provided, the use of the aforementioned tool is exclusively based on Art. 6(1)(a) GDPR and § 25 TTDSG. Consent can be withdrawn at any time. Where consent has not been obtained, the use of this tool is based on Art. 6(1)(f) GDPR; the website operator has a legitimate interest in analyzing user behavior to optimize its website and advertising.
If you wish to disable data collection by Hotjar, click on the following link and follow the instructions: https://www.hotjar.com/policies/do-not-track/.
Please note that Hotjar must be disabled for each browser or device separately.
For more information about Hotjar and the data it collects, see Hotjar’s privacy policy: https://www.hotjar.com/privacy.
We have entered into a Data Processing Agreement (DPA) with Hotjar. This is a data protection contract required by law to ensure that Hotjar processes the personal data of website visitors only in accordance with our instructions and in compliance with the GDPR.
This website uses Google Conversion Tracking. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Conversion Tracking allows Google and us to determine whether a user has performed certain actions. For example, we can evaluate which buttons on our website are clicked how often and which products are viewed or purchased most frequently. This information is used to create conversion statistics.
We are informed about the total number of users who clicked on our ads and which actions they performed. We do not receive any information that personally identifies users. Google itself uses cookies or comparable recognition technologies for identification purposes.
The use of this service is based on your consent under Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent can be withdrawn at any time.
More information about Google Conversion Tracking can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=en.
The company is certified under the "EU-US Data Privacy Framework" (DPF). This framework ensures compliance with European data protection standards when processing data in the USA. Further details can be found here: https://www.dataprivacyframework.gov/participant/5780.
If you wish to subscribe to the newsletter offered on the website, we require your email address and information that allows us to verify that you are the owner of the provided email address and agree to receive the newsletter. Additional data is only collected on a voluntary basis. We use newsletter service providers, which are described below, to handle the newsletters.
This website uses CleverReach for sending newsletters. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter "CleverReach"). CleverReach is a service that organizes and analyzes newsletter distribution. The data entered by you for the purpose of subscribing to the newsletter (e.g., email address) is stored on CleverReach servers in Germany or Ireland.
Our newsletters sent via CleverReach allow us to analyze the behavior of newsletter recipients. For example, it can determine how many recipients opened the newsletter and how often specific links were clicked. With the help of so-called conversion tracking, it can also be determined whether a predefined action (e.g., product purchase) occurred after clicking a link in the newsletter.
The data processing is based on your consent under Art. 6(1)(a) GDPR. Consent can be withdrawn at any time by unsubscribing from the newsletter. The legality of past data processing remains unaffected by the withdrawal.
If you do not want CleverReach to analyze your usage, you must unsubscribe from the newsletter. We provide a link for this in every newsletter message.
The data provided to us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter. Once you unsubscribe, your data will be removed from the newsletter distribution list. Data that has been stored by us for other purposes remains unaffected.
After you unsubscribe from the newsletter, your email address may be stored in a blacklist by us or the newsletter service provider to prevent future mailings. Data from the blacklist is only used for this purpose and is not combined with other data. This serves both your interest and our interest in complying with legal requirements for sending newsletters (legitimate interest as defined in Art. 6(1)(f) GDPR). Blacklist entries are not time-limited. You can object to the storage if your interests outweigh our legitimate interest.
For more details, refer to CleverReach’s privacy policy: https://www.cleverreach.com/en/privacy-policy/.
We have entered into a Data Processing Agreement (DPA) with CleverReach. This is a data protection contract required by law to ensure that CleverReach processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
Our website uses plugins from the Vimeo video portal. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
When you visit a page on our site that has a Vimeo plugin, a connection to the Vimeo servers is established. This informs the Vimeo server which of our pages you visited. Additionally, Vimeo obtains your IP address. This applies even if you are not logged into Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to a Vimeo server in the USA.
If you are logged into your Vimeo account, Vimeo can associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your Vimeo account.
Vimeo uses cookies or similar recognition technologies (e.g., device fingerprinting) to recognize visitors.
The use of Vimeo is in the interest of providing an appealing presentation of our online offerings. This constitutes a legitimate interest as defined in Art. 6(1)(f) GDPR. If consent has been requested, processing is based solely on Art. 6(1)(a) GDPR and § 25(1) TTDSG, provided consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting). Consent can be withdrawn at any time.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission and Vimeo’s statement of "legitimate business interests." Details can be found here: https://vimeo.com/privacy.
For more details on how Vimeo handles user data, see Vimeo’s privacy policy: https://vimeo.com/privacy.
This website uses Google Fonts for consistent font display. Google Fonts are installed locally on our servers. No connection to Google servers is established.
For more information on Google Fonts, visit: https://developers.google.com/fonts/faq
Google’s privacy policy can be found here: https://policies.google.com/privacy.
We collect, process, and use personal data only to the extent necessary to establish, structure, or modify legal relationships with us (master data). We collect, process, and use personal data regarding the use of this website (usage data) only to the extent necessary to enable or bill the user for the use of the service.
The basis for this data processing is Art. 6(1)(b) GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.
When you order goods from us, we share your personal data with the company responsible for delivery and the payment service provider tasked with processing the payment. Only the data necessary for fulfilling the respective task is shared.
The basis for this data processing is Art. 6(1)(b) GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.
If you have consented, we will share your email address with the delivery company so they can inform you of the delivery status of your order via email. You can withdraw your consent at any time.
We only transfer personal data to third parties if this is necessary in the context of contract processing, for example, to the financial institution responsible for processing payments.
Data will not be transmitted further or will only be transmitted if you have expressly consented to the transmission. Your data will not be shared with third parties without your explicit consent, for instance, for advertising purposes.
The basis for this data processing is Art. 6(1)(b) GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.
We integrate payment services from third-party companies on our website. When you make a purchase from us, your payment data (e.g., name, payment amount, account details, credit card number) will be processed by the payment service provider to handle the payment. The respective terms and conditions and privacy policies of the payment service provider apply.
The use of payment service providers is based on Art. 6(1)(b) GDPR (contract processing) and in the interest of a smooth, convenient, and secure payment process (Art. 6(1)(f) GDPR). If consent is requested for certain actions, Art. 6(1)(a) GDPR serves as the legal basis. Consent can be withdrawn at any time.
We use the following payment services/providers:
The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg.
The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.
For more details, see PayPal’s privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
The provider of this payment service is Apple Inc., Infinite Loop, Cupertino, CA 95014, USA.
You can find Apple’s privacy policy here: https://www.apple.com/legal/privacy/de-ww/.
The provider is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden. Klarna offers various payment options (e.g., installment purchase). If you choose Klarna’s payment options (Klarna Checkout solution), Klarna collects various personal data from you. Klarna uses cookies to optimize the use of the Klarna Checkout solution. Details about Klarna cookies can be found here: https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf.
For more details, see Klarna’s privacy policy: https://www.klarna.com/de/datenschutz/.
The provider of this payment service is Sofort GmbH, Theresienhöhe 12, 80339 Munich, Germany.
With the Sofort payment method, we receive a real-time payment confirmation from Sofort GmbH, which allows us to immediately start fulfilling our obligations.
When using Sofortüberweisung, you will need to provide your PIN and a valid TAN to Sofort GmbH, which will be used to log into your online banking account. After logging in, Sofort GmbH will automatically verify your account balance and process the transfer to us using the TAN provided. It will then send us a transaction confirmation.
Details on payment with Sofortüberweisung can be found here: https://www.klarna.com/sofort/.
The provider is Mollie B.V., Keizersgracht 126, 1015CW Amsterdam, Netherlands.
Mollie allows us to integrate various payment methods into our website. For details, refer to Mollie’s privacy policy: https://www.mollie.com/en/privacy.
The provider is American Express Europe S.A., Theodor-Heuss-Allee 112, 60486 Frankfurt am Main, Germany.
American Express may transfer data to its parent company in the USA. The transfer of data to the USA is based on Binding Corporate Rules. Details can be found here: https://www.americanexpress.com/en-cz/company/legal/privacy-centre/binding-corporate-rules/.
For more details, see American Express’s privacy policy: https://www.americanexpress.com/en-us/company/legal/privacy-center.html.
The provider is Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium.
Mastercard may transfer data to its parent company in the USA. The transfer of data to the USA is based on Mastercard’s Binding Corporate Rules. Details can be found here: https://www.mastercard.us/en-us/about-mastercard/what-we-do/privacy.html.
The provider is Visa Europe Services Inc., Zweigniederlassung London, 1 Sheldon Square, London W2 6TT, United Kingdom.
The UK is considered a secure third country under EU data protection law, meaning its data protection standards are comparable to those in the EU.
Visa may transfer data to its parent company in the USA. The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung/mitteilung-zu-zustandigkeitsfragen-fur-den-ewr.html.
Data Processing
We use online conferencing tools, among others, for communication with our customers. The tools we use are listed below. When you communicate with us via video or audio conferencing over the internet, your personal data will be collected and processed by both us and the provider of the conferencing tool.
The conferencing tools collect the data you provide to use the tools (e.g., email address or phone number). Additionally, the conferencing tools process the duration of the conference, start and end times, participant numbers, and other "contextual information" related to the communication process (metadata).
The provider of the conferencing tool also processes all technical data required to handle online communication. This includes, but is not limited to, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and connection type.
If content is exchanged, uploaded, or otherwise made available within the tool, it is also stored on the servers of the tool provider. Such content includes, but is not limited to, cloud recordings, chat messages, voicemails, uploaded photos or videos, files, whiteboards, and other information shared during the use of the service.
Please note that we do not have full influence over the data processing operations of the tools used. The processing policies of the respective provider apply. For detailed information on data processing by the conferencing tools, please refer to the privacy policies of the respective tools listed below.
The conferencing tools are used to communicate with prospective or existing contractual partners or to provide certain services to our customers (Art. 6(1)(b) GDPR). Additionally, their use helps to simplify and speed up communication with us as a company (legitimate interest under Art. 6(1)(f) GDPR). If consent has been requested, the use of the tools is based on Art. 6(1)(a) GDPR; consent can be withdrawn at any time.
The data collected directly by us through video and conferencing tools will be deleted from our systems as soon as you request its deletion, revoke your consent for storage, or the purpose for storing the data no longer applies. Stored cookies remain on your device until you delete them. Mandatory legal retention periods remain unaffected.
We have no influence on the retention period of your data that is stored by the providers of the conferencing tools for their own purposes. For details, please refer to the privacy policies of the respective providers.
Zoom
We use Zoom. The provider is Zoom Communications Inc., San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA.
Details on data processing can be found in Zoom’s privacy policy: https://explore.zoom.us/en/privacy/.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://explore.zoom.us/en/privacy/.
TeamViewer
We use TeamViewer. The provider is TeamViewer Germany GmbH, Jahnstr. 30, 73037 Göppingen, Germany.
Details on data processing can be found in TeamViewer’s privacy policy: https://www.teamviewer.com/en/privacy-policy/.
Microsoft Teams
We use Microsoft Teams. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.
Details on data processing can be found in Microsoft Teams’ privacy policy: https://privacy.microsoft.com/en-us/privacystatement.
The company is certified under the "EU-US Data Privacy Framework" (DPF). This framework ensures compliance with European data protection standards when processing data in the USA. Further details can be found here: https://www.dataprivacyframework.gov/participant/5780.
We have entered into Data Processing Agreements (DPA) with all providers of the conferencing tools we use. These legally required agreements ensure that the providers process personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
We offer you the opportunity to apply to us (e.g., via email, postal mail, or online application form). Below, we provide information on the scope, purpose, and use of your personal data collected during the application process. We assure you that your data will be collected, processed, and used in accordance with applicable data protection laws and all other legal provisions, and that your data will be treated as strictly confidential.
If you send us an application, we process your associated personal data (e.g., contact and communication data, application documents, interview notes, etc.) to the extent necessary to decide on the establishment of an employment relationship. The legal basis for this is § 26 BDSG under German law (initiation of an employment relationship), Art. 6(1)(b) GDPR (general contract initiation), and – if you have given consent – Art. 6(1)(a) GDPR. Consent can be withdrawn at any time. Within our company, your personal data will only be shared with persons involved in processing your application.
If we cannot offer you a position, you reject a job offer, or withdraw your application, we reserve the right to retain the data you have provided to us based on our legitimate interests (Art. 6(1)(f) GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application). The data will then be deleted, and physical application documents will be destroyed. This retention period serves as evidence in case of a legal dispute.
If it becomes evident that your data will be needed beyond the 6-month period (e.g., due to an impending or ongoing legal dispute), it will only be deleted once it is no longer required.
A longer retention period may also apply if you have consented (Art. 6(1)(a) GDPR) or if legal retention obligations prevent deletion.