Data Protection Policy
1. Data Protection at a Glance
You can configure your privacy settings here.
The following information is intended to provide you with an overview of what will happen with your personal data when you use our website. Personal data is all data with which you can be personally identified. You can find more detailed information on the topic in the data protection policy below.
Data Collection on Our Website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in this website’s site notice.
How Do We Collect Your Data?
Your data may be provided by you. This may include data that you enter into a contact form.
Other data is automatically collected by our IT systems when you visit the website. This mostly includes technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter our website.
What Do We Use Your Data For?
Some of this data is collected in order to guarantee error-free provision of the website. Other data may be used to analyze your user behavior.
What Rights Do You Have Regarding Your Data?
You have the right to receive free information about the origin, recipient and purpose of your saved personal data at any time. You also have the right to request the correction, blocking or deletion of this data. To do so, or if you have any other questions about data protection, you can contact us at the address provided in our site notice at any time. You also have the right to complain to the responsible supervisory authority.
You also have the right to request the restriction of processing regarding your personal data in certain circumstances. You can find details in the data protection policy under ‘right to restrict processing’.
Analysis Tools and Third Party Tools
You can object to this analysis. We will inform you of your option to object in this data protection policy.
2. General Advice and Mandatory Information
The operator of this website takes the protection of your personal data very seriously. We treat your personal data confidentially and always uphold statutory data protection regulations as well as this data protection policy.
Various personal data is collected when you use this website. Personal data is data with which you can be personally identified. This data protection policy explains what data we collect and what we use it for. It also explains how this occurs and to what end.
We must tell you that data transferred via the internet (e.g. by email communication) is not completely secure. It is not possible to fully protect your data from third party access.
Information about the Controller
The controller for data collection on this website is:
Tel: +49 2323 1706-0
The controller is the natural or legal entity that makes decisions about the purposes and methods of the processing of personal data (e.g. name, email address), either alone or with others.
Your Data Subject Rights
You can exercise the following rights at any time using the contact details provided for our Data Protection Agent:
- Information about personal data we have saved about you and its processing (article 15 of the GDPR),
- Correction of incorrect personal data (article 16 of the GDPR),
- Deletion of data saved by us about you (article 17 of the GDPR),
- Restriction of data processing insofar as we are not permitted to delete your data due to statutory obligations (article 18 of the GDPR),
- Objection to the processing of your data (article 21 of the GDPR) by us and
- Data transferability (article 20 of the GDPR) insofar as you have consented to data processing or entered into a contract with us. If you request the direct transfer of data to another controller, this shall be honored insofar as technically feasible.
Revocation of Your Consent to Data Processing
Many data processing processes are only possible with your express permission. You can revoke any granted permissions at any time. An informal email stating as such is sufficient. The legality of any data processing up to the point of revocation shall remain unaffected.
Right to Object to Data Collection in Special Cases and Right to Object to Direct Advertising (Article 21 of the GDPR)
If data is processed based on article 6 paragraph 1 lit e or f of the GDPR, you have the right to object to the processing of your personal data for reasons relating to your specific situation; this also applies to any profiling supported by these provisions. You can find the legal basis for specific processing processes in this data protection policy. If you object, your personal data will no longer be processed by us unless we can prove compelling grounds that are worthy of protection and that outweigh your interests, rights and freedoms or if the processing serves to exercise or defend legal claims (objection in accordance with article 21 paragraph 1 of the GDPR).
If your personal data is processed to operate direct advertising, you have the right to object to the processing of personal data affecting you for the purpose of such advertising at any time; this also applies to profiling related to such direct advertising. If you object, your personal data will no longer be used for the purposes of direct advertising (objection in accordance with article 21 paragraph 2 of the GDPR).
Right to Complain to the Responsible Supervisory Authority
In the case of data protection violations, the data subject has the right to complain to the responsible supervisory authority (article 77 of the GDPR, §19 of the German Federal Data Protection Act). The responsible supervisory authority in matters of data protection is the state data protection agent for the state in which our company is based. You can find a list of data protection agents and their contact details here: www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
SSL and/or TLS Encryption
For security reasons and to protect the transfer of confidential content, such as orders and requests sent by you to us as the website operator, this website uses SSL and/or TLS encryption. You can identify an encrypted connection by the “http://” in the browser address bar changing to “https://” and the padlock symbol appearing in the address bar.
If SSL and/or TLS encryption is activated, the data that you transfer to us cannot be read by third parties.
Objection to Promotional Emails
Contact details provided as part of our obligation to provide a site notice expressly may not be used to send unsolicited advertising or information materials. The website operator expressly reserves the right to take legal steps in the case of any unsolicited sending of advertising materials, such as spam emails.
3. Data Protection Agent
Legally required Data Protection Agent
We have appointed a Data Protection Agent for our company.
Data Protection Agent
Tel: +49 2323 1706-0
4. Data Collection on Our Website
Most of the cookies we use are “session cookies”. These are deleted at the end of your visit. Other cookies remain on your end device until you delete them. These cookies let us recognize your browser the next time you visit.
You can adjust your browser settings so that you are informed each time a cookie is saved or to only allow cookies in certain situations, to generally reject cookies or to automatically delete cookies when you close your browser. If you do deactivate cookies, the function of this website may be limited.
Cookies that are essential to enable electronic communication or to provide certain functions requested by you (e.g. shopping cart function) are saved based on article 6 paragraph 1 lit f of the GDPR. The website operator has a legitimate interest in the storage of cookies to ensure the technically error-free and optimized provision of their services. Insofar as other cookies (e.g. cookies to analyze your surfing behavior) are saved, these are handled separately in this data protection policy.
Server Log Files
The website provider automatically collects and saves information automatically transferred by your browser in server log files. This includes:
• Browser type and version
• Operating system used
• Referrer URL
• Host name of accessing computer
• Time of server request
• IP address
This data is not merged with data from other sources.
The basis for this data processing is article 6 paragraph 1 lit b of the GDPR, which permits the processing of data to fulfil a contract or precontractual measures.
Mandatory Information and Required Fields
If certain data fields are labelled as required fields and/or labelled with an asterisk (*) upon data collection, the provision of this data is either required by law or by the contract or we require this data in order to commence a contract, to provide the requested service or to pursue the stated purpose. Of course, the provision of data even in required fields is left to your discretion. Failure to provide such information may result in a failure to fulfil the contract, provide the desired service or achieve the desired aim.
If you provide us with information via a contact form, the information you entered into the form will be saved by us, including the contact details you provided, in order to process the request and to deal with any follow-up questions. This data will not be passed on without your permission.
The data entered into the contact form is only processed with your permission (article 6 paragraph 1 lit a of the GDPR). You can revoke this permission at any time. An informal email stating as such is sufficient. The legality of any data processing up to the point of revocation shall remain unaffected.
The data you enter into the contact form will remain stored until you request its deletion, revoke your consent for its storage or the purpose of data storage no longer applies (e.g. once your request has been processed). Mandatory statutory provisions – especially retention periods – shall remain unaffected.
Requests via Email, Telephone or Fax
If you contact us via email, telephone or fax, your data, including all resulting personal data (name, request), will be saved and processed by us for the purpose of processing your request. This data will not be passed on without your permission.
This data is processed based on article 6 paragraph 1 lit b of the GDPR insofar as your request is related to the fulfilment of a contract or the execution of precontractual measures. In all other cases, processing is based on your consent (article 6 paragraph 1 lit a of the GDPR) and/or our legitimate interests (article 6 paragraph 1 lit f of the GDPR) as we have a legitimate interest in the effective processing of your requests to us.
The data you transfer to us via the contact form will remain stored until you request its deletion, revoke your consent for its storage or the purpose of data storage no longer applies (e.g. once your request has been processed). Mandatory statutory provisions – especially statutory retention periods – shall remain unaffected.
Registering with Facebook Connect
Rather than registering direct with our website, you can register using Facebook Connect. This service is provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
If you decide to register with Facebook Connect and click on “Log in with Facebook”/”Connect with Facebook”, you will be automatically forwarded to the Facebook platform. You can use your user details to log in there. This will link your Facebook profile with our website and our services. This link will give us access to the data saved to your Facebook profile. This includes:
• Facebook name
• Facebook profile picture
• Facebook cover photo
• The email address saved to your Facebook account
• Facebook ID
• Facebook friends list
• Facebook likes
This data is used to set up, prepare and personalize your account.
You can find more information in Facebook’s conditions of use and data protection policy. You can find these here: https://www.facebook.com/about/privacy/ and here: www.facebook.com/legal/terms/.
5. handling of applicant data
Who has access to applicant data?
At RECKLI GmbH, application documents are only made accessible to those persons who are directly involved in filling the position. The person responsible for processing collects and processes the personal data of applicants (m/f/d) for the application process, specifically our personnel department. At foreign locations, the person responsible for filling the position. Not only individual persons are sometimes involved in the selection process in the course of an application procedure. In addition to the actual recruiter, second and third opinions are regularly obtained from the company management or other important decision-makers. This means that personal data can also be passed on to these persons. However, all persons concerned are bound to secrecy and may not pass on the data.
The works council has the right to inspect the application documents. According to § 99 Para. 1 1 BetrVG (Works Constitution Act), the application documents must be submitted to the works council by law in the case of planned recruitment by the employer and information about the person must be provided. Also here all concerning are obligated to the secrecy and may not carry the data further.
Which personal data are processed?
- General personal data (name, date and age of birth, place of birth, address, e-mail address, telephone number, etc…)
- Applicant master data (qualifications, certificates, e-mails, protocols, etc…)
- Value judgements (e.g. school and job references, etc.)
- Notes and information from an interview
- Data (personality traits) from the Identity Compass
How long is the data stored?
If the person responsible does not conclude an employment contract with the applicant (m/f/d), the application documents will be deleted six months after notification of the rejection decision, unless deletion conflicts with any other legitimate interests of the company. Other legitimate interests in this sense include, for example, the duty to provide evidence in proceedings under the General Equal Treatment Act (Allgemeines Gleichbehandlungsgesetz – AGG).
Processing may also be carried out electronically. This is particularly the case if an applicant (m/f/d) submits the relevant application documents electronically to our company.
If the person responsible concludes an employment contract with an applicant (m/f/d), the transferred data shall be stored for the purpose of processing the employment relationship in compliance with the statutory provisions/law.
If the application documents have been received by post, they must normally be returned to the applicant (m/f/d) within two to three months at the latest – unless their destruction has been determined.
- The applicant (m/f/d) has the right to revoke his/her consent to the use of personal data at any time.
- The applicant (m/f/d) has the right to be informed about the purpose and legal basis of the data processing.
- The applicant (m/f/d) has the right to appeal to a supervisory authority.
- The applicant (m/f/d) has the right to know the name and contact details of the person responsible for data processing in the company.
Application documents will be duly destroyed if they are no longer needed or if the statutory provisions force us to do so.
6.Notes on external hosting:
Notes on External Hosting:
The data necessary for the operation of the website is processed on an external server by Alfahosting GmbH.
For the website reckli.com Alfahosting GmbH is the provider for server resources (internet connection, server hardware etc.).
As users of the services offered by Alfahosting GmbH, we have no physical access to the servers of Alfahosting GmbH.
Which log files and which data are recorded by Alfahosting GmbH?
- Visited website
- Time at the time of access
- Amount of data sent in bytes
- Source/reference from which you came to the page
- Browser used
- Operating system used
- IP address used
- Backup of server data
Access log files and error log files are stored on the server. These log files contain the IP address of the visitor and thus personal data.
The log files are collected and stored to maintain server operation and for statistical evaluation.
The IP address is anonymized after 24 hours and the last octet is zeroed. The deletion takes place after 7 days at the latest.
Apart from the log files, according to the information provided by Alfahosting, no further storage of data takes place.
Alfahosting GmbH – Ankerstr. 3b – D-06108 Halle, Germany
Phone: +49 (0) 800 / 7000 0800
Fax: +49 (0) 345 / 680 04 99
Commercial Register: HRB 214733, Local Court Stendal, Ust-IdNr: DE232969203
Managing Director: Daniel Hagemeier
You will find the Alfahosting GmbH data protection declaration in German language at https://alfahosting.de/datenschutz/
Further information relevant to data protection can be found here (German language): https://alfahosting.de/antworten-auf-ihre-fragen?cid=1&id=450#a450
7. Social Media
Social Media Plug-Ins with Shariff
Our website uses social media plug-ins (e.g. Facebook, Twitter, Instagram, Pinterest, XING, LinkedIn).
The plug-ins can generally be identified by the social media logos. In order to guarantee data protection on our website, we use these plug-ins exclusively with the Shariff solution. This application prevents plug-ins integrated into our website from transferring data when a page is visited.
A direct connection to the provider’s server is only created when you click on the plug-in button (consent). As soon as you activate the plug-in, the provider shall be informed that you visited our website with your IP address. If you are already logged into your social media account (e.g. Facebook), the provider can allocate your visit to our website to your user account.
Activating the plug-in constitutes consent in the sense of article 6 paragraph 1 lit a of the GDPR. You can revoke this consent at any time with effect for the future.
Facebook Plug-Ins (Like & Share Buttons)
Our website includes plug-ins for the Facebook social network, provided by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. You can identify the Facebook plug-ins from the Facebook logo or the “like” button on our page. You can find an overview of Facebook plug-ins here: https://developers.facebook.com/docs/plugins/?locale=en_EN.
When you visit our website, the plug-in creates a direct connection between your browser and the Facebook server. This means that Facebook is informed that you have visited our website with your IP address. If you click on the “like” button while logged into your Facebook account, you can link the content of our website to your Facebook profile. This allows Facebook to allocate your visit to our website to your user account. We must inform you that we, as the website provider, have no knowledge of the data transferred by Facebook or how it is used. You can find more information in Facebook’s data protection policy here: https://www.facebook.com/privacy/explanation.
If you do not want Facebook to be able to allocate your visit to our website to your Facebook user account, please log out of your Facebook account and delete your browser cache in full.
The use of Facebook plug-ins is based on article 6 paragraph 1 lit f of the GDPR. The website operator has a legitimate interest in the best possible visibility on social media.
Features of the Twitter service are integrated into our website. This feature is provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the “re-Tweet” function, the website you are visiting will be linked to your Twitter account and other users will be made aware of your visit. This involves the transfer of data to Twitter. We must inform you that we, as the website provider, have no knowledge of the data transferred by Twitter or how it is used. You can find more information in Twitter’s data protection policy here: https://twitter.com/en/privacy.
The use of Twitter plug-ins is based on article 6 paragraph 1 lit f of the GDPR. The website operator has a legitimate interest in the best possible visibility on social media.
You can set your privacy settings in Twitter here: https://twitter.com/account/settings.
Features of the Instagram service are integrated into our website. These features are provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.
If you are logged into your Instagram account, you can link the content of our website with your Instagram profile by clicking the Instagram button. This allows Instagram to allocate your visit to our website to your user account. We must inform you that we, as the website provider, have no knowledge of the data transferred by Instagram or how it is used.
The use of the Instagram plug-in is based on article 6 paragraph 1 lit f of the GDPR. The website operator has a legitimate interest in the best possible visibility on social media.
You can find more information in Instagram’s data protection policy here: https://instagram.com/about/legal/privacy/.
Our website uses functions of the LinkedIn network. This is provided by the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
Whenever you view one of our pages that contains a LinkedIn function, a connection will be created to LinkedIn servers. LinkedIn will be informed that you have visited our website with your IP address. When you click the LinkedIn “recommend button” when already logged into your LinkedIn account, LinkedIn will be able to allocate your visit to our website to your user account. We must inform you that we, as the website provider, have no knowledge of the data transferred by LinkedIn or how it is used.
The use of the LinkedIn plug-in is based on article 6 paragraph 1 lit f of the GDPR. The website operator has a legitimate interest in the best possible visibility on social media.
You can find more information in LinkedIn’s data protection policy here: https://www.linkedin.com/legal/privacy-policy.
Our website uses functions of the XING network. This is provided by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany.
Whenever you view one of our pages that contains a XING function, a connection will be created to XING servers.
XING processes and saves information such as profile data, messages and more. You can find an overview of further data processed by XING here:
We must inform you that we, as the website provider, have no knowledge of the data transferred by XING or how it is used.
The use of the XING plug-in is based on article 6 paragraph 1 lit f of the GDPR. The website operator has a legitimate interest in the best possible visibility on social media.
You can find out more about data protection and the XING share button in XING’s data protection policy here: https://www.xing.com/app/share?op=data_protection.
Our website uses social plug-ins provided by the Pinterest social network, operated by Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103-490, USA (“Pinterest”).
When you visit a page containing one of these plug-ins, your browser will create a direct connection to Pinterest’s servers. The plug-in transfers log data to Pinterest’s servers in the USA. This log data may contain your IP address, the address of the pages you visit that contain the Pinterest feature, your browser type and settings, the date and time of your request, your use of Pinterest and cookies.
The use of the Pinterest plug-in is based on article 6 paragraph 1 lit f of the GDPR. The website operator has a legitimate interest in the best possible visibility on social media.
You can find more information on the purpose, scope and further processing and use of your data by Pinterest as well as your related rights and options to protect your privacy in Pinterest’s data protection policy here: policy.pinterest.com/de/privacy-policy.
You can find more information on the purpose, scope and further processing and use of your data by Pinterest as well as your related rights and options to protect your privacy in Pinterest’s data protection policy here: https://policy.pinterest.com/en-gb/privacy-policy.
8. Analysis Tools and Advertising
Cookie Approval/Rejection Management Service “Usercentrics Consent Management Platform”
This website offers you the possibility within the framework of a Consent Management (“Cookie Banner”) to decide on the setting of our website cookies according to your specifications. You can change the decision made there at any time and subsequently grant or revoke your consent.
Description and scope of data processing
This website uses the “Usercentrics Consent Management Platform” as a consent management tool within the scope of the analysis activities on our website in order to obtain your consent to the storage of certain cookies on your end device and to document this in a data protection compliant manner. As the user of the website you have the poissibilty to make individual settings by consent/refusal of certain data protection settings.
The provider of this technology is the processing company Usercentrics GmbH, Rosental 4, 80331 Munich, Germany.
Website: usercentrics.com (hereinafter “Usercentrics”).
What data is processed/transmitted by the Usercentrics Consent Management Platform when you visit our website?
(1) Consent data or data of consent or revocation of your consent(s): anonymous logbook data (Consent ID, Processor ID, Controller ID), Consent status, time of your visit to the Website.
(2) Device data or data of the devices used (including abbreviated IP addresses (IPv4-Address, IPv6-Adress), device information, timestamp)
(3) User data or user data (including e-mail, ID, browser information, SettingIDs, change log, terminal information, opt-in and opt-out data)
In addition, Usercentrics stores a cookie in your browser in order to be able to assign the consents granted to you or to revoke them. The data collected in this way is stored until you request us to delete it, delete the Usercentrics cookie itself or until the purpose for which the data is stored no longer applies. Mandatory statutory storage obligations remain unaffected.
The ConsentID (contains the above-mentioned data), the Consent status including timestamp are stored in the local storage of your browser and simultaneously on the servers used. Further processing only takes place if you make a request for information or revoke your consent. In this case, the relevant information is made available to the person responsible.
No user information is stored for statistics on the use of the consent granted or not granted. Only the frequency and locations of clicks are stored.
Where is the data stored?
Further information and opt-out
Further information about Usercentrics’ privacy practices can be found at (German language): https://usercentrics.com/de/datenschutzerklarung/
Below you will find the e-mail address of the data protection person responsiblie of the processing company: firstname.lastname@example.org
Pardot Marketing Automation System
Some forms on our website are linked with Pardot. Pardot is a marketing automation software from Salesforce.com. We use the Pardot Marketing Automation System (“Pardot MAS”) provided by Pardot LLC, 950 E. Paces Ferry Rd. Suite 3300 Atlanta, GA 30326, USA (“Pardot”) on our website. Pardot is a special software for the collection and evaluation of data concerning website use by website users. Insofar as Pardot LLC processes personal data, this processing is carried out on our behalf. Pardot LLC upholds the EU-US Privacy Shield Guidelines in all services where Pardot LLC carries out any data processing.
Why Do We Use Pardot?
We use Pardot as a marketing analysis service in order to maintain, improve and expand our web services and marketing communication as well as optimize our website content. We use this data to find out what topics you are interested in by tracking which links you click on, for instance.
We use this data to improve our services. In order to protect users and partners, fraud and security risks can also be recognized and prevented.
Any personal data offered voluntarily will first be saved in Pardot so it can then be processed using the Salesforce CRM system for the purpose of contact and/or sending information.
Salesforce may use standard tools for data collection, such as cookies or web beacons, to collect information about visitors to the company website (“website navigation data”). This website navigation data contains general information from your web browser (e.g. browser type and language).
The website navigation data is used to provide and improve our company website.
Salesforce/Pardot uses session cookies as well as persistent cookies.
Web beacons are transparent electronic images that are used to recognize certain types of information on your computer, such as cookies, the time of your visit to a web page linked with the web beacon and a description of the web page linked with the web beacon. This means that Salesforce can position web beacons in marketing emails that will notify the company if you click on a link in the email to access one of the company’s web pages. Salesforce uses web beacons to improve the company’s quality and email communication.
Salesforce uses web beacons, or a combination of web beacons and cookies, to gather information about the behavior of customers and visitors to the company website as well as their interaction with company emails.
Furthermore, Salesforce can use website navigation data either alone or in combination with other information about customers or participants in order to offer personalized information about the company.
Salesforce reserves the right to use or disclose information provided if required by law or if the company can reasonably assume that such use or disclosure may be necessary in order to protect the company’s rights and/or to fulfil its obligations within the realms of a court process or due to judiciary decree.
This website uses features of the web analysis service Google Analytics. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland.
The saving of Google Analytics cookies is based on article 6 paragraph 1 lit f of the GDPR. The website operator has a legitimate interest in the analysis of user behavior to optimize online services as well as advertising.
We have activated the IP anonymization function on this website. This means that your IP address is shortened by Google before leaving the European Union or the European Economic Area to be transferred to the USA. Only in exceptional cases will the full IP address be transferred to Google servers in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to create reports about website activity and to provide other services related to website use and internet use for the website operator. The IP address transferred from your browser as part of the use of Google Analytics will not be merged with any other Google data.
You can prevent cookies from being saved by using the relevant settings in your browser software. However, we must inform you that you may not be able to use all functions of this website in full if you do so. You can also prevent the collection of data created by the cookie relating to your website use (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available via the following link: tools.google.com/dlpage/gaoptout.
Objection to Data Collection
You can prevent the collection of your data by Google Analytics by clicking on the following link. This will set an opt-out cookie that prevents the collection of your data for future visits to this website: deactivate Google Analytics.
You can find more information on the use of user data by Google Analytics in Google’s data protection policy: https://support.google.com/analytics/answer/6004245?hl=en.
Contract Data Processing
We have entered into a data processing contract with Google and uphold the strict regulations of the German data protection authorities regarding the use of Google Analytics.
Demographics and Google Analytics
This website uses the “Demographics” feature from Google Analytics. This facilitates the creation of reports containing statements about the ages, genders and interests of website visitors. This data comes from Google’s interest-based advertising as well as third party visitor data. This data cannot be traced back to specific people. You can deactivate this function at any time by changing the advertising settings in your Google account or generally prevent the collection of your data by Google Analytics by activating “object to data collection”.
Google Analytics Remarketing
Our website uses features of Google Analytics Remarketing in connection with cross-device functions of Google AdWords and Google DoubleClick. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland.
This function allows the advertising target groups created with Google Analytics Remarketing to be linked with the cross-device functions of Google AdWords and Google DoubleClick. This means that interest-based, personalized advertising messages that have been adapted to reflect your previous use and surfing behavior on one end device (e.g. mobile phone) may be shown on another one of your end devices (e.g. tablet or PC).
If you have granted consent, Google will link your web and app browser history with your Google account for this purpose. This means that you will see the same personalized advertising on all end devices that you use to log into your Google account.
To support this function, Google Analytics collects Google-authenticated IDs for the user, which are then linked with our Google Analytics data in order to define and create target groups for cross-device advertising.
You can object to cross-device remarketing/targeting by deactivating personalized ads in your Google account; follow this link: https://adssettings.google.com/anonymous.
Collected data is only merged in your Google account with your permission, which you can grant and revoke to Google as desired (article 6 paragraph 1 lit a of the GDPR). For data collection processes not linked to your Google account (e.g. because you don’t have a Google account or have objected to merging), data collection is based on article 6 paragraph 1 lit f of the GDPR. The legitimate interest is the website operator’s interest in the anonymous analysis of website visitors for advertising purposes.
You can find more information and the relevant data protection provisions in Google’s data protection policy here: https://policies.google.com/technologies/ads?hl=en.
We use “Google reCAPTCHA” (hereafter “reCAPTCHA”) on our websites. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
reCAPTCHA is used to review whether data entry on our websites (e.g. in a contact form) was entered by a human or an automated program. To this end, reCAPTCHA analyzes the behavior of website users using various characteristics. This analysis begins automatically as soon as the website user enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. address, time on page and user mouse patterns). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run completely in the background. Website visitors are not informed that any analysis is taking place.
Data is processed based on article 6 paragraph 1 lit f of the GDPR. The website operator has a legitimate interest in protecting their online presence from abusive automated reconnaissance and spam.
You can find out more about Google reCAPTCHA as well as Google’s data protection policy here: https://policies.google.com/privacy?hl=en and here: www.google.com/recaptcha/intro/android.html.
In order to measure conversion, our website uses the Facebook Pixel by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”).
This tracks the behavior of website visitors after clicking on a Facebook ad that forwards them to the provider’s website. This means that the effectiveness of Facebook ads can be evaluated for statistical and market research purposes and that future advertising measures can be optimized.
The data collected is anonymous for us as the website operator, and we cannot trace the identity of the users. This data is, however, saved and processed by Facebook so that a link to the user profile is possible and so that Facebook can use the data for their own advertising purposes in accordance with Facebook’s data protection policy. This allows Facebook to position adverts on Facebook pages and outside of Facebook. We have no influence over this use of data as the website operator.
Use of the Facebook Pixel is based on article 6 paragraph 1 lit f of the GDPR. The website operator has a legitimate interest in effective advertising measures, including social media.
You will find more information about your privacy in Facebook’s data protection policy: https://www.facebook.com/about/privacy/.
You can also deactivate the “Custom Audiences” remarketing function in your advertising settings here: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You must be logged into Facebook to do so.
If you don’t have a Facebook account, you can deactivate use-based advertising by Facebook on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/uk/your-ad-choices.
If you would like to receive the newsletter offered on the website, we will need your email address as well as information that allows us to check that the email address belongs to you and that you consent to receive the newsletter. Further data is only collected on a voluntary basis.
The data entered into the newsletter subscription form is only processed with your permission (article 6 paragraph 1 lit a of the DSGVO). You can revoke your consent to save your data and email address, as well as your permission for this to be used to send the newsletter, at any time by clicking the “unsubscribe” link in the newsletter. The legality of any data processing up to the point of revocation shall remain unaffected.
The data saved by us for the purposes of newsletter subscription will only be stored until you unsubscribe from the newsletter, after which time it will be deleted. Data stored by us for other purposes (e.g. email addresses for members’ area) shall remain unaffected.
Newsletter with Pardot Marketing Automation System
This website uses the services of Pardot for sending newsletters. This service is provided by Pardot LLC, 950 E. Paces Ferry Rd. Suite 3300 Atlanta, GA 30326, USA (“Pardot”).
Pardot is a service that can be used to organize and analyze the sending of newsletters. The data provided by you for the purpose of receiving the newsletter is saved to Pardot servers in the USA.
Pardot is certified according to the “EU-US-Privacy-Shield”. The “Privacy Shield” is an agreement between the European Union (EU) and the USA that is intended to ensure compliance with European data protection standards in the USA.
If you do not wish to be a part of Pardot analyses, you must unsubscribe from the newsletter. We provide a link in every newsletter to this end.
What Data is analyzed by Pardot/Salesforce Marketing Automation System
The Pardot Marketing Automation System helps us analyze our newsletter campaigns. Which personal data is transferred to Pardot/Salesforce when ordering the newsletter results from the input masks used on our website.
Here are some examples what can be used to optimize our content from the data you provide us and what is saved by the service:
- We can determine whether certain actions were carried out after opening/clicking. So we can determine if you have made a purchase after clicking on the newsletter.
- Pardot lets us “cluster” newsletter recipients in various categories. This means that newsletter recipients can be categorized by age, gender or location. This allows us to better adapt the newsletters to these target groups.
- The newsletter service offers statistical evaluation options for usage data. This includes information such as whether an e-mail has reached the recipient or has been rejected by the server.
- We are able to see whether a newsletter has been opened or not and which links are visited
- the time of the page call
- IP address
- browser type
- operating system
- count which links are clicked most often
The results of these analyses can be used to better tailor future newsletters to the interests of recipients. We use this information to provide you with the best possible experience and to further improve our service. Follow this link to find out more about Pardot functions: https://www.salesforce.com/company/privacy/
The processing of the data entered in the newsletter registration form takes place on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO). You can revoke this permission at any time. The legality of any data processing up to the point of revocation shall remain unaffected.
Duration of Storage
The data saved by us about you for the purposes of newsletter subscription will only be stored until you unsubscribe from the newsletter, after which time it will be deleted from our servers. Data stored by us for other purposes shall remain unaffected.
Follow this link to find more about the Pardot Privacy Statements: https://www.salesforce.com/company/privacy/full_privacy/
10. Our Social Media Presence
Data Processing by Social Networks
We operate public profiles on social networks. You can find the social networks we use below.
Social networks such as Facebook, Google+ etc. can generally analyze your user behavior in detail when you visit their websites or a website with integrated social media content (e.g. “like” buttons or advertising banners). Visiting our social media pages triggers a range of processing processes that are relevant to data protection. In particular:
If you are logged into your social media account and visit our social media page, the operator of the social media portal can allocate this visit to your user account. Your personal data may still be collected in some circumstances even if you are not logged in or don’t have an account with the relevant social media portal. This data collection may take place using cookies that are saved to your end device or may entail collecting your IP address.
Using this collected data, the operator of the social media portals may create user profiles containing your preferences and interests. This allows them to show you interest-based advertising both inside and outside the relevant social media website. If you have an account with the relevant social network, you may be shown interest-based advertising on all devices on which you have logged in.
Our social media presence is intended to guarantee the most comprehensive online presence possible. This constitutes a legitimate interest in the sense of article 6 paragraph 1 lit f of the GDPR. The analysis processes initiated by the social networks may be based on different legal foundations, which should be provided by the operators of these social networks (e.g. consent in the sense of article 6 paragraph 1 lit a of the GDPR).
Controller and Exercising Rights
When you visit our social media pages (e.g. Facebook), we are jointly responsible for the data processing triggered by this visit together with the operator of the relevant social media platform. You can exercise your rights (information, correction, deletion, restriction of processing, data transferability and complaint) against us as well as the operator of the relevant social media portal (e.g. Facebook).
Please note that, despite having joint responsibility with the social media portal operators, we do not have complete control of the social media portal’s data processing. Our scope of influence relies on the provider’s policies.
Duration of Storage
Data collected directly by us via our social media presence shall be deleted from our systems as soon as the purpose of its storage no longer applies, you request its deletion, you revoke your permission for its storage or the purpose for data storage no longer applies. Cookies will remain stored on your end device until you delete them. Mandatory statutory provisions – especially retention periods – remain unaffected.
Individual Social Networks
We have a Facebook profile. The provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. Facebook has a certificate issued in accordance with the EU-US Privacy Shield.
Optional text if you have agreed to the ‘Page Controller Addendum’ with Facebook:
We have entered into an agreement with Facebook regarding joint responsibility for the processing of data (Controller Addendum). This agreement stipulates which data processing we and/or Facebook are responsible for when you visit our Facebook page. You can view this agreement here:
You can edit the advertising settings in your user account yourself. Click on the following link and log in:
You can find more detailed information in Facebook’s data protection policy:
We use the Twitter messaging service. The provider is Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. Twitter has a certificate issued in accordance with the EU-US Privacy Shield.
You can edit the Twitter data protection settings in your user account yourself. Click on the following link and log in:
You can find more detailed information in Twitter’s data protection policy:
We have an Instagram profile. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. You can find detailed information about how your personal data is handled in Instagram’s data protection policy:
We have a Pinterest profile. The operator is Pinterest Inc., 808 Brannan Street San Francisco, CA 94103-490, USA (“Pinterest”). You can find detailed information about how your personal data is handled in Pinterest’s data protection policy:
We have a XING profile. This is provided by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. You can find detailed information about how your personal data is handled in XING’s data protection policy:
We have a LinkedIn profile. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn has a certificate issued in accordance with the EU-US Privacy Shield. LinkedIn uses advertising cookies.
If you would like to deactivate LinkedIn advertising cookies, please use the following link:
You can find detailed information about how your personal data is handled in LinkedIn’s data protection policy:
From time to time, it is necessary to adjust this data protection information to apply to data collected in the future. We reserve the right to change this content at any time. We will publish the changed version of this data protection policy here. You should therefore re-read the data protection policy when you return to our website.
Valid as of January.2020