Skip to main content

Privacy

Privacy policy

Welcome to our website! The protection and security of your personal information when using our website is very important to us. We would therefore like to take this opportunity to inform you which of your personal data we collect when you visit our website and for what purposes it is used. Personal data is individual information about the personal or factual circumstances of a specific or identifiable natural person (data subject), e.g. name, address, email addresses, user behaviour. This is therefore data with which we can identify you. In addition, you will occasionally also find information on data processing processes outside of this website (e.g. video conferences).

Person responsible for data processing

Person responsible

for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)

WestWood® Kunststofftechnik GmbH
An der Wandlung 20
32469 Petershagen
DE
Phone: +49 5702 8392-0
E-Mail: info(at)westwood.de

Data Protection Officer

exkulpa gmbh
Waldfeuchter Str. 266
52525 Heinsberg Germany
Phone: +49 2452  99 33 11
E-Mail: datenschutz(at)westwood.de

General information

This privacy policy fulfils the legal requirements for transparency in the processing of personal data. This is any information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, email address, IP address or user behaviour when visiting a website. Information for which we cannot (or only with disproportionate effort) establish a connection to your person, e.g. through anonymisation, is not personal data. The processing of personal data (e.g. the collection, retrieval, use, storage or transmission) always requires a legal basis and a defined purpose.

Stored personal data will be deleted as soon as the purpose of the processing has been achieved and there are no legitimate reasons for further storage of the data. We will inform you of the specific storage periods or criteria for storage in the individual processing operations. Irrespective of this, we store your personal data in individual cases for the assertion, exercise or defence of legal claims and in the event of statutory retention obligations.

Information according to Art. 13 GDPR

This information is intended for customers, interested parties, suppliers and employees. Your personal data will be processed by us for the following purposes:

  • To fulfil our contractual obligations to you (Art. 6 para. 1 lit. b GDPR).
  • For the fulfilment of pre-contractual obligations (Art. 6 para. 1 lit. b GDPR).
  • To respond to enquiries (Art. 6 para. 1 lit. b GDPR).
  • If you have given us your consent to process your personal data for specific purposes (e.g. to receive our newsletter), the data processing takes place on the basis of your consent (Art. 6 para. 1 lit. a GDPR).
  • To fulfil legal obligations to which our company is subject (Art. 6 para. 1 lit. c GDPR).
  • Where necessary, we also process your data to safeguard our legitimate interests, in particular to assert legal claims and defend ourselves in legal disputes or to ensure IT security, to consult and exchange data with credit agencies to determine creditworthiness and default risks, for direct advertising and market research unless you have objected to the use of your data for this purpose, for measures for business management and further development of services and products, for measures to optimise products and sales, for risk management measures, for the prevention or investigation of criminal offences (Art. 6 para. 1 lit. f GDPR).

Categories of recipients of the personal data

 Within our company, only those employees have access to the data who absolutely need it to fulfil their tasks (need-to-know principle). Individual processes and services are carried out by carefully selected service providers based within the EEA and commissioned in accordance with data protection regulations. If service providers commissioned by us are given access to personal data when carrying out your services, order processing contracts have been concluded with them in accordance with Art. 28 para. 3 GDPR.

Duration of data storage

The data processed by us is stored for the duration of the existence and processing of the contractual relationship and in compliance with statutory retention periods. These are in particular commercial and tax retention obligations under the German Commercial Code (HGB) and the German Fiscal Code (AO). The regular retention and documentation periods are up to ten years. If there is no contractual relationship, we only process the data for as long as required for the specific purpose.

Your rights as a data subject

 As a data subject, you have the following rights vis-à-vis us with regard to your personal data:

  • Right to information about your personal data processed by us.
  • Right to rectification or erasure if they are incorrect, out of date or unlawfully collected by us.
  • Right to restriction of processing if complete erasure is not possible, e.g. because we have to comply with statutory retention obligations.
  • Right to object to the processing if the data processing is based on a balancing of interests (the so-called legitimate interest), as described above under "Purpose of the processing". This is the case if, in particular, the processing is not necessary for the fulfilment of a contract with you. When asserting your right to object, we ask you to explain the reasons why we should not process your data as we have done.

Of course, you can also object to the processing of your personal data for advertising purposes at any time. To do so, please send your objection to our address given in the legal notice or send us an e-mail to the address given in the legal notice.

  • Right of revocation if you have given us your consent to process your data. You can assert your revocation against our company at any time without giving reasons. To do so, please contact the address given in the legal notice.
  • In addition, you have the right to complain to a data protection supervisory authority about the processing of your personal data by our company.

If you have any questions about data protection, please send an e-mail to the address given in the legal notice.

Cookies

Cookies are small text files that are sent by us to the browser of your end device and stored there when you visit our website. As an alternative to the use of cookies, information can also be stored in the local storage of your browser. Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). Other cookies, on the other hand, enable us to carry out various analyses so that we are able, for example, to recognise the browser you are using when you visit our website again and to transmit various information to us (non-essential cookies). With the help of cookies, we can, among other things, make our website more user-friendly and effective for you, for example by tracking your use of our website and determining your preferred settings (e.g. country and language settings). If third parties process information via cookies, they collect the information directly via your browser. Cookies do not cause any damage to your end device. They cannot execute programmes or contain viruses.

We provide information about the respective services for which we use cookies in the individual processing operations. Detailed information on the cookies used can be found in the cookie settings or in the Consent Manager of this website.

Your rights

Under the conditions of the statutory provisions of the General Data Protection Regulation (GDPR), you have the following rights as a data subject:

  • Information in accordance with Art. 15 GDPR about the data stored about you in the form of meaningful information on the details of the processing as well as a copy of your data;
  • Correction in accordance with Art. 16 GDPR of incorrect or incomplete data stored by us;
  • erasure pursuant to Art. 17 GDPR of the data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
  • restriction of processing pursuant to Art. 18 GDPR if the accuracy of the data is contested, the processing is unlawful, we no longer need the data and you oppose the erasure of the data because you need it for the establishment, exercise or defence of legal claims or you have objected to processing pursuant to Art. 21 GDPR.
  • Data portability pursuant to Art. 20 GDPR, insofar as you have provided us with personal data on the basis of consent pursuant to Art. 6 para. 1 lit. a GDPR or on the basis of a contract pursuant to Art. 6 para. 1 lit. b GDPR and these have been processed by us using automated procedures. You will receive your data in a structured, commonly used and machine-readable format or we will transmit the data directly to another controller if this is technically feasible.
  • Objection pursuant to Art. 21 GDPR to the processing of your personal data, insofar as this is carried out on the basis of Art. 6 para. 1 lit. e, f GDPR and there are reasons for this arising from your particular situation or the objection is directed against direct advertising. The right to object does not exist if overriding, compelling legitimate grounds for the processing can be demonstrated or the processing is carried out for the establishment, exercise or defence of legal claims. If the right to object does not exist for individual processing operations, this is indicated there.
  • Revocation pursuant to Art. 7 para. 3 GDPR of your consent with effect for the future.
  • Complaint to a supervisory authority pursuant to Art. 77 GDPR if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your workplace or our company headquarters.

Data processing in detail

Below we inform you about the individual processing operations, the scope and purpose of the data processing, the legal basis, the obligation to provide your data and the respective storage period. There is no automated decision-making in individual cases, including profiling.

Provision of the website

When you access and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which the access is made (referrer URL)
  • Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider

Our website is not hosted by us, but by a service provider who processes the aforementioned data on our behalf in accordance with Art. 28 GDPR for the purpose of providing the website.

The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR).

We use the following hoster:

IOK GmbH & Co KG
Brockweg 17
33415 Verl
Germany

Contact form

Type and scope of processing

If you send us enquiries (e.g. via contact form, e-mail or telephone), we store all the data that results from this (e.g. name, e-mail address, subject of the enquiry, etc.). We need this data to process your enquiry and to be able to answer any follow-up questions. We will not pass on this data without your consent.

Purpose and legal basis

This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. Otherwise, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if you have previously given it.

Storage duration

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions - in particular retention periods - remain unaffected.

Specialist processor mediation

 If you use our online tool for specialist processing, we will forward your details from the form, including your e-mail address and telephone number, to the selected specialist processors for the purpose of preparing an offer.

This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested.

We will retain the data you provide on the form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions - in particular retention periods - remain unaffected. For information on data processing by the specialised processor, please refer to the data protection provisions of the respective provider.

Contact form for applicants

Type and scope of processing

You have the opportunity to apply to us on our website (e.g. by e-mail, post or online application form).

Purpose and legal basis

We process the personal data of applicants in accordance with the legal requirements for the purpose of processing the application procedure and for the implementation of pre-contractual measures within the meaning of Art. 6 para. 1 lit. b. GDPR and § 26 BDSG according to German law (initiation of an employment relationship) and - if you have given your consent - Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.

If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of § 26 BDSG and Art. 6 para. 1 lit. b GDPR for the purpose of implementing the employment relationship.

Storage duration

Your data will be stored for a period of 6 months after the end of the application process. This is usually done to fulfil legal obligations or to defend against any claims arising from legal regulations. We are then obliged to delete or anonymise your data. In this case, the data will only be available to us as so-called metadata without direct personal reference for statistical analyses (e.g. proportion of women or men in applications, number of applications per period, etc.).

If it is evident that the data will be required after the expiry of the 6-month period (e.g. due to an impending or pending legal dispute), deletion will only take place when the purpose for further storage no longer applies.

Inclusion in the applicant pool

As part of the application process, we offer applicants the opportunity to be included in our applicant pool for a period of 12 months on the basis of consent within the meaning of Art. 6 para. 1 lit. a. DS-GVO to be included.

The application documents in the applicant pool will only be processed in the context of future job advertisements and the search for employees and will be destroyed after the deadline at the latest. Applicants are informed that their consent to inclusion in the applicant pool is voluntary, has no influence on the current application process and that they can revoke this consent at any time for the future.

If you receive an offer of employment with us during the application process and accept it, we will store the personal data collected during the application process for at least the duration of the employment relationship.

Applicant management via perbit

The data transmitted as part of your application will be transferred using TLS encryption and stored in a database. This database is operated by perbit Software GmbH, which offers personnel administration and applicant management software (https://www.perbit.com/datenschutz.htm). Perbit is our processor in this context in accordance with Art. 28 GDPR. The basis for the processing is an order processing contract between us as the controller and perbit.

Presence on social media platforms

Data processing by social networks

We operate publicly accessible profiles in social networks. The individual social networks we use are listed below.

Social networks such as Facebook, Twitter etc. can generally analyse your user behaviour comprehensively. When you visit our social media sites, the following data protection-relevant processing operations are triggered:

If you are logged into your social media account and visit our profile, the operator of this social medium can track this visit. Irrespective of this, the operator may be able to process your data (e.g. IP address) even if you are not logged into your account or do not have an account at all.

The operator summarises this data in user profiles in which your preferences and interests are stored. These profiles are used to display personalised advertising within and outside the respective social media presence. If you have an account with the respective social network, the personalised advertising can be displayed on all devices on which you are logged in or were logged in.

Depending on the platform, further processing operations may be carried out by the operators of the social media portals, over which we have no influence. For details, please refer to the terms of use and privacy policies of the respective social media portals.

Legal basis

Our social media presences are intended to ensure the widest possible presence on the Internet within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes carried out by the operators of the social networks may be based on different legal bases, which must be specified by the respective providers.

Responsible party and assertion of rights

If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. You can assert your rights (information, rectification, erasure, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. Facebook).

Despite the joint responsibility with the social media portal operators, we have no full influence on the data processing procedures of the portals. Our options are largely determined by the corporate policy of the respective provider.

Storage duration

The data collected directly by us via the social media presence will be deleted from our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Mandatory statutory provisions - in particular retention periods - remain unaffected.

We have no influence on the storage period of the data collected by the social networks. For details, please contact the operators of the social networks directly (e.g. in their privacy policies, see below).

Facebook page

We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The data collected is also transferred to the USA and other third countries.

We have concluded an agreement with Facebook on joint processing (Controller Addendum), which specifies which data processing operations we or Facebook are responsible for. You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.

You can customise your advertising settings yourself in your user account. To do this, click on the following link and log in: https://www.facebook.com/settings?tab=ads.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

You can find more information on data processing by Facebook at https://www.facebook.com/about/privacy/.

Instagram page

We have a profile on Instagram. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381.

Details on how they handle your personal data can be found in Instagram's privacy policy: https://help.instagram.com/519522125107875.

LinkedIn page

We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.

If you wish to deactivate LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.

Details on how they handle your personal data can be found in LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.

XING page

We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. Details on how they handle your personal data can be found in XING's privacy policy: https://privacy.xing.com/de/datenschutzerklaerung.

YouTube

We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on how they handle your personal data can be found in YouTube's privacy policy: https://policies.google.com/privacy?hl=de.

Video conferencing

Data processing

We use online conferencing tools to communicate with our customers. The tools we use in detail are listed below. If you communicate with us via video or audio conference, your personal data will be collected and processed by us and the provider of the respective tool.

The tools collect the data you provide, including your email address and telephone number. They also process the duration of the conference, when you attended the conference, number of participants and other metadata.

In addition, the provider of the tool processes all technical data required to organise the conference. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection.

If you share content on this service, it will be stored on the provider's servers. This includes cloud recordings, chat messages, voice messages, photos and videos that you have shared while using this service.

Please note that we do not have full control over the data processing operations of the tools used. For more information on data processing by the conference tools, please refer to the privacy policies of the tools used.

Purpose and legal basis

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 para. 1 lit. b GDPR). Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). If you have previously given your consent to data processing, your data will be processed solely on the basis of Art. 6 para. 1 lit. a GDPR; consent can be withdrawn at any time.

Storage duration

The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory statutory retention periods remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

Microsoft Teams

We use Microsoft Teams. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. Details on data processing can be found in the Microsoft Teams privacy policy: privacy.microsoft.com/de-de/privacystatement.

The company is certified according to the "EU-US Data Privacy Framework" (DPF), an agreement between the European Union and the USA, which aims to ensure compliance with European data protection standards when processing data in the USA. Certification under the DPF obliges companies to comply with these data protection standards. You can find more information at: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000KzNaAAK&status=Active

Order processing

In order to ensure that personal data is processed in accordance with our specifications and in compliance with the GDPR, we have concluded an order processing agreement (AVV) with the provider. Website visitors are only processed in accordance with our instructions and in compliance with the GDPR.

Consent with Cookiebot

Our website uses Cookiebot's consent technology to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document this in accordance with data protection regulations. The provider of this technology is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter referred to as "Cookiebot").

When you enter our website, a connection is established to the Cookiebot servers in order to obtain your consent and other declarations regarding the use of cookies. A cookie is set in your browser in order to be able to assign and document your consent or revocation. This data is stored until you delete the cookie, request us to delete the data or the purpose for the data processing no longer applies. Statutory retention obligations remain unaffected.

Cookiebot is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.

Order processing

In order to ensure that personal data is processed in accordance with our specifications and in compliance with the GDPR, we have concluded an order processing agreement (AVV) with the provider.

Cookiebot CDN

Type and scope of processing

We use Cookiebot CDN to properly deliver the content of our website. Cookiebot CDN is a service of Cybot A/S, which acts as a content delivery network (CDN) on our website to ensure the functionality of other Cybot A/S services. You will find a separate section in this privacy policy for these services. This section only deals with the use of the CDN.

A CDN helps to provide the content of our online offer, in particular files such as graphics or scripts, more quickly with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to the servers of Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark, whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of Cookiebot CDN.

Purpose and legal basis

The Content Delivery Network is used on the basis of our legitimate interests, i.e. interest in the secure and efficient provision and optimisation of our online offer in accordance with Art. 6 para. 1 lit. f. GDPR. GDPR.

Storage duration

The specific storage period of the processed data cannot be influenced by us, but is determined by Cybot A/S. Further information can be found in the privacy policy for Cookiebot CDN: https://www.cookiebot.com/de/privacy-policy/.

Google Ads

We use Google Ads services and functions on this website, which are offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Type and scope of data processing With
the help of Google Ads, we can display online adverts in the Google search engine or on other websites when users search for certain terms. In addition, adverts can be shown to specific target groups on the basis of user data. For example, the adverts are targeted to
the interests and location of users. We analyse this user data and the number of clicks in order to measure the success of our advertisements.

Legal basis
When using Google Ads, we rely on Art. 6 para. 1 lit. f GDPR as the legal basis, as we have a legitimate interest in analysing the use of our website in order to successfully market our services and products.

The transfer of your personal data to the USA is based on the standard contractual clauses of the EU Commission. You can find more information on this at https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.

The company is certified according to the "EU-US Data Privacy Framework" (DPF), an agreement between the European Union and the USA, which aims to ensure compliance with European data protection standards when processing data in the USA. Certification under the DPF obliges companies to comply with these data protection standards. You can find more information at: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Google Analytics

We use Google Analytics services and functions on this website, offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Type and scope of data processing

With the help of Google Analytics, we as website operators can determine how our website is used. As part of the analysis, we find out how often our website is accessed, how long visitors stay on the site and which devices or systems they use to access the website. We can also track your mouse movements and clicks. Google Analytics uses machine learning and other technologies to analyse and supplement your data. The data collected is usually processed on Google servers in the USA.

Legal basis

When using Google Analytics, we rely on Art. 6 para. 1 lit. f GDPR as the legal basis for the storage and analysis of personal data, as we have a legitimate interest in analysing the use of our website. This enables us to optimise our online offering for you. If you have previously given your consent to data processing by Google Analytics on this website, the processing of your data takes place solely on the legal basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time.

The transfer of your personal data to the USA is based on the standard contractual clauses of the EU Commission. You can find more information on this at https://privacy.google.com/businesses/controllerterms/mccs/.

The company is certified according to the "EU-US Data Privacy Framework" (DPF), an agreement between the European Union and the USA, which aims to ensure compliance with European data protection standards when processing data in the USA. Certification in accordance with the DPF obliges companies to comply with these data protection standards. You can find more information at: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Order processing

In order to ensure that personal data is processed in accordance with our specifications and in compliance with the GDPR, we have concluded an order processing agreement (AVV) with the provider.

Storage duration

Google stores data linked to cookies, user IDs or advertising IDs for two months, after which they are anonymised or deleted. Further information on the storage period or deletion of your data can be found at https://support.google.com/analytics/answer/7667196?hl=de.

Google CDN

For the fast and secure delivery of content, especially large media files, we use the Content Delivery Network (CDN) Google Cloud CDN, a service provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Type and scope of data processing

Google Cloud CDN uses a network of regionally distributed servers connected via the Internet to ensure fast and efficient access to the content we offer. For more information about Google Cloud CDN, please visit the website: https://cloud.google.com/cdn/docs/overview?hl=de.

Legal basis

The use of Google Cloud CDN serves our legitimate interest in the reliable and smooth provision of our online services and is justified in accordance with Art. 6 para. 1 lit. f GDPR.

Data is transferred to the USA on the basis of the European Commission's standard contractual clauses. You can find further information on this at https://cloud.google.com/terms/eu-model-contract-clause.

The company is certified according to the "EU-US Data Privacy Framework" (DPF), an agreement between the European Union and the USA, which aims to ensure compliance with European data protection standards when processing data in the USA. Certification in accordance with the DPF obliges companies to comply with these data protection standards. You can find more information at: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Order processing

In order to ensure that personal data is processed in accordance with our specifications and in compliance with the GDPR, we have concluded an order processing agreement (AVV) with the provider.

Google DoubleClick

We use Google DoubleClick services and functions on this website, offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Type and scope of data processing

Google DoubleClick allows us to show targeted adverts in Google applications that match the interests of users. In order to offer relevant advertising, Google DoubleClick must identify users and associate their visits to websites, clicks and other information with their user behaviour. For this purpose, Google DoubleClick uses cookies and technologies to recognise users and creates pseudonymised user profiles based on the data collected.

You can deactivate this personalised advertising in your personal Google account at https://policies.google.com/technologies/ads and https://adssettings.google.com/authenticated to deactivate this personalised advertising.

Legal basis

When using Google DoubleClick, we rely on Art. 6 para. 1 lit. f GDPR as the legal basis, as we have a legitimate interest in analysing the use of our website. This enables us to optimise our online presence and offers for you. If you have previously given your consent to data processing by Google DoubleClick on this website, the processing of your data takes place on the legal basis of Art. 6 para. 1 lit. a GDPR in conjunction with §25 para. 1 TTDSG. You can revoke your consent at any time.

The company is certified according to the "EU-US Data Privacy Framework" (DPF), an agreement between the European Union and the USA, which aims to ensure compliance with European data protection standards when processing data in the USA. Certification in accordance with the DPF obliges companies to comply with these data protection standards. You can find more information at: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Google Tag Manager

We use Google Tag Manager services and functions on this website, which are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to use other tools on our website. It does not create any user profiles, it does not store any cookies and it does not carry out any independent analyses. However, your IP address is recorded and may be transmitted to the USA. The Google Tag Manager itself is only used to manage these tools that are integrated via it.

When using the Google Tag Manager on this website, we rely on Art. 6 para. 1 lit. f GDPR as the legal basis, as we have a legitimate interest in implementing and directing tracking tools on this website quickly and easily. If you have previously given your consent to data processing on this website by Google Tag Manager, the processing of your data takes place solely on the legal basis of Art. 6 para. 1 lit. a GDPR § 25 para. 1 TTDSG. You can revoke your consent at any time.

The company is certified according to the "EU-US Data Privacy Framework" (DPF), an agreement between the European Union and the USA, which aims to ensure compliance with European data protection standards when processing data in the USA. Certification in accordance with the DPF obliges companies to comply with these data protection standards. You can find more information at: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Hotjar

Our website uses services and functions of Hotjar, an analysis tool of Hotjar Limited, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta Europe.

Type and scope of data processing

With the help of Hotjar, we are able to analyse user behaviour on our website. This analysis records which mouse actions you perform, how long you look at certain content and other interactions. Hotjar then creates "heat maps" that show us which areas of the website are most frequently visited by visitors.

Hotjar also provides us with information about how long you spend on a page, when you left it and when you cancelled your entries in a contact form. As a visitor to our website, you also have the opportunity to provide direct feedback on the website. Hotjar uses technologies (such as cookies or fingerprinting systems) to recognise website visitors on repeat visits.

Legal basis

The processing of personal data is carried out on the basis of Art. 6 para. 1 lit. f GDPR, as we have a legitimate interest in analysing website usage in order to optimise our online presence and offers. If you have given your consent to data processing by Hotjar on this website, the processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. You can revoke your consent at any time.

Deactivating Hotjar

If you do not want Hotjar to process your personal data, you can deactivate tracking. Please note that this must be done separately for each browser or end device. You can find detailed instructions on how to do this at https://www.hotjar.com/opt-out. Further information on the processing of your user data can be found in Hotjar's privacy policy at https://www.hotjar.com/privacy.

Order processing

In order to ensure that personal data is processed in accordance with our specifications and in compliance with the GDPR, we have concluded an order processing agreement (AVV) with Hotjar.

YouTube video

Type and scope of processing

This website embeds videos from YouTube. The operator is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

When you start a YouTube video on this website, a connection to its servers is established. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you also enable YouTube to assign your surfing behavior to your personal profile. You can prevent this by logging out of your account.

After starting a video, YouTube can store various cookies on your end device or use comparable recognition technologies, such as device fingerprinting. This allows YouTube to obtain information about visitors to this website. This information is used, among other things, to record video statistics, improve user-friendliness and prevent attempts at fraud.

Further data processing operations after the start of a video, over which we have no influence, are not excluded.

You can find more information about data protection at YouTube in the privacy policy: https://policies.google.com/privacy?hl=de.

Purpose and legal basis

YouTube is used on the basis of our legitimate interest in an appealing presentation of our online offers (Art. 6 para. 1 lit. f GDPR). If a corresponding consent has been requested, the data will be processed exclusively on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR. This can be revoked at any time.

The company is certified according to the "EU-US Data Privacy Framework" (DPF), an agreement between the European Union and the USA, which aims to ensure compliance with European data protection standards when processing data in the USA. Certification under the DPF obliges companies to comply with these data protection standards. You can find more information at: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active