Data protection statement

During use of our website, we collect information that you provide yourself. We also automatically collect certain information about your use of the site during your visit to the site. In data protection law, the IP address is also considered personal data. An IP address is assigned to each device connected to the internet by the internet provider so that it can send and receive data.

1. Processing of Server-Log-Files
When using our website for informative purposes only, general information that your browser transfers to our server is initially stored automatically (not via registration). This includes by default: browser type/-version, operating system used, page called, the previously visited page (referrer URL), IP address, date and time of server request and HTTP status code. The processing is carried out in pursuit of our legitimate interests and is based on Art. 6 section 1 letter f) GDPR. This processing serves the technical administration and security of the website. The data collected will be deleted after fourteen days unless there is a justified suspicion of illegal use based on concrete indications and further examination and processing of the information is necessary for this reason. We are unable to identify you as a data subject based on the information collected. Art. 15 to 22 GDPR therefore do not apply pursuant to Art. 11 section 2 GDPR, unless you provide additional information to enable your identification in order to exercise the rights set out in these articles.

2. Data Transfer to third countries
Visiting our website may involve the transfer of certain personal data to third countries, i.e. countries where the DSGVO is not applicable law. Such a transfer shall be authorised if the European Commission has decided that an adequate level of data protection is ensured in such third country.
In the absence of such an adequacy decision by the European Commission, personal data will only be transferred to a third country if appropriate safeguards are in place in accordance with Art. 46 DSGVO or if one of the conditions of Art. 49 DSGVO is met.
Unless otherwise stated below, we use as appropriate safeguards the EU standard contractual clauses for the transfer of personal data to processors in third countries: https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=CELEX%3A32010D0087.

3. Contact and requests
When you send us a message via our contact email address, we will process the transferred data in order to process the request.
We process this data in pursuit of our legitimate interest to reach out to persons submitting requests. The legal basis for this is Art. 6 section 1 letter f) GDPR.

4. Registration
In order to use certain functions on our website, registration via the website is required. The required information can be found in the input mask. For registration, we process the name and email address entered as well as a password freely chosen. Providing the information marked as mandatory is required to complete the registration. The data provided is processed for the purpose of performance. The legal basis for this is Art. 6 section 1 letter b) GDPR.

5. Applications
When you apply for a position at our company, we process your application data exclusively for purposes related to your interest in current or future employment with us and handling your application. All employees entrusted with data processing are obliged to maintain the confidentiality of your data. If we are unable to offer you a position, we will retain the data you provided for up to six months for the purpose of answering potential questions relating to your application and rejection. This does not apply if legal provisions prevent deletion, if further storage is necessary for the purpose of presenting evidence or if you have expressly consented to longer storage.
Legal basis for the data processing is section 26 para. 1 BDSG. If we keep your applicant data for a period of six months and you have expressly consented to this, we would like to point out that this consent can be freely withdrawn at any time in accordance with Art. 7 section 3 GDPR. Such a revocation does not affect the lawfulness of processing based on the consent prior to its withdrawal.

6. Newsletter
On our website we offer the possibility to register for our newsletter. After the registration we will inform you regularly about the latest news about our offers. A valid e-mail address is required to register for the newsletter. To verify the e-mail address, you will first receive a registration e-mail, which you must confirm via a link (double opt-in). If you subscribe to the newsletter on our website, we process personal data such as your e-mail address and your name on the basis of the consent you have given. The processing is based on the legal basis of Art. 6 section 1 letter a) GDPR.
You can withdraw the consent you have given at any time with effect for the future, for example by clicking on the “unsubscribe” link in the newsletter or by contacting us via the channels mentioned above. The legality of the data processing operations already carried out remains unaffected by the revocation. When registering for the newsletter, we also save the IP address and the date and time of registration. The processing of this data is necessary to prove that you have given your consent. The legal basis results from our legal obligation to document your consent (Art. 6 section 1 letter c), Art. 7 section 1 GDPR).
We also analyse the reading behaviour and opening rates of our newsletter. For this purpose, we collect and process pseudonymised usage data, which we do not combine with your e-mail address or IP address. The legal basis for the analysis of our newsletter is Art. 6 section 1 letter f) GDPR and the processing serves our legitimate interest in the optimisation of our newsletter. You can object to this at any time by contacting one of the contact channels mentioned above.
For the administration of the subscribers, the sending of the newsletter and the analysis, we use the CleverReach service of CleverReach GmbH & Co. KG (Mühlenstr. 43, 26180 Rastede, Germany). The CleverReach GmbH & Co. KG processes personal data as a processor only with our express instruction and is contractually obligated to guarantee sufficient technical and organizational measures for data protection. The data processing by CleverReach GmbH & Co. KG only takes place in data centers in the European Union.

7. Cookies
We use cookies and similar technologies on our website. Cookies are small text files that are stored by your browser when you visit a website. This makes the browser identifiable so it can be recognised by our web server. We use so-called ‘session cookies’, which are deleted when the browser session is ended. Other cookies (‘persistent cookies’) are automatically deleted after a specific period, which may vary depending on the cookie.

In part, the use of cookies is necessary to maintain functionality and operation of our website. Apart from that, we use cookies and similar technologies to measure the coverage of our website and analyse the use of our website.

Cookies are stored on the computer of the user. Therefore, you as the user have full control over the use of cookies. You can delete cookies in the security settings of your browser at any time. You can object to the use of cookies entirely or for certain cases in your browser settings. Further information from the Federal Office for Information Security is available at https://www.bsi-fuer-buerger.de/BSIFB/DE/Empfehlungen/EinrichtungSoftware/EinrichtungBrowser/Sicherheitsmassnahmen/Cookies/cookies_node.html.

You can find information on how we use cookies and similar technologies in the description of the specific processing activity.

8. Consent Management System
This website uses a Consent Management Banner of the provider Borlaps to control cookies. The Borlabs content banner enables users of our website to give their consent to certain data processing procedures or to revoke any consent given. In addition, Borlabs supports us in being able to provide proof of consent. For this purpose, Borlabs processes information on the declaration of consent and further protocol data on this declaration. Cookies are also used to collect this data.
The processing of these data is necessary to prove that consent has been given. The legal basis results from our legal obligation to document your consent (Art. 6 section 1 letter c), Art. 7 section 1 GDPR).

9. Analysis of our website with Google Analytics
In order to evaluate visits to our website, we use Google Analytics, a service provided by Google Ireland Limited (Ireland/EU). Google will use cookies to analyse your use of our website. During this process, personal data in the form of online identifiers (including cookie identifiers), IP addresses, device identifiers and information about your interaction with our website will be collected. The information, aggregated through the cookie, will normally be transferred to Google’s servers in the USA and stored there. Google will use this information on our behalf, to analyse the use of our website, create reports about the general activity on our website and to provide us with further services in relation to the use of our website. During this process, the data can be used to build pseudonymous user profiles for single users.
We only use Google Analytic with activated IP address anonymisation. With this setting the user’s IP address will be shortened within the EU or the European Economic Area. The user’s full IP address will only be sent to Google’s servers in the USA and shortened there in exceptional cases. The user’s IP address provided by the user’s web browser will not be merged with other data stored by Google.
We use a product variant called Google Universal Analytics. This service enables us to connect data from multiple sessions and multiple devices under a unique User-ID. By using it, we can put single user interactions in a broader context and are able to analyse long term relationships.
User interaction data will be stored for a duration of 14 months and will be deleted automatically afterwards. The deletion process of data for which the storage period has passed will be performed automatically, once per month.
The setting of cookies and the processing of personal data described here, are conducted with your consent. Legal basis for the processing of personal data through Google Analytics is therefore Art. 6 section 1 letter a) GDPR. You can object to the storage of cookies by Google Analytics through editing the respective settings of your web browser. Furthermore, you can prevent the collection of aforementioned information with a browser plugin available through the following link: https://tools.google.com/dlpage/gaoptout. If you are visiting our website with a mobile device, you can disable Google Analytics by clicking this link. Please be advised, that we will document your consent, as we are required to do so by Art. 7 section 1 GDPR. Because we are required to do so by law, the legal basis for the storage is Art. 6 section 1 letter c) GDPR.

10. Integrated services and third-party content
We use services and content (collectively, “Content”) provided on our Website by third parties. For such an integration a processing of your IP address is necessary, so that the contents can be sent to your browser. Your IP address will therefore be transmitted to the respective third party providers. This data processing is carried out in order to safeguard our legitimate interests in the optimisation and economic operation of our website and finds its legal basis in Art. 6 section 1 letter f) GDPR. You can object to this data processing at any time by changing the settings of your browser or by using certain browser extensions. One such extension is the uMatrix matrix-based firewall for the Firefox and Google Chrome browsers. Please note that this may result in functional restrictions on the website.
We have incorporated into our website content from the following third-party services:
Services provided by Google Ireland Limited (Ireland/EU):

• „Google-Maps“ to display maps
• „Google Web Fonts“ to display fonts