Information for website users
Area of application
This data privacy statement applies to all sites in our online network which link to this statement. The overarching information can be found on our main data privacy page.
Purpose of data collection
The reason for collecting the data is the optimization of the website, error analysis, individual customization to suit your requirements, the offer of establishing contact and the sale of products and services where applicable.
General information on data processing
As a fundamental principle, we only collect and utilize the personal data of our users to the extent that this is necessary to do so for the provision of a functional website along with our content and services. The personal data of our users is only collected and utilized on a regular basis with the consent of the user. An exception to this is cases where advance acquisition of consent is not possible for actual reasons and the processing of the data is permitted by legal regulations.
Legal basis for the processing of your data:
- In cases where we obtain the consent of the affected person to use personal data for processing purposes, Art.6 Para.1 lit.a EU General Data Protection Regulation (GDPR) serves as the legal basis.
- When processing personal data required for the fulfilment of an agreement whose contractual partner is the affected person, Art.6 Para.1 lit.b GDPR serves as the legal basis. This also applies to processing procedures required for the execution of pre-contractual measures.
- If processing is necessary to uphold a justified interest of our company or a third party and if the interests, fundamental rights and basic freedoms of the affected person do not outweigh the aforementioned interests, Art.6 Para.1 lit.f GDPR serves as the legal basis for processing.
Justified interests can be in particular:
- Replies to inquiries
- The conducting of direct marketing measures
- The provision of services and/or information intended for you
- The processing and transfer of personal data for internal or administrative purposes
- The operation and administration of our website
- The technical support of users
- The avoidance and disclosure of cases of fraud and criminal offences
- Protection against default of payment when obtaining credit rating information for inquiries about deliveries and services and/or
- The guaranteeing of network and data security provided that these interests each comply with applicable law and the rights and liberty of users
- The achieving of efficiency gains through the consolidation of services in individual group companies (in particular marketing, IT, procurement)
Categories of recipient
- Providers of services to optimize websites, online marketing service providers and tools, service companies for information and communication technology, software and equipment maintenance companies, some of them described in more detail below
- Social networks and communities as outlined in more detail below
- Internal recipients in line with the “need to know” principle
Usage data / server logfiles
Every time our website is accessed, our systems record automated data and information from the computer system of the person accessing the website.
The following data types are collected here: browser type, version used, user’s operating system, internet service provider, user’s IP address, date and time of access, websites from which the user’s system accessed our website or which the user accessed from our website.
The legal basis for the temporary storage of the data and the logfiles is Art.6 Para.1 lit. f GDPR with the above-mentioned justified interests.
The temporary storage of the IP address is necessary to enable delivery of the website to the user’s computer. To do so, the user’s IP address must remain in the memory for the duration of the session.
Information is stored in logfiles to ensure the functionality of the website. The data also helps us to optimize the website and guarantee the security of our technical information systems. The data is not evaluated here for marketing purposes. These purposes also include our justified interest in data processing. The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of data collection in order to make the website available, this is the case when each session ends. We also reserve the right to check files if there are specific indications which permit the justified suspicion of unlawful use or a concrete attck on the sites. In this case, our justified interest is processing for the purpose of investigation and the criminal prosecution of attacks of this kind and unlawful use.
The legal basis for processing personal data by means of technically necessary cookies is Art.6 Para.1 lit. f GDPR. The legal basis for processing personal data using cookies for analysis purposes is Art. 6 Para. 1 lit. a GDPR with the user’s consent thereto, otherwise Art. 6 Para. 1 lit f GDPR in conjunction with EG 47.
General statements on web beacons / tracking pixels
Web beacons are invisible graphics the size of a pixel. They are used by partner companies, especially for the purpose of tracking a user over several web pages to form a profile for use with advertising material customized to the user (targeting). A pixel incorporated in the web page is loaded from the partner’s server when the web page is accessed, thus giving the partner your IP address and information on your browser and its version, as well as any browser plug-ins used (browser fingerprint), and on your operating system and network operator.
Contents of external providers
Some of our web pages include the contents of third parties within the offer, such as videos from YouTube, map material from Google Maps, images, texts and multimedia files, RSS feeds or other services from other websites. The prerequisite for this is always the transfer of your IP address to the provider of the content. We cannot make any statement on the use of your data by these providers and have no influence on its further use, especially on whether the data is used for other purposes, such as profiling. Please refer to the data protection notes of each third party provider for more information on this.
You can protect yourself from further tracking via the tracking pixels of these providers by disabling acceptance of third party cookies in your browser settings.
A web service provided by the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View (hereinafter referred to as Google APIs) is installed on our website. We use this data to guarantee the complete functionality of our website. In this regard, your browser may transfer personal data to Google APIs. The legal basis for data processing is Art. 6 Para.1 lit. f GDPR. The justified interest lies in the error-free functioning of the website. Google APIs has certified itself within the scope of the EU-US-Privacy Shield Agreement (cf. https://www.privacyshield.gov/list ). The data is deleted as soon as the purpose of its collection has been fulfilled. You will find more information on the handling of transferred data in the data privacy statement of Google APIs: https://www.google.com/intl/de/policies/privacy/ . You can prevent the recording and processing of your data by Google APIs by deactivating the execution of ScriptCode or installing a script blocker in your browser (you will find this at www.noscript.net or www.ghostery.com , for example).
A web service provided by the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View (hereinafter referred to as gstatic) is installed on our website. We use this data to guarantee the complete functionality of our website. In this regard, your browser may transfer personal data to gstatic. The legal basis for data processing is Art. 6 Para.1 lit. f GDPR. The justified interest lies in the error-free functioning of the website. gstatic has certified itself within the scope of the EU-US-Privacy Shield Agreement (cf. https://www.privacyshield.gov/list ). The data is deleted as soon as the purpose of its collection has been fulfilled. You will find more information on the handling of transferred data in the data privacy statement of gstatic: https://www.google.com/intl/de/policies/privacy/ . You can prevent the recording and processing of your data by gstatic by deactivating the execution of ScriptCode or installing a script blocker in your browser (you will find this at www.noscript.net or www.ghostery.com , for example).
Data privacy statement for Twitter integration
We use the technical platform and services of Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103 U.S.A. for the short message service we offer. Responsibility for the processing of the data of persons living outside the United States lies with Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland. We would like to point out here that you use the Twitter short message service and its functions offered here at your own responsibility. This applies in particular to the use of interactive functions (e.g. share, evaluate).
You will find information on the data which is processed by Twitterand the purposes for which it is used in Twitter’s data privacy statement: https://twitter.com/de/privacy Twitter Inc. has committed itself to the principles of the EU-US Privacy Shield. You will find more information on this at:
We have no influence on the type and extent of data processed by Twitter, on the manner of processing and use or on the forwarding of this data to third parties. We therefore have no effective control options here either. By using Twitter, your personal data is recorded, transferred, stored, disclosed and used by Twitter Inc. and also – irrespective of your place of residence – transferred for storage and use to the United Staes, Ireland and every other country in which Twitter does business.Twitter processes your voluntarily entered data here, such as your name, user name, e-mail address and telephone number, or the contacts in your address book if you upload or synchronize it. On the other hand, however, Twitter also evaluates the contents shared by you to establish the topics in which you are interested, stores and processes confidential messages which you send directly to other users and can determine your location on the basis of GPS data, information on wireless networks or through your IP address in order to send you advertising material or other contents. Under certain circumstances, Twitter Inc. uses analysis tools such as Twitter or Google Analytics for evaluation purposes. We have no influence on the use of tools of this kind by Twitter Inc. and have not been notified either about potential use of this kind. If any tools of this kind are used by Twitter Inc. for our account, we have neither ordered nor authorized this or supported it in any other way. The data acquired during analysis is not made available to us either. Only certain non-personal information about a person’s tweet activities, i.e. the number of profile or link clicks via a particular tweet can be accessed by us via our account. Beyond this, we have no way of preventing or discontinuing the use of tools of this kind on a person’s Twitter account.
Finally, Twitter also receives information when you look at content, for example, even if you have not opened an account. This so-called “log data” can comprise the IP address, browser type, operating system, information on the previously accessed website and other sites accessed by you, your location, your mobile phone provider, the end device you used (including the device ID and user ID), the search terms you used and cookie information.
Because Twitter Inc. is a non-European provider who only has a European branch in Ireland, it is not bound by German data protection regulations according to its own reading mode. This affects such aspects as your right to information, the blocking or deletion of data and the option of revoking the use of utilisation data for advertising purposes.
You have options of restricting the processing of your data in the general settings of your Twitter account and under the heading “Data protection and security”. In addition to this, you can restrict Twitter access to contact and calendar data, photos, location data etc in the setting options of mobile devices (smartphones, tablet computers). This depends on the operating system used, however.
More information on this can be found on the following Twitter support pages:
You can find out here about the option of accessing your own data with Twitter:
Information on the conclusions drawn by Twitter about you can be found here:
Information on the available personalization and data protection setting options can be found here (with additional references):
You also have the option of requesting information using the Twitter data privacy form or archive requests:
We also process your data, but we do not collect any data via our Twitter account. The IP addresses of visitors to our site are not transferred to Twitter Inc. either via the integration of our tweets on our homepage.
The data you enter into Twitter, especially your user name and content published under your account, are processed by us in such a way that we may re-tweet your tweets if necessary, or reply to them or compose our own tweets referring to your account. In this way, the data freely published and distributed by you on Twitter is included by us in our offer and made available to our followers.
Data privacy statement for the use of Vimeo plug-ins (videos)
Videos from Vimeo.com operated by Vimeo LCC, 555 West 18th Street, New York, New York 10011, USA (“Vimeo”) are integrated into some of our web pages. If you access a web page containing an integrated video of this kind, a connection to Vimeo is made automatically and the thumbnail or video is displayed. By doing so, personal data (IP address, your browser type and version, time of access, site of origin) is transmitted to Vimeo. If you are logged into Vimeo as a Vimeo user, Vimeo allocates this access and all other interactions to your profile. You can only prevent this by logging out of Vimeo before visiting our pages. More info at:
Data privacy statement for YouTube
Some of our web pages contain YouTube videos which are stored at
and which can be played directly from our website.
When you visit our website, YouTube receives the information that you have accessed the corresponding sub-site of our website. Personal data (browser type, browser version, IP address, operating system) is also transmitted. This is done regardless of whether YouTube provides a user account through which you are logged in or no user account exists at all. If you are logged in via Google, your data is allocated directly to your account. If you do not wish allocation with your profile at YouTube, you must log out before activating the button. YouTube saves your data as a usage profile and uses it for purposes of advertising, market research and/or the design of its website to suit demands. Evaluation of this kind is undertaken especially (even for users who are not logged in) for the introduction of the appropriate advertising and to inform social network users about your activities on our website. You have the right to object to the formation of user profiles of this kind which you must address to YouTube if your right is to be upheld.
You can find more information about the purpose and extent of data collection and processing by YouTube in the data privacy statement, where you will also find further information about your rights and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has subjected itself to the EU-US Privacy Shield,
Contact form and e-mail contact
There is a contact form on our website which can be used for establishing contact electronically. If a user chooses this option, the data entered in the entry mask is transferred to us and stored. This data comprises, name, address, e-mail address, telephone number etc. At the time the message is sent, the followibg data is also recorded: IP address, date and time. Your consent to the processing of the data is obtained during the sending process and reference is made to this data privacy statement.
Alternatively, contact can be made via the e-mail address provided. In this case, the user’s personal data transmitted with the e-mail is recorded. Data is not passed on to any third party in this regard. The data is used exclusively for the processing of the conversation.
The legal basis for processing is:
- Art.6 Para.1 lit. a GDPR for the processing of data after the user has registered for the newsletter and with the consent of the user.
- Art.6 Para.1 lit.f GDPR with the aforementioned justified interests for the processing of data transferred in the course of the sending of an e-mail.
- If the aim of the e-mail contact is the conclusion of a contract, the additional legal basis for processing is Art.6 Para.1 lit.b GDPR.
Processing of personal data from the entry mask serves us alone for the processing of the initial contact. If contact is made per e-mail, the necessary justified interest also lies in the processing of the data. The other personal data processed in the course of the send process serve to prevent the misuse of the contact form and guarantee the security of our information systems.
The data is deleted as soon as it is no longer required to fulfil the purpose for which it was collected. For the personal data from the entry mask of the contact form and that sent per e-mail, this is then the case when each conversation with the user has ended. A conversation is regarded as ended when it can be taken from the circumstances that the matter in question has been finally clarified. The additional personal data collected in the course of the send process is deleted after a deadline of seven days at the latest has expired.
Users have the option of revoking their consent to the processing of personal data at all times. If users make contact with us per e-mail, they can revoke the storing of their personal data at any time. The conversation cannot be continued in cases of this kind.
The option exists on our website of subscribing to a free newsletter containing advertising. Our newsletters contain information on our service offers, campaigns, events, prize draws, job offers and articles. News sent out in the course of our contractual or business relationship that does not contain any advertising, on the other hand, is not part of our newsletter. This includes the sending of service mails with technical tips and inquiries about orders, events, prize draw notification and similar news. The data from the entry mask is transferred to us while registering for the newsletter. The IP address of the accessing computer and the time of access are also recorded. In order to process the data, your consent is obtained in the course of the registration procedure and reference is made to this data privacy statement. If you purchase goods on our website through our online shop and enter your e-mail address in the process, we reserve the right to send you newsletters with direct advertising for similar goods. No data is passed on to any third parties in connection with data processing for the mailing of newsletters. The data is used solely for the distribution of the newsletter. The legal basis for processing data after registering for the newsletter by the user is Art.6 Para.1 lit. a) GDPR with the consent of the user, and Art.6 Para.1 lit. f.) (distribution on the basis of our justified business interests)for the distribution of the newsletter as a result of the sale of goods in line with Art. 7 III UWG (law against unfair competition).
The recording of the user’s e-mail address serves the purpose of delivering the newsletter. The collection of other personal data within the scope of the registration process serves to prevent misuse of the services or e-mail address used. Subscription to the newsletters can be cancelled by the user in question at any time. There is a link for this purpose in every newsletter. When it is activated, revocation of consent to the sending of the newsletter is also issued.
A statistical evaluation of reading behaviour is only made to the extent that it can be established whether the recipients have opened the newsletter and clicked on the links. We only use this function, however, to monitor user activities so that we can undertake the necessary optimization measures accordingly. To this end, the newsletter contains a so-called “web beacon”, a pixel-sized file which is accessed by our server when the newsletter is opened. This web beacon is not personalized, so no personal data is recorded in the process.
Data recording during registration and registered use
Some of our websites require or offer registration. The data collected here is used for the purpose of utilization of each website and services unless otherwise described and explicitly approved during registration. The collected data can be taken from the entry mask displayed during registration. All other data, which you can enter at a later date in order to complete your profile is optional and voluntary. After registration, we may inform you via the stored e-mail address about relevant circumstances connected with our offer for which you have registered.
Data transmission via the internet
Data transmission through the internet involves certain fundamental risks. There is no special encryption of the data and in particular, messages from the contact form of our website and news in the service chat are transmitted without encryption. Please take this into accouint when transmitting data. If you would like to communicate with us per encrypted e-mail, this is possible by means of SMIME encryption. Please notify us of your wish for encryption as we regularly transmit unencrypted due to the currently low market penetration of e-mail encryption systems.
Any personal data you give us will only be passed on to third parties to the extent that it is necessary to do so to uphold the contractual relationship or if another legal reason legitimizes the transfer.
Some of the services we provide require the cooperation of external service providers, however. We have selected these service providers with care and taken appropriate measures to protect your personal data.
The personal data of the person in question is deleted or blocked as soon as the reason for its storage no longer applies. Data can also be stored if this is intended by European or national legislation in EU regulations, laws or other ordinance to which the responsible person is subject. Data is also deleted or blocked when a storage deadline prescribed by the named standards expires, unless the necessity exists for the further storage of the data for the conclusion or fulfilment of a contract.