General information
With the following information, we would like to provide you with a simple overview of what happens to your personal data when you visit our online presence. This privacy policy applies to the website https://dowatec.com/ & https://dowatec.de/. Detailed information on the subject of data protection can be found in the privacy policy listed below this text.
Content
Our privacy policy is structured as follows:
- Definitions
- General Information and Mandatory Notices
- Data Collection on our Websites
A. Definitions
In accordance with Article 4 of the GDPR, we use the following definitions in our privacy policy:
‘Personal data’ (Art. 4 No. 1 GDPR) refers to any information relating to an identified or identifiable natural person (‘data subject’). A person is identifiable if they can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, an online identifier, location data, or by information relating to their physical, physiological, genetic, mental, economic, cultural, or social identity characteristics. Identifiability can also be given through the linkage of such information or additional knowledge. The nature, form, or embodiment of the information is irrelevant (photos, video, or audio recordings can also contain personal data).
‘Processing’ (Art. 4 No. 2 GDPR) refers to any operation or set of operations which is performed on personal data, whether or not by automated means. This includes, in particular, the collection (i.e., the acquisition), recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction of personal data, as well as the modification of a target or purpose that was originally the basis of the data processing.
‘Controller’ (Art. 4 No. 7 GDPR) refers to the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
‘Third party’ (Art. 4 No. 10 GDPR) refers to any natural or legal person, public authority, agency, or body other than the data subject, the controller, the processor, and the persons who, under the direct authority of the controller or processor, are authorized to process personal data; this also includes other legal entities within the same corporate group.
“Processor” (Art. 4(8) GDPR) refers to a natural or legal person, authority, agency, or other body that processes personal data on behalf of the controller, specifically in accordance with their instructions (e.g., IT service providers). In the context of data protection law, a processor is not considered a third party.
“Consent” (Art. 4(11) GDPR) of the data subject refers to any freely given, specific, informed, and unambiguous indication of the data subject’s wishes, expressed in the form of a statement or other clear affirmative action, by which the data subject signifies their agreement to the processing of their personal data.
“Profiling” (Art. 4(4) GDPR) refers to any form of automated processing of personal data that involves using these personal data to evaluate certain personal aspects relating to a natural person, particularly to analyze or predict aspects related to their work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
B. General Information and Mandatory Information
I. Data Collection
Who is responsible for data collection on this website?
The data processing on our websites is carried out by the website operator. This is
DoWaTec GmbH & Co. KG
Wasserstrasse 76
35447 Reiskirchen
Germany
info@dowatec.com
Further information about the responsible party can be found below under 2. b) as well as in the imprint of this website.
How do we collect your data?
Your data is collected in two main ways:
- Data you provide to us: This includes information that you share with us directly, such as data you enter into a contact form.
- Automatic data collection: Other data is collected automatically by our IT systems when you visit the website. This primarily includes technical data, such as your internet browser, operating system, time of page access, IP address, and browser language. This data is collected automatically as soon as you access our websites.
What do we use your data for?
We use your data initially to ensure the correct, secure, and user-friendly operation of our websites and to enable you to contact us conveniently. Detailed information about all processing activities can be found below.
What rights do you have regarding your data?
You have the right to obtain free information about the origin, recipients, and purpose of your stored personal data at any time. Additionally, under certain conditions, you have the right to request the correction, blocking, or deletion of this data. For this purpose, as well as for any other questions regarding data protection, you can contact us at any time using the address provided in the imprint. Furthermore, you have the right to lodge a complaint with the relevant supervisory authority.
The information provided above serves as a brief overview. Now, let’s move on to the detailed information:
II. Data Protection
Your personal data will be processed solely in accordance with the legal data protection regulations and this privacy policy. When you use this website, various personal data is collected. This privacy policy explains which data we collect and how we use it. It also details how and for what purposes this occurs.
Note on the Data Protection Officer
DoWaTec GmbH & Co. KG
Wasserstrasse 76
35447 Reiskirchen
Germany
Tel: +49 (0) 6408 9680089
info@dowatec.com
Revocation of Your Consent to Data Processing
Certain data processing activities are only possible with your explicit consent. You can revoke your consent at any time. A simple, informal notification via email to us is sufficient. The legality of the data processing carried out up to the point of revocation remains unaffected by the revocation.
Right to Lodge a Complaint with the Relevant Supervisory Authority
In the event of data protection violations, you as the data subject have the right to lodge a complaint with the relevant supervisory authority. The competent supervisory authority for data protection matters is, for example, the State Data Protection Officer of the federal state where our company is based. In our case, this is the Hessian Commissioner for Data Protection and Freedom of Information (https://www.datenschutz.hessen.de/).
A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
Your Rights as a Data Subject
You have the following rights regarding your personal data with us:
– Right to Access,
– Right to rectification or erasure,
– Right to restriction of processing,
– Right to object to processing,
– Right to data portability.
Right to object to data collection in specific cases and to direct marketing (Art. 21 GDPR)
If data processing is carried out on the basis of Article 6(1)(e) or (f) GDPR, you have the right to object at any time, for reasons related to your particular situation, to the processing of your personal data, including any profiling based on these provisions. The legal basis for the processing can be found in this privacy policy. If you object, we will no longer process your affected personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims (objection under Article 21(1) GDPR).
If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for such marketing purposes; this also applies to profiling insofar as it is related to such direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (objection under Article 21(2) GDPR).
Collaboration with Service Providers
As a website operator, we rely on collaboration with external service providers. These providers are technically better equipped to host and secure our websites or emails. If such external service providers are processors within the meaning of Article 28 GDPR, we have entered into a so-called Data Processing Agreement with them. The confidentiality of your personal data is ensured even when working with processors. We use only processors within the EU, so your personal data is not transferred by us to a third country, meaning a country outside the EU or the European Economic Area.
The legal basis for the processing is Article 6(1)(f) GDPR in conjunction with Article 28 GDPR (Data Processing). Our legitimate interest lies in the efficient and secure provision of our online services.
If the external service providers are not processors, we will only share your personal data with them if you have given your consent in accordance with Article 6(1)(a) GDPR, or if the transmission is necessary for the performance or processing of a contractual relationship with you or for the establishment of such a contractual relationship at your request. The legal basis for the transmission in this case is Article 6(1)(b) GDPR.
III. Objection to Advertising Emails
The use of contact details published under the legal obligation to provide an imprint for the purpose of sending unsolicited advertising and informational materials is hereby opposed. As the operators of this site, we expressly reserve the right to take legal action in the event of unsolicited advertising information, such as spam emails.
IV. General Information on the Deletion of Personal Data
The GDPR stipulates in Article 17, among other things, that personal data must generally be deleted when the purpose of the data processing has ceased to exist. The relevant deletion periods, i.e., when we delete your personal data, often depend on the specific case. However, the following generally applies:
The data we process will be deleted or its processing restricted in accordance with Articles 17 and 18 GDPR. Unless explicitly stated otherwise in this privacy policy, the data we store will be deleted as soon as it is no longer necessary for its intended purpose and there are no legal retention obligations preventing deletion. If the data is not deleted because it is required for other lawful purposes, its processing will be restricted. This means the data will be blocked and not processed for other purposes. For example, this applies to data that must be retained for commercial or tax reasons.
According to legal requirements in Germany, retention periods are as follows:
– 10 years in accordance with §§ 147(1) AO, 257(1) Nos. 1 and 4, 257(4) HGB (books, records, management reports, booking documents, commercial books, and documents relevant for taxation, etc.)
– 6 years in accordance with § 257(1) Nos. 2 and 3, 257(4) HGB (business correspondence).
C. Specific Data Collection on Our Website
I. Use of cookies
Which cookies do we use?
On our websites, we use cookies. Cookies are small text files that are assigned to and stored on your hard drive by the browser you use, through a distinctive sequence of characters, and they allow the entity that set the cookie to receive certain information. Cookies cannot execute programs or transmit viruses to your computer, and therefore cannot cause any harm. They are used to make the overall internet service more user-friendly and effective, making it more pleasant for you.
Cookies may contain data that allows for the recognition of the device used. However, some cookies only contain information about specific settings that are not personally identifiable. Therefore, cookies cannot directly identify a user.
There are two main types of cookies:
- Session Cookies: These are deleted once you close your browser. They are used to manage temporary data during a single browsing session.
- Persistent Cookies: These are stored beyond the individual session and remain on your device until they expire or are manually deleted. They are used to remember information and settings for future visits.
Regarding their function, cookies are further categorized into:
– Technically Necessary Cookies: These are essential for navigating the website, using basic functions, and ensuring the security of the site. They do not collect information for marketing purposes or store details about which websites you have visited.
– Performance Cookies: These collect information about how you use our website, such as which pages you visit and whether any errors occur during your visit. They do not collect information that could identify you— all collected data is anonymous and is used solely to improve our website and understand what interests our users.
– Advertising Cookies, Targeting Cookies: These are used to provide users with relevant advertising on the website or offers from third parties and to measure the effectiveness of these offers.
– Sharing Cookies: These are used to enhance the interactivity of our website with other services, such as social networks.
On our website, we use the following cookies:
COOKIE | DESCRIPTION | Category | Cookie-duration |
_ga | Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors. | Analytics | 1 year 1 month 4 days |
_ga* | Google Analytics sets this cookie to store and count page views. | Analytics | 1 year 1 month 4 days |
cookielawinfo-checkbox-functional | The GDPR Cookie Consent plugin sets the cookie to record the user consent for the cookies in the category “Functional”. | Functional | 1 year |
cookielawinfo-checkbox-necessary | Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the “Necessary” category. | Functional | 1 year |
cookielawinfo-checkbox-others | Set by the GDPR Cookie Consent plugin, this cookie stores user consent for cookies in the category “Others”. | Functional | 1 year |
cookielawinfo-checkbox-performance | Set by the GDPR Cookie Consent plugin, this cookie stores the user consent for cookies in the category “Performance”. | Functional | 1 year |
pll_language | Polylang sets this cookie to remember the language chosen by the user when they return to the website and to preserve the language information when it is not otherwise available. | Functional | 1 year |
VISITOR_INFO1_LIVE | YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface. | Functional | 1 year |
cookieyes-consent | CookieYes sets this cookie to remember users’ consent preferences so that their preferences are respected on subsequent visits to this site. It does not collect or store any personal information about the site visitors. | Necessary | 1 year |
VISITOR_PRIVACY_METADATA | Stores the user’s cookie consent state for the current domain. | Necessary | 1 year |
wpEmojiSettingsSupports | WordPress sets this cookie when a user interacts with emojis on a WordPress site. It helps determine if the user’s browser can display emojis properly. | Necessary | session |
cookielawinfo-checkbox-advertisement | Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the “Advertisement” category. | Advertisement | 1 year |
cookielawinfo-checkbox-analytics | Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the “Analytics” category. | Advertisement | 1 year |
YSC | Youtube use to store and track interaction. | Advertisement | 6 months |
These are technically necessary and statistical cookies as well as cookies from external media. The legal basis for cookies that are absolutely necessary in order to provide you with the expressly requested service is Section 25 (2) No. 2 TTDSG. Otherwise, the consent given by you via our cookie consent banner within the meaning of Section 25 (1) TTDSG.
Deactivating cookies
You can determine yourself whether cookies can be set and retrieved using the settings in your browser. For example, you can completely deactivate the storage of cookies in your browser, restrict it to certain websites or configure your browser so that it automatically notifies you as soon as a cookie is to be set and asks you for feedback. You can block or delete individual cookies. For technical reasons, however, this may result in some functions of our website being impaired and no longer functioning fully. You can also adjust your cookie settings for our website at any time using the “Cookie settings” option in the footer of our website.
II. Server log files
The provider of the pages automatically collects and stores information in so-called server log files in your browser. These are:
• Page from which the page was requested (so-called referrer URL)
• the name and URL of the requested page
• Date and time of the call
• Description of the type, language and version of the web browser used
• IP address of the requesting computer, which is shortened so that a personal reference can no longer be established
• Amount of data transferred
• the operating system used
• Message as to whether the call was successful (access status/Http status code)
• the GMT time zone difference
This data is not merged with other data sources, such as your details in a contact form or during registration. When using this general data and information, we do not draw any conclusions about the person concerned. Rather, this information is required in order to
• to deliver the content of our website correctly,
• to ensure the long-term functionality of our information technology systems and the technology of our website, and
• to provide law enforcement authorities with the information necessary for prosecution in the event of a cyberattack. This pseudonymously collected data and information is therefore evaluated by us both statistically and with the aim of increasing data protection and data security on our websites. Our aim is to ensure an optimum level of protection for the personal data we process.
The pseudonymous data of the server log files are stored separately from all personal data provided by a data subject. The duration of storage is determined by whether storage is still required for one of the aforementioned purposes. If this is not the case, the log files are deleted after (30) days, provided there is no longer a legal basis for storage.
This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. As a website operator, our legitimate interest lies in the technically error-free presentation and optimization of our website as well as ensuring appropriate data security on our websites and our systems – for this purpose, the server log files must be recorded.
Due to legal regulations, our website contains information that enables quick electronic contact with our company and direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts us by e-mail, the personal data transmitted by the data subject will be stored automatically. Such personal data transmitted to us on a voluntary basis by a data subject is stored for the purposes of processing or contacting the data subject. This personal data is not passed on to third parties. We delete the data arising in this context after storage is no longer required, or processing is restricted if statutory retention obligations exist.
The legal basis for processing is Art. 6 para. 1 lit. b GDPR if a contractual relationship exists between us and the data subject or is to be established at the request of the data subject, e.g. cooperation requests. In all other cases, the legal basis is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in complying with the legal requirements to provide an electronic contact option, which necessarily involves the following data processing.
We only store the data collected by us via e-mail and the communication to answer your request for as long as this is necessary for the purpose on which the processing is based. The specific storage period may vary considerably. If no contractual relationship is established in response to your request, your data will be deleted after one year at the latest, unless there is another legal basis for further processing. If there is a contractual relationship between you and us or if this is established at your request, the data will be deleted at the latest 10 years after the end of the contractual relationship, provided that there is no other legal basis for storage.
If the data processing is based on a legitimate interest, the data will be deleted if you exercise your right to object in accordance with Art. 21 para. 1 GDPR and there are no longer any compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
For security reasons, we strongly recommend that you only send encrypted e-mails. There are considerable risks associated with the transmission of unencrypted messages. Therefore, please do not send us any sensitive data by unencrypted e-mail.
III. SSL or TLS Encryption
Our pages use SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as requests you send to us as the site operator. You can recognize an encrypted connection by the change in the address line of the browser from ‘http://’ to ‘https://’ and by the padlock symbol in your browser’s address bar.
When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
IV. Use of YouTube
(a) Data Processing
We have integrated YouTube videos into our online offering that are hosted on the YouTube platform and can be played directly from our website. YouTube is a service provided by Google LLC, doing business as YouTube, located at 901 Cherry Ave., San Bruno, CA 94066, USA (hereinafter referred to as ‘Google’). The videos are embedded using the so-called ‘2-click solution.’ This means that no data about you as a user is transmitted to Google if you do not activate the video function. Before activating the video function, only a preview image, which is loaded from our own web server, is displayed.
Data is only transmitted to Google when you activate the video functions for an individual video or generally through our cookie banner. Once activated, we have no control over this data transmission. The data transmission occurs regardless of whether Google provides a user account you are logged into or if no user account is present. If you are logged into Google, your data will be directly assigned to your account.
(b) Purposes and Legal Bases
We use YouTube videos on our website to present them easily while also optimizing the website’s loading speed.
The legal basis for processing your personal data is your consent pursuant to Article 6(1)(a) of the GDPR. You give this consent by activating the video function through our cookie banner or cookie settings. If you consent to the use of the plugin in the described ways, your personal data will be transmitted to Google as outlined above.
During the data transmission to Google, your personal data is transferred to Google servers, which may also be located in the USA. The transfer is based on appropriate safeguards according to Articles 46 and following of the GDPR, specifically the EU-US Data Privacy Framework under which Google LLC is registered. If you have given your consent, you have the right to withdraw it at any time without affecting the legality of the processing carried out based on the consent until the withdrawal.
You can withdraw your consent for the future at any time by deactivating the toggle for the ‘YouTube’ category in the cookie settings.
(c) Storage Duration / Further Information
Further information on data processing, including the legal basis and retention period by Google, can be found in the provider’s privacy policy (https://policies.google.com/privacy) and in the privacy banner on the YouTube platform. There you will also find additional information about your rights and options for protecting your privacy.
V. Use of Google Analytics 4 for Web Analysis
This website uses Google Analytics, a web analysis service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (‘Google’). Google Analytics uses so-called cookies, which are text files stored on your computer that allow for analysis of your use of the website. The information generated by the cookie about your use of this website (including the truncated IP address) is typically transmitted to and stored on a Google server, which may also include transmission to Google LLC servers in the USA.
This website uses Google Analytics exclusively with the ‘_anonymizeIp()’ extension, which ensures anonymization of the IP address by truncation and excludes direct personal identification. With this extension, your IP address is truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transferred. Only in exceptional cases will the full IP address be transmitted to a Google LLC server in the USA and then truncated. The IP address transmitted by your browser in the context of Google Analytics is not merged with other data from Google.
You can prevent the storage of cookies by adjusting the settings in your browser software; however, please note that in this case, you may not be able to use all the features of this website to their full extent. Additionally, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de
Alternatively, instead of using the browser plugin or on mobile browsers, please click the following link to set an opt-out cookie that will prevent Google Analytics from collecting data on this website in the future (this opt-out cookie works only in this browser and for this domain; if you delete your cookies in this browser, you will need to click this link again):
Deactivate Google
In the case of the transfer of personal data to Google LLC, based in the USA, Google LLC is registered under the EU-US Data Privacy Framework, which ensures compliance with the data protection standards applicable in the EU. An overview of the current registrations can be viewed here: www.dataprivacyframework.gov/list This website also uses Google Analytics for cross-device analysis of visitor flows through a User ID. When a page is first accessed, the user is assigned a unique, persistent, and anonymized ID that is set across devices. This allows interaction data from different devices and sessions to be attributed to a single user. The User ID does not contain any personal data and does not transmit such data to Google.
You can object to the collection and storage of data via the User ID at any time with effect for the future. To do so, you need to deactivate Google Analytics on all systems you use, such as in another browser or on your mobile device.
You can deactivate Google Analytics using a browser plugin from Google (https://tools.google.com/dlpage/gaoptout?hl=de). Alternatively, instead of the browser plugin or on mobile browsers, please click the following link to set an opt-out cookie that will prevent Google Analytics from collecting data on this website in the future (this opt-out cookie works only in this browser and for this domain; if you delete your cookies in this browser, you will need to click this link again):
Deactivate Google
Further information about Google (Universal) Analytics can be found here: https://support.google.com/analytics/answer/2838718?hl=de&ref_topic=6010376 The legal basis for the processing is your consent pursuant to Article 6(1)(a) of the GDPR and Section 25(1) of the TDDDG.
VI. Use of Google Ads
With the help of Google Marketing Services, we can display advertisements to users that are likely to be of interest to them. This practice is referred to as ‘remarketing,’ where a user is shown ads for products they have viewed on other websites.
To implement this technically, a code from Google is executed directly on our and other websites (that use Google Marketing Services), and certain (re)marketing tags are embedded in the website (these can be invisible graphics or code snippets). This results in a unique cookie being stored on the user’s device (or similar technologies may be used instead of cookies). These cookies contain information about which websites the user has visited and their interests. Additionally, technical information about the browser and operating system, referring websites, time, and other usage details of the websites, as well as the IP address, are stored.
The user data is processed in a pseudonymous manner. This means that Google does not store or process users’ names or email addresses, but instead processes the relevant data within pseudonymous profiles. (This does not apply if a user has explicitly allowed Google to process the data without pseudonymization.) The information collected about users by Google Marketing Services is transmitted to Google.
In the case of Google AdWords (online advertising program), each AdWords customer is assigned a unique ‘conversion cookie.’ This cookie is used to generate conversion statistics for AdWords customers. AdWords customers learn the total number of users who clicked on their ad, but they do not receive information that would allow them to identify individual users.
Further information on Google’s data usage for marketing purposes can be found on this overview page: https://www.google.com/policies/technologies/ads. You can find Google’s privacy policy at the following link: https://www.google.com/policies/privacy The legal basis for processing users’ personal data is Article 6(1)(a) of the GDPR. The legal basis for setting this cookie is your consent according to Section 25(1) Sentence 1 of the TDDDG, which you have provided through your selection in the cookie banner or through the cookie settings.
VII. Contact Form
When you send us inquiries via the contact form, the information you provide in the request form, including the contact details you specify, will be stored by us for the purpose of processing the request and for follow-up questions. We do not share this data without your consent.
The processing of this data is based on Article 6(1)(b) of the GDPR if your inquiry is related to the fulfillment of a contract or necessary for the performance of pre-contractual measures at your request. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries directed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR), if it has been requested.
The data you enter in the contact form will remain with us until you request its deletion, withdraw your consent for storage, or the purpose for storing the data no longer applies (e.g., after your request has been processed). Mandatory legal provisions, particularly retention periods, remain unaffected.
VIII. Newsletter
We use Mailchimp from The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308 USA (Mailchimp) for sending our newsletters. This allows us to communicate directly with subscribers. Additionally, we analyze your usage behavior to optimize our offerings. For this purpose, we provide the following personal data to Mailchimp:
• Email address
• First Name
• Last Name
Mailchimp is the recipient of your personal data and acts as a processor for us in relation to sending our newsletter. The processing of the data specified in this section is neither legally nor contractually required. Without your consent and the transmission of your personal data, we cannot send you the newsletter.
Additionally, Mailchimp collects the following personal data using cookies and other tracking methods: information about your device (IP address, device information, operating system, browser ID, information about the application you use to read your emails, and other details about hardware and internet connection). Furthermore, usage data is collected, such as the date and time when you opened the email/campaign and browser activities (e.g., which emails/websites were accessed). Mailchimp needs this data to ensure the security and reliability of its systems, compliance with terms of service, and prevention of abuse. This corresponds to Mailchimp’s legitimate interest (according to Article 6(1)(f) GDPR) and serves contract performance (according to Article 6(1)(b) GDPR). Additionally, Mailchimp evaluates performance data, such as email delivery statistics and other communication data. This information is used to generate usage and performance statistics of the services.
Mailchimp additionally collects information about you from other sources. Over an unspecified period and to an unspecified extent, personal data is collected from social media and other third-party data providers. We have no control over this process.
Further information on how to object to and remove your data from Mailchimp can be found at: https://mailchimp.com/legal/privacy/#3._Privacy_for_Contacts The legal basis for these processing activities is your consent pursuant to Article 6(1)(a) of the GDPR. You can withdraw your consent to the processing of your personal data at any time. Each communication includes a corresponding link for withdrawal. Additionally, withdrawal can be made through the provided contact options. The withdrawal does not affect the legality of the processing that occurred prior to the withdrawal.
Your data will be processed as long as the corresponding consent is in place. Apart from that, the data will be deleted after the termination of the contract between us and Mailchimp, unless legal requirements necessitate further retention.
Mailchimp has implemented compliance measures for international data transfers. These measures apply to all global activities where Mailchimp processes personal data of individuals in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). For more information, please visit: https://mailchimp.com/legal/data-processing-addendum/
IX. Social Media
On our websites, we do not use social media plugins. If our websites contain icons from social media providers (e.g., Instagram, Facebook, TikTok, LinkedIn), we use them solely for passive linking to our company’s presence with the respective provider.
X. Cloudflare Turnstile
We use Cloudflare Turnstile (hereinafter referred to as “Turnstile”) on this website. The provider is Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA (hereinafter referred to as “Cloudflare”). Turnstile is intended to verify whether data input on this website (e.g., in a contact form) is being made by a human or an automated program. To do this, Turnstile analyzes the behavior of the website visitor based on various characteristics.
This analysis starts automatically as soon as the website visitor enters a website with Turnstile enabled. For the analysis, Turnstile evaluates various pieces of information (e.g., IP address, the duration of the visitor’s stay on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to Cloudflare. The storage and analysis of the data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated surveillance and from SPAM. If corresponding consent has been requested, the processing will be based solely on Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time. Data processing is based on standard contractual clauses, which you can find here: https://www.cloudflare.com/cloudflare-customer-scc/
For more information on Cloudflare Turnstile, please refer to the privacy policy at https://www.cloudflare.com/cloudflare-customer-dpa/
Date of Publication (11.11.2024)