Cookie-Einstellungen
top of page

Privacy policy.

1. Data Protection at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any information that can be used to identify you personally. For detailed information on the subject of data protection, please refer to our privacy policy provided below this text.

Data Collection on This Website

Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. You can find their contact details in the section "Note on the Responsible Authority" in this privacy policy.

How do we collect your data?


Your data is collected in part by you providing it to us. This could include data you enter into a contact form. Other data is collected automatically or with your consent when you visit the website through our IT systems. This mainly includes technical data (e.g., internet browser, operating system, or the time of page access). The collection of this data occurs automatically as soon as you enter this website.

For what purpose do we use your data?


Some of the data is collected to ensure the website is provided without errors. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?


You have the right to obtain, free of charge, information about the origin, recipients, and purpose of your stored personal data at any time. You also have the right to request the correction or deletion of this data. If you have given consent for data processing, you can revoke this consent at any time for the future. Additionally, you have the right to request the restriction of the processing of your personal data under certain circumstances. Furthermore, you have the right to lodge a complaint with the competent supervisory authority. You can contact us at any time regarding this and other questions about data protection.

Analysis Tools and Third-Party Tools

When visiting this website, your browsing behavior may be statistically evaluated. This is mainly done using so-called analysis programs. Detailed information about these analysis programs can be found in the following privacy policy.

2. Hosting and Content Delivery Networks (CDN)

We host the content of our website with the following provider:

WIX

The provider is Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel (hereinafter referred to as "WIX"). WIX is a tool for creating and hosting websites. When you visit our website, WIX analyzes user behavior, visitor sources, the region of website visitors, and visitor numbers. WIX stores cookies in your browser that are necessary for displaying the website and ensuring security (necessary cookies). The data collected through WIX may be stored on various servers worldwide, including in the USA.

For details, please refer to the WIX privacy policy:
https://de.wix.com/about/privacy.

Data transfer to the USA and other third countries is based on the standard contractual clauses of the EU Commission or comparable guarantees according to Article 46 GDPR. Details can be found here:
https://de.wix.com/about/privacy-dpa-users.

The use of WIX is based on Article 6(1)(f) GDPR. We have a legitimate interest in a reliable presentation of our website. If corresponding consent was obtained, processing occurs solely on the basis of Article 6(1)(a) GDPR and § 25(1) TDDG, provided the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) within the meaning of TDDG. The consent can be revoked at any time.

The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA, aimed at ensuring compliance with European data protection standards in data processing in the USA. Each company certified under the DPF commits to adhere to these data protection standards. For more information, please refer to the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnbGAAS&status=Active.

Order Processing

We have entered into a data processing agreement (DPA) for the use of the aforementioned service. This is a contract required by data protection law, ensuring that the personal data of our website visitors is processed only according to our instructions and in compliance with the GDPR.

Google Cloud CDN

We use the content delivery network Google Cloud CDN. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. Google offers a globally distributed content delivery network. Technically, the transfer of information between your browser and our website is routed through Google’s network. This allows us to enhance the global availability and performance of our website. The use of Google Cloud CDN is based on our legitimate interest in providing our web services as error-free and securely as possible (Art. 6 Para. 1 lit. f GDPR). Data transmission to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here:
https://cloud.google.com/terms/eu-model-contract-clause.
For more information about Google Cloud CDN, visit:
https://cloud.google.com/cdn/docs/overview?hl=en.

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Any company certified under the DPF commits to adhering to these data protection standards. Further information can be obtained from the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

Amazon CloudFront CDN

We use the Amazon CloudFront CDN content delivery network. The provider is Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, L-1855, Luxembourg (hereinafter referred to as “Amazon”).
Amazon CloudFront CDN is a globally distributed content delivery network. It technically directs the information transfer between your browser and our website through the content delivery network. This allows us to enhance the global accessibility and performance of our website.
The use of Amazon CloudFront CDN is based on our legitimate interest in providing our web services as error-free and securely as possible (Art. 6 (1) (f) GDPR). Data transfer to the USA is based on the EU Commission's standard contractual clauses.

Details can be found here:
https://aws.amazon.com/en/blogs/security/aws-gdpr-data-processing-addendum/.

For more information about Amazon CloudFront CDN, visit:
https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice__German_Translation.pdf.

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Any company certified under the DPF commits to adhering to these data protection standards.

Further information can be obtained from the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000TOWQAA4&status=Active.

3. General Information and Mandatory Information

Data Protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations and this privacy policy.
When you use this website, various personal data are collected. Personal data are data that can be used to identify you personally. This privacy policy explains what data we collect and how we use it. It also describes how and for what purpose this occurs.
Please note that data transmission over the Internet (e.g., communication via email) may have security vulnerabilities. A complete protection of data from access by third parties is not possible.

Note on the Responsible Party

The responsible party for data processing on this website is:

Carsten R. Streb e. K.

Main Street 5 - 7
65437 Eltville am Rhein | Hattenheim

Federal Republic of Germany

Phone: +49 (0) 6123 9996232 - 0
Email: info@carstenrstreb.de

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Retention Period

Unless a more specific retention period is mentioned in this privacy policy, your personal data will remain with us until the purpose of data processing ceases. If you assert a legitimate request for deletion or revoke consent to data processing, your data will be deleted unless we have other legally permissible reasons for retaining your personal data (e.g., tax or commercial law retention periods); in the latter case, deletion will occur after the cessation of these reasons.

General Information on the Legal Bases for Data Processing on This Website

If you have consented to data processing, we process your personal data based on Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR if special categories of data are processed under Art. 9 (1) GDPR. In the case of explicit consent for the transfer of personal data to third countries, data processing also occurs based on Art. 49 (1) (a) GDPR. If you have consented to the storage of cookies or access to information on your device (e.g., via device fingerprinting), data processing additionally occurs based on § 25 (1) TDDG. Consent can be revoked at any time. If your data is necessary for contract fulfillment or to carry out pre-contractual measures, we process your data based on Art. 6 (1) (b) GDPR. Furthermore, we process your data if it is necessary to fulfill a legal obligation based on Art. 6 (1) (c) GDPR. Data processing may also occur based on our legitimate interests under Art. 6 (1) (f) GDPR.

 

The relevant legal bases applicable in each individual case will be explained in the following paragraphs of this privacy policy.

Notice on Data Transfer to Third Countries with Inadequate Data Protection and to Non-DPF Certified US Companies

We use tools from companies based in third countries with inadequate data protection, as well as US tools whose providers are not certified under the EU-US Data Privacy Framework (DPF). When these tools are active, your personal data may be transferred to and processed in these countries. Please note that in third countries with inadequate data protection, no level of data protection comparable to that of the EU can be guaranteed.

It is important to note that the USA is generally considered a third country with a comparable level of data protection to the EU. A data transfer to the USA is permissible if the recipient has a certification under the "EU-US Data Privacy Framework" (DPF) or has suitable additional safeguards. Information regarding transfers to third countries, including data recipients, can be found in this privacy policy.

Recipients of Personal Data

In the course of our business operations, we collaborate with various external parties. This may involve the transfer of personal data to these external parties. We only share personal data with external parties when this is necessary for contract fulfillment, when we are legally obligated to do so (e.g., sharing data with tax authorities), when we have a legitimate interest in the transfer under Art. 6 (1) (f) GDPR, or when another legal basis permits the data transfer. When using processors, we only disclose our customers' personal data based on a valid data processing agreement. In the case of joint processing, a joint processing agreement is established.

Revocation of Your Consent to Data Processing

Many data processing operations are only possible with your explicit consent. You can revoke any consent you have already given at any time. The lawfulness of the data processing that occurred prior to the revocation remains unaffected by the revocation.

Right to Object to Data Collection in Special Cases and Against Direct Marketing (Art. 21 GDPR)

IF DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 6 (1) (E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME, FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, TO THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RELEVANT LEGAL BASIS FOR THE PROCESSING CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA, UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR THE PROCESSING IS NECESSARY FOR THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS (OBJECTION UNDER ART. 21 (1) GDPR).

IF YOUR PERSONAL DATA ARE PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR SUCH MARKETING PURPOSES; THIS ALSO APPLIES TO PROFILING TO THE EXTENT RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION UNDER ART. 21 (2) GDPR).

Right to Lodge a Complaint with the Supervisory Authority

In the event of violations of the GDPR, affected individuals have the right to lodge a complaint with a supervisory authority, particularly in the member state of their habitual residence, their workplace, or the place of the alleged violation. The right to lodge a complaint is without prejudice to any other administrative or judicial remedies.

Right to Data Portability

You have the right to request that data we process automatically based on your consent or to fulfill a contract be provided to you or to a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done to the extent technically feasible.

Access, Correction, and Deletion

You have the right, at any time and free of charge, to obtain information about your stored personal data, their origin and recipients, and the purpose of data processing, as well as a right to correction or deletion of this data where applicable, in accordance with the applicable legal provisions. For this purpose, as well as for any further questions regarding personal data, you can contact us at any time.

Right to Restriction of Processing

You have the right to request the restriction of processing your personal data. You can contact us at any time for this purpose. The right to restriction of processing exists in the following cases:

  • If you contest the accuracy of your personal data stored with us, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of processing your personal data.

  • If the processing of your personal data is unlawful, you may request the restriction of data processing instead of deletion.

  • If we no longer need your personal data but you require it for the establishment, exercise, or defense of legal claims, you have the right to request the restriction of processing your personal data instead of deletion.

  • If you have lodged an objection under Art. 21 (1) GDPR, a balance must be struck between your interests and ours. As long as it is not yet clear whose interests prevail, you have the right to request the restriction of processing your personal data.

If you have restricted the processing of your personal data, those data may only be processed—apart from their storage—with your consent or for the establishment, exercise, or defense of legal claims, or to protect the rights of another natural or legal person, or for reasons of important public interest of the European Union or a member state.

SSL and TLS Encryption

This site uses SSL and TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the change in the browser address line from “http://” to “https://” and by the lock symbol in your browser line. When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Objection to Advertising Emails

We hereby object to the use of contact details published under the imprint obligation for the sending of unsolicited advertising and informational materials. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam emails.

4. Data Collection on This Website

Cookies

Our websites use so-called "cookies." Cookies are small data packets that do not harm your device. They are either temporarily stored for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted after your visit ends. Persistent cookies remain on your device until you delete them or they are automatically deleted by your web browser. Cookies can originate from us (first-party cookies) or from third parties (so-called third-party cookies). Third-party cookies allow the integration of specific services from third-party companies within websites (e.g., cookies for processing payment services).

Cookies serve various functions. Many cookies are technically necessary because certain website functions would not work without them (e.g., the shopping cart function or video display). Other cookies can be used for evaluating user behavior or for advertising purposes.

Cookies that are necessary for carrying out the electronic communication process, for providing specific functions desired by you (e.g., for the shopping cart function), or for optimizing the website (e.g., cookies for measuring web audience) are stored based on Art. 6 (1) (f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimized provision of its services. If consent has been requested for the storage of cookies and comparable recognition technologies, processing is carried out exclusively on the basis of this consent (Art. 6 (1) (a) GDPR and § 25 (1) TDDG); the consent can be revoked at any time.

You can configure your browser to be informed about the setting of cookies and to allow cookies only on a case-by-case basis, to exclude the acceptance of cookies in certain cases or generally, and to activate the automatic deletion of cookies when closing the browser. If cookies are disabled, the functionality of this website may be limited. You can find out which cookies and services are used on this website in this privacy policy.

Consent with Usercentrics

This website uses the consent technology from Usercentrics to obtain your consent for the storage of certain cookies on your device or for the use of certain technologies and to document this in compliance with data protection regulations. The provider of this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Website: https://usercentrics.com/de/ (hereinafter referred to as "Usercentrics").

When you access our website, the following personal data is transmitted to Usercentrics:

  • Your consent(s) or the revocation of your consent(s)

  • Your IP address

  • Information about your browser

  • Information about your device

  • The time of your visit to the website

  • Geolocation

Furthermore, Usercentrics stores a cookie in your browser to associate the consents you have given or their revocation. The data collected in this way will be stored until you request deletion, delete the Usercentrics cookie yourself, or the purpose for data storage no longer applies. Mandatory statutory retention obligations remain unaffected.

The Usercentrics banner on this website has been configured with the help of eRecht24. You can recognize this by the eRecht24 logo appearing in the banner. To display the eRecht24 logo in the banner, a connection is established to the eRecht24 image server. The IP address is also transmitted, but it is only stored in anonymized form in the server logs. The eRecht24 image server is located in Germany with a German provider. The banner itself is provided solely by Usercentrics.

The use of Usercentrics is intended to obtain the legally required consents for the use of certain technologies. The legal basis for this is Art. 6 (1) (c) GDPR.

Order Processing

We have entered into a contract for order processing (AVV) for the use of the aforementioned service. This is a contract mandated by data protection regulations, ensuring that the personal data of our website visitors is processed only in accordance with our instructions and in compliance with the GDPR.

Server Log Files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser transmits to us automatically. These include:

  • Browser type and browser version

  • Operating system used

  • Referrer URL

  • Hostname of the accessing computer

  • Time of the server request

  • IP address

There will be no merging of this data with other data sources. The collection of this data is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website, for which the server log files must be collected.

Contact Form

If you send us inquiries via the contact form, your information from the inquiry form, including the contact details you provide there, will be stored for the purpose of processing the request and in case of follow-up questions. We do not share this data without your consent. The processing of this data is based on Art. 6 (1) (b) GDPR if your inquiry is related to the fulfillment of a contract or is necessary for the performance of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries directed to us (Art. 6 (1) (f) GDPR) or on your consent (Art. 6 (1) (a) GDPR), if it has been requested; the consent can be revoked at any time. The data you enter in the contact form will remain with us until you request its deletion, revoke your consent to storage, or the purpose for data storage ceases to apply (e.g., after your inquiry has been processed). Mandatory statutory provisions—especially retention periods—remain unaffected.

Inquiries via Email, Phone, or Fax

If you contact us via email, phone, or fax, your inquiry, including all resulting personal data (name, request), will be stored and processed by us for the purpose of addressing your concern. We do not share this data without your consent. The processing of this data is based on Art. 6 (1) (b) GDPR if your inquiry is related to the fulfillment of a contract or is necessary for the performance of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries directed to us (Art. 6 (1) (f) GDPR) or on your consent (Art. 6 (1) (a) GDPR), if it has been requested; the consent can be revoked at any time.

The data you send us via contact inquiries will remain with us until you request its deletion, revoke your consent to storage, or the purpose for data storage ceases to apply (e.g., after your concern has been processed). Mandatory statutory provisions—especially statutory retention periods—remain unaffected.

Wix Bookings

The website uses the service "Wix Bookings" to simplify appointment scheduling. When booking an appointment, the following information is collected from the user: name, email, phone number. The legal basis for this processing is our legitimate interest (according to Art. 6 (1) (f) GDPR) in offering you a user-friendly, time-saving, and advanced way to schedule appointments with us. We have entered into a contract with wix.com for order processing according to Art. 28 GDPR.

For more information, please see the privacy policy of wix.com at https://de.wix.com/about/privacy. The terms of use for this service can be found at https://de.wix.com/about/terms-of-use. These features are provided by Wix.com Ltd., Namal 40, 6350671 Tel Aviv, Israel.

Communication via WhatsApp

For communication with our customers and other third parties, we use the instant messaging service WhatsApp. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Communication occurs via end-to-end encryption (peer-to-peer), which prevents WhatsApp or other third parties from accessing the content of communications. However, WhatsApp does gain access to metadata generated during the communication process (e.g., sender, recipient, and time). We also note that, according to WhatsApp, it shares users' personal data with its parent company Meta, based in the USA. Further details on data processing can be found in WhatsApp's privacy policy at: https://www.whatsapp.com/legal/#privacy-policy.

The use of WhatsApp is based on our legitimate interest in maintaining fast and effective communication with customers, prospects, and other business and contractual partners (Art. 6 (1) (f) GDPR). If corresponding consent has been requested, the data processing will occur solely based on that consent; it can be revoked at any time with effect for the future.

The communication content exchanged between you and us on WhatsApp will remain with us until you request its deletion, revoke your consent to storage, or the purpose for data storage ceases to apply (e.g., after your request has been processed). Mandatory legal provisions—especially retention periods—remain unaffected.

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Any company certified under the DPF commits to upholding these data protection standards. More information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt00000011sfnAAA&status=Active.

We use WhatsApp in the “WhatsApp Business” version. Data transmission to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here: https://www.whatsapp.com/legal/business-data-transfer-addendum.

We have configured our WhatsApp accounts not to automatically sync data with the address book on the smartphones in use.

Registration on this Website

You can register on this website to use additional features. The data you provide will be used solely for the purpose of utilizing the respective offers or services for which you have registered. Mandatory fields requested during registration must be completed in full; otherwise, we will reject the registration.

For important changes, such as changes in the scope of services or necessary technical adjustments, we will use the email address provided during registration to inform you.

The processing of the data entered during registration is carried out for the purpose of establishing the user relationship created by the registration and, if applicable, for initiating further contracts (Art. 6 (1) (b) GDPR). The data collected during registration will be stored by us as long as you are registered on this website and will subsequently be deleted. Legal retention periods remain unaffected.

ProvenExpert

We have integrated the ProvenExpert rating seal on this website. The provider is Expert Systems AG, Quedlinburger Str. 1, 10589 Berlin, https://www.provenexpert.com.

The ProvenExpert seal allows us to display customer reviews submitted to our company on ProvenExpert in a seal format on our website. When you visit our website, a connection is established with ProvenExpert, enabling ProvenExpert to determine that you have visited our website. ProvenExpert also captures your language settings to display the seal in the chosen language.

The use of ProvenExpert is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in a comprehensible presentation of customer reviews. If corresponding consent has been requested, the processing occurs solely based on Art. 6 (1) (a) GDPR and § 25 (1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) as defined by the TDDDG. Consent can be revoked at any time.

5. FondsShop and Customer Service Center of FondsKonzept AG

We use an interactive FondsShop on our pages, provided by FondsKonzept AG, Ulmer Straße 6, 88257 Illertissen. The FondsShop is embedded as a JavaScript application on our pages and accesses external servers hosted in the Microsoft Azure data center (West Europe). When the FondsShop is accessed, the following data is stored: URL of the accessed page, time of page access, loading time of the accessed page, browser and browser version of the visitor, country, state, and city of the visitor, operating system and version. A session ID is also assigned during the session. The visitor's IP address is captured only until the regional assignment of the visit is recorded. After that, the IP address is neutralized to 0.0.0.0.

If a visitor to our site uses the FondsShop to open an account or log in to their account, the servers of FondsKonzept AG are also accessed. These servers are owned by FondsKonzept AG and are hosted in the 1&1 Versatel data center located at Hans-Stießberger-Straße 2, 85540 Haar. When this functionality is accessed, the users' IP addresses are temporarily stored and deleted after 7 days. Additionally, during the account opening process, users provide further personal data necessary for the account opening and explicitly consent to the use of this data. This data is stored in the Customer Relationship Management (CRM) system provided to us by FondsKonzept AG for the purpose of further assisting the user as our customer. The necessary data for the account opening is also transmitted to the relevant fund platform. During the ordering process for funds or sample portfolios, the necessary data for this order is transmitted to both the CRM and the fund platform. All these transmissions occur in an encrypted manner via appropriate interfaces.

Our website also provides a login to the customer service center of FondsKonzept AG. This login is conducted via a so-called Single Sign-On (SSO) procedure. For this, the user of our website enters a customer number or email address, along with a password that they have received from FondsKonzept on our behalf. The customer service center opens in a new browser tab or window. To verify the user's login credentials, the SSO interface securely transmits the combination of username and password to a web service operated by FondsKonzept AG. No additional personal data is transferred during this process.

6. Social Media

Facebook

This website integrates elements of the social network Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the collected data is also transferred to the USA and other third countries.

An overview of the Facebook social media elements can be found here: https://developers.facebook.com/docs/plugins/?locale=en_US.

When the social media element is active, a direct connection is established between your device and the Facebook server. This allows Facebook to receive information that you have visited this website with your IP address. If you click the Facebook "Like" button while logged into your Facebook account, you can link the contents of this website to your Facebook profile. This allows Facebook to associate your visit to this website with your user account.

We would like to point out that, as the provider of the site, we have no knowledge of the content of the transmitted data or how it is used by Facebook. For more information, please refer to Facebook's privacy policy at: https://www.facebook.com/privacy/explanation.

If consent has been obtained, the use of the aforementioned service is based on Art. 6 (1) (a) GDPR and § 25 TDDDG. Consent can be revoked at any time. If no consent has been obtained, the use of the service is based on our legitimate interest in achieving comprehensive visibility on social media.

To the extent that personal data is collected on our website using the tools described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of data and its transmission to Facebook. The subsequent processing by Facebook after the transfer is not part of the joint responsibility. Our shared obligations have been documented in an agreement on joint processing. You can find the text of the agreement here: https://www.facebook.com/legal/controller_addendum.

We are responsible for providing data protection information regarding the use of the Facebook tool and for the legally compliant implementation of the tool on our website. Facebook is responsible for the data security of its products. You can assert your rights as data subjects (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert your rights with us, we are obliged to forward them to Facebook.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:

The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Each company certified under the DPF commits to adhering to these data protection standards. For more information, please visit the provider's link:

Instagram

This website integrates functions of the Instagram service, provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

When the social media element is active, a direct connection is established between your device and the Instagram server. This allows Instagram to receive information about your visit to this website. If you are logged into your Instagram account, you can link the contents of this website to your Instagram profile by clicking the Instagram button. This enables Instagram to associate your visit to this website with your user account.

We would like to point out that, as the provider of the site, we have no knowledge of the content of the transmitted data or how it is used by Instagram. If consent has been obtained, the use of the aforementioned service is based on Art. 6 (1) (a) GDPR and § 25 TDDDG. Consent can be revoked at any time. If no consent has been obtained, the use of the service is based on our legitimate interest in achieving comprehensive visibility on social media.

To the extent that personal data is collected on our website using the tools described here and forwarded to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of data and its transmission to Facebook or Instagram. The subsequent processing by Facebook or Instagram after the transfer is not part of the joint responsibility. Our shared obligations have been documented in an agreement on joint processing. You can find the text of the agreement here: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information regarding the use of the Facebook and Instagram tools and for the legally compliant implementation of the tools on our website. Facebook is responsible for the data security of its products. You can assert your rights as data subjects (e.g., requests for information) regarding data processed by Facebook or Instagram directly with Facebook. If you assert your rights with us, we are obliged to forward them to Facebook.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:

Further information can be found in the Instagram privacy policy:

The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Each company certified under the DPF commits to adhering to these data protection standards. For more information, please visit the provider's link:

LinkedIn

This website uses elements of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Each time a page on this website that contains LinkedIn elements is accessed, a connection is established to LinkedIn servers. LinkedIn is informed that you visited this website with your IP address. If you click the LinkedIn "Recommend" button while logged into your LinkedIn account, LinkedIn can associate your visit to this website with you and your user account. We would like to point out that, as the provider of the site, we have no knowledge of the content of the transmitted data or how it is used by LinkedIn.

If consent has been obtained, the use of the aforementioned service is based on Art. 6 (1) (a) GDPR and § 25 TDDDG. Consent can be revoked at any time. If no consent has been obtained, the use of the service is based on our legitimate interest in achieving comprehensive visibility on social media.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:

Further information can be found in the LinkedIn privacy policy at:

XING

This website uses elements of the XING network. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany.

Each time one of our pages containing XING elements is accessed, a connection to XING servers is established. To our knowledge, no personal data is stored in this process. In particular, no IP addresses are stored, nor is user behavior analyzed. If consent has been obtained, the use of the aforementioned service is based on Art. 6 (1) (a) GDPR and § 25 TDDDG. Consent can be revoked at any time. If no consent has been obtained, the use of the service is based on our legitimate interest in achieving comprehensive visibility on social media.

Further information on data protection and the XING Share button can be found in XING's privacy policy at: https://www.xing.com/app/share?op=data_protection.

7. Analysis Tools and Advertising

Google Analytics

This website uses features of the web analytics service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics enables the website operator to analyze the behavior of website visitors. In this process, the website operator receives various usage data, such as page views, duration of stay, operating systems used, and the user's origin. These data are assigned to the respective user's device. There is no assignment to a user ID.

Additionally, we can record your mouse movements, scrolling actions, and clicks using Google Analytics. Google Analytics employs various modeling approaches to supplement the collected data sets and uses machine learning technologies for data analysis. Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting). The information collected by Google about the use of this website is usually transmitted to a Google server in the USA and stored there.

The use of this service is based on your consent under Art. 6 (1) (a) GDPR and § 25 (1) TDDDG. Consent can be revoked at any time. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA, which aims to ensure compliance with European data protection standards in data processing in the USA. Each company certified under the DPF commits to adhering to these data protection standards.

 

More information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt000000001L5AAI&status=Active

Browser Plugin

You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

More information on the handling of user data in Google Analytics can be found in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Google Signals

We use Google Signals. When you visit our website, Google Analytics collects information such as your location, search history, and YouTube history, as well as demographic data (visitor data). This data can be used for personalized advertising via Google Signals. If you have a Google account, the visitor data from Google Signals is linked to your Google account and used for personalized advertising messages. The data is also used to create anonymized statistics on user behavior.

Google Ads

The website operator uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Google Ads allows us to display advertisements in the Google search engine or on third-party websites when the user enters specific search terms (keyword targeting). Additionally, targeted advertisements can be displayed based on user data available on Google (e.g., location data and interests) (audience targeting). As the website operator, we can quantitatively evaluate this data by analyzing which search terms led to the display of our ads and how many ads resulted in clicks.

The use of this service is based on your consent under Art. 6 (1) (a) GDPR and § 25 (1) TDDDG. Consent can be revoked at any time. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.

The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA, which aims to ensure compliance with European data protection standards in data processing in the USA. Each company certified under the DPF commits to adhering to these data protection standards.

 

More information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt000000001L5AAI&status=Active

Google Conversion Tracking

This website uses Google Conversion Tracking. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google Conversion Tracking, Google and we can recognize whether the user has performed certain actions. For example, we can evaluate which buttons on our website were clicked and which products were viewed or purchased most frequently. This information is used to create conversion statistics. We learn the total number of users who clicked on our ads and which actions they took. We do not receive information that allows us to personally identify the user. Google itself uses cookies or similar recognition technologies for identification.

The use of this service is based on your consent under Art. 6 (1) (a) GDPR and § 25 (1) TDDDG. Consent can be revoked at any time. More information on Google Conversion Tracking can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA, which aims to ensure compliance with European data protection standards in data processing in the USA. Each company certified under the DPF commits to adhering to these data protection standards.

 

More information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt000000001L5AAI&status=Active

8. eCommerce and Payment Providers

Processing Customer and Contract Data

We collect, process, and use personal customer and contract data for the establishment, content design, and modification of our contractual relationships. Personal data regarding the use of this website (usage data) is only collected, processed, and used as necessary to enable the user to utilize the service or to bill for it. The legal basis for this is Art. 6 (1) (b) GDPR. The collected customer data will be deleted after the completion of the order or termination of the business relationship and the expiration of any existing legal retention periods. Legal retention periods remain unaffected.

9. Audio and Video Conferences

Data Processing

To communicate with our customers, we use various online conference tools. The tools we use are listed below. When you communicate with us via video or audio conference over the internet, your personal data is collected and processed by us and the provider of the respective conference tool.

The conference tools capture all data you provide/use to utilize the tools (email address and/or your phone number). Additionally, the conference tools process the duration of the conference, the start and end time of participation, the number of participants, and other "context information" related to the communication process (metadata). Furthermore, the tool provider processes all technical data necessary for handling the online communication, including IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.

If content is exchanged, uploaded, or otherwise provided within the tool, this will also be stored on the servers of the tool providers. Such content includes cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared during the use of the service. Please note that we do not have full control over the data processing operations of the tools used. Our options are primarily determined by the corporate policy of the respective provider. Further information on data processing by the conference tools can be found in the privacy policies of the tools listed below.

Purpose and Legal Basis

The conference tools are used to communicate with potential or existing contractual partners or to offer specific services to our customers (Art. 6 (1) (b) GDPR). Additionally, the use of the tools serves to generally simplify and expedite communication with us or our company (legitimate interest within the meaning of Art. 6 (1) (f) GDPR). If consent has been requested, the use of the respective tools is based on that consent; consent can be revoked at any time with effect for the future.

Storage Duration

Data directly collected by us through the video and conference tools will be deleted from our systems as soon as you request us to delete it, revoke your consent to storage, or the purpose for data storage ceases. Stored cookies will remain on your device until you delete them. Mandatory legal retention periods remain unaffected. We have no influence over the storage duration of your data that is stored by the operators of the conference tools for their own purposes. For details, please inquire directly with the operators of the conference tools.

Conference tools used


We use the following conference tools:


Microsoft Teams


We use Microsoft Teams. The provider is Microsoft Ireland Operations Limited, One Microsoft Place,
South County Business Park, Leopardstown, Dublin 18, Ireland. Details on data processing can be found
the privacy policy of Microsoft Teams:
https://privacy.microsoft.com/de-de/privacystatement.


The company is certified in accordance with the ‘EU-US Data Privacy Framework’ (DPF). The
DPF is an agreement between the European Union and the USA that is intended to ensure compliance with
European data protection standards for data processing in the USA. Every company certified under
DPF-certified company undertakes to comply with these data protection standards. Further


information on this can be obtained from the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participantdetail?
contact=true&id=a2zt0000000KzNaAAK&status=Active

bottom of page
Cookie-Einstellungen