Data protection declaration

Data protection declaration

This Privacy Statement clarifies to you the nature, scope and purpose of processing personal data ("Data") in the context of the provision of our services as well as within our online offer and the websites associated with it, Features and content as well as external online presence, such as Our social media profiles on (collectively referred to below as an "online offering"). In terms of the terms used, such as We refer to the definitions in the kind "processing" or "responsible." 4 of the General Data Protection Regulation (GDPR).


Hannah Kümmel

Types of data processed

-inventory data (e.g., personal master data, names or addresses).
-contact details (e.g., e-mail, telephone numbers).
-Content data (e.g., text input, photographs, videos).
-usage data (e.g., visited websites, interest in content, access times).
-Meta-/communication data (e.g., device information, IP addresses).

Categories of affected persons

Visitors and users of the online offer (below we also refer to the affected persons as "users").

Purpose of processing

-Providing the online offer, its features and content.
-Answering contact requests and communicating with users.
-Security measures.
-range measurement/Marketing

Terms used

"Personal data" is any information relating to an identified or identifiable natural person (' the person concerned '); Identifiable is a natural person who is directly or indirectly, in particular by assigning it to an identifier such as a name, to a identification number, to location data, to an online identifier (e.g. Cookie) or can be identified as one or more special characteristics that are an expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.

"Processing" is any process performed with or without the help of automated procedures or any such sequence of operations in connection with personal data. The term goes far and encompasses virtually every handling of data.

"Pseudonymization" means the processing of personal data in such a way that the personal data can no longer be assigned to a specific person concerned without the use of additional information, provided that this additional data Information is kept separately and is subject to technical and organisational measures to ensure that the personal data is not assigned to an identified or identifiable natural person.

"Profiling" of any type of automated processing of personal data, which consists in this personal data being used to evaluate certain personal aspects relating to a natural person, in particular aspects To analyze or predict this natural person's work performance, economic situation, health, personal preferences, interests, reliability, behavior, whereabouts or change of location.

The "person responsible" is the natural or legal person, authority, institution or other body that decides alone or together with others on the purposes and means of processing personal data.

"Order processor" means a natural or legal person, authority, institution or other body that processes personal data on behalf of the person responsible.

Authoritative legal bases

By the sort. 13 We inform you about the legal basis of our data processing. For users from the scope of the General Data Protection Regulation (GDPR), i.e. the FOLLOWING shall apply to the EU and the EEC, unless the legal basis is mentioned in the data protection declaration:
The legal basis for obtaining consent is art. 6 Abs. 1 lit. a and kind. 7 GDPR;
The legal basis for the processing for the performance of our services and the implementation of contractual measures as well as answering requests is kind. 6 Abs. 1 lit. b GDPR;
The legal basis for processing to fulfil our legal obligations is art. 6 Abs. 1 lit. c GDPR;
In the event that vital interests of the person concerned or another natural person require the processing of personal data serves Art. 6 Abs. 1 lit. D GDPR as the legal basis.
The legal basis for the necessary processing to carry out a task which is in the public interest or in the exercise of public authority, which has been entrusted to the person responsible is a species. 6 Abs. 1 lit. e GDPR.
The legal basis for processing in order to safeguard our legitimate interests is Art. 6 Abs. 1 lit. F DSGVO.
The processing of data for purposes other than those for which it was collected is determined in accordance with the provisions of Article 6(3) of the 4 GDPR.
The processing of special categories of data (according to type. 9 para. 1 GDPR) is determined according to the specifications of the species. 9 para. 2 GDPR.


We meet in accordance with the statutory requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of processing, as well as the different probability of occurrence and severity of the Risk to the rights and freedoms of individuals, appropriate technical and organisational measures to ensure a level of protection appropriate to the risk.

Measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access to it, entering, sharing, ensuring availability and its Separation. We have also established procedures to ensure a perception of affected rights, deletion of data and response to data exposure. We also take the protection of personal data into account in the development, or Selection of hardware, software and processes, in accordance with the principle of data protection through technology design and data protection-friendly presets.

Working with contract processors, jointly responsible and third parties

If, as part of our processing, we disclose data to other persons and companies (contract processors, jointly responsible persons or third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of A legal permit (e.g. If the data is transmitted to third parties, such as payment service providers, for the fulfillment of the contract), users have consented to a legal obligation or on the basis of our legitimate interests (e.g. When using agents, web hosts, etc.).

If we disclose, transmit or otherwise grant access to other companies in our group of companies, this is done in particular for administrative purposes as a legitimate interest and beyond that on a legal basis. This is the basis for this.

Transfers to third countries

If we provide data in a third country (i.e. Process outside the European Union (EU), the European Economic Area (EEA) or the Swiss Confederation) or do so in the context of the use of third-party services or disclosure, or disclosure, or Transmission of data to other persons or companies is only done if it is necessary to fulfil our (before) contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate rights. Interests are happening. Subject to express consent or contractually required transfer, we process or leave the data only in third countries with a recognised level of data protection, including u.S. processors certified under the "Privacy Shield" or based on specific guarantees, such as: contractual obligation through so-called standard safeguard clauses of the EU Commission, the existence of certifications or binding internal data protection regulations (Art. 44 to 49 GDPR, information page of the EU Commission).

Rights of the persons concerned

Right of access: You have the right to request confirmation of whether the relevant data are being processed and to provide information about this data as well as to further information and copy of the data in accordance with the legal requirements.

Right to rectification: you have the right to rectification accordingly. The legal requirements have the right to require the completion of the data concerning you or the correction of the incorrect data concerning you.

Right to erasure and restriction of processing: You have the right to demand, in accordance with the legal requirements, that data in question be deleted immediately, or Alternatively, to require a restriction of the processing of the data in accordance with the legal requirements.

Right to data portability: You have the right to receive data concerning you that you have provided to us in a structured, common and machine-readable format, in accordance with the legal requirements, or to transmit it to another responsible.

Complaint to the supervisory authority: You also have the right to lodge a complaint with the competent supervisory authority in accordance with the legal requirements.

Right of withdrawal

You have the right to revoke granted consents with effect for the future.

Right to Object

Right of objection: You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning you, due to art. 6 Abs. 1 lit. Ee or f GDPR is made to appeal; This also applies to profiling based on these provisions. If the personal data relating to you is processed in order to operate direct advertising, you have the right at any time to object to the processing of the personal data relating to you for the purpose of such advertising; This also applies to profiling as far as it is related to such direct advertising.

Cookies and the right to object to direct advertising

"Cookies" are small files that are stored on users ' computers. Different information can be stored within the cookies. A cookie is primarily used to provide the information about a user (or To store the device on which the cookie is stored) during or after its visit within an online offer. As temporary cookies, or "Session cookies" or "transient cookies" are referred to as cookies that are deleted after a user leaves an online offer and closes their browser. In such a cookie, for example, can. The contents of a shopping basket are stored in an online store or login status. Cookies are referred to as "permanent" or "persistent," which remain stored even after the browser is closed. For example, Login status is saved when users visit it after several days. Similarly, such a cookie can store the interests of users used for range measurement or marketing purposes. Cookies are referred to as a "third-party cookie" offered by providers other than the person who runs the online offer (otherwise, if only its cookies are referred to as "first-party cookies").

We may use temporary and permanent cookies and make up for this as part of our privacy policy.

Insofar as we ask users to consent to the use of cookies (e.g. within the framework of a cookie consent), the legal basis of this processing is kind. 6 Abs. 1 lit. A. GDPR. Otherwise, the personal cookies of the users are based on our legitimate interests (i.e. Interest in the analysis, optimization and economic operation of our online offer in the sense of the species. 6 Abs. 1 lit. Q. GDPR) or if the use of cookies is necessary for the provision of our contractual services, in accordance with Article. 6 Abs. 1 lit. B. GDPR, or provided that the use of cookies is necessary for the performance of a task which is in the public interest or is carried out in the exercise of official authority, in accordance with Article. 6 Abs. 1 lit. E. GDPR.

If users do not want cookies to be stored on their computer, they are asked to disable the option in their browser's system settings. Saved cookies can be deleted from the browser's system settings. The exclusion of cookies can lead to functional limitations of this online offer.

A general objection to the use of cookies used for online marketing purposes can be explained by the US side the EU side a large number of services, especially in the case of tracking. In addition, cookies can be stored by switching them down in the browser's settings. Please note that not all functions of this online offer may be available.

Deletion of data

The data we process will be deleted or restricted in processing in accordance with the legal requirements. Unless expressly stated in the context of this Privacy Statement, the data stored with us will be deleted as soon as it is no longer necessary for its purpose and no legal retention obligations stand in the way of deletion.

Unless the data is deleted because it is necessary for other and legally permissible purposes, its processing will be restricted. I.e. The data will be blocked and will not be processed for any other purpose. This applies, for example, to For data that must be retained for commercial or tax reasons.

Changes and updates to the Privacy Statement

We ask you to check the content of our privacy policy on a regular basis. We adjust the privacy policy as soon as the changes to the data processing we do make this necessary. We will inform you as soon as the changes will result in an act of participation on your part (e.g. Consent) or other individual notification.

Online presence on social media

We maintain online presence within social networks and platforms in order to communicate with the customers, prospective customers and users who are active there and to inform them about our services there.

We would like to point out that it allows users ' data to be processed outside the European Union area. This can pose risks for users, for example, because The enforcement of users ' rights could be made more difficult. With regard to US providers certified under the Privacy Shield, we would like to point out that they are committed to complying with EU data protection standards.

In addition, users ' data is usually processed for market research and advertising purposes. For example, Usage profiles are created from the usage behavior and the resulting interests of users. The usage profiles, in turn, can be used to, for example, To run ads inside and outside the platforms that are suspected to be in line with the interests of users. For these purposes, cookies are usually stored on users ' computers, in which users ' usage behaviour and interests are stored. In addition, the usage profiles may also store data independently of the devices used by users (especially if users are members of the respective platforms and are logged in to them).

The processing of the personal data of the users is based on our legitimate interests in the effective information of the users and communication with the users. Article. 6 Abs. 1 lit. Q. GDPR. If users are asked by the respective providers of the platforms for consent to the pre-described data processing, the legal basis of the processing is type. 6 Abs. 1 lit. SA, kind. 7 GDPR.

For a detailed presentation of the respective processing and opt-out options, we refer to the following linked information of the providers.

In the case of requests for information and the assertion of user rights, we would like to point out that these can be most effectively asserted by the providers. Only providers have access to users ' data and can take direct action and provide information. If you still need help, you can contact us.

-Facebook, pages, groups, (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) on the basis of an agreement on joint processing of personal data-Privacy Statement:, Pages specifically:, opt-out: and, Privacy Shield:

– Google/ YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) – Privacy Policy:, Opt-Out:, Privacy Shield:

-Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) – Privacy Statement/Opt-Out:

-Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA)-Privacy Statement:, opt-out:, Privacy Shield:

-Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA) – Privacy Statement/Opt-Out:

-LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland)-Privacy Statement, Opt-Out:, Privacy Shield:

-Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany)-Privacy Statement/Opt-Out:

-Wakalet (Wakelet Limited, 76 Quay Street, Manchester, M3 4PR, United Kingdom)-Privacy Statement/Opt-Out:

-Soundcloud (SoundCloud Limited, Rheinsberger Str. 76/77, 10115 Berlin, Germany)-Privacy Statement/Opt-Out:

Integration of services and content of third parties

We set within our Online Offer on the Basis of our legitimate Interests (i.e. Interest in the analysis, optimization and economic operation of our online offer in the sense of the species. 6 Abs. 1 lit. Q. GDPR) Third-party content or Service Offerings to Provide their Content and Services, such as: Include Videos or Fonts (referred to below uniformly as "Content").

This always presupposes that the Third-party providers of this Content perceive the IP address of the Users, since they would not be able to send the Content to their Browser without the IP address. The IP address is required for the presentation of this content. We try to using only such content, their respective provider use the IP address for the delivery of content. Third-party vendors can also use so-called pixel tags (invisible Graphics, also known as "Web Beacons") for statistical or Marketing Purposes. The "pixel tags" allow Information to be analysed on the Pages of this Website. The pseudonymous Information can also be stored in Cookies on the User's Device and, among other things, technical Information about the Browser and operating System, referring Websites, Visiting time as well as other Information about The use of our Online Offer As well as associated with such Information from other Sources.


We include the videos of the platform "YouTube" of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Privacy Policy:, Opt-Out:


Within our Online Offering, Functions and Contents of the LinkedIn service, offered by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland, can be integrated. For this purpose, for example, Content such as Images, Videos or Texts and Buttons that allow Users to share Content from this Online Offer within LinkedIn. If the Users are Members of the Platform LinkedIn, LinkedIn can call the above. Assign Content and Functions to the Profiles of users there. LinkedIn Privacy Statement: .. LinkedIn is certified under the Privacy Shield Agreement and thus offers a Guarantee to comply with European Data protection law ( Privacy Policy:, Opt-Out:

Created with Privacy by RA Dr. Thomas Schwenke