Data Protection Notice

We are delighted that you are visiting our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to take this opportunity to inform you about which of your personal data we collect when you visit our website and for what purposes it is used. Personal data refers to individual details about the personal or factual circumstances of an identified or identifiable natural person (data subject), e.g., name, address, email addresses, user behavior. This is therefore data that we can use to identify you. In addition, you will also find occasional information here about data processing procedures outside this website (e.g., video conferences or newsletters).

Responsible for data processing

Responsible

for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)

GLORIA GmbH
Diestedder Str. 39
59329 Wadersloh
Telefon: +49 2523 77 0
E-Mail: [email protected]

Data Protection Officer

exkulpa gmbh
Waldfeuchter Str. 266
52525 Heinsberg
Telefon: 02452 / 99 33 11
E-Mail: [email protected]

General information

In addition to the data that you actively provide to us on this page (e.g., via our contact form), we collect some technical data. This so-called metadata is automatically transmitted from your computer to our servers as soon as you enter our website (including browser, operating system, or timestamp). We use this data to ensure that our website is displayed correctly. In addition, we may collect data via integrated third-party providers (e.g., for external media such as map services or analysis tools). We will explain the individual purposes and legal bases in the course of this privacy policy.

Storage period

Unless a separate storage period is specified in this privacy policy, we will store your personal data for as long as the purpose of data processing exists. If you contact us with a legitimate request for deletion or revoke your consent, we will delete your data. Statutory retention obligations remain unaffected.

Legal basis for data processing

If you have consented to data processing, your personal data will be processed on the basis of Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR if special categories of data are processed in accordance with Art. 9 (1) GDPR. If you have expressly consented to the transfer of personal data to third countries, the data will also be processed in accordance with Art. 49 (1) (a) GDPR. If you have consented to the storage of cookies or access to information on your end device (e.g., through device fingerprinting), data processing will also take place on the basis of § 25 (1) TDDDG. Your consent can be revoked at any time. If your data is necessary for the performance of a contract or for the implementation of pre-contractual measures, we process your data in accordance with Art. 6 (1) lit. b GDPR. In addition, we process your data if this is necessary to fulfill a legal obligation, on the basis of Art. 6 (1) lit. c GDPR. Data processing may also take place on the basis of our legitimate interest pursuant to Art. 6 (1) lit. f GDPR. The following sections of this privacy policy will inform you about the respective legal basis in individual cases.

Note on data transfer to third countries and US companies without DPF certification

Please note that we use tools from companies based in third countries or the US that are not covered by the EU-US Privacy Shield Framework (DPF) and where data protection is not guaranteed. When using these tools, your personal data may be transferred to these countries and processed there. Please note that these third countries cannot guarantee a level of data protection comparable to that of the EU.

We would like to clarify that the US generally offers a level of data protection comparable to that of the EU. The transfer of data to the US is permitted if the recipient has DPF certification or provides appropriate additional safeguards. Information about data transfers to third countries, including data recipients, can be found in our privacy policy.

Automated decision making

Your personal data will not be processed for the purpose of automated decision-making.

Your rights

As a data subject under the General Data Protection Regulation (GDPR), you have the following rights:

Right to information: You have the right to request confirmation from us as to whether your personal data is being processed and, if so, to receive further information about the processing and copies of the processed data (Art. 15 GDPR).
Right to rectification: You have the right to request the immediate rectification of inaccurate personal data concerning you and, where applicable, the completion of incomplete personal data (Art. 16 GDPR).
Right to erasure: You have the right to request the immediate erasure of personal data concerning you if the legal requirements are met, in particular if the data is no longer necessary for the purposes pursued and the processing is unlawful (Art. 17 GDPR).
Right to restriction of processing: You have the right to request that we restrict the processing of your personal data if the legal requirements are met, in particular if you dispute the accuracy of the data, the processing is unlawful, and you refuse to have it erased (Art. 18 GDPR).
Right to data portability: You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format, and you have the right to transmit this data to another controller without hindrance from us.

Right to lodge a complaint with a supervisory authority: You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates the GDPR (Art. 77 GDPR).

Further data processing procedures

General information requirements

This information is intended for customers, interested parties, suppliers, and employees. We process your personal data for the following purposes:

To fulfill our contractual obligations to you (Art. 6 (1) (b) GDPR).
To perform pre-contractual obligations (Art. 6 (1) (b) GDPR).
To respond to inquiries (Art. 6 (1) (b) GDPR).
If you have given us your consent to process your personal data for specific purposes (such as to receive our newsletter), data processing is based on your consent (Art. 6 (1) (a) GDPR).
To fulfill legal obligations to which our company is subject (Art. 6 (1) (c) GDPR).
Where necessary, we also process your data to protect our legitimate interests, in particular to assert legal claims and defend ourselves in legal disputes or to ensure IT security, to consult and exchange data with credit agencies to determine creditworthiness and default risks, for direct marketing and market research, provided you have not objected to the use of your data for this purpose, for measures relating to business management and the further development of services and products, for measures relating to product and sales optimization, for measures relating to risk management, and for the prevention or investigation of criminal offenses (Art. 6 para. 1 lit. f GDPR).

Categories of recipients of personal data

Within our company, only those employees who absolutely need the data to perform their tasks have access to it (need-to-know principle). Individual processes and services are carried out by carefully selected service providers who are based within the EEA and who comply with data protection regulations. If service providers commissioned by us have access to personal data when performing their services, data processing agreements in accordance with Art. 28 (3) GDPR have been concluded with them.

Duration of data storage

The data we process is stored for the duration of the contractual relationship and in compliance with statutory retention periods. These include, in particular, commercial and tax law retention obligations under the German Commercial Code (HGB) and the German Fiscal Code (AO). The regular retention and documentation periods are up to ten years. If no contractual relationship is established, we only process the data for as long as the specific purpose requires.

Cookies

Cookies are small text files that are stored by your browser on your device to save certain information during your use of the website. Cookies enable us to improve various aspects of our website and make your visit more convenient.

There are different types of cookies that serve different purposes. Temporary cookies, also known as session cookies, are only stored for the duration of your use of the website and are automatically deleted when you close your browser. Persistent cookies, on the other hand, remain stored on your device for a longer period of time and enable us to recognize you and your preferences when you visit the website again.

Cookies can also be divided into first-party cookies and third-party cookies. First-party cookies are set by our website, while third-party cookies are set by other websites or service providers whose content is integrated into our website, such as plugins or analysis tools.

Cookies are used for various purposes, such as to ensure the functionality of the website, to store user settings, to compile anonymous statistics on user behavior, or to display personalized content and advertising. The legal basis for the use of cookies varies depending on the purpose of the cookies. In some cases, the setting of cookies is based on your legitimate interest pursuant to Art. 6 (1) lit. f GDPR in order to make our website functional and user-friendly. As a website operator, we have a legitimate interest in storing necessary cookies for the technically error-free and optimized provision of our services. If we obtain your consent for the use of cookies, processing is based on Art. 6 (1) lit. a GDPR in conjunction with § 25 (1) TDDDG. Your consent can be revoked at any time.

Consent with TrustArc

Our website uses TrustArc consent technology to obtain your consent to store certain cookies on your device or to use certain technologies and to document this in accordance with data protection regulations. The provider is TrustArc Inc, 2121 N. California Blvd., Suite 290, Walnut Creek, CA 94596, USA.

When you visit our website, a connection is established to TrustArc’s servers in order to obtain your consent and other declarations regarding the use of cookies. A cookie is set in your browser in order to assign and document your consent or revocation. This data is stored until you delete the cookie, request us to delete the data, or the purpose for data processing no longer applies. Statutory retention obligations remain unaffected.
TrustArc is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 (1) lit. c GDPR.

The company is certified under the EU-US Data Privacy Framework (DPF), an agreement between the European Union and the US that aims to ensure compliance with European data protection standards when processing data in the US. Certification under the DPF obliges companies to comply with these data protection standards.

Data transfers to the US are based on the EU Commission’s standard contractual clauses. For more information on data processing by TrustArc, please visit https://trustarc.com/privacy-policy/.

Data processing in detail

Below, we provide information about the individual processing operations, the scope and purpose of data processing, the legal basis, the obligation to provide your data, and the respective storage period. Automated decision-making in individual cases, including profiling, does not take place.

Provision of the website

When you visit and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a log file:

IP address of the requesting computer
Date and time of access
Name and URL of the file accessed
Website from which access is made (referrer URL)
Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider

Our website is not hosted by us, but by a service provider who processes the aforementioned data on our behalf for the purpose of providing the website in accordance with Art. 28 GDPR.

The host is used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 (1) (b) GDPR) and in the interest of secure, fast, and efficient provision of our online services by a professional provider (Art. 6 (1) (f) GDPR).

We use the following host:

Cloudflare Inc.
101 Townsend St.
San Francisco
CA 94107, USA

Contact form

Type and scope of processing

When you send us inquiries (e.g., via contact form, email, or telephone), we store all data resulting from this (e.g., name, email address, subject of the inquiry, etc.). We need this data to process your inquiry and to be able to answer follow-up questions. We do not pass on this data without your consent.

Purpose and legal basis

This data is processed on the basis of Art. 6 (1) (b) GDPR, provided that your inquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. Otherwise, the processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6 (1) lit. f GDPR) or on your consent (Art. 6 (1) lit. a GDPR) if you have given it beforehand.

Storage period

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to its storage, or the purpose for data storage no longer applies (e.g., after your inquiry has been processed). Mandatory legal provisions—in particular retention periods—remain unaffected.

Contact form for applicants

Type and scope of processing

We collect and process the personal data of applicants. Such data processing may also be carried out electronically, for example, when applicants send us their application documents by email or via a web form on our website. On our website, we offer you the option of sending us your application for advertised job vacancies by email.

Purpose and legal basis

We process the personal data of applicants in accordance with the legal requirements for the purpose of initiating an employment relationship (Art. 6 (1) (b) GDPR). You are not obliged to provide us with this data. However, without this data, we cannot carry out an application process with you.

If your application is successful, the data you submit will be stored in our data processing systems on the basis of Art. 6 (1) (b) GDPR and, if you provide us with special categories of personal data such as health information, on the basis of Art. 9 (2) (b) for the purpose of implementing the employment relationship.

For the purpose of contacting potential applicants, we also use the services of the professional networks LinkedIn and XING. The operators of the networks act as processors for us in accordance with our instructions. The legal basis for data processing when contacting potential applicants on our behalf is Art. 6 para. 1 lit. f GDPR (our legitimate interests). If you send us your application as a result of such contact, we will process your data for the purpose of initiating an employment relationship as described above on the basis of Art. 6 para. 1 lit. b GDPR.

Storage period

Your data will be stored for a period of 6 months after the application process has been completed. This is done to protect our legitimate interests in order to check whether we need the data to defend against any claims in connection with the application process. We are then obliged to delete or anonymize your data. In this case, the data will only be available to us as metadata without direct personal reference for statistical evaluations (e.g., proportion of female or male applicants, number of applications per period, etc.).

If it is apparent that further storage of the data is necessary after the expiry of the 6-month period to safeguard our legitimate interests (e.g. due to an impending or pending legal dispute), deletion will only take place when the purpose for further storage no longer applies. The legal basis for this further data storage is our legitimate interests in asserting, exercising, or defending civil law claims (Art. 6 (1) (f) GDPR in conjunction with § 24 (1) No. 2 BDSG or, if special categories of personal data are stored, Art. 9 (2) (f) GDPR in conjunction with § 24 (2) BDSG).

Inclusion in the applicant pool

As part of the application process, we offer applicants the opportunity to be included in our “talent pool” for a period of 24 months on the basis of consent within the meaning of Art. 6 (1) (a) and Art. 9 (2) (a) GDPR. If you have provided special categories of personal data in your application, such as health information, your consent also extends to this data. You are not obliged to provide us with your application data for our talent pool. However, without this data, we will not be able to consider you for future vacancies unless you submit a new application.

Consent to the inclusion of application data in the talent pool is voluntary and can be revoked at any time for the future. Revocation of consent does not affect the lawfulness of data processing based on consent prior to revocation.

Your application documents will be deleted from the talent pool at the latest after the storage period has expired or in the event of revocation or acceptance of a job offer from one of the companies responsible for the talent pool.

If you receive an offer of employment from us during the application process and accept it, we or this company will store the personal data collected during the application process for the purpose of implementing the employment relationship. The legal basis for this data processing is Art. 6 (1) (b) GDPR or, if you provide us with special categories of personal data such as health information, Art. 9 (2) (b).

Presence on social media platforms

We operate public profiles on various social networks on our website. You can find more detailed information about the social networks we use in the relevant sections of our privacy policy.

Social networks such as Facebook, Twitter, and others can comprehensively analyze your user behavior when you visit their websites or a website with integrated social media content (e.g., like buttons or advertising banners). Visiting our social media presences triggers numerous data processing operations relevant to data protection:

If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.

With the help of the data collected in this way, the operators of social media portals can create user profiles in which your preferences and interests are stored. This allows interest-based advertising to be displayed to you both within and outside the respective social media presence. If you have an account with the respective social network, interest-based advertising can be displayed on all devices on which you are or were logged in.

Please note that we cannot track all processing operations on social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and privacy policies of the respective social media portals.

Legal basis for data processing

Our social media presence serves to ensure the most comprehensive presence possible on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be specified by the operators of the social networks (e.g., consent within the meaning of Art. 6 (1) (a) GDPR).

Responsible party and assertion of rights

When you visit our social media sites (e.g., Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. You can assert your rights (information, correction, deletion, restriction of processing, data portability, and complaint) both against us and against the operator of the respective social media portal (e.g., Facebook).

Despite our joint responsibility with the social media portal operators, we do not have full control over the data processing operations of the social media portals. Our options are largely determined by the corporate policy of the respective provider.

Duration of data storage

The data collected directly by us via our social media presence will be deleted from our systems as soon as you request us to do so, revoke your consent to storage, or the purpose for data storage no longer applies. Stored cookies remain on your device until you delete them. Mandatory legal provisions—in particular retention periods—remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g., via their privacy policy, see below).

Facebook page

Our company has a profile on Facebook. This service is provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter referred to as Meta). According to Meta, the data collected is also transferred to the US and other third countries.

We have entered into a joint processing agreement (Controller Addendum) with Meta. This agreement specifies which data processing operations we and Meta are responsible for when you visit our Facebook page. You can view the agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.

You can adjust your advertising settings yourself in your user account. To do so, click on the following link and log in: https://www.facebook.com/settings?tab=ads.

Data transfers to the US are based on the EU Commission’s standard contractual clauses. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

For more information, please refer to Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

LinkedIn page

Our company has a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.

If you wish to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Data transfers to the US are based on the EU Commission’s standard contractual clauses. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.

For more information on how your personal data is handled, please refer to LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.

Video Conferencing

Data Processing

We use online conferencing tools to communicate with our customers. The specific tools we use are listed below. When you communicate with us via video or audio conferencing, your personal data is collected and processed by us and the provider of the respective tool.

The tools collect the data you provide, including your email address and phone number. They also process the duration of the conference, when you participated in the conference, the number of participants, and other metadata.

In addition, the provider of the tool processes all technical data necessary to conduct the conference. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.

If you share content in this service, it will be stored on the providers’ servers. This includes cloud recordings, chat messages, voice messages, and photos and videos that you have shared while using this service.

Please note that we do not have full control over the data processing operations of the tools used. For more information on data processing by the conference tools, please refer to the privacy policies of the respective tools used.

Purpose and legal basis

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 (1) (b) GDPR). Furthermore, the use of the tools serves to generally simplify and accelerate communication with us or our company (legitimate interest within the meaning of Art. 6 (1) (f) GDPR). If you have previously given your consent to data processing, the processing of your data will take place solely on the basis of Art. 6 (1) (a) GDPR; consent can be revoked at any time.

Storage period

The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you request us to do so, revoke your consent to storage, or the purpose for data storage no longer applies. Stored cookies remain on your device until you delete them. Mandatory legal retention periods remain unaffected.

We have no influence on the storage period of your data stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

Video conferencing tools used

We use the following tools for video conferencing:

Microsoft Teams

We use Microsoft Teams. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. Details on data processing can be found in the Microsoft Teams privacy policy: https://privacy.microsoft.com/de-de/privacystatement.

The company is certified under the EU-US Data Privacy Framework (DPF), an agreement between the European Union and the US that aims to ensure compliance with European data protection standards when processing data in the US. Certification under the DPF requires companies to comply with these data protection standards.

Data transfers to the US are based on the EU Commission’s standard contractual clauses. Details can be found here: https://privacy.microsoft.com/de-de/privacystatement.

Order processing

To ensure that personal data is processed in accordance with our specifications and in compliance with the GDPR, we have concluded an order processing agreement (AVV) with the provider. Website visitors are only processed in accordance with our instructions and in compliance with the GDPR.

Zoom

We use Zoom. This service is provided by Zoom Communications Inc., San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. Details on data processing can be found in Zoom’s privacy policy: https://zoom.us/de-de/privacy.html.

Data transfers to the US are based on the EU Commission’s standard contractual clauses. Details can be found here: https://zoom.us/de-de/privacy.html.

Order processing

Google Ads

On this website, we use services and features from Google Ads, which are offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Type and scope of data processing

With the help of Google Ads, we can display online advertisements in the Google search engine or on other websites when users search for specific terms. In addition, advertisements can be placed for specific target groups based on user data. For example, the advertisements are tailored to the interests and location of the users. We evaluate this user data and the number of clicks in order to measure the success of our advertisements.

Legal basis

When using Google Ads, we rely on Art. 6 (1) lit. f GDPR as the legal basis, as we have a legitimate interest in analyzing the use of our website in order to successfully market our services and products.

The transfer of your personal data to the US is based on the standard contractual clauses of the EU Commission. For more information, please visit https://policies.google.com/privacy/frameworks and

https://privacy.google.com/businesses/controllerterms/mccs/.

Google Analytics

We use Google Analytics services and functions on this website, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Type and scope of data processing

Google Analytics enables us, as website operators, to determine how our website is used. As part of the analysis, we learn how often our website is visited, how long visitors stay on the site, and what devices or systems they use to access the website. We can also track your mouse movements and clicks. Google Analytics uses machine learning and other technologies to analyze and supplement your data. The collected data is usually processed on Google servers in the USA.

Legal basis

When using Google Analytics, we rely on your consent in accordance with Art. 6 (1) (a) GDPR in conjunction with §25 (1) TDDDG. You can revoke your consent at any time.

The transfer of your personal data to the USA is based on the standard contractual clauses of the EU Commission. For more information, please visit https://privacy.google.com/businesses/controllerterms/mccs/.

Order processing

To ensure that personal data is processed in accordance with our specifications and in compliance with the GDPR, we have concluded an order processing agreement (AVV) with the provider.

Storage period

Google stores data linked to cookies, user IDs, or advertising IDs for two months, after which it is anonymized or deleted. For more information on the storage period or how to delete your data, please visit https://support.google.com/analytics/answer/7667196?hl=de.

Google DoubleClick

On this website, we use services and functions provided by Google DoubleClick, offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Type and scope of data processing

Google DoubleClick enables us to display targeted advertisements in Google applications that match the interests of users. In order to offer relevant advertising, Google DoubleClick must identify users and link their visits to websites, clicks, and other information to their user behavior. To do this, Google DoubleClick uses cookies and technologies to recognize users and creates pseudonymized user profiles based on the collected data.

You can disable this personalized advertising in your personal Google account at https://policies.google.com/technologies/ads and

https://adssettings.google.com/authenticated.

Legal basis

When using Google DoubleClick, we refer to Art. 6 (1) lit. f GDPR as the legal basis, as we have a legitimate interest in analyzing the use of our website. This enables us to optimize our online presence and offers for you. If you have previously given your consent to data processing by Google DoubleClick on this website, the processing of your data is based on Art. 6 (1) (a) GDPR in conjunction with §25 (1) TDDDG. You can revoke your consent at any time.

Google Fonts

This website uses web fonts to ensure uniform presentation of fonts provided by Google. When you visit the site, your browser loads the required web fonts into your browser cache so that texts and fonts are displayed correctly. To do this, the browser you are using establishes a connection to Google’s servers. This allows Google to obtain your IP address.

Legal basis

The use of Google Web Fonts is based on our legitimate interest in a uniform presentation of the typeface on our website (Art. 6 para. 1 lit. f GDPR). If corresponding consent has been requested (e.g., consent to the storage of cookies), the data will be processed exclusively on the basis of your consent in accordance with Art. 6 (1) lit. a GDPR and § 25 (1) TDDDG. This consent can be revoked at any time. If your browser does not support web fonts, a standard font from your computer will be used. Further information on Google Web Fonts can be found here: https://developers.google.com/fonts/faq. Google’s privacy policy can be found here: https://policies.google.com/privacy?hl=de.

The company is certified under the EU-US Data Privacy Framework (DPF), an agreement between the European Union and the US that aims to ensure compliance with European data protection standards when processing data in the US. Certification under the DPF requires companies to comply with these data protection standards.

Google Tag Manager

On this website, we use services and functions from Google Tag Manager, which is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that helps us use other tools on our website. It does not create user profiles, store cookies, or perform independent analyses. However, your IP address is recorded and may be transmitted to the US. Google Tag Manager itself is only used to manage the tools that are integrated through it.

When using Google Tag Manager on this website, we rely on Art. 6 (1) lit. f GDPR as the legal basis, as we have a legitimate interest in implementing and controlling tracking tools on this website quickly and easily. If you have previously given your consent to data processing on this website by Google Tag Manager, the processing of your data is based solely on the legal basis of Art. 6 (1) lit. a GDPR § 25 (1) TDDDG. You can revoke your consent at any time.

Google reCAPTCHA

Type and scope of processing

This website uses Google reCAPTCHA. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

reCAPTCHA is used to verify data entry (e.g., in a contact form) on this website. Specifically, whether this is done by a human or by an automated program. Google reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. The analysis starts automatically as soon as the visitor accesses the website. The data collected during the analysis, such as the IP address, the length of time the website visitor stays on the site, or the mouse movements made, is forwarded to Google.

Website visitors are not notified that an analysis is taking place; it runs completely in the background.

Google’s privacy policy and terms of use can be found at the following links: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de.

Purpose and legal basis

The storage and analysis of data is based on our legitimate interest in protecting our web offerings from abusive automated spying and spam (Art. 6 (1) (f) GDPR). If corresponding consent has been requested, the data will be processed exclusively on the basis of your consent in accordance with Art. 6 (1) (a) GDPR. This consent can be revoked at any time.

OneTrust Geolocation

Type and scope of processing

We have integrated OneTrust Geolocation into our website. OneTrust Geolocation is a consent solution from OneTrust Technology Ltd, 82 St John Street, London, EC1M 4JN, United Kingdom, which can be used to obtain and document consent for the storage of cookies. OneTrust Geolocation uses cookies or other web technologies to recognize users and store the consent that has been given or revoked.

Purpose and legal basis

The use of the service is based on obtaining the legally required consent for the use of cookies in accordance with Art. 6 (1) (c) GDPR.

Storage period

We have no influence on the specific storage period of the processed data; this is determined by OneTrust Technology Ltd. For further information, please refer to the privacy policy for OneTrust Geolocation: https://www.onetrust.de/datenschutzerklaerung/.

Date of last update: November 12, 2024