Data protection

Privacy policy

Thank you for visiting our website and for your interest in our company. We understand data protection as a customer-oriented quality feature. The protection of your personal data and the protection of your personal rights are important to us.

With this data protection declaration, we would like to inform all visitors to our website transparently about the type, scope and purpose of the personal data collected, used and processed by us and inform you about the rights to which you are entitled.

In principle, it is possible to use our website without providing personal data. However, should you use services of our company via our website, the processing of your personal data may become necessary.

The data automatically collected when you visit our website or the personal data entered by you when using our services will be processed in accordance with the current legal provisions on the protection of personal data.

If processing of your personal data is necessary and there is no legal basis for such processing, we generally obtain consent for the required purpose of the processing.

As the company responsible for processing, we have established technical and organizational measures to ensure the highest possible level of protection for your personal data.

However, we would like to point out that data transmission via the World Wide Web can generally have security gaps.

If you would like to use the services of our company and do not want to use the method of data transmission via the World Wide Web, you also have the option of contacting us by telephone.

1. contact details of the data controller

The controller within the meaning of the General Data Protection Regulation, is:

Company:
becon GmbH
Street: Hauptstraße 8b
Postcode/Place: 82008 Unterhaching
Tel.: 089 608668‑0
E-Mail: info@opencelium.de

The appointed data protection officer is

Mr. Stephan Hartinger
Coseco GmbH
Phone: 08232 80988-70
E-Mail: datenschutz@coseco.de

2. collection of general access information

Each time our website is accessed, server log file information that your browser transmits to us is automatically collected. These are:

1. IP address (Internet Protocol address) of the accessing computer.
2. the website from which you visit us (referrer)
3. the website that you visit on our site
4. the date and duration of the visit
5. browser type and browser settings
6. operating system

We would like to point out that this data cannot be assigned to a specific person. We use this technical access information exclusively for the following purposes:

1. to improve the attractiveness and usability of our website,
2. to detect technical problems on our website at an early stage.
3. to deliver the contents of our website correctly,
4. and to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack.

This data is stored as a technical precaution for a maximum of 7 days to protect the data processing systems against unauthorized access.

3. Collection and disclosure of personal data

Personal data is information with the help of which a person can be determined, i.e. information that can be traced back to a person. This includes the name, email address or telephone number. . But also data about preferences, hobbies, memberships or which websites were viewed by someone count as personal data. Personal data is only collected, used and passed on by the provider if this is legally permitted or the users consent to the data collection. We use your personal data only for the purposes stated on this information page on data protection.

The following input masks for the collection of personal data exist on our website:

3.1 Registration on our website

You can use the following registration options on our website:

* Blog comment function
* Transmission of application documents
* Recruiting
* Contact form

3.1.1 Blog comment function

We offer you a blog on our website and the opportunity to leave individual comments on individual blog posts. A blog is a portal on a website, usually open to the public, in which one or more people, called bloggers, can post articles or write down thoughts in so-called blogposts. The blogposts can usually be commented by you.

If you leave a comment in our blog, in addition to the comments left by the data subject, information on the time of comment entry and the user name (pseudonym) chosen by the data subject will be stored and published. Furthermore, your IP address will also be logged. This storage of the IP address takes place for security reasons and in the event that the rights of third parties are violated by a submitted comment or illegal content is posted. The storage of this personal data is therefore in our own interest, so that we can provide evidence in the event of a violation of the law, if necessary. There is no disclosure of this collected personal data to third parties, unless such disclosure is required by law or serves the legal defense.

Subscription to comments in the blog on the website

The comments made in our blog can generally be subscribed to by third parties.

If you choose the option to subscribe to comments, we will send an automatic confirmation email to verify that the owner of the specified email address has really opted for this option (double opt in). The option to subscribe to comments can be terminated at any time.

To subscribe to the blog, we need the following information from you:

1. e-mail address

3.1.2 Transmission of application documents

In the course of your application (online application or by mail), we collect and process various personal application data.

This includes in particular your

* Contact information (name, address, telephone number and e-mail)
* Application documents (letter of application, curriculum vitae, certificates or other proof of education and qualifications).

3.1.3 Recruiting

On our website, we offer you the opportunity to use our online application form, which you can use to apply for a job with us.

In order to respond to your application, we require the following information from you:

1. first and last name
2. e-mail address
3. curriculum vitae
4. cover letter
5. certificates

The data mentioned here will be used exclusively for the application process.

If we have received your e-mail address in connection with job offers or via the application form and you have not objected to this, we reserve the right to contact you about similar job offers.

In the context of an online application via the application form, the transmission takes place exclusively via an encrypted page in accordance with the currently recognized state of the art, so that your personal data and your application documents are protected against manipulation and unauthorized access.

After sending, you will receive an e-mail confirming receipt of the application documents.

Your personal application data is collected and processed exclusively for the purpose of filling vacancies within our company. Your data will only be forwarded to the internal departments and specialist departments of our company responsible for the specific application procedure. Your personal application data will not be passed on to other companies without your prior express consent. Your application data will not be used or passed on to third parties in any other way.

Your personal application data will be deleted automatically three months after completion of the application process. This does not apply if legal regulations prevent deletion, if further storage is

necessary for the purpose of providing evidence, or if you agree to longer storage or you have expressly consented to longer storage, e.g. for future job advertisements.

If an employment contract is concluded with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions.

3.1.4 Contact via e-mail or contact form

On our website, we offer you the option of contacting us by e-mail and/or via a contact form.

If you contact us by e-mail or via a contact form, the personal data you provide will be stored automatically.

Such personal data transmitted to us by you on a voluntary basis will be stored for the purpose of processing your inquiry or contacting the data subject. This personal data will not be passed on to third parties.

4. What are cookies used for?

COOKIE POLICY

What are cookies?

Cookies are small text files created by a website during your visit. They store information that may be useful for further navigation on the website. This way, your information remains even if you move to another page and your use of the website can be analyzed.

By using our website, you consent to the use and storage of cookies on your terminal device. However, you can also view our website without cookies.

We recommend that you leave cookies turned on, otherwise you may miss a lot of information. Most browsers accept cookies automatically.

Manage cookies

You have the option to control the acceptance of cookies yourself and, if necessary, to prevent them by configuring your browser.

We would like to point out that changes to settings always only affect the browser in question. If you use different browsers or change the end device, the settings must be made again. In addition, you can delete cookies from your storage medium at any time. For information on cookie settings, how to change them and how to delete cookies, please refer to the help function of your web browser.

Below you will find links to the setting options of the most common browsers:

Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Chrome: https://support.google.com/chrome/answer/95647?hl=de
Safari: http://support.apple.com/kb/PH5042
Opera: http://help.opera.com/Linux/9.00/de/cookies.html

You can manage many online ad cookies from companies via the US site

http://www.aboutads.info/choices/ or the EU side http://www.youronlinechoices.com/uk/yourad-choices/ verwalten.

The most common types of cookies are explained below for your understanding:

1. Session cookies

While you are active on a website, a session cookie is temporarily stored in the memory of your computer, in which a session identifier is stored, for example, to prevent you from having to log in again each time you change pages. Session cookies are deleted when you log out or lose their validity once their session has automatically expired.

2. Permanent or protocol cookies

A persistent or protocol cookie stores a file on your computer for the period of time specified in the expiration date. These cookies allow websites to remember your information and preferences the next time you visit. This results in faster and more convenient access, as you do not have to set your language preferences for our portal again, for example. When the expiration date passes, the cookie is automatically deleted when you visit the website that generated it.

3. Third-party cookies

Third-party cookies come from providers other than the website operator. For example, they may be used to collect information for advertising, custom content, and web statistics.

4. Flash cookies

Flash cookies are stored on your computer as data elements of websites when they are powered by Adobe Flash. Flash cookies have no time limit.

The following cookies are used on this website:

5. Deployment and use of tracking, analysis tools and social plugins

5.1 Google Tag Manager

For our website we use the Google Tag Manager of the company Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.

Google Tag Manager is an organizational tool that allows website tags to be included and managed centrally and via a user interface. Tags are small sections of code that, for example, record (track) your activity on our website. For this purpose, JavaScript code sections are inserted into the source code of our page. The tags often come from Google’s own products such as Google Ads or Google Analytics, but tags from other companies can also be included and managed via the manager. Such tags perform different tasks. They can collect browser data, populate marketing tools with data, embed buttons and forms, set cookies, and also track users across multiple websites.

In order to make our website as good as possible for you and all people interested in our products and services, we need various tracking tools such as Google Analytics. The data collected from these tools shows us what you are most interested in, where we can improve our services and which people we should still show our offers to. And for this tracking to work, we need to embed appropriate JavaScript codes into our website.

What data is stored by Google Tag Manager?

The Tag Manager itself is a domain that does not set cookies or store data. It acts as a “manager” of the implemented tags. The data is collected by the individual tags of the different web analytics tools. The data is only forwarded to the individual tracking tools in Google Tag Manager and is not stored. Information on the storage and processing of the individual analysis and tracking tools can be found in the corresponding data protection texts.

When Google stores data, that data is stored on Google’s own servers. The servers are distributed all over the world. Most are located in America. You can find out exactly where Google servers are located at https://www.google.com/about/datacenters/locations/?hl=de.

How can I delete my data or prevent data storage?

Google Tag Manager itself does not set cookies, but manages tags from various tracking websites. In our privacy texts for the individual tracking tools, you will find detailed information on how to delete or manage your data.

Legal basis

The use of Google Tag Manager requires your consent, which we have obtained with our cookie popup. This consent constitutes, according to Art. 6 para. 1 lit. a DSGVO (consent) constitutes the legal basis for the processing of personal data as may occur during the collection by web analytics tools.

In addition to consent, there is a legitimate interest on our part in analyzing the behavior of website visitors and thus improving our offering technically and economically. With the help of Google Tag Manager we can improve our profitability. The legal basis for this is Art. 6 para. 1 lit. f DSGVO (Legitimate Interests).

If you want to learn more about Google Tag Manager, we recommend the FAQs at https://support.google.com/tagmanager/?hl=de#topic=3441530.

5.2 Google Analytics

This offer uses Google Analytics, a web analytics service provided by Google Inc. (“Google“). Google Analytics uses “cookies”, which are text files placed on users’ computers, to help the website analyze how users use the site. The information generated by the cookie about the use of this website by users is usually transmitted to a Google server in the USA and stored there.

In the event that IP anonymization is activated on this website, however, Google will truncate the user’s IP address beforehand within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. . IP anonymization is active on this website. On behalf of the operator of this website, Google will use this information for the purpose of evaluating the use of the website by users, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.

The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google. Users may refuse the use of cookies by selecting the appropriate settings on their browser, however please note that if you do this you may not be able to use the full functionality of this website. Users can also prevent the collection of data generated by the cookie and related to their use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

For more information on Google’s use of data for advertising purposes, settings and opt-out options, please visit Google’s websites: https://www.google.com/intl/de/policies/privacy/partners/ (“Data use by Google when you use our partners’ websites or apps”), http://www.google.com/policies/technologies/ads (“Data use for advertising purposes”), http://www.google.de/settings/ads (“Manage information Google uses to show you ads”) and http://www.google.com/ads/preferences/ (“Determine what ads Google shows you”).

As an alternative to the browser add-on or within browsers on mobile devices, please click this link to prevent the collection by Google Analytics within this website in the future. This will place an opt-out cookie on your device. If you delete your cookies, you must click this link again.

The following tracking and analysis tools are used:

* Google Analytics Dashboard for WP (GADWP)

* Slimstat Analytics

* Slimstat Analytics – Custom DB

* Slimstat Analytics – Heatmap

* Download Monitor

* Email before Download

* Email Subscribers & Newsletters

1. Purpose of data processing: The provider (or its web space provider) collects data about each access to the offer (so-called server log files). The provider uses the log data only for statistical analysis for the purpose of operation, security and optimization of the offer. However, the provider reserves the right to subsequently review the log data if there is a justified suspicion of unlawful use based on concrete indications.
2. Type of data: Access data includes: Name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.
3. The legal basis for data processing is Art. 6 DSGVO
4. The user has the right to receive, upon request and free of charge, information about the personal data stored about him. . In addition, the user has the right to correct incorrect data, blocking and deletion of his personal data, provided that this does not conflict with any legal obligation to retain data. Please contact the above addresses in this regard.

5.3 Google Ads and Google Ads Conversion-Tracking

We use Google Ads (formerly Google AdWords) as an online marketing measure to promote our products and services. As part of our advertising measures through Google Ads, we use the conversion tracking of the company Google Inc. on our website. In Europe, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. With the help of this tracking tool, we can better adapt our advertising offer to your interests and needs.

A conversion occurs when you go from a purely interested website visitor to an acting visitor. This happens whenever you click on our ad and subsequently perform another action, such as visiting our website. With Google’s conversion tracking tool, we record what happens after a user clicks on our Google Ads ad.

The goal is for our advertising campaigns to reach those people who are interested in what we have to offer. With the conversion tracking tool we can see which keywords, ads, ad groups and campaigns lead to the desired customer actions. This data enables us to calculate our cost-benefit factor, measure the success of individual advertising measures and consequently optimize our online marketing activities. We can use the data obtained to make our website more interesting for you and adapt it more individually to your needs.

What data is stored with Google Ads conversion tracking?

We have included a conversion tracking tag or code snippet on our website to better analyze certain user actions. If you now click on one of our Google Ads ads, the cookie “Conversion” from a Google domain is stored on your browser. As soon as you complete an action on our website, Google Ads recognizes the cookie and saves your action as a so-called conversion. As long as you surf our website and the cookie has not yet expired, we and Google recognize that you have found us through our Google Ads ad. The cookie is read and sent back to Google Ads with the conversion data. For ads that Google displays in different locations on the web, cookies with the name “_gads” or “_gac” may be set under our domain. We do not collect or receive any personal data.

How long will the data be stored?

In most cases, conversion cookies expire after 30 days and do not transmit any personal data. The cookies named “Conversion” and “_gac” have an expiration date of 3 months.

How can I delete my data or prevent data storage?

You have the option not to participate in Google Ads conversion tracking. If you deactivate the Google conversion tracking cookie via your browser, you block conversion tracking. In this case, you will not be included in the statistics of the tracking tool. You can change the cookie settings in your browser at any time. This works slightly differently for each browser. Under the section “Cookies” you will find the corresponding links to the respective instructions of the most popular browsers.

Legal basis

If you have consented to the use of Google Ads Conversion Tracking, the legal basis of the corresponding data processing is this consent. This consent constitutes, according to Art. 6 para. 1 lit. A DSGVO (consent) constitutes the legal basis for the processing of personal data.

On our part, there is also a legitimate interest in using Google Ads Conversion Tracking to optimize our online service and our marketing measures. The corresponding legal basis for this is Art. 6 para. 1 lit. f DSGVO (Legitimate Interests). We only use Google Ads Conversion Tracking if you have given your consent.

The Google Ads Data Processing Terms, which reference the Standard Contractual Clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.

If you would like to learn more about Google’s privacy policy, we recommend Google’s general privacy policy: https://policies.google.com/privacy?hl=de.

5.4 Font Aweaome

We use Font Awesome from the American company Fonticons (307 S. Main St., Suite 202, Bentonville, AR 72712, USA) on our website. When you access our website, the Font Awesome web font (specifically icons) is loaded via the Font Awesome content delivery network (CDN). This way, the texts or fonts and icons are displayed appropriately on each end device. In this privacy policy, we go into more detail about data storage and data processing by this service.

Why do we use Font Awesome on our website?

Font Awesome allows content on our website to be better presented. This allows you to better orientate yourself on our website and to grasp the contents more easily. These icons are inserted as HMTL code instead of an image. This allows us to edit the icons with CSS exactly as we want. At the same time, with Font Awesome we also improve our loading speed because it is only HTML elements and not icon images. All these advantages help us to make the website even clearer and faster for you.

What data is stored by Font Awesome?

Font Awesome Content Delivery Network (CDN) is used to load icons and symbols. CDNs are networks of servers that are distributed around the world and make it possible to quickly load files from nearby. Thus, as soon as you visit one of our pages, the corresponding icons from Font Awesome are also provided.

In order for the web fonts to load, your browser must connect to the servers of the company Fonticons, Inc. , Inc. Your IP address will be detected. Font Awesome also collects data about which icon files are downloaded and when. Furthermore, technical data is also transmitted. For the following reasons, this data is collected and stored:

– to optimize content delivery networks

– to detect and correct technical errors

– to protect CDNs from misuse and attacks

If your browser does not allow web fonts, a default font of your PC will be used automatically. No cookies are set by Font Awesome.

How long and where is the data stored?

Font Awesome stores data about Content Delivery Network usage on servers also located in the United States of America. However, CDN servers are located worldwide and store user data wherever you are. In identifiable form, the data is usually stored for only a few weeks. Aggregated statistics on usage from the CDNs can also be stored for longer. Personal data is not included here.

How can I delete my data or prevent data storage?

Font Awesome does not store any personally identifiable information about the content delivery networks. Unfortunately, if you do not want data about the icons you use to be stored, you will not be able to visit our website. If your browser does not allow web fonts, no data will be transferred or stored, in which case the default font of your computer will simply be used.

Legal basis

If you have consented to Font Awesome being used, the legal basis of the relevant data processing is that consent. This consent constitutes, according to Art. 6 para. 1 lit. a DSGVO (consent) constitutes the legal basis for the processing of personal data.

From our side, there is also a legitimate interest to use Font Awesome to optimize our online service. The corresponding legal basis for this is Art. 6 para. 1 lit. f DSGVO (Legitimate Interests). Nevertheless, we only use Font Awesome if you have given your consent.

If you would like to learn more about Font Awesome and how they handle data, we encourage you to visit their privacy policy at https://fontawesome.com/privacy and their help page at https://fontawesome.com/support.

5.5 Privacy policy for the use of HubSpot

Our website uses HubSpot, a software of HubSpot Inc, USA. This software is used in the so-called area of inbound marketing and helps us to better coordinate and optimize our marketing strategy by means of statistical analyses and evaluation of logged user behavior, among other things. Cookies (see below) are used. You can prevent the storage of cookies at any time by selecting the appropriate settings on your browser software or delete the cookies already stored. Please note that if cookies are blocked, you may not be able to make full use of the services provided on our website. For more information, please refer to the Terms of Use and Privacy Policy of HubSpot Inc. accordingly at http://www.hubspot.com/terms-of-service and at http://www.hubspot.com/privacy-policy. If you do not want the information about your visit to be used for the purposes described, please feel free to let us know at any time by email or regular mail. All information we collect is subject to this Privacy Policy. HubSpot is subject to TRUSTe ‘s Privacy Seal and the U.S. – EU Safe Harbor Framework and the U.S. – Swiss Safe Harbor Framework. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Phone: +353 1 5187500.

5.6 YouTube

As soon as you visit one of our pages that has a YouTube video embedded, YouTube sets at least one cookie that stores your IP address and our URL. YouTube is a video platform of Google Inc. (“Google“). Privacy policy of the provider: https://policies.google.com/privacy

If you are logged into your YouTube account, YouTube can assign your interactions on our website to your profile, usually with the help of cookies. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution or your internet service provider. Other data may include contact information, any ratings, sharing content via social media, or adding to your favorites on YouTube. If you are not signed into a Google Account or YouTube account, Google stores data with a unique identifier associated with your device, browser, or app. For example, your preferred language setting is retained. But a lot of interaction data can’t be stored because fewer cookies are set.

For more information on Google’s use of data for advertising purposes, settings and opt-out options, please visit Google’s websites: https://www.google.com/intl/de/policies/privacy/partners/ (“Data use by Google when you use our partners’ websites or apps”), http://www.google.com/policies/technologies/ads (“Data use for advertising purposes”), http://www.google.de/settings/ads (“Manage information Google uses to show you ads”) and http://www.google.com/ads/preferences/ (“Determine what ads Google shows you”).

6. Deletion, blocking and duration of storage of personal data

We process and store your personal data only for the period of time required to achieve the respective purpose of storage or as provided for by the various retention periods stipulated by law.

After the end of a storage purpose or after the expiration of the retention period provided by law, the personal data will be routinely blocked or deleted for further processing in accordance with the statutory provisions.

7. Data protection rights of the data subject

If you have questions about your personal data, you can contact us in writing at any time. You have the following rights according to DS-GVO:

7.1 The right to information (sub-item Art. 15 DS-GVO)

You have the right to obtain information at any time about which categories and information about your personal data are processed by us for which purpose and how long and according to which criteria these data are stored and whether automated decision-making including profiling is used in this context. In addition, you have the right to know which recipients or categories of recipients your data have been or will be disclosed to; in particular in the case of recipients in third countries or international organizations. In this case, you also have the right to be informed about appropriate safeguards in connection with the transfer of your personal data.

In addition to the right to complain to the supervisory authority and the right to information about the origin of your data, you have the right to erasure, rectification, as well as the right to restriction for or the right to object to processing of your personal data.

In all the above cases, you have the right to request from the data processor a free copy of your personal data processed by us. For any additional copies that you request or that go beyond the data subject’s right to information, we are entitled to charge a reasonable administrative fee.

7.2 The right to rectification (Art. 16 DS-GVO).

You have the right to request the immediate rectification of your inaccurate personal data and, taking into account the purposes of the processing, to request the completion of incomplete personal data, including by means of a supplementary declaration.

If you wish to exercise the right to rectification, you may contact our data protection officer or the controller at any time.

7.3 The right to erasure (Art. 17 DS-GVO)

You have the right to request the immediate deletion of your data (“right to be forgotten”) in particular if the storage of the data is no longer necessary, you revoke your consent to data processing, your data has been processed unlawfully or has been collected unlawfully and there is a legal obligation to delete it under EU or national law.

However, the right to be forgotten does not apply if there is an overriding right to freedom of expression or freedom of information, the storage of data is necessary for the fulfillment of a legal obligation (e.g., retention obligations), archiving purposes conflict with the deletion or the storage serves to assert, exercise or defend legal claims.

7.4 The right to restriction (Art. 18 DS-GVO)

You have the right to request restriction of the processing of your data by the controller if the accuracy of the data is disputed by you, the processing is unlawful, you refuse the erasure of your personal data and instead request restriction of the processing, if the necessity for the purpose of processing ceases to apply or you have objected to the processing pursuant to Article 21(1), as long as it has not yet been determined whether legitimate grounds on our part override yours.

7.5 The right to data portability (Article 20 DS-GVO).

You have the right to the portability of your personal data, which you have provided to our company in a common format, so that you can have your personal data forwarded to another responsible party without hindrance, provided, for example, that consent has been given on your part and the processing is carried out by means of an automated procedure.

7.6 The right to object (Art. 21 DS-GVO).

You have the right to object at any time to the collection, processing or use of your personal data for purposes of direct marketing or market and opinion research, as well as general business-like data processing, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms.

In addition, you cannot exercise your right to object if a legal provision provides for the collection, processing or use of the data or obliges the collection, processing or use.

7.7 Right of appeal to the data protection supervisory authority (Art. 77 DS-GVO in conjunction with § 19 BDSG).

You are granted the right to complain to the competent supervisory authority if you believe that there has been a breach in the processing of your personal data.

7.8 Right to revoke consent granted under data protection law (Art. 7 (3) DS-GVO)

You may revoke a granted consent for the processing of your personal data at any time and without giving reasons. This also applies to the revocation of declarations of consent that was given to us before the EU General Data Protection Regulation came into force.

8. Legal basis of processing

When processing personal data for which we obtain the consent of the data subject, Article 6 (1), sentence 1 a) of the General Data Protection Regulation (GDPR) serves as the legal basis.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1, sentence 1 b) (DSGVO) serves as the legal basis. This provision also covers processing operations that are necessary for the performance of pre-contractual measures.

If processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 para. 1, sentence 1 c) (DSGVO) serves as the legal basis.

If processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6 (1) sentence 1 f) (DSGVO) serves as the legal basis for the processing. The legitimate interest of our company lies in the performance of our business activities as well as in the analysis, optimization and maintenance of the security of our online offer.

9. Transfer of data to third parties

We generally do not sell or lend user data. A transfer to third parties beyond the scope described in this privacy policy only takes place if this is necessary for the processing of the respective requested service.

We only transfer data if there is a legal obligation to do so. This is the case if government institutions (e.g. law enforcement agencies) request information in writing or if a court order exists.

A transfer of personal data to so-called third countries outside the EU / EEA area does not take place.

10. Legal or contractual requirements for the provision of personal data and possible consequences of failure to provide such data

We hereby point out that the provision of personal data in certain cases (e.g. tax regulations) is required by law or may result from contractual regulations (e.g. information on/of the contractual partner). For example, it may be necessary for the conclusion of a contract that the data subject/contractual partner must provide his/her personal data so that his/her request (e.g. order) can be processed by us at all. An obligation to provide personal data arises primarily when a contract is concluded. Should no

personal data be provided in this case, the contract with the data subject cannot be concluded. Before providing personal data by the data subject, the data subject may contact our data protection officer or the controller. The data protection officer or the controller will then inform the data subject whether the provision of the required personal data is required by law or contract or necessary for the conclusion of the contract and whether an obligation arises from the concerns of the data subject to provide the personal data or what the consequences are for the data subject of not providing the requested data.

11. Existence of automated decision-making

As a responsible company, we do not use automated decision-making or profiling in our business relationships.