Rosenheimer Straße 226
81669 Munich
Germany
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data includes all data that can personally identify you. Detailed information on the subject of data protection can be found in our privacy policy listed below this text.
⸻
Data processing on this website is carried out by the website operator. You can find their contact details in the section “Information About the Responsible Party” in this privacy policy.
Some data is collected when you provide it to us. This may include, for example, data you enter into a contact form.
Other data is collected automatically or with your consent when you visit the website. This primarily includes technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter the website.
Some of the data is collected to ensure the website functions properly. Other data may be used to analyze your user behavior. If the website allows for contracts to be initiated or concluded, the data you provide may also be used for contract offers, orders, or other inquiries.
You have the right to receive information about the origin, recipient, and purpose of your stored personal data at any time, free of charge. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you may revoke this consent at any time for the future. Furthermore, you have the right, under certain circumstances, to request the restriction of the processing of your personal data. You also have the right to lodge a complaint with the competent supervisory authority.
You can contact us at any time regarding this or any other questions related to data protection.
When you visit this website, your browsing behavior may be statistically evaluated. This is mainly done using so-called analytics programs.
You can find detailed information about these analytics programs in the privacy policy below.
We host the content of our website with the following provider:
The provider is Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter referred to as Webflow). When you visit our website, Webflow collects various log files, including your IP address.
Webflow is a tool for creating and hosting websites. Webflow stores cookies or other recognition technologies that are necessary for displaying the website, providing specific functions, and ensuring security (essential cookies).
For more details, please refer to Webflow’s privacy policy:
https://webflow.com/legal/eu-privacy-policy
The use of Webflow is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the most reliable presentation of our website. Where consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) as defined by the TDDDG. Consent can be revoked at any time.
Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. Details can be found here:
https://webflow.com/legal/eu-privacy-policy
Webflow is certified under the EU-U.S. Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards when processing data in the USA. Every company certified under the DPF commits to complying with these data protection standards. More information is available from the provider here:
https://www.dataprivacyframework.gov/participant/6365
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations and this privacy policy.
When you use this website, various personal data is collected. Personal data is any data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this happens.
We would like to point out that data transmission over the internet (e.g., communication via email) may have security vulnerabilities. A complete protection of data from access by third parties is not possible.
The party responsible for data processing on this website is:
Kajetan A. Uhlig
Rosenheimer Straße 226
81669 Munich
Email: dpo@uhlig.capital
The responsible party is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).
Unless a more specific retention period is stated in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you make a valid deletion request or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, deletion will occur after those reasons cease to apply.
If you have consented to data processing, we process your personal data based on Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, if special categories of data under Art. 9(1) GDPR are processed. In the case of explicit consent to the transfer of personal data to third countries, processing is also based on Art. 49(1)(a) GDPR. If you consented to the storage of cookies or access to information on your device (e.g., via device fingerprinting), processing is also based on § 25(1) TDDDG. Consent can be revoked at any time.
If your data is required to fulfill a contract or for pre-contractual measures, we process it based on Art. 6(1)(b) GDPR. If the processing is necessary to comply with a legal obligation, we process your data based on Art. 6(1)(c) GDPR. Data processing may also be based on our legitimate interest under Art. 6(1)(f) GDPR. The specific legal basis for each individual case is explained in this privacy policy.
We also use tools from companies based in countries that are not considered secure under data protection law, as well as U.S. tools from providers not certified under the EU-U.S. Data Privacy Framework (DPF). If these tools are active, your personal data may be transferred to and processed in these countries. We point out that in such countries, a level of data protection comparable to the EU cannot be guaranteed.
The USA is generally considered a secure third country, provided the data recipient is certified under the DPF or provides suitable additional guarantees. You will find details on third-country transfers and recipients in this privacy policy.
As part of our business operations, we work with various external parties. This may involve transferring personal data to such external parties. We only share personal data if it is necessary for contract fulfillment, if required by law (e.g., to tax authorities), if we have a legitimate interest under Art. 6(1)(f) GDPR, or if another legal basis allows the data transfer. If processors are involved, data is shared only under a valid data processing agreement. In the case of joint processing, a joint controller agreement is concluded.
Many data processing operations are only possible with your explicit consent. You may revoke consent at any time. The legality of data processing up to the time of revocation remains unaffected.
IF DATA PROCESSING IS BASED ON ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS.
IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR IF THE PROCESSING SERVES TO ASSERT, EXERCISE, OR DEFEND LEGAL CLAIMS (OBJECTION UNDER ART. 21(1) GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT TO SUCH PROCESSING AT ANY TIME; THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION UNDER ART. 21(2) GDPR).
In the event of violations of the GDPR, you have the right to lodge a complaint with a supervisory authority, particularly in the member state of your habitual residence, your workplace, or the location of the alleged violation. This right exists without prejudice to other administrative or judicial remedies.
You have the right to receive data that we process automatically based on your consent or in fulfillment of a contract in a commonly used, machine-readable format. If you request that the data be transferred directly to another controller, this will only be done to the extent technically feasible.
Within the scope of applicable legal provisions, you have the right to access your stored personal data, its origin and recipient, and the purpose of data processing at any time free of charge. You also have the right to rectification or deletion of this data. You can contact us at any time regarding this or any other questions about personal data.
You have the right to request the restriction of the processing of your personal data. You can contact us at any time to do so. The right to restriction of processing applies in the following cases:
If you have restricted the processing of your personal data, such data – apart from storage – may only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
For security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the change in the browser’s address line from “http://” to “https://” and by the lock symbol in your browser bar.
When SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties.
If you are required to provide payment details (e.g., account number for direct debit) after entering into a paid contract, this data is necessary for payment processing.
Payment transactions using standard payment methods (Visa/MasterCard, direct debit) are carried out exclusively via encrypted SSL or TLS connections. You can recognize an encrypted connection by the change in the browser’s address line from “http://” to “https://” and by the lock symbol in your browser bar.
With encrypted communication, the payment data you transmit to us cannot be read by third parties.
Our websites use so-called “cookies.” Cookies are small data packets that do not harm your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted after your visit ends. Persistent cookies remain on your device until you delete them yourself or your web browser automatically deletes them.
Cookies can be set by us (first-party cookies) or by third-party companies (third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g., cookies for processing payment services).
Cookies serve various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g., shopping cart functionality or video display). Other cookies may be used to analyze user behavior or for advertising purposes.
Cookies that are necessary for electronic communication, the provision of specific functions you desire (e.g., shopping cart), or the optimization of the website (e.g., measuring the web audience) are stored based on Art. 6(1)(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies to ensure the technically error-free and optimized provision of its services. Where consent to the storage of cookies or similar recognition technologies has been requested, processing is carried out exclusively on the basis of that consent (Art. 6(1)(a) GDPR and § 25(1) TDDDG); consent may be withdrawn at any time.
You can configure your browser to notify you when cookies are set and to allow cookies only in individual cases, exclude the acceptance of cookies for specific cases or in general, and activate automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.
You can find out which cookies and services are used on this website in this privacy policy.
Our website uses Cookiebot’s consent technology to obtain your permission to store specific cookies on your device or to use certain technologies in a privacy-compliant manner. The provider of this technology is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter “Cookiebot”).
When you access our website, a connection to Cookiebot’s servers is established to obtain your consents and other declarations regarding cookie usage. Cookiebot then stores a cookie in your browser to be able to associate the consents granted or their withdrawal. The data collected in this way is stored until you request deletion, delete the Cookiebot cookie yourself, or the purpose for storage no longer applies. Mandatory statutory retention obligations remain unaffected.
Cookiebot is used to obtain legally required consents for the use of cookies. The legal basis is Art. 6(1)(c) GDPR.
When you send us inquiries via the contact form, your details from the form—including the contact information you provide—are stored for the purpose of processing the inquiry and in case of follow-up questions. This data is not shared without your consent.
The processing of this data is based on Art. 6(1)(b) GDPR if your request is related to contract performance or is required for pre-contractual actions. In all other cases, the processing is based on our legitimate interest in effectively handling inquiries (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR), if requested; consent can be withdrawn at any time.
The data you enter into the contact form remains with us until you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., once your inquiry has been fully processed). Mandatory statutory provisions—especially retention periods—remain unaffected.
If you contact us via email, telephone, or fax, your inquiry, including any personal data resulting from it (e.g., name, inquiry), will be stored and processed by us for the purpose of handling your request. This data will not be shared without your consent.
Processing is based on Art. 6(1)(b) GDPR if your inquiry relates to contract performance or pre-contractual measures. In all other cases, the processing is based on our legitimate interest in efficiently handling inquiries (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR), if applicable; consent may be withdrawn at any time.
The data sent via contact inquiries will remain with us until you request deletion, revoke your consent, or the purpose for storing the data no longer applies. Statutory retention obligations remain unaffected.
We use Google Forms on this website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter “Google”).
Google Forms allows us to create online forms to collect messages, inquiries, and other inputs from website visitors in a structured manner. All inputs are processed on Google’s servers. Google Forms stores a cookie in your browser containing a unique ID (NID cookie), which stores settings such as your preferred language.
The use of Google Forms is based on our legitimate interest in capturing your inquiry in a user-friendly way (Art. 6(1)(f) GDPR). If consent was requested, processing is based exclusively on Art. 6(1)(a) GDPR and § 25(1) TDDDG, if this includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) under the TDDDG. Consent can be revoked at any time.
The data you enter into the form remains with us until you request deletion, revoke your consent, or the purpose for data storage no longer applies. Legal retention obligations remain unaffected.
More information is available in Google’s privacy policy: https://policies.google.com/
Google is certified under the EU-U.S. Data Privacy Framework (DPF). For more info, see:
https://www.dataprivacyframework.gov/participant/5780
We use chatbots to communicate with you. Chatbots can respond to your queries and inputs without human assistance. They analyze your inputs and may also process other data (e.g., name, email address, contact info, customer numbers, chat history). The chatbot may also capture your IP address, log files, location data, and other metadata. This data is stored on the chatbot provider’s servers.
User profiles may be created from the collected data. The data may also be used to serve interest-based advertising, provided legal requirements (especially consent) are met. Chatbots may be linked to analytics and advertising tools.
The data may also be used to improve the chatbot’s responses (machine learning).
Your communication data remains with us or the chatbot provider until you request deletion, revoke consent, or the purpose for storing the data no longer applies. Legal retention obligations remain unaffected.
The legal basis is Art. 6(1)(b) GDPR if the chatbot is used for contract-related purposes. If consent is requested, the processing is based solely on Art. 6(1)(a) GDPR and § 25(1) TDDDG (e.g., device fingerprinting); consent is revocable at any time. Otherwise, the legal basis is our legitimate interest in efficient communication (Art. 6(1)(f) GDPR).
We use Hubspot CRM on this website. The provider is Hubspot Inc., 25 Street, Cambridge, MA 02141, USA (hereinafter “Hubspot CRM”).
Hubspot CRM helps us manage current and potential customers and contacts. It allows us to record, sort, and analyze customer interactions across channels such as email, social media, and phone. The collected personal data can be evaluated and used for communication or marketing (e.g., newsletters). Hubspot CRM also allows us to track user behavior on our website.
The use of Hubspot CRM is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in efficient customer management and communication. If consent is requested, data is processed only on the basis of Art. 6(1)(a) GDPR and § 25(1) TDDDG (e.g., device fingerprinting); consent can be revoked at any time.
Details: https://legal.hubspot.com/de/privacy-policy
Data transfer to the U.S. is based on EU Commission’s Standard Contractual Clauses. Details:
https://www.hubspot.de/data-privacy/privacy-shield
Hubspot is certified under the EU-U.S. Data Privacy Framework. Info:
https://www.dataprivacyframework.gov/participant/5812
You can register on this website to access additional features. The data entered during registration is used only for the purpose of using the respective offer or service. Required fields must be completed; otherwise, registration will be refused.
We use the email address provided during registration to notify you of important updates or technical changes.
Processing is based on Art. 6(1)(b) GDPR, for fulfilling the usage relationship or initiating further contracts.
Your registration data is stored as long as you are registered and deleted afterward. Legal retention requirements remain unaffected.
Instead of registering directly, you can register using Google. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
To register via Google, you only need to enter your Google name and password. Google will authenticate you and confirm your identity to our site.
We may use certain information from your Google account to complete your profile, depending on your Google security settings:
https://myaccount.google.com/security
https://myaccount.google.com/permissions
This processing is based on our legitimate interest in offering users a simple registration process (Art. 6(1)(f) GDPR). Since usage is voluntary and access settings are controlled by users, there are no overriding interests to the contrary.
Google is certified under the EU-U.S. Data Privacy Framework. More info:
https://www.dataprivacyframework.gov/participant/5780
Let me know if you want this adapted for legal review, a public-facing privacy page, or if you’d like the next section translated.
This website uses features of the web analytics service Google Analytics, provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyze the behavior of website visitors. In doing so, the operator receives various usage data such as page views, time spent on pages, operating systems used, and user origin. These data may be compiled into a user ID and assigned to the visitor’s device.
Additionally, Google Analytics can track mouse movements, scroll behavior, and clicks. It also employs modeling techniques to enhance the collected data and uses machine learning technologies for analysis.
Google Analytics uses technologies that enable user recognition for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting). The information collected by Google about your use of this website is typically transmitted to and stored on a Google server in the USA.
Use of this service is based on your consent in accordance with Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent may be revoked at any time.
Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses. Details here:
https://privacy.google.com/businesses/controllerterms/mccs/
Google is certified under the EU-U.S. Data Privacy Framework (DPF). More information:
https://www.dataprivacyframework.gov/participant/5780
IP anonymization is activated on this website. This means that Google shortens your IP address within the member states of the European Union or in other countries that are party to the Agreement on the European Economic Area before transmission to the USA. Only in exceptional cases is the full IP address sent to a Google server in the USA and shortened there. On behalf of the website operator, Google will use this information to evaluate your use of the website, compile reports on website activity, and provide other services related to website and internet use. The IP address transmitted by your browser within the scope of Google Analytics will not be merged with other Google data.
You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=de
More information on how Google Analytics handles user data can be found in Google’s privacy policy:
https://support.google.com/analytics/answer/6004245?hl=de
We use Google Signals. When you visit our website, Google Analytics collects your location, search history, YouTube history, and demographic data (visitor data), among other things. These can be used for personalized advertising via Google Signals. If you have a Google account, Google may link this data to your account and use it for personalized advertising. The data may also be used to create anonymized statistics about user behavior on our website.
We have entered into a data processing agreement with Google and fully comply with the strict requirements of the German data protection authorities when using Google Analytics.
This website uses Microsoft Advertising, an online advertising service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
Microsoft Advertising allows us to display ads in the Bing search engine or on third-party websites when users enter specific search terms in Bing (keyword targeting). Targeted ads may also be shown based on user data stored by Microsoft (e.g., location data and interests – audience targeting). As the website operator, we can analyze this data to determine which search terms triggered the display of our ads and how many clicks those ads received.
We use Microsoft Advertising’s Universal Event Tracking (UET) on this website. Pseudonymized data is collected to track what actions you take on our website after clicking on a Microsoft ad. UET collects your IP address (in anonymized form), device IDs, device and browser settings, Microsoft Click ID (stored in a cookie), time spent on the site, which pages were visited, the ad that brought you to the site, and the clicked keyword.
Use of this service is based on your consent in accordance with Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be revoked at any time.
Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses. Details available here:
https://learn.microsoft.com/de-de/compliance/regulatory/offering-eu-model-clauses
Microsoft is certified under the EU-U.S. Data Privacy Framework (DPF). More info:
https://www.dataprivacyframework.gov/participant/6474
The website operator uses Google Ads, an online advertising program by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display ads in the Google search engine or on third-party websites when users enter specific search terms on Google (keyword targeting). Additionally, targeted ads can be shown based on user data available to Google (e.g., location data and interests – audience targeting). As the website operator, we can analyze which keywords triggered our ads and how many clicks they received.
The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be withdrawn at any time.
Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. Details:
https://policies.google.com/privacy/frameworks
https://business.safety.google/controllerterms/
Google is certified under the EU-U.S. Data Privacy Framework (DPF):
https://www.dataprivacyframework.gov/participant/5780
This website uses Google AdSense, a service for integrating advertisements. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
With Google AdSense, we can display targeted ads from third-party companies on our site. The content of the ads is based on your interests as determined by your previous user behavior. In addition, contextual information such as your location, the content of the visited website, or search terms you entered in Google may be considered when selecting relevant ads.
Google AdSense uses cookies, web beacons (invisible graphics), and similar recognition technologies to analyze traffic and interactions on the site.
The information collected by Google AdSense (including your IP address and ad delivery data) may be transferred to and stored on Google servers in the United States. Google may share this information with its partners. However, Google will not merge your IP address with other data stored about you.
The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be withdrawn at any time.
Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. Details:
https://privacy.google.com/businesses/controllerterms/mccs/
Google is certified under the EU-U.S. Data Privacy Framework (DPF):
https://www.dataprivacyframework.gov/participant/5780
This website uses Google Ads Remarketing features, provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
With Google Ads Remarketing, we can assign visitors who interact with our online offering to specific audience segments and show them interest-based ads across the Google advertising network (remarketing or retargeting).
Additionally, the audience segments created via Google Ads Remarketing can be linked with Google’s cross-device capabilities. This allows personalized ads based on your previous usage and browsing behavior on one device (e.g., smartphone) to be displayed on another device (e.g., tablet or PC).
If you have a Google account, you can opt out of personalized advertising using the following link:
https://adssettings.google.com/anonymous?hl=de
The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be withdrawn at any time.
Further details and Google’s privacy policy can be found at:
https://policies.google.com/technologies/ads?hl=de
Google is certified under the EU-U.S. Data Privacy Framework (DPF):
https://www.dataprivacyframework.gov/participant/5780
We also use Google Ads Customer Match for audience creation. In this case, we provide certain customer data (e.g., email addresses) from our customer lists to Google. If the corresponding customers are Google users and logged into their Google accounts, they will receive appropriate advertising within the Google network (e.g., YouTube, Gmail, or Google Search).
This website uses Google Conversion Tracking. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Conversion Tracking allows Google and us to determine whether users have performed certain actions. For example, we can evaluate which buttons on our website are clicked how often and which products are most frequently viewed or purchased. This information is used to create conversion statistics. We learn the total number of users who clicked on our ads and what actions they took. We do not receive any information that personally identifies users. Google uses cookies or comparable recognition technologies for this purpose.
The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You can withdraw your consent at any time.
Further information on Google Conversion Tracking can be found in Google’s privacy policy:
https://policies.google.com/privacy?hl=de
Google is certified under the EU-U.S. Data Privacy Framework (DPF):
https://www.dataprivacyframework.gov/participant/5780
This website uses the Meta Pixel for conversion tracking. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Meta, the collected data may also be transferred to the USA and other third countries.
This allows the behavior of site visitors to be tracked after they have clicked on a Meta ad and been redirected to the provider’s website. This helps evaluate the effectiveness of Meta ads for statistical and market research purposes and optimize future advertising efforts.
The data collected is anonymous to us as the website operator; we cannot draw any conclusions about the identity of the users. However, Meta stores and processes the data in such a way that a connection to the respective user profile is possible and Meta may use the data for its own advertising purposes in accordance with its data use policy:
https://de-de.facebook.com/about/privacy/
We, as the website operator, have no control over this use.
The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You can withdraw your consent at any time.
Where personal data is collected on our website using this tool and transmitted to Meta, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). This joint responsibility is limited to data collection and transmission to Meta. Further processing by Meta is not part of the joint responsibility. The obligations we share with Meta are defined in the joint processing agreement:
https://www.facebook.com/legal/controller_addendum
Meta is responsible for the security of Meta products. You can assert your data subject rights (e.g., access requests) directly with Meta. If you assert rights with us, we are obligated to forward them to Meta.
Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. Details:
https://www.facebook.com/legal/EU_data_transfer_addendum
https://de-de.facebook.com/help/566994660333381
You can also disable the “Custom Audiences” remarketing feature in the ad settings section of your Facebook account:
https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
If you do not have a Facebook or Instagram account, you can deactivate usage-based advertising from Meta via the European Interactive Digital Advertising Alliance website:
http://www.youronlinechoices.com/de/praferenzmanagement/
Meta is certified under the EU-U.S. Data Privacy Framework (DPF):
https://www.dataprivacyframework.gov/participant/4452
We use the Meta Conversion API on this website. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Meta, the collected data may also be transferred to the USA and other third countries.
The Meta Conversion API enables us to capture visitor interactions on our website and transmit them to Meta in order to improve the advertising performance on Facebook and Instagram.
Specifically, it collects the time of access, the page accessed, your IP address, your user agent, and potentially additional data (e.g., purchased products, cart value, and currency). A complete list of parameters that can be captured is available here:
https://developers.facebook.com/docs/marketing-api/conversions-api/parameters
The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You can withdraw your consent at any time.
Where personal data is collected and transmitted to Meta using this tool, we and Meta Platforms Ireland Limited are jointly responsible for this data processing (Art. 26 GDPR). This joint responsibility is limited to data collection and transmission to Meta. Further processing is the sole responsibility of Meta. Our joint responsibilities are outlined here:
https://www.facebook.com/legal/controller_addendum
Additional privacy information from Meta:
https://de-de.facebook.com/about/privacy/
You can also deactivate “Custom Audiences” in your Facebook ad settings:
https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
If you don’t have a Facebook or Instagram account, you can opt out of Meta’s usage-based ads here:
http://www.youronlinechoices.com/de/praferenzmanagement/
Meta is certified under the EU-U.S. Data Privacy Framework (DPF):
https://www.dataprivacyframework.gov/participant/4452
We use Meta Custom Audiences. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
When you visit or use our website and apps, make use of free or paid offerings, submit data to us, or interact with our Facebook or Instagram content, we collect your personal data. If you consent to the use of Meta Custom Audiences, we will transmit this data to Meta so that Meta can serve you relevant advertising. We may also define audience segments (Lookalike Audiences) using your data.
Meta processes this data as our data processor. Details can be found in Meta’s terms of use:
https://www.facebook.com/legal/terms/customaudience
The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You can withdraw your consent at any time.
Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. Details:
https://www.facebook.com/legal/terms/customaudience
https://www.facebook.com/legal/terms/dataprocessing
Meta is certified under the EU-U.S. Data Privacy Framework (DPF):
https://www.dataprivacyframework.gov/participant/4452
This website uses the LinkedIn Insight Tag, a tool provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
The LinkedIn Insight Tag allows us to gain insights into the visitors of our website. If a visitor is registered on LinkedIn, we can analyze job-related data such as career level, company size, location, industry, and job title to better target our content. We can also measure conversions (e.g., purchases or form submissions), including cross-device conversions (e.g., PC to tablet). Additionally, LinkedIn Insight Tag enables retargeting, allowing us to show tailored ads to visitors outside of our website.
LinkedIn also collects log files (URL, referrer URL, IP address, device and browser information, and access timestamp). IP addresses are shortened or hashed when used for cross-device identification. Direct identifiers are deleted after seven days, and the remaining pseudonymized data is deleted within 180 days.
The data collected cannot be linked to individual persons by us as website operators. LinkedIn stores and processes personal data on servers in the USA and uses it for its own advertising purposes. Details: https://www.linkedin.com/legal/privacy-policy#choices-oblig
If consent has been obtained, the use of the above service is based on Art. 6(1)(a) GDPR and § 25 TDDDG. Consent can be withdrawn at any time. If no consent is given, the use is based on Art. 6(1)(f) GDPR (legitimate interest in effective advertising via social media).
Data transfers to the USA are based on the EU Standard Contractual Clauses. Details:
https://www.linkedin.com/legal/l/dpa https://www.linkedin.com/legal/l/eu-sccs
LinkedIn is certified under the DPF: https://www.dataprivacyframework.gov/participant/5448
Opt-out of LinkedIn Insight Tag tracking:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
To prevent linking of LinkedIn account data with website visit data, log out of LinkedIn before visiting our website.
We use Outbrain on this website. The provider is Outbrain Inc., 39 West 13th Street, 3rd floor, New York, NY 10011, USA.
When visiting a website that includes Outbrain, a pseudonymous user profile is created, storing which content you viewed. Based on this, personalized content or ads may be displayed either on our website or on other websites using Outbrain. Data stored includes device type, IP address, browser type, visited pages, articles read, access timestamp, and device ID.
We also use the Outbrain Pixel to check whether you already have an Outbrain user ID. This helps advertisers measure campaign effectiveness.
If consent has been obtained, this service is used based on Art. 6(1)(a) GDPR and § 25 TDDDG. Consent can be withdrawn at any time. Otherwise, it is used on the basis of our legitimate interest in understanding user behavior and optimizing our web presence and advertising (Art. 6(1)(f) GDPR).
Privacy Policy: https://www.outbrain.com/legal/privacy#privacy-policy
Cookie list: https://www.outbrain.com/privacy/cookies/
Manage your Outbrain interests: https://my.outbrain.com/recommendations-settings/home
DPF Certification: https://www.dataprivacyframework.gov/participant/6439
If you would like to subscribe to the newsletter offered on this website, we require your email address and information that allows us to verify that you are the owner of the provided email address and that you consent to receiving the newsletter. No additional data is collected or only on a voluntary basis. We use newsletter service providers as described below to handle the newsletter process.
This website uses ConvertKit to send newsletters. The provider is ConvertKit, Inc., 750 West Bannock Street, Suite #761, Boise, Idaho 83701, USA (hereinafter “ConvertKit”).
ConvertKit is a service used to organize and analyze newsletter distribution. The data you enter to receive the newsletter will be stored on ConvertKit’s servers.
ConvertKit allows us to analyze our newsletter campaigns. For example, we can see whether a newsletter was opened and which links were clicked. This helps us identify which links are especially popular.
We can also track whether certain pre-defined actions occurred after the newsletter was opened or clicked (conversion tracking). For example, we can see if a purchase was made after clicking a link in the newsletter.
ConvertKit also allows us to categorize newsletter recipients (e.g., by age, gender, location) to better tailor our content. If you do not want your data analyzed by ConvertKit, you must unsubscribe from the newsletter. A corresponding link is provided in every newsletter email.
More details about ConvertKit features:
https://convertkit.com/features/email-marketing
Privacy Policy: https://convertkit.com/privacy
Processing of your data is based on your consent (Art. 6(1)(a) GDPR). You may withdraw your consent at any time with future effect.
Data is transferred to the USA based on the EU Commission’s Standard Contractual Clauses. Details:
https://convertkit.com/security
Data provided for newsletter subscription is stored until you unsubscribe. After unsubscribing, your data will be removed from the newsletter distribution list or deleted once the purpose is no longer applicable. We reserve the right to delete or block email addresses from the mailing list at our discretion based on our legitimate interests (Art. 6(1)(f) GDPR). This does not affect data stored for other purposes.
After unsubscribing, your email may be stored in a blacklist if necessary to prevent future mailings. Blacklist data is used only for this purpose and is not merged with other data. This serves both your interest and ours in complying with legal requirements (Art. 6(1)(f) GDPR). Blacklist entries are stored indefinitely unless you object and your interests outweigh ours.
ConvertKit is certified under the EU-U.S. Data Privacy Framework (DPF):
https://www.dataprivacyframework.gov/participant/9017
This site uses Google Fonts provided by Google for consistent font presentation. These fonts are installed locally, and no connection to Google’s servers is made.
For more information, see:
https://developers.google.com/fonts/faq
Google Privacy Policy: https://policies.google.com/privacy?hl=de
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on this website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
reCAPTCHA checks whether data entry on this website (e.g., in a contact form) is done by a human or an automated program. reCAPTCHA analyzes various attributes automatically as soon as the user accesses the site. This includes IP address, time spent on the site, and user interactions (mouse movements, etc.). This data is transmitted to Google.
The reCAPTCHA analysis runs entirely in the background and is not disclosed to visitors.
The data is processed based on Art. 6(1)(f) GDPR (legitimate interest in protecting the site from spam and abuse). If consent has been requested, data is processed exclusively based on Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be revoked at any time.
Further info:
Google Privacy Policy: https://policies.google.com/privacy?hl=de
Google Terms: https://policies.google.com/terms?hl=de
Google is certified under the EU-U.S. Data Privacy Framework (DPF):
https://www.dataprivacyframework.gov/participant/5780
We use ChatGPT for customer communication. The provider is OpenAI, 3180 18th St, San Francisco, CA 94110, USA – https://openai.com.
We use ChatGPT integrated with tools such as:
If you initiate a conversation via our website and ChatGPT is active, your input and associated metadata are transmitted to ChatGPT’s servers and processed to generate appropriate responses.
We have configured ChatGPT such that any personal data you provide is not used to train ChatGPT’s algorithms.
The use of ChatGPT is based on Art. 6(1)(f) GDPR (legitimate interest in efficient communication using modern technologies). If consent has been requested, processing is based exclusively on Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent may be revoked at any time.
Privacy Policy: https://openai.com/policies/privacy-policy
We collect, process, and use personal customer and contract data for the establishment, content design, and modification of our contractual relationships. We collect, process, and use personal data regarding the use of this website (usage data) only to the extent necessary to enable the user to utilize the service or for billing purposes. The legal basis for this is Art. 6 (1) lit. b GDPR.
The collected customer data will be deleted after completion of the order or termination of the business relationship and expiration of any applicable legal retention periods. Legal retention periods remain unaffected.
We transmit personal data to third parties only if it is necessary in the context of contract processing—for example, to the financial institution tasked with payment processing.
Any further transmission of data will not occur or will only occur if you have expressly consented to the transmission. Your data will not be passed on to third parties without your explicit consent, for example, for advertising purposes.
The basis for data processing is Art. 6 (1) lit. b GDPR, which permits data processing for the fulfillment of a contract or pre-contractual measures.
For purchases on account or other payment methods where we provide advance services, we may carry out a credit check (scoring). To this end, we transmit the data you enter (e.g., name, address, age, or bank details) to a credit agency. Based on this data, the probability of a payment default is calculated. In the event of an excessive payment default risk, we may refuse the relevant payment method.
The credit check is based on the need to fulfill a contract (Art. 6 (1) lit. b GDPR) and our legitimate interest in avoiding payment defaults (Art. 6 (1) lit. f GDPR). If consent has been obtained, the credit check is carried out based on that consent (Art. 6 (1) lit. a GDPR); consent can be revoked at any time.
We integrate payment services from third-party companies on our website. When you make a purchase with us, your payment data (e.g., name, payment amount, account details, credit card number) is processed by the payment service provider for the purpose of payment processing. For these transactions, the respective providers’ contractual and privacy policies apply. The use of payment service providers is based on Art. 6 (1) lit. b GDPR (contract processing) and our legitimate interest in providing a smooth, convenient, and secure payment process (Art. 6 (1) lit. f GDPR). If your consent is requested for specific actions, the legal basis for data processing is Art. 6 (1) lit. a GDPR; consent can be revoked at any time for the future.
We use the following payment services/providers on this website:
Provider for customers within the EU is Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (“Stripe”).
Data transfers to the USA are based on the EU Commission’s standard contractual clauses. Details can be found here: https://stripe.com/en/privacy and https://stripe.com/en/guides/general-data-protection-regulation.
You can find further information in Stripe’s privacy policy at: https://stripe.com/en/privacy.
This payment service is provided by Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium (“Mastercard”).
Mastercard may transfer data to its parent company in the USA. Data transfer to the USA is based on Mastercard’s Binding Corporate Rules. Details can be found here: https://www.mastercard.de/en/privacy.html and https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf.
For communication with our customers, we use online conferencing tools. The specific tools we use are listed below. If you communicate with us via video or audio conference over the internet, your personal data will be collected and processed by us and the provider of the respective conferencing tool.
The conferencing tools collect all data you provide to use the tools (e.g., email address and/or phone number). Additionally, the tools process the duration of the conference, start and end times of participation, number of participants, and other “context information” related to the communication process (metadata).
Furthermore, the tool provider processes all technical data required to conduct the online communication. This includes IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.
If content is exchanged, uploaded, or otherwise provided within the tool, it is also stored on the servers of the tool providers. This includes cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared during the use of the service.
Please note that we do not have full control over the data processing activities of the tools used. Our influence is primarily based on the policies of each provider. For further details on data processing by the conferencing tools, please refer to the privacy policies of the respective providers listed below.
The conferencing tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 (1) lit. b GDPR). The use of these tools also serves to generally simplify and accelerate communication with us (legitimate interest according to Art. 6 (1) lit. f GDPR). Where consent is requested, the use of the respective tools is based on that consent; this consent may be revoked at any time with future effect.
Data collected directly by us via video and conferencing tools is deleted from our systems once you request its deletion, revoke your consent to storage, or the purpose for data storage no longer applies. Stored cookies remain on your device until deleted. Mandatory legal retention periods remain unaffected.
We have no influence over the storage duration of your data processed by the operators of the conferencing tools for their own purposes. For details, please contact the tool providers directly.
We use the following conferencing tools:
We use Google Meet. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
For details on data processing, see Google’s privacy policy: https://policies.google.com/privacy?hl=en.
The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the United States to ensure compliance with European data protection standards in data processing in the U.S. Each company certified under the DPF is committed to adhering to these data protection standards.
More information is available from the provider at: https://www.dataprivacyframework.gov/participant/5780
