Privacy policy | Data protection as a quality feature

Thank you for visiting our website and for your interest in our company. We see data protection as a customer-oriented quality feature. The protection of your personal data and the protection of your personal rights are important to us.

With this privacy policy, we would like to inform all visitors to our website transparently about the type, scope and purpose of the personal data we collect, use and process and to inform you about your rights.

It is generally possible to use our website without providing personal data. However, if you make use of our company’s services via our website, it may be necessary to process your personal data.

The data collected automatically when you visit our website or the personal data you enter when using our services are processed in accordance with the current statutory provisions on the protection of personal data.

If it is necessary to process your personal data and there is no legal basis for such processing, we always obtain your consent for the required purpose of processing.

As the company responsible for processing, we have defined technical and organizational measures to ensure the highest possible level of protection for your personal data.

However, we would like to point out that data transmission via the World Wide Web can generally be subject to security vulnerabilities.

If you would like to make use of our company’s services and do not wish to use data transmission via the World Wide Web for this purpose, you also have the option of contacting us by telephone.

1. Contact details of the controller responsible for processing

The controller within the meaning of the General Data Protection Regulation is

Company:
becon GmbH

Street: Hauptstraße 8b
Postcode/location: 82008 Unterhaching
Phone: 089 608668-0
E-mail: info@becon.de

Appointed as data protection officer:

Mr. Stephan Hartinger
Coseco GmbH
Phone: 08232 80988-70
E-mail: datenschutz@coseco.de

2. Collection of general access information

Each time you visit our website, server log file information that your browser transmits to us is automatically collected. These are

1. IP address (Internet Protocol address) of the accessing computer

2. the website from which you visit us (referrer)

3. the website you visit on our site

4. the date and duration of the visit

5. browser type and browser settings

6. operating system

We would like to point out that this data cannot be assigned to a specific person. We use this technical access information exclusively for the following purposes:

1. to improve the attractiveness and usability of our websites,
2. to recognize technical problems on our website at an early stage
3. to deliver the content of our website correctly
4. and to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack.

This data is stored for a maximum of 7 days as a technical precaution to protect the data processing systems against unauthorized access.

3. Collection and disclosure of personal data

Personal data is information that can be used to identify a person, i.e. information that can be traced back to a person. This includes the name, e-mail address or telephone number. However, personal data also includes data about preferences, hobbies, memberships or which websites have been viewed by someone. Personal data is only collected, used and passed on by the provider if this is permitted by law or if the user consents to the collection of data. We only use your personal data for the purposes stated on this data protection information page.

The following input masks exist on our website for the collection of personal data:

3.1 Registration on our website

You can use the following registration options on our website:

* Blog comment function
* Transmission of application documents
* Recruiting
* Contact form

3.1.1 Blog comment function

We offer you a blog on our website and the opportunity to leave individual comments on individual blog posts. A blog is a portal on a website, usually open to the public, in which one or more people, called bloggers, can post articles or write down thoughts in so-called blog posts. The blog posts can usually be commented on by you.

If you leave a comment on our blog, in addition to the comments left by the person concerned, information about the time of the comment entry and the user name (pseudonym) chosen by the person concerned will also be stored and published. Furthermore, your IP address is also logged. The IP address is stored for security reasons and in case a comment violates the rights of third parties or illegal content is posted. The storage of this personal data is therefore in our own interest so that we can provide evidence in the event of an infringement. This collected personal data will not be passed on to third parties unless such a transfer is required by law or serves the purpose of legal defense.

Subscription to comments in the blog on the website

The comments posted on our blog can be subscribed to by third parties.

If you choose the option to subscribe to comments, we will send an automatic confirmation email to check whether the owner of the email address provided has actually opted for this option (double opt-in). The option to subscribe to comments can be canceled at any time.

To subscribe to the blog, we need the following information from you:

1. e-mail address

3.1.2 Transmission of application documents

In the course of your application (online application or by email), we collect and process various personal application data.

This includes in particular your

* Contact information (name, address, telephone number and e-mail)
* Application documents (letter of application, CV, certificates or other proof of training and qualifications)

3.1.3 Recruiting

We offer you the opportunity to use our online application form on our website, which you can use to apply to us.

In order to be able to respond to your application, we need the following information from you:

1. first and last name
2. e-mail address
3. curriculum vitae
4. cover letter
5. certificates

The data listed here will be used exclusively for the application process.

If we have received your e-mail address in connection with job vacancies or via the application form and you have not objected to this, we reserve the right to contact you about similar job vacancies.

In the context of an online application via the application form, the transmission takes place exclusively via an encrypted page in accordance with the currently recognized state of the art, so that your personal data and your application documents are protected against manipulation and unauthorized access.

After sending, you will receive an e-mail confirming receipt of your application documents.

Your personal application data is collected and processed exclusively for the purpose of filling vacancies within our company. Your data will only be forwarded to the internal departments and specialist departments of our company responsible for the specific application process. Your personal application data will not be passed on to other companies without your prior express consent. Your application data will not be used for any other purpose or passed on to third parties.

Your personal application data will be deleted automatically three months after the application process has been completed. This does not apply if statutory provisions prevent deletion, if further storage is necessary for the purpose of providing evidence or if you have expressly consented to longer storage, e.g. for future job advertisements.

If an employment contract is concluded with an applicant, the data transmitted will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions.

3.1.4 Contacting us by e-mail or contact form

On our website, we offer you the option of contacting us by email and/or via a contact form.

If you contact us by email or via a contact form, the personal data you provide will be stored automatically.

Such personal data transmitted to us by you on a voluntary basis will be stored for the purpose of processing your inquiry or contacting the person concerned. This personal data will not be passed on to third parties.

4. what are cookies used for?

COOKIE POLICY

What are cookies?

Cookies are small text files that are created by a website during your visit. They store information that could be useful for further navigation on the website. This means that your information is retained even if you switch to another page and your use of the website can be analyzed.

By using our website, you consent to the use and storage of cookies on your end device. However, you can also view our website without cookies.

We recommend that you leave cookies switched on, as otherwise you could miss out on a lot of information. Most browsers accept cookies automatically.

Manage cookies

You have the option of controlling and, if necessary, preventing the acceptance of cookies yourself by configuring your browser.

We would like to point out that changes to settings only ever affect the respective browser. If you use different browsers or change your end device, you will have to make the settings again. You can also delete cookies from your storage medium at any time. For information on cookie settings, how to change them and how to delete cookies, please refer to the help function of your web browser.

Below you will find links to the setting options of the most common browsers:

Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies

Chrome: https://support.google.com/chrome/answer/95647?hl=de

Safari: http://support.apple.com/kb/PH5042

Opera: http://help.opera.com/Linux/9.00/de/cookies.html

You can set many online ad cookies from companies via the US site

http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/uk/yourad-choices/

The most common types of cookies are explained below for your understanding:

1. Session cookies

While you are active on a website, a session cookie is temporarily stored in your computer’s memory, in which a session identifier is stored, e.g. to prevent you from having to log in again each time you change pages. Session cookies are deleted when you log out or lose their validity as soon as your session has automatically expired.

2. Permanent or protocol cookies

A permanent or protocol cookie stores a file on your computer for the period specified in the expiration date. These cookies allow websites to remember your information and settings on your next visit. This leads to faster and more convenient access, as you do not have to set your language preferences for our portal again, for example. Once the expiration date has passed, the cookie is automatically deleted when you visit the website that generated it.

3. Third-party cookies

Third-party cookies originate from providers other than the operator of the website. They can be used, for example, to collect information for advertising, user-defined content and web statistics.

4. Flash cookies

Flash cookies are stored as data elements of websites on your computer if they are operated with Adobe Flash. Flash cookies have no time limit.

The following cookies are used on this website:

5. Application and use of tracking and analysis tools and social plugins

5.1 Google Tag Manager

We use Google Tag Manager, which is provided by Google Inc. In Europe, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. Google Tag Manager is a tool for organizing, integrating and managing website tags via a user interface. These tags originate from other Google products such as Google Ads or Google Analytics and are small JavaScript code sections. They are used to record (track) your activities on our website.

We use various tracking and marketing tools to optimize our website for you. The data collected by these tools shows us which content you are most interested in, where we can improve our services and which target group we should address. To enable this tracking, corresponding code sections must be integrated into our website.

The Google Tag Manager itself does not set any cookies and does not store any data. It merely serves as an “administrator” for the implemented tags. The data collected by the individual tags of the various web analysis tools is only forwarded to the corresponding tools and is not stored there. Information on the storage, processing, prevention of storage and deletion of data from the individual analysis and tracking tools we use can also be found in our privacy policy.

In order to use Google Tag Manager, we need your consent, which we obtain via our cookie pop-up. In accordance with Art. 6 para. 1 lit. a GDPR, this consent forms the legal basis for the processing of personal data that may occur when collected by web analytics tools. In addition to consent, we have a legitimate interest in analyzing the behavior of visitors to our website in order to improve our offer technically and economically. The legal basis for this is Art. 6 para. 1 lit. f GDPR. For more information about the Google Tag Manager, we recommend the FAQs at

https://support.google.com/tagmanager/?hl=de#topic=3441530.

5.2 Google Analytics

This website uses Google Analytics, a web analysis service of Google Inc (“Google”). Google Analytics uses so-called “cookies”, text files which are stored on the user’s computer and which enable the use of the website to be analyzed. The information generated by the cookie about the use of this website by users is generally transmitted to a Google server in the USA and stored there.

However, if IP anonymization is activated on this website, Google will truncate the IP address of users within member states of the European Union or other parties to the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. IP anonymization is active on this website. On behalf of the operator of this website, Google will use this information to evaluate the use of the website by users, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator.

The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. Users may refuse the use of cookies by selecting the appropriate settings on their browser, however please note that if you do this you may not be able to use the full functionality of this website. Users can also prevent Google from collecting the data generated by the cookie and relating to their use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

Further information on the use of data for advertising purposes by Google, setting and objection options can be found on the Google websites: https://www.google.com/intl/de/policies/privacy/partners (“Data use by Google when you use our partners’ websites or apps”), http://www.google.com/policies/technologies/ads (“Use of data for advertising purposes“), http://www.google.de/settings/ads (“Manage information that Google uses to show you advertising”) and http://www.google.com/ads/preferences (“Determine which advertising Google shows you”).

As an alternative to the browser add-on or within browsers on mobile devices, please click this link to prevent Google Analytics from collecting data on this website in the future. An opt-out cookie will be stored on your device. If you delete your cookies, you must click this link again.

The following tracking and analysis tools are used:

* Google Analytics Dashboard for WP (GADWP)

* Slimstat Analytics

* Slimstat Analytics – Custom DB

* Slimstat Analytics – Heatmap

* Download Monitor

* Email before Download

* Email Subscribers & Newsletters

Purposes of data processing: The provider (or its web space provider) collects data about every access to the website (so-called server log files). The provider uses the log data only for statistical evaluations for the purpose of operation, security and optimization of the offer. However, the provider reserves the right to check the log data retrospectively if there is a justified suspicion of unlawful use based on concrete evidence.

Type of data: The access data includes: Name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.

The legal basis for data processing is Art. 6 GDPR

The user has the right, upon request and free of charge, to receive information about the personal data that has been stored about them. In addition, the user has the right to rectification of incorrect data, blocking and erasure of their personal data, insofar as this does not conflict with any statutory retention obligation. Please contact the above addresses in this regard.

5.3 Matomo

We use Matomo, an analysis software for websites, on our website. The service provider is the New Zealand company InnoCraft Ltd, 7 Waterloo Quay PO625, 6140 Wellington, New Zealand. You can find out more about the data processed through the use of Matomo in the privacy policy at https://matomo.org/privacy-policy/. You can send questions about data protection by e-mail to privacy@matomo.org

5.4 Google Ads and Google Ads Conversion-Tracking

We use Google Ads (formerly Google AdWords) as an online marketing measure to advertise our products and services. Therefore, the conversion tracking tool from Google Inc. is used on our website. In Europe, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. This tracking tool allows us to better tailor our advertising offers to your interests and needs.

A conversion occurs when you click on our ad in your Google search and then perform another action, such as visiting our website. We use the Google conversion tracking tool to record what happens after you click on our Google Ads ad.

The conversion tracking tool allows us to see which keywords, ads, ad groups and campaigns lead to the desired customer actions. No personal data is collected in the process. This conversion data enables us to measure the success of individual advertising measures and consequently to optimize our online marketing activities. The data obtained also enables us to tailor our website more interestingly and individually to your needs.

We have integrated a conversion code section on our website. If you click on one of our Google Ads ads, the “Conversion” cookie from a Google domain is stored in your browser. This recognizes when you complete an action on our website and saves your action as a conversion. The cookie is read and the conversion data is sent back to Google Ads. For ads that Google shows in various places on the web, cookies with the names “_gads” or “_gac” may be set under our domain.

In most cases, conversion cookies expire after 30 days. The cookies with the names “Conversion” and “_gac” have a duration of 3 months.

You can decide at any time not to participate in Google Ads conversion tracking. If you deactivate the Google conversion tracking cookie in your browser, you will prevent conversion tracking. In this case, you will not be included in the statistics of the tracking tool. You can change the cookie settings in your browser at any time. The exact procedure varies depending on the browser. You will find corresponding links to instructions for the most common browsers in the “Cookies” section.

Legal basis

If you have consented to the use of Google Ads conversion tracking, the corresponding data processing is based on this consent. This consent forms the legal basis for the processing of personal data in accordance with Art. 6 para. 1 lit. A GDPR (consent).

In addition, we have a legitimate interest in using Google Ads Conversion Tracking to optimize our online service and our marketing measures. The corresponding legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests). We only use Google Ads Conversion Tracking if you have given your consent.

The Google Ads Data Processing Terms, which refer to the standard contractual clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.

If you would like to find out more about data protection at Google, we recommend that you read Google’s general privacy policy: https://policies.google.com/privacy?hl=de.

5.5 Font Awesome

Our website uses Font Awesome, a service provided by the US company Fonticons (307 S. Main St., Suite 202, Bentonville, AR 72712, USA). When you visit our website, the Font Awesome web font (in particular icons) are loaded via the Font Awesome Content Delivery Network (CDN). This ensures a consistent display of icons on all end devices in order to present the content on our website in a clearer, more attractive and better structured way. The icons are inserted in the form of HTML code and not as an image and can therefore be easily modified without slowing down the loading speed of our website.

In order to load the web font, your browser must establish a connection to the servers of Fonticons, Inc. Your IP address is recorded in the process. Font Awesome collects technical data and also which icon files are downloaded and when. This data is collected to improve CDNs and to detect and correct errors. Font Awesome does not use cookies.

Data in identifiable form is normally only stored on CDN servers for a few weeks. Aggregated statistics on the use of CDNs can also be stored for longer. Font Awesome does not store any personal data via the content delivery networks.

Legal basis

If you have consented to Font Awesome being used, the corresponding data processing is based on this consent. This consent forms the legal basis for the processing of personal data in accordance with Art. 6 para. 1 lit. a GDPR (consent).

In addition, we have a legitimate interest in using Font Awesome to improve our online service. The relevant legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests). However, Font Awesome is only used if you have given your consent.

For more information about Font Awesome and its privacy practices, please see the privacy policy at https://fontawesome.com/privacy and the help page at https://fontawesome.com/support.

5.6 YouTube

YouTube is a video platform of Google Inc (“Google”). When you visit one of our pages on which a YouTube video is embedded, YouTube sets cookies that store information such as your IP address and our URL. Further information on data protection can be found in the provider’s privacy policy at: https://policies.google.com/privacy.

If you are logged into your YouTube account, YouTube can assign your interactions on our website to your profile using cookies. This includes information such as session duration, bounce rate, approximate location and technical data such as browser type, screen resolution or internet provider. If you are not logged into a Google account or YouTube account, less interaction data is stored because fewer cookies are set. Google then stores data that is linked to your device, browser or app. This means that your preferred language settings are retained, for example.

Further information on the use of data by Google, as well as setting and objection options, can be found on the following Google websites:

- https://www.google.com/intl/de/policies/privacy/partners/ (“Data use by Google when you use our partners’ websites or apps”)

- http://www.google.com/policies/technologies/ads (“Use of data for advertising purposes”)

- http://www.google.de/settings/ads (“Manage information that Google uses to show you advertising”)

- http://www.google.com/ads/preferences/ (“Determine which advertising Google shows you”).

5.7 Twitter Plugin

Our pages use services of the social online service Twitter. Twitter is operated by Twitter Inc, 795 Folsom Street, Suite 600, San Francisco, CA 94107, USA. By using the “Re-Tweet” function, which is done by clicking the “Tweet” button, a link is created between the website you have accessed and your Twitter user account. This information is displayed to other Twitter users accordingly. We would like to point out that we unfortunately have no influence on the content and scope of use of the data collected by Twitter Inc. and refer you for further information to the Twitter Inc. website at: https://twitter.com/privacy. We would also like to point out that you can make appropriate changes to your Twitter account to protect your privacy.

5.8 Facebook Plugin

We have integrated plugins from Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA on our website. A visit to our site creates a direct connection to Facebook servers. In this way, Facebook is informed that your IP address has been registered on our website. If you now click the “Like”, “Share” or a corresponding button, Facebook will automatically assign your IP address to your user account and you will be able to link our website to Facebook on the pages of your profile. This process can only take place if you are logged in to Facebook at the same time. Unfortunately, we have no knowledge of the use and type of data collected. For further information in this regard, please refer to Facebook. If you do not wish your user account to be linked to your IP address, please log out of your Facebook account before using our website.

5.9 Instagram Plugin

Our website uses so-called social plugins (“plugins”) from Instagram, which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). When you visit a page on our website that contains such a plugin, your browser establishes a direct connection to Instagram’s servers. The content of the plugin is transmitted by Instagram directly to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has accessed the corresponding page of our website, even if you do not have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) is transmitted directly from your browser to an Instagram server in the USA and stored there.

If you are logged in to Instagram, Instagram can directly associate your visit to our website with your Instagram account. If you interact with the plugins, for example by clicking the “Instagram” button, this information is also transmitted directly to an Instagram server and stored there. The information is also published on your Instagram account and displayed there to your contacts. If you do not want Instagram to assign the data collected via our website directly to your Instagram account, you must log out of Instagram before visiting our website. You can also completely prevent the Instagram plugins from loading with add-ons for your browser, e.g. with the script blocker “NoScript” (http://noscript.net/).

5.10 LinkedIn Insight Tag

Our website uses the “LinkedIn Insight Tag” conversion tool from LinkedIn Ireland Unlimited Company. This tool creates a cookie in your web browser that enables the collection of the following data, among others: IP address, device and browser characteristics and page events (e.g. page views). This data is encrypted, anonymized within seven days and the anonymized data is deleted within 90 days. LinkedIn does not share any personal data with becon GmbH, but offers anonymized reports on the website target group and display performance. In addition, LinkedIn offers the possibility of retargeting via the Insight Tag. With the help of this data, becon GmbH can display targeted advertising outside its website without identifying you as a website visitor. Further information on data protection at LinkedIn can be found in the LinkedIn privacy policy. LinkedIn members can control the use of their personal data for advertising purposes in their account settings.

5.11 Privacy policy for the use of HubSpot

Our website uses HubSpot, a software from HubSpot Inc, USA. This software is used in the so-called area of inbound marketing and helps us to better coordinate and optimize our marketing strategy by means of statistical analyses and evaluation of logged user behavior, among other things. Cookies (see below) are used. You can prevent the storage of cookies at any time by selecting the appropriate settings in your browser software or delete cookies that have already been stored. Please note that if you block cookies, you may not be able to make full use of the services provided on our website. Further information can be found in the terms of use and the data protection guidelines of HubSpot Inc. at http://www.hubspot.com/terms-of-service and at http://www.hubspot.com/privacy-policy. If you do not wish the information about your visit to be used for the purposes described, you are welcome to inform us of this at any time by e-mail or post. All information we collect is subject to this Privacy Policy. HubSpot is subject to TRUSTe’s Privacy Seal and the U.S. – EU Safe Harbor Framework and the U.S. – Swiss Safe Harbor Framework. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Phone: +353 1 5187500.

5.12 Real Cookie Banner

We use the “Real Cookie Banner” consent tool to manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and related consents. You can find details on how “Real Cookie Banner” works at https://devowl.io/de/rcb/datenverarbeitung/.

The legal basis for the processing of personal data in this context is Art. 6 para. 1 lit. c GDPR and Art. 6 para. 1 lit. f GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.

The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we will not be able to manage your consent.

5.13 Gravatar

We have integrated the Gravatar plug-in from Automattic Inc (60 29th Street 343, San Francisco, CA 94110, USA) on our website to give you a face to our authors on the blog page. The function enables user images (avatars) to be displayed with published posts or comments, provided the corresponding e-mail address is registered with www.gravatar.com. Through this function, data is sent to Automattic Inc., stored and processed there.

If you do not enter an e-mail address or write a comment, no data will be transferred to Automattic Inc.

Further information can be found here: https://automattic.com/privacy/?tid=331707905702

6. Deletion, blocking and duration of storage of personal data

We process and store your personal data only for the period of time required to achieve the respective storage purpose or as provided for by the various retention periods stipulated by law.

After a storage purpose no longer applies or after the retention period stipulated by law has expired, the personal data is routinely blocked for further processing or deleted in accordance with the statutory provisions.

7. Data protection rights of the data subject

If you have any questions about your personal data, you can contact us in writing at any time. You have the following rights under the GDPR:

7.1 The right to information (subsection Art. 15 GDPR)

You have the right to obtain information at any time about which categories and information about your personal data are processed by us and for what purpose, how long and according to what criteria these data are stored and whether automated decision-making, including profiling, is used in this context. You also have the right to know which recipients or categories of recipients your data has been disclosed to or will be disclosed to, in particular in the case of recipients in third countries or international organizations. In this case, you also have the right to be informed about suitable guarantees in connection with the transfer of your personal data.

In addition to the right to lodge a complaint with the supervisory authority and the right to information about the origin of your data, you have the right to erasure, rectification and the right to restrict or object to the processing of your personal data.

In all of the above cases, you have the right to request a copy of your personal data processed by us from the data processor free of charge. For any further copies that you request or that go beyond the data subject’s right to information, we are entitled to charge a reasonable administrative fee.

7.2 The right to rectification (Art. 16 GDPR)

You have the right to request the immediate correction of your incorrect personal data and, taking into account the purposes of the processing, to request the completion of incomplete personal data, also by means of a supplementary declaration.

If you would like to exercise your right to rectification, you can contact our data protection officer or the controller at any time.

7.3 The right to erasure (Art. 17 GDPR)

You have the right to request the immediate erasure of your data (“right to be forgotten”), in particular if the storage of the data is no longer necessary, you withdraw your consent to data processing, your data has been processed unlawfully or has been collected unlawfully and there is a legal obligation to erase it under EU or national law.

However, the right to be forgotten does not apply if there is an overriding right to freedom of expression or freedom of information, the data storage is necessary for the fulfillment of a legal obligation (e.g. retention obligations), archiving purposes preclude the deletion or the storage serves to assert, exercise or defend legal claims.

7.4 The right to restriction (Art. 18 GDPR)

You have the right to request the controller to restrict the processing of your data if the accuracy of the data is disputed by you, if the processing is unlawful, if you refuse to delete your personal data and instead request a restriction on processing, if the necessity for the processing purpose no longer applies or if you have objected to the processing in accordance with Article 21 (1), as long as it is not yet clear whether legitimate reasons on our part outweigh yours.

7.5 The right to data portability (Art. 20 GDPR)

You have the right to the portability of your personal data, which you have provided to our company in a commonly used format, so that you can have your personal data transferred to another controller without hindrance, provided that, for example, you have given your consent and the processing is carried out by automated means.

7.6 The right to object (Art. 21 GDPR)

You have the right to object at any time to the collection, processing or use of your personal data for the purposes of direct marketing or market and opinion research as well as general commercial data processing, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms.

Furthermore, you cannot exercise your right to object if a legal provision provides for the collection, processing or use of the data or obliges us to collect, process or use the data.

7.7 Right to lodge a complaint with the data protection supervisory authority (Art. 77 GDPR in conjunction with Section 19 BDSG)

You have the right to lodge a complaint with the competent supervisory authority if you believe that there has been a breach in the processing of your personal data.

7.8 Right to withdraw consent under data protection law (Art. 7 (3) GDPR)

You can withdraw your consent to the processing of your personal data at any time and without giving reasons. This also applies to the revocation of declarations of consent given to us before the EU General Data Protection Regulation came into force.

Change privacy settings History of privacy settings Revoke consent

8. Legal basis of the processing

When processing personal data for which we obtain the consent of the data subject, Art. 6 para. 1, sentence 1 a) of the General Data Protection Regulation (GDPR) serves as the legal basis.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1, sentence 1 b) (GDPR) serves as the legal basis. This provision also includes processing operations that are necessary for the performance of pre-contractual measures.

Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1, sentence 1 c) (GDPR) serves as the legal basis.

If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 sentence 1 f) (GDPR) serves as the legal basis for the processing. The legitimate interest of our company lies in the performance of our business activities as well as in the analysis, optimization and maintenance of the security of our online offer.

9. Transmission of data to third parties

We generally do not sell or lend user data. Data will only be transferred to third parties beyond the scope described in this privacy policy if this is necessary to provide the requested service.

We only transfer data if there is a legal obligation to do so. This is the case if state institutions (e.g. law enforcement authorities) request information in writing or if a court order has been issued.

Personal data is not transferred to so-called third countries outside the EU/EEA.

10. Legal or contractual provisions for the provision of personal data and possible consequences of non-provision

We hereby point out that the provision of personal data is required by law in certain cases (e.g. tax regulations) or may result from contractual regulations (e.g. information on the contractual partner). For example, in order to conclude a contract, it may be necessary for the data subject/contractual partner to provide their personal data so that we can process their request (e.g. order) in the first place. An obligation to provide personal data arises above all when concluding a contract. If

no personal data is provided in this case

, the contract cannot be concluded with the data subject. Before personal data is provided by the data subject, the data subject can contact our data protection officer or the data controller. The data protection officer or the controller will then clarify to the data subject whether the provision of the required personal data is required by law or contract or is necessary for the conclusion of the contract and whether there is an obligation to provide the personal data arising from the data subject’s concerns or what the consequences are for the data subject if the requested data is not provided.

11. Existence of automated decision-making

As a responsible company, we do not use automated decision-making or profiling in our business relationships.