Data Privacy

Data privacy

Data privacy policy for the shared homepage www.walterfries.de

 

WALTER FRIES takes the protection of your personal data very seriously. Through the following summary, we would like to explain to you our views and policies on personal data privacy, how we protect your personal data, and what that means for you when you use our individualised services and offerings.

 

For all of us at WALTER FRIES, the respect and protection of personal privacy is of the utmost importance. We take great care in our compliance with applicable data protection laws, in particular the EU General Data Protection Regulation (GDPR). Beyond this legal compliance, it is also important to us that you are able to fully understand exactly when and how we use your personal data.

 

1. Name and address of the responsible party

 

The responsible party within the meaning of the GDPR and other data protection laws and regulations of Germany and other EU member states is:

 

WALTER FRIES Consulting GmbH

Friedrichstr. 17

63739 Aschaffenburg

Germany

 

phone: +49 (0) 60 21 . 35 42 -0

e-mail: mail@walterfries.de

website: www.walterfries.de

 

1. Name and address of Data Protection Officer

 

We have commissioned the following external provide to serve as our Data Protection Officer:

 

Dr. Michael Krebs

AB Data Protect UG (haftungsbeschränkt)

Frohsinnstrasse 15

63739 Aschaffenburg

Germany

 

phone: +49 (0) 6021.30 88 0

e-mail: fries@ab-data-pro.de

 

III.     General information on our processing of personal data

 

Please note that data transmission via internet (for example, when communicating via e-mail) is inherently subject to security risks. The complete protection of transmitted data against access by third parties is not possible.

 

1. Scope of our processing of personal data

We fundamentally process the personal data of our users only insofar as necessary to provide our website’s functionality, content and services. Such processing of personal data of our users generally takes place with the user’s express consent, although not necessarily in specific cases in which prior consent cannot be obtained for practical reasons or in which the processing of such personal data is permitted by law.

 

What do we mean by “personal data”?

 

“Personally identifying information” is information that can be explicitly used to determine your identity, including such personal information as your name, e-mail address, postal address and telephone number. This does not include information that cannot be directly used to personally identify you, such as favourite webpages or the number of webpage visitors.

 

2. Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for the processing of personal data, the legal basis is letter (a) of the first sentence of article 6 sec. 1 of the GDPR.

 

In cases in which the processing of personal data is required to fulfil a contract to which the data subject is a party, or in preparation for the subsequently anticipated conclusion of such contract, the legal basis is letter (b) of the first sentence of article 6 sec. 1 of the GDPR. This also applies to processing operations that are required to carry out pre-contractual measures.

 

Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, the legal basis is letter (c) of the first sentence of article 6 sec. 1 of the GDPR.

 

Should the processing of personal data be necessary to safeguard a legitimate interest of our company or a third party, and so long as the interests, fundamental rights and freedoms of the data subject do not outweigh such legitimate interest, the legal basis is letter (f) of the first sentence of article 6 sec. 1 of the GDPR.

 

3. Deletion of personal data and period of storage

Insofar as we store personal data, these shall generally be deleted or blocked as soon as the purpose for which they were stored no longer applies. We may, in addition, store personal data to the extent provided by law in national and/or EU regulations, laws or other provisions to which we (as the “data controller” within the meaning of the GPDR) are subject. Such personal data shall likewise be deleted or blocked upon expiry of the storage period stipulated by such law, regulation or provision unless there is a need for the continued storage of the data for the conclusion or fulfilment of a contract.

 

HOW WE USE THE PERSONAL DATA WHICH WE OBTAIN

 

1. Provision of the website and creation of log files

 

1. Description and scope of our processing of personal data
   Every time that our website is visited, our system automatically collects certain data from the computer system which initiates the visit.

 

These data may include:

 

– Information about the browser type and version

– The visitor’s operating system

– The visitor’s internet service provider

– The visitor’s IP address

– The date and time of the website visit

– Other websites by way of which the visitor was referred to our website

– Other websites to which the visitor was referred by our website

– Webpages visited

– Volume of transmitted data (bytes)

 

These data are further stored in our system’s log files. They are not stored together with other personal data relating to the visitor.

 

2. Legal basis for our processing of personal data

The legal basis for our temporary handling of this data and for its storage in our log files is letter (f) of the first sentence of article 6 sec. 1 of the GDPR.

 

3. Purpose of our processing of personal data

We store the aforementioned data about visitors to our website in log files in order to ensure and improve the website’s functionality. In addition, we use such data to optimise our website and to maintain the security of our computer systems. Data obtained in this way is not used for marketing purposes.

 

This constitutes a “legitimate interest” for our processing of personal data within the meaning of letter (f) of the first sentence of article 6 sec. 1 of the GDPR.

 

4. Duration of storage

Where such temporary data are stored in log files, this generally takes places within seven days. While storage beyond this point is possible, the IP addresses of website visitors are in such case anonymised or deleted so that the visitor can no longer be identified.

 

5. Exclusion of rights of objection and erasure

The collection of such data for the provision of our website and the storage thereof in log files is essential for the continuing operation of our website. We must therefore exclude the possibility of a website visitor to object to such data collection or to request the erasure thereof. We cannot reasonably operate our website without such data.

 

1. SSL/TLS encryption

 

To protect the transmission of confidential content, such as orders or inquiries that you send to us as the website operator, or for other security reasons, this website may use SSL and/or TLS encryption. You may recognise an encrypted connection by the fact that the address line of your browser changes from “http: //” to “https: //” and by the lock symbol next to this address line.

 

The activation of SSL/TLS encryption ensures that any data that you transmit to us cannot be intercepted by third parties.

 

1. Cookies

 

1. Description and scope of our processing of personal data
   Our website makes use of cookies, which are text files stored within or by the internet browser on the user’s computer system. When a user visits a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be clearly identified when the website is again visited.

 

Our website uses the following types of cookies, the scope and functionality of which are explained below:

 

“Transient cookies” are automatically deleted when you close the browser. These include, in particular, “session cookies”, which store a so-called session ID through which various requests from your browser can be assigned to a common session. This means that your computer can be recognised when you return to our website. Such session cookies are automatically deleted when you log out or close your browser.

 

“Persistent cookies” are automatically deleted after a period specified in your browser settings, which can differ depending on the type of cookie. You may delete cookies at any time by activating the appropriate feature within your browser settings.

 

You may configure your browser settings as desired so that, for example, the acceptance of third-party cookies or all cookies is blocked. Please note that, by doing so, you may not be able to use all functions of this and other websites.

 

2. Legal basis for our processing of personal data

The legal basis for our processing of personal data through the use of cookies is letter (f) of the first sentence of article 6 sec. 1 of the GDPR.

 

3. Purpose of our processing of personal data

The cookies are used for analysis, namely for the purpose of improving the quality of our website and its content. These analysis cookies provide us with information about how our website is used,  thereby enabling us to continuously improve and optimise our offerings.

 

This purpose also constitutes a legitimate interest within the meaning of letter (f) of the first sentence of article 6 sec. 1 of the GDPR.

 

4. Duration of storage; means to exercise rights of objection and erasure

Cookies are stored on the user’s computer and transmitted from there to our website. As the user, you have full control over your system’s acceptance of cookies. You can deactivate or restrict the transmission of cookies by changing the appropriate settings in your internet browser. Cookies previously stored on your system may be deleted at any time, either manually or automatically. Please note that if you choose to deactivate cookies used for our website, you may not be able to use all functions within our website to their full extent.

 

VII.       Contact form and e-mail communications

 

1. Description and scope of our processing of personal data
   A contact form is available on our website which may be used to contact us electronically. When a visitor to our website chooses to make use of this function, the data entered in the input mask are transmitted to us and saved. These data are:

 

– The date and time at which the contact form was completed

– The user’s (sender’s) e-mail address

– If optionally also provided: name, company name, phone number

 

Your consent to the processing of your personal data is obtained as part of the sending process, including a reference to this data privacy policy.

 

Should you prefer, you may alternatively contact us using the e-mail address provided. In this case, we will receive and process the personal data which you provide to us through your e-mail.

 

In either case, the personal data which you provide to us will only be used for our relevant communications with you and will not be provided to any third party.

 

2. Legal basis for our processing of personal data

Where consent is expressly provided, the legal basis for our processing of personal data in conjunction with these services is letter (a) of the first sentence of article 6 sec. 1 of the GDPR.

 

The legal basis for our processing of personal data in conjunction with the transmission of e-mails is letter (f) of the first sentence of article 6 sec. 1 of the GDPR. Where the e-mail related to the intended conclusion of a contract, letter (b) thereof serves as an additional legal basis.

 

3. Purpose of our processing of personal data

The processing of your personal data which you provide to us by way of the contact form serves solely for our resulting communications with you. In the case of direct contact with us via e-mail, we have a necessary and legitimate interest in processing your personal data in order to handle and respond to your e-mail.

 

We may also process other personal or identifying data provided through the contact form in order to prevent misuse thereof and to ensure the security of our computer systems.

 

4. Duration of storage

The personal data collected through such communications to us are deleted as soon as they are no longer required to achieve the purpose for which they were collected. In either case (contact form or direct e-mail), this is deemed to be the case when the resulting exchange with the user has ended, which is assumed to be the case, for example, when the user’s enquiry has been answered and no further questions or requests received.

 

The additional personal data collected during the contact form message generation process will be deleted after a period of no more than 30 days.

 

Insofar as there are statutory retention requirements, the data will be deleted after the relevant storage periods have expired.

 

5. Rights of consent revocation, objection and deletion of your personal data

You, as the user of our contact form including the consent to the processing of your personal data provided thereby, have the option of revoking such consent at any time. Should you contact us directly via e-mail, you likewise have the right to object at any time to our storage of the personal data you provide thereby. Please note, however, that we will then be unable to continue our communication with you.

 

Such revocation of your previously provided consent, objection and/or request for deletion of your personal data may be made by sending an e-mail to mail@walterfries.de with a precise statement of your request and relevant circumstances.

 

Upon receipt of your request, we will – subject to statutory retention requirements – delete all of your personal data collected through such communications.

 

1. Topical newsletter subscriptions

 

1. Description and scope of our processing of personal data
   We offer the opportunity for users to subscribe to certain regular newsletters involving specific topics of interest. When a user sends us an e-mail requesting such newsletter, this is deemed to be a subscription request and consent to the processing of personal data relating thereto.

 

In order to provide this service, we necessarily save and process the following personal data:

 

–  The subscriber’s e-mail address

 

2. Legal basis for our processing of personal data

Because consent is provided, the legal basis for our processing of personal data in conjunction with these services is letter (a) of the first sentence of article 6 sec. 1 of the GDPR.

 

3. Purpose of our processing of personal data

The storage and processing of the subscriber’s e-mail address serves to provide the requested service.

 

4. Duration of storage

These personal data are generally deleted as soon as they are no longer required for the purpose for which they were originally collected. The subscriber’s email address is therefore retained for as long as the subscription to the respective newsletter is active. Subsequent storage may, however, be necessary for the sole purpose of documenting our legal basis for sending the newsletter.

 

5. Rights of objection and erasure

The subscriber has the right to the revoke the previously provided consent to the processing of personal data in conjunction with the newsletter subscription, or to object to the storage of personal data, at any time by sending us an e-mail. Please note that, by doing so, you will no longer receive the relevant newsletter.

 

Such revocation of your previously provided consent, objection and/or request for deletion of your personal data may be made by sending an e-mail to mail@walterfries.de with a precise statement of your request and relevant information.

 

Upon receipt of your request, we will – subject to statutory retention requirements – delete all of your personal data relating to the relevant newsletter subscription(s).

 

1. Your rights involving your personal data

 

To the extent that we (as “data controller” within the meaning of the GDPR) process your personal data (as “data subject” within the meaning of the GDPR), you have the following rights:

 

1. Right of access by the data subject

You may request confirmation from us (as data controller) as to whether we are processing your personal data.

 

Should this be the case, you may further request the following information:

 

(1) the purposes for which such personal data are processed;

 

(2) the categories of personal data that are being processed;

 

(3) the recipients, or categories of recipients, to whom the personal data relating to you have been or are being disclosed;

 

(4) the anticipated duration of the storage of your personal data or, if specific information is not available, the criteria for determining the duration of storage;

 

(5) the existence of any rights you may have to request rectification or deletion your personal data, or restriction of processing by us as data controller, or to object to such processing;

 

(6) the existence of any right you may have to lodge a complaint with a supervisory authority;

 

(7) all available information about the origin of your personal data held by us to the extent not obtained from you as the data subject; and

 

(8) the existence of any automated decision-making including profiling in accordance with article 22 sections 1 and 4 of the GDPR and – at least in relevant specific cases – meaningful information about the decision-making logic involved and the scope and intended effects of such processing as these involve the data subject.

 

You have the right to request information about whether your personal data is being transmitted to a third country or international organization. In this context, you may also request information about safeguards in conjunction therewith in accordance with article 46 of the GDPR.

 

2. Right to rectification

You have a right to request that we, as data controller, correct and/ or complete any of your personal data processed by us which are incorrect or incomplete. In such case, we shall promptly rectify your personal data.

 

3. Right to restriction of data processing

You have the right to request restriction of the processing of your personal data under any of the following conditions:

 

(1) if you dispute the correctness of the personal data concerning you, in such case for a period of time sufficient for us to verify the correctness of your personal data;

 

(2) the processing of your personal data is not in compliance with applicable law or regulation, but rather than exercising your right to erasure (below), you instead request that the use of your personal data be restricted;

 

(3) we no longer require your personal data for routine processing purposes but must retain these data to assert or exercise our legal rights or defend against legal claims, or

 

(4) in situations in which you as data subject have objected to the processing of your personal data in accordance with article 21 sec. 1 of the GDPR and a determination has not yet been reached as to whether your stated reasons outweigh our own legitimate interests.

 

If the processing of your personal data has been restricted, these data may only be used – apart from its continued retention – with your consent, or to assert or exercise our legal rights or defend against legal claims, or to protect the rights of another natural or legal person, or for reasons of overriding public interest of the European Union or a member state thereof.

 

Should such processing restriction be affected by any of the aforementioned conditions, we shall inform you before lifting such restriction.

 

4. Right to erasure

 

1. a) Our obligation to delete personal data held by us

You may request that we (as data controller) immediately delete any personal data relating to you. In such case, we shall promptly delete such personal data provided that one of the following reasons applies:

 

(1)          The personal data relating to you are no longer necessary for the purposes for which they were collected or otherwise processed.

 

(2)          You revoke your previously provided consent upon which the processing was based in accordance with either letter (a) of the first sentence of article 6 sec. 1 or letter (a) of article 9 sec. 2 of the GDPR, and there is no other legal basis for the processing.

 

(3)          You have filed objection to the processing of your personal data under article 21 sec. 1 of the GDPR and there are no overriding legitimate interests for such processing, or you have filed objection to the processing of your personal data under article 21 sec. 2 of the GDPR.

 

(4)          The processing of your personal data is not in compliance with applicable law or regulation.

 

(5)          The deletion of your personal data is necessary to fulfil an obligation under EU law or the law of a member state to which we as data controller are subject.

 

(6)          The personal data were collected through information society services offered and consented to under the provisions of article 8 sec. 1 of the GDPR.

 

1. b) Information provided to third parties

Should we (as data controller) have made your personal data public and should we be obliged to erase such personal data in accordance with article 17 sec. 1 of the GDPR, we shall, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform other data controllers which we know to be processing your personal data obtained thereby that the data subject has requested the erasure by such data controllers of any links to, or copy or replication of, such personal data.

 

1. c) Exceptions

The right of erasure shall not apply insofar as the processing of your personal data is necessary:

 

(1)          for exercising the right of freedom of expression and information;

 

(2)          for compliance with a legal obligation which requires processing under EU or member state law to which we as data controller are subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in us as data controller;

 

(3)          for reasons of public interest in the area of public health in accordance with letters (h) and (i) of article 9 sec. 2 as well as article 9 sec.3 of the GDPR;

 

(4)          for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with article 89 sec. 1 of the GDPR insofar as the right claimed is likely to render impossible or seriously impair the achievement of the objectives of such processing; or

 

(5)          for the establishment, exercise or defence of legal claims.

 

5. Right to notification

Should we, upon your assertion of any of the above rights, correct or delete your personal data, or restrict the processing thereof, we (as data controller) shall notify all recipients to whom the personal data concerning you have been disclosed of such correction, deletion or restriction of processing, provided that this is possible and does not entail a disproportionate effort.

 

You have the right to request that we, as data controller, inform you of such recipients.

 

6. Right to data portability

You have the right to receive the personal data concerning you which we (as data controller) have obtained, in a structured, common and machine-readable format. You further have the right to request the transfer of these data to another data controller named by you, and without hindrance from the data controller to whom the personal data was originally provided, provided that:

 

(1) the processing is based upon your consent provided in accordance with either letter (a) of the first sentence of article 6 sec. 1 or letter (a) of article 9 sec. 2 of the GDPR, or a contract in accordance with letter (b) of the first sentence of article 6 sec. 1 thereof, and

 

(2) the processing is carried out using automated procedures.

 

In exercising this right, you also have the right to request that your personal data be transmitted directly from the existing data controller to the new data controller insofar as technically feasible. Such data transfer must not impair the freedoms and rights of any other persons.

 

This right to data portability does not apply to the processing of personal data necessary for the performance of a task that is in the public interest or which takes place in the exercise of official authority invested in the data controller.

 

7. Right to object

You have the right, for reasons arising from your particular situation, to object at any time to any processing of your personal data legally based upon letters (e) or (f) of the first sentence of article 6 sec. 1 of the GDPR, including also any profiling based upon these provisions.

 

In this case, we (as data controller) will cease the processing of your personal data in accordance with your objection unless we can demonstrate compelling legitimate interests arising from the processing of your personal data that outweigh your interests, rights and freedoms, or the processing of your personal data serves to assert or exercise our legal rights or to defend against legal claims.

 

If the personal data relating to you are processed in order to generate direct mail, you have the right to object at any time to the processing of your personal data for such direct marketing purposes, including also any profiling insofar as associated with such direct mail generation.

 

Should you notify us of your objection to such processing for direct marketing purposes, your personal data will no longer be processed for these purposes.

 

In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you as the data subject may exercise your right to object by automated means using technical specifications.

 

8. Right to revoke consent to processing of your personal data

You have the right to revoke your declaration of consent under data protection law at any time. Such revocation of your consent shall not affect the legality of any processing of your personal data carried out on the basis of your consent up to the point of revocation.

 

9. Automated individual decision-making, including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which has legal effects upon you or which significantly affects you in a similar manner. This right does not apply if such decision:

 

(1) is necessary for entering into, or the performance of, a contract between you (as data subject) and us (as data controller);

 

(2) is authorised by EU or member state law to which we (as data controller) are subject and which also lays down suitable measures to safeguard the data subject’s rights, freedoms and legitimate interests; or

 

(3) takes place with your express consent.

 

Such decisions, however, may not be based on special categories of personal data referred to in article 9 sec. 1 of the GDPR unless letter (a) or letter (g) of sec. 2 thereof applies and suitable measures are in place to safeguard the data subject’s rights, freedoms and legitimate interests.

 

In the cases of decisions involving you taken under the above situations (1) or (3), we (as data controller) shall take appropriate measures to safeguard your rights, freedoms and legitimate interests as data subject, including at least the right to request human intervention by us (as data controller), to express your point of view, and to contest the decision.

 

10. Right to file complaint with supervisory authority

You have the right, without prejudice to any other administrative or judicial remedy which may be available to you, to lodge a complaint with an applicable supervisory authority if you believe that your personal data has been stored or processed in violation of the GDPR. This supervisory authority may be in the EU member state in which you reside, in which you work, or in which the alleged infringement took place.

 

The data protection supervisory authority responsible for our company is the Bavarian State Office for Data Protection Supervision (Bayerisches Landesamt für Datenschutzaufsicht, BayLDA), Promenade 27, 91522 Ansbach, Germany.

 

USE OF THIRD-PARTY APPLICATIONS AND SERVICES

 

Portions of our website operate on the basis of third-party applications and services. Depending on the pages within our website which you visit and the functions which you use, the following third-party applications and services may result in your personal data being made available to third parties for the purpose(s) mentioned in each specific case:

 

VII. Google Analytics

 

This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics employs “cookies”, which are text files placed on your computer, to facilitate analysis of how this website is used. The information generated by the cookie about your use of the website is transmitted to and stored by Google on servers which are generally located in the United States. When IP anonymisation is activated on the website, however, Google generally truncates IP addresses within EU/EEA member states, such that complete IP addresses transferred to the Google server in the United States and truncated there only in exceptional cases. In the case of this website, IP anonymisation is activated. Google uses this information on our behalf for the purpose of evaluating usage of our website, for compiling reports for us on website activity, and for providing us with other services relating to website activity and internet usage.

 

The IP addresses of our website visitors identified and collected by Google Analytics are not associated or aggregated with any other data held by Google.

 

You may block the use of cookies by selecting the appropriate settings on your browser, but if you choose to do so, please note that you may not be able to benefit from the full functionality of our website. Alternatively, you may opt out of Google Analytics, thereby blocking Google from collecting data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data, by installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout.

 

This website uses Google Analytics with the “_anonymizeIp()” extension. Through this use of this extension, IP addresses are further processed in an abbreviated form so that IP addresses cannot be personally identified. In the event that data collected about you can be used to personally identify you, this reference is immediately excluded and the relevant personal data immediately deleted.

 

We employ Google Analytics to analyse the usage of our website and to improve it on a regular basis. Through these aggregated data, we are able to improve our offerings and make them more interesting and relevant for you as a user of our website. In exceptional cases in which personal data is transferred from the EU to the United States, Google says it has imposed a standard on itself that corresponds to the former EU-US Privacy Shield and has promised to comply with applicable data protection laws when transferring data internationally.

 

The third-party provider is: Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, fax: +353 (1) 436 1001. The Google Analytics terms of service may be found at https://marketingplatform.google.com/about/analytics/terms/gb/. Additional information and explanation of Google’s privacy policy may be found at https://policies.google.com/privacy?hl=en&gl=de.

 

We have concluded a contract data processing agreement with Google through which our use of Google Analytics is in full compliance with the stringent German data protection requirements.

 

1. Google Maps

 

This website uses Google Maps to provide location information and travel directions. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By using these features within our website, you consent to the collection, processing and use by Google (or representatives thereof) as well as third-party providers of automatically collected data and data entered by you.

 

The terms of service for Google Maps additional to the general Google terms of service may be found at https://www.google.com/intl/en_de/help/terms_maps.html. Additional information and explanation of Google’s privacy policy and certain elective options available to you may be found at https://policies.google.com/privacy?hl=en&gl=de.

 

1. Newsletter2Go

 

Supplementary information regarding this service:

 

If you wish to receive the newsletter which we offer on our website, we require your e-mail address as well as information that allows us to verify that this e-mail address is indeed yours and that you agree to our sending of the newsletter.

 

To ensure that you wish to receive our newsletter and that we have your consent, we use a double-opt-in procedure before adding you to our active mailing list. We do this by sending you a confirmation e‑mail to verify your registration for this service and to obtain your legal consent. We will only include your e-mail address in the active mailing list once you have provided this confirmation.

 

We use your personal data obtained thereby exclusively for sending the information and offerings which you have requested.

 

Our newsletter software and service provider is Sendinblue GmbH. Your personal data will be transmitted to Sendinblue GmbH, which is in turn prohibited from selling your personal data or using them for any purpose other than the sending of our newsletters. Sendinblue GmbH is a certified German provider selected in accordance with the requirements of the GDPR and the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG).

 

Further information may be found at https://www.sendinblue.com/information-for-email-recipients/.

 

You may at any time revoke your consent to the storage and processing of your e-mail address and other personal data for the sending of our newsletter, including but not limited to the “unsubscribe” link included in our newsletter.

 

Please note that data protection measures are subject to changing legal and technical requirements. For this reason, we suggest that you regularly review this and any other applicable data privacy policies.

 

 

1. reCAPTCHA

 

This website uses Google reCAPTCHA, a service provided by Google Ireland Limited, Gordon House, Barrow St., Dublin 4, Ireland (hereinafter “Google”). Google reCAPTCHA processes information regarding the behavioural interactions of website users.

 

Google reCAPTCHA is used to determine whether a website entry is being attempted by an actual person or improperly through automated or robotic means. The use of Google reCAPTCHA serves directly to ensure the security and functionality of our systems. The legal basis is letter (f) of the first sentence of article 6 sec. 1 of the GDPR (legitimate interest).

 

The IP address transmitted as part of Google reCAPTCHA verification process is not combined with other Google data unless you are logged into your Google account at the time you use Google reCAPTCHA. Should you wish to preclude the transmission and storage of data by Google about you and your interaction with our website, you must log out of Google before you visit our website or use Google reCAPTCHA.

 

You can also block the collection and forwarding of your personal data, thereby preventing the processing of these data, by deactivating the execution of JavaScript in your browser. It is also possible to prevent the execution of JavaScript code altogether by installing a JavaScript blocker (such as https://noscript.net/ or https://www.ghostery.com). If you do so, however, you should note that you may not be able to make use of all functions within our website to their full extent.

 

Additional information on Google’s privacy policy may be found at https://policies.google.com/privacy?hl=en&gl=de.

 

XII. Google Tag Manager

 

This website uses Google Tag Manager, a service provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, and Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, as well as other Google affiliates.

 

We have a data processing agreement in place with Google. Under this agreement, Google Tag Manager specifically processes personal data only for technically necessary purposes. To perform this function, Google Tag Manager also loads other components which may in turn collect data, but Google Tag Manager does not itself access this data.

 

Further information about Google Tag Manager may be found in Google’s privacy policy and terms of service.