-        Ensuring a trouble-free connection to the websites

-        Ensuring smooth use of the websites

-        Ensuring and evaluating system security and stability

-        Detection of misuse

-        Technically error-free display and optimisation of the websites.

We do not process the data in order to draw conclusions about your person; however, we reserve the right to subsequently review the server log files should specific indications of unlawful use arise.

IP address, name of the retrieved file, date and time of retrieval, amount of data transferred, retrieval status (successful / unsuccessful), browser type and operating system of the end device, URL of the previously visited page (so-called “referrer URL”)

We use service providers for the operation and maintenance of our website who act as processors on our behalf. In the event of detected legal violations, we transmit the data to the bodies responsible for clarification and prosecution (e.g. specialised service providers, authorities, law firms, etc.)

Log data that enables identification of the data subjects is stored for a maximum period of 7 days, unless a security-relevant event occurs. In the event of such an event, the data will remain stored until the security-relevant event has been remedied and fully clarified

Processing is carried out in accordance with Art. 6 (1) f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website as well as ensuring system security and detecting and prosecuting misuse.

The provision of the data is neither legally nor contractually required; however, without processing the server log data, the technical functionality of our websites cannot be guaranteed.

Provision of the Consent Management Tool; technically necessary display of the consent banner; ensuring documentation of legally required consent processes; stability and security of the website.

IP address, browser and device settings, time of access, technical information required for script and element retrieval.

Processor: Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany

12 months

Processing is carried out in our legitimate interest pursuant to Art. 6 (1) lit. f GDPR. Our legitimate interest lies in the technically required provision of a Consent Management Tool and in fulfilling legal requirements (e.g. GDPR, TDDDG).

 

Without this processing, the website cannot be operated in compliance with data protection law.

Obtaining, storing and documenting consents; managing your consent status; withdrawal and change management

Anonymised IP address (last three digits set to zero), date and time of consent, technical browser information, URL of the consent submission, anonymous encrypted consent key, consent status

Processor: Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany

12 months

Processing is carried out in accordance with Art. 6 (1) c) GDPR to fulfil legal requirements regarding the ability to prove and manage consents in accordance with the GDPR and relevant national regulations (e.g. TDDDG)

Without this processing, consents cannot be documented and therefore cannot be managed in a legally secure manner.

Communication, handling your requests

1)    Information from the contact forms (first name, last name, company email address, telephone number, company, job title/position, country, query regarding contact by email or telephone, free text);

2)    Technical connection and access data; server and security data; metadata relating to the form

1)     None

2)     Technical service providers acting as processors on our behalf

1)    Content data as a rule: Up to 3 years after completion of the process. If a customer relationship exists: deletion after termination of the customer relationship.

2)     Technical data: Up to 90 days after submission

Processing is carried out on the basis of Art. 6 (1) b) GDPR if the request is aimed at concluding a contract with us, or pursuant to Art. 6 (1) f) GDPR on the basis of our legitimate interest in handling requests submitted to us.

Provision is neither legally nor contractually required. However, the described data processing is unavoidable and therefore necessary for recording and processing your request.

Securing the contact form against automated entries (spam, bots, misuse)

CAPTCHA image; CAPTCHA text entered by the user for comparison

Technical connection data that is automatically generated when the page is accessed.

The CAPTCHA is generated entirely locally. We use service providers for hosting our servers who act as processors on our behalf.

1)     Session

2)     See server log files

Processing is carried out in accordance with Art. 6 (1) f) GDPR on the basis of our legitimate interest in securing our systems, preventing misuse of the contact form and ensuring the functionality and security of our websites.

Provision is neither legally nor contractually required. However, the described data processing is unavoidable and therefore necessary for using the contact form. 

For data processing when visiting our social media profiles, we are jointly responsible with the respective platform operator in accordance with Art. 26 GDPR. Primary responsibility for data processing on the platform (e.g. creation of user profiles) lies with the respective provider.

The providers are: 

Instagram and Facebook: Meta Platform Ireland Ltd.

LinkedIn: LinkedIn Ireland Unlimited Company

Xing: New Work SE

YouTube: Google Ireland Ltd.

Provision of company information; communication and interaction with users (e.g. via comments or messages); evaluation of reach and visibility of our content; implementation of marketing and information measures

Profile and contact data (e.g. username, publicly visible information); communication content (e.g. messages, comments, posts); interaction data (e.g. likes, follows, shares); statistical and technical data provided to us by the platform operator (e.g. reach measurements, demographic data)

- We as operator of the respective social media presence

The respective platform operator

Other companies of the respective platform operator (e.g. Meta companies, Google companies)

Service providers of the platform operator 

Data processing may take place outside the European Union. Platform operators frequently use Standard Contractual Clauses for this purpose.

We: Until the respective communication, interaction or analysis purpose has been fulfilled

Data stored via the platform itself is subject to the retention periods of the respective platform operator.

Processing is carried out in accordance with Art. 6 (1) f) GDPR on the basis of our legitimate interest in modern and efficient public corporate communication and external presentation; interaction with users and the presentation and improvement of our services.

Provision is neither legally nor contractually required. Data processing is necessary in order to make our content visible, answer enquiries and use platform reach analyses to optimise our communication strategy.

The data protection provisions of the respective operator apply to processing by the platform operator.

Facebook / Instagram: https://facebook.com/privacy/policy

LinkedIn: https://linkedin.com/legal/privacy-policy

XING: https://privacy.xing.com

YouTube (Google): https://policies.google.com/privacy