Privacy policy

Contents

  1. Data protection at a glance
    • General guidance
    • Analysis tools and third-party supplier tools
  2. Hosting and Content Delivery Networks (CDN)
    • External Hosting
  3. General notes and obligations information
    • Data protection
    • Information about the responsible office
    • Storage duration
    • Data Protection Officer required by law
    • Note on data transfer to the USA
    • Revocation of your consent for data processing
    • Right to object to the collection of data in particular cases and against direct mail (art. 21 GDPR)
    • Right to object to the relevant supervisory authorities
    • Right to data portability
    • SSL and/or TLS encryption
    • Information, deletion and correction
    • Right to restriction of the processing
    • Objection to advertising e-mails
  4. Data collection on this website
    • Use of jquery
    • Use of jsdeliver.net / jsdeliver.com/ cdn.jsdelivr.net
    • Cookies
      • Cookie consent with Typo 3
    • Server log files
    • Contact form
    • Enquiry per e-mail, telephone or fax
    • Communication via WhatsApp
  5. Social media
    • Social media plugins with Shariff
    • LinkedIn plugin
    • Hootsuite
  6. Analysis tools and advertising
    • Google Tag Manager
    • Google Analytics
      • IP anonymising
      • Browser Plugin
      • Order processing
      • Demographic characteristics with Google Analytics
      • Storage duration
    • Google Analytics Audiences
    • Google Ads
    • Google Remarketing
    • Google Dynamic Remarketing
    • Google Conversion Tracking
    • Facebook Pixel
    • LinkedIn Analytics
    • Marketing Solutions (formerly LinkedIn Ads)
  7. Newsletter
    • Sendinblue
  8. Plugins and tools
    • YouTube with enhanced data protection
    • Google Web Fonts (local hosting)
    • Font Awesome
    • Google Maps
    • Google reCAPTCHA
    • tawk.to
      • Contract for order processing
    • Edudip
      • Conclusion of a contract for order processing
    • yumpu.com online catalogues
  9. In-house services
    • Handling of applicant data
    • Scope and purpose of data collection
    • Retention period of the data
    • Inclusion into the applicant pool

1. Data protection at a glance

General guidance

The following guidance gives a simple overview of what happens to your personal data when you visit this website. Personal data are all data with which you can be personally identified. Full details about the subject of data protection can be found in our data protection declaration which is given in this text.

Data collection on this website

Who is responsible for the data collection on this website?

The data processing on this website is carried out by the website operator. You can find their contact details in the section "Information on the responsible office" in this data protection declaration.

How do we collect your data?

Firstly, your data is collected by you providing it to us. This can relate to data which you e.g., enter in a contact form.

Other data are collected by our IT system automatically or subject to your consent when you visit the website. These are primarily technical data (e.g. Internet browser, operating system or time of your site visit). This data is collected automatically as soon as you access this website.

What do we use your data for?

Some data is used to guarantee error-free operation of the website. Other data can be used to analyse your user relationship.

What rights do you have in relation to your data?

You have the right at any time to obtain information, free of charge, about the origin, recipients, and purpose of your stored personal data. You also have the right to demand correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data in certain circumstances. Furthermore, you have the right to lodge a complaint with the relevant supervisory authorities.

You can contact us at any time about this and any other questions on the subject of data protection.

Analysis tools and third-party supplier tools

When you visit this website your surfing behaviour can be statistically analysed. This is most often carried out by analytics programs.

You can find detailed information about these analytics programs in the following privacy policy.

2. Hosting and Content Delivery Networks (CDN)

External Hosting

This website is hosted by an external service provider (hoster). The personal data which can be collected on this website are stored on the servers of the hoster. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contractual data, contact details, names, website accesses and other data generated about a website.

The hoster is used for the purposes of contract fulfilment for our potential and existing customers (art. 6 para. 1 section b GDPR) and in the interests of secure, rapid and efficient provision of our online offer by a professional supplier (art. 6 para. 1 section f GDPR).

Our hoster will process your data only insofar as is necessary to fulfil its performance obligations and will follow our instructions with regard to this data.

We use the following hoster:

NETsite.lu SARL

B.P. 16

L-8505 Noerdange

Conclusion of a contract for order processing

In order to guarantee data protection-compliant processing, we have concluded a contract for order processing with our hoster.

3. General notes and obligations information

Data protection

The operator of these sites takes the protection of your personal data very seriously. We treat your personal data confidentially and corresponding to the statutory data protection directives and this privacy policy.

When you use this website, various personal data are collected.

Personal data are data with which you can be personally identified. This data protection declaration explains which data we collect and what we use it for. It also explains how and for what purposes this takes place.

Please note that security loopholes can occur when data is transferred on the Internet (e.g. communication by e-mail). It is not possible therefore to completely protect the data from access by third parties.

Information about the responsible office

The responsible office for data processing on this website is:

ST QUADRAT Fall Protection S.A.

45, rue Fuert

L-5410 Beyren

Phone: +352 26 747 265

E-mail: info@lux-top.com

The responsible office is the natural or legal entity that decides on the purpose and means of processing personal data (e.g. names, email address etc.) either solely or together with another.

Storage duration

Unless a special storage duration has been specified within this data protection declaration, your personal data remains with us until the purposes for the data processing no longer apply. If you assert a legitimate request for deletion or you revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be deleted once these reasons no longer apply.

Data Protection Officer required by law

We have appointed a data protection officer for our company.

DSB: Christiane Seel Steffen Holzbau s.a.

13, rue de Flaxweiler

L-6776 Grevenmacher

Phone: +352 719 686-48

E-mail: c.seel@steffen-holzbau.lu

Note on data transfer to the USA

Among other things, tools from companies based in the USA are integrated on our website. When these tools are active your personal data may be transferred to the US servers of the respective company. We refer to the fact that the USA is not a secure non-member state in terms of the EU data protection law. US companies are obliged to disclose personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, analyse and permanently store your data located on US servers for surveillance purposes. We have no influence on these processing activities.

Revocation of your consent for data processing

Many data processing processes are only possible with your explicit consent. You can also revoke your consent at any time. The lawfulness of the data processing carried out prior to revocation remains unaffected by the revocation.

Right to object to the collection of data in particular cases and against direct mail (art. 21 GDPR)

IF THE DATA PROCESSING IS BASED ON ART. 6 PARA. 1 SECTION E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS FOR PROCESSING CAN BE FOUND IN THIS DATA PROTECTION DECLARATION IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE REASONS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING IS FOR THE ASSERTION, EXERCISE OR DEFENCE OF LEGAL CLAIMS (OBJECTION UNDER ARTICLE 21 PARA. 1) GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES FOR PROFILING, WHERE THIS IS IN CONNECTION WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION IN ACCORDANCE WITH ARTICLE 21 PARA 2 OF THE GDPR).

Right to object to the relevant supervisory authorities

In the event of breaches of the GDPR, data subjects shall have a right of appeal to a supervisory authority, in particular in the Member State of their usual residence, place of work or the place of the alleged breach. The right to object is without prejudice to any other administrative or judicial remedy.

Right to data portability

You have the right to have data that we process, automatically on the basis of your consent or in performance of a contract, transferred you or to a third party in a standard, machine-readable format. If you request the direct transfer of the data to another responsible person, this will only take place if technically feasible.

SSL and/or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator. An encrypted connection is recognisable as such in that the address line of the browser changes from "http://" to "https://" and by the padlock symbol in your browser address line.

If SSL and/or TLS encryption is activated, the data you disclose to us cannot be read by third parties.

Information, deletion and correction

Within the framework of the applicable legal provisions, you have the right at any time to obtain information free of charge about your stored personal data, its origin and its recipients and the purpose of the data processing and, if applicable, a right to correct or delete this data. You can contact us at any time about this and any other questions on the subject of personal data.

Right to restriction of the processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time about this. The right to restriction of the processing exists in the following instances:

- If you dispute the accuracy of the personal data stored by us, we generally need time to review this. For the duration of the review, you have the right to demand the restriction of the processing of your personal data.

- If your personal data has been/is being used illegally, instead of deletion, you can request the restriction of the data processing.

- If we no longer need your personal data but you need it to exercise, defend or assert legal claims, you have the right, instead of deletion, to request the restriction of processing of your personal data.

- If you have lodged an objection in accordance with art. 21 para. 1 GDPR there must be a weighing up of your interests and ours. If it has not been determined, whose interests prevail, you have the right to demand the restriction of the processing of your personal data.

- If you have restricted the processing of your personal data, such data may - apart from being stored - only be processed with your consent or for the assertion, exercise, or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.

Objection to advertising e-mails

The use of contact data published within the framework of the imprint obligation for the transfer of advertising and information material not expressly requested is herewith objected to. The operators of the site expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example by spam e-mails.

4. Data collection on this website

Use of jquery

"Libraries" are integrated into our site to make it easier to use. To this end a "jquery" is uploaded by Google. This library is an offer of Google Ireland Limited, Gordon House Barrow Street, Dublin 4, Ireland ("Google"). The legal basis for this data processing is art. 6 para. 1 section f) GDPR. Our "Interest" in the sense of art. 6 para. 1 section f) is the operation of this Internet site.

The use of jQuery optimises the load speeds. In this regard, programme libraries are called up from Google servers. The Google CDN (Content Delivery Network) is used. If you have previously used jQuery on another Google CDN site, your browser will access the copy archived in the cache. If this does not apply, a download is required whereby data from your browser is transmitted to Google!Inc. ("Google"). Your data is transmitted to the USA. You can find more information here: developers.google.com/speed/libraries/ and under the data protection provisions of google.de.

Use of jsdeliver.net / jsdeliver.com/ cdn.jsdelivr.net

Java-Script code from the company Prospectone Sp. z o.o., ul. Krolweska 65A, 30-081, Krakow, Poland (hereinafter referred to as jsdeliver.net / jsdeliver.com / cdn.jsdelivr.net) is reloaded on our site. The Java-Script code gstatic.com is a component of Google used to evaluate the website statistics. If you have activated Java-Script in your browser and have no Java-Script Blocker installed, your browser may transmit personal data to jsdeliver.net / jsdeliver.com. cdn.jsdelivr.net is used in the interests of problem-free technical presentation of our online offers. This represents a legitimate interest within the meaning of art. 6 para. 1 section f GDPR.

You can find further information about this in the privacy policy of jsdeliver.net / jsdeliver.com: www.jsdelivr.com/about. You can install a Java-Script-Blocker (e.g. www.noscript.net) to completely block the execution of Java-Script Code by jsdeliver.net / jsdeliver.com / cdn.jsdelivr.net / gstatic.com.

Cookies

Our Internet pages use so-called "cookies". Cookies are small text files which do not damage your terminal device. They are stored on your terminal device temporarily for the duration of a session (Session cookies) or permanently (Permanent cookies). Session cookies are automatically deleted after the end of your visit. Permanent cookies remain on your terminal device until you delete them yourself or they are automatically deleted by your web browser.

Sometimes cookies from third party companies are stored on your terminal device when you visit our site (Third-Party cookies). They allow you or us to use certain services of the third-party companies (e.g. cookies for handling payment services).

Cookies have different functions. Many cookies are technically necessary because certain website functions would not work without them (e.g. the basket function or the display of videos). Other cookies are used to analyse user behaviour or for advertising.

Cookies which are necessary to carry out the electronic communication process (essential cookies) or to provide certain functions that you have requested (functional cookies, e.g. for shopping basket function) or for website optimisation (e.g. cookies to measure the web audience) are stored on the basis of art. 6 para. 1 section f GDPR, if no other legal basis is specified. The website operator has a legitimate interest in the storage of cookies for the flawless technical provision of its services. If consent to the storage of cookies has been requested, the storage of the cookies in question is based exclusively on this consent (art. 6 para. 1 section f GDPR); consent can be revoked at any time.

You can adjust your browser such that you are informed about the setting of cookies informed are and to allow cookies only in individual cases, or to exclude them generally and activate automatic deletion of cookies when you close the browser. The deactivation of cookies can limit the functionality of this website.

If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately within the context of this data protection declaration and, if necessary, request your consent.

Cookie consent with Typo 3

This website uses the cookie consent technology of Typo 3 (additional tool) to obtain your consent to the storage of certain cookies on your terminal device or to the use of certain technologies and to document this in a data protection compliant manner. This technology is supplied by Consulting1x1,, website: www.consulting1x1.com (hereinafter referred to as the "supplier").

When you visit our website the following personal data is transmitted to the supplier

- Your consent(s) and/or the revoking of your consent(s)

- Your IP-Address

- Information about your browser

- Information about your terminal device

- Time of your visit to the website

The supplier also stores cookies in your browser, in order to be able to assign the consent and/or revocation to you. Data collected in this way are stored until you ask us to delete them, you delete the Consent-cookie yourself or the purpose of data storage no longer applies. Mandatory statutory retention obligations remain unaffected.

This tool is used to obtain consent for the use of certain technologies as required by law. The legal basis for this is art. 6 para. 1 p. 1 section c GDPR.

Contract for order processing

We have concluded a contract for order processing with Consulting1x1. This is a contract required by data protection law, which guarantees that Consulting1x1 only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

Server log files

The page provider automatically collects and saves information in so-called server log files, which your browser automatically sends to us. These are:

- browser type and browser version, operating system

- Referrer URL

- Host name of the accessing computer

- Time of the server request, IP-Address

This data is not combined with other data sources.

The collection of this data is based on art. 6 para. 1 section f GDPR. The website operator has a legitimate interest in the problem-free technical presentation and optimisation of its website - for which purpose, the server log files must be recorded.

Contact form

If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you have provided there, will be stored by us for the purpose of processing your enquiry and in the event of follow-up enquiries. We will not pass on this data without your consent.

The processing of this data takes place based on art. 6 para. 1 section b GDPR, for as long as your enquiry is linked to the fulfilment of a contract or is required to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interests in effectively processing of enquiries sent to us (art. 6 para. 1 section f GDPR.) or your consent (art. 6 para. 1 section a GDPR) where requested.

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after we have completed processing your enquiry). Mandatory statutory provisions – particularly retention periods – remain unaffected.

Enquiry via e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, your enquiry including all resulting personal data (name, enquiry) is stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.

The processing of this data takes place based on art. 6 para. 1 section b GDPR, for as long as your enquiry is linked to the fulfilment of a contract or is required to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interests in effectively processing of enquiries sent to us (art. 6 para. 1 section f GDPR.) or your consent (art. 6 para. 1 section a GDPR) where requested.

The data you send to us via contact enquiries will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after we have completed processing your case). Mandatory statutory provisions – particularly legal retention periods – remain unaffected.

Communication via WhatsApp

Amongst other methods, we use the WhatsApp instant messaging service for communication with our customers and other third party users. The supplier is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

The communication takes place via End-to-End encryption (Peer-to-Peer), which prevents WhatsApp or other third parties from accessing the content of the communication. WhatsApp nevertheless has access to metadata, which is generated during the course of the communication process (e.g. sender, receiver and time). We also remind you that WhatsApp shares the personal data of its users with its USA-based parent company Facebook. You will find more details about data processing in WhatsApp's data protection policy under: www.whatsapp.com/legal/.

The use of WhatsApp is based on our justified interest in as fast and effective communication as possible with our customers, interested parties and other business and contracting parties (art. 6 para. 1 p. 1 section f GDPR). If corresponding consent has been requested, the data processing takes place exclusively on the basis of the consent. This can be revoked at any time with effect for the future.

The content of communications exchanged between and on WhatsApp will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after we have completed processing your enquiry). Mandatory statutory provisions – particularly retention periods – remain unaffected.

We use the "WhatsApp Business" variant of WhatsApp.

Data transfer to the USA is based on the standard contract clauses of the EU Commission. You can find details here: www.whatsapp.com/legal/business-data-transfer-addendum.

We have set our WhatsApp accounts such that there is no automatic data synchronisation with the address books of the smartphones on which it is used.

We have concluded a contract for order processing with WhatsApp.

5. Social media

Social media plugins with Shariff

We use social media plugins on this website (e.g. Facebook, Twitter, Instagram, Pinterest, XING, LinkedIn, Tumblr).

The plugins are usually recognisable from the respective social media logos. To guarantee data protection on this website, we use these plugins only together with the so-called "Shariff" solution. This application prevents any plugins integrated into this website from transmitting data to the respective supplier when the site is first visited.

Only when you activate the respective plugin by clicking on the associated button is a direct connection created with the server of the supplier (consent). As soon as you have activated the plugin, the respective supplier receives the information that you have visited this website with your IP address. If you are simultaneously logged into your respective social media account (e. g. Facebook), the respective supplier may assign the visit to this website to your user account.

The activation of the plugin represents consent in the sense of art. 6 para. 1 section a GDPR. You can revoke this consent at any time with effect for the future.

LinkedIn plugin

This website uses functions of the LinkedIn network. The supplier is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Each time a page on this website which contains functions of LinkedIn is called up, a connection is created with LinkedIn servers. LinkedIn is informed that you have visited this website with your IP address. If you click on the LinkedIn "Recommend button" while being logged into your account at LinkedIn, LinkedIn can assign your visit to this website to you and your user account. We remind you that we, as supplier of the pages, have no knowledge of the content of the data transferred nor their use by LinkedIn.

The use of the LinkedIn plugin takes place based on art. 6 para. 1 section f GDPR. The website operator has a legitimate interest in as comprehensive as possible exposure in social media. If corresponding consent has been requested, the processing takes place exclusively based on art. 6 para. 1 section a GDPR; Consent can be revoked at any time.

Data transfer to the USA is based on the standard contract clauses of the EU Commission. You can find details here: www.linkedin.com/help/linkedin/answer/62538/datenubertragung-aus-der-eu-dem-ewr-und-derschweiz

You can find further information in the privacy policy of LinkedIn under: www.linkedin.com/legal/privacy-policy.

Hootsuite

We manage our social media channels with Hootsuite, Hootsuite Inc., 5 East 8th Avenue Vancouver, BC, Canada V5T 1R6. Hootsuite lets you manage Social Media channels, plan, publish and analyse postings. Hootsuite processes data uploaded by users on social media channels or shared and made public by sharing and "liking" posts. Further information and Hootsuite's latest applicable privacy policy can be found under hootsuite.com/de/legal/privacy and under hootsuite.com/de/legal/general-data-protection-regulation.

6. Analysis tools and advertising

Google Tag Manager

We use Google Tag Manager. The supplier is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to embed tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create user profiles, does not store cookies and does not perform any independent analyses. It is only used for the administration and playing of the tools integrated via it. Google Tag Manager nevertheless collects your IP address, which can also be transmitted to Google's parent company in the United States.

The use of the Google Tag Manager takes place based on art. 6 para. 1 section f GDPR. The website operator has a legitimate interest in fast, uncomplicated integration and management of different tools on its website. If corresponding consent has been requested, the processing takes place exclusively based on art. 6 para. 1 section a GDPR; Consent can be revoked at any time.

Google Analytics

This website uses functions of the web analysis service Google Analytics. The supplier is Google Ireland Limited, ("Google") Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyse the behaviour of its website visitors. To this end the website operator receives a range of use data e.g. site visits, dwell time, operating system used and origin of the user. Google may compile this data into a profile which is then assigned to the respective user and/or their terminal device.

Google Analytics uses technologies which permit recognition of the user for the purposes of the analysis of the user behaviour (e.g. cookies or Device-Fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA, where it is stored.

The use of this analysis tool takes place on the basis of art. 6 para. 1 section f GDPR. The website operator has a legitimate interest in the analysis of the user behaviour, to optimise its advertising offer and its advertising. Inasmuch as a corresponding consent has been requested (e.g. consent to store cookies), this takes place exclusively on the basis of art. 6 para. 1 section a GDPR; Consent can be revoked at any time.

Data transfer to the USA is based on the standard contract clauses of the EU Commission. You can find details here: privacy.google.com/businesses/controllerterms/mccs/.

IP anonymising

We have activated the IP anonymising function on this website. This means that your IP address will be abbreviated by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area before being transmitted to the USA. In a few exceptional circumstances the complete IP address will be transmitted to a server of Google in the USA and abbreviated there. On behalf of the operator of this website Google will use this information to analyse the use of its website, to compile reports about the website activities and to provide more services to the website operator connected to the website use and use of the internet. The IP address communicated by your browser within the scope of Google Analytics is not merged with other Google data.

Browser Plugin

You can prevent the recording and processing of your data by Google by downloading and installing the browser plugin available from the following link: tools.google.com/dlpage/gaoptout.

More information about the handling of user data by Google Analytics can be found in the Google privacy policy:

support.google.com/analytics/answer/6004245.

Order processing

We have concluded a contract with Google for Order processing, and we implement in full the strict regulations of the German data protection authorities over the use of Google Analytics.

Demographic characteristics with Google Analytics

This website uses the "demographic characteristics" of Google Analytics to be able to display suitable ads within the Google advertising network to website visitors. In this way, reports can be produced which contain the age, gender and interests of the site visitor. This data is from interest-based advertising from Google and from third-party visitor data. This data cannot be assigned to individuals. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown in the section "Objection to data collection".

Storage duration

Data stored by Google at user and event level, which is linked to cookies, user identifiers (e.g. User ID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) will be anonymised or deleted after 14 months. For further details see the following link: support.google.com/analytics/answer/7667196

Google Analytics Audiences

We also use Google Audiences, another web analysis service of Google. This service collects and stores data from which pseudonymised use profiles are created. Through this technology, users who have visited our website can be shown targeted advertising from us on other external sites of the Google Partner Network.

Google Analytics Audience uses, amongst other things, cookies which are stored on your computer and other mobile devices (e.g. smartphones, tablets etc.) and which permit analysis of the use of corresponding appliances. Some data in this case are analysed across appliances. In this case Google Analytics Audience obtains access to the cookies created in the context of the use of Google Analytics. During use, data, such as in particular the IP address and activities of the user, may be transmitted to a server of the company Google LLC and stored there. Google LLC may transmit this information to third parties where this is a statutory requirement or where processing of this data is carried out by a third party. You can prevent the collection and forwarding of personal data (in particular your IP address) and the processing of this data by deactivating the execution of Java Script in your browser or installing a tool such as 'NoScript'. You can also prevent the collection of data generated by the Google cookie and related to your use of the website (incl. your IP address) by Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link (http://tools.google.com/dlpage/gaoptout?hl=de). You can find further information about data protection and the use of Google Analytics Audience under the following link: support.google.com/analytics/answer/2700409 left=en&ref_topic=2611283.

Google Ads

The website operator uses Google Ads. Google Ads is an Online ad program of the Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to run advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be run on the basis of the user data available to Google (e.g. location data and interests) (target group targeting). As a website operator, we can evaluate this data quantitatively by analysing, for example, which search terms have led to the display of our advertisements and how many advertisements have led to corresponding clicks.

The use of Google Ads takes place based on art. 6 para. 1 section f GDPR. The website operator has a legitimate interest in the most effective possible marketing of its service products.

Data transfer to the USA is based on the standard contract clauses of the EU Commission. You can find details here:

policies.google.com/privacy/frameworks and privacy.google.com/businesses/controllerterms/mccs/.

Google Remarketing

This website uses the functions of Google Analytics Remarketing. The supplier is Google Ireland Limited, ("Google") Gordon House, Barrow Street, Dublin 4, Ireland.

Google Remarketing analyses your use behaviour on our website (e.g. click on certain products) in order to classify you into certain advertising target groups and then play you suitable advertising messages when you visit other online offers (remarketing or retargeting).

Furthermore, the advertising target groups created with Google Remarketing can be linked with Google's cross-device functions. In this way, interest-based, personalised advertising messages that have been adapted to you on one terminal device (e.g. mobile phone) depending on your previous usage and surfing behaviour can also be displayed on another of your terminal devices (e.g. tablet or PC).

If you have a Google account, you can object to personalised advertising using the following link: www.google.com/settings/ads/onweb/.

The use of Google Remarketing takes place based on art. 6 para. 1 section f GDPR. The website operator has a legitimate interest in the most effective possible marketing of its products. If corresponding consent has been requested, the processing takes place exclusively based on art. 6 para. 1 section a GDPR; Consent can be revoked at any time.

You can find further information and the data protection provisions in the Google privacy policy under: policies.google.com/technologies/ads.

Target group formation with customer comparison

Amongst other things we use Google Remarketing to form target groups. Therefore we pass on specific customer data (e.g. e-mail address) from our customer lists to Google. If the affected customers are Google users and are logged into their Google account they will be shown appropriate advertising messages within the Google network (e.g. in YouTube, Gmail or in the search engine).

Google Dynamic Remarketing

This website uses the functions of Google Dynamic Remarketing, a service of Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland. Google Dynamic Remarketing enables us to show you our advertisements when you continue to use the internet after visiting our website. This is done by means of cookies stored in your browser, via which your usage behaviour is recorded and evaluated by Google when you visit different websites. In this way, Google can determine your previous visit to our website. According to Google, the data collected in the course of remarketing will not be merged with your personal data that may be stored by Google. According to Google, pseudonymisation is used in remarketing.

We use Google Dynamic Remarketing for marketing and optimisation purposes, to serve ads that are relevant and interesting to you, to improve campaign performance reports and to achieve a fair calculation of advertising costs. Herein lies our legitimate interest in the processing of the above data by the third-party provider. The legal basis for this is art. 6 para. 1 p. 1 section f) GDPR.

You can prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in the settings of your web browser. We would like to point out that in this case you may not be able to use all the functions of our website to their full extent. You can also prevent the storage of cookies by setting your web browser to block cookies from the domain "www.googleadservices.com" (https://www.google.de/settings/ads). Please note that this setting will be deleted when you delete your cookies. In addition, you can deactivate interest-based ads via the link optout.aboutads.info. Please note that this setting will be deleted when you delete your cookies.

Further information on data use by Google, on setting and objection options and on data protection can be found on the following Google web sites:

Privacy policy: policies.google.com/privacy

Google website statistics: services.google.com/sitestats/de.html

Google Conversion Tracking

This website uses Google Conversion Tracking. The supplier is Google Ireland Limited, ("Google") Gordon House, Barrow Street, Dublin 4, Ireland.

Google conversion tracking allows Google and us to see whether the user has taken certain actions. For example, we can evaluate which buttons on our website were clicked how often and which products were viewed or purchased particularly frequently. This information is designed for the creation of Conversion Statistics. We get told the total number of users to have clicked on our display and what actions they have performed. We do not obtain any information with which we can identify the users personally. Google itself uses only identification Cookies or comparable recognition technologies.

The use of Google Conversion Tracking takes place based on art. 6 para. 1 section f GDPR. The website operator has a legitimate interest in the analysis of the user behaviour, to optimise its advertising offer and its advertising. Inasmuch as a corresponding consent has been requested (e.g. consent to store cookies), this takes place exclusively on the basis of art. 6 para. 1 section a GDPR; Consent can be revoked at any time.

More information about Google Conversion Tracking can be found in Google's privacy policy:

policies.google.com/privacy.

Facebook Pixel

This website uses Facebook's visitor action pixel to measure conversions. The supplier of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.

In this way, the behaviour of site visitors can be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of Facebook ads to be evaluated for statistical and market research purposes and to optimise future advertising measures.

The data collected is anonymous for us as the operator of this website and we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook Data Use Policy. This allows Facebook to offer ads on Facebook pages as well as outside of Facebook. This use of data cannot be influenced by us as the site operator.

The use of Facebook-Pixel takes place based on art. 6 para. 1 section f GDPR. The website operator has a legitimate interest in effective advertising measures, including on social media. Inasmuch as a corresponding consent has been requested (e.g. consent to store cookies), this takes place exclusively on the basis of art. 6 para. 1 section a GDPR; Consent can be revoked at any time.

Data transfer to the USA is based on the standard contract clauses of the EU Commission. You can find details here:

www.facebook.com/legal/EU_data_transfer_addendum and

de-de.facebook.com/help/566994660333381.

Facebook's privacy policy contains further information about protecting your private sphere: de-de.facebook.com/about/privacy/.

You can also deactivate the remarketing function "Custom Audiences" in the settings area for advertisements under www.facebook.com/ads/preferences/. You must be logged in to Facebook to do this.

If you do not have a Facebook account, you can disable Facebook's usage-based advertising on the European Interactive Digital Advertising Alliance website:

www.youronlinechoices.com/de/praferenzmanagement/.

LinkedIn Analytics

This website uses "LinkedIn Analytics", a service of LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn Analytics saves and stores user information about your user behaviour on our Internet site. LinkedIn Analytics uses, among other things, cookies, i.e. small text files which are stored locally in the cache of your web browser on your terminal device and which enable an analysis of your use of our website.

We use LinkedIn Analytics for marketing and optimisation purposes, to analyse the use of our website and to continuously improve individual functions and offers as well as the user experience. Through the statistical evaluation of user behaviour, we can improve our offer and make it more interesting for you as a user. Herein lies our legitimate interest in the processing of the above data by the third-party provider. The legal basis for this is art. 6 para. 1 p. 1 section f) GDPR.

You can prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in the settings of your web browser. We would like to point out that in this case you may not be able to use all the functions of our website to their full extent. You can also prevent the collection of the aforementioned information by LinkedIn by setting an opt-out cookie on one of the websites linked below:

www.linkedin.com/psettings/guest-controls

optout.aboutads.info

www.youronlinechoices.com/de/praferenzmanagement/

Please note that this setting will be deleted when you delete your cookies. You can object to the collection and forwarding of personal data or prevent the processing of this data by deactivating the execution of Java Script in your browser. In addition, you can prevent the execution of Java-Script code altogether by installing a Java-Script blocker. (e.g. noscript.net or www.ghostery.com). We would like to point out that in this case you may not be able to use all the functions of our website to their full extent.

You can find further information of the third-party supplier LinkedIn Ireland Unlimited Company For Data protection from the following website: www.linkedin.com/legal/privacy-policy

Marketing Solutions (formerly LinkedIn Ads)

This website uses "Marketing Solutions (formerly LinkedIn Ads)", a service of LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. Marketing Solutions saves and stores user information about your user behaviour on our Internet site. Marketing Solutions uses, among other things, cookies, i.e. small text files which are stored locally in the cache of your web browser on your terminal device and which enable an analysis of your use of our website.

We use Marketing Solutions for marketing and optimisation purposes, to analyse the use of our website and to continuously improve individual functions and offers as well as the user experience. Through the statistical evaluation of user behaviour, we can improve our offer and make it more interesting for you as a user. Herein lies our legitimate interest in the processing of the above data by the third-party provider. The legal basis for this is art. 6 para. 1 p. 1 section f) GDPR.

You can prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in the settings of your web browser. We would like to point out that in this case you may not be able to use all the functions of our website to their full extent. You can also prevent the collection of the aforementioned information by LinkedIn by setting an opt-out cookie on one of the websites linked below:

www.linkedin.com/psettings/guest-controls

optout.aboutads.info

www.youronlinechoices.com/de/praferenzmanagement/

Please note that this setting will be deleted when you delete your cookies. You can object to the collection and forwarding of personal data or prevent the processing of this data by deactivating the execution of Java Script in your browser. In addition, you can prevent the execution of Java-Script code altogether by installing a Java-Script blocker. (e.g. noscript.net or www.ghostery.com). We would like to point out that in this case you may not be able to use all the functions of our website to their full extent.

You can find further information of the third-party supplier LinkedIn Ireland Unlimited Company For Data protection from the following website: www.linkedin.com/legal/privacy-policy

7. Newsletter

Sendinblue

This website uses Sendinblue to send out newsletters. The supplier is Sendinblue GmbH, Köpenicker Street 126, 10179 Berlin, Germany.

Sendinblue is a service with which amongst other things the sending of newsletters can be organised and analysed. The data you enter for the purpose of receiving the newsletter will be stored on Sendinblue's servers in Germany.

Data analysis by Sendinblue

With the help of Sendinblue, we can analyse our newsletter campaigns. For example, we can see whether a newsletter message has been opened and which links, if any, have been clicked. In this way, we can determine, among other things, which links have been clicked on particularly often.

In addition, we can see whether certain previously defined actions have been carried out after opening/clicking (conversion rate). This enables us to see, for example, whether you have made a purchase after clicking on the newsletter.

Sendinblue also allows us to subdivide newsletter recipients according to different categories ("clusters"). The newsletter recipients can be subdivided according to age, gender or place of residence, for example. In this way, the newsletters can be better adapted to the respective target groups.

If you do not want to be included in Sendinblue analysis, you must unsubscribe from the newsletter. We provide a link for this in every newsletter message.

For detailed information on the functions of Sendinblue, click on the following link: de.sendinblue.com/newsletter-software/.

Legal basis

Data processing takes place based on your consent (type. 6 para. 1 section a GDPR). You can revoke this consent at any time. The lawfulness of the data processing operations already carried out remains unaffected by the revocation.

Storage duration

The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data that has been stored by us for other purposes remains unaffected by this.

After you have unsubscribed from the newsletter distribution list, your e-mail address will be stored by us or the newsletter service provider in a blacklist, if necessary, to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of art. 6 para. 1 section f GDPR). Storage in the blacklist is not time limited. You can object to the storage if your interests outweigh our legitimate interest.

Find out more about the data protection regulations of Sendinblue at: de.sendinblue.com/datenschutz-uebersicht/.

Conclusion of a contract for order processing

We have concluded a contract with Sendinblue in which Sendinblue undertakes to protected the data of our customers and will not forward data to third parties.

8. Plugins and tools

YouTube with enhanced data protection

This website includes videos from YouTube. The site operator is Google Ireland Limited, ("Google") Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in enhanced data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the disclosure of data to YouTube partners is not necessarily excluded by the enhanced data protection mode. YouTube establishes a connection to the Google DoubleClick network, regardless of whether you watch a video.

As soon as you start a YouTube video on this website, a connection to YouTube's servers is established. This tells the YouTube server which of our sites you have visited.

If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, after starting a video, YouTube may store various cookies on your terminal device or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve the user experience and prevent fraud attempts.

If applicable, further data processing operations may be triggered after the start of a YouTube video over which we have no control.

YouTube is used in the interest of presenting our online offers attractively. This represents a legitimate interest within the meaning of art. 6 para. 1 section f GDPR. If corresponding consent has been requested, the processing takes place exclusively based on art. 6 para. 1 section a GDPR; Consent can be revoked at any time.

You can find further information about data protection in the case of YouTube in its privacy policy under: policies.google.com/privacy.

Google Web Fonts (local hosting)

This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. There is no connection made to Google servers.

You can find further information about Google Web Fonts under developers.google.com/fonts/faq and in Google's privacy policy: policies.google.com/privacy.

Font Awesome

This site uses Font Awesome for the uniform display of fonts and symbols. The supplier is Fonticons, Inc., 6 Porter Road Apartment 3R, Cambridge, Massachusetts, USA.

When you call up a page, your browser loads the required fonts into your browser cache to display texts, fonts and symbols correctly. For this purpose, the browser you use must connect to Font Awesome's servers. This enables Font Awesome to know that your IP address has been used to access this website. The use of Font Awesome takes place based on art. 6 para. 1 section f GDPR. We have a justified interest in the unified presentation of the fonts on our website. Inasmuch as a corresponding consent has been requested (e.g. consent to store cookies), this takes place exclusively on the basis of art. 6 para. 1 section a GDPR; Consent can be revoked at any time.

If your browser does not support Font Awesome, a standard font from your computer is used.

You can find further information about Font Awesome in the privacy policy of Font Awesome under: fontawesome.com/privacy.

Google Maps

This site uses the Google Maps mapping service. The supplier is Google Ireland Limited, ("Google") Gordon House, Barrow Street, Dublin 4, Ireland.

Use of the functions of Google Maps requires your IP-address to be saved. This information is generally transferred to a server of Google in the USA and stored there. The provider of this site has no influence on this data transfer.

Google Maps is used in the interest of the attractive presentation of our online offers and to make it easy to find the places we indicate on the website. This represents a legitimate interest within the meaning of art. 6 para. 1 section f GDPR. If corresponding consent has been requested, the processing takes place exclusively based on art. 6 para. 1 section a GDPR; Consent can be revoked at any time.

Data transfer to the USA is based on the standard contract clauses of the EU Commission.

You can find details here:

privacy.google.com/businesses/gdprcontrollerterms/ and privacy.google.com/businesses/gdprcontrollerterms/sccs/.

More information about the handling of user data can be found in the Google privacy policy:

policies.google.com/privacy.

Google reCAPTCHA

We use "Google reCAPTCHA" (hereinafter referred to as "reCAPTCHA") on this website. The supplier is Google Ireland Limited, ("Google") Gordon House, Barrow Street, Dublin 4, Ireland.

The purpose of reCAPTCHA is to check whether the data input on this website (e.g. in a contact form) is made by a human or by an automated programme. For this purpose, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. This analysis starts automatically, as soon as the website visitor visits the website. For analysis purposes, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.

The storage and analysis of the data takes place based on art. 6 para. 1 section f GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated spying and from SPAM. If corresponding consent has been requested, the processing takes place exclusively based on art. 6 para. 1 section a GDPR; Consent can be revoked at any time.

For more information about Google reCAPTCHA, please see the Google Privacy Policy and the Google Terms of Service at the following links:

policies.google.com/privacy and policies.google.com/terms left=de.

tawk.to

To handle user requests through our support channels or live chat systems, we use tawk.to, inc. 187 E Why Springs Rd, SB298, Las Vegas, Nevada 89119, USA (hereinafter referred to as: "tawk.to").

Messages that you send to us can be stored in the tawk.to ticket system or answered in the live chat by our staff. Furthermore, with the help of tawk.to we can determine, among other things, from which region the enquirer comes, how long they have been communicating with us and how satisfied they are with the communication process.

Messages sent to us remain with us until you request us to delete them or the purpose for storing the data no longer applies (e.g. after we have completed processing your enquiry). Mandatory statutory provisions – esp. retention periods – are unaffected.

The use of tawk.to takes place based on art. 6 para. 1 section f GDPR. We have a legitimate interest in as far as possible the rapid, dependable and efficient processing of your inquiry. If corresponding consent has been requested, the processing takes place exclusively based on art. 6 para. 1 section a GDPR; Consent can be revoked at any time.

Data transfer to the USA is based on the standard contract clauses of the EU Commission. You can find details here:

www.tawk.to/privacy-policy/ and www.tawk.to/data-protection/gdpr/.

You can find further information in the privacy policy of tawk.to:

www.tawk.to/privacy-policy/ and www.tawk.to/data-protection/.

Contract for order processing

We have concluded a contract for order processing with tawk.to. This is a contract required by data protection law, which ensures that tawk.to only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

Edudip

We offer online seminars in our events offer. For these we use the edudip software solution from edudip GmbH, Jülicher Street 306, 52070 Aachen.

The edudip software uses personal data in accordance with the specifications of the GDPR. Processing by edudip GmbH is used for the provision, support and the operation of the service. edudip GmbH is the order processor in the sense of art. 28 GDPR.

To provide the services edudip GmbH uses the following personal data:

- First name, surname, email address

This data must be provided by the user.

- In addition, technical data are processed e.g.

- browser type, browser version,

- operating system (referrer) used,

- host name of the accessing computer,

- time of the server request and IP address

of edudip GmbH.

During and after online seminars statistical data is collected and sent to us. Participation in an online seminar and answering questions provides edudip with information about the participation time and the questions answered. The audio-visual information transmitted by the lecturer is recorded. This data is used for further support and to improve our services or the user experience. When participating in the online seminar you agree not making records or screen shots.

The legal basis for the use of your data is art. 6 para. 1 section a. GDPR. The use of the software and the processing described above enables us to conduct online presentations and webinars.

You can find further information in the privacy policy of Edudip:

www.edudip.com/de/datenschutz.

Conclusion of a contract for order processing

We have concluded a contract with edudip GmbH in which we obligate the company to protect the data of our interested parties and customers and not to forward data to third parties.

yumpu.com online catalogues

Our website uses plugins from the site Yumpu to present our online magazine. The supplier is i-magazine AG, Gewerbestrasse 3, 9444 Diepoldsau, Switzerland.

Yumpu provides a digital platform for publication of magazines, brochures or catalogues. With Yumpu the contents of PDF files are presented as Flipbooks and displayed directly within the web browser, without the PDF files being loaded.

Switzerland is accredited by the European Commission in accordance with art. 45 GDPR as a state with an appropriate data privacy level.

When you visit pages on our site with a Yumpu plugin, a connection is made to the servers of Yumpu. This tells the Yumpu server which of our pages you have visited. When you access online magazines on our website, a connection is established to Yumpu's servers in Switzerland. Accessing the online magazines requires that Yumpu is aware of the user's IP address, as without the IP address, the content cannot usually be sent to your browser.

9. In-house services

Handling of applicant data

We offer you the opportunity to apply to us (e.g. by e-mail, post or via online application form). In the following, we inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data will be carried out in accordance with applicable data protection law and all other statutory provisions and that your data will be treated in strict confidence.

Scope and purpose of data collection

When you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes taken during interviews, etc.) to the extent that this is necessary to decide on the establishment of an employment relationship. The legal basis for this is § 26 German Data Protection Act (BDSG)-new in accordance with German law (Initiation of an employment relationship), art. 6 para. 1 section b GDPR (general contract initiation) and – provided you have given your consent – art. 6 para. 1 section a GDPR. Consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.

If your application is successful, the data provided by you is stored on our data processing systems on the basis of § 26 New German Data Protection Act (BDSG-neu) and art. 6 para. 1 section b GDPR for the purposes of the execution of the employment relationship.

Retention period of the data

If we are unable to make you a job offer, if you reject a job offer or withdraw your application, we reserve the right to keep the data you have provided on the basis of our legitimate interests (art. 6 para. 1 section f GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application).

Thereafter the data is deleted and the physical application documents are destroyed. Data storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), the data will only be deleted when the purpose for continued retention no longer applies.

A longer retention period may also be applied if you have given your consent to this (art. 6 para. 1 section a GDPR) or when statutory retention obligations prohibit deletion.

Inclusion into the applicant pool

If we do not make you a job offer, we may be able to include you in our pool of applicants. In this case, all documents and details from the application will be transferred to the applicant pool in order to contact you in case of suitable vacancies.

Addition to the applicant pool happens exclusively on the basis of your explicit consent (art. 6 para. 1 section a GDPR). The issue of the consent is voluntary and does not relate to the ongoing application process. The affected party can revoke consent at any time. In this case, the data will be irrevocably deleted from the applicant pool, unless there are legal reasons for retention.

The data from the applicant pool will be irrevocably deleted no later than two years after consent has been given.