The operator takes the protection of your data seriously and complies with the laws on data protection. These laws serve to protect natural persons when processing personal data. Personal data is any information relating to an identified or identifiable natural person. Such data is processed only to the extent necessary for the performance of any contract or for the provision and improvement of the Platform. Processing for contract execution only takes place if you initiate or conclude a contract with the operator; in this respect, reference is made to the user contract as a supplement. Processing for the purpose of provision and improvement only takes place if this is stated below or in a separate consent, ordered by authorities or courts or otherwise provided for by law. The data is processed by the operator only in the member states of the European Union (EU). In particular, the Internet servers used by the Operator for data processing are therefore located in the Member States of the EU. A transfer to a third country or an international organization does not take place in principle.
The data you provide in a form on the Platform is processed when you use the form, namely after you submit the form. This is data for contacting you and, if you are a customer of the operator, the data on your customer account. Personal data that you send via a form provided for this purpose is generally transmitted to the operator’s servers in encrypted form.
Mautic – an open source marketing tool – is used for the contact forms on this website. This tool is operated exclusively on the virtual servers of the operator in Germany.
If you contact the operator via a form, the data you provide in the contact form will be transmitted in encrypted form to the operator’s servers and stored. A general transfer of data to third parties does not take place.
The data transferred to your person will only be used for processing your request. If it is an inquiry in connection with data processing that the operator performs on behalf of a customer, the operator will forward your inquiry in encrypted form to the respective customer. A reply will generally be sent by email, which will also be transmitted in encrypted form, provided that your mail service provider supports this. After final processing of the request, your personal data that you provided in the contact form or in response to a reply from the operator will be deleted. This does not apply insofar as the data is still required for the execution of the contract or statutory retention obligations are opposed; in this respect, however, the processing of your data is restricted.
As a customer of the Operator, a customer account will be set up for you. In this respect, the data provided in the user agreement and, if applicable, later via the forms in the customer account, in particular your contact and campaign data, will be stored on the servers of the operator. You can view the stored data at any time via the customer account and correct or complete it via the forms in the settings. For this purpose, you can of course also contact the operator personally, for example by e-mail to the address mentioned at the beginning. The same applies to a deletion of the customer account. However, your data can only be deleted when it is no longer required for the execution of the contract and there are no legal obligations to retain data; until then, however, the processing of your data will be restricted, in particular the customer account will be blocked.
The data that the operator requires either for the provision or the improvement of the platform is processed independently of the form. In particular, this may involve browser cookies and access logs, whereby the data is generally transmitted in encrypted form.
The use of the platform and the delivery of advertising are statistically evaluated. For this purpose and in order to prevent misuse of the platform, an access log is created by the operator. In the log, data on access to the platform and the retrieval of advertising is stored. This is the data that is transmitted to the platform by your browser when a connection is established. That is, it is your IP address, the time of access or retrieval, which address (URL) was accessed, whether the access was successful and how large the data transmitted by the platform was. If your browser transmits the respective data, the previous address (referrer) and information about the operating system and browser used (e.g. version) are also stored; however, you can prevent the transmission of this data via the settings of your browser. The logs are statistically evaluated, also for the customers who use the platform for advertising delivery. The evaluation can be used to determine when which advertising was delivered to which Internet page or app. This means that the logged data can only be taken from the statistics to a limited extent; in particular, the last quarter (octet) of the IP address is always blacked out. This means that such an analysis does not allow you to identify yourself. To prevent misuse, the logs are encrypted and stored separately from the statistics. The logs are only decrypted and combined with other data in the event of a concrete suspicion of misuse, in which case the management and the data protection officer of the operator and, if necessary, of the customer concerned are consulted. The logs are deleted as soon as they are no longer required to prevent misuse. The deletion shall take place no later than three months after the end of the calendar month in which the data was logged.
You have the following rights with respect to personal data concerning you:
You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
The legal provisions for data protection can be found in particular in the Federal Data Protection Act (BDSG) and the Telemedia Act (TMG). As of May 25, 2018, however, the General Data Protection Regulation (DSGVO) shall apply with priority. Insofar as you have given your express consent to the processing of your data, this is also the legal basis for the processing of data for the purposes to which you have consented (Art. 6 (1) a DSGVO). Insofar as the processing is necessary for the performance or initiation of a contract, this forms the legal basis (Art. 6 para. 1 letter b DSGVO). These are contracts of use concluded between you and the operator or initiated at your request. In addition, the legal basis for data processing is the protection of the legitimate interests of the operator (Art. 6 para. f DSGVO). These are the economic interest in the operation of the platform, in particular in the delivery of target group and interest-based advertising. There is no automated decision-making including profiling within the meaning of Art. 22 DSGVO. In particular, the assignment to advertising characteristics does not have any legal effect on you or significantly affect you in a similar way.
Taking into account the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risks to your rights and freedoms, the Operator shall implement appropriate technical and organizational measures to ensure that data is processed in accordance with the law. The measures are taken in consideration of the state of the art and include, in particular, encryption of your data. The facilities and systems on which the data are processed are protected against unauthorized access, both physically and digitally. In particular, the operator’s servers are password protected. By regularly testing and updating the software used, the operator prevents security gaps that could allow misuse of your data. In this context, only those persons (employees) subordinate to the operator who require this for the fulfillment of their tasks are granted access to personal data, and only to the extent necessary in each case. The operator’s employees are instructed in advance in data processing and are bound to secrecy. Data is protected against loss by regular backups and can be restored at any time. The default settings of the systems ensure that, as a matter of principle, only personal data whose processing is necessary for the respective processing purpose is processed. This implements data protection principles such as data minimization. In addition, the operator ensures the confidentiality, integrity, availability and resilience of the systems through the technical and organizational measures. Compliance with data protection regulations is reviewed regularly and the measures are updated as necessary.
This data protection declaration is currently valid and has a status of Jul. 11, 2022.
Due to the further development of our platform or due to changes in legal or regulatory requirements, it may become necessary to amend this data protection declaration.