Facebook Privacy Policy

Facebook Privacy Policy Summary
👥 Affected: Visitors to the website
🤝 Purpose: Optimization of our service
📓 Data processed: data such as customer data, user behavior data, information about your device and your IP address.
More details can be found below in the data protection declaration.
📅 Storage period: until the data is no longer useful for Facebook's purposes
⚖️ Legal basis: Article 6 paragraph 1 lit. a GDPR (consent), Article 6 paragraph 1 lit. f GDPR (legitimate interests)

​

What are Facebook tools?

We use selected Facebook tools on our website. Facebook is a social media network of the company Meta Platforms Inc. or for the European area of the company Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. These tools allow us to offer you and people who are interested in our products and services the best possible offer.

If data is collected and forwarded from you via our embedded Facebook elements or via our Facebook page (fan page), both we and Facebook Ireland Ltd. responsible for. Facebook is solely responsible for the further processing of this data. Our joint commitments were also reflected in a publicly available agreement at https://www.facebook.com/legal/controller_addendum anchored. This states, for example, that we must clearly inform you about the use of Facebook tools on our site. Furthermore, we are also responsible for ensuring that the tools are securely integrated into our website in accordance with data protection law. Facebook, on the other hand, is responsible for the data security of Facebook products, for example. If you have any questions about data collection and data processing by Facebook, you can contact the company directly. If you address the question to us, we are obliged to forward it to Facebook.

Below we provide an overview of the various Facebook tools, what data is sent to Facebook and how you can delete this data.

In addition to many other products, Facebook also offers the so-called “Facebook Business Tools”. This is the official name of Facebook. But since the term is hardly known, we decided to just call them Facebook tools. These include, among others:

• Facebook pixel

• social plug-ins (such as the "Like" or "Share" button)

• Facebook login

• Account Kit

• APIs (programming interface)

• SDKs (collection of programming tools)

• Platform Integrations

• plugins

• codes

• specifications

• documentations

• Technologies and Services

Through these tools, Facebook expands its services and has the ability to receive information about user activities outside of Facebook.

​

Why do we use Facebook tools on our website?

We only want to show our services and products to people who are really interested in them. With the help of advertisements (Facebook ads) we can reach exactly these people. In order to be able to show users appropriate advertising, however, Facebook needs information about people's wishes and needs. Information about user behavior (and contact details) is made available to the company on our website. As a result, Facebook collects better user data and can show interested people appropriate advertising about our products or services. The tools thus enable tailor-made advertising campaigns on Facebook.

Facebook calls data about your behavior on our website “event data”. These are also used for measurement and analysis services. Facebook can thus create "campaign reports" on our behalf about the effect of our advertising campaigns. Furthermore, through analyzes we get a better insight into how you use our services, website or products. As a result, we use some of these tools to optimize your user experience on our website. For example, you can use the social plug-ins to share content on our site directly on Facebook.

​

What data is stored by Facebook tools?

By using individual Facebook tools, personal data (customer data) can be sent to Facebook. Depending on the tools used, customer data such as name, address, telephone number and IP address can be sent.

Facebook uses this information to match the data with the data it has from you (if you are a Facebook member). Before customer data is transmitted to Facebook, so-called "hashing" takes place. This means that a data set of any size is transformed into a character string. This is also used to encrypt data.

In addition to the contact data, "event data" is also transmitted. "Event data" means the information that we receive about you on our website. For example, which subpages you visit or which products you buy from us. Facebook does not share the information it receives with third parties (such as advertisers) unless the company has explicit permission or is legally required to do so. "Event data" may also be linked to contact information. This allows Facebook to offer better personalized advertising. After the matching process already mentioned, Facebook deletes the contact data again.

In order to be able to deliver advertisements in an optimized manner, Facebook only uses the event data if it has been combined with other data (which was collected by Facebook in a different way). Facebook also uses this event data for security, protection, development and research purposes. Much of this data is transmitted to Facebook via cookies. Cookies are small text files that are used to store data or information in browsers. Depending on the tools used and whether you are a Facebook member, a different number of cookies will be created in your browser. In the descriptions of the individual Facebook tools, we go into more detail about individual Facebook cookies. You can also find general information about the use of Facebook cookies at https://www.facebook.com/policies/cookies.

​

How long and where is the data stored?

In principle, Facebook stores data until it is no longer required for its own services and Facebook products. Facebook has servers all over the world where its data is stored. However, customer data will be deleted within 48 hours after it has been compared with your own user data.

​

How can I delete my data or prevent data storage?

In accordance with the General Data Protection Regulation, you have the right to information, correction, transferability and deletion of your data.

The data will only be completely deleted if you completely delete your Facebook account. And this is how deleting your Facebook account works:

1) Click Settings on the right side of Facebook.

2) Then click on "Your Facebook Information" in the left column.

3) Now click “Deactivation and Deletion”.

4) Now select “Delete Account” and then click “Next and Delete Account”

5) Now enter your password, click on "Next" and then on "Delete Account"

The data that Facebook receives via our site is stored, among other things, via cookies (e.g. in the case of social plugins). You can deactivate, delete or manage individual or all cookies in your browser. Depending on which browser you use, this works in different ways. Under the "Cookies" section you will find the relevant links to the relevant instructions for the most popular browsers.

If you generally do not want any cookies, you can set up your browser so that it always informs you when a cookie is to be set. You can decide for each individual cookie whether you allow it or not.

​

legal basis

If you have consented to your data being processed and stored by integrated Facebook tools, this consent is the legal basis for data processing (Article 6 paragraph 1 lit. a GDPR). In principle, your data will also be processed on the basis of our legitimate interest (Article 6 paragraph 1 lit. f GDPR) stored and processed in a fast and good communication with you or other customers and business partners. However, we only use the tools if you have given your consent. Most social media platforms also set cookies on your browser to store data. We therefore recommend that you read our privacy statement on cookies carefully and consult Facebook's privacy policy or cookie policy.

Facebook also processes your data in the USA, among other places. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks for the legality and security of data processing.

Facebook uses so-called standard contractual clauses (= Art. 46 Para. 2 and 3 GDPR) as the basis for data processing by recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data also comply with European data protection standards if they are transferred to third countries (such as the USA) and stored there. Through these clauses, Facebook undertakes to comply with European data protection standards when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementation decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Facebook data processing terms, which correspond to the standard contractual clauses, can be found under https://www.facebook.com/legal/terms/dataprocessing.

We hope we have given you the most important information about the use and data processing by the Facebook tools. If you want to learn more about how Facebook uses your data, we recommend the data guidelines on https://www.facebook.com/about/privacy/update.

​

Instagram Privacy Policy

Instagram Privacy Policy Summary
👥 Affected: Visitors to the website
🤝 Purpose: Optimization of our service
📓 Data processed: Data such as user behavior data, information about your device and your IP address.
More details can be found below in the data protection declaration.
📅 Storage period: until Instagram no longer needs the data for its purposes
⚖️ Legal basis: Article 6 paragraph 1 lit. a GDPR (consent), Article 6 paragraph 1 lit. f GDPR (legitimate interests)

​

What is Instagram?

We have integrated Instagram functions on our website. Instagram is a social media platform operated by Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Instagram has been a subsidiary of Meta Platforms Inc. since 2012 and is one of the Facebook products. Embedding Instagram content on our website is called embedding. This enables us to show you content such as buttons, photos or videos from Instagram directly on our website. If you call up web pages on our website that have an integrated Instagram function, data will be transmitted to Instagram, stored and processed. Instagram uses the same systems and technologies as Facebook. Your data will thus be processed across all Facebook companies.

In the following we would like to give you a more detailed insight into why Instagram collects data, what data it is and how you can largely control the data processing. Since Instagram is owned by Meta Platforms Inc., we get our information from the Instagram policies on the one hand, but also from the Meta Privacy Policy on the other.

Instagram is one of the most well-known social media networks worldwide. Instagram combines the advantages of a blog with the advantages of audiovisual platforms such as YouTube or Vimeo. You can upload photos and short videos to "Insta" (as many users casually call the platform), edit them with various filters and also share them on other social networks. And if you don't want to be active yourself, you can just follow other interesting users.

​

Why do we use Instagram on our website?

Instagram is the social media platform that has really taken off in recent years. And of course we also reacted to this boom. We want you to feel as comfortable as possible on our website. Therefore, a varied preparation of our content is a matter of course for us. The embedded Instagram functions allow us to enrich our content with helpful, funny or exciting content from the Instagram world. Since Instagram is a subsidiary of Facebook, the data collected can also be useful for personalized advertising on Facebook. In this way, our advertisements only get to people who are really interested in our products or services.

Instagram also uses the collected data for measurement and analysis purposes. We get summarized statistics and thus more insight into your wishes and interests. It is important to note that these reports do not personally identify you.

​

What data is stored by Instagram?

When you come across one of our pages that has Instagram features (such as Instagram images or plugins) built in, your browser automatically connects to Instagram's servers. Data is sent to Instagram, stored and processed. This is regardless of whether you have an Instagram account or not. This includes information about our website, about your computer, about purchases made, about advertisements that you see and how you use our offer. Furthermore, the date and time of your interaction with Instagram are also saved. If you have an Instagram account or are logged in, Instagram stores significantly more data about you.

Facebook distinguishes between customer data and event data. We assume that this is the case with Instagram as well. Customer data are, for example, name, address, telephone number and IP address. This customer data will only be transmitted to Instagram if it has been "hashed" beforehand. Hashing means converting a record into a string. This allows you to encrypt the contact data. In addition, the “event data” mentioned above are also transmitted. Facebook – and consequently also Instagram – understands “event data” to be data about your user behavior. It can also happen that contact data is combined with event data. The contact data collected will be compared with the data that Instagram already has from you.

The collected data is transmitted to Facebook via small text files (cookies), which are usually set in your browser. Depending on the Instagram functions used and whether you have an Instagram account yourself, different amounts of data are stored.

We assume that data processing works the same on Instagram as on Facebook. That means: if you have an Instagram account or www.instagram.com , Instagram set at least one cookie. If this is the case, your browser sends information to Instagram via the cookie as soon as you come into contact with an Instagram function. This data will be deleted or made anonymous again after 90 days at the latest (after comparison). Although we have dealt intensively with Instagram's data processing, we cannot say exactly what data Instagram collects and stores.

In the following we show you cookies that are set in your browser at least when you click on an Instagram function (such as a button or an Insta image). In our test, we assume that you do not have an Instagram account. Of course, if you are logged in to Instagram, significantly more cookies will be set in your browser.

These cookies were used in our test:

​

Surname: csrftoken
Value: “”
Purpose of use: This cookie is set with high probability for security reasons to prevent forgery of requests. However, we could not find out more precisely.
Expiry Date: after a year

​

Surname: mid
Value: “”
Purpose of use: Instagram sets this cookie to optimize its own services and offers on and off Instagram. The cookie defines a unique user ID.
Expiry Date: after the end of the session

​

Surname: fbsr_112430223124024
Value: not specified
Purpose of use: This cookie stores the log-in request for users of the Instagram app.
Expiry Date: after the end of the session

​

Surname: rur
Value:ATN
Purpose of use: This is an Instagram cookie that ensures functionality on Instagram.
Expiry Date: after the end of the session

​

Surname: Urgen
Value: “{”194.96.75.33”:1901}:1iEtYv:Y833k2_UjKvXgYe112430223”
Purpose of use: This cookie is used for Instagram marketing purposes.
Expiry Date: after the end of the session

​

annotation: We cannot claim completeness here. Which cookies are set in the individual case depends on the embedded functions and your use of Instagram.

​

How long and where is the data stored?

Instagram shares the information it receives between the Facebook companies with external partners and with people you connect with around the world. Data processing is carried out in compliance with our own data policy. For security reasons, among other things, your data is distributed across the world on Facebook servers. Most of these servers are located in the USA.

​

How can I delete my data or prevent data storage?

Thanks to the General Data Protection Regulation, you have the right to information, transferability, correction and deletion of your data. You can manage your data in the Instagram settings. If you want to completely erase your data on Instagram, you need to permanently delete your Instagram account.

And this is how the Instagram account deletion works:

First, open the Instagram app. On your profile page, go down and click on "Help Center". You are now on the company's website. On the webpage, click "Manage Account" and then click "Delete Your Account".

If you delete your account entirely, Instagram will delete posts such as your photos and status updates. Information that other people have shared about you is not part of your account and consequently will not be deleted.

As already mentioned above, Instagram stores your data primarily via cookies. You can manage, deactivate or delete these cookies in your browser. Management always works a bit differently depending on your browser. Under the "Cookies" section you will find the relevant links to the relevant instructions for the most popular browsers.

You can also basically set up your browser so that you are always informed when a cookie is to be set. Then you can always decide individually whether you want to allow the cookie or not.

​

legal basis

If you have consented to your data being processed and stored by integrated social media elements, this consent is the legal basis for data processing (Article 6 paragraph 1 lit. a GDPR). In principle, your data will also be processed on the basis of our legitimate interest (Article 6 paragraph 1 lit. f GDPR) stored and processed in a fast and good communication with you or other customers and business partners. However, we only use the integrated social media elements if you have given your consent. Most social media platforms also set cookies on your browser to store data. We therefore recommend that you read our privacy statement on cookies carefully and consult the privacy statement or cookie policy of the relevant service provider.

Instagram and Facebook also process data in the USA, among other places. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks for the legality and security of data processing.

Facebook uses standard contractual clauses approved by the EU Commission (= Art. 46. Para. 2 and 3 GDPR). These clauses oblige Facebook to comply with EU data protection standards when processing relevant data outside of the EU. These clauses are based on an implementation decision of the EU Commission. You can find the decision and the clauses here: https://germany.representation.ec.europa.eu/index_de.

We have tried to give you the most important information about data processing by Instagram. Auf https://help.instagram.com/519522125107875
you can learn more about Instagram's data policies.

​

Twitter Privacy Policy

Twitter Privacy Policy Summary
👥 Affected: Visitors to the website
🤝 Purpose: Optimization of our service
📓 Data processed: Data such as user behavior data, information about your device and your IP address.
More details can be found below in the data protection declaration.
📅 Storage period: Twitter deletes data collected from other websites after 30 days at the latest
⚖️ Legal basis: Article 6 paragraph 1 lit. a GDPR (consent), Article 6 paragraph 1 lit. f GDPR (legitimate interests)

​

What is Twitter?

We have integrated functions from Twitter on our website. These are, for example, embedded tweets, timelines, buttons or hashtags. Twitter is a short message service and social media platform operated by Twitter Inc., One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland.

As far as we know, in the European Economic Area and in Switzerland, the mere integration of the Twitter function does not transfer any personal data or data about your web activities to Twitter. Only when you interact with the Twitter functions, such as clicking on a button, can data be sent to Twitter, stored and processed there. We have no influence on this data processing and bear no responsibility. As part of this data protection declaration, we want to give you an overview of what data Twitter stores, what Twitter does with this data and how you can largely protect yourself from data transmission.

For some, Twitter is a news service, for others a social media platform, and still others speak of a microblogging service. All of these terms have their place and mean more or less the same thing.

Both private individuals and companies use Twitter to communicate with interested people via short messages. Twitter only allows 280 characters per message. These messages are called "tweets". Unlike Facebook, for example, the service does not focus on expanding a network for “friends”, but wants to be understood as a worldwide and open news platform. You can also have an anonymous account on Twitter and tweets can be deleted by the company on the one hand and by the users themselves on the other.

​

Why do we use Twitter on our website?

Like many other websites and companies, we try to offer our services and services through different channels and to communicate with our customers. Twitter, in particular, has become dear to us as a useful “small” news service. Again and again we tweet or retweet exciting, funny or interesting content. We realize that you cannot follow every channel separately. After all, you have other things to do as well. That is why we have also included Twitter functions on our website. You can experience our Twitter activity 'on the spot' or follow a direct link to our Twitter page. With the integration, we want to strengthen our service and user-friendliness on our website.

​

What data does Twitter store?

On some of our subpages you will find the built-in Twitter functions. If you interact with the Twitter content, such as clicking on a button, Twitter can collect and store data. Even if you don't have a Twitter account yourself. Twitter calls this data “log data”. This includes demographic data, browser cookie IDs, your smartphone ID, hashed email addresses, and information about which pages you have visited on Twitter and what actions you have taken. Of course, Twitter stores more data if you have a Twitter account and are logged in. This storage is mostly done via cookies. Cookies are small text files that are usually set in your browser and transmit various information to Twitter.

We will now show you which cookies are set if you are not logged in to Twitter but visit a website with built-in Twitter functions. Please consider this list as an example. Under no circumstances can we guarantee completeness here, since the choice of cookies is always changing and depends on your individual actions with the Twitter content.

​

These cookies were used in our test:

​

Surname: personalization_id
Value: “v1_cSJIsogU51SeE112430223”
Purpose of use: This cookie stores information about how you use the website and what advertisements you may have come to Twitter from.
Expiry Date: after 2 years

​

Surname: long
Value: de
Purpose of use: This cookie saves your preset or preferred language.
Expiry Date: after the session ends

​

Surname: guest_id
Value: 112430223v1%3A157132626
Purpose of use: This cookie is set to identify you as a guest. 
Expiry Date: after 2 years

​

Surname: fm
Value: 0
Purpose of use: Unfortunately, we were not able to find out the intended use of this cookie.
Expiry Date: after the session ends

​

Surname: external_referer
Value: 1124302232beTA0sf5lkMrlGt
Purpose of use: This cookie collects anonymous data such as how often you visit Twitter and how long you visit Twitter.
Expiry Date: After 6 days

​

Surname: eu_cn
Value: 1
Purpose of use: This cookie stores user activity and is used for various advertising purposes by Twitter. 
Expiry Date: After a year

​

Surname: ct0
Value: c1179f07163a365d2ed7aad84c99d966
Purpose of use: Unfortunately, we did not find any information about this cookie.
Expiry Date: after 6 hours

​

Surname: _twitter_sess
Value: 53D%253D–dd0248112430223-
Purpose of use: With this cookie you can use functions within the Twitter website.
Expiry Date: after the session ends

​

annotation: Twitter also works with third parties. That's why we also recognized the three Google Analytics cookies _ga, _gat, _gid in our test.

On the one hand, Twitter uses the collected data to better understand user behavior and thus to improve its own services and advertising offers, on the other hand, the data is also used for internal security measures.

​

How long and where is the data stored?

If Twitter collects data from other websites, it will be deleted, aggregated or otherwise hidden after a maximum of 30 days. The Twitter servers are located at various server centers in the United States. It can therefore be assumed that the data collected will be collected and stored in America. After our research, we were not able to determine for sure whether Twitter also has its own servers in Europe. In principle, Twitter can store the collected data until it is no longer useful for the company, you delete the data or there is a legal deletion period.

​

How can I delete my data or prevent data storage?

In its data protection guidelines, Twitter repeatedly emphasizes that it does not store any data from external website visits if you or your browser are located in the European Economic Area or Switzerland. However, if you interact directly with Twitter, Twitter will of course also store your data.

If you have a Twitter account, you can manage your information by clicking "More" under the "Profile" button. Then click on “Settings and data protection”. Here you can manage the data processing individually.

If you don't have a Twitter account, you can go to twitter.com  and then click on "Personalization". You can manage the data you have collected under the item "Individualization and data".

As mentioned above, most data is stored via cookies and you can manage, deactivate or delete them in your browser. Please note that you only “edit” the cookies in the browser you have chosen. This means: if you use a different browser in the future, you will have to manage your cookies there again according to your wishes. Under the "Cookies" section you will find the relevant links to the relevant instructions for the most popular browsers.

You can also manage your browser so that you are informed of each individual cookie. Then you can always decide individually whether you allow a cookie or not.

Twitter also uses the data for personalized advertising inside and outside of Twitter. You can switch off personalized advertising in the settings under "Individualization and data". If you use Twitter on a browser, you can view personalized advertising at https://optout.aboutads.info/?c=2&lang=ENDisable  .

​

legal basis

If you have consented to your data being processed and stored by integrated social media elements, this consent is the legal basis for data processing (Article 6 paragraph 1 lit. a GDPR). In principle, your data will also be processed on the basis of our legitimate interest (Article 6 paragraph 1 lit. f GDPR) stored and processed in a fast and good communication with you or other customers and business partners. However, we only use the integrated social media elements if you have given your consent. Most social media platforms also set cookies on your browser to store data. We therefore recommend that you read our privacy statement on cookies carefully and consult the privacy statement or cookie policy of the relevant service provider.

Twitter also processes your data in the USA, among other places. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks for the legality and security of data processing.

As a basis for data processing by recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or data transfer there, Twitter uses so-called standard contractual clauses (= Art. 46. Para. 2 and 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data also comply with European data protection standards if they are transferred to third countries (such as the USA) and stored there. Through these clauses, Twitter undertakes to comply with European data protection standards when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementation decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

You can find more information about the standard contractual clauses at Twitter under https://gdpr.twitter.com/en/controller-to-controller-transfers.html.

We hope we have given you a basic overview of data processing by Twitter. We do not receive any data from Twitter and are not responsible for what Twitter does with your data. If you have any further questions on this topic, we recommend the Twitter data protection declaration under https://twitter.com/de/privacy.

​

Cookie Consent Management Platform Introduction

Cookie Consent Management Platform Summary
👥 Affected: Website visitors
🤝 Purpose: Obtaining and managing consent to certain cookies and thus the use of certain tools
📓 Processed data: Data for managing the set cookie settings such as IP address, time of consent, type of consent, individual consents. You can find more details on this for the tool used in each case.
📅 Duration of storage: Depends on the tool used, you have to be prepared for periods of several years
⚖️ Legal bases: Article 6 paragraph 1 lit. a GDPR (consent), Article 6 paragraph 1 lit.f GDPR (legitimate interests)

​

What is a Cookie Consent Management Platform?

We use Consent Management Platform (CMP) software on our website, which makes it easier for us and you to handle the scripts and cookies used correctly and securely. The software automatically creates a cookie pop-up, scans and controls all scripts and cookies, offers you cookie consent required by data protection law and helps us and you to keep track of all cookies. Most cookie consent management tools identify and categorize all existing cookies. As a website visitor, you then decide for yourself whether and which scripts and cookies you want to allow or not. The following graphic shows the relationship between browser, web server and CMP.

​

Why do we use a cookie management tool?

Our goal is to offer you the best possible transparency in the area of data protection. We are also legally obliged to do so. We want to inform you as well as possible about all tools and all cookies that can store and process data from you. It is also your right to decide which cookies you accept and which you do not. In order to grant you this right, we first need to know exactly which cookies landed on our website in the first place. Thanks to a cookie management tool, which regularly scans the website for all existing cookies, we know about all cookies and can provide you with GDPR-compliant information about them. You can then accept or reject cookies via the consent system.

​

Which data are processed?

As part of our cookie management tool, you can manage each individual cookie yourself and have complete control over the storage and processing of your data. The declaration of your consent will be saved so that we do not have to ask you each time you visit our website and we can also prove your consent if required by law. This is stored either in an opt-in cookie or on a server. Depending on the provider of the cookie management tool, the storage period of your cookie consent varies. This data (e.g. pseudonymous user ID, time of consent, detailed information on the cookie categories or tools, browser, device information) is usually stored for up to two years.

​

Duration of data processing

We will inform you below about the duration of data processing if we have further information on this. In general, we only process personal data for as long as is absolutely necessary for the provision of our services and products. Data stored in cookies are stored for different lengths of time. Some cookies are already deleted after leaving the website, others can be stored in your browser for several years. The exact duration of the data processing depends on the tool used, in most cases you should be prepared for a storage period of several years. In the respective data protection declarations of the individual providers you will usually receive precise information about the duration of the data processing.

​

Right to object

You also have the right and the opportunity to revoke your consent to the use of cookies at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting the cookies in your browser.

Information on special cookie management tools, if available, can be found in the following sections.

​

legal basis

If you agree to cookies, your personal data will be processed and stored via these cookies. If we through yourconsent(Article 6 Para. 1 lit. a GDPR) may use cookies, this consent is also the legal basis for the use of cookies or the processing of your data. In order to be able to manage the consent to cookies and to enable you to give your consent, a cookie consent management platform software is used. Use of this software enables us to operate the website in an efficient and legally compliant manner, which is a legitimate interest  (Article 6 Para. 1 lit. f GDPR).

​

Security & Anti Spam

Security & Anti-Spam Privacy Policy Summary
👥 Affected: Visitors to the website
🤝 Purpose: cyber security
📓 Processed data: Data such as your IP address, name or technical data such as browser version
More details can be found below and in the individual data protection texts.
📅 Duration of storage: In most cases, the data is stored until it is no longer required to provide the service
⚖️ Legal basis: Article 6 paragraph 1 lit. a GDPR (consent), Article 6 paragraph 1 lit. f GDPR (legitimate interests)

​

What is security & anti-spam software?

With so-called security & anti-spam software, you can protect yourself and us from various spam or phishing e-mails and possible other cyber attacks. Spam is understood to be advertising emails from a mass mailing that you did not ask for yourself. Such mails are also called data garbage and can also cause costs. Phishing emails, on the other hand, are messages that aim to build trust via fake messages or websites in order to obtain personal information. Anti-spam software usually protects against unwanted spam messages or malicious emails that could inject viruses into our system. We also use general firewall and security systems that protect our computers from unwanted network attacks.

Why do we use security & anti-spam software?

We attach great importance to security on our website. After all, it's not just about our safety, it's also about your safety. Unfortunately, cyber threats are now part of everyday life in the world of IT and the Internet. Hackers often try to steal personal data from an IT system with the help of a cyber attack. And therefore a good defense system is absolutely necessary. A security system monitors all incoming and outgoing connections to our network or computer. In order to achieve even greater security against cyber attacks, we also use other external security services in addition to the standardized security systems on our computer. Unauthorized traffic of data is thus better prevented and this is how we protect ourselves from cybercrime.

​

Which data is processed by security & anti-spam software?

Which data is collected and stored depends of course on the respective service. However, we always try to only use programs that collect data very sparingly or only store data that is necessary for the fulfillment of the service offered. In principle, the service can store data such as name, address, IP address, e-mail address and technical data such as browser type or browser version. Any performance and log data can also be collected in order to identify possible incoming threats in good time. This data will be processed as part of the Services and in compliance with applicable laws. This also includes the GDPR for US providers (via the standard contractual clauses). In some cases, these security services also work with third parties who may store and/or process data under instructions and in accordance with privacy policies and other security measures. Data is usually stored using cookies.

​

Duration of data processing

We will inform you below about the duration of data processing if we have further information on this. For example, security programs store data until you or we revoke data storage. In general, personal data is only stored for as long as is absolutely necessary for the provision of the services. Unfortunately, in many cases we do not have precise information from the providers about the length of storage.

​

Right to object

You also have the right and the option to revoke your consent to the use of cookies or third-party security software at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting the cookies in your browser.

Since cookies can also be used with such security services, we recommend our general data protection declaration on cookies. To find out exactly what data is stored and processed by you, you should read the data protection declarations of the respective tools.

​

legal basis

We use the security services mainly on the basis of our legitimate interests (Article 6 paragraph 1 lit. f GDPR) on a good security system against various cyber attacks.

Certain types of processing, in particular the use of cookies and security functions, require your consent. If you have agreed that your data can be processed and stored by integrated security services, this consent is the legal basis for data processing (Article 6 paragraph 1 lit. a GDPR). Most of the services we use set cookies on your browser to store data. We therefore recommend that you read our privacy statement on cookies carefully and consult the privacy statement or cookie policy of the relevant service provider.

You can find information on special tools – if available – in the following sections.

​

Google reCAPTCHA Privacy Policy

Google reCAPTCHA Privacy Policy Summary
👥 Affected: Visitors to the website
🤝 Purpose: Optimizing our service and protecting against cyber attacks
📓 Data processed: Data such as IP address, browser information, your operating system, restricted location and usage data
More details can be found below in this data protection declaration.
📅 Storage duration: depends on the stored data
⚖️ Legal basis: Article 6 paragraph 1 lit. a GDPR (consent), Article 6 paragraph 1 lit. f GDPR (legitimate interests)

​

What is reCAPTCHA?

Our primary goal is to secure and protect our website for you and for us in the best possible way. To ensure this, we use Google reCAPTCHA from Google Inc. The company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services in Europe. With reCAPTCHA we can determine if you really are a real human being and not a robot or other spam software. We understand spam to mean any unwanted information that is sent to us electronically, unsolicited. With the classic CAPTCHAS, you usually had to solve text or image puzzles to check them. With reCAPTCHA from Google, we don't have to bother you with such puzzles most of the time. In most cases, it is sufficient if you simply tick the box and confirm that you are not a bot. With the new Invisible reCAPTCHA version, you don't even have to check the box. You can find out exactly how this works and, above all, what data is used for this in the course of this data protection declaration.

reCAPTCHA is a free captcha service provided by Google that protects websites from spam software and abuse by non-human visitors. Most often, this service is used when filling out forms on the Internet. A captcha service is a type of automatic Turing test designed to ensure that an action on the internet is being performed by a human and not a bot. In the classic Turing test (named after the computer scientist Alan Turing), a human determines the difference between a bot and a human. In the case of captchas, the computer or a software program also takes care of this. Classic captchas work with small tasks that are easy for humans to solve, but present significant difficulties for machines. With reCAPTCHA you no longer have to actively solve puzzles. The tool uses modern risk techniques to distinguish humans from bots. Here you only have to tick the text field "I'm not a robot" or with Invisible reCAPTCHA even that is no longer necessary. With reCAPTCHA, a JavaScript element is integrated into the source text and then the tool runs in the background and analyzes your user behavior. The software calculates a so-called Captcha score from these user actions. Google uses this score to calculate how likely it is that you are a human before you enter the Captcha. reCAPTCHA or Captchas in general are always used when bots could manipulate or misuse certain actions (such as registrations, surveys, etc.).

​

Why do we use reCAPTCHA on our website?

We only want to welcome flesh and blood people to our site. Bots or spam software of all kinds can safely stay at home. That's why we're doing everything we can to protect ourselves and offer you the best possible user experience. For this reason we use Google reCAPTCHA from Google. So we can be pretty sure that we remain a "bot-free" website. By using reCAPTCHA, data is transmitted to Google to determine whether you are really a human being. reCAPTCHA therefore serves to ensure the security of our website and subsequently also your security. For example, without reCAPTCHA it could happen that a bot registers as many email addresses as possible during registration in order to then "spam" forums or blogs with unwanted advertising content. With reCAPTCHA we can avoid such bot attacks.

​

What data is stored by reCAPTCHA?

reCAPTCHA collects personal data from users to determine whether the actions on our website really come from people. The IP address and other data that Google needs for the reCAPTCHA service can therefore be sent to Google. IP addresses are almost always shortened within the member states of the EU or other contracting states of the Agreement on the European Economic Area before the data ends up on a server in the USA. The IP address is not combined with other data from Google unless you are logged in with your Google account while using reCAPTCHA. First, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube, Gmail, etc.) are already placed on your browser. Then reCAPTCHA sets an additional cookie in your browser and captures a snapshot of your browser window.

The following list of collected browser and user data does not claim to be complete. Rather, they are examples of data that, to our knowledge, are processed by Google.

​

• Referrer URL (the address of the page the visitor came from)

• IP address (e.g. 256.123.123.1)

• Information about the operating system (the software that enables your computer to operate. Known operating systems are Windows, Mac OS X or Linux)

• Cookies (small text files that store data in your browser)

• Mouse and keyboard behavior (every action you perform with the mouse or keyboard is saved)

• Date and language settings (which language or which date you have preset on your PC is saved)

• All JavaScript objects (JavaScript is a programming language that allows websites to adapt to the user. JavaScript objects can collect all kinds of data under one name)

• Screen resolution (shows how many pixels the image display consists of)

​

It is undisputed that Google uses and analyzes this data even before you click on the "I'm not a robot" tick. With the Invisible reCAPTCHA version, you don't even have to check the box and the whole recognition process runs in the background. Google does not tell you in detail how much and what data Google stores.

The following cookies are used by reCAPTCHA: Here we refer to the reCAPTCHA demo version from Google under https://www.google.com/recaptcha/api2/demo. All of these cookies require a unique identifier for tracking purposes. Here is a list of cookies set by Google reCAPTCHA on the demo version:

​

Surname: IDE
Value: WqTUmlnmv_qXyi_DGNPLESKnRNrpgXoy1K-pAZtAkMbHI-112430223-8
Purpose of use: This cookie is set by DoubleClick (also owned by Google) to register and report the actions of a user on the website in dealing with advertisements. In this way, the effectiveness of the advertising can be measured and appropriate optimization measures can be taken. IDE is stored in browsers under doubleclick.net domain.

Expiry Date: after a year

​

Surname: 1P_JAR
Value: 2019-5-14-12
Purpose of use: This cookie collects website usage statistics and measures conversions. A conversion occurs, for example, when a user becomes a buyer. The cookie is also used to display relevant advertisements to users. Furthermore, the cookie can be used to prevent a user from seeing the same ad more than once.
Expiry Date: after a month

​

Surname: ANID
Value: U7j1v3dZa1124302230xgZFmiqWppRWKOr
Purpose of use: We were not able to find out much information about this cookie. In Google's privacy policy, the cookie is used in connection with "advertising cookies" such as e.g. For example, “DSID”, “FLC”, “AID”, “TAID” are mentioned. ANID is stored under domain google.com.
Expiry Date: after 9 months

​

Surname: CONSENT
Value: YES+AT.de+20150628-20-0
Purpose of use: The cookie stores the status of a user's consent to the use of various Google services. CONSENT is also used for security purposes to screen users, prevent fraudulent login information and protect user data from unauthorized attacks.
Expiry Date: after 19 years

​

Surname: NID
Value: 0WmuWqy112430223zILzqV_nmt3sDXwPeM5Q
Purpose of use: NID is used by Google to match ads to your Google search. With the help of the cookie, Google “remembers” your most frequently entered search queries or your previous interaction with ads. So you always get tailor-made advertisements. The cookie contains a unique ID to collect the user's personal settings for advertising purposes.
Expiry Date: after 6 months

​

Surname:DV
Value: gEAABBCjJMXcI0dSAAAANbqc112430223-4
Purpose of use: Once you have ticked the "I'm not a robot" box, this cookie will be set. The cookie is used by Google Analytics for personalized advertising. DV collects information in an anonymous form and is further used to make user distinctions.
Expiry Date: after 10 minutes

​

annotation: This list cannot claim to be complete, as experience has shown that Google changes the choice of its cookies again and again.

​

How long and where is the data stored?

By inserting reCAPTCHA, your data will be transferred to the Google server. Where exactly this data is stored is not made clear by Google, even after repeated inquiries. Without having received confirmation from Google, it can be assumed that data such as mouse interaction, time spent on the website or language settings on the European or American Google servers are stored. The IP address that your browser transmits to Google is generally not merged with other Google data from other Google services. However, if you are logged into your Google account while using the reCAPTCHA plugin, the data will be merged. The deviating data protection regulations of the company Google apply.

​

How can I delete my data or prevent data storage?

If you do not want any data about you and your behavior to be transmitted to Google, you must log out of Google completely and delete all Google cookies before you visit our website or use the reCAPTCHA software. In principle, the data is automatically transmitted to Google as soon as you access our site. To delete this data again, you need to contact Google support at  https://support.google.com/?hl=de&tid=112430223Contact  .

So if you use our website, you agree that Google LLC and its representatives automatically collect, process and use data.

Please note that when using this tool, your data may also be stored and processed outside the EU. Most third countries (including the USA) are not considered secure under current European data protection law. Data may not simply be transferred to unsafe third countries, stored there and processed unless there are suitable guarantees (such as EU standard contractual clauses) between us and the non-European service provider.

​

legal basis

If you have consented to Google reCAPTCHA being used, the legal basis for the corresponding data processing is this consent. This consent represents according to Article 6 paragraph 1 lit. a GDPR(Consent) is the legal basis for the processing of personal data as it may occur when collected by Google reCAPTCHA.

We also have a legitimate interest in using Google reCAPTCHA to optimize our online service and make it more secure. The corresponding legal basis for this is Art. 6 Paragraph 1 lit. f GDPR(Legitimate Interests). However, we only use Google reCAPTCHA if you have given your consent.

Google also processes your data in the USA, among other places. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks for the legality and security of data processing.

As the basis for data processing by recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or data transfer there, Google uses so-called standard contractual clauses (= Art. 46 Para. 2 and 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data also comply with European data protection standards if they are transferred to third countries (such as the USA) and stored there. Through these clauses, Google undertakes to comply with European data protection standards when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementation decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Processing Terms, which refer to the Standard Contractual Clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.

You can learn a little more about reCAPTCHA on Google's web developer page at https://developers.google.com/recaptcha/. Google goes into the technical development of reCAPTCHA in more detail here, but you won't find precise information about data storage and data protection-related topics there either. A good overview of the basic use of data at Google can be found in the in-house data protection declaration on https://www.google.com/intl/de/policies/privacy/.