for data processing within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is
SONAX GmbH Münchener Str. 75 86633 Neuburg Germany
Telephone: +49 / 84 31 / 53-0 Email: [email protected] Internet: www.sonax.de
of the controller is:
Mrs Vera Schneider Email: [email protected]
who can otherwise be reached using the contact details of the controller.
Data protection and the protection of your privacy are important to us. We therefore only process personal data in accordance with the applicable data protection and data security legislation, in particular the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and the Telecommunications and Telemedia Data Protection Act (TTDSG). In this, we are guided by the principle of data avoidance and data minimisation. Our employees are bound to confidentiality and secrecy.
Our website can be used without registration, i.e. without actively disclosing your identity or manually entering personal data. Nevertheless, personal data are collected every time you visit our website. It may also be necessary to provide your personal data in the context of use, e.g. when you contact us. The following data protection declaration informs you about the processing of your personal data when using our website, the measures taken to protect your data and your rights as a data subject.
We use IT systems on our websites to provide services to our users, through which we process the personal data described in more detail below.
Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis.
When processing personal data that is necessary for the fulfilment of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.
Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis in conjunction with a special authorising standard setting out the legal situation more concretely.
If the processing is necessary to safeguard a legitimate interest of the controller or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.
Your personal data will not be transferred to third parties for purposes other than those listed below. We only pass on your personal data to third parties
if you have given your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR,
if the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
in the event that there is a legal obligation for disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR,
if this is necessary for the processing of contractual relationships with you in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR.
Your data will only be passed on to processors within the framework of the statutory provisions, in particular in accordance with Art. 28 GDPR. We have concluded a service agreement and a valid contract for data processing with all processors. The processor will only process the personal data on our instructions and for the purposes described, in particular for the fulfilment of the contract.
Your data are protected against loss, misuse and unauthorised or unapproved access, disclosure, modification or deletion. We log access, collect access passwords and encrypt data, provided this does not fundamentally impair our services.
On our website you may also find information and/or services from other providers who collect personal data as part of their offerings. Please note that we are not responsible for the processing of these data: only the external provider is, to whom other conditions may apply.
This website may contain links to websites of other providers. Please note that this data protection declaration applies exclusively to our website. We cannot check whether external providers comply with the applicable data protection regulations.
The personal data of the data subjects will be deleted or restricted as soon as the purpose of the storage no longer applies, e.g. the storage of the data is no longer required for the fulfilment of a contract or an overriding legitimate interest. Data may also be stored if this is provided for by European or national legislatures through regulations, laws or other provisions to which the controller is subject. The data will therefore be deleted or restricted when a storage period prescribed by the aforementioned regulations expires.
When you visit our website www.sonax.com information is automatically sent to the server of our website by the browser used on your device. This information is temporarily stored in a logfile. The following information is collected without any action on your part and stored until it is automatically deleted:
IP address of the user (requesting computer)
Date and time of access
Name and URL of the accessed file/page
Website from which the access is made (referrer URL)
Browser used and the operating system of your computer
Name of your access provider
The logfiles contain IP addresses or other data that can be assigned to a user and are therefore predominantly categorised as personal data.
We process the aforementioned data for the following purposes:
Ensuring a smooth connection to the website
Ensuring easy use of our website
Analyses of system security and stability
Evaluation of user behaviour
Other administrative purposes
The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session. Storage in logfiles takes place to ensure the functionality of the website. We also use the data to optimise the website and to ensure the security of our information technology systems. In this specific context, we do not use the data collected here for the purpose of drawing conclusions about your person for marketing purposes. These purposes justify our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.
Anonymous information may be statistically evaluated by us in order to optimise our website and the technology behind it. In addition, we use cookies or other analysis services when you visit our website. You will find more detailed explanations below in this data protection declaration.
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. b GDPR, as a user relationship exists, as well as Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the data processing purposes described above.
The data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is generally the case when the respective session has ended. If unabridged IP addresses are stored in logfiles, the personal data will be deleted or anonymised after seven days at the latest. Additional storage is possible in connection with cookies or analysis services. In this case, the IP addresses of the users are deleted or truncated so that it is not possible to identify the calling client. You will find more detailed explanations below in this data protection declaration.
The collection of data for the provision of the website and the storage of data in logfiles is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
If you contact us with questions of any kind by email or contact form, you give us your voluntary consent to process your personal data for the purpose of contacting you. These are used to allocate the enquiry and subsequently answer it.
The following personal data are collected and processed in the various forms:
Enquiry form Authorised Detailer: First name, surname, company name, email, postcode, telephone number, country
Contact form: First name, surname, email, telephone number, street, house number, postcode, city, country
Seminar enquiry form: First name, surname, company, email, telephone, street, house number, postcode
Seminar booking Company: First name, surname, street, house number, postcode, city, telephone number, fax number, email
Product enquiry: First name, surname, email, street, house number, postcode, town, country
We process personal data to handle your enquiries, to provide the services you have requested and to ensure compliance with laws and regulations.
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. a and b GDPR, as in each case your consent is given to the use of a form or the sending of information and/or a contractual service is provided.
The personal data collected will be stored for as long as is necessary for the purposes described. If the data are subject to statutory retention obligations, for example under the AO (German Tax Code) or the HGB (German Commercial Code), it must be retained for six or ten years. Otherwise, the general storage principles described above apply.
You can subscribe to a free newsletter on our website. When you register for the newsletter, the following data are collected and transmitted to us via the input screen:
Name of the user
IP address of the calling computer
Date and time of registration
Information about the browser type and version used
The user’s operating system
During the registration process, your consent to the processing of the data is obtained using the double opt-in procedure (double consent) with reference to this data protection declaration. After the first act of consent, the user receives a confirmation email for the second act of consent. The verified user authorises the website operator to send him/her newsletters by email. This procedure forms the basis for legally justified email marketing. Consent for the newsletter can also be obtained by other means, e.g. in writing or by email.
On the basis of your consent, we will use the personal data stored by us to inform you about our products, services and events.
To send the newsletter, the data are passed on to external service providers for contract processing and deleted again after the newsletter has been sent. The data will be used exclusively for sending the newsletter.
The purpose of collecting the user’s email address and other personal data is to send the newsletter and to prevent misuse of the services or the email address used.
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. a and b GDPR, as your consent has been obtained for the sending of information and a contractual service is provided.
The data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. The user’s email address is therefore stored for as long as the subscription to the newsletter is active. The other personal data collected during the registration process are generally deleted after a period of seven days.
You can revoke your consent at any time with future effect and cancel the newsletter, both via the unsubscribe link in the individual mailings and informally, e.g. by contacting [email protected]. Further information on consent can be found in the section “Rights of the data subject”.
Below we describe in detail which cookies, analysis tools and plugins we use, which data are processed and how you can deactivate the analysis tools. The term “cookies” is also used as a generic term for plugins and analysis tools of all kinds.
Cookies are placed when using our website. Cookies are small files that are automatically created by the browser and stored on the user’s end device (laptop, tablet, smartphone, etc.) when they visit the website. Cookies do not cause any damage to the end device and do not contain any viruses, Trojans or other malware. Information is stored in the cookie that results in each case from the relationship with the specific terminal device used. Cookies can be recognised and read automatically during a visit in progress or on the next visit. However, this does not mean that the website operator is directly informed of the identity of the user.
Cookies make visiting the website more user-friendly by remembering personal settings or serve the advertising interests of the website operator. Cookies make it possible, in particular, to determine the frequency of use and number of users of the pages, to analyse page usage behaviour and to make our offering more customer-friendly. So-called session cookies are used, among other things, to recognise that the user has already visited individual pages of the website. These are automatically deleted after you leave the site.
If you leave our site and access third-party sites, cookies may also be placed by the target site. We are not legally responsible for these cookies. For information on the use of these cookies by third parties and the information stored therein, please refer to their privacy policies.
We may store cookies on your device if they are technically necessary for the operation of the website. Necessary cookies help to make a website usable by enabling basic functions such as page navigation or language selection. The website may not function properly without such cookies. The data processed for the aforementioned purposes serve to safeguard our legitimate interests, which are overriding in the context of a balancing of interests, and are therefore necessary in accordance with the principle of proportionality. The legal basis for technically necessary cookies is Art. 6 para. 1 sentence 1 lit. f GDPR in conjunction with § 25 para. 2 no. 2 TTDSG (the German Telecommunications-Telemedia Data Protection Act).
We require your consent for all other cookie types. You can specifically select these as explicit opt-in consents in a dialogue window (cookie consent window) on your first visit to our website. This places a cookie in your system that contains your cookie settings and signals to our system which cookies have been accepted each time you visit our website. You can change or revoke your cookie settings on our website at any time. You can find information on deactivating cookies below. The legal basis for all other cookie types is Art. 6 para. 1 sentence 1 lit. a GDPR, § 25 para. 1 TTDSG, insofar as you have given your consent.
If you delete all cookies, the cookie with your cookie settings will also be deleted, so you will have to set your cookie preferences again. The limitation of cookies can lead to limited functionality of the website.
Within the framework of the use of cookies, analysis tools and plugins, the name of the Internet service provider, requested files, IP address, access to individual pages, browser type, screen resolution, colour depth, operating system, search terms and reference pages from which you have accessed our websites are processed, among other things.
The data contained in session cookies or other cookies are processed by us for the following purposes:
Ensuring the smooth operation of the website
Ensuring easy use of our website
System security and stability
For further administrative or advertising purposes
The data collected may be processed and used to improve the marketing of the websites, to increase the user-friendliness of the websites and for other optimisation purposes. The analysis required for marketing and optimisation purposes does not generally allow any direct conclusions to be drawn about your person or personal data. In particular, no names, addresses, telephone numbers or other data that can be directly attributed to individuals are stored. The analysis only provides aggregated data, such as the number of visitors and page views.
Cookies make it possible, among other things, to customise our website to your wishes, to establish connections between different visits to our website or to save your password in the browser so that you do not have to re-enter it each time.
Cookies can also be used for target group-orientated advertising. Third-party providers and automatic data collection tools may also be authorised to use cookies so that they can support us in providing our own content and advertisements and in measuring the effectiveness of our advertising measures. For registered users, the data collected on our websites are not anonymous. This information may be used together with other information we know or infer about you, such as your preferences, to provide you with customised content, services and advertisements.
We currently use the cookies automatically listed and described in more detail in our cookie policy on our website.
Some cookies are deleted after the end of the browser session, i.e. after closing the browser (so-called “session cookies”). Other cookies remain on the end device and make it possible to recognise the user on the next visit (“persistent cookies”). The specific duration of storage can be found in our cookie policy and in the overview in the cookie settings of your web browser. Otherwise, the general storage principles described above apply.
You can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. If you deactivate cookies completely, you may not be able to use all the functions of a website.
If you want to prevent cookies from being used, set your browser so that it deletes cookies from your hard drive, blocks all cookies or warns you before a cookie is stored so that you can decide on a case-by-case basis whether you want the cookie. Each browser differs in the way it manages cookie settings. They are described in more detail in the help menu of each browser. There it is explained how you can change your cookie settings. You can find the relevant browser information at the following links, for example:
Internet Explorer: https://support.microsoft.com/en-us/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox, https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop, https://support.mozilla.org/en-US/kb/block-websites-storing-cookies-site-data-firefox
Firefox for Android: https://support.mozilla.org/de/kb/cookies-aktivieren-deaktivieren-firefox-android
Safari: https://support.apple.com/guide/safari/sfri11471/mac
Chrome: http://support.google.com/chrome/bin/answer.py?hl=en&hlrm=en&answer=95647
Opera: https://help.opera.com/en/latest/web-preferences/
You will also find the options for deactivation directly in the description of the cookies, plugins and tracking measures.
This website uses Piwik PRO Analytics Suite, a web analytics service provided by Piwik PRO GmbH, Knesebeckstraße 62/63, 10719 Berlin (hereinafter referred to as Piwik PRO). Piwik PRO is analytics software that uses cookies and tracking tools and collects personal data of website visitors such as IP addresses, browser fingerprints, operating system, usage data, etc., creates user profiles based on browsing history and calculates metrics related to website usage such as bounce rate, intensity of visits, page views, etc. All cookies and tracking tools used by Piwik PRO can be viewed under Cookies. All data processed by Piwik PRO are described under Data. We use the Tag Manager from Piwik PRO to control data collection and processing through cookies and tracking tools. With the Tag Manager, we can create, implement, test and adapt tags from templates, examine the processed data at any time, categorise the tags used and activate them in conjunction with clear consent in order to meet data protection requirements. A detailed description of the options can be found under Tag Manager. The general deactivation of cookies and tracking tools is described in the Cookies section. The purpose of data processing includes the analysis of user behaviour, the creation of user profiles, conversion tracking, etc. in order to display personalised content and carry out online campaigns. The legal basis for data processing is primarily your consent in accordance with Art. 6 para. 1 lit. a GDPR, which is obtained via the consent window (consent banner), but also our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR to improve our website and customer approach. We use Piwik PRO’s Consent Manager to adapt the consent window (Consent Banner) to the website and the language used and to categorise the data from the web analysis service and the Tag Manager so that the processing purpose corresponds to the selected consent. The Consent Manager enables us to design the consent window on our website in accordance with the requirements of the TTDSG and the GDPR. A detailed description of the configuration options can be found under Consent Manager. We use the cloud version of Piwik PRO (Piwik PRO Analytics Suite Cloud), which is hosted for us within the EU by Orange Flexible Engine France (FR Central) and ElastX Sweden (SWE Central). We have concluded a data processing agreement with Piwik PRO, which you can view at Data Processing Agreement. You can find the Piwik PRO online terms of service here: Online Service Terms. Piwik PRO does not pass on your data to other sub-processors or third parties and does not use them for its own purposes. The term of data storage is regulated in the data processing contract and can be determined by us. The data are stored for a period of 14 or 25 months. Further details on the processing of personal data by Piwik PRO can be found in the data protection declaration of Piwik PRO.
This website uses Google Maps to display maps and to create directions. Google Maps is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as “Google”). If you use Google’s advanced functions, for example by clicking on the map displayed, you are using a Google service outside our sphere of influence. In this case, the specifications and information provided by Google in this context apply. On the Google website you will find further information on the Google Terms of Use, additional Terms of Use for Google Maps/Google Earth, the legal notice for Google Maps/Google Earthand the Google data protection declaration. In the data protection declaration you will find information about what data are collected for what purpose and what Google does with these data. The processing of personal data by Google also takes place in the USA. To ensure an adequate level of data protection for data transfers to the USA, Google has adopted the Data Privacy Framework certification. The current certificate from Google can be viewed here. Google also concludes the EU standard contractual clauses with its customers and business partners, see here and here. You can find the wording of the EU standard data protection clauses at https://gsuite.google.com/terms/mcc_terms.html.
Google thereby undertakes to comply with the standards and regulations of European data protection law. The legal basis for the processing and transfer of personal data to Google is your consent, based on Art. 6 para. 1 sentence 1 lit. a GDPR. We also base the use of Google on Art. 6 para. 1 lit. f GDPR, as the data processing serves the user-friendliness of the website and is therefore necessary to protect our legitimate interests. The general deactivation of cookies is described in the Cookies section.
This website uses Google Consent Mode, an online service for user consent provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, or Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as ‘Google’).
Since 6 March 2024, market gatekeepers such as Google have been required by the Digital Markets Act (DMA) to obtain and demonstrate user consent before processing their personal data for personalised advertising. Consequently, in order to comply with the DMA in accordance with Google's contractual requirements, the implementation of the consent mode has been mandatory since 6 March 2024 if you wish to use all functions of Google Analytics and Google Ads without restriction.
The Google consent mode is therefore a function developed by Google to implement the legal obligation under the DMA or to delegate it to us so that the consent of users is also effective vis-à-vis Google. At the same time, as website operators and data controllers, we remain obliged to obtain consent for cookies and tracking tools in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, § 25 para. 1 TDDDG via our consent management system (Consent Management System or consent banner).
With the consent mode, we as website operators are additionally contractually obliged by Google to obtain this consent and to prove it to Google via the consent mode. This results from Google's ‘Guidelines on user consent in the EU’, which contain requirements for obtaining consent. With the consent mode, we first inform Google about the consent status of our users. Google offers the consent mode in a simple and an advanced implementation (Basic and Advanced Mode) with different functions.
In the advanced implementation, a connection to Google is established and the IP address is transmitted before the consent is requested. If the user refuses consent in the consent banner, no cookies are set, but the consent status and user activities are nevertheless recorded via various types of pings and transmitted to Google. These pings enable Google to evaluate user behaviour even though consent has not been given, which raises data protection concerns.
When using the simple implementation, processes requiring consent are only implemented after the user has given the necessary consent. This means that a connection to Google is only established once the website visitor has given their consent, thereby complying with data protection requirements. In this case, we have therefore opted for the simple implementation because it is preferable from a data protection perspective.
Further details on Google's consent mode can be found here and here. If you give your consent, the following data will be collected, processed and transmitted to Google within the scope of the consent mode.
When using tools such as ‘Google Ads’ or ‘Google Ads Conversion Tracking’, Google uses tracking technologies and cookies that are stored on your device, in particular in your browser. These tools are used to analyse user behaviour, optimise content and display personalised advertising. Consequently, we pass on personal data such as IP addresses, device information, location data and surfing behaviour to Google for processing and have therefore concluded a contract with Google for order processing in accordance with Art. 28 GDPR. Details of the order data processing, in particular the contractual terms, deletion, etc., can be found here.
Google also transfers data to various third countries. In this context, personal data is also processed by Google in the USA. To ensure an adequate level of data protection for data transfers to the USA, Google has concluded the EU standard contractual clauses, see here and here, each with a variety of additional data protection information. The wording of the EU standard data protection clauses can be found, for example, here or here. Google is also certified under the EU-U.S. Data Privacy Framework. A current certificate can be viewed here. Through the Data Privacy Framework and the Standard Contractual Clauses, Google undertakes to comply with the standards and regulations of European data protection law.
The legal basis for the processing of personal data by Google's services is Art. 6 para. 1 sentence 1 lit. a GDPR, § 25 para. 1 TDDDG, insofar as you have given your consent. Furthermore, we also base the use of Google services on Art. 6 para. 1 lit. f GDPR, as the processing of data is carried out for the purpose of optimising offers, services and marketing measures and therefore serves to protect our legitimate interests.
You can revoke your consent at any time via the cookie settings, object to data processing or prevent the storage of cookies by adjusting your browser software settings accordingly (see above for details). However, we would like to point out that in this case, you may not be able to use all functions of this website to their full extent.
According to Google, the data is stored on secure servers and processed in encrypted form. In many cases, cookies are stored for 30 days to three months. Detailed information on the use of cookies by Google can be found here. Comprehensive information on storage, storage duration and deletion can be found in the Google privacy policy.
Further information on data protection in connection with Google services can be found here and in the general Google privacy policy.
Below, we provide information about how your data is processed by the Google Ads service, which we use on our website. Google Ads is an online advertising programme provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, or Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as ‘Google’). It is used by advertisers to place targeted advertisements, particularly in Google Search, on YouTube or on other websites in the Google advertising network (Display Network).
Functions and data processing
Google Ads enables us to target specific audiences. In online marketing, targeting means addressing precisely defined target groups with advertising. Based on the user data collected by Google (e.g. user locations, interests, etc.), we can display targeted advertisements. As the website operator, we can then quantitatively evaluate which search terms led to the display of our advertisements and how many advertisements led to a corresponding click behaviour.
Key features of Google Ads:
Keyword targeting: Enables advertisements to be targeted at users based on specific keywords (key terms). The ads are displayed to users who search for these keywords or visit websites that are thematically relevant. This allows us to display our advertisements in the Google search engine or on third-party websites when the page user enters certain search terms in the Google search engine.
Location targeting: Ads can be targeted geographically to specific regions, cities or a radius around a business location.
Demographic targeting: Targeting can be based on age, gender, interests and other demographic characteristics.
Ad formats: Google Ads supports various ad formats such as text ads, image ads, video ads (especially on YouTube), shopping ads (with product images and prices) and app ads.
Remarketing: Enables us to target users who have already interacted with our website or our products; for more details, see ‘Google Ads Remarketing’ below.
Conversion tracking: This is the measurement of the success of Google Ads ads, i.e. the recording of previously defined goals or events (e.g. purchases, leads, bookings, website visits) that are considered successful from the advertiser's point of view (= conversion or user action). The performance of the ads can thus be measured and optimised based on the defined goals. For more details, see ‘Google Ads Conversion Tracking’ below.
Google Display Network: Extends the reach of advertising campaigns to a large number of partner websites, apps and Google services (such as Gmail and YouTube) and enables visual ad formats.
Google Shopping: Special ads for products that appear directly in search results with images, prices and retailer information.
YouTube advertising: Enables video ads to be placed in various formats before, during or after YouTube videos and in YouTube search results.
Performance analysis and reports: Comprehensive tools for analysing campaign performance to help you make informed decisions about optimisation.
Artificial intelligence (AI) and machine learning: Google is increasingly integrating AI and machine learning to automatically optimise advertising campaigns and deliver ads across all Google advertising channels.
Data categories:
The use of Google Ads may result in the processing of the following data in particular:
User data: IP address, device information, browser information, operating system, pages visited, clicks on ads, search queries, date and time, requested URL, unique cookie ID
Conversion data: Information about whether you have performed a specific action on our website after clicking on one of our Google Ads (e.g. purchase, contact). Google uses special conversion cookies for this purpose.
Remarketing data: Information about your interactions with our website in order to show you personalised advertising on other websites or in search results at a later date.
Cookies and tracking technologies:
Google Ads uses cookies and similar tracking technologies (hereinafter referred to as cookies). Cookies are stored on your device, in particular in your browser, when you click on one of our Google Ads advertisements, for example. Cookies are used to evaluate usage behaviour. As a result, Google receives data for processing, which means that we enter into an ‘agreement between independent controllers’ and a ‘contract for order processing’ with Google; see below for details.
You can object to data processing at any time or prevent the storage of cookies by adjusting your browser software settings accordingly (see details above in the Cookies section or below under ‘Deactivation’). However, we would like to point out that in this case, you may not be able to use all functions of this website to their full extent.
Further information on the use of cookies by Google can be found in Google's Cookie Policy and here. Google provides detailed information on the types and purposes of cookies and the categories of data collected at Server Logs.
Further information with extensive links on the handling of advertising and data protection can be found here.
Purpose of data processing
Google Ads serves as a marketing tool to increase our online visibility, reach potential customers, achieve our marketing goals, promote our products and services, and measure the effectiveness of our advertising measures.
Legal basis for data processing
The legal basis for the processing of personal data by the Google Ads service is Art. 6 para. 1 sentence 1 lit. a GDPR, § 25 para. 1 TDDDG, insofar as you have given your consent via our consent banner or in another manner.
Furthermore, we also base the use of Google Ads on Art. 6 para. 1 lit. f GDPR, as the processing of data is carried out for the optimisation of offers, service, security and marketing measures and therefore serves to safeguard our legitimate interests.
Data recipients and transfer to third countries
According to Google's assessment, both we as the website operator and Google act independently as controllers of personal data with regard to data processing in Google Ads. We have therefore concluded a corresponding agreement between independent controllers with Google. Details can be found in the ‘Data Processing Terms between Controllers for Google Advertising Products’.
However, according to Google's assessment, there are also Google Ads functions for which Google acts as a processor of personal data. Insofar as order processing takes place, we have concluded an order processing agreement with Google in accordance with Art. 28 GDPR. The details of the order data processing, in particular the contractual conditions, deletion, etc., can be found in the ‘Order Data Processing Terms for Google Advertising Products’.
The data collected by Google Ads is transferred to Google, where it is stored and processed. Google transfers data to third countries, although we have no detailed knowledge of this. To ensure an adequate level of data protection when transferring data to unsafe third countries, Google concludes the EU standard contractual clauses, see Google's ‘GDPR Commitment’ and ‘Legal Framework for Data Transfers’, each with a wealth of additional data protection information. The wording of the EU standard data protection clauses used and concluded by Google can be found, insofar as there is cooperation between independent controllers (controller-controller), under ‘Google Ads: Standard Contractual Clauses’ or, insofar as order processing (controller-processor) is involved, here.
The processing of personal data by Google also takes place in the USA. Google is certified in this regard under the EU-U.S. Data Privacy Framework. Google's current certification can be viewed in the ‘Data Privacy Framework List’. Through the Data Privacy Framework and the Standard Contractual Clauses, Google undertakes to comply with the standards and regulations of European data protection law. Further information on this can also be found in Google's Privacy Policy.
Storage period
The storage period for the data processed by Google is the responsibility of Google. We have no influence on how, to what extent and for how long Google processes or stores the data collected. According to Google, the data is stored on secure servers and processed in encrypted form. The cookies set by Google usually have a limited validity period. In many cases, cookies are stored for 30 days to three months. More detailed information on the storage period can be found, for example, here.
Further information on data protection in connection with Google Ads can be found under ‘Google Ads and GDPR’, in Google's general privacy policy and in the terms of use for Google Ads advertisers.
Contact
If you have any further questions or problems regarding data processing and data protection, we recommend that you contact Google directly. The following options are available for contacting Google.
Contact page: https://about.google/contact-google/?hl=de
Help and support: https://support.google.com/?hl=en
You can find our own contact details above.
A detailed description of your data protection rights can be found below in the section ‘Rights of the data subject’.
We use the functions of Google Ads Conversion Tracking, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland or Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (hereinafter referred to as ‘Google’) on our website to measure the success of advertising.
Performance measurement
‘Conversion tracking’ records what happens after an online user interacts with our ads. This allows us to see whether a user has, for example, purchased something, subscribed to our newsletter or called us.
User actions that we have defined as valuable to our business are referred to as conversions.
Google conversion tracking makes it possible for Google and the website operator to recognise whether the user has performed certain actions (e.g. purchases, leads, bookings, website visits) that are considered a success from the advertiser's point of view (= conversion or user action) as a result of the advertisement. The performance of the ads can thus be measured and optimised based on predefined goals. In particular, the following analysis data is processed:
Which products and services are viewed or purchased and how often
Which buttons are clicked and how often
Total number of actions and users who clicked or purchased ads
This information is used to compile conversion statistics. As the website operator, we do not receive any information that could be used to personally identify users. Google uses special conversion cookies or comparable technologies to identify or recognise users. Personal identification by Google cannot be ruled out.
Further details can be found at Google under ‘Conversion Tracking’.
Conversion linking
We have implemented the ‘conversion linking’ tag on all of our web pages that users reach when they click on one of our ads. This tag supports the measurement of click data so that conversions can be effectively tracked. When users click on our ads, the URL of the landing page on our website usually contains information about the click. If a user of our websites performs an action that we have tagged as a conversion, the conversion is linked to the click that brought the visitor to our website using this information.
The conversion link tag automatically collects information about the ad click in the landing page URLs and stores it in separate cookies and the local browser. Further detailed information can be found at Google under ‘Conversion linking’.
Legal basis for data processing
The legal basis for the processing of personal data by the Google Ads Conversion Tracking service is Art. 6 para. 1 sentence 1 lit. a GDPR, § 25 para. 1 TDDDG, insofar as you have given your consent via our consent banner or in another manner.
Furthermore, we also base the use of Google Ads Conversion Tracking on Art. 6 para. 1 lit. f GDPR, as the processing of data is carried out for the optimisation of offers, services and marketing measures and therefore serves to protect our legitimate interests.
A detailed description of your data protection rights can be found below in the section ‘Rights of the data subject’.
In all other respects, the information provided above under ‘Google Ads’ and below under ‘Google Ads Remarketing’ also applies mutatis mutandis to ‘Google Ads Conversion Tracking’.
We use the functions of Google Ads Remarketing, a service for personalising advertising provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland or Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (hereinafter ‘Google’), on our website.
With Google Ads Remarketing, online users can be shown personalised, i.e. interest-based, advertising across the entire Google advertising network and on their various end devices (laptop, mobile phone, tablet, PC, etc.) (remarketing or retargeting). When users interact with our online offering, they can be assigned to specific target groups based on their usage and surfing behaviour. The relevant information is stored, for example, as cookies on the user's device and can be read there again so that interest-based, personalised advertising can be displayed to the user across pages and devices depending on their previous usage and surfing behaviour.
Personalised advertising
On websites or apps where Google-managed ads are displayed, you may see personalised advertising based on your previous actions and interests.
Actions that trigger personalised advertising and determine its content include, in particular, your previous account settings, interactions with content or advertisements, and information such as your email address, age, gender, etc., which you have provided on websites or apps.
Legal basis for data processing
The legal basis for the processing of personal data by the Google Ads Remarketing service is Art. 6 para. 1 sentence 1 lit. a GDPR, § 25 para. 1 TDDDG, insofar as you have given your consent via our consent banner or in another manner.
Furthermore, we also base the use of Google Ads Remarketing on Art. 6 para. 1 lit. f GDPR, as the processing of data is carried out for the purpose of optimising offers, services and marketing measures and therefore serves to protect our legitimate interests.
Deactivation
You can partially determine which advertisements you see on other websites or apps by disabling personalised advertising when Google-managed ads are delivered. For more technical information on how to disable personalised advertising, please refer to the Cookies section above and Google's ad options.
If you disable personalised advertising, the data on your device that Google uses to personalise ads will also be deleted.
Even after deactivation, you will continue to see ads, but they will no longer be personalised. Instead, the ads will be based on general factors such as the time of day or the content of the website you are currently visiting.
In addition, you can select the type of advertising (advertising topics, brands, etc.) you want to see and the data that may be used for personalisation in Google's Ads Settings.
A detailed description of your data protection rights can be found below in the section ‘Rights of the data subject’.
In all other respects, the information above under ‘Google Ads’ and ‘Google Ads Conversion’ also applies to ‘Google Ads Remarketing’.
To protect the forms on this website, we use the “reCAPTCHA” service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”. By using this service, a distinction can be made as to whether the corresponding input is of human origin or has been misused by automated machine processing. The integration of the service requires the IP address and any other data required by Google for the reCAPTCHA service to be sent to Google. If you wish to prevent this, you must block the storage of cookies in your browser. The information obtained is used in accordance with the Google terms of use: https://policies.google.com/privacy?hl=en
The general deactivation of cookies is described in the Cookies section.
This website uses the hosting services of the cloud platform for virtual servers from Digital Ocean LLC, 101 Avenue of the Americas, 10th Floor, New York, NY 10013, USA (hereinafter referred to as Digital Ocean). In connection with the search functions offered, Digital Ocean processes the names, images, positions and contact details (address, email address, telephone number) of the sales representatives and sales offices of those responsible. When you use our website, Digital Ocean collects and processes personal data in logfiles such as IP addresses, timestamps and usage data. Digital Ocean’s server locations are in Frankfurt in an ISO/IEC 27001-certified data centre and in the USA. We have concluded a data processing contract with Digital Ocean in accordance with Art. 28 GDPR, which can be viewed at https://www.digitalocean.com/legal/data-processing-agreement. Data transfer to the USA or insecure third countries is legitimised by the conclusion of the EU standard contractual clauses. In addition, Digital Ocean is certified under the EU-U.S. Data Privacy Framework. The details of data transfer to insecure third countries can be found in Digital Ocean’s data protection declaration at https://www.digitalocean.com/legal/privacy-policy. The use of Digital Ocean serves the secure and functional provision, administration and optimisation of our website. The legal basis is founded on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in being able to provide our website in accordance with the purposes described. All personal data will be deleted within the statutory periods. Further information on data protection and data processing by Digital Ocean can be found in Digital Ocean’s data protection declaration at https://www.digitalocean.com/legal/privacy-policy and in the GDPR FAQs of Digital Ocean.
This website uses the hosting services of the cloud platform for virtual servers from Neon Inc, 209 Orange Street, City of Wilmington, County of New Castle, Delaware 19801, USA (hereinafter referred to as Neon). In connection with the search functions offered, Neon processes names, images, positions and contact data (address, email address, telephone number) of the sales representatives and sales offices of the responsible parties. Neon’s servers are located in the USA. We have concluded a data processing contract with Neon in accordance with Art. 28 GDPR, which can be viewed at https://neon.tech/dpa. Data transfer to the USA or insecure third countries is legitimised by the conclusion of the EU standard contractual clauses. In addition, Neon is certified under the EU-U.S. Data Privacy Framework. Details on the transfer of data to insecure third countries can be found in Neon’s data protection declaration at https://neon.tech/privacy-policy. Neon is used for the secure and functional provision, administration and optimisation of our website. The legal basis is founded on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in being able to provide our website in accordance with the purposes described. Neon stores the personal data described for as long as the account is active or as long as it is required for the provision of services. Further information on data protection and data processing by Neon can be found in Neon’s data protection declaration at https://neon.tech/privacy-policy, in the Neon Privacy Guide and at https://neon.tech/terms-of-service and https://neon.tech/docs/security/security-overview.
Insofar as we obtain the consent of the data subject to the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis.
Our websites use the “Swiftype” search tool (Elasticsearch, Inc., 800 El Camino Real, Suite 350, Mountain View, CA 94040, USA or Elasticsearch B.V., Rijnsburgstraat 11, 1059 AT Amsterdam, Netherlands).
Swiftype uses cookies to process data such as standard internet log data and details of the usage behaviour of our website search. This serves to constantly improve our search in order to offer you a better search experience. Cookies are small files that are stored on computers or other devices by websites for the purpose of logging and improving the functionality of the website. Swiftype stores these data in a pseudonymised user profile. They are not processed to identify individual users or to compare them with other user data.
Cookies are stored on your device; you have full control over their use. You can deactivate cookies or restrict the transfer of data by cookies by changing the settings of your web browser. Cookies that have already been saved can be deleted at any time. After deactivating cookies, you may no longer be able to use the functions on our website to their full extent.
The general deactivation of cookies is described in the Cookies section.
Swiftype also offers further data protection information at
https://www.elastic.co/de/legal/privacy-statement
https://swiftype.com/privacy-and-gdpr-faq
Our website uses Cloudinary, a cloud-based image and video management service for displaying embedded content. The service provider is the US company Cloudinary Limited (hereinafter Cloudinary), 111 W Evelyn Ave, Suite 206, Sunnyvale, CA 94086, USA. When you call up a page that contains content displayed via Cloudinary, a connection to the Cloudinary server is established. To ensure an adequate level of data protection for data transfers to the USA, Cloudinary has certified itself in accordance with the Data Privacy Framework certification. The current certificate from Cloudinary can be viewed here. In addition, Cloudinary bases transfer on the Standard Contractual Clauses of the EU Commission to ensure an adequate level of data protection. Further information on the international transfer of data by Cloudinary can be found under “Transfer of Personal Information” in the Cloudinary Data Protection Declaration. The purpose of data processing is to provide you with optimised embedded content. The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. Our legitimate interest follows from the described purpose of data processing. We have concluded a Data Processing Agreement with Cloudinary. Further data protection information can be found in the Cloudinary Data Protection Declaration.
The controller for the Facebook platform as a whole is Meta Platforms Ireland Limited 4 Grand Canal Square, Dublin 2, Ireland or Meta Platforms Inc, 1 Hacker Way, Menlo Park, California 94025, USA (hereinafter referred to as Facebook). The controller for our own Facebook page is the controller for the website above.
When you visit our Facebook fan page, Facebook collects personal user data, e.g. through the use of cookies, tracking and similar technologies. This also applies to users who are not logged in or registered with Facebook while visiting the site. The types of cookies and tools used by Facebook are described in detail in the Cookie policy. There you will also find a list of cookies and comparable technologies. Under Cookie settings you can manage the authorised cookies yourself.
Facebook transmits some of the information collected to affiliated companies in the USA. Facebook bases this transfer on the Standard Contractual Clauses of the EU Commission to ensure an adequate level of data protection. In addition, Meta Platforms, Inc., the parent company of Facebook, is certified in accordance with the Data Privacy Framework. A current certificate can be viewed here. Further information on international data transfer by Facebook can be found at https://www.facebook.com/legal/terms/dataprocessing and https://www.facebook.com/legal/EU_data_transfer_addendum/update.
Further information on data processing by Facebook as a whole can be found in the Facebook data policy. How and to what extent personal user data are processed by Facebook is not transparent or verifiable for us in detail.
We do not have full access to your personal data processed by Facebook, including your profile data. Only the publicly accessible information in your profile is visible to us. You can determine the scope of the information publicly accessible in your profile yourself in the Facebook settings. There you can, for example, hide your likes or unfollow our Facebook page. Your profile will then no longer appear in the list of fans on our fan page.
With regard to your visit to our Facebook fan page, we receive anonymous usage statistics from Facebook with the following information, for example:
Range: Number of people accessing a specific post, advert, etc. and its change over time; number of user interactions with a specific post and its change over time; advert performance (cost per click; number of people who have seen an advert)
Followers: Number and of people who follow our page over a certain period of time and its change over time
Demographics: Average age of users, gender, place of residence, language
We use the statistical information to find out which content is well received by our users and what interests our users have. This enables us to adapt the offers and contributions on our website to the needs of our users and to continuously improve our website in line with our target group.
The legal basis for the processing of usage data and statistics is Art. 6 para. 1 lit. a GDPR, insofar as you have consented to the processing. The processing of the statistics is also based on a legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, whereby our legitimate interest results from the above description of the purpose.
We cannot assign the statistical usage data to a specific profile or user or draw any other conclusions about an individual user. You can use your Facebook settings to decide how targeted advertising is displayed to you. Under Advertising settings you can customise your advertising preferences yourself in your user account.
Facebook compiles the statistics on the basis of usage data to which we have no access. We have concluded a Controller Addendum with Facebook which regulates which data processing operations we or Facebook are responsible for when you visit our Facebook fan page. Facebook has assumed responsibility for the processing of your usage data and has undertaken to protect your rights under the GDPR. You can view this agreement under the following link: https://www.facebook.com/legal/terms/page_controller_addendum
If you actively contact us, e.g. via posts, comments, forms or chat functions, we process your personal data, e.g. name, contact details, concerns, etc., to process your enquiry and communicate with you. For this purpose, we store your data in our CRM system. Depending on the nature of your enquiry, the legal basis for this data processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in order to process a general enquiry with you, or Art. 6 para. 1 lit. b GDPR if your enquiry is aimed at concluding a contract.
Your personal data will only be stored on our systems for as long as this is necessary in accordance with the above-mentioned purposes or for as long as there are statutory retention obligations.
There is no legal or contractual obligation for you to provide your personal data. However, you cannot use our Facebook fan page without your personal data being processed by Facebook.
Further information on how we process personal data and what rights you have in this regard can be found in this data protection notice. With regard to data processing by Facebook, we ask you to exercise your rights directly using the Facebook email address or contact options. With regard to our data processing, you will find the contact options above.
The controller for the Instagram platform as a whole is Meta Platforms Ireland Limited 4 Grand Canal Square, Dublin 2, Ireland and Instagram, LLC1601 Willow Road, Menlo Park, California 94025, USA (hereinafter referred to as Instagram). The controller for our own Instagram page is the controller for the website above.
When you visit our Instagram page, Instagram collects personal user data, e.g. through the use of cookies, tracking and similar technologies. This also applies to users who are not logged in or registered with Instagram while visiting the site. The types of cookies and tools used by Instagram are described in detail in the Cookie policy. There you will also find a List of cookies and similar technologies and further information on how you can Manage cookies yourself.
Instagram transmits some of the information collected to affiliated companies in the USA. Instagram bases the transfer on the Standard Contractual Clauses of the EU Commission to ensure an adequate level of data protection. Further information on the use of the standard contractual clauses by Instagram can be found at https://www.facebook.com/help/instagram/272603474673152. In addition, Meta Platforms, Inc., the parent company of Instagram, is certified under the Data Privacy Framework. A current certificate can be viewed here. Further information on international data transfer by Meta Platforms, Inc. can be found at https://www.facebook.com/legal/terms/dataprocessing and https://www.facebook.com/legal/EU_data_transfer_addendum/update.
Further information on data processing by Instagram as a whole, in particular which personal data Instagram processes for which purposes, can be found in the Privacy policy and in the Terms of use of Instagram. How and to what extent personal user data are processed by Instagram is not transparent or verifiable for us in detail.
We do not have full access to your personal data processed by Instagram, including your profile data. Only the publicly accessible information in your profile is visible to us. You can determine the scope of the information that is publicly accessible in your profile yourself in the Instagram settings. For example, you can decide to no longer follow our Instagram page there.
With regard to your visit to our Instagram page, we receive anonymous usage statistics from Instagram with, for example, the following information:
Range: Number and of people who open a specific post, advert, etc. and its change over time; number of user interactions with a specific post and its change over time; advert performance (number of people who have seen an advert/post); from this it is possible to deduce, for example, which adverts/posts are better received than others.
Followers: Number and of people who follow our page over a certain period of time and its change over time
Instagram compiles the statistics on the basis of usage data to which we have no access. We use the statistical information to find out which content is well received by our users and what interests our users have. This enables us to adapt the offers and contributions on our website to the needs of our users and to continuously improve our website in line with our target group.
The legal basis for the processing of usage data and statistics is Art. 6 para. 1 lit. a GDPR, insofar as you have consented to the processing. The processing of the statistics is also based on a legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, whereby our legitimate interest results from the above description of the purpose.
We cannot assign the statistical usage data to a specific profile or user or draw any other conclusions about an individual user. You can use your Instagram settings to decide how targeted advertising is displayed to you. You can customise your advertising preferences yourself in your user account under advertising settings.
If you actively contact us, e.g. via posts, comments, forms or chat functions, we process your personal data, e.g. name, contact details, concerns, etc., to process your enquiry and communicate with you. For this purpose, we store your data in our CRM system. Depending on the nature of your enquiry, the legal basis for this data processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in order to process a general enquiry with you, or Art. 6 para. 1 lit. b GDPR if your enquiry is aimed at concluding a contract.
Your personal data will only be stored on our systems for as long as this is necessary in accordance with the above-mentioned purposes or for as long as there are statutory retention obligations.
There is no legal or contractual obligation for you to provide your personal data. However, you cannot use our Instagram page without Instagram processing your personal data.
Further information on how we process personal data and what rights you have in this regard can be found in this data protection notice. With regard to data processing by Instagram, we ask you to exercise your rights directly using the Instagram email address or contact options. With regard to our data processing, you will find the contact options above.
TikTok is an international video portal where users can watch, share and upload mainly short video clips, especially lip-sync and music videos. The controller for the TikTok platform as a whole is TikTok Technology Limited 10 Earlsfort Terrace, Dublin, D02 T380, Ireland and the Chinese company ByteDance (hereinafter referred to as TikTok). The controller for our own TikTok page is the controller for the website above.
When you visit our TikTok page, TikTok collects and processes personal user data, in particular profile data and user content, IP addresses, browser type, operating system and other technical data, usage data, location data, data about contacts, followers, etc. TikTok also processes personal user data through the use of cookies, tracking tools and similar technologies for the operation and provision of TikTok services and for advertising purposes.
TikTok uses tracking technologies to analyse how you use the platform, e.g. which pages you visit most frequently and how you interact with the content. This information is used to evaluate or report your activities and behaviour patterns as a user of the platform.
This also applies to users who are not logged in or registered with TikTok during their visit to the site. The types of cookies and tools used by TikTok are described in detail in the Cookie policy. There you will also find a list of cookies and similar technologies as well as further information on how you can manage cookies yourself. For example, you have the option of adjusting your device settings to control your advertising ID and can deactivate personalised advertising. You can find further information on how to configure data protection and privacy settings on TikTok under Account privacy settings. You can also manage and deactivate cookies in your web browser, which is also possible without a TikTok account. However, this may affect the functionality of our TikTok page.
Further information on data processing by TikTok overall, in particular which personal data TikTok processes from you and for what purposes, can be found in the Privacy policy and in the Terms of Use of TikTok. How and to what extent personal user data are processed by TikTok is not transparent or verifiable for us in detail.
We do not have full access to your personal data processed by TikTok, including your profile data. Only the publicly accessible information in your profile is visible to us. You can determine the scope of the publicly accessible information in your profile yourself in the Privacy settings of TikTok. There you can, for example, no longer follow our TikTok page or specify which information may or may not be shared.
For our TikTok page we receive from TikTok so-called “Page insights” (analytics). These are aggregated data that tell us how people interact with our site. Page Insights may be based on personal data collected in connection with a visit or interaction on our TikTok page. They contain aggregated usage statistics with, for example, the following information:
Range: Number and of people who open a specific post, advert, etc. and its change over time; number of user interactions with a specific post and its change over time; advert performance (number of people who have seen an advert/post); from this it is possible to deduce, for example, which adverts/posts are better received than others.
Followers: Number and of people who follow our page over a certain period of time and its change over time.
TikTok compiles the statistics on the basis of usage data to which we have no access, and we use the statistical information to find out what content is well received by our users and what interests our users have. This enables us to adapt the offers and contributions on our website to the needs of our users and to continuously improve our website in line with our target group.
We cannot assign the statistical usage data to a specific profile or user or draw any other conclusions about an individual user. You can use your TikTok settings to decide how targeted advertising is displayed to you. You can customise your advertising preferences yourself in your user account under advertising settings.
TikTok transmits some of the information collected to partners or group companies in unsafe third countries. In doing so, TikTok bases the transfer on the Standard Contractual Clauses of the EU Commission to ensure an adequate level of data protection. Through the standard contractual clauses, TikTok undertakes to comply with the European level of data protection, even if the data are processed in unsafe third countries. Further information on the use of the standard contractual clauses by TikTok can be found in the Privacy policy of TikTok.
The legal basis for the processing of usage data and statistics is Art. 6 para. 1 lit. a GDPR, insofar as you have consented to the processing. The processing of the statistics is also based on a legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, whereby our legitimate interest results from the above description of the purpose. In particular, we want to promote and optimise our offer and ensure effective communication with our users.
If you actively contact us, e.g. via posts, comments, forms or chat functions, we process your personal data, e.g. name, contact details, concerns, etc., to process your enquiry and communicate with you. For this purpose, we store your data in our CRM system. Depending on the nature of your enquiry, the legal basis for this data processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in order to process a general enquiry with you, or Art. 6 para. 1 lit. b GDPR if your enquiry is aimed at concluding a contract.
Your personal data will only be stored on our systems for as long as this is necessary in accordance with the above-mentioned purposes or for as long as there are statutory retention obligations. TikTok also stores data on servers in the USA or other third countries. TikTok determines the storage period in accordance with the respective legal provisions and its internal guidelines. We do not know how long TikTok stores your data.
There is no legal or contractual obligation for you to provide your personal data. However, you cannot use our TikTok site without it processing your personal data.
Further information on how we process personal data and what rights you have in this regard can be found in this data protection notice. With regard to our data processing, you will find the contact options above. With regard to data processing by TikTok, we ask you to exercise your rights directly via the TikTok legal notice, the email address or the contact options. You can contact TikTok’s data protection officer using the online contact form provided by TikTok. Via the TikTok data protection form you can request further data protection information.
YouTube is a social network and online video portal of YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”) is responsible for all data processing in Europe.
The controller for our own YouTube page is the controller for the website above. In addition, our website uses plugins and embedded videos from YouTube.
When you visit our YouTube page, YouTube, as the controller, collects personal user data, e.g. through the use of cookies. We cannot track or influence which user data YouTube processes in detail. We also do not have full access to the processed data or your profile data. We can only view the publicly accessible information on your profile that you yourself determine in your YouTube settings.
We receive anonymous statistics from YouTube regarding the use of our YouTube page, which contain the following information:
Followers: Number of people who follow our YouTube page, including growth and development over a defined time frame.
Range: Number of people who see a specific contribution. Number of interactions with a post. From this, for example, it is possible to deduce which content is better received than others.
Ad performance: Number of people who have been reached with a post or paid advert and have interacted with it.
We use the statistics, from which we cannot draw any conclusions about individual users, to improve our YouTube page and to respond to the interests of our users. We cannot link the statistical data with the profile data of our users or followers. You can use your YouTube settings to decide how targeted adverts are displayed to you.
The legal basis for the processing of usage data and statistics is Art. 6 para. 1 lit. a GDPR, insofar as you have consented to the processing. The processing of the statistics is also based on a legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, whereby our legitimate interest results from the above description of the purpose.
If you actively contact us on YouTube, e.g. via comments, forms or chat functions, we process your personal data, e.g. name, contact details, concerns, etc., to handle your enquiry and communicate with you. For this purpose, we store your data in our CRM system. Depending on the nature of your enquiry, the legal basis for this data processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in order to process a general enquiry with you, or Art. 6 para. 1 lit. b GDPR if your enquiry is aimed at concluding a contract.
Your personal data will only be stored on our systems for as long as this is necessary in accordance with the above-mentioned purposes or for as long as there are statutory retention obligations.
There is no legal or contractual obligation for you to provide your personal data. However, you cannot use our YouTube page without YouTube processing your personal data.
When you visit our websites with a YouTube plugin, a connection is established to the YouTube server and notified which of our pages you are visiting. Videos from YouTube are displayed on our website using framing technology and can be played directly from there.
This service is inactive by default, but you can activate and deactivate it at any time by giving your consent. As soon as you click on the consent button and thereby declare your consent to view the content from YouTube, the connection to YouTube is established.
Through the embedding technology, YouTube places at least one cookie in the user’s browser and thus automatically collects personal data of the website visitor, such as the IP address and behaviour on the site, which is transmitted to Google. The legal basis for the processing of the data is your consent pursuant to Art. 6 para. 1 lit. a GDPR.
The data collected is processed by Google and may also be transferred to countries outside the European Union. We have no influence on the type and scope of the data processed by Google, the use or transfer of these data to third parties, in particular to countries outside the European Union.
Data processing and transfer by Google takes place regardless of whether or not you have a user account with YouTube or Google. If you are logged in to a user account, your data will be assigned directly to this account. If you do not wish to do this, you must log out of your user account before visiting our YouTube page or playing a video. The data transmitted to Google is stored by Google in the form of user profiles and used for advertising and market research purposes as well as for personalised design. With the help of this analysis, Google can generate demand-optimised advertising (even for users who are not logged in). You can object to the creation of these user profiles. To do this, you must contact Google.
YouTube does not provide its own data protection declaration, but refers in the Use of YouTube to the data protection provisions of Google. In the Google data protection declaration you can find out more about data processing by Google as well as your rights, settings options and the ability change your settings yourself. The processing of personal data by Google also takes place in the USA. To ensure an adequate level of data protection for data transfers to the USA, Google has adopted the Data Privacy Framework certification. The current certificate from Google can be viewed here. Google also concludes the EU standard contractual clauses with its customers and business partners, see here and here. You can find the wording of the EU standard data protection clauses at https://gsuite.google.com/terms/mcc_terms.html. Google thereby undertakes to comply with the standards and regulations of European data protection law.
Further information on how we process personal data and what rights you have in this regard can be found in this data protection notice. With regard to data processing by YouTube, we ask you to exercise your rights directly via the YouTube email address or contact options. With regard to our data processing, you will find the contact options above.
We use YouTube in connection with the “extended data protection mode” function in order to be able to show you videos. The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in improving the quality of our website. According to YouTube, the “Extended data protection mode” function means that the data described in more detail below is only transmitted to the YouTube server when you actually start a video.
Without this “Extended data protection”, a connection to the YouTube server in the USA is established as soon as you call up one of our Internet pages on which a YouTube video is embedded.
The controller for the LinkedIn platform as a whole is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter LinkedIn). The controller for our own LinkedIn page is the controller for the website above.
When you visit our LinkedIn page, LinkedIn collects personal user data, e.g. through the use of cookies, tracking and similar technologies. This also applies to users who are not logged in or registered with LinkedIn while visiting the site. The types of cookies and tools used by LinkedIn are described in detail in the Cookie policy. You can find an individual list of cookies and comparable technologies in the Cookie table.
LinkedIn may transfer some of the information collected to affiliated companies in the USA. To ensure an adequate level of data protection for data transfers to the USA, LinkedIn has adopted the Data Privacy Framework certification. The current certificate from LinkedIn can be viewed here. In addition, LinkedIn bases the transfer on the Standard Contractual Clauses of the EU Commission to ensure an adequate level of data protection. Further information on the use of the standard contractual clauses by LinkedIn can be found at https://de.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.
Further information on data processing by LinkedIn as a whole can be found in the LinkedIn data protection declaration. How and to what extent personal user data are processed by LinkedIn is not transparent or verifiable for us in detail.
We do not have full access to your personal data processed by LinkedIn, including your profile data. Only the publicly accessible information in your profile is visible to us. You can determine the scope of the publicly accessible information in your profile yourself in your LinkedIn settings.
With regard to your visit to our site, we receive anonymous usage statistics from LinkedIn with the following information:
Range: Number of people accessing a specific post, advert, etc. and its change over time; number of user interactions with a specific post and its change over time
Followers: Number and of people who follow our page over a certain period of time and its change over time
We use the statistical information to find out which content is well received by our users and what interests our users have. This enables us to adapt the offers and contributions on our website to the needs of our users and to continuously improve our website in line with our target group.
The legal basis for the processing of usage data and statistics is Art. 6 para. 1 lit. a GDPR, insofar as you have consented to the processing. The processing of the statistics is also based on a legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, whereby our legitimate interest results from the above description of the purpose.
We cannot assign the statistical usage data to a specific profile or user or draw any other conclusions about an individual user. You can use your LinkedIn settings to determine whether and in what form targeted advertising is displayed to you.
LinkedIn compiles the statistics on the basis of usage data to which we have no access. LinkedIn has signed a Joint Controller Addendum in which LinkedIn has assumed responsibility for the processing of usage data and has undertaken to protect your rights under the GDPR.
If you actively contact us, e.g. via posts, comments, forms or chat functions, we process your personal data, e.g. name, contact details, concerns, etc., to process your enquiry and communicate with you. For this purpose, we store your data in our CRM system. Depending on the nature of your enquiry, the legal basis for this data processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in order to process a general enquiry with you, or Art. 6 para. 1 lit. b GDPR if your enquiry is aimed at concluding a contract.
Your personal data will only be stored on our systems for as long as this is necessary in accordance with the above-mentioned purposes or for as long as there are statutory retention obligations.
There is no legal or contractual obligation for you to provide your personal data. However, you cannot use our LinkedIn page without your personal data being processed by LinkedIn.
Further information on how we process personal data and what rights you have in this regard can be found in this data protection notice. With regard to data processing by LinkedIn, we ask you to exercise your rights directly using the LinkedIn email address or contact options. With regard to our data processing, you will find the contact options above.
The controller for the Xing platform as a whole is New Work SE, Am Strandkai 1, 20457 Hamburg (hereinafter referred to as Xing). The controller for our own Xing page is the controller for the website above. There is a joint controller relationship in place, whereby Xing has assumed responsibility for the processing of usage data and has undertaken to protect your rights under the GDPR.
When you visit our Xing page, Xing collects personal user data, e.g. through the use of cookies, tracking and similar technologies. This also applies to users who are not logged in or registered with Xing while visiting the site. The types of tracking tools used by Xing are described under Tracking. You can find a list of tracking technologies at Third-party providers.
Xing may transfer some of the information collected to recipients in third countries. Xing bases the transfer to unsafe third countries on the Standard Contractual Clauses of the EU Commission to ensure an adequate level of data protection. Further information on the use of the standard contractual clauses can be found in Xing’s data protection declaration under Third countries.
Further information on data processing by Xing as a whole can be found in the Xing data protection declaration or in the corresponding long version. How and to what extent personal user data are processed by Xing is not transparent or verifiable for us in detail.
We do not have full access to your personal data processed by Xing, not even to your profile data. Only the publicly accessible information in your profile is visible to us. You can determine the scope of the publicly accessible information in your profile yourself in your Xing settings.
Regarding your visit to our site, we receive anonymous usage statistics (page insights) from Xing with the following information:
Range: Number of people accessing a specific post, advert, etc. and its change over time; number of user interactions with a specific post and its change over time
Followers: Number and of people who follow our page over a certain period of time and its change over time
Demographics: Average age of visitors, gender, place of residence, language
We use the statistical information to find out which content is well received by our users and what interests our users have. This enables us to adapt the offers and contributions on our website to the needs of our users and to continuously improve our website in line with our target group.
The legal basis for the processing of usage data and statistics is Art. 6 para. 1 lit. a GDPR, insofar as you have consented to the processing. The processing of the statistics is also based on a legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, whereby our legitimate interest results from the above description of the purpose.
Xing compiles the statistics on the basis of usage data to which we have no access. We cannot assign the statistical data to a specific profile or user or draw any other conclusions about an individual user. You can use your Xing settings to determine whether and in what form targeted advertising is displayed to you.
If you actively contact us, e.g. via posts, comments, forms or chat functions, we process your personal data, e.g. name, contact details, concerns, etc., to process your enquiry and communicate with you. For this purpose, we store your data in our CRM system. Depending on the nature of your enquiry, the legal basis for this data processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in order to process a general enquiry with you, or Art. 6 para. 1 lit. b GDPR if your enquiry is aimed at concluding a contract.
Your personal data will only be stored on our systems for as long as this is necessary in accordance with the above-mentioned purposes or for as long as there are statutory retention obligations.
There is no legal or contractual obligation for you to provide your personal data. However, you cannot use our Xing page without your personal data being processed by Xing.
Further information on how we process personal data and what rights you have in this regard can be found in this data protection notice. With regard to data processing by Xing, we ask you to exercise your rights directly using the Xing email address or other contact options. With regard to our data processing, you will find the contact options above.
We use Zoom for video conferences. You can find the relevant data protection provisions here.
You have the various rights set out below on the basis of the data protection provisions.
You have the right to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of appeal, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information on its details.
In accordance with Art. 16 GDPR, you have the right to demand the immediate rectification of incorrect or incomplete personal data stored by us.
You have the right to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims.
You have the right to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR if the accuracy of the data is disputed by you, the processing is unlawful but you decline to delete it, or if we no longer need the data but you require it for the assertion, exercise or defence of legal claims, or you have lodged an objection to the processing in accordance with Art. 21 GDPR.
In accordance with Art. 20 GDPR, you have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transferred to another controller.
In accordance with Art. 7 (3) GDPR, you have the right to revoke your declaration of consent under data protection law at any time. As a result, we may no longer continue the data processing based on this consent in the future. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
If you wish to make use of your right of cancellation, it is sufficient to send a corresponding message via all known communication channels, in particular also by email to [email protected].
You have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your workplace or our company headquarters. In Bavaria this is
Bayerisches Landesamt für Datenschutzaufsicht
Promenade 18 91522 Ansbach
Telephone: 0981/180093-0 Email: [email protected] Internet: https://www.lda.bayern.de
A list of the competent state data protection authorities (for the non-public sector) with addresses can be found at https://www.bfdi.bund.de/EN/Service/Anschriften/Laender/Laender-node.html.
If your personal data are processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is against direct advertising. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation.
If you wish to exercise your right of objection, it is sufficient to send a corresponding message via any known communication channel, in particular also by email to [email protected].
After exercising your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defence of legal claims. This does not apply if the processing is carried out for direct marketing purposes. We will then no longer process your personal data for this purpose.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
(1) is necessary for the conclusion or fulfilment of a contract between you and the controller,
(2) is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
(3) is made with your express consent.
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect your rights and freedoms as well as your legitimate interests.
In the cases referred to in (1) and (3), the controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.
When you visit our website, we use the widespread SSL encryption (Secure Socket Layer) in the TLS standard (Transport Layer Security) in conjunction with the highest encryption level supported by your browser. As a rule, this involves 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit technology instead. You can recognise whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
The security measures described are used on the basis of Art. 6 para. 1 sentence 1 lit. f, Art. 32 GDPR. The data processed in this way are required for security purposes to protect our legitimate interests and the interests of third parties in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.
If you have any questions about data protection, please send us an email or contact the person responsible for data protection in our organisation directly: Mrs Vera Schneider, Email: [email protected]
This data protection declaration is dated February 2024. Due to the further development of our website and offers, e.g. when introducing new services, or due to changed legal or official requirements, it may become necessary to change this data protection declaration. We therefore reserve the right to amend the data protection declaration at any time with future effect. The new data protection declaration will then apply to your next visit. We recommend that you read the current data protection declaration from time to time. The current data protection declaration can be found on our website at https://www.sonax.com/en/footer/legal/privacy-policy.