XVI. Technologies on our website

\
\

Cloudflare

On our website Cloudflare is used as a so-called content delivery network (CDN). Cloudflare is a service of Cloudflare Inc., 101 Townsend Street, San Francisco, California 94107, USA, ("Cloudflare"). 

ATTENTION: Within the scope of this service, data transfer to the US takes place or cannot be ruled out. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of data protection in the case of data transfer to the US and that there are therefore various risks (such as possible access by US secret services).

A CDN is a service that helps us to provide content from our website, especially large media files, such as images, by using regional and Internet-connected servers to be delivered faster. Delivering content through servers near you reduces average website load times.

Cloudflare contributes both web optimization and security services. Cloudflare blocks threats and limits misuse of server resources and bandwidth. Our website is significantly more powerful and less vulnerable to spam or other attacks thanks to Cloudflare.

Cloudflare uses cookies and processes data of our website users.

If you visit our website, your requests will be directed by the server of Cloudflare. In this case, statistical access data is collected when visiting our website. 

Access data includes:

- your IP address,
- the addresse(s) of our website you have visited,
- type and version of the internet browser you are using,
- the operating system you are using,
- the website from which you have switched to our website (referrer URL),
- the time of your stay on our website and
- the frequency of calling our websites.

This data helps Cloudflare in particular to detect new threats and to ensure a high security standard for the operation of our website.

Your data is processed to maintain the security and functionality of the CDN and to optimize our loading times. The use of cookies by Cloudflare is done for security reasons to ensure the trustworthiness of an end device and is absolutely necessary for the security function. This represents a legitimate interest within the meaning of Art 6 paragraph 1 lit. f GDPR.

Cloudflare keeps data logs only as long as necessary and this data is deleted within 24 hours in most cases. However, there is information that Cloudflare keeps indefinitely as part of its permanent logs in order to improve Cloudflare's overall performance. However, this data is not personal and is anonymized by Cloudflare. What data is involved can be found at https://www.cloudflare.com/application/privacypolicy/.

For more information on handling the transferred data to Cloudflare, see Cloudflare's Privacy Policy: https://www.cloudflare.com/security-policy.

Cookies and Local Storage

We use cookies to make our website as user-friendly and functional as possible for you. Some of these cookies are stored on the device you use to access the site. 

Cookies are small packages of data that are exchanged between your browser and our web server whenever you visit our website. They do not cause any damage and are used solely to recognise website visitors. Cookies can only store information provided by your browser, e.g. information that you have entered into your browser or that is available on the website. Cookies cannot execute code and cannot be used to access your terminal device. 

The next time you access our website using the same device, the information stored in the cookies can then either be sent back to us (“first-party cookie”) or to a web application of third party to whom the cookie belongs (“third-party cookie”).  The information that is stored and sent back allows each web application to recognise that you have already accessed and visited the website using the browser on your device. 

Cookies contain the following information:

We classify cookies in the following categories depending on their purpose and function:  

Depending on the storage period, we also divide cookies into session and persistent cookies. Session cookies store information that is used during your current browser session. These cookies are automatically deleted when the browser is closed. No information remains on your device. Persistent cookies store information between two visits to the website. Based on this information, you will be recognized as a returning visitor on your next visit and the website will react accordingly. The lifespan of a persistent cookie is determined by the provider of the cookie.

The legal basis for using technically necessary cookies is our legitimate interest in the technically fault-free operation and smooth functionality of our website as described in Art. 6 paragraph 1 lit. f of the GDPR. The use of statistics and marketing cookies is subject to your consent, in accordance with Art. 6 paragraph 1 lit. a of the GDPR.  You can withdraw your consent for the future use of cookies at any time in accordance with Art. 7 paragraph 3 of the GDPR.  Your consent is voluntary. If consent is not given, no disadvantages arise. For more information about the cookies we actually use (specifically, their purpose and lifespan), refer to this Privacy Policy and to the information in our cookie banner about the cookies we use.

You can also set your web browser so that it does not store any cookies in general on your device or so that you will be asked each time you visit the site whether you accept the use of cookies. Cookies that have already been stored can be deleted at any time. Refer to the Help section of your browser to learn how to do this.
 
Please note that a general deactivation of cookies may lead to functional restrictions on our website. 

On our website, we also use so-called local storage functions (also called "local data"). This means that data is stored locally in the cache of your browser, which continues to exist and can be read even after you close the browser - as long as you do not delete the cache or data is stored within the session storage. 

Third parties cannot access the data stored in the local storage. If special plug-ins or tools use the local storage functions, you are informed within the description of the respective plug-in or tool. 

If you do not wish plug-ins or tools to use local storage functions, you can control this in the settings of your respective browser. We would like to point out that this may result in functional restrictions.

Dynatrace

Dynatrace, a service of Dynatrace LLC, 1601 Trapelo Road, Suite 116, Waltham, MA 02451, USA, provides insight into the performance of the respective web application and the user's navigation on the website. Dynatrace collects data such as W3C timings, button clicks, link clicks, JavaScript errors, browser types, and geographic regions. This helps to improve the respective offers and to solve functional problems. 

To the privacy policy of Dynatrace: https://www.dynatrace.com/company/trust-center/  

Facebook-Pixel

Purpose: Marketing
Recipient country: USA

We use the Facebook-Pixel provided by the social network Facebook on our website for purposes of analysis and optimisation and for the commercial operation of our website. This tool is operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (‘Facebook’).

ATTENTION: Within the scope of this service, data transfer to the US takes place or cannot be ruled out. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of data protection in the case of data transfer to the US and that there are therefore various risks (such as possible access by US secret services).

Facebook-Pixel makes it possible for Facebook to identify visitors of our website as target groups for displaying ads (‘Facebook ads’). Therefore, we use Facebook-Pixel to display our Facebook ads only to Facebook users who have shown interest in our online product offering, or who show certain characteristics (e.g. interests in specific topics or products that are determined based on the websites they have visited), which we share with Facebook (i.e. ‘custom audiences’). By using Facebook-Pixel, we also want to ensure that our Facebook ads match the potential interests of users and do not cause any inconvenience. Furthermore, by using Facebook-Pixel, we can evaluate the effectiveness of Facebook ads for statistical and market research purposes by seeing whether the user was redirected to our website after clicking on a Facebook ad (i.e. ‘conversion’).

Your actions are stored in one or more cookies. These cookies enable Facebook to match your user data (such as IP address, user ID) with the data of your Facebook account. The collected data is anonymous and not visible to us and can only be used in the context of advertisements. You can prevent the linking with your Facebook account by logging out before you take any action.

The processing of your data is based on your consent within the meaning of Art 6 paragraph 1 lit. a GDPR. You can revoke this consent at any time with effect for the future.

Further information on how Facebook processes personal data, including the legal basis on which Facebook relies and the possibilities for exercising the rights of data subjects vis-à-vis Facebook, can be found in the Facebook Data Policy at https://www.facebook.com/policy.php

If you want to control what kind of adverts are displayed to you on Facebook, you can go to the page Facebook has set up for this purpose and follow the instructions on configuring user-targeted adverts:  https://www.facebook.com/settings?tab=ads 

The settings chosen will be applied across all platforms, meaning that they will apply to all devices from your desktop to mobile.

Facebook processes data in accordance with its privacy policy. For general information about the presentation of Facebook ads, refer to: https://www.facebook.com/policy.php 

You can find more specific, detailed information about Facebook-Pixel and how it works on Facebook’s Help pages: https://en-gb.facebook.com/business/help/742478679120153?id=1205376682832142

Google Analytics

Purpose: Statistics
Recipient country: USA

We use the functions of the web analytics service Google Analytics on our website to analyse user behaviour and to optimise our website. The provider of this service is Google Ireland Limited, Barrow Street, Dublin 4, Ireland ("Google"). 

ATTENTION: Within the scope of this service, data transfer to the US takes place or cannot be ruled out. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of data protection in the case of data transfer to the US and that there are therefore various risks (such as possible access by US secret services).

Google Analytics uses cookies that enable an analysis of the use of our website.

In general, information about your use of the website is transferred to a Google server and stored there, such as the type and version of browser you used, the operating system you used, the site you visited prior to accessing our site, the host name of the computer (IP address) you used to access the site, and the time of your server request. For this purpose, we have entered into a contract with Google for contractual processing of your data.

At our request, Google will use this information to analyse the use of our website, to create reports on the activities within our website and to render additional services related to the use of our website and of the internet. According to Google, the IP address submitted by your browser will not be added to other data held by Google. 

We use Google Analytics only with IP anonymisation activated, which means we have expanded this website to include the code ‘anonymizeIP’. This ensures that your IP address is masked, so that all data is collected anonymously. Only under exceptional circumstances will a full IP address be transmitted to a Google server and truncated there.

During the website visit, the following data is collected:

The data about the use of our website is immediately deleted after expiration of the storage limits that we have set. Google Analytics gives us the following options for the storage limits: 14 months, 26 months, 38 months, 50 months or no automatic deletion. You can ask us any time for the current storage limit that we have set.

The processing of your data using Google Analytics is subject to your explicit consent in the sense of Art 6 paragraph 1 lit. a of the GDPR. You can revoke your consent at any time with effect for the future.

You can also block the collection of data by downloading and installing the browser plugin available through the link below: http://tools.google.com/dlpage/gaoptout

You can find out exactly where Google data centres are located here: https://www.google.com/about/datacenters/inside/locations/ 

For more information about how Google uses your data, and about options for settings and withdrawal of consent, refer to the Google Privacy Policy at https://policies.google.com/privacy

The data processing terms and conditions for Google products and the standard contractual clauses for data transfers to third countries can be found at https://business.safety.google/adsprocessorterms/

Google Tag Manager

We use the service Google Tag Manager on our website. This service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

ATTENTION: Within the scope of this service, data is transferred to the US or such transfer cannot be ruled out. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of data protection in the case of data transfer to the USA and that there are therefore various risks (such as possible access by US secret services).

When the Tag Manager is started, your browser establishes a connection to Google's servers, which are mainly situated in the US. This informs Google that our website has been accessed via your IP address. You can find out exactly where Google data centers are located here: https://www.google.com/about/datacenters/inside/locations/

Google Tag Manager is used to manage website tags via an interface. This enables us to embed code snippets such as tracking codes or conversion pixels into our website without interfering with the source code. In this process, Tag Manager data is only transferred, it is neither collected nor stored. The Tag Manager itself is a cookie-less domain and does not process any personal data, because it is used solely to manage other services used on our website based on our legitimate interest according to Art 6 paragraph 1 lit f GDPR. The Tag Manager triggers other tags which in turn collect data under specific circumstances. However, the Tag Manager has no access to this data. If you have chosen to deactivate cookies on our site in general or to deactivate specific cookies, this will remain in effect for all tracking tags that are implemented using the Tag Manager. 

To prevent this service, you can install a JavaScript blocker. However, this may result in the website no longer functioning as usual.

For more information about data protection, refer to the following Google websites: 

Privacy Policy: https://policies.google.com/privacy
FAQ Google Tag Manager: https://www.google.com/intl/de/tagmanager/faq.html
Use Policy Google Tag Manager: https://marketingplatform.google.com/intl/de/about/analytics/tag-manager/use- policy/
Google Ads Data Processing Terms including standard contractual clauses for third country transfers: https://business. safety.google/adsprocessorterms/

Google Translate

On our website, a web service called Google Translate is loaded for the translation of texts and terms of the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

ATTENTION: Within the scope of this service, data transfer to the US takes place or cannot be ruled out. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of data protection in the case of data transfer to the US and that there are therefore various risks (such as possible access by US secret services).

When Google Translate is started, your browser establishes a connection to Google's servers. This informs Google that our website has been accessed via your IP address.

To use the functions of Google Translate it is necessary to store your IP address. Generally information is transferred to a Google server in the USA and stored there.

We use this service to ensure the full functionality and easy access to our website as well as the accessibility of our online offer for international users.  This constitutes a legitimate interest within the meaning of Art 6 paragraph 1 lit. f GDPR.

The data will be deleted as soon as the purpose of their collection has been fulfilled.

You can find out exactly where Google data centres are located here: https://www.google.com/about/datacenters/inside/locations/ 

Further information on the handling of the transferred data can be found in Google's privacy policy: https://policies.google.com/privacy?hl=en

Hosting

In the process of hosting our website, we store all data related to the operation of our website. This is necessary for enabling operation of our website. Therefore, we process this data on the legal grounds of our legitimate interest in optimising our website as described under Art. 6 paragraph 1 lit. f of the GDPR. To provide access to our website, we use the services of web hosting providers, to whom we supply the aforementioned data within the context of contractual processing in accordance with art. 28 of the GDPR.

HubSpot

Purpose: Marketing
Recipient country: USA

On our website we use the software solution HubSpot to carry out marketing activities. HubSpot is a US-based software company with an affiliate HubSpot Ireland Limited 1 Sir John Rogerson's Quay, Dublin, Ireland ("HubSpot").

ATTENTION: Within the scope of this service, data transfer to the US takes place or cannot be ruled out. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of data protection in the case of data transfer to the US and that there are therefore various risks (such as possible access by US secret services).

HubSpot is used for our own marketing, lead generation and customer service purposes. These include e-mail marketing, which regulates the sending of newsletters and automated mailings, social media publishing and reporting, contact management such as user segmentation and CRM, landing pages and contact forms. HubSpot uses cookies to allow an analysis of the use of our website. The processed information (such as IP address, geographic location, browser type, duration of visit, and pages viewed) is evaluated by HubSpot on behalf of us so that we can generate reports on the visit and the pages visited. Information collected through HubSpot and the contents of our website are stored on HubSpot service provider servers.

For more information on HubSpot's privacy, please visit https://legal.hubspot.com/privacy-policy (English) and Cookies at https://legal.hubspot.com/cookie-policy (English).

Contact

Whenever you contact us, your information is used to process and handle your contact request in the course of fulfilling pre-contractual rights and obligations in accordance with Art. 6 paragraph 1 lit. b of the GDPR. To handle and answer your request it is necessary for us to process your data; otherwise we are unable to answer your request or only able to partially answer it. Your information can be stored in a database of customers and leads on the grounds of our legitimate interest in direct marketing as described in Art. 6 paragraph 1 lit. f of the GDPR.

We delete your request and contact information when your request has been definitively answered and there is no legally required time limit for storing this data prior to deletion (e.g. pursuant to a subsequent contractual relationship). This is usually the case when there is no further contact with you for three years in a row.

Leadfeeder

On our website, the service Leadfeeder of the provider Liidio Oy / Leadfeeder, Keskuskatu 6 E, 00100 Helsinki,  Finland is used to generate leads simultaneously with Google Analytics.

Leadfeeder accesses the list of website visitors' IP addresses provided by Google Analytics in the evaluation and links the list of IP addresses with information about the companies that can be found on the Internet under these IP addresses. Due to the shortening of the IP addresses of the website visitors already carried out within the scope of Google Analytics, a direct personal reference is not established. Only company visitors can be assumed.

The processing of your data within the scope of this service is based on your consent in accordance with Art 6 paragraph 1 lit a GDPR. You can revoke this consent at any time with effect for the future.

Furthermore, you can prevent Leadfeeder from storing a user profile or data about your use of our website by means of an opt-out. You can find the option and information on this at: https://yourdata.leadfeeder.com/.

For more information about Leadfeeder and the data collected, please see: https://www.leadfeeder.com/privacy/.

Server Log Files

For technical reasons, particularly to ensure a functioning and secure website, we process the technically necessary data about accesses to our website in so-called server log files which your browser automatically sends to us. 

The access data we process includes:

This data cannot be traced back to any natural person and is used solely to perform statistical analyses and to operate and improve our website while also optimising our site and keeping it secure. This data is sent exclusively to our website operator. The data is neither connected nor aggregated with other data sources. In case of suspicion of unlawful use of our website, we reserve the right to examine the data retroactively. This data processing takes place on the legal grounds of our legitimate interest in maintaining a technically fault-free and optimal website, as described under Art. 6 paragraph 1 lit. f of the GDPR.

The access data is deleted within a short period of time after serving its purpose (usually within a few days) unless further storage is required for evidence purposes. In such cases, the data is stored until the incident is definitively resolved.

SSL Encryption

Within your visit to our website, we use the widespread SSL procedure (Secure Socket Layer) in conjunction with the highest level of encryption supported by your browser. You can tell whether an individual page of our website is transmitted in encrypted form by the closed representation of the key or lock symbol in the lower status bar of your browser. We use this encryption procedure on the basis of our justified interest in the use of suitable encryption techniques in accordance with Art. 6 paragraph 1 lit. f GDPR.

We also make use of suitable technical and organisational security measures in accordance with Art. 32 GDPR to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments and kept state-of-the-art.

Vimeo

Purpose: External media
Recipient country: USA

On our website videos of the platform "Vimeo" of the provider Vimeo Inc. are integrated, Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA ("Vimeo").

ATTENTION: Within the scope of this service, data transfer to the US takes place or cannot be ruled out. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of data protection in the case of data transfer to the US and that there are therefore various risks (such as possible access by US secret services).

If you access the Vimeo plugin on our website, a connection to the Vimeo servers will be established and the plugin will be displayed. This transmits your IP address to the Vimeo server, as well as the information which of our Internet pages you have visited. If you are logged in as a member of Vimeo, Vimeo will assign this information to your personal user account. This information is also assigned to your user account when using the plugin, e.g. clicking the start button of a video. You can prevent this assignment by logging out of your Vimeo user account before using our website.

If you want Vimeo to prevent the transmission and storage of data about you and your behavior on our website, you must log out of Vimeo before you visit our site. For more information, in particular regarding Vimeo's collection and use of information, please see Vimeo's Privacy Policy at https://vimeo.com/privacy.

WebCare

In order to obtain consent for the use of cookies on our website in accordance with data protection regulations, we use the Consent Banner of DataReporter WebCare. This is a service provided by DataReporter GmbH, Zeileisstraße 6, 4600 Wels, Austria ("DataReporter"). More information about this company can be found at www.datareporter.eu. The Consent Banner records and stores the consent to cookie use for the respective user of our website. Our Consent Banner ensures that statistical and marketing cookies are only set when the user has given his express consent to their use. 

We store information on the extent to which the user has confirmed the use of cookies. The user's decision can be revoked at any time by calling up the setting for cookies and managing the declaration of consent. Existing cookies will be deleted after revocation of the consent. A cookie is also set to store information on the status of the user's consent, which is indicated in the cookie details. Furthermore, the IP address of the respective user is transmitted to DataReporter's server for calling this service. The IP address is neither stored nor associated with any other data of the user, it is only used for the correct execution of the service. The use of the above data is therefore based on our legitimate interest in the legally compliant design of our website in accordance with Art. 6 paragraph 1 lit. f GDPR.

Further information can be found in the DataReporter data protection declaration at https://www.datareporter.eu/de/privacystatement.html Please feel free to send your enquiries about this service to office@datareporter.eu.

Youtube

Purpose: External media
Recipient country: USA

On our website, we use the "YouTube" service to embed videos. The provider of this service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("YouTube").

ATTENTION: Within the scope of this service, data transfer to the US takes place or cannot be ruled out. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of data protection in the case of data transfer to the US and that there are therefore various risks (such as possible access by US secret services).

We have activated the extended data protection mode on YouTube. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch a video. However, the disclosure of data to YouTube partners is not excluded by the extended data protection mode.

As soon as you start a YouTube video, a connection to YouTube's servers is established. This tells YouTube which of our pages you have visited. If you are logged into your YouTube account, you thereby enable YouTube to assign your surfing behaviour directly to your personal profile. This can be prevented by logging out of your account.

Furthermore, YouTube can save various cookies on your end device after starting a video or use comparable technologies (e.g. device fingerprinting). YouTube also uses the local storage on your end device. In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve the user experience and prevent fraud attempts.

YouTube is used in the interest of an appealing presentation of our website. This represents a legitimate interest within the meaning of Art. 6 paragraph 1 lit. f GDPR. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 paragraph 1 lit. a GDPR; the consent can be revoked at any time for the future.

The applicable privacy policy of YouTube can be found at: https://www.google.com/policies/privacy/, Opt-out option: https://adssettings.google.com/authenticated

\
\
Download technologies list as PDF