Privacy policy

I. Information on the processing of your data in accordance with Art. 13 of the General Data Protection Regulation (GDPR)

1. Person responsible

Responsible for this website is:

2. Data processed for the provision of the website and the creation of log files

a. What data is processed for what purpose?

Each time you access content on the website, data is temporarily stored that may allow you to be identified. The following data is collected:

  • Date and time of access
  • IP address
  • Host name of the accessing computer
  • Website from which the website was accessed
  • Websites that are accessed via the website
  • Visited page on our website
  • Message whether the retrieval was successful
  • Amount of data transferred
  • Information about the browser type and version used
  • Operating system

Temporary storage of the data is necessary for the course of a website visit to enable delivery of the website. Further storage in log files takes place in order to ensure the functionality of the website and the security of the information technology systems. Our legitimate interest in data processing also lies in these purposes.

b. What is the legal basis for processing this data?

The data is processed on the basis of Article 6(1)(f) GDPR.

c. Are there other recipients of the personal data besides the controller?

The website is hosted by IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany. The hoster receives the above-mentioned data as a processor.

d. How long is the data stored?

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. When the website is provided, this is the case when the respective session has ended. The log files are stored for a maximum of 48 hours and are accessible directly and exclusively to administrators. After that, they are only available indirectly via the reconstruction of backup tapes and are permanently deleted after a maximum of six weeks.

3. Rights of data subjects

a. Right to information

You can request information in accordance with Art. 15 GDPR about your personal data that we process.

b. Right to object:

You have the right to object for specific reasons (see point II).

c. Right to rectification

If the information concerning you is not (or no longer) correct, you can request a correction in accordance with Art. 16 GDPR. If your data is incomplete, you can request that it be completed.

d. Right to cancellation

You can request the erasure of your personal data in accordance with Art. 17 GDPR.

e. Right to restriction of processing

In accordance with Art. 18 GDPR, you have the right to request that the processing of your personal data be restricted.

f. Right to lodge a complaint

If you believe that the processing of your personal data violates data protection law, you have the right to lodge a complaint with a data protection supervisory authority of your choice in accordance with Art. 77 (1) GDPR. This also includes the data protection supervisory authority responsible for the controller State Commissioner for Data Protection Bavaria, https://www.lda.bayern.de/.

g. Right to data portability

In the event that the requirements of Art. 20 para. 1 GDPR are met, you have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to third parties. The collection of data for the provision of the website and the storage of log files are absolutely necessary for the operation of the website. They are therefore not based on consent pursuant to Art. 6(1)(a) GDPR or on a contract pursuant to Art. 6(1)(b) GDPR, but are justified pursuant to Art. 6(1)(f) GDPR. The requirements of Art. 20 (1) GDPR are therefore not fulfilled in this respect.

II. Right to object pursuant to Art. 21 (1) GDPR

You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on point (f) of Article 6(1) GDPR. The controller will then no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims. The collection of data for the provision of the website and the storage of log files are absolutely necessary for the operation of the website.

III. Other recipients of the personal data

4. External services and content

a. Use of Cloudflare CDN

We use the Cloudflare service to improve the loading speed of our website, to ensure its security and to provide content such as fonts (Font Awesome) and the CookieConsent banner. The following data is processed:

  • IP address of the user
  • Access data (date, time, page accessed)
  • Technical information (e.g. browser type, operating system)

Cloudflare uses cookies to improve website functionality and security.

Legal basis:

Processing is carried out on the basis of Article 6(1)(f) GDPR (legitimate interest). Our legitimate interest lies in the secure and efficient provision of our website and an appealing design through services such as Font Awesome.

Further information:

Information on data processing by Cloudflare can be found at: https://www.cloudflare.com/privacypolicy/.

b. AI-Powered Text Generation and Chatbot (OpenAI GPT)

  • We use the OpenAI GPT service for the automated generation of emails and for providing a support chatbot.
  • When using the chatbot and the contact form, personal data (e.g., email address, name, or free-text entries) may be processed depending on the user’s input. This data is used solely to handle your request
  • Legal basis:
    • Art. 6(1)(f) GDPR (legitimate interest in efficient customer support),
    • or Art. 6(1)(b) GDPR (performance or initiation of a contract), if applicable.
  • Recipient: OpenAI, USA (processing based on EU standard contractual clauses).
  • Only data required for the respective function is transmitted. Chat conversations are not permanently stored without your explicit consent.
  • Chat histories are stored for quality assurance purposes for a period of 30 days and then automatically deleted, unless you have explicitly agreed to a longer storage period.
  • More information: OpenAI Privacy Policy.

c. Email sending (Amazon Web Services – SES)

  • We use Amazon Simple Email Service (SES) to send emails (e.g., for contact requests or system notifications).
  • Email addresses and, if applicable, names and the content of the request are processed to enable delivery – no other personal data.
  • Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in reliable communication).
  • Recipient: Amazon Web Services EMEA SARL, Luxembourg. The data may also be processed in data centers outside the EU as part of order processing. This is done on the basis of the EU standard contractual clauses.
  • Further information: AWS Privacy Policy.

5. Web analytics and statistics

We use a data protection-friendly web analysis tool to analyse and improve our online offering. These analyses are carried out without the use of cookies and on the basis of anonymised data.

We use Matomo, an open source software for the statistical analysis of the use of our website. Matomo is operated on a server at our hosting service provider[Strato AG, Pascalstraße 10, 10587 Berlin].

What data is processed?

The following anonymised data is collected:

  • Pages visited and order
  • Dwell time on the pages
  • Country of origin (without exact location)
  • Operating system, browser type and version

Anonymisation of the data:

We have configured Matomo so that all data is collected anonymously. In particular, your IP address is stored in abbreviated form so that it cannot be traced back to you personally. In addition, no cookies are used to further protect the privacy of users.

Legal basis:

Processing is carried out on the basis of Article 6(1)(f) GDPR (legitimate interest). Our legitimate interest lies in the improvement of our offer and the technical optimisation of our website.

6. Use of cookies

a. Which cookies are used?

Our website uses cookies to ensure functionality, improve the user experience and provide certain services. These are:

  • Necessary cookies: These cookies are necessary for the operation of our website. Without them, certain functions could not be provided.

b. Legal basis of the processing:

Processing is carried out on the basis of Art. 6(1)(f) GDPR (legitimate interest) for necessary cookies and on the basis of Art. 6(1)(a) GDPR (consent) for all other cookies.

c. How can cookies be managed?

You can disable or delete cookies in your browser settings. Please note that this may affect the functionality of our website.

🤖 Chatbot

Ask your first question!