Privacy Policy

This privacy policy sets out the basis on which any information that we collect from you, or that you provide to us, will be processed by us.

Information about us

TRIFECTA INTERNATIONAL  LLC
Schramm, Moritz
1309 Coffeen Ave
Sheridan, WY 82801
United States of America

Email Address: info@crisis-fit.com

 

Terms of Use

a) The content of our Website is protected by trademark, copyright, database and other intellectual property rights and you acknowledge that the material and content supplied as part of our Website shall remain with us or our licensors. You may display the content of the Website on a computer screen or mobile phone screen, store such content in electronic form on disk (but not any server or other storage device connected to a network) or print one copy of such content for your own personal, non-commercial use, provided you keep intact all and any copyright and proprietary notices. You indemnify us that you will not otherwise copy, scrape, modify, reproduce or distribute or use for any purposes any of the materials or content on our Website. Any breach of this indemnity will result in court proceedings and reporting such instances to the police and other authorities.

b) We shall not be liable to you under or in connection with this Privacy Policy or any collateral contract including, but not limited to, the following:

i. loss of revenue;
ii. loss of contracts;
iii. loss of the use of money;
iv. loss of anticipated savings;
v. loss of business;
vi. loss of opportunity;
vii. loss of goodwill;
viii. loss of reputation;
ix. loss of, damage to or corruption of Data;

or any indirect or consequential loss, in each case howsoever arising, whether such loss or damage was foreseeable or in the contemplation of the parties and whether arising in or caused by breach of contract, tort (including proven negligence), breach of statutory duty or otherwise.

c) We do not exclude or limit in any way our liability to you where it would be unlawful to do so. This includes liability for death or personal injury caused by our proven negligence or the proven negligence of our employees, agents or subcontractors; for proven fraud or proven fraudulent misrepresentation; or any other liability which cannot be excluded or limited under applicable law.

d) We will have no liability to you for any loss of profit, loss of business, business interruption, or loss of business opportunity.

e) When you post information on our Website or our Social Media Websites, you must not infringe the rights of others (including but not limited to; any such contribution will being offensive, derogatory, defamatory, slanderous, libellous, unlawful, deliberately misleading, breach any moral rights, or breach a third party’s rights, trade mark or copyright and you will be liable to us and indemnify us for any breach of that warranty) and you should be aware that others may use, tag and/or re-publish your information in ways that you might not expect (including in ways that are unlawful). You understand that we and others may use and re-publish any Data you post online publicly, on our Website or our Social Media Websites.

f) You indemnify us against any costs (including reasonable legal expenses), loss, damage or liability suffered by us as a consequence of any breach of your obligations under this Privacy Policy or the enforcement of this Privacy Policy.

 

Data Protection Agreement

Overview of Data Processing

The following overview summarizes the types of data processed and the purposes for which they are processed, as well as the individuals affected.

Types of Processed Data

  • Basic data.
  • Payment data.
  • Contact data.
  • Content data.
  • Contract data.
  • Usage data.
  • Metadata, communication, and procedural data.
  • Log data.

Categories of Affected Individuals

  • Service recipients and clients.
  • Prospective clients.
  • Communication partners.
  • Users.
  • Business and contract partners.

Purposes of Processing

  • Provision of contractual services and fulfillment of contractual obligations.
  • Communication.
  • Security measures.
  • Direct marketing.
  • Reach measurement.
  • Tracking.
  • Office and organizational procedures.
  • Target group formation.
  • Organizational and administrative procedures.
  • Feedback.
  • Marketing.
  • Profiles with user-related information.
  • Provision of our online services and user-friendliness.
  • IT infrastructure.
  • Public relations.
  • Sales promotion.
  • Business processes and economic procedures.

Applicable Legal Grounds

Security Measures:
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, considering the state of technology, implementation costs, nature, scope, circumstances, and purposes of the processing, as well as the different probabilities of occurrence and severity of the threat to the rights and freedoms of natural persons.

These measures include ensuring data confidentiality, integrity, and availability by controlling physical and electronic access to the data, monitoring access, input, transmission, ensuring availability, and segregation of data. We have established procedures to ensure the exercise of data subjects' rights, deletion of data, and responses to data risks. Furthermore, we incorporate data protection into the design of technology and software according to the principles of privacy by design and default.

Transmission of Personal Data

In the course of processing personal data, it may be transferred to other entities, companies, legally independent organizational units, or individuals, or disclosed to them. Recipients of this data may include service providers tasked with IT-related duties or providers of services and content integrated into a website. In such cases, we comply with legal requirements, particularly by entering into contracts or agreements with the recipients to protect your data.

Business Services

We process data from our contractual and business partners (e.g., customers and prospective clients) in the context of contractual and comparable legal relationships, as well as related measures, including communication with business partners (or pre-contractually), for example, to respond to inquiries.

We use this data to fulfill our contractual obligations. This includes, in particular, the obligations to provide the agreed-upon services, address warranty issues, and resolve performance issues. We also process this data to protect our rights and for administrative and organizational tasks associated with these obligations. Additionally, we process this data based on our legitimate interests in proper and economically efficient business operations, as well as security measures to protect our business partners and operations from misuse or threats to their data, secrets, information, and rights.
If legally required, we only disclose the data of business partners to third parties to the extent necessary for the purposes mentioned above or to fulfill legal obligations. Business partners will be informed of further forms of processing, such as for marketing purposes, in this privacy policy.

We delete data after the expiration of statutory warranty and similar obligations, typically after four years, unless data is stored in a customer account or retained for legal reasons (e.g., for tax purposes, generally ten years). Data disclosed to us by the business partner as part of an assignment is deleted following the order's completion.

Title

If you owe tax on income or gains, it’s important to let HMRC know about any unpaid tax as soon as possible. This blog article explains how to make a voluntary disclosure.

You can use the Digital Disclosure Service (DDS) to tell HMRC that you’ve not declared the right amount of tax on one or more of the following: Income Tax, Capital Gains Tax, National Insurance Contributions, or Corporation Tax. The DDS gives individuals and businesses the opportunity to bring up any unpaid tax in a simple, easy way.

Data Processed:

Basic data (e.g., full name, residential address, contact details, customer number); payment data (e.g., bank account details, invoices, payment history); contact data (e.g., postal and email addresses or phone numbers); contract data (e.g., contract subject, duration, customer category).

Affected Individuals:

Service recipients and clients; prospective clients; business and contract partners.

Purposes of Processing:

Provision of contractual services and fulfillment of contractual obligations; communication; office and organizational procedures; organizational and administrative procedures; business processes and economic procedures.

Retention and Deletion:

Data is deleted according to the details provided in the section "General Information on Data Retention and Deletion."

Legal Basis:

Performance of a contract and pre-contractual inquiries (Art. 6(1)(b) GDPR); legal obligation (Art. 6(1)(c) GDPR); legitimate interests (Art. 6(1)(f) GDPR).

Provision of Online Services and Web Hosting

We process the data of users to provide them with our online services. For this purpose, we process the user's IP address, which is necessary to transmit the contents and functions of our online services to the user's browser or device.

Processed Data Types:

  • Usage data (e.g., pages viewed, time spent, click paths, usage intensity and frequency, device types, and operating systems used, interactions with content and functions).
  • Metadata, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved parties).
  • Log data (e.g., logins or data retrieval or access times).

Affected Individuals:

  • Users (e.g., website visitors, users of online services).

Purposes of Processing:

  • Provision of our online services and user-friendliness.
  • IT infrastructure (operation and provision of information systems and technical equipment, such as computers, servers, etc.).
  • Security measures.

Retention and Deletion:

  • Data is deleted according to the details provided in the section "General Information on Data Retention and Deletion."

Legal Basis:

  • Legitimate interests (Art. 6(1)(f) GDPR).

Further Information on Processing Procedures, Procedures, and Services

Collection of Access Data and Log Files:
Access to our online offer is recorded in the form of "server log files." These log files can include the address and name of the websites and files accessed, the date and time of the retrieval, the amount of data transferred, notifications of successful retrieval, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP addresses, and the requesting provider.

The server log files can be used for security purposes, for example, to prevent server overloads (especially in the case of misuse attacks such as DDoS attacks) and to ensure the stability and performance of the servers.

Legal Basis:

  • Legitimate interests (Art. 6(1)(f) GDPR).

Deletion of Data:
Log file information is stored for a maximum period of 30 days and then deleted or anonymized. Data that needs to be retained as evidence is excluded from deletion until the respective incident is fully resolved.

Use of Cookies

Cookies are small text files or other storage marks that store information on end devices and retrieve it from them. For example, to save the login status in a user account, the content of a shopping cart in an online shop, or the accessed content and used functions of an online offer. Cookies may also be used for various other purposes, such as ensuring the functionality, security, and comfort of online offers, as well as for creating analyses of visitor flows.

Notice Regarding Consent:
We use cookies in accordance with legal requirements. Therefore, we obtain prior consent from users unless it is not required by law. Consent is not necessary, particularly if storing and accessing information, including cookies, is essential to provide a telemedia service (our online offer) that the user expressly requests. The revocable consent is clearly communicated to users and includes information about the respective cookie usage.

Notice on Legal Basis of Data Protection:
The legal basis on which we process users' personal data using cookies depends on whether we ask for users’ consent. If users agree, the legal basis for processing their data is the declared consent. Otherwise, the data processed by cookies is based on our legitimate interests (e.g., interest in the economic operation of our online offer and improving its usability) or, if necessary, to fulfill our contractual obligations when the use of cookies is required to meet our contractual obligations.

Retention Period:
Regarding the storage period, the following types of cookies are distinguished:

  • Temporary cookies (also called session or session cookies):
    These cookies are deleted at the latest after a user has left an online offer and closed their device (e.g., browser or mobile application).

  • Permanent cookies:
    These cookies remain stored even after closing the device. For example, the login status can be saved, or preferred content can be displayed directly when the user revisits a website. Similarly, the data collected through cookies can be used for reach measurement purposes.

If we do not provide users with explicit information about the type and storage period of cookies, users should assume that cookies are permanent and the storage period can be up to two years.

General Information on Revocation and Objection (Opt-Out):
Users can revoke their given consent at any time and also object to processing according to legal requirements, for example, by adjusting their browser privacy settings.

Processed Data Types:

  • Meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved parties).

Affected Individuals:

  • Users (e.g., website visitors, users of online services).

Legal Basis:

  • Legitimate interests (Art. 6(1)(f) GDPR).
  • Consent (Art. 6(1)(a) GDPR).

Other Information on Processing Procedures, Procedures, and Services

Processing of Cookie Data Based on Consent:
We use a consent management solution where users’ consent for the use of cookies or for the procedures and providers specified in the consent management solution is obtained. This process serves the purpose of obtaining, logging, managing, and withdrawing consent, particularly regarding the use of cookies and comparable technologies for storing, reading, and processing information on users' devices. As part of this procedure, users' consent is collected for the use of cookies and related data processing, including the specific processing and providers mentioned in the consent management procedure.

Users also have the option to manage and withdraw their consents. Consent declarations are stored to avoid needing to ask for them again and to provide proof of consent in accordance with legal requirements. Storage occurs server-side and/or in a cookie (so-called opt-in cookie) or similar technology, so the consent can be assigned to a specific user or device.

If no specific information is available regarding consent management service providers, the following general information applies: The storage duration of consent is up to two years. A pseudonymous user identifier is created, stored with the time of consent, details about the scope of consent (e.g., relevant categories of cookies and/or service providers), and information about the browser, system, and device used.

Legal Basis:

  • Consent (Art. 6(1)(a) GDPR).

Blogs and Publication Media

We use blogs or similar means of online communication and publication (hereinafter referred to as "publication medium"). The data of readers is only processed to the extent necessary for the display of the publication medium and for communication between authors and readers or for security reasons. Otherwise, we refer to the information on the processing of visitors to our publication medium in this privacy notice.

Processed Data Types:

  • Basic data (e.g., full name, residential address, contact details, customer number).
  • Contact data (e.g., postal and email addresses or phone numbers).
  • Content data (e.g., text or image messages and contributions, as well as related information, such as authorship information or time of creation).
  • Usage data (e.g., page views and time spent, click paths, usage intensity and frequency, device types, and operating systems used, interactions with content and functions).
  • Metadata, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved parties).

Affected Individuals:

  • Users (e.g., website visitors, users of online services).

Purposes of Processing:

  • Feedback (e.g., collecting feedback via an online form).
  • Provision of our online offer and user-friendliness.
  • Security measures.
  • Organizational and administrative procedures.

Retention and Deletion:

  • Data is deleted according to the details provided in the section "General Information on Data Retention and Deletion."

Legal Basis:

  • Legitimate interests (Art. 6(1)(f) GDPR).

Processing of Access Data and Log Files:

Access to our online offer is logged in the form of so-called "server log files." The server log files can include the address and name of the accessed websites and files, date and time of the retrieval, transmitted data volumes, notification of successful retrieval, browser type and version, the operating system of the user, referrer URL (the previously visited page), IP addresses, and the requesting provider. The server log files may be used for security purposes, e.g., to avoid server overloads (especially in cases of misuse attacks, such as DDoS attacks) and to ensure the stability and functionality of the servers.

Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f DSGVO).

Deletion of data: Log file information is stored for a maximum duration of 30 days and then deleted or anonymized. Data that must be retained for evidentiary purposes is excluded from deletion until the respective incident has been fully clarified.

Use of Cookies:

Cookies are small text files or other memory notes that store information on devices and read from them. For example, to store the login status in a user account, a shopping cart content in an online store, the accessed content, or the functions used in an online offer. Cookies can also be used for other purposes, such as ensuring the functionality, security, and comfort of online offers, as well as for creating analyses of visitor flows.

Notice on consent: We use cookies in accordance with legal requirements. Therefore, we obtain prior consent from users unless it is not required by law. Consent is particularly not necessary if the storage and reading of information, thus also of cookies, is absolutely necessary to provide a telemedia service expressly requested by the user (i.e., our online offer). The revocable consent is clearly communicated to users and contains the information about the respective cookie usage.

Notice on legal basis in data protection law: The legal basis on which we process the personal data of users using cookies depends on whether we ask for users' consent. If users agree, the legal basis for processing their data is the declared consent. Otherwise, the data processed with the help of cookies is based on our legitimate interests (e.g., in the economic operation of our online offer and improving its usability) or if the use of cookies is necessary to fulfill our contractual obligations.

Purpose of processing: The purposes for which the cookies we use are processed are clarified in this privacy policy or in the context of our consent and processing procedures.

Storage duration: With regard to the storage duration, the following types of cookies are distinguished:

  • Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed their device (e.g., browser or mobile application).
  • Permanent cookies: Permanent cookies remain stored even after the device has been closed. For example, the login status can be stored, or preferred content can be displayed directly when the user revisits a website. Similarly, the data collected with the help of cookies can be used for reach measurement purposes. If we do not provide users with explicit information about the type and storage duration of cookies, users should assume that cookies are permanent, and the storage duration can be up to two years.

General information on revocation and objection (Opt-Out): Users can revoke their given consent at any time and object to the processing in accordance with legal requirements, e.g., by means of the privacy settings of their browser.

Processed data types: Meta-, communication-, and procedural data (e.g., IP addresses, time data, identification numbers, involved persons).

Affected persons: Users (e.g., website visitors, users of online services).

Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f DSGVO). Consent (Art. 6 para. 1 sentence 1 lit. a DSGVO).

Further Notes on Processing Procedures, Processes, and Services:

Processing of Cookie Data Based on Consent: We use a consent management solution by which the consent of users to the use of cookies or the procedures and providers mentioned in the context of the consent management solution is obtained. This procedure serves to obtain, log, manage, and revoke consents, in particular with regard to the use of cookies and comparable technologies for storing, reading, and processing information on users' devices. In the context of this procedure, users' consents for the use of cookies and the related processing of information, including the specific processing procedures and providers mentioned in the consent management procedure, are obtained. Users also have the possibility to manage and revoke their consents. The consent declarations are stored to avoid the need for a new consent request and to be able to prove the consent in accordance with legal obligations. The storage takes place server-side and/or in a cookie (so-called opt-in cookie) or by means of comparable technologies to assign the consent to a user or their device. If no specific information on the providers of consent management services is provided, the following general information applies: The storage duration of the consent can be up to two years. A pseudonymous user identifier is created and stored with the time of consent, details on the scope of consent (e.g., relevant categories of cookies and/or service providers), as well as information about the browser, system, and the end device used.

Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a DSGVO).

Blogs and Publication Media

We use blogs or similar means of online communication and publication (hereinafter referred to as "publication medium"). The data of readers is only processed to the extent necessary for the display of the publication medium and for communication between authors and readers or for security reasons. Otherwise, we refer to the information on the processing of visitors to our publication medium in this privacy notice.

Processed data types:

  • Basic data (e.g., full name, residential address, contact details, customer number).
  • Contact data (e.g., postal and email addresses or phone numbers).
  • Content data (e.g., text or image messages and contributions, as well as related information, such as authorship information or time of creation).
  • Usage data (e.g., page views and time spent, click paths, usage intensity and frequency, device types, and operating systems used, interactions with content and functions).
  • Metadata, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved persons).

Affected individuals:

  • Users (e.g., website visitors, users of online services).

Purposes of processing:

  • Feedback (e.g., collecting feedback via an online form).
  • Provision of our online offer and user-friendliness.
  • Security measures.
  • Organizational and administrative procedures.

Retention and deletion:

  • Data is deleted according to the details provided in the section "General Information on Data Retention and Deletion."

Legal basis:

  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f DSGVO).

Comments and Contributions

When users leave comments or other contributions, their IP addresses may be stored based on our legitimate interests. This is done for our security, in case someone leaves unlawful content (insults, prohibited political propaganda, etc.) in comments and contributions. In such cases, we may be held liable for the comment or contribution and are therefore interested in the identity of the author.

Furthermore, we reserve the right to process the information of users for spam detection based on our legitimate interests.

On the same legal basis, we reserve the right, in the case of surveys, to store the IP addresses of users for their duration and to use cookies to avoid multiple votes.

The information provided in the context of the comments and contributions may be permanently stored by us until the user objects.

Legal basis:

  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f DSGVO).

Contact and Inquiry Management

When contacting us (e.g., by post, contact form, email, telephone, or via social media) and in the context of existing user and business relationships, the information provided by the inquiring persons is processed to the extent necessary to respond to the contact inquiries and any requested measures.

Processed data types:

  • Basic data (e.g., full name, residential address, contact details, customer number).
  • Contact data (e.g., postal and email addresses or phone numbers).
  • Content data (e.g., text or image messages and contributions, as well as related information, such as authorship information or time of creation).
  • Usage data (e.g., page views and time spent, click paths, usage intensity and frequency, device types, and operating systems used, interactions with content and functions).
  • Metadata, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved persons).

Affected individuals:

  • Communication partners.

Purposes of processing:

  • Communication.
  • Organizational and administrative procedures.
  • Feedback (e.g., collecting feedback via an online form).
  • Provision of our online offer and user-friendliness.

Retention and deletion:

  • Data is deleted according to the details provided in the section "General Information on Data Retention and Deletion."

Legal basis:

  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f DSGVO).
  • Fulfillment of a contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b DSGVO).

Contact Form

When users contact us via our contact form, email, or other communication channels, we process the personal data transmitted to us for the purpose of responding to and handling the inquiry. This typically includes details such as name, contact information, and any additional information that the user shares with us and that is necessary for the appropriate handling of the inquiry. We use this data exclusively for the purpose of responding to the inquiry and communication.

Legal basis:

  • Fulfillment of a contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b DSGVO),
  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f DSGVO).

Newsletter and Electronic Notifications

We send newsletters, emails, and other electronic notifications (hereinafter referred to as "newsletters") only with the consent of the recipients or based on a legal permission. If the contents of a newsletter are specifically described during the registration process, they are decisive for the user's consent. To subscribe to our newsletter, it is generally sufficient to provide your email address. However, to provide you with personalized service, we may ask for your name for personal addressing in the newsletter or for other information, if necessary for the purpose of the newsletter.

Deletion and restriction of processing:
We may store unsubscribed email addresses for up to three years based on our legitimate interests to prove a previously given consent. The processing of this data is limited to the purpose of a potential defense against claims. An individual deletion request is possible at any time, provided that the previous existence of consent is confirmed. In the case of obligations to permanently observe objections, we reserve the right to store the email address solely for this purpose in a blacklist (so-called "blocklist").

The logging of the registration process is carried out based on our legitimate interests for the purpose of demonstrating its proper execution. If we engage a service provider to send emails, this is done based on our legitimate interests in a secure and efficient mailing system.

Contents of newsletters:

  • Information about us, our services, promotions, and offers.

Processed data types:

  • Basic data (e.g., full name, residential address, contact details, customer number).
  • Contact data (e.g., postal and email addresses or phone numbers).
  • Metadata, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved persons).
  • Usage data (e.g., page views and time spent, click paths, usage intensity and frequency, device types, and operating systems used, interactions with content and functions).

Affected individuals:

  • Communication partners.

Purposes of processing:

  • Direct marketing (e.g., by email or post).

Retention and deletion:

  • Data is deleted according to the details provided in the section "General Information on Data Retention and Deletion."

Legal basis:

  • Consent (Art. 6 para. 1 sentence 1 lit. a DSGVO).

Opt-out:
You can unsubscribe from our newsletter at any time, i.e., withdraw your consent or object to further receipt. A link to cancel the newsletter can be found either at the end of each newsletter or by using one of the above-mentioned contact options, preferably email.

Measurement of Opening and Click Rates

The newsletters contain a so-called "web beacon," which is a pixel-sized file that is retrieved from our server (or, if we use a mailing service provider, from their server) when the newsletter is opened. During this retrieval, technical information such as information about your browser and system, as well as your IP address and the time of retrieval, are collected. This information is used for the technical improvement of our services based on the technical data or target groups and their reading behavior, which can be determined using their retrieval locations (which can be identified with the help of the IP address) or the access times.

These analyses also include determining whether the newsletters are opened, when they are opened, and which links are clicked. This information is assigned to individual newsletter recipients and stored in their profiles until deletion. The evaluations are used to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

The measurement of opening and click rates as well as the storage of the measurement results in the user profiles and their further processing are carried out based on the user's consent.

A separate revocation of the performance measurement is unfortunately not possible, in which case the entire newsletter subscription must be canceled or objected to. In this case, the stored profile information will be deleted.

Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a DSGVO).

Promotional Communication via Email, Post, Fax, or Telephone

We process personal data for the purpose of promotional communication, which can be carried out via various channels, such as email, telephone, post, or fax, in accordance with legal requirements.

The recipients have the right to revoke given consents at any time or to object to the promotional communication at any time.

After revocation or objection, we store the data necessary to prove the previous authorization for contacting or sending until three years after the end of the year of revocation or objection, based on our legitimate interests. The processing of this data is limited to the purpose of defending against potential claims. Based on the legitimate interest in permanently observing the revocation or objection of users, we also store the data required to avoid contacting users again (e.g., depending on the communication channel, the email address, phone number, name).

Processed data types:

  • Basic data (e.g., full name, residential address, contact details, customer number).
  • Contact data (e.g., postal and email addresses or phone numbers).
  • Content data (e.g., text or image messages and contributions, as well as related information, such as authorship information or time of creation).

Affected individuals:

  • Communication partners.

Purposes of processing:

  • Direct marketing (e.g., by email or post).
  • Marketing.
  • Sales promotion.

Retention and deletion:

  • Data is deleted according to the details provided in the section "General Information on Data Retention and Deletion."

Legal basis:

  • Consent (Art. 6 para. 1 sentence 1 lit. a DSGVO).
  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f DSGVO).

Web Analysis, Monitoring, and Optimization

Web analysis (also referred to as "reach measurement") is used to evaluate the visitor flows of our online offer and may include behavior, interests, or demographic information about visitors, such as age or gender, as pseudonymous values. With the help of reach analysis, we can, for example, recognize the time at which our online offer or its functions or contents are most frequently used or invite reuse. We can also understand which areas need optimization.

In addition to web analysis, we may also use testing procedures, for example, to test and optimize different versions of our online offer or its components.

Unless otherwise stated below, profiles, i.e., data summarized for a usage process, can be created and information stored in a browser or on a device and read from it. Among the data collected may be websites visited and their elements used, as well as technical information, such as the browser used, the computer system used, and information about usage times. If users have consented to the collection of their location data, this may also be processed.

In addition, the IP addresses of users are stored. However, we use an IP masking procedure (i.e., pseudonymization by shortening the IP address) to protect users. Generally, no clear data of the users (such as email addresses or names) is stored within the framework of web analysis, A/B testing, and optimization, but pseudonyms. This means that neither we nor the providers of the software used know the actual identity of the users, only the information stored in their profiles for the purposes of the respective procedures.

Legal basis:
If we ask users for their consent to use third-party providers, the legal basis for processing data is consent. Otherwise, the data of users is processed based on our legitimate interests (i.e., interest in efficient, economical, and recipient-friendly services). In this context, we refer to the information on the use of cookies in this privacy policy.

Processed data types:

  • Usage data (e.g., pages viewed and time spent, click paths, usage intensity and frequency, device types, and operating systems used, interactions with content and functions).
  • Metadata, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved persons).

Affected individuals:

  • Users (e.g., website visitors, users of online services).

Purposes of processing:

  • Reach measurement (e.g., access statistics, recognition of returning visitors).
  • Profiles with user-related information (creating user profiles).
  • Provision of our online offer and user-friendliness.

Retention and deletion:

  • Data is deleted according to the details provided in the section "General Information on Data Retention and Deletion."
  • Cookies can be stored on users' devices for up to two years (unless otherwise specified).

Security measures:

  • IP masking (pseudonymization of IP addresses).

Google Analytics

We use Google Analytics for the measurement and analysis of the use of our online offer based on a pseudonymous user identification number. This identification number contains no clear data, such as names or email addresses. It serves to associate analysis information with a device to recognize which content users have accessed within a usage session or over multiple sessions, which search terms were used, whether the content was accessed again, or how users interacted with our online offer. Likewise, the time of use and its duration are stored, as well as the sources of the users, i.e., the website or advertising medium via which the users came to our online offer.

In the process, pseudonymous profiles of users are created with the help of cookies. Google Analytics does not log or store the individual IP addresses of EU users. However, Analytics does provide rough geolocation data by deriving the following metadata from IP addresses: city (and derived latitude and longitude of the city), continent, country, region, subcontinent (and ID-based counterparts). For EU traffic, the IP address data is used only for this geolocation and is immediately deleted after use. They are not logged, are not accessible, and are not used for further purposes. When Google Analytics collects measurement data, all IP lookups are performed on EU-based servers before the traffic is forwarded to the Analytics servers for processing.

Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a DSGVO).
Website: https://marketingplatform.google.com/intl/en/about/analytics/.
Security measures: IP masking (pseudonymization of the IP address).
Privacy policy: https://policies.google.com/privacy.
Data processing agreement: https://business.safety.google/adsprocessorterms/.
Opt-out option (plugin): https://tools.google.com/dlpage/gaoptout?hl=en.
Settings for displaying ads: https://myadcenter.google.com/personalizationoff.
Further information: https://business.safety.google/adsservices/.

Online Marketing

We process personal data for the purposes of online marketing, which includes, in particular, the marketing of advertising spaces or the display of advertising and other content (collectively referred to as "content") based on potential user interests, as well as the measurement of its effectiveness.

For these purposes, user profiles are created and stored in a file (known as a "cookie") or similar procedure, in which the user-relevant information is stored for displaying the aforementioned content. For example, viewed content, visited websites, and used online networks, as well as communication partners and technical information, such as the browser used, the computer system used, and information on usage times, can be stored in these profiles. If users have consented to the collection of their location data, this can also be processed.

The IP addresses of the users are also stored. However, we use available IP masking procedures (i.e., pseudonymization by shortening the IP address) to protect the users. Generally, no clear data of users (such as email addresses or names) is stored in the context of online marketing procedures, but pseudonyms. This means that neither we nor the providers of online marketing procedures know the actual identity of the users, only the information stored in their profiles.

The information in the profiles is usually stored in cookies or similar procedures. These cookies can later generally be read on other websites that use the same online marketing procedure and analyzed for the purpose of displaying content, supplemented with other data, and stored on the server of the online marketing procedure provider.

As an exception, clear data can be assigned to the profiles. This is the case if the users are, for example, members of a social network whose online marketing procedure we use, and the network links the profiles with the aforementioned data. We ask you to note that users can make additional agreements with the providers, for example, by giving consent as part of the registration process.

We generally only receive access to summarized information about the success of our advertisements. However, as part of conversion measurements, we can check which of our online marketing procedures have led to a so-called conversion, i.e., to the conclusion of a contract with us. The conversion measurement is solely used to analyze the success of our marketing measures.

Storage period of cookies: Unless otherwise specified, we ask you to assume that cookies used will be stored for a period of two years.

Legal basis:
If we ask users for their consent to use third-party providers, the legal basis for processing data is consent. Otherwise, the data of users is processed based on our legitimate interests (i.e., interest in efficient, economical, and recipient-friendly services). In this context, we refer to the information on the use of cookies in this privacy policy.

Withdrawal and Opt-out options:
We refer to the privacy policies of the respective providers and the options to object to processing, referred to as "opt-out." If no explicit opt-out option is provided, users can disable cookies in their browser settings. This may restrict the functionality of our online offer. Therefore, we recommend also using the following opt-out options, which are offered collectively for the respective areas:

Processed data types:

  • Usage data (e.g., pages viewed and time spent, click paths, usage intensity and frequency, device types, and operating systems used, interactions with content and functions).
  • Metadata, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved persons).

Affected individuals:

  • Users (e.g., website visitors, users of online services).

Purposes of processing:

  • Reach measurement (e.g., access statistics, recognition of returning visitors).
  • Tracking (e.g., interest-/behavior-based profiling, use of cookies).
  • Target group formation.
  • Marketing.
  • Profiles with user-related information (creating user profiles).

Retention and deletion:

  • Data is deleted according to the details provided in the section "General Information on Data Retention and Deletion."
  • Cookies can be stored on users' devices for up to two years (unless otherwise specified).

Security measures:

  • IP masking (pseudonymization of IP addresses).

Presence in Social Networks (Social Media)

We maintain online presences within social networks and process users' data in this context to communicate with the users active there or to offer information about us.

We point out that users' data may be processed outside the territory of the European Union. This can result in risks for the users because, for example, the enforcement of users' rights could be made more difficult.

Furthermore, user data within social networks is usually processed for market research and advertising purposes. For example, user profiles can be created based on user behavior and resulting interests. These profiles can be used, for example, to display advertisements inside and outside the networks that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users' computers, in which the usage behavior and interests of the users are stored. Moreover, data can be stored in the user profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in).

For a detailed presentation of the respective processing forms and the opt-out options, we refer to the privacy policies and information provided by the operators of the respective networks.

Also, in the case of information requests and the assertion of data subjects' rights, we point out that these can be most effectively asserted with the providers. Only the providers have access to the users' data and can directly take appropriate measures and provide information. Should you need help, you can also contact us.

Processed data types:

  • Contact data (e.g., postal and email addresses or phone numbers).
  • Content data (e.g., text or image messages and contributions, as well as related information, such as authorship information or time of creation).
  • Usage data (e.g., page views and time spent, click paths, usage intensity and frequency, device types, and operating systems used, interactions with content and functions).

Affected individuals:

  • Users (e.g., website visitors, users of online services).

Purposes of processing:

  • Communication.
  • Feedback (e.g., collecting feedback via an online form).
  • Public relations.

Retention and deletion:

  • Data is deleted according to the details provided in the section "General Information on Data Retention and Deletion."

Legal basis:

  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f DSGVO).

Further Notes on Processing Procedures, Processes, and Services:

Instagram:
A social network that allows sharing photos and videos, commenting, favoriting posts, sending messages, and subscribing to profiles and pages.
Service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.
Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f DSGVO).
Website: https://www.instagram.com.
Privacy policy: https://privacycenter.instagram.com/policy/.

LinkedIn:
A social network. We share responsibility with LinkedIn Ireland Unlimited Company for the collection (but not further processing) of data from visitors for the purposes of generating "Page Insights" (statistics) of our LinkedIn profiles. This data includes information on the types of content users view or interact with or the actions they take, as well as information about the devices used by users (e.g., IP addresses, operating systems, browser types, language settings, cookie data), and information from user profiles, such as job function, country, industry, level of seniority, company size, and employment status. Privacy information regarding the processing of user data by LinkedIn can be found in LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.

We have entered into a special agreement with LinkedIn Ireland ("Page Insights Joint Controller Addendum (the 'Addendum')"), which specifically regulates the security measures that LinkedIn must observe and in which LinkedIn has agreed to fulfill the rights of data subjects (i.e., users can, for example, submit access or deletion requests directly to LinkedIn). Users' rights (especially to access, deletion, objection, and complaints to the competent supervisory authority) are not restricted by the agreements with LinkedIn. The joint responsibility is limited to the collection of the data and its transmission to LinkedIn Ireland Unlimited Company, an entity based in the EU. The further processing of the data is the sole responsibility of LinkedIn Ireland Unlimited Company, particularly the transmission of the data to LinkedIn Corporation, the parent company in the USA.

Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.
Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f DSGVO).
Website: https://www.linkedin.com.
Privacy policy: https://www.linkedin.com/legal/privacy-policy.
Opt-out option: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Plug-ins and Embedded Functions as well as Content

We integrate functional and content elements into our online offer, which are obtained from the servers of their respective providers (hereinafter referred to as "third-party providers"). These can be, for example, graphics, videos, or maps (collectively referred to as "content").

The integration requires that the third-party providers of this content process the IP addresses of the users, as they could not send the content to their browsers without the IP address. The IP address is, therefore, necessary for displaying this content or functions. We strive to use only content whose respective providers use the IP address solely for delivering the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. Through the "pixel tags," information such as visitor traffic on the pages of this website can be evaluated. The pseudonymous information may also be stored in cookies on the user's device and may include technical information about the browser and operating system, referring websites, visit time, and other information regarding the use of our online offer, as well as being combined with such information from other sources.

Legal basis:
If we ask users for their consent to use third-party providers, the legal basis for processing data is consent. Otherwise, the data of users is processed based on our legitimate interests (i.e., interest in efficient, economical, and recipient-friendly services). In this context, we refer to the information on the use of cookies in this privacy policy.

Processed data types:

  • Usage data (e.g., pages viewed and time spent, click paths, usage intensity and frequency, device types, and operating systems used, interactions with content and functions).
  • Metadata, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved persons).
  • Basic data (e.g., full name, residential address, contact details, customer number).
  • Contact data (e.g., postal and email addresses or phone numbers).
  • Content data (e.g., text or image messages and contributions, as well as related information, such as authorship information or time of creation).

Affected individuals:

  • Users (e.g., website visitors, users of online services).

Purposes of processing:

  • Provision of our online offer and user-friendliness.

Retention and deletion:

  • Data is deleted according to the details provided in the section "General Information on Data Retention and Deletion."
  • Cookies can be stored on users' devices for up to two years (unless otherwise specified).

Legal basis:

  • Consent (Art. 6 para. 1 sentence 1 lit. a DSGVO).
  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f DSGVO).

Further Notes on Processing Procedures, Processes, and Services:

YouTube Videos:
Video content.
Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a DSGVO).
Website: https://www.youtube.com.
Privacy policy: https://policies.google.com/privacy.
Opt-out option (plugin): https://tools.google.com/dlpage/gaoptout?hl=en.
Settings for displaying ads: https://myadcenter.google.com/personalizationoff.