With the following information, we would like to provide you as a "data subject" with an overview of the processing of your personal data by us and your rights under data protection laws. The use of our website is generally possible without providing personal data. However, if you wish to use special services of our company via our website, processing of personal data may become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain your consent.
The processing of personal data, such as your name, address, or email address, is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection regulations applicable to “aifinyo AG”. By means of this privacy policy, we would like to inform you about the scope and purpose of the personal data we collect, use, and process.
As the controller responsible for processing, we have implemented numerous technical and organizational measures to ensure the most complete protection possible of personal data processed via this website. Nevertheless, internet-based data transmissions can fundamentally have security vulnerabilities, so absolute protection cannot be guaranteed. For this reason, you are free to transmit personal data to us via alternative means, such as by telephone or by post.
The controller within the meaning of the GDPR is:
aifinyo AG
Friedrichstraße 94, 10117 Berlin
Tel.: 0351 / 896 933 10
info@aifinyo.de
Data subjects can contact us or our data protection officer at any time with questions and suggestions regarding data protection.
You can contact our data protection officer, Ms. Köhler, via datenschutz@aifinyo.de or via the contact details provided above.
The information provided to you below gives an overview of the processing of your personal data by our group of companies and is intended to inform you about your rights under data protection law. The processing of data depends on the services and products you have selected. Therefore, not all parts of this information will apply to you.
Personal data according to Art. 4 No. 1 GDPR is all information relating to an identified or identifiable natural person.
Data Protection NoticeArt. 6 para. 1 lit. a GDPR (in conjunction with § 25 para. 1 TTDSG) serves our company as the legal basis for processing operations for which we obtain consent for a specific processing purpose.
If the processing of personal data is necessary for the performance of a contract to which you are a party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of another service or consideration, the processing is based on Art. 6 para. 1 lit. b GDPR. The same applies to processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or services.
If our company is subject to a legal obligation that requires the processing of personal data, such as to fulfill tax obligations, the processing is based on Art. 6 para. 1 lit. c GDPR.
In rare cases, the processing of personal data may become necessary to protect vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our company was injured and their name, age, health insurance data, or other vital information had to be passed on to a doctor, hospital, or other third party. Then the processing would be based on Art. 6 para. 1 lit. d GDPR.
Finally, processing operations could be based on Art. 6 para. 1 lit. f GDPR. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights, and fundamental freedoms of the data subject do not override this. Such processing operations are particularly permitted to us because they were specifically mentioned by the European legislator. In this respect, he took the view that a legitimate interest could be assumed if you are a customer of our company (Recital 47 sentence 2 GDPR).
Your personal data will not be transferred to third parties for purposes other than those listed below.
We will only pass on your personal data to third parties if:
To protect your data and to enable us to transfer data to third countries (outside the EU/EEA) if necessary, we have concluded agreements for commissioned processing based on the standard contractual clauses of the European Commission. Depending on the individual case assessment, we also request Transfer Impact Assessments (TIA) from service providers. If the standard contractual clauses are not sufficient to establish an adequate level of security, your consent in accordance with Art. 49 para. 1 lit. a GDPR can serve as the legal basis for the transfer to third countries. This does not apply, however, to data transfers to third countries for which the European Commission has issued an adequacy decision in accordance with Art. 45 GDPR.
In the context of the processing operations described in this privacy policy, personal data may be transferred to the USA. The USA does not have an adequate level of data protection (ECJ: Schrems II ruling). In particular, US law enforcement agencies can oblige US companies to disclose or release personal data without the data subjects being able to take effective legal action against this. There is therefore fundamentally the possibility that your personal data will be processed by US law enforcement agencies. We have no influence on these processing activities. To protect your data, we have concluded agreements for commissioned processing based on the standard contractual clauses and, where possible, a Transfer Impact Assessment (TIA). We also regularly carry out data protection impact assessments. Furthermore, we take numerous technical and organizational measures to protect your data as best as possible.
This site uses SSL or TLS encryption to ensure the security of data processing and to protect the transmission of confidential content, such as orders, login data, or contact requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
We use this technology to protect your transmitted data.
When you use our website for informational purposes only, i.e., if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to our server (so-called "server log files"). When you access our website, our website collects a series of general data and information with each page view by you or an automated system. This general data and information is stored in the server log files. The following can be recorded:
When using this general data and information, we do not draw any conclusions about your person. Rather, this information is needed to:
This collected data and information is therefore evaluated by us statistically on the one hand and with the aim of increasing data protection and data security in our company, in order to ultimately ensure an optimal level of protection for the personal data we process. The anonymous data in the server log files is stored separately from all personal data provided by a data subject.
The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. Our legitimate interest follows from the purposes listed above for data collection.
We host our website with Webflow. The provider is Webflow, Inc., 398 11th Street, San Francisco.
When you visit our website, your personal data is processed on Webflow servers.
The use of Webflow is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the most reliable presentation of our website possible.
We have concluded a data processing agreement with Webflow. This is a contract required by data protection law, which ensures that Webflow only processes the personal data of our website visitors according to our instructions and in compliance with the GDPR.
Further information on AWS's data protection regulations can be found at: https://webflow.com/legal/eu-privacy-policy
Cookies are small files that your browser automatically creates and that are stored on your IT system (laptop, tablet, smartphone, etc.) when you visit our site.
Information is stored in the cookie that results from the context of the specific device used. However, this does not mean that we thereby obtain direct knowledge of your identity.
The use of cookies serves to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site.
In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your device for a specific defined period. If you visit our site again to use our services, it is automatically recognized that you have already been with us and what entries and settings you have made, so that you do not have to enter them again.
On the other hand, we use cookies to statistically record the use of our website and to evaluate our offer for the purpose of optimizing it for you. These cookies enable us to automatically recognize when you visit our website again that you have already visited it. The cookies set in this way are automatically deleted after a defined time in each case. The respective storage period of the cookies can be found in the settings of the consent tool used.
If you do not want cookies to be stored on your computer, please deactivate the corresponding option in the system settings of your browser. Stored cookies can be deleted in the system settings of the browser. Further information can be found in the help menu of each browser. You can find this for the respective browser under the following links:
Please note that if you do not accept cookies, you may not be able to use all the functions of this online offer.
In order to be able to better adapt our offers on our website to your personal needs and your use, we also use the so-called Local Storage technique (also called "Local Data" and "Local Storage") in addition to cookies. Data is stored locally in the cache of your browser, which also remains and can be read even after closing the browser window or exiting the program, provided you do not delete the cache.
Local Storage enables us to save your opt-out decision (regarding, for example, Facebook or Google Analytics). Furthermore, we use Local Storage to make it easier for you to fill out the process during your registration for our products (e.g., form data). This data is not accessible to third parties and is automatically deleted in the event of successful registration. This data is not passed on to third parties or used for advertising purposes. You can manage and delete Local Storage content in your browser via the setting for "History" or "Local Data", depending on which browser you use. We point out that functional restrictions may then occur.
The data processed by cookies that are required for the proper functioning of the website are therefore necessary to safeguard our legitimate interests and those of third parties in accordance with Art. 6 para. 1 lit. f GDPR.
For all other cookies, you have given your consent to this within the meaning of Art. 6 para. 1 lit. a GDPR via our opt-in cookie banner.
We use the Consent Management Tool "Cookiebot" from Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark. This service enables us to obtain and manage the consent of website visitors for data processing.
Cookiebot collects data generated by end users who use our website. When an end user gives consent via the cookie consent tool, the following data is automatically logged with Cookiebot:
The key and consent status are also stored in the end user's browser in the "CookieConsent" cookie, so that the website can automatically read and follow the end user's consent for all subsequent page requests and future end user sessions for up to 12 months. The key is used as proof of consent and for an option to check whether the consent status stored in the end user's browser is unchanged compared to the original consent transmitted to Cybot.
The functionality of the website is not guaranteed without this processing. The "CookieConsent" cookie set by Cookiebot is classified as necessary.
Cybot is the recipient of your personal data and acts as a processor for us. Detailed information on the use of Cookiebot can be found at: https://www.cookiebot.com/us/privacy-policy/.
A list containing all saved cookies can be found here: www.aifinyo.com/cookies
You have the option to register on our website by providing personal data.
Which personal data is transmitted to us in the process results from the respective input mask used for registration. The personal data you enter is collected and stored exclusively for internal use by us and for our own purposes. We may arrange for the data to be passed on to one or more processors, such as a parcel delivery service, who will also use the personal data exclusively for internal use that is attributable to us.
By registering on our website, your IP address assigned by your Internet Service Provider (ISP), the date, and the time of registration are also stored. This data is stored against the background that this is the only way to prevent misuse of our services, and this data enables us to clarify crimes that have been committed if necessary. In this respect, the storage of this data is necessary for our protection. This data will not be passed on to third parties as a matter of principle. This does not apply if we are legally obliged to pass on the data or if the disclosure serves criminal prosecution purposes.
Your registration, with the voluntary provision of personal data, also serves us to offer you content or services that, by their nature, can only be offered to registered users. Registered persons are free to change or completely delete the personal data provided during registration from our database at any time.
We will provide you with information at any time upon request about what personal data is stored about you. Furthermore, we will correct or delete personal data at your request, provided that no legal retention obligations stand in the way. A data protection officer named in this privacy policy and all other employees are available to the data subject as contact persons in this context.
Your data is processed in the interest of comfortable and simple use of our website. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
In accordance with Art. 6 para. 1 lit. b GDPR, personal data is collected and processed if you provide it to us for the execution of a contract or when opening a customer account. What data is collected can be seen from the respective input forms. Deletion of your customer account is possible at any time and can be done, among other things, by sending a message to the address of the controller mentioned above. We store and use the data you provide for contract processing. After complete processing of the contract or deletion of your customer account, your data will be blocked in consideration of tax and commercial retention periods and deleted after these periods have expired, unless you have expressly consented to further use of your data or we have reserved a legally permitted further use of data, about which we inform you accordingly below.
If necessary, we verify your identity on the legal basis of Article 6 paragraph 1 lit. b and lit. f GDPR with the assistance of information from service providers. The justification for this arises from the protection of your identity and the avoidance of fraud attempts at our expense. The fact and the result of our inquiry will be added to your customer account or your guest account for the duration of the contractual relationship.
When you contact us (e.g., via contact form or email), personal data is collected. What data is collected when using a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of answering your request or for establishing contact and the associated technical administration. The legal basis for processing the data is our legitimate interest in answering your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted after final processing of your request; this is the case when it can be inferred from the circumstances that the matter in question has been finally clarified and there are no legal retention obligations preventing deletion.
We collect and process the personal data of applicants for the purpose of processing the application procedure. Processing can also be carried out electronically. This is particularly the case if an applicant submits corresponding application documents to us electronically, for example by email or via a web form on the website. If we conclude an employment or service contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with legal regulations. If we do not conclude a contract with the applicant, the application documents will be automatically deleted two months after notification of the rejection decision, provided that deletion does not conflict with any other legitimate interests on our part. Another legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG). The legal basis for processing your data is Art. 88 GDPR in conjunction with § 26 para. 1 BDSG.
Application via Workwise
You have the option to apply via the application platform of Workwise GmbH, Imprint https://www.workwise.io/impressum. We have neither influence on the data collected there and data processing operations, nor are we aware of the full extent of data collection, the purposes of processing, or the retention periods. We also have no information on the deletion of the data collected by the provider.
If you confirm to Workwise that the data you have stored there should be transferred to us, Workwise provides us with the data that you have stored/provided with Workwise. We transfer this data to our online application form. Further information on the data protection of the service provider Workwise GmbH can be found in the privacy policy at https://www.workwise.io/datenschutz.
Application via Linked
In You have the option to apply via the LinkedIn service. When you click on the "Apply via LinkedIn" button, a connection is established to the servers of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA. We have neither influence on the data collected and data processing operations, nor are we aware of the full extent of data collection, the purposes of processing, or the retention periods. We also have no information on the deletion of the data collected by the plug-in provider. For details, we refer to LinkedIn's privacy policy, which you can view here: http://www.linkedin.com/legal/privacy-policy.
If you confirm to LinkedIn that the data you have stored there should be transferred to us, LinkedIn provides us with the data that you have stored/provided with LinkedIn. We transfer this data to our online application form.
Application via Indeed
You have the option to apply via the Indeed service.
When you click on the "Apply via Indeed" button, a connection is established to the servers of Indeed Ireland Operations Limited 124 St. Stephen's Green, Dublin 2, Ireland. We have neither influence on the data collected and data processing operations, nor are we aware of the full extent of data collection, the purposes of processing, or the retention periods. We also have no information on the deletion of the data collected by the plug-in provider. For details, we refer to Indeed's privacy policy, which you can view here: https://de.indeed.com/legal?hl=de
If you confirm to Indeed that the data you have stored there should be transferred to us, Indeed provides us with the data that you have stored/provided with Indeed. We transfer this data to our online application form.
Application via On-apply
You have the option to apply via the application platform "onapply" of On-apply GmbH, Schumannstraße 27, 60325 Frankfurt am Main. We have neither influence on the data collected there and data processing operations, nor are we aware of the full extent of data collection, the purposes of processing, or the retention periods. We also have no information on the deletion of the data collected by the provider.
If you confirm to On-apply that the data you have stored there should be transferred to us, On-apply provides us with the data that you have stored/provided with On-apply. We transfer this data to our online application form. Further information on the processing of personal data by On-apply can be found at https://onapply.de/datenschutz.
The legal basis for processing your data is Art. 88 GDPR in conjunction with § 26 para. 1 BDSG. Accordingly, the processing of data is permissible if it is necessary in connection with the decision on establishing an employment relationship. If the data may still be necessary for legal prosecution after completion of the application process, data processing may be based on the requirements of Art. 6 GDPR, in particular to safeguard legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR. Our interest then consists in asserting or defending against claims.
Data from applicants will be deleted 6 months after notification of rejection. If you are successful in the application process, the data from the applicant system will be transferred to our personnel information system.
In the event that you have expressly consented to further storage of your personal data and we have your written consent, we will transfer your data to our talent pool. The data will be deleted there after two years if no employment relationship comes about. The legal basis for this is Art. 6 para. 1 lit. a GDPR.
You have the right to object to the use of your data at any time. You are also entitled to request information about the data stored with us. In the event of inaccuracy, correction can be requested. Deletion of the data stored with us can also be requested, provided that no legal regulations prevent this. In certain cases, we may restrict processing at your request.
You can contact us at any time with questions about data protection, either by email at datenschutz@aifinyo.de or by post with the addition "Data Protection Officer" to the address given in point 1. Furthermore, you have the right to lodge a complaint with the supervisory authority.
Our website uses the Microsoft Bookings service (part of Microsoft Office 365) from Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521 (hereinafter: "Microsoft") for online appointment scheduling. The software enables you to book an appointment with one of our employees. The connection to the service is only established when you call up the online booking function via a link or button on our website, in an email, or in the newsletter. Your entries in the form are transferred to Microsoft for the appointment arrangement. Further information on how your data is handled can be found in Microsoft's privacy policy at https://privacy.microsoft.com/de-de/privacystatement.
The legal basis for processing your data in relation to the "Microsoft Bookings" service is Art. 6 para. 1 sentence 1 lit. a GDPR (active consent through use) - when using the function on our website, the user actively consents to the purpose-bound data processing - and Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interest in data processing). The legitimate interest arises from our claim to offer you a user-friendly website with a wide range of functions and to give you the opportunity to quickly and easily arrange an appointment with our employees at any time if required. We point out that you are not obliged to use Microsoft Bookings to arrange an appointment. If you do not wish to use the service, please use one of the other contact options offered for arranging appointments.
The following personal data is subject to processing:
User information: display name, email address, preferred language, metadata: e.g., date, time, telephone number, location.
If you have purchased a product or service from us by providing your email address, we process this email address for the purpose of informing you about products and services that are similar to the products and services you have already purchased or that correspond to your interests - if communicated by you.
The legal basis for processing is Art. 6 para. 1 sentence lit. f GDPR. Due to the existing customer relationship, the use of your data for further sales is reasonably foreseeable, and your fundamental rights and freedoms are not affected by receiving email advertising to an extent that would outweigh your interest in stopping the processing.
You can object to the processing of your data at any time with effect for the future, without incurring any costs other than the transmission costs according to the basic tariffs. Please send a message to this effect to datenschutz@aifinyo.de or use the unsubscribe function provided in the email.
On our website, you have the option to order a newsletter or to consent to receiving information about our products and services. The type of personal data collected by us in this process is evident from the form used during registration.
After registration, you will initially receive an email that you must confirm via a link contained therein (double opt-in). This procedure serves to verify whether the owner of the email address provided during registration has consented to receiving email marketing messages. The date and time of confirmation are stored by us. The legal basis for storing this data is our legal obligation to document your consent (Art. 6 para. 1 sentence lit. c GDPR, Art. 7 para. 1 GDPR).
If you do not confirm your registration, your data will be deleted again. Otherwise, the data collected during registration (email address and voluntary information) will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. This is particularly the case after you revoke your consent (e.g., by unsubscribing from a newsletter).
The legal basis for processing your data for the purpose of regularly delivering email advertising is your consent (Art. 6 para. 1 sentence lit. a GDPR).
You can revoke your consent at any time with effect for the future. Please send a message to this effect to datenschutz@aifinyo.de or use the unsubscribe function provided in the email.
When you register for the newsletter, we also store the IP address assigned by your Internet Service Provider (ISP) of the IT system you used at the time of registration, as well as the date and time of registration. The collection of this data is necessary to be able to trace the (possible) misuse of your email address at a later date and therefore serves our legal protection.
The personal data collected in connection with registration for the newsletter will be used exclusively to send our newsletter. Furthermore, newsletter subscribers may be informed by email if this is necessary for the operation of the newsletter service or related registration, as could be the case with changes to the newsletter offer or changes in technical conditions. The personal data collected as part of the newsletter service will not be passed on to third parties. You can cancel your subscription to our newsletter at any time. You can revoke the consent to the storage of personal data that you have given us for sending newsletters at any time. For the purpose of revoking consent, there is a corresponding link in every newsletter. Furthermore, you can unsubscribe from the newsletter directly on our website at any time or inform us of this in another way.
We regularly conduct surveys on our services to continuously improve them.
In the context of surveys, we collect your answers to the individual questions. Participation is voluntary, as is answering individual questions. Based on the survey results, we create anonymous evaluations that have no reference to your person. We will not use your answers to evaluate your person and will not store your answers together with data that identifies you (e.g., name, email address). The legal basis is Art. 6 para. 1 lit. f GDPR.
In the context of these surveys, you have the option to voluntarily consent to our using your personal data to contact you in connection with your survey responses (Art. 6 para. 1 lit. a GDPR). If you give your consent, your data can be processed and used by our customer support or our product team to contact you for follow-up questions. Even then, we will not use your answers to evaluate your person and will not store your answers together with data that identifies you, and will only create anonymous evaluations that have no reference to your person. You can revoke your consent at any time with effect for the future. In the event of revocation, your personal data will no longer be used for this purpose and will be deleted without delay, provided that no legal retention obligations prevent this.
If you do not give consent, your contact data will not be used for contact purposes. In this case, your answers will only be processed pseudonymously as part of the survey and evaluation.
To conduct our surveys, we use, among other things, components of the Userflow software solution from Userflow Inc., 548 Market St PMB 69598, San Francisco, CA 94104-5401, USA. The data transmitted to Userflow includes a pseudonymized user ID as well as account information, such as registration date, expiration dates (e.g., access), tariff and billing information for the respective user ID, statistics on use, descriptive data on the user ID, if this was provided by the user themselves during registration or later in their profile (e.g., business focus, size of the business in HA, selected interests). Further information on the provider can be obtained at privacy@userflow.com or at: https://userflow.com/policies/privacy-regulations.
For further questions about your data subject rights or data processing, you can contact us at any time.
So that we can also communicate with you on social networks and inform you about our services, we are represented there with our own pages. If you visit one of our social media pages, we are jointly responsible for the processing operations triggered thereby, within the meaning of Art. 26 GDPR, with the provider of the respective social media platform.
We are not the original provider of these pages but use them only within the framework of the possibilities offered to us by the respective providers.
Therefore, we point out as a precaution that your data may also be processed outside the European Union or the European Economic Area. Use may therefore be associated with data protection risks for you, as safeguarding your rights, e.g., to information, deletion, objection, etc., may be more difficult and processing in social networks is often carried out directly for advertising purposes or for the analysis of user behavior by the providers, without this being able to be influenced by us. If user profiles are created by the provider, cookies are often used or the usage behavior is assigned to your own member profile of the social networks that you have created.
The processing operations of personal data described take place in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest and the legitimate interest of the respective provider in order to be able to communicate with you in a contemporary manner or to inform you about our services. If you have to give consent to data processing as a user with the respective providers, the legal basis refers to Art. 6 para. 1 lit. a GDPR in conjunction with Art. 7 GDPR.
Since we have no access to the data stocks of the providers, we point out that you can best assert your rights (e.g., to information, correction, deletion, etc.) directly with the respective provider.
Further information on the processing of your data in social networks is provided below for the respective social network provider we use:
(Joint) controller for data processing in Europe:
Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland
Privacy policy (data policy):
https://www.facebook.com/about/privacy
(Joint) controller for data processing in Germany:
Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland
Privacy policy (data policy):
https://instagram.com/legal/privacy/
(Joint) controller for data processing in Europe:
LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Irland
Privacy policy:
https://www.linkedin.com/legal/privacy-policy
(Joint) controller for data processing in Europe:
Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland
Privacy policy:
https://twitter.com/de/privacy
Information about your data:
https://twitter.com/settings/your_twitter_data
(Joint) controller for data processing in Europe:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland
Privacy policy:
https://policies.google.com/privacy
(Joint) controller for data processing in Germany:
New Work SE, Am Strandkai 1, 20457 Hamburg, Deutschland
Privacy policy:
https://privacy.xing.com/de/datenschutzerklaerung
Information requests for XING members:
https://www.xing.com/settings/privacy/data/disclosure
We use Google Analytics 4, a web analytics service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") on our websites.
In this context, pseudonymized user profiles are created and cookies (see section "Cookies") are used. The information generated by the cookie about your use of this website can include, among other things:
The pseudonymized data can be transferred by Google to a server in the USA and stored there.
The information is used to evaluate the use of the website, to compile reports on website activities, and to provide other services related to website use and Internet use for the purposes of market research and needs-based design of these websites. This information may also be transferred to third parties if this is required by law or insofar as third parties process this data on behalf. In no case will your IP address be merged with other data from Google.
These processing operations only take place upon granting of express consent in accordance with Art. 6 para. 1 lit. a GDPR.
Further information on data protection when using GA4 can be found at: https://support.google.com/analytics/answer/12017362?hl=de.
Google Analytics 4 (GA4) – Additional Information on Google Signals
Google Signals is a function in Google Analytics that collects session data from websites and apps where users are signed in with their Google account and have personalized advertising enabled. It enables extended analysis by linking user behavior across different devices and providing additional information such as demographic characteristics and interests. Your consent to the use of Google Analytics (see above) also includes consent to the Google Signals additional function.
Google Analytics 4 (GA4) – Additional Information on Consent Mode, Advanced Implementation Under the Digital Markets Act, Google is required to obtain user consent before processing user data by Google for personalized advertising. Google complies with this requirement through "Consent Mode". Users are required to implement this and thus demonstrate that they are obtaining the consent of website visitors.
Google offers two implementation modes, basic and advanced implementation.
We use the advanced implementation method of Google Consent Mode. If you consent to data processing in connection with GA4 use (see above), a connection is established to Google, Google Analytics cookies are set, and the corresponding processing is carried out. If you refuse consent, no Google Analytics cookies are set. However, a unique "ping ID" is generated and transmitted to Google. The Google code is executed, but only limited user data is transmitted to Google, including:
A personalized user ID is not assigned
If you have consented to allow Google Analytics 4, Consent Mode, advanced implementation to run, the legal basis for processing personal data is Art. 6 para. 1 lit. a GDPR. In addition, it is in our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR to use Google Analytics 4, Consent Mode, advanced implementation, in order to obtain data on conversions without creating user profiles and thus increase cost-effectiveness.
We have integrated Google Remarketing services on this website. The operating company of Google Remarketing services is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Remarketing is a function of Google AdWords that enables a company to display advertisements to Internet users who have previously visited the company's website. The integration of Google Remarketing therefore enables a company to create user-related advertising and thus display interest-relevant advertisements to Internet users.
The purpose of Google Remarketing is to display interest-relevant advertising. Google Remarketing enables us to display advertisements via the Google advertising network or to have them displayed on other websites that are tailored to the individual needs and interests of Internet users.
Google Remarketing sets a cookie on your IT system. By setting the cookie, Google is enabled to recognize visitors to our website if they subsequently visit websites that are also members of the Google advertising network. With each visit to a website on which the Google Remarketing service has been integrated, your Internet browser automatically identifies itself to Google. As part of this technical process, Google gains knowledge of personal data, such as your IP address or your surfing behavior, which Google uses, among other things, to display interest-relevant advertising.
The cookie is used to store personal information, such as the websites you have visited. Each time you visit our websites, personal data, including your IP address, is therefore transferred to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on this personal data collected via the technical process to third parties under certain circumstances.
These processing operations only take place upon granting of express consent in accordance with Art. 6 para. 1 lit. a GDPR.
Google Analytics Remarketing's privacy policy can be viewed at: https://www.google.de/intl/de/policies/privacy/.
This website uses the online marketing tool DoubleClick by Google. DoubleClick uses cookies to display ads that are relevant to users, to improve campaign performance reports, or to prevent a user from seeing the same ads multiple times. Google uses a cookie ID to track which ads are displayed in which browser and can thus prevent them from being displayed multiple times. In addition, DoubleClick can use cookie IDs to record so-called conversions that are related to ad requests. This is the case, for example, when a user sees a DoubleClick ad and later visits the advertiser's website with the same browser and buys something there. According to Google, DoubleClick cookies do not contain any personal information.
Due to the marketing tools used, your browser automatically establishes a direct connection to Google's server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our knowledge: By integrating DoubleClick, Google receives the information that you have accessed the corresponding part of our website or clicked on an ad from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is the possibility that the provider will find out and store your IP address.
You can prevent participation in this tracking procedure in various ways:
The legal basis for processing your data is Art. 6 para. 1 sentence 1 lit. f GDPR.
Further information on DoubleClick by Google can be obtained at https://www.google.de/doubleclick and http://support.google.com/adsense/answer/2839090, as well as on data protection at Google in general: https://www.google.de/intl/de/policies/privacy. Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at http://www.networkadvertising.org. Google has submitted to the EU-US Privacy Shield, http://privacyshield.gov/EU-US-framework.
We use the online advertising program "Google AdWords" on our website and, in this context, conversion tracking (visitor action evaluation). Google Conversion Tracking is an analysis service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). When you click on an ad placed by Google, a cookie for conversion tracking is placed on your computer. These cookies have a limited validity, do not contain any personal data, and therefore do not serve for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google AdWords customer receives a different cookie. Therefore, there is no possibility for cookies to be tracked across the websites of AdWords customers.
The information obtained using the conversion cookie is used to create conversion statistics. This allows us to find out the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, we do not receive any information that can be used to personally identify users. The processing is based on Art. 6(1) lit. f GDPR based on the legitimate interest in targeted advertising and analyzing the impact and efficiency of this advertising.
You have the right to object to this processing of personal data concerning you at any time on grounds relating to your particular situation, based on Art. 6(1) f GDPR.
To do this, you can prevent the storage of cookies by selecting the appropriate technical settings in your browser software. However, we point out that in this case you may not be able to use all functions of this website to their full extent. You will then not be included in the conversion tracking statistics.
In addition, you can deactivate the use of cookies by third-party providers by visiting the deactivation page of the Network Advertising Initiative at https://www.networkadvertising.org/choices/ and implementing the further information mentioned there about opting out.
We use the Google Tag Manager service on this website. The operating company of Google Tag Manager is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is part of the Google group of companies with its headquarters at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Through this tool, "website tags" (i.e., keywords that are integrated into HTML elements) can be implemented and managed via an interface. By using Google Tag Manager, we can automatically track which button, link, or personalized image you actively clicked on and can therefore record which content of our website is particularly interesting to you.
The tool also triggers other tags, which in turn may collect data under certain circumstances. Google Tag Manager does not access this data. If you have made a deactivation at domain or cookie level, this will remain in place for all tracking tags that are implemented with Google Tag Manager.
These processing operations only take place upon granting of express consent in accordance with Art. 6 para. 1 lit. a GDPR.
Further information on Google Tag Manager and Google's privacy policy can be viewed at: https://www.google.com/intl/de/policies/privacy/.
Our website uses so-called Web Fonts for the uniform display of fonts. Google WebFonts are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is part of the Google group of companies with its headquarters at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
These processing operations only take place upon granting of express consent in accordance with Art. 6 para. 1 lit. a GDPR.
Further information on Google WebFonts and Google's privacy policy can be viewed at: https://developers.google.com/fonts/faq; https://www.google.com/policies/privacy/.
We have integrated YouTube components on this website. The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
If you are logged in to YouTube at the same time, YouTube recognizes which specific subpage of our website you are visiting when you access a subpage that contains a YouTube video. This information is collected by YouTube and Google and assigned to your YouTube account.
YouTube and Google always receive information via the YouTube component that you have visited our website if you are logged in to YouTube at the time of accessing our website; this takes place regardless of whether you click on a YouTube video or not. If you do not want this information to be transmitted to YouTube and Google, you can prevent the transmission by logging out of your YouTube account before calling up our website.
These processing operations only take place upon granting of express consent in accordance with Art. 6 para. 1 lit. a GDPR.
YouTube's privacy policy can be viewed at https://www.google.de/intl/de/policies/privacy/.
We use a digital whistleblower system that is maintained by an external provider, InfAI Infinity GmbH, Goerdelering 9, 04109 Leipzig. The manufacturer of the software is audatis Services GmbH, Luisenstraße 1, 32052 Herford.
The whistleblower system enables the submission and receipt as well as investigation of reports to prevent, detect, and/or take follow-up measures against violations of applicable law or company policies.
The following data may be collected if the report is not made anonymously:
Data processing for information on personal identification of the whistleblower is based on the legal obligation of the Whistleblower Protection Act (HinSchG) in accordance with Art. 6 para. 1 lit. c GDPR.
If further information on employment characteristics, information about the person concerned, and other information that allows conclusions to be drawn about natural persons is processed, this is done either to fulfill legal obligations of the Whistleblower Protection Act (HinSchG) in accordance with Art. 6 para. 1 lit. c GDPR or, in the case of voluntary provision of a whistleblower system, on the basis of legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. Our legitimate interest is in processing reports in order to be able to carry out follow-up measures.
Further information on the privacy policy of our whistleblower system can be found at: https://www.audatis-manager.de/datenschutz/.
Further information about the ombudsperson, Dr. Wilfried Röder, or the associated processing of personal data can be obtained at any time via meldestelle@infai.org.
You have the right to obtain confirmation from us as to whether personal data concerning you is being processed.
You have the right to obtain from us at any time, free of charge, information about the personal data stored about you as well as a copy of this data in accordance with statutory provisions.
You have the right to demand the correction of inaccurate personal data concerning you. Furthermore, you have the right to request the completion of incomplete personal data, taking into account the purposes of processing.
You have the right to demand that we delete personal data concerning you without delay, provided that one of the statutory grounds applies and insofar as processing or storage is not necessary.
You have the right to demand that we restrict processing if one of the statutory requirements is met.
You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another controller without hindrance from us to whom the personal data was provided, provided that processing is based on consent in accordance with Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract in accordance with Art. 6 para. 1 lit. b GDPR and processing is carried out using automated procedures, unless processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
Furthermore, when exercising your right to data portability in accordance with Art. 20 para. 1 GDPR, you have the right to have the personal data transmitted directly from one controller to another controller, where this is technically feasible and provided that this does not adversely affect the rights and freedoms of other persons.
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6 para. 1 lit. e (data processing in the public interest) or f (data processing based on a balancing of interests) GDPR.
This also applies to profiling based on these provisions within the meaning of Art. 4 No. 4 GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms, or if processing serves the assertion, exercise, or defense of legal claims.
In individual cases, we process personal data for direct marketing purposes. You can object at any time to the processing of personal data for the purpose of such advertising. This also applies to profiling insofar as it is related to such direct marketing. If you object to us regarding processing for direct marketing purposes, we will no longer process the personal data for these purposes.
In addition, you have the right to object, on grounds relating to your particular situation, to the processing of personal data concerning you that is carried out by us for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 para. 1 GDPR, unless such processing is necessary for the performance of a task carried out in the public interest.
You are free to exercise your right to object in connection with the use of information society services, notwithstanding Directive 2002/58/EC, using automated procedures in which technical specifications are used.
You have the right to withdraw consent to the processing of personal data at any time with effect for the future.
You have the right to lodge a complaint with a supervisory authority responsible for data protection about our processing of personal data.
We process and store your personal data only for the period necessary to achieve the storage purpose or insofar as this has been provided for by the legislation to which our company is subject.
If the storage purpose ceases to apply or if a prescribed storage period expires, the personal data will be routinely blocked or deleted in accordance with legal regulations.
The criterion for the duration of storage of personal data is the respective statutory retention period. After expiry of the period, the corresponding data is routinely deleted, provided it is no longer necessary for contract fulfillment or contract initiation.
