Privacy Policy

May 28, 2024

With the following privacy policy, we would like to inform you about the types of your personal data (hereinafter also referred to briefly as "data") that we process, for what purposes, and to what extent. The privacy policy applies to all processing of personal data carried out by us, both in the context of providing our services and especially on our websites, in mobile applications, and within external online presences, such as our social media profiles (hereinafter collectively referred to as the "online offering").

Person in charge

SEA VENTURES GmbH
Dreihornstrasse 3
30659 Hannover

Authorized representatives: Dr. Amke Briese, Sjard Briese

info@seaventures.de

Overview of processing activities

The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects.

Types of data processed

  • Inventory data
  • Contact details
  • Content data
  • Usage data
  • Meta, communication, and process data

Categories of data subjects

  • Communication partners
  • Users

Purposes of processing

  • Contact inquiries and communication
  • Security measures
  • Direct marketing
  • Administration and response to inquiries
  • Feedback
  • Providing our online offering and user-friendliness
  • Information technology infrastructure

Relevant legal bases

Relevant legal bases according to the GDPR: Below you will find an overview of the legal bases of the GDPR on which we process personal data. Please note that in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or domicile. Furthermore, if more specific legal bases are applicable in individual cases, we will inform you of these in the privacy policy.

  • Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR) - The data subject has given consent to the processing of his or her personal data for one or more specific purposes.
  • Performance of a contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR) - Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR) - Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

National data protection regulations in Germany: In addition to the data protection regulations of the GDPR, national regulations on data protection in Germany apply. This includes in particular the Federal Data Protection Act (BDSG). The BDSG contains in particular special regulations on the right to information, the right to deletion, the right to object, the processing of special categories of personal data, processing for other purposes, and transmission as well as automated decision-making in individual cases including profiling. Furthermore, data protection laws of the individual federal states may apply.

Reference to the applicability of the GDPR and Swiss DPA: These data protection notices serve both to provide information in accordance with the Swiss Federal Data Protection Act (Swiss DPA) and the General Data Protection Regulation (GDPR). For this reason, please note that due to the broader spatial application and comprehensibility, the terms of the GDPR are used. In particular, instead of the terms used in the Swiss DPA such as "processing" of "personal data", "legitimate interest", and "particularly sensitive personal data", the terms used in the GDPR such as "processing" of "personal data" as well as "legitimate interest" and "special categories of data" are used. However, the legal meaning of the terms is determined within the scope of the applicability of the Swiss DPA according to the Swiss DPA.

Security measures

We take appropriate technical and organizational measures in accordance with legal requirements, taking into account the state of the art, implementation costs, and the nature, scope, circumstances, and purposes of processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, to ensure a level of protection appropriate to the risk.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to data as well as access, input, disclosure, ensuring availability, and separation of data. Furthermore, we have established procedures to ensure the exercise of data subjects' rights, the deletion of data, and responses to data breaches. We also take the protection of personal data into account during the development or selection of hardware, software, and procedures, in accordance with the principle of data protection by design and by default.

Transfer of personal data

As part of our processing of personal data, it may happen that the data is transferred to other places, companies, legally independent organizational units or persons or that it is disclosed to them. Recipients of this data may include, for example, IT service providers or providers of services and content that are integrated into a website. In such cases, we comply with legal requirements and in particular conclude corresponding contracts or agreements with the recipients of your data that serve to protect your data.

International data transfers

Data processing in third countries: If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if processing occurs in the context of using third-party services or disclosing or transferring data to other persons, entities or companies, this only occurs if it is done to fulfill our (pre)contractual obligations, on the basis of your consent, due to a legal obligation, or based on our legitimate interests. Subject to specific information provided separately in the context of individual third-party providers from third countries, the following applies: If data is processed in a third country, including the United States, and if no legal basis for such processing exists, we will ensure that your data is protected at an appropriate level by contractual provisions or other recognized instruments, such as certification or codes of conduct, in accordance with the legal requirements.

EU-US Trans-Atlantic Data Privacy Framework: As part of the so-called "Data Privacy Framework" (DPF), the EU Commission has also recognized the level of data protection for certain companies from the USA as secure in accordance with the adequacy decision of July 10, 2023. You can find the list of certified companies as well as further information on the DPF on the website of the US Department of Commerce at https://www.dataprivacyframework.gov/.

Rights of data subjects

Rights of data subjects under the GDPR: As data subjects, you have various rights under the GDPR, which arise in particular from Art. 15 to 21 GDPR:

  • Right to Object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6 para. 1 lit. e or f GDPR, including profiling based on those provisions. If personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to processing of personal data concerning you for such marketing, including profiling to the extent that it is related to such direct marketing.
  • Right to Withdraw Consent: You have the right to withdraw consent at any time.
  • Right of Access: You have the right to obtain confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the information specified in Art. 15 GDPR.
  • Right to Rectification: You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you and, if necessary, the right to have incomplete personal data completed.
  • Right to Erasure and Restriction of Processing: You have the right, in accordance with legal requirements, to request the immediate deletion of personal data concerning you or, alternatively, to request a restriction on the processing of data.
  • Right to Data Portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, or to request the transmission of those data to another controller, in accordance with legal requirements.
  • Right to Lodge a Complaint with a Supervisory Authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data relating to you violates the GDPR.

Use of Cookies

Cookies are small text files or other storage mechanisms that store information on end devices and retrieve information from end devices. For example, to store the login status in a user account, the contents of a shopping cart in an e-shop, the accessed contents or functions of an online offering. Cookies can also be used for various purposes, such as functionality, security, and convenience of online offerings, as well as for generating visitor flow analyses.

  • Notes on Consent: We use cookies in accordance with legal regulations. Therefore, we obtain prior consent from users, unless legally not required. Consent is not required, in particular, if storing and retrieving information, including cookies, is absolutely necessary to provide users with an explicitly requested telemedia service (i.e., our online offering). Cookies that are absolutely necessary typically include cookies with functions related to the display and functionality of the online offering, load balancing, security, storing user preferences, and choices, or similar purposes related to providing the main and ancillary functions of the online offering requested by users. The revocable consent is clearly communicated to users and contains information about the respective cookie use.
  • Notes on Data Protection Legal Bases: The legal basis on which we process users' personal data using cookies depends on whether we ask users for consent. If users consent, the legal basis for processing their data is the declared consent. Otherwise, data processed using cookies are based on our legitimate interests (e.g., in the efficient operation of our online offering and improving its usability) or, if necessary for the performance of our contractual obligations, if the use of cookies is required to fulfill our contractual obligations. We clarify the purposes for which we process cookies during the course of this privacy policy or as part of our consent and processing procedures.
  • Storage Period: With regard to the storage period, the following types of cookies are distinguished:
  • Temporary Cookies (also: Session Cookies): Temporary cookies are deleted at the latest after a user leaves an online offering and closes their end device (e.g., browser or mobile application).
  • Persistent Cookies: Persistent cookies remain stored even after closing the end device. For example, the login status can be stored or preferred content can be displayed directly when the user revisits a website. Similarly, data collected using cookies can be used for audience measurement. If we do not provide explicit information to users about the type and storage period of cookies (e.g., as part of obtaining consent), users should assume that cookies are persistent and may be stored for up to two years.
  • General Notes on Revocation and Objection (so-called "Opt-Out"): Users can revoke consent given by them at any time and object to processing in accordance with legal requirements. To do this, users can restrict the use of cookies in their browser settings (which may also limit the functionality of our online offering). Objection to the use of cookies for online marketing purposes can also be made via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/.
  • Legal Bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR), Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR).

Further Notes on Processing Processes, Procedures, and Services:

Processing of Cookie Data Based on Consent: We use a consent management procedure: a procedure for obtaining, logging, managing, and revoking consent, especially for the use of cookies and similar technologies for storing, retrieving, and processing information on users' end devices and their processing, for which users' consent is obtained and managed and revoked by users in the context of the consent management procedure: procedure for obtaining, logging, managing, and revoking consent, especially for the use of cookies and similar technologies for storing, retrieving, and processing information on users' end devices and their processing. Here, the consent declaration is stored to avoid having to repeat the query and to be able to provide evidence of consent in accordance with legal obligations. Storage can be done server-side and/or in a cookie (so-called opt-in cookie or similar technologies) to assign consent to a user or their device. Subject to individual information about providers of cookie management services, the following applies: The storage period for consent can be up to two years. For this purpose, a pseudonymous user identifier is created and stored along with the time of consent, information about the scope of consent (e.g., which categories of cookies and/or service providers) as well as the browser, system, and used end device; Legal Bases: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR).

Provision of the Online Offering and Web Hosting

We process user data to provide them with our online services. For this purpose, we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's browser or device.

  • Processed Data Types: Usage Data (e.g., visited websites, interest in content, access times); Meta, Communication, and Process Data (e.g., IP addresses, time stamps, identification numbers, consent status).
  • Data Subjects: Users (e.g., website visitors, users of online services).
  • Purposes of Processing: Provision of our online offering and user-friendliness; Information technology infrastructure (operation and provision of information systems and technical equipment (computers, servers, etc.)). Security measures.
  • Legal Bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Further Notes on Processing Processes, Procedures, and Services:

  • Collection of Access Data and Log Files: Access to our online offering is logged in the form of so-called "server log files". Server log files may include the address and name of the accessed websites and files, date and time of access, transmitted data volumes, message about successful access, browser type and version, user's operating system, referrer URL (previously visited page), and usually IP addresses and the requesting provider. Server log files can be used for security purposes, e.g., to avoid server overload (especially in case of abusive attacks, so-called DDoS attacks), and to ensure server load and stability; Legal Bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Deletion of Data: Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data whose further retention is necessary for evidentiary purposes is excluded from deletion until the final clarification of the respective incident.Vorfalls von der Löschung ausgenommen.

Webflow, Inc.

Service Provider: Webflow, Inc., 208 Utah, Suite 210, San Francisco, CA 94103, USA
Website: https://webflow.com

We host our website with Webflow. The provider is Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter: Webflow). When you visit our website, Webflow collects various log files including your IP addresses, which are anonymized.

Webflow is a tool for creating and hosting websites. Webflow stores cookies or other recognition technologies that are necessary for displaying the page, providing certain website functions, and ensuring security (necessary cookies).

For details, please refer to Webflow's Privacy Policy: https://webflow.com/legal/eu-privacy-policy

The use of Webflow is based on Article 6(1)(f) of the GDPR. We have a legitimate interest in a reliable presentation of our website. If consent has been requested, the processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR and Section 25(1) of the TTDSG, insofar as the consent includes the storage of cookies or access to information on the user's terminal device (e.g., device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with European data protection standards based on an adequacy decision by the European Commission.

Data Processing Agreement

We have entered into a Data Processing Agreement (DPA) with the aforementioned provider. This is a contract required by data protection law to ensure that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Contact and Inquiry Management

When contacting us (e.g., by post, contact form, email, telephone, or via social media) and within the framework of existing user and business relationships, the information provided by the inquiring individuals is processed to the extent necessary to respond to the contact inquiries and any requested measures.

  • Processed Data Types: Contact Data (e.g., email, phone numbers); Content Data (e.g., entries in online forms); Usage Data (e.g., visited websites, interest in content, access times); Meta, Communication, and Process Data (e.g., IP addresses, time stamps, identification numbers, consent status).
  • Data Subjects: Communication partners.
  • Purposes of Processing: Contact inquiries and communication; Management and response to inquiries; Feedback (e.g., collecting feedback via online form). Provision of our online offering and user-friendliness.
  • Legal Bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Contract Performance and Pre-Contractual Inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR).

Further Notes on Processing Processes, Procedures, and Services:

Contact Form: When users contact us via our contact form, email, or other communication channels, we process the data communicated to us in this context to process the stated request; Legal Bases: Contract Performance and Pre-Contractual Inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR), Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Promotional Communication

We process personal data for the purpose of promotional communication, which can be carried out via various channels, such as email, telephone, post, or fax, in accordance with legal requirements.

Recipients have the right to revoke consent given at any time or to object to promotional communication at any time.

After revocation or objection, we store the data necessary to prove the previous authorization for contact or sending for up to three years after the end of the year of revocation or objection on the basis of our legitimate interests. The processing of this data is limited to the purpose of possible defense against claims. Based on the legitimate interest of permanently observing the revocation or objection of users, we also store the data necessary to avoid renewed contact (e.g., depending on the communication channel, the email address, telephone number, name).

Processed Data Types: Inventory Data (e.g., names, addresses); Contact Data (e.g., email, phone numbers).

Data Subjects: Communication partners.

Purposes of Processing: Direct Marketing (e.g., by email or postal).

Legal Bases: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR). Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

With the following privacy policy, we would like to inform you about the types of your personal data (hereinafter also referred to briefly as "data") that we process, for what purposes, and to what extent. The privacy policy applies to all processing of personal data carried out by us, both in the context of providing our services and especially on our websites, in mobile applications, and within external online presences, such as our social media profiles (hereinafter collectively referred to as the "online offering").

Person in charge

SEA VENTURES GmbH
Dreihornstrasse 3
30659 Hannover

Authorized representatives: Dr. Amke Briese, Sjard Briese

info@seaventures.de

Overview of processing activities

The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects.

Types of data processed

  • Inventory data
  • Contact details
  • Content data
  • Usage data
  • Meta, communication, and process data

Categories of data subjects

  • Communication partners
  • Users

Purposes of processing

  • Contact inquiries and communication
  • Security measures
  • Direct marketing
  • Administration and response to inquiries
  • Feedback
  • Providing our online offering and user-friendliness
  • Information technology infrastructure

Relevant legal bases

Relevant legal bases according to the GDPR: Below you will find an overview of the legal bases of the GDPR on which we process personal data. Please note that in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or domicile. Furthermore, if more specific legal bases are applicable in individual cases, we will inform you of these in the privacy policy.

  • Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR) - The data subject has given consent to the processing of his or her personal data for one or more specific purposes.
  • Performance of a contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR) - Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR) - Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

National data protection regulations in Germany: In addition to the data protection regulations of the GDPR, national regulations on data protection in Germany apply. This includes in particular the Federal Data Protection Act (BDSG). The BDSG contains in particular special regulations on the right to information, the right to deletion, the right to object, the processing of special categories of personal data, processing for other purposes, and transmission as well as automated decision-making in individual cases including profiling. Furthermore, data protection laws of the individual federal states may apply.

Reference to the applicability of the GDPR and Swiss DPA: These data protection notices serve both to provide information in accordance with the Swiss Federal Data Protection Act (Swiss DPA) and the General Data Protection Regulation (GDPR). For this reason, please note that due to the broader spatial application and comprehensibility, the terms of the GDPR are used. In particular, instead of the terms used in the Swiss DPA such as "processing" of "personal data", "legitimate interest", and "particularly sensitive personal data", the terms used in the GDPR such as "processing" of "personal data" as well as "legitimate interest" and "special categories of data" are used. However, the legal meaning of the terms is determined within the scope of the applicability of the Swiss DPA according to the Swiss DPA.

Security measures

We take appropriate technical and organizational measures in accordance with legal requirements, taking into account the state of the art, implementation costs, and the nature, scope, circumstances, and purposes of processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, to ensure a level of protection appropriate to the risk.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to data as well as access, input, disclosure, ensuring availability, and separation of data. Furthermore, we have established procedures to ensure the exercise of data subjects' rights, the deletion of data, and responses to data breaches. We also take the protection of personal data into account during the development or selection of hardware, software, and procedures, in accordance with the principle of data protection by design and by default.

Transfer of personal data

As part of our processing of personal data, it may happen that the data is transferred to other places, companies, legally independent organizational units or persons or that it is disclosed to them. Recipients of this data may include, for example, IT service providers or providers of services and content that are integrated into a website. In such cases, we comply with legal requirements and in particular conclude corresponding contracts or agreements with the recipients of your data that serve to protect your data.

International data transfers

Data processing in third countries: If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if processing occurs in the context of using third-party services or disclosing or transferring data to other persons, entities or companies, this only occurs if it is done to fulfill our (pre)contractual obligations, on the basis of your consent, due to a legal obligation, or based on our legitimate interests. Subject to specific information provided separately in the context of individual third-party providers from third countries, the following applies: If data is processed in a third country, including the United States, and if no legal basis for such processing exists, we will ensure that your data is protected at an appropriate level by contractual provisions or other recognized instruments, such as certification or codes of conduct, in accordance with the legal requirements.

EU-US Trans-Atlantic Data Privacy Framework: As part of the so-called "Data Privacy Framework" (DPF), the EU Commission has also recognized the level of data protection for certain companies from the USA as secure in accordance with the adequacy decision of July 10, 2023. You can find the list of certified companies as well as further information on the DPF on the website of the US Department of Commerce at https://www.dataprivacyframework.gov/.

Rights of data subjects

Rights of data subjects under the GDPR: As data subjects, you have various rights under the GDPR, which arise in particular from Art. 15 to 21 GDPR:

  • Right to Object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6 para. 1 lit. e or f GDPR, including profiling based on those provisions. If personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to processing of personal data concerning you for such marketing, including profiling to the extent that it is related to such direct marketing.
  • Right to Withdraw Consent: You have the right to withdraw consent at any time.
  • Right of Access: You have the right to obtain confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the information specified in Art. 15 GDPR.
  • Right to Rectification: You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you and, if necessary, the right to have incomplete personal data completed.
  • Right to Erasure and Restriction of Processing: You have the right, in accordance with legal requirements, to request the immediate deletion of personal data concerning you or, alternatively, to request a restriction on the processing of data.
  • Right to Data Portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, or to request the transmission of those data to another controller, in accordance with legal requirements.
  • Right to Lodge a Complaint with a Supervisory Authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data relating to you violates the GDPR.

Use of Cookies

Cookies are small text files or other storage mechanisms that store information on end devices and retrieve information from end devices. For example, to store the login status in a user account, the contents of a shopping cart in an e-shop, the accessed contents or functions of an online offering. Cookies can also be used for various purposes, such as functionality, security, and convenience of online offerings, as well as for generating visitor flow analyses.

  • Notes on Consent: We use cookies in accordance with legal regulations. Therefore, we obtain prior consent from users, unless legally not required. Consent is not required, in particular, if storing and retrieving information, including cookies, is absolutely necessary to provide users with an explicitly requested telemedia service (i.e., our online offering). Cookies that are absolutely necessary typically include cookies with functions related to the display and functionality of the online offering, load balancing, security, storing user preferences, and choices, or similar purposes related to providing the main and ancillary functions of the online offering requested by users. The revocable consent is clearly communicated to users and contains information about the respective cookie use.
  • Notes on Data Protection Legal Bases: The legal basis on which we process users' personal data using cookies depends on whether we ask users for consent. If users consent, the legal basis for processing their data is the declared consent. Otherwise, data processed using cookies are based on our legitimate interests (e.g., in the efficient operation of our online offering and improving its usability) or, if necessary for the performance of our contractual obligations, if the use of cookies is required to fulfill our contractual obligations. We clarify the purposes for which we process cookies during the course of this privacy policy or as part of our consent and processing procedures.
  • Storage Period: With regard to the storage period, the following types of cookies are distinguished:
  • Temporary Cookies (also: Session Cookies): Temporary cookies are deleted at the latest after a user leaves an online offering and closes their end device (e.g., browser or mobile application).
  • Persistent Cookies: Persistent cookies remain stored even after closing the end device. For example, the login status can be stored or preferred content can be displayed directly when the user revisits a website. Similarly, data collected using cookies can be used for audience measurement. If we do not provide explicit information to users about the type and storage period of cookies (e.g., as part of obtaining consent), users should assume that cookies are persistent and may be stored for up to two years.
  • General Notes on Revocation and Objection (so-called "Opt-Out"): Users can revoke consent given by them at any time and object to processing in accordance with legal requirements. To do this, users can restrict the use of cookies in their browser settings (which may also limit the functionality of our online offering). Objection to the use of cookies for online marketing purposes can also be made via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/.
  • Legal Bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR), Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR).

Further Notes on Processing Processes, Procedures, and Services:

Processing of Cookie Data Based on Consent: We use a consent management procedure: a procedure for obtaining, logging, managing, and revoking consent, especially for the use of cookies and similar technologies for storing, retrieving, and processing information on users' end devices and their processing, for which users' consent is obtained and managed and revoked by users in the context of the consent management procedure: procedure for obtaining, logging, managing, and revoking consent, especially for the use of cookies and similar technologies for storing, retrieving, and processing information on users' end devices and their processing. Here, the consent declaration is stored to avoid having to repeat the query and to be able to provide evidence of consent in accordance with legal obligations. Storage can be done server-side and/or in a cookie (so-called opt-in cookie or similar technologies) to assign consent to a user or their device. Subject to individual information about providers of cookie management services, the following applies: The storage period for consent can be up to two years. For this purpose, a pseudonymous user identifier is created and stored along with the time of consent, information about the scope of consent (e.g., which categories of cookies and/or service providers) as well as the browser, system, and used end device; Legal Bases: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR).

Provision of the Online Offering and Web Hosting

We process user data to provide them with our online services. For this purpose, we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's browser or device.

  • Processed Data Types: Usage Data (e.g., visited websites, interest in content, access times); Meta, Communication, and Process Data (e.g., IP addresses, time stamps, identification numbers, consent status).
  • Data Subjects: Users (e.g., website visitors, users of online services).
  • Purposes of Processing: Provision of our online offering and user-friendliness; Information technology infrastructure (operation and provision of information systems and technical equipment (computers, servers, etc.)). Security measures.
  • Legal Bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Further Notes on Processing Processes, Procedures, and Services:

  • Collection of Access Data and Log Files: Access to our online offering is logged in the form of so-called "server log files". Server log files may include the address and name of the accessed websites and files, date and time of access, transmitted data volumes, message about successful access, browser type and version, user's operating system, referrer URL (previously visited page), and usually IP addresses and the requesting provider. Server log files can be used for security purposes, e.g., to avoid server overload (especially in case of abusive attacks, so-called DDoS attacks), and to ensure server load and stability; Legal Bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Deletion of Data: Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data whose further retention is necessary for evidentiary purposes is excluded from deletion until the final clarification of the respective incident.Vorfalls von der Löschung ausgenommen.

Contact and Inquiry Management

When contacting us (e.g., by post, contact form, email, telephone, or via social media) and within the framework of existing user and business relationships, the information provided by the inquiring individuals is processed to the extent necessary to respond to the contact inquiries and any requested measures.

  • Processed Data Types: Contact Data (e.g., email, phone numbers); Content Data (e.g., entries in online forms); Usage Data (e.g., visited websites, interest in content, access times); Meta, Communication, and Process Data (e.g., IP addresses, time stamps, identification numbers, consent status).
  • Data Subjects: Communication partners.
  • Purposes of Processing: Contact inquiries and communication; Management and response to inquiries; Feedback (e.g., collecting feedback via online form). Provision of our online offering and user-friendliness.
  • Legal Bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Contract Performance and Pre-Contractual Inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR).

Further Notes on Processing Processes, Procedures, and Services:

Contact Form: When users contact us via our contact form, email, or other communication channels, we process the data communicated to us in this context to process the stated request; Legal Bases: Contract Performance and Pre-Contractual Inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR), Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Promotional Communication

We process personal data for the purpose of promotional communication, which can be carried out via various channels, such as email, telephone, post, or fax, in accordance with legal requirements.

Recipients have the right to revoke consent given at any time or to object to promotional communication at any time.

After revocation or objection, we store the data necessary to prove the previous authorization for contact or sending for up to three years after the end of the year of revocation or objection on the basis of our legitimate interests. The processing of this data is limited to the purpose of possible defense against claims. Based on the legitimate interest of permanently observing the revocation or objection of users, we also store the data necessary to avoid renewed contact (e.g., depending on the communication channel, the email address, telephone number, name).

Processed Data Types: Inventory Data (e.g., names, addresses); Contact Data (e.g., email, phone numbers).

Data Subjects: Communication partners.

Purposes of Processing: Direct Marketing (e.g., by email or postal).

Legal Bases: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR). Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).