Privacy Policy

We hereby inform you, in accordance with the legal requirements of data protection law (especially pursuant to the new version of the BDSG and the European General Data Protection Regulation ‘GDPR’), about the nature, scope, and purpose of the processing of personal data by our company. This privacy policy also applies to our websites and social media profiles. For definitions of terms such as “personal data” or “processing,” please refer to Article 4 of the GDPR.

Name and Contact Details of the Controller
Our controller (hereinafter referred to as the “Controller”)
as defined by Art. 4 No. 7 GDPR is:

Types of Data, Purposes of Processing, and Categories of Data Subjects. We inform you below about the type, scope, and purpose of the collection, processing, and use of personal data. Types of data we process:

1. Contact data (e.g., phone number, email, fax)
2. Content data (e.g., text entries, videos, photos)
3. Purposes of processing pursuant to Art. 13 para. 1 c) GDPR: Handling contact requests

These affected persons are collectively referred to as “users”.

We inform you below about the legal bases for the processing of personal data:

If we obtain your consent for the processing of personal data, Art. 6 para. 1 sentence 1 lit. a GDPR is the legal basis.

• If the processing is necessary for the performance of a contract or for pre-contractual measures at your request, Art. 6 para. 1 sentence 1 lit. b GDPR is the legal basis.
• If the processing is necessary to comply with a legal obligation (e.g., legal retention requirements), Art. 6 para. 1 sentence 1 lit. c GDPR is the legal basis.
• If processing is necessary to protect vital interests of the data subject or another natural person, Art. 6 para. 1 sentence 1 lit. d GDPR is the legal basis.
• If the processing is necessary to protect our legitimate interests or those of a third party, provided your interests or fundamental rights and freedoms do not override them, Art. 6 para. 1 sentence 1 lit. f GDPR is the legal basis.

Disclosure of Personal Data to Third Parties and Processors

We generally do not disclose data to third parties without your consent. If we do, the disclosure is based on the legal grounds mentioned above — for example, sharing data with online payment providers for contract fulfillment, or due to a court order or legal obligation for law enforcement, threat prevention, or enforcement of intellectual property rights.

We also use processors (external service providers, e.g., for web hosting) to process your data. If data is shared with processors under a processing agreement, it is always in accordance with Art. 28 GDPR. We carefully select our processors, monitor them regularly, and retain control over instructions regarding the data. Processors are also required to implement appropriate technical and organizational measures and to comply with data protection regulations in accordance with BDSG and GDPR.

Data Transfer to Third Countries

The GDPR has created a uniform data protection framework across Europe. Therefore, your data is mainly processed by companies to which the GDPR applies. If processing by third-party services outside the EU or EEA occurs, they must meet the special requirements of Art. 44 et seq. GDPR — meaning processing only occurs under specific guarantees, such as an officially recognized adequate level of data protection or adherence to officially recognized contractual obligations, like the “Standard Contractual Clauses.”

If we obtain your explicit consent for data transfer to the USA due to the invalidation of the "`Privacy Shield"` (Art. 49 para. 1 sentence 1 lit. a GDPR), we point out the risk of secret access by US authorities and potential data use for surveillance purposes without legal remedies for EU citizens.

Data Deletion and Storage Duration

Unless otherwise specified in this privacy policy, your personal data will be deleted or blocked as soon as the consent for processing is revoked, the purpose for storage ceases to apply, or the data is no longer necessary for that purpose — unless further storage is required for evidence purposes or legal retention obligations prevent deletion. Legal obligations include commercial law requirements to retain business correspondence for 6 years (§ 257 para. 1 HGB) and tax law requirements to retain documents for 10 years (§ 147 para. 1 AO).
Once these retention periods expire, the data will be blocked or deleted unless continued storage is required for contract conclusion or fulfillment.

Existence of Automated Decision-Making
We do not use automated decision-making or profiling.

Provision of Our Website and Creation of Log Files
When you use our website for informational purposes only (i.e., without registration or submitting other information), we only collect the personal data your browser transmits to our server. If you want to view our website, we collect the following data:

• • IP address;
• • User’s internet service provider;
• • Date and time of access;
• • Browser type;
• • Language and browser version;
• • Requested content;
• • Time zone;
• • Access status/HTTP status code;
• • Amount of data transferred;
• • Referring websites;
• • Operating system.

This data is not stored together with other personal data of yours.

These data are used to ensure user-friendly, functional, and secure delivery of our website, as well as to optimize it and analyze it statistically.
The legal basis is our legitimate interest in data processing according to Art. 6 para. 1 sentence 1 lit. f GDPR.
We store this data in server log files for 10 days for security reasons. After this period, it is automatically deleted unless it is required for evidence purposes, such as in the event of attacks on our server infrastructure or legal violations.
Contact via Contact Form / Email / Fax / Mail
When you contact us via contact form, fax, mail, or email, the information you provide is processed to handle your inquiry.

The legal basis for this is:
Art. 6 para. 1 sentence 1 lit. a GDPR, if you have given your consent.
Art. 6 para. 1 sentence 1 lit. f GDPR, if the processing is in response to a general inquiry. The controller has a legitimate interest in processing and storing the data to respond to user requests, for legal protection, and to comply with legal retention obligations for business correspondence.
If the contact aims at concluding a contract, the additional legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR.
We may store your request and details in our Customer Relationship Management (CRM) system or a similar system.
The data will be deleted once it is no longer necessary for the purpose for which it was collected. For data collected via contact form or email, this is the case when the conversation with you has ended — that is, when it can be inferred from the circumstances that the matter has been conclusively resolved.
For users with an account or contract with us, inquiries are stored for up to two years after contract termination. In the case of statutory archiving obligations, deletion occurs after these periods: 6 years for commercial law, 10 years for tax law.
You can revoke your consent to the processing of personal data at any time under Art. 6 para. 1 sentence 1 lit. a GDPR. If you contact us by email, you may object to the storage of your personal data at any time.

Contact by Telephone If you contact us by phone, your phone number will be processed to handle your inquiry and will be temporarily stored/displayed in the RAM/cache of the device/display. The storage occurs for legal and security reasons (e.g., proof of call) and for practical reasons (e.g., enabling a callback). In the case of unsolicited advertising calls, we block the phone number.
The legal basis for processing the phone number is Art. 6 para. 1 sentence 1 lit. f GDPR. If the contact aims to conclude a contract, the additional legal basis is Art. 6 para. 1 lit. b GDPR.
The device cache stores call data for 30 days, overwriting or deleting old data progressively. Upon disposal of the device, all data is deleted and the storage medium is destroyed, if necessary. Blocked numbers are reviewed annually for the necessity of continued blocking.
You can prevent your number from being displayed by calling with caller ID blocked.

Rights of the Data Subject
Objection or Revocation of Data Processing
If the processing of your personal data is based on your consent under Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR, you have the right to revoke your consent at any time. The lawfulness of processing based on consent before its withdrawal remains unaffected.
If we base the processing of your personal data on a legitimate interest according to Art. 6 para. 1 sentence 1 lit. f GDPR, you may object to the processing. This applies in particular when the processing is not required for a contract with you, as outlined in the respective function descriptions.
In the event of such an objection, please explain your reasons for opposing the processing. We will then review the situation and either stop or adapt the data processing, or explain our compelling legitimate grounds for continuing the processing.
You can object to the processing of your personal data for advertising or data analysis purposes at any time and free of charge. Please send your advertising objection to:

Right to Rectification

You have the right to have inaccurate personal data corrected and incomplete data completed, in accordance with Art. 16 GDPR.

Right to Erasure

You have the right to request the deletion of your data stored by us in accordance with Art. 17 GDPR, unless statutory or contractual retention periods or other legal obligations or rights to continued storage prevent this.

Right to Restriction of Processing

You have the right to request a restriction of the processing of your personal data if one of the conditions in Art. 18 para. 1 lit. a) to d) GDPR applies:

• If you dispute the accuracy of your personal data for a period enabling the controller to verify the accuracy of the data;

• If the processing is unlawful and you oppose the erasure of the personal data and instead request the restriction of its use;

• If the controller no longer needs the personal data for the purposes of processing, but you require it for the establishment, exercise, or defense of legal claims; or

• If you have objected to processing pursuant to Art. 21 para. 1 GDPR and it is not yet clear whether the controller’s legitimate grounds override yours.

Right to Data Portability

You have the right to data portability in accordance with Art. 20 GDPR, which means you can receive your personal data that we have stored in a structured, commonly used, and machine-readable format, or request the transfer to another controller.

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the authority in the EU member state of your place of residence, workplace, or the place of the alleged infringement.

Data Security

To protect all personal data transmitted to us and to ensure that data protection regulations are observed by us and our external service providers, we have implemented appropriate technical and organizational security measures. This includes encrypting all data transferred between your browser and our server via a secure SSL connection.

Last updated: 04.12.2024

Ready to discuss your project?

Do you have questions about our services?
Our specialists are always happy to assist you.

Contact