1. person responsible for data processing

Responsible acc. Art. 4 para. 7 of the EU General Data Protection Regulation (GDPR) is For Sale Digital Internet-Agentur GmbH, Lange Reihe 29, 20099 Hamburg, T +49 (0)40 / 37 49 10-0, info@for-sale-digital.de (see our legal notice).

2. contact possibility of the data protection officer

You can contact our data protection officer at datenschutz@for-sale-digital.de or at our postal address with the addition “the data protection officer”.

3. your rights

You have the following rights vis-à-vis us with regard to your personal data:

3.1 General rights

We will be happy to provide you with information as to whether personal data concerning you is being processed; if this is the case, you have a right to information about this personal data and to the information listed in detail in Art. 15 GDPR. In addition, you have the right to rectification (Art. 16 GDPR), the right to restriction of processing (Art. 18 GDPR), the right to erasure (Art. 17 GDPR) and the right to data portability (Art. 20 GDPR) under the respective legal requirements.

3.2 Rights in data processing according to the legitimate interest

You have acc. Art. 21 para. 1 The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on Article 6(1)(e) GDPR (data processing in the public interest) or Article 6(1)(f) GDPR (data processing for the purposes of a legitimate interest), including profiling based on those provisions. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.

3.3 Rights in the case of direct advertising

If we process your personal data for the purpose of direct marketing, you have the right to object to such processing in accordance with Art. Art. 21 para. 2 GDPR, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.

If you object to processing for the purposes of direct marketing, we will no longer process your personal data for these purposes.

3.4 Right to lodge a complaint with a supervisory authority

You also have the right to complain to a competent data protection supervisory authority about the processing of your personal data by us.

4. General information on data processing

4.1 Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 sentence 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis.

In the case of the processing of personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 sentence .1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.

Insofar as the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 para. 1 sentence 1 lit. c GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 sentence 1 lit. d GDPR serves as the legal basis.

If the processing is necessary to safeguard a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first interest, Art. 6 para. 1 sentence 1 lit. f GDPR serves as the legal basis for the processing.

4.2 Data deletion and storage period

The personal data of the data subject will be deleted as soon as the purpose for which it was stored no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

5. Collection of personal data when visiting our website

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.

The following data is collected:

1. Information about the browser type and version used
2. The user’s operating system
3. The IP address of the user
4. Date and time of access
5. Websites from which the user’s system accesses our website

The collection of this data is technically necessary in order to display our website to you and to ensure stability and security. Temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session. We (and our service provider) regularly do not know who is behind an IP address. We do not merge the data listed above with other data.

The legal basis is Art. 6 para. 1 p. 1 lit. f GDPR; insofar as there is absolutely necessary access to information stored in the user’s terminal equipment, § 25 para. 2 No. 2 TTDSG. Since the collection of data for the provision of the website and storage in log files is absolutely necessary for the operation of the website and to protect against misuse, our legitimate interest in data processing prevails at this point.

The data will be deleted as soon as it is no longer required for the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

6. log files

The data listed above is also stored in the log files of our system. This data is not stored together with other personal data of the user.

Storage in log files takes place to ensure the functionality of the website. In addition, we use the data for the technical optimization of the website and to ensure the security of our information technology systems. The data is not evaluated for marketing purposes.

The legal basis for the temporary storage of data and log files is Art. 6 para. 1 sentence 1 lit. f GDPR; insofar as there is absolutely necessary access to information stored in the user’s terminal equipment, also § 25 para. 2 no. 2 TTDSG.

If the data is stored in log files, the data will be deleted after seven days at the latest. Storage beyond this is possible. In this case, the IP addresses of the users are deleted or alienated so that it is no longer possible to assign the calling client.

7. Contacting us by email or phone

When you contact us by e-mail or telephone, the data you provide (your e-mail address, if applicable, etc.) will be collected. Your name and telephone number) are stored by us in order to answer your questions.

If we ask for information that is not required to contact us, we always mark it as optional. This information is used by us to concretize your enquiry and to improve the processing of your request. The provision of this information is expressly voluntary and with your consent, Art. 6 para. 1 a GDPR. Insofar as this concerns information on communication channels (e.g. additional e-mail address, telephone number), you also agree that we may also contact you via this communication channel in order to answer your request. You can of course revoke this consent at any time for the future.

Your data that we have received in the course of contacting you will be deleted as soon as it is no longer required to achieve the purpose for which it was collected, your request has been fully processed and no further communication with you is necessary or desired by you.

8. applications

You can apply to our company electronically via e-mail.

Please note that unencrypted e-mails are not transmitted with access protection.

Your data will be used to process your application and to decide on the establishment of an employment relationship. The legal basis is § 26 para. 1 i.V.m. Para. 8 sentence 2 BDSG and Art. 6 para. 1 p. 1 lit. b GDPR. Furthermore, your personal data may be processed if this is necessary to defend against legal claims asserted against us in the application process. The legal basis for this is Art. 6 para. 1 S.1 lit. f GDPR. The stated purposes also constitute the legitimate interest in the processing.

If there is an employment relationship between you and us, we may, in accordance with § 26 para. 1 BDSG and Art. 6 para. 1 p. 1 lit. b GDPR further process the personal data already received from you for the purposes of the employment relationship, if this is necessary for the performance of a contract, for the performance or termination of the employment relationship or for the exercise or fulfilment of the rights and obligations of representing the interests of employees arising from a law or a collective agreement, a works or service agreement (collective agreement).

Your application data will not be processed beyond the use described above.

Your personal data will be deleted after completion of the application process after 6 months at the latest, unless deletion conflicts with any other legitimate interests on our part or you have not given us your consent for longer storage. Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).

9. Application Portal

You can apply online via our application portal at https://forsaledigital.onlyfy.jobs/ . Your online application will be forwarded directly to the HR department via an encrypted connection and will of course be treated confidentially.

Your data will be used to process your application and to decide on the establishment of an employment relationship. The legal basis is § 26 para. 1 i.V.m. Para. 8 sentence 2 BDSG and Art. 6 para. 1 p. 1 lit. b GDPR. Furthermore, your personal data may be processed if this is necessary to defend against legal claims asserted against us in the application process. The legal basis for this is Art. 6 para. 1 S.1 lit. f GDPR. The stated purposes also constitute the legitimate interest in the processing.

If there is an employment relationship between you and us, we may, in accordance with § 26 para. 1 BDSG and Art. 6 para. 1 p. 1 lit. b GDPR further process the personal data already received from you for the purposes of the employment relationship, if this is necessary for the performance of a contract, for the performance or termination of the employment relationship or for the exercise or fulfilment of the rights and obligations of representing the interests of employees arising from a law or a collective agreement, a works or service agreement (collective agreement).

Your application data will not be processed beyond the use described above.

Your personal data will be deleted after completion of the application process after 6 months at the latest, unless deletion conflicts with any other legitimate interests on our part or you have not given us your consent for longer storage. Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).

Further information on data protection within the framework of the application portal can be found under https://forsaledigital.onlyfy.jobs/policy.

10. Use of cookies

Cookies are data that are stored on your computer by a website that you visit and allow your browser to be reassigned. Cookies transmit information to the entity that uses the cookie. Cookies can store various pieces of information, such as your language preference, the duration of your visit to our website or the information you have entered there. This avoids, for example, having to re-enter required form data every time you use it. The information stored in cookies can also be used to identify preferences and target content according to areas of interest.

There are different types of cookies: Session cookies are volumes of data that are only temporarily stored in memory and are deleted when you close your browser. Permanent or persistent cookies are automatically deleted after a specified period of time, which may differ depending on the cookie. With this type of cookie, the information may also be stored in text files on your computer. However, you can also delete these cookies at any time through your browser settings.

First-party cookies are set by the website you are visiting. Only this website is allowed to read information from these cookies. Third-party cookies are set by organisations that are not the operators of the website you are visiting. These cookies are used, for example, by marketing companies.

The legal bases for possible processing of personal data by means of cookies and their storage period may vary. Insofar as you have given us your consent, the legal basis is Art. 6 para. 1 p. 1 lit. a GDPR. Insofar as the data processing is carried out on the basis of our overriding legitimate interests, the legal basis is Art. 6 para. 1 p. 1 lit. f GDPR. The stated purpose then corresponds to our legitimate interest.

Insofar as we use cookies or similar technologies to access a device used by you within the meaning of § 2 para. 2 No. 6 TTDSG by storing or reading information there regardless of the personal reference, we will first obtain your purpose-related, voluntary and informed consent pursuant to Art. § 25 para. 1 TTDSG.

Insofar as consent can be bundled according to the GDPR and the TTDSG, we will obtain it uniformly.

No consent according to the TTDSG requires access to information in your end device that is already stored there and has been sent to us through your active transmission, this applies to the public IP address of the end device, the address of the website accessed, the user-agent string with browser and operating system incl. version and the language set.

Furthermore, no consent is required under the TTDSG if the cookie or similar technology serves to ensure the transmission of a message over a public telecommunications network (§ 25 para. 2 no. 1 TTDSG) or insofar as the setting of the cookie and thus the storage of information in your terminal equipment or access to information already stored in your terminal equipment provides a message expressly requested by you. telemedia service (§ 25 para. 2 no. 2 TTDSG).

We use cookies to ensure the proper operation of the website, to provide basic functionalities, to measure reach and – with your consent – to tailor our services to preferred areas of interest. We use both transient and persistent cookies for this purpose.

You can delete cookies already stored on your device at any time. If you want to prevent cookies from being stored, you can do so via the settings in your internet browser. Alternatively, you can also install so-called ad blockers. Please note that some features of our website may not work if you have disabled the use of cookies.

When accessing our website, all users of our website are also informed by an information banner about the use of cookies by us and refer to this data protection information. You can revoke your consent at any time with effect for the future by clicking on the cookie-shaped button on the left-hand side of our website and unchecking the box behind the processing to which you had consented.

11. Cookie Consent Manager CCM19

We use CCM19 Cookie’s cookie consent technology so that we can obtain and document your consent to the use of cookies that require consent. The provider of the CCM19 cookie is Papoo Software & Media GmbH – Dr. Carsten Euwens. Bornschein, Auguststr. 4, 53229 Bonn (hereinafter CCM19).

When you visit our website, a CCM19 cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored.

The storage period of the cookie is 1 year.

The cookie stores the following information:

• Date and time of page view
• a random ID
• Consent Status

The legal basis for the processing of the data is Art. 6 para. 1 p. 1 lit. f GDPR and § 25 para. 2 No. 2 TTDSG. Our legitimate interest in using CCM19 lies in fulfilling the requirements of the TTDSG.

The installation of the cookie as well as its storage, and thus his cookie consent, can be prevented or terminated by the user at any time by setting his browser.

Further information on data protection at CCM19 can be found here: https://www.ccm19.de/datenschutzerklaerung.html

12. Google Analytics

If you have given your consent, Google Analytics, a web analysis service of Google LLC, is used on this website. The controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

Scope of processing

Google Analytics uses cookies that enable an analysis of your use of our website. The information collected by cookies about your use of this website is generally transmitted to a Google server in the USA and stored there.

We use the User ID function. With the help of the user ID, we can assign a unique, permanent ID to one or more sessions (and the activities within these sessions) and analyze user behavior across devices.

We use Google Signals. This allows Google Analytics to collect additional information about users who have activated personalized ads (interests and demographic data) and ads can be delivered to these users in cross-device remarketing campaigns.

In Google Analytics 4, the anonymization of IP addresses is activated by default. Due to IP anonymization, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

During your website visit, your user behavior is recorded in the form of “events”. Events can be:

• Page views
• First visit to the website
• Start of the session
• Your “click path”, interaction with the website
• Scrolls (whenever a user scrolls to the end of the page (90%))
• Clicks on external links
• internal search queries
• Interaction with videos
• Viewed / clicked ads

Also recorded:

• Your approximate location (region)
• Your IP address (in abbreviated form)
• technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
• Your Internet provider
• the referrer URL (via which website/advertising medium you came to this website)

Purposes of the processing

On behalf of the operator of this website, Google will use this information to evaluate your use of the website and to compile reports on website activity. The reports provided by Google Analytics are used to analyze the performance of our website.

Receiver

Recipients of the data are/may be

• Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor pursuant to Art. 28 GDPR)
• Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
• Alphabet Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

It cannot be ruled out that US authorities will access the data stored by Google.

Third country transfer

The parent company of Google Ireland, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is considered a third country from a data protection point of view.

Insofar as data is processed outside the EU/EEA, Google LLC has certified itself according to the Data Privacy Framework (DPF) program and is included in the Data Privacy Framework list of the International Trade Administration (ITA). This means that Google has publicly committed to complying with DPF obligations and any data transfer to the USA is unobjectionable due to the current adequacy decision of the European Commission of July 10, 2023.

A list of currently certified U.S. companies can be found here: https://www.dataprivacyframework.gov/s/participant-search. More information about the Data Privacy Framework program can be found on the ITA’s official website: https://www.dataprivacyframework.gov/s/.

Storage period

The data we send and link to cookies will be automatically deleted after 14 months. Data that has reached the end of its retention period is automatically deleted once a month.

Legal basis

The legal basis for this data processing is your consent in accordance with. Art. 6 para. 1 S.1 lit. a GDPR and § 25 para. 1 TTDSG.

Revocation

You can revoke your consent at any time with effect for the future by accessing the cookie settings of this website and changing your selection there. The lawfulness of the processing carried out on the basis of the consent until revocation remains unaffected.

Alternatively, you can prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser to reject all cookies, this may limit the functionality of this and other websites. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by selecting

1. do not give your consent to the setting of the cookie, or
2. Download and install the Google Analytics opt-out browser add-on HERE .

For more information on the terms of use of Google Analytics and data protection at Google, please see https://marketingplatform.google.com/about/analytics/terms/de/ and https://policies.google.com/?hl=de.

13. Google Tag Manager

We use the Google Tag Manager of the provider Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA on our website. The controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

Google Tag Manager makes it easier for us to integrate and manage our tags. Tags are small code elements that are used, among other things, to measure traffic and visitor behavior, record the impact of online advertising and social channels, set up remarketing and targeting, and test and optimize websites. The Tag Manager uses the tags to collect relevant information for the services that we have integrated into our website via Google Tag Manager. The services may be necessary website elements or third-party analysis and marketing tools. We use the Tag Manager for the Google Analytics service.

The recipients of the data are:

• Google Ireland Limited, EU,
• Google LLC, USA,
• Alphabet Inc., USA.

This service may process data outside the European Union and the European Economic Area (EEA) and may transfer it to a country that does not provide an adequate level of data protection.

Insofar as data is processed outside the EU/EEA, Google LLC has certified itself according to the Data Privacy Framework (DPF) program and is included in the Data Privacy Framework list of the International Trade Administration (ITA). This means that Google has publicly committed to complying with DPF obligations and any data transfer to the USA is unobjectionable due to the current adequacy decision of the European Commission of July 10, 2023.

A list of currently certified U.S. companies can be found here: https://www.dataprivacyframework.gov/s/participant-search. More information about the Data Privacy Framework program can be found on the ITA’s official website: https://www.dataprivacyframework.gov/s/.

Data processing by Google Tag Manager is carried out on the basis of your voluntary consent pursuant to Art. Art. 6 para. 1 p. 1 lit. a GDPR and § 25 para. 1 TTDSG, which you can revoke at any time with effect for the future.

For more information about Google Tag Manager, see: https://www.google.com/intl/de/tagmanager/use-policy.html.

14. Google Maps

This site uses the map service Google Maps. Google Maps is a map service provided by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

In order to use the functions of Google Maps, information, including the IP address and the address entered as part of the route function, may be transmitted to the provider’s servers. This information is usually transferred to a Google server in the USA and stored there. When you visit a website that contains Google Maps, your browser establishes a direct connection with Google’s servers when Google Maps content is integrated into the website, whereby the map content is sent to and integrated by your browser.

In order to prevent data transmission to Google without your consent, we have integrated Google Maps into our cookie banner and also prevent data transmission without your consent by means of content blockers.

This means that if you do not give consent to the data transfer to Google in the cookie banner or do not give consent in the content blocker, then no data will be transmitted to Google and you will not be shown a Google Maps map.

The provider of this site has no influence on this data transmission. According to current knowledge, this includes the following data:

• Date and time of the visit to the website in question,
• Location information,
• IP address, (start) address entered as part of route planning,
• Internet address or URL of the website accessed,
• Usage Data and
• Keywords.

The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website.

Insofar as data is processed outside the EU/EEA, Google LLC has certified itself according to the Data Privacy Framework (DPF) program and is included in the Data Privacy Framework list of the International Trade Administration (ITA). This means that Google has publicly committed to complying with DPF obligations and any data transfer to the USA is unobjectionable due to the current adequacy decision of the European Commission of July 10, 2023.

A list of currently certified U.S. companies can be found here: https://www.dataprivacyframework.gov/s/participant-search. More information about the Data Privacy Framework program can be found on the ITA’s official website: https://www.dataprivacyframework.gov/s/.

You can find more information on the handling of user data in Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/.

The data will be deleted as soon as it is no longer needed for the processing purposes.

Data is only collected and stored with your express consent in accordance with. Art. 6 para. 1 p. 1 lit. a GDPR and § 25 para. 1 TTDSG. This can be revoked at any time with effect for the future.

15. HubSpot

This website uses HubSpot for online marketing activities. HubSpot is a software company from the United States with an office in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland.

This is an integrated software solution that covers various aspects of online marketing. These include, but are not limited to, email marketing, social media publishing and reporting, contact management, landing pages and contact forms. Cookies are also stored on the device you are using.

Our sign-up service allows visitors to our website to learn more about our company, download content, and provide their contact information and other demographic information. This information, as well as the content of our website, is stored on servers of our software partner HubSpot. They may be used by us to get in touch with visitors to our website and to determine which services of our company are of interest to them. All information we collect is subject to this Privacy Policy. We use all information collected exclusively to optimize our marketing measures. HubSpot’s privacy policy can be found at: https://legal.hubspot.com/privacy-policy.

To the extent that data is processed outside the EU/EEA, HubSpot Inc. is certified under the Data Privacy Framework (DPF) program and is included in the International Trade Administration’s (ITA) Data Privacy Framework List. This means that HubSpot has publicly committed to complying with DPF obligations and any data transfer to the US is unobjectionable due to the European Commission’s current adequacy decision of July 10, 2023.

A list of currently certified U.S. companies can be found here: https://www.dataprivacyframework.gov/s/participant-search. More information about the Data Privacy Framework program can be found on the ITA’s official website: https://www.dataprivacyframework.gov/s/.

For more information from HubSpot regarding the EU data protection regulations, please visit: https://legal.hubspot.com/data-privacy
You can find more information about the cookies used by HubSpot here and here.

Data is only collected and stored with your express consent in accordance with. Art. 6 para. 1 p. 1 lit. a GDPR and § 25 para. 1 TTDSG. This can be revoked at any time with effect for the future.

You can unsubscribe from receiving emails through HubSpot via a link in the respective email.

16. HubSpot Forms

We’ve integrated HubSpot Forms on our website. The provider of the service is HubSpot, Inc., which also has an office in Ireland: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland.

We use HubSpot Forms to store data entered in forms (e.g. contact forms). HubSpot Forms uses cookies to do this. The data processing in connection with the HubSpot Forms cookie is carried out on the basis of your voluntary consent in accordance with Art. 6 para. 1 p. 1 lit. a GDPR and § 25 para. 1 TTDSG, which you can revoke at any time with effect for the future.

It cannot be ruled out that Hubspot Forms may transmit data about you to HubSpot, Inc., Cambridge, Massachusetts, USA. Insofar as data is processed outside the EU/EEA, HubSpot Inc. has certified itself according to the Data Privacy Framework (DPF) program and is included in the Data Privacy Framework list of the International Trade Administration (ITA). This means that HubSpot has publicly committed to complying with DPF obligations and any data transfer to the US is unobjectionable due to the European Commission’s current adequacy decision of July 10, 2023.

A list of currently certified U.S. companies can be found here: https://www.dataprivacyframework.gov/s/participant-search. More information about the Data Privacy Framework program can be found on the ITA’s official website: https://www.dataprivacyframework.gov/s/.

For more information, please refer to the HubSpot Forms: Privacy Statement: https://legal.hubspot.com/privacy-policy.

17. Cloudflare

If you have consented to the use of HubSpot (Section 15), Hubspot will use CloudFlare as part of its services. Cloudflare is a service provided by CloudFlare Inc., 101 Townsend St, San Francisco, CA 94107 USA.

Cloudflare provides a so-called Content Delivery Network (CDN). This is a network of servers distributed worldwide, which is able to deliver optimized content to the website user. In particular, large media files can be delivered through a network of locally distributed servers connected via the Internet. This will enable HubSpot to deliver their services more securely and efficiently. Cloudflare is helping to improve HubSpot’s performance and stability.

For this purpose, personal data may be processed in Cloudflare’s server log files. Cloudflare also collects statistical data about visits to this website when used by HubSpot. The data collected includes:

• Name of the accessed web page
• Retrieved file
• Date and time of retrieval
• Amount of data transferred
• Notification of successful retrieval
• Browser type and version
• the user’s operating system
• Referrer URL
• IP address
• Inquiring provider

The legal basis for this data processing is your voluntary consent, which can be revoked at any time, in accordance with Art. 6 para. 1 p. 1 lit. a GDPR and § 25 para. 1 TTDSG. In this case, Cloudflare will not be used in HubSpot without your consent; Please note that if you consent to the HubSpot service, you will also be able to use Cloudflare and your data will be transferred to Cloudflare.

If you do not want Cloudflare to be used and your data to be transferred to Cloudflare as described, then you do not consent to the use of Hubspot cookies. If you withdraw your consent to the use of HubSpot cookies, your consent to the use of Cloudflare by HubSpot will also be revoked.

To the extent that data is processed outside of the EU/EEA, Cloudflare Inc. is certified under the Data Privacy Framework (DPF) program and is included in the International Trade Administration’s (ITA) Data Privacy Framework List. This means that Cloudflare has publicly committed to complying with DPF obligations and any data transfer to the U.S. is unobjectionable based on the European Commission’s current adequacy decision of July 10, 2023.

A list of currently certified U.S. companies can be found here: https://www.dataprivacyframework.gov/s/participant-search. More information about the Data Privacy Framework program can be found on the ITA’s official website: https://www.dataprivacyframework.gov/s/.

Cloudflare uses the log data for statistical evaluations for the purpose of operation, security and optimization of its own offering. Further information on data processing by Cloudflare, in particular data protection and data security, can be found at: https://www.cloudflare.com/de-de/privacypolicy/.

18. YouTube

On our website, we use services from YouTube, LLC, 901 Cherry Ave., 94066 San Bruno, CA, USA, a subsidiary of Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA. For users who are habitually resident in the European Economic Area or Switzerland, Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland is the controller responsible for your data.

In doing so, we not only obtain your consent via the cookie banner, but also use a two-click solution to protect your personal data. If you access a page in which a YouTube video is embedded, a connection to the YouTube servers will only be established when you click on the button (unless you have already consented to the use of YouTube cookies in the cookie banner, in which case data will already be sent to Google from this point on). YouTube will set cookies from the time of consent and use your visit data for its own purposes.

If you are logged in to YouTube at this time, the information about the videos you watch will be assigned to your YouTube account. You can prevent this by logging out of your member account before visiting our website.

Insofar as data is processed outside the EU/EEA, Google LLC has certified itself according to the Data Privacy Framework (DPF) program and is included in the Data Privacy Framework list of the International Trade Administration (ITA). This means that Google has publicly committed to complying with DPF obligations and any data transfer to the USA is unobjectionable due to the current adequacy decision of the European Commission of July 10, 2023.

A list of currently certified U.S. companies can be found here: https://www.dataprivacyframework.gov/s/participant-search. More information about the Data Privacy Framework program can be found on the ITA’s official website: https://www.dataprivacyframework.gov/s/.

The legal basis for data processing is your voluntary consent in accordance with Art. 6 para. 1 p. 1 lit. a GDPR and § 25 para. 1 TTDSG, which you can revoke at any time with effect for the future.

Further information on YouTube’s privacy policy is provided by Google at the following link: https://www.google.de/intl/de/policies/privacy/

19. etracker

The provider of this website uses the services of etracker GmbH from Hamburg, Germany(www.etracker.com) to analyze usage data. We do not use cookies for web analysis by default. If we use analysis and optimization cookies, we will obtain your explicit consent separately in advance. If this is the case and you agree, cookies are used to enable a statistical analysis of the reach of this website, to measure the success of our online marketing measures and test procedures, e.g. to test and optimize different versions of our online offer or its components. Cookies are small text files that are stored by the Internet browser on the user’s end device. etracker cookies do not contain any information that enables a user to be identified.

The data generated with etracker is processed and stored by etracker on behalf of the provider of this website exclusively in Germany and is therefore subject to the strict German and European data protection laws and standards. etracker has been independently tested, certified and awarded the ePrivacyseal data protection seal of approval.

Data processing is carried out on the basis of the legal provisions of Art. 6 para. 1 lit. f (legitimate interest) of the General Data Protection Regulation (GDPR). Our concern within the meaning of the GDPR (legitimate interest) is the optimization of our online offer and our website. Since the privacy of our visitors is important to us, the data that may allow a reference to an individual person, such as the IP address, login or device identifiers, are anonymized or pseudonymized as soon as possible. No other use, merging with other data or forwarding to third parties takes place.

You can object to the data processing described above at any time by clicking on the slider. The objection has no negative consequences. If no slider is displayed, data collection is already prevented by other blocking measures.

 

Further information on data protection at etracker can be found here.

20. Google Web Fonts

This site uses so-called web fonts, which are provided by Google, for the uniform display of fonts. When you open a page, your browser loads the required web fonts into its browser cache in order to display text and fonts correctly. We opted for the offline version, where the Google Fonts are stored locally on our web server. The fonts can then be managed – using CSS – as with any other font family. The IP address and other data will not be transmitted to Google.

The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offers with regard to efficiency and cost saving considerations. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR and § 25 para. 2 No. 2 TTDSG. If your browser does not support web fonts, your computer will use a standard font.

For more information about Google Web Fonts, see https://developers.google.com/fonts/faq and Google’s privacy policy: https://www.google.com/policies/privacy/

21. Social Bookmarks

Social bookmarks are Internet bookmarks that allow users of such a service to collect links and news stories. These are only integrated on our website as a link to the corresponding services. After clicking on the embedded graphic, you will be redirected to the page of the respective provider, i.e. only then will user information be transmitted to the respective provider. For information on the handling of your personal data when using these websites, please refer to the respective data protection provisions of the providers.

The social media bookmarks of the following providers are integrated into our website:

• Facebook (Operator: Meta Platforms, Inc., 1601 S California Ave, Palo Alto, California 94304, USA)
• Instagram (Operator: Meta Platforms, Inc., 1601 S California Ave, Palo Alto, California 94304, USA)
• LinkedIn (Operator: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)
• Xing (Operator: XING AG, Dammtorstraße 30, 20354 Hamburg, Germany)

22. Data transfer

Your data will not be transferred to third parties except in the cases mentioned, unless we are legally obliged to do so, or the transfer of data is necessary for the execution of the contractual relationship or you have previously expressly consented to the transfer of your data.

External service providers and partner companies, such as IT service providers, will only receive your data to the extent necessary. In these cases, however, the scope of the data transmitted is limited to the minimum required. Insofar as our service providers come into contact with your personal data, we provide a data protection officer within the scope of order processing in accordance with Art. 6 para. 1 lit. f GDPR. Art. 28 GDPR ensures that they comply with the provisions of data protection laws in the same way. Please also note the respective data protection notices of the providers. The respective service provider is responsible for the content of external services, whereby we check the services for compliance with the legal requirements within the scope of reasonableness.

We attach great importance to processing your data within the EU/EEA. However, we may use service providers who process data outside the EU/EEA. In these cases, we ensure that an adequate level of data protection comparable to the standards within the EU is established at the recipient before your personal data is transferred.

23. Data security

We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological progress.