Collection of access data and log files: Our web hosting provider collects data on the basis of each access to the server (so-called server log files). Server log files include the address and name of the web pages and files accessed, the date and time of access, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page) and, as a general rule, IP addresses and the requesting provider.
The log files are deleted when they are no longer needed to achieve the purpose for which they were collected. This is usually the case after 90 days at the latest.
The legal basis for this data processing is Article 6 (1) (f) GDPR. Our legitimate interest is the optimal functioning of our website. The server log files may be used on the one hand for security purposes, e.g. to prevent server overload (especially in the case of abusive attacks, so-called DDoS attacks) and on the other hand to ensure the utilisation of the servers and their stability.
Contact form: You have the option of sending us a message via a contact form. If you would like to contact us in this way, please provide your name, e-mail address and your request. We use this data exclusively to answer your request.
The data is deleted when it is no longer required for this purpose. This is usually the case when the request has been conclusively clarified and there are no legal retention periods to the contrary.
The data processing is based on Article 6 (1) (f) GDPR. We invoke a legitimate interest in providing users with a uniform and simple way of contacting us.
E-mail sending and hosting: The web hosting services we use also include sending, receiving and storing e-mails. For these purposes, the addresses of the recipients and senders, as well as other information relating to the sending of e-mails (e.g. the providers involved) and the contents of the respective e-mails are processed. The above data may also be processed for SPAM detection purposes. Please note that e-mails on the Internet are generally not sent in encrypted form. As a rule, e-mails are encrypted during transport, but not on the servers from which they are sent and received (unless a so-called end-to-end encryption method is used). We can therefore accept no responsibility for the transmission path of e-mails between the sender and reception on our server.
If you send us an e-mail, we process the content and time of your message as well as your sender address. If the message is related to a contractual relationship, we keep this e-mail in our files. In this case, the storage period is at least three years after the end of the year in which the contractual relationship was terminated. The legal basis for this is Article 6 (1) (c) GDPR.
For the processing of general inquiries, the legal basis is Article 6 (1) (f) GDPR. We invoke a legitimate interest in being able to track and prove the communication initiated by you. This data will be deleted when it is presumably no longer required for this purpose.
Profiles in social networks (social media)
We maintain online presences within social networks and process user data in this context in order to communicate with the users active there or to offer information about us.
We would like to point out that user data may be processed outside the European Union. This may entail risks for users, e.g. by making it more difficult to enforce users’ rights.
In addition, user data is usually processed within social networks for market research and advertising purposes. For example, user profiles can be created on the basis of user behaviour and the associated interests of users. The user profiles can then be used, for example, to place advertisements within and outside the networks which are presumed to correspond to the interests of the users. For these purposes, cookies are usually stored on the user’s computer, in which the user’s usage behaviour and interests are stored. Furthermore, data can be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective networs or will become members later on).
For a detailed description of the respective processing operations and the opt-out options, please refer to the respective data protection declarations and information provided by the providers of the respective networks.
Also, in the case of requests for information and the exercise of rights of data subjects, we point out that these can be most effectively pursued with the providers. Only the providers have access to the data of the users and can directly take appropriate measures and provide information. If you still need help, please do not hesitate to contact us.
When you click on a video embedded in our website, a connection to the YouTube service is established. In the process, various personal data are transmitted, including your IP address. YouTube is a service of Google LLC based in the USA, which is why there is a data protection risk, as American security authorities may be able to access data held by Google LLC without your or our knowledge and without you having any legal remedy. On this topic, we recommend reading the documentation “US Data Law – Access to Data by US Authorities” by the Scientific Service of the German Bundestag: https://www.bundestag.de/resource/blob/796102/ea53ffe8e08a9ab11e270719263d8c53/WD-3-181-20-pdf-data.pdf (link last accessed on 11.05.2021). Google’s privacy policy can be found here: https://policies.google.com/privacy?hl=de (link last accessed on 11.05.2021).
Services and service providers being used: