Privacy

Bachner Elektro GmbH & Co KG
Am Hang 2
D-84048 Mainburg
Mainburg, Germany
Telephone number: +49 (0) 8751 8189 4-0

E-Mail: datenschutz@bachner.de

You can contact our data protection officer as follows:

secjur GmbH
Falkensteiner Ufer 40
D-22587 Hamburg
Telephone number: +49 40 80 90 81 146

E-mail: dsb@secjur.com

You can contact our data protection officer directly at any time with any questions or suggestions regarding data protection and the exercise of your rights.

This privacy policy is based on the terminology of the GDPR. To simplify matters, we would like to explain some important terms in this context in more detail:

If you use this website for purely informational purposes without transmitting data to us in any other way (e.g. by registering or using the contact form), we collect technically necessary data via server log files, which are automatically transmitted to our server, e.g:

The temporary storage of the data is necessary for the course of a website visit in order to be able to display our website to you. This processing is technically necessary to ensure the functionality of the website and the security of the information technology systems. The legal basis for processing is therefore Art. 6 para. 1 sentence 1 lit. f GDPR in order to guarantee the provision, security and stability of our website.

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the provision of the website, this is the case when the respective session has ended. The log files are stored directly for a maximum of 7 days and are only accessible to administrators. After that, they are only available indirectly via the reconstruction of backup tapes and are permanently deleted after a maximum four weeks.

For the provision of our online offer, we use storage space, computing capacity and software, which we rent or otherwise obtain from the server provider ALL-INKL.COM - Neue Medien Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany (web host).

We have concluded a data processing agreement with the web host. This is a contract required under data protection law that ensures that the web host processes your personal data only in accordance with our instructions and in compliance with the GDPR. In cases where there is no adequacy decision by the European Commission, we have agreed other appropriate safeguards with the data recipients within the meaning of Art. 44 et seq. GDPR. Unless otherwise indicated, these are standard contractual clauses (SCCs) of the European Commission in accordance with the implementing decision (EU) 2021/914 of June 4, 2021.

Further information on data protection by ALL-INKL.COM can be found here:

https://all-inkl.com/datenschutzinformationen/?session_id=2cd62d6b1af66aa02489c8ca4282de51.

You have the option of us via our website using the "Contact form". We process the following personal data from you when you contact us and respond to your inquiry:

If you contact us as part of an existing contractual relationship or contact us in advance for information about our range of services or our other services, the personal data you provide will be processed for the purpose of processing and responding to your contact request in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR. Otherwise, to safeguard our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR for the purpose of responding appropriately to customer/contact inquiries.

We delete your personal data as soon as it is no longer required to achieve the purpose for which it was collected. In the case of contact inquiries, this is generally the case when it is clear from the circumstances that the specific matter in question has been conclusively dealt with.

On our website, we offer employees of subcontractors the opportunity to register for the conclusion of project basis subcontracting procedures.

Depending on your residence status and your work permit, we process the following personal data from you when you send us the registration forms:

Your registration will only be processed and acknowledged by the relevant contact persons at our company. The legal basis for the processing of your data is the initiation of a contract in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR, Art. 88 para. 1 GDPR in conjunction with § 26 para. 1 Federal Data Protection Act (BDSG), which is carried out at your request.

The legal basis for the processing of technical data (IP address, browser type, etc.) in the context of this service is based on our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f, which aims to detect and mitigate fraudulent form submissions or cyber-attacks and to optimize the display of the embedded form on different devices. This data is not processed for advertising or tracking purposes.

We store the personal data collected as part of the subcontractor relationship for at least the duration of the employment relationship. Mandatory statutory retention obligations remain unaffected.

Your data will be passed on to the service provider DocuWare GmbH, Planegger Str. 1 82110 Germering Germany, to the extent necessary within the framework of a data processing agreement. This is a contract prescribed by data protection law, which guarantees that your personal data will only be processed in accordance with our instructions and in compliance with the GDPR. In cases where there is no adequacy decision by the European Commission, we have agreed other suitable guarantees with the data recipients within the meaning of Art. 44 et seq. GDPR have been agreed.

From time to time we will send you information about our products and offers by post. For this purpose, we process your personal data, such as your name and your company address. 

The legal basis for the processing is our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR to carry out postal direct marketing activities. In principle, we have a legitimate interest in using your data, which we have collected e.g. in the context of entering into a contractual relationship with you, for such marketing purposes.

We participate in review and rating procedures at kununu from New Work SE [Am Strandkai 1, 20457 Hamburg Germany; (kununu)] in order to evaluate, optimize and advertise our services. If users rate us or give us feedback in any other way, the kununu provider's General Terms and. Terms of Use and Privacy Policy apply As a rule, the evaluation also requires registration.

We use the "kununu widget" on our website. When you visit our website, a connection to the kununu servers is established via your browser, through which the functions of the "kununu Widget" (in particular the display of the kununu Live Score) are executed. kununu does not store any personal data, in particular no IP addresses, in connection with your visit to our website. There is also no evaluation of your usage behavior through the use of cookies in connection with the "kununu Widget".

After you have been redirected to the kununu website, kununu may process your data, which is subject to kununu's data processing practices. We have no influence on this. kununu processes the data of users within the scope of the company profile page set up by us, essentially for the provision of analysis and advertising services. Further information on data processing by kununu can be found in Xing's privacy policy for the kununu service, which you can access here: https://privacy.xing.com/en/privacy-policy

Under the heading "News", we publish various articles on topics relating to our activities. You can read the blog without having to register.

If you apply to our company by e-mail, we will process your application data exclusively for purposes related to the processing of your application. By submitting an application, you express your interest in working for us. In this context, you provide us with personal data that we use and store exclusively for the purpose of your job search/application. In particular, the following data will be collected:

You also have the option of uploading informative documents such as a cover letter, your CV and references. These may contain further personal data such as date of birth, address, etc.

Your application will only be processed and acknowledged by the relevant contact persons at our company. The legal basis for the processing of your data is the initiation of a contract in accordance with Art. 6 Para. 1 S.1 lit. b GDPR, which takes place at your request. If we obtain your consent (e.g. for inclusion in our applicant pool), this constitutes the legal basis for this storage in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

If you receive an offer of employment with us during the application process and accept it, we will store the personal data collected during the application process for at least the duration of the employment relationship.

If we are unable to offer you employment, we will retain the data you have submitted for up to six months after any rejection for the purpose of answering any questions in connection with your application and rejection at . This does not apply if statutory provisions prevent deletion, if further storage is necessary for the purpose of providing evidence or if you have expressly consented to longer storage.

(a) Application to Bachner

If you apply to us via our web form on our Jobportal Bachner recruiting page, we will collect and process your personal data for the purpose of handling the application process and implementing pre-contractual measures.

By submitting an application on our recruiting page, you express your interest in taking up employment with us. In this context, you provide us with personal data that we use and store exclusively in the context of your job search/application. In particular, the following data will be collected:

You also have the option of uploading informative documents such as a cover letter, your CV and certificates. These may contain further personal data such as date of birth, address, etc.

Only authorized employees from the HR department or employees involved in the application process have access to your data.

The legal basis for the processing of your data is the initiation of a contract in accordance with Art. 6 Para. 1 S.1 lit. b GDPR, which takes place at your request. If we obtain your consent (e.g. for inclusion in our applicant pool), this constitutes the legal basis for data processing in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. After completion of the application process, the data will be stored for up to six months. Your data will be deleted or anonymized after the six months at the latest.

If you receive an offer of employment with us during the application process and accept it, we will store the personal data collected during the application process for at least the duration of the employment relationship.

In the event of a legal obligation, the data will be stored within the framework of the applicable provisions. Longer storage is only possible if we include the personal data in our applicant pool after obtaining your consent as described.

Your data will be passed on to the service provider Infoniqa Deutschland GmbH, Hanns-Klemmer-Straße 5, 71034 Böblingen, Germany, to the extent necessary as part of a data processing agreement. This is a contract prescribed by data protection law, which guarantees that your personal data will only be processed in accordance with our instructions and in compliance with the GDPR. In cases where there is no adequacy decision by the European Commission, we have agreed other suitable guarantees with the data recipients within the meaning of Art. 44 et seq. GDPR.

(b) Application to other group companies

On the Bachner job portal, we publish job offers from group companies of the Bachner Group as a processor within the framework of a data processing agreement contract. We would like to expressly point out that when you enter your data, your data will be forwarded by Bachner to the affiliated group company and your data will be processed within the company for which you have applied.

Only authorized employees from the HR department or employees involved in the application process have access to your data.

The legal basis for the processing of your data is the initiation of a contract in accordance with Art. 6 Para. 1 S.1 lit. b GDPR, which takes place at your request. If we obtain your consent (e.g. for inclusion in our applicant pool), this constitutes the legal basis for data processing in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. After completion of the application process, the data will be stored for up to six months. Your data will be deleted or anonymized after the six months at the latest.

If you receive an offer of employment with us during the application process and accept it, the company responsible will store the personal data collected during the application process for at least the duration of the employment relationship.

In the event of a legal obligation, the data will be stored within the framework of the applicable provisions. Longer storage is only possible if the personal data is included in our applicant pool after obtaining your consent as described.

Your data will be passed on to the service provider Infoniqa Deutschland GmbH, Hanns-Klemmer-Straße 5, 71034 Böblingen, Germany, to the extent necessary as part of a data processing agreement. This is a contract prescribed by data protection law, which guarantees that your personal data will only be processed in accordance with our instructions and in compliance with the GDPR. In cases where there is no adequacy decision by the European Commission, we have agreed other suitable guarantees with the data recipients within the meaning of Art. 44 et seq. GDPR.

Further information on data processing can be found in the data protection declarations of the respective companies:

DieEnergieFabrik DEF GmbH (Am Hang 2a, D-84048 Mainburg Germany):

https://dieenergiefabrik.de/de/datenschutz.

Volthaus GmbH (Am Hang 2a, D-84048 Mainburg Germany):

https://volthaus.de/de/datenschutz.

SenerTec Kraft-Wärme-Energiesysteme GmbH (Carl-Zeiss-Straße 18, D-97424 Schweinfurt Germany): https://www.senertec.de/datenschutz/

(c) Applicant pool

In some cases, we offer you the opportunity to be included in the internal Bachner applicant pool. The Bachner applicant pool serves to identify, retain and promote talent as well as to secure succession by actively promoting internal mobility within the Bachner Group. If you have decided to store your data in the Bachner applicant pool, we will transmit the data you have provided in the profile creation process to the Bachner Group companies on the list below, which will store it in the Bachner applicant pool. With regard to the inclusion of your personal data in the internal Bachner applicant pool and the provision of the Bachner applicant pool, we (Bachner Elektro GmbH & Co. KG) are jointly responsible pursuant to Art. 26 GDPR with the other group companies of the Bachner Group that participate in the internal Bachner applicant pool. We are primarily responsible for the collection, storage, transmission and registration of your data and the provision of the Bachner applicant pool. Once your data has been transmitted to the companies participating in the Bachner applicant pool, the group companies process this data as data controllers under data protection law for the purpose of, for example, establishing contact and the application process. A potential application process regarding a job offer then normally takes place directly via the company's processes.

Data processing is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can withdraw your consent at any time.

We and other group companies of the Bachner Group are available to you as central contacts in their own areas of activity with regard to processing under joint responsibility. Please contact datenschutz@bachner.de with any inquiries regarding data protection and to assert your rights as a data subject. You can also assert your rights against the respective Group companies. If you contact us, we will coordinate in accordance with the agreement on joint responsibility in order to answer your request and ensure the implementation of your data subject rights.

Further information on data processing can be found in the data protection declarations of the respective participating companies. Participating companies are:

DieEnergieFabrik DEF GmbH (Am Hang 2a, D-84048 Mainburg Germany):

https://dieenergiefabrik.de/de/datenschutz.

Volthaus GmbH (Am Hang 2a, D-84048 Mainburg Germany):

https://volthaus.de/de/datenschutz.

SenerTec Kraft-Wärme-Energiesysteme GmbH (Carl-Zeiss-Straße 18, D-97424 Schweinfurt Germany): https://www.senertec.de/datenschutz/

We maintain publicly accessible profiles on various social networks. Your visit to these profiles triggers a variety of data processing operations. Below we provide you with an overview of which of your personal data is collected, used and stored by us when you visit our profiles.

When you visit our profiles, your personal data is not only collected, used and stored by us, but also by the operators of the respective social network. This happens even if you yourself do not have a profile on the respective social network. The individual data processing operations and their scope differ depending on the operator of the respective social network and they are not necessarily traceable for us. For details on the collection and storage of your personal data as well as the type, scope and purpose of its use by the operator of the respective social network, please refer to the following explanations.

When you visit our Facebook/Instagram page, certain information about you is processed. We can only view the information stored in your public Facebook/Instagram profile (such as your profile picture or information that you share on a Facebook profile or on a public Instagram profile), and only if you have such a profile and are logged into it while you visit our Facebook/Instagram page.

In addition, the operator of the platform, Meta Platforms Ireland Limited, Serpentine Avenue, Block J, Dublin 4 Ireland (Meta), provides us with anonymized statistics and insights for our Facebook/Instagram page, which help us to gain insights into the types of actions that people take on our page (page insights). These page insights are created on the basis of certain information about people who have visited our page.

The processing of your personal data in connection with the operation of our Facebook/Instagram company profile is based on a balancing of interests in accordance with Art. 6 para. 1, sentence 1 lit. f GDPR in order to offer you a contemporary and supportive information and interaction opportunity with and about us. Furthermore, the processing serves our legitimate interest in evaluating the types of actions taken on our Facebook/Instagram company profile and improving our company profile based on these findings. The legal basis for this processing is therefore Art. 6 para. 1, sentence 1 lit. f GDPR. If the contact is aimed at concluding a contract, the legal basis for the processing is Art. 6 para. 1, sentence 1 lit. b GDPR.

Page Insights are processed by Meta and us as joint controllers. We cannot attribute the information obtained via the Page Insights to individual Facebook/Instagram profiles that interact with our Facebook/Instagram page. We have entered into a joint controller agreement with Meta, which sets out the allocation of data protection obligations between us and Meta. Details about the processing of personal data to create Page Insights and the agreement concluded between us and Meta can be found here. With regard to this data processing, you have the option of asserting your rights as a data subject (see "Your rights as a data subject") against Meta. Further information on this can be found in Meta's Privacy Policy. Meta offers the possibility to object to certain data processing; you can find information and opt-out options in this regard in your account here.

Please note that user data is also processed in the USA or other third countries in accordance with the meta data protection provisions. The European Commission has issued an adequacy decision pursuant to Art. 45 (3) GDPR for the EU-U.S. Data Privacy Framework. On the basis of this decision, data transfers to organizations based in the USA that are certified accordingly are permitted. Meta is certified under the EU-U.S. Data Privacy Framework.

When you visit our LinkedIn company profile, certain information about you is processed. For direct messages to us or comments on our LinkedIn company profile or under our posts, we receive the message, the comments and your user name.

In addition, LinkedIn processes the LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (LinkedIn) as the operator of personal data when you visit our LinkedIn company profile, follow this page or engage with the page in order to provide us with statistics and insights in anonymized form. This gives us insights into the types of actions that people take on our site (page insights). In particular, LinkedIn processes data that you have already provided to LinkedIn via the information in your profile, such as data on function, country, industry, seniority, company size and employment status. In addition, LinkedIn will process information about how you interact with our LinkedIn company profile, e.g. whether you are a follower of our LinkedIn company page. With the Page Insights, LinkedIn does not provide us with any personal data about you. We only have access to the summarized Page Insights. It is also not possible for us to draw conclusions about individual members from the information in the Page Insights.

The processing of your personal data in connection with the operation of our LinkedIn company profile is based on a balancing of interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR in order to offer you a contemporary and supportive information and interaction opportunity with and about us. The processing serves our legitimate interest in evaluating the types of actions taken on our LinkedIn company profile and improving our company profile based on these findings.

This processing of personal data in the context of Page Insights is carried out by LinkedIn and us as joint controllers. We have entered into an agreement with LinkedIn on processing as joint controllers, which sets out the distribution of data protection obligations between us and LinkedIn. The agreement is available here. The following applies:

In addition, LinkedIn processes your data as a user for the provision of services, communication, further development of services and research as well as for advertising, customer support, analysis and security purposes. In principle, LinkedIn is solely responsible for the processing of personal data when you visit our LinkedIn company profile. The categories of personal data that LinkedIn processes are described in LinkedIn's privacy policy. Further information on the processing of personal data by LinkedIn can be found here.

Please note that in accordance with the LinkedIn Privacy Policy, personal data is also processed by LinkedIn in the USA or other third countries.

When you visit our XING profile with the operator New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany (XING), certain information about you is processed. If you contact us via our XING profile, e.g. by commenting on a post on the XING profile or writing us a direct message via the XING platform, we process your personal data (e.g. your name, the communication content job title, company name, industry, education, contact options, photo (profile data)) in order to process your request. The names of the registered XING users who have visited our XING profile are visible to us. The processing is carried out on the basis of a balancing of interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR in order to offer you a contemporary and supportive information and interaction opportunity with and about us.

If you send us an application via our Xing profile, we will process the application data contained therein (such as name, e-mail address, date of birth, postal address and telephone number), the documents you send us (such as CV, certificates, cover letter, including the information contained therein about your person and qualifications) and additional information and messages you provide (such as desired start date and employment, salary expectations, your notice period or your motivation as to why you would like to work for us). The processing is carried out for the purposes of processing the application, including the preparation and conduct of interviews and recruitment tests and the evaluation of the results and as otherwise required as part of the application process. We will contact you during the application process to inform you of the progress of your application or to invite you to an interview or recruitment test. As part of the application process, the documents are first processed by the HR department. If suitable, the personal data and documents will be forwarded to the relevant specialist department. The legal basis for the data processing described above is Art. 6 para. 1 sentence 1 lit. b GDPR. The data processing is necessary to process the application and to establish a possible employment relationship.

If you register for an event organized by us via our XING profile, we will process your profile data to enable you to participate in the event. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR to enable you to register and participate easily.

When you visit our XING profile, XING also collects so-called usage data. XING also uses certain data that it has collected from users of the XING platform (e.g. whether a post has been marked with "Like") to create aggregated usage statistics and make them available to the respective operators of the XING profile (so-called "employer branding performance measurement"). We receive such aggregated usage statistics. The aggregated statistics do not allow any conclusions to be drawn about individual users. In particular, we have no access to personal data that XING processes for employer branding performance measurement. XING alone determines which data is processed for employer branding performance measurement and how. We have no legal or actual influence on the processing by XING. XING provides information on this in the XING privacy policy (https://privacy.xing.com/en/privacy-policy).

In addition, XING processes your data as a user to ensure security, to provide the service and to measure and optimize advertising. XING is solely responsible for the processing of personal data when you visit our XING profile. The categories of personal data that XING processes in this context are described in XING's privacy policy.

When you visit our TikTok company profile of the operators TikTok Technology Limited, (10 Earlsfort Terrace, Dublin, D02 T380, Ireland; hereinafter jointly referred to as TikTok) and TikTok Information Technologies UK Limited, (6th Floor, One London Wall, London, EC2Y 5EB, United Kingdom; hereinafter jointly referred to as TikTok), certain information about you is processed. We can only view the information stored in your public TikTok company profile (such as your profile picture or information that you share on your profile) if you have such a profile and are logged into it while you visit our site.

TikTok provides us as so-called business users with its TikTok advertising tools ("Advertiser Tools"), such as TikTok Pixel, TikTok Custom Audience, Lead Generation or interfaces (APIs), which are also used to collect personal data of visitors to our TikTok company profile. This so-called event data includes information about your use of the TikTok advertising tools or your devices (including HTTP header information such as user agent, IP address, country, language and information about the web browser or app used), as well as (a) actions that you as a user take in relation to our advertising on the TikTok company profile, and (b) actions that you take outside of the TikTok company profile, e.g. on our

Websites and apps (or those of third parties), including visits to our websites, installations of our apps and purchases of our products. In addition, event data includes statistical and analytical data as well as measurement and reporting results that help us gain insights into the types of actions people take on our site.

The processing of your personal data in connection with the operation of our TikTok company profile is based on a balancing of interests in accordance with Art. 6 para. 1, sentence 1 lit. f GDPR in order to offer you a contemporary and supportive information and interaction opportunity with and about us. If the contact is aimed at the conclusion of a contract, the legal basis for the processing is Art. 6 para. 1, sentence 1 lit. b GDPR. The processing via the advertiser tools serves our legitimate interest in evaluating the types of actions taken on our site and improving our site based on these findings. The legal basis for this processing is Art. 6 para. 1 sentence 1 lit. f GDPR.

TikTok processes your data as a user to provide the services. TikTok is generally responsible for the processing of personal data when you visit our TikTok company profile. Personal data is processed in three categories:

Detailed information on the specific data processing of these categories and further information on the processing of personal data can be found in TikTok's privacy policy at:

https://www.tiktok.com/legal/page/eea/privacy-policy/de

This processing of personal data is partly carried out by TikTok and us as joint controllers. In addition, TikTok acts as a processor in some cases. We have entered into an agreement with TikTok for processing as joint controllers, which sets out the distribution of data protection obligations between us and TikTok.

In addition, we have concluded a data processing agreement (DPA) with TikTok if TikTok acts as a processor in these cases. This is a contract prescribed by data protection law that guarantees that it will only process your personal data in accordance with our instructions and in compliance with the GDPR. In cases where there is no adequacy decision by the European Commission, we have agreed other suitable guarantees with the data recipients within the meaning of Art. 44 et seq. GDPR. Unless otherwise stated, these are standard contractual clauses of the European Commission in accordance with Implementing Decision (EU) 2021/914 of June 4, 2021.

Details on the processing of personal data for the creation of event data as well as the joint controllership agreement concluded between us and TikTok and the data processing agreement can be found under Jurisdiction Specific Terms and under TikTok Business Products (Data) Terms. With regard to this data processing, you have the option of asserting your data subject rights (see "Your rights and options") against TikTok.

The personal data is also transferred to the United Kingdom. The European Commission has issued an adequacy decision for the United Kingdom pursuant to Art. 45 (3) GDPR. On the basis of this decision, data transfers to bodies in the United Kingdom are permitted.

TikTok offers the option of objecting to certain data processing; information on this can be found at: https://www.tiktok.com/legal/page/global/right-to-object/en.

Further information on this can be found in TikTok's privacy policy at: https://www.tiktok.com/legal/page/eea/privacy-policy/de-DE.

We use social plugins from various social media platform providers (providers) on our website. When you visit one of our websites that contains such a plugin, your browser establishes a direct connection with the servers of the provider in question. The content of the plugin is transmitted by the provider directly to your browser and integrated into the website.

By integrating the plugins, the provider receives the information that you have accessed the corresponding page of our website. Various usage data (such as the URL called up and the user's IP number) is forwarded to the third-party provider, which may set cookies that identify the user. If you are logged in to the respective provider, they can assign this information to your account. This data can be used to tailor content or advertising to you. You can find information on this and the available setting options on the following websites:

The legal basis for the processing of the data is your consent in accordance with Art. 6 para. 1 lit. a GDPR . We integrate the plugin using the so-called "two-click solution". No personal data flows to the plugin owner when you visit our website. Only when you give your consent via the integrated preview button does a data flow from our website to the respective provider start.

We use the consent management service Cookiebot, from Usercentrics A/S, (Havnegade 39, 1058 Copenhagen, Denmark (Usercentrics)). This enables us to obtain and manage the consent of website users for data processing.

When you visit our website or a sub-website for the first time, you will be shown a "cookie banner". There you will be informed about the individual cookies that we use. You can find out the name of each individual cookie, the provider, the purpose of processing and the storage period. 

Our cookie banner informs you about the specific cookies we use. In addition, we give you the opportunity to decide whether you want to consent to the setting of non-essential cookies. The following are processed:

If we use cookies and similar technologies as part of the integration of the service or if data is stored on or read from your end device by the service, this is done in accordance with Section 25 (2) TDDDG. Subsequent data processing takes place on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR. We have an overriding legitimate interest in using the cookie banner, which enables us to obtain the legally required consent for the use of non-essential cookies and to comply with our duty to provide information regarding cookies. 

The cookie banner stores the preferences until you reset or change them. Otherwise, the key and the consent status are stored in the browser for 12 months using the "CookieConsent" cookie.

Usercentrics is the recipient of your personal data and acts as a processor for us. The processing takes place in the European Union. You can find further information on objection and removal options vis-à-vis Usercentrics at:

https://www.cookiebot.com/de/privacy-policy/

Our website uses functions of the web analysis service Google Analytics from Google LLC (1600 Amphitheatre Parkway, Mountain View, California 94043, USA; (Google)). In the European Union (EU) and the European Economic Area (EEA), the services are provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). With the help of Google Analytics, we analyze your user behavior in order to make decisions regarding product and marketing optimization based on the results. Among other things, we process the following personal data through Google Analytics

The legal basis for the use of Google Analytics is the voluntary and revocable consent given by you in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by making the corresponding changes or adjustments in your cookie settings

Personal data will be anonymized by Google 14 months after your last activity, unless there is a legal obligation to retain it  

The personal data is also transferred to the USA. The European Commission has issued an adequacy decision pursuant to Art. 45 (3) GDPR for the EU-U.S. Data Privacy Framework. On the basis of this decision, data transfers to organizations based in the USA that are certified accordingly are permitted. Google is certified under the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards, which can be viewed at the following link

https://www.dataprivacyframework.gov/s/participant-search

Further information and the data protection provisions can be found in Google's privacy policy at: https://policies.google.com/?hl=de .

We use Google Tag Manager to control the use of code snippets ("tags"), such as tracking code on our website. In the European Union (EU) and the European Economic Area (EEA), the services are provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. Google Tag Manager enables us to quickly and easily exchange code on our website via a web interface without having to intervene in the source code

Among other things, we process the following personal data through the Google Tag Manager

The legal basis for the use of Google Tag Manager is your voluntary and revocable consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by making the corresponding changes or adjustments in your cookie settings

Personal data is anonymized by Google after 9 months, unless there is a legal obligation to retain it

The personal data is also transferred to the USA. The European Commission has issued an adequacy decision pursuant to Art. 45 (3) GDPR for the EU-U.S. Data Privacy Framework. On the basis of this decision, data transfers to organizations based in the USA that are certified accordingly are permitted. Google is certified under the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards, which can be viewed at the following link

https://www.dataprivacyframework.gov/s/participant-search 

Further information and the data protection provisions can be found in Google's privacy policy at: https://policies.google.com/?hl=de .

We use the so-called "meta pixel" from Meta Platforms Ireland Limited (Merrion Road, Dublin 4, D04 X2K5, Ireland; (Meta)) - formerly Facebook Ireland Limited - on our websites under joint controllership.

Controller within the meaning of Art. 26 GDPR is:

The agreement on joint controllership pursuant to Art. 26 para. 1 sentence 2 GDPR is available at: https://www.facebook.com/legal/controller_addendum

We use Meta Pixel for marketing and optimization purposes, in particular to place relevant and interesting ads for you on Facebook and thus improve our offer, make it more interesting for you as a user and avoid annoying ads.  All information collected by the cookie is forwarded to Meta and allows Meta to draw conclusions about your user behavior. If you are registered on a Meta platform/service, Meta can assign this visit to you. Even if you are not registered on a Meta platform/service or are not logged in, there is a possibility that Meta will receive your IP address and other identifying features and store them in an assignable manner.

When you access our website via your browser, the built-in meta pixel initiates cookie storage in your system if you have given your consent. The legal basis for this is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. You can revoke your consent at any time with effect for the future by making the corresponding changes or adjustments in your cookie settings.

We only receive non-personal data from Meta, which is used for the purpose of optimizing and measuring the success of interest-based advertisements and events. you can find further information regarding the data processing for which Meta is responsible from the following sources of information, for example:

Meta Terms of Use: https://www.facebook.com/legal/terms/update

Data policy: https://de-de.facebook.com/privacy/explanation

By integrating the services on our websites, data is transmitted to the above-mentioned recipients and processed there for as long as is necessary to achieve the stated purposes.

As personal data may be transferred by Meta to affiliated companies and subcontractors in countries outside the EU and the EEA, further protective mechanisms are required to ensure the level of data protection under the GDPR. For the USA, there is an adequacy decision of the EU Commission pursuant to Art. 45 para. 1 GDPR with regard to companies with certification under the EU-U.S. Data Privacy Framework. Meta Platforms, Inc. is certified under the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search .

We use cookies on our website. These are text files that your browser automatically creates and that are stored on your IT system when you visit our website. Through cookies, certain information flows to the location that sets the cookie. By using cookies, it is not possible to execute programs or transfer viruses to your end device. If you do not wish to use cookies, you can disable them in the settings.

From a legal perspective, a distinction must be made between necessary and non-necessary cookies.

We use necessary cookies. These are cookies that are technically necessary to provide all the functions of our website. The legal basis for data processing is our legitimate interest within the meaning of Art. 6 para. 1, sentence 1 lit. f GDPR. We have an overriding legitimate interest in being able to offer our website in a technically flawless manner. The legal basis for the use of cookies vis-à-vis our contractual partners who make use of services contractually owed by us via our website is Art. 6 para. 1, sentence 1 lit. b GDPR, the provision of our contractual services.

We also use non-essential cookies (e.g. analysis and marketing cookies). These are cookies that are not technically necessary. We use them to understand your behavior on our website and to improve our offer. The legal basis for data processing is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. The cookies are only set after you have given your consent via our "cookie banner".

A distinction is made between the following types of cookies with regard to the storage period:

For more information, please refer to the information we provide in the cookie banner.

As part of our processing of personal data, personal data may be transmitted to other recipients or disclosed to them. The recipients of this personal data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and in particular conclude corresponding contracts or agreements with the recipients of your personal data that serve to protect your personal data.

The personal data processed by us will be deleted in accordance with the legal requirements as soon as the consent given for processing is revoked or other permissions cease to apply (e.g. if the purpose of processing this personal data no longer applies or it is not required for the purpose). If the personal data are not deleted because they are required for other and legally permissible purposes, their processing will be restricted to these purposes. This means that the personal data is blocked and not processed for other purposes. This applies, for example, to personal data that must be retained for commercial or tax law reasons or whose storage is necessary for the assertion, exercise or defense of legal claims or to protect the rights of another natural or legal person.

Our data protection notices also contain further information on the retention and deletion of personal data, which apply primarily to the respective processing operations.

As a data subject, you are entitled to various rights under the GDPR, which arise in particular from Art. 15 to 21 GDPR. If you wish to exercise one of your rights, please contact us via the contact addresses given above or our data protection officer.

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point Art. 6 para. 1 lit. e, f GDPR, including profiling based on those provisions. If the personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

You have the right to obtain confirmation as to whether or not personal data concerning you is being processed and to obtain information about this personal data and further information and a copy of the personal data in accordance with the legal requirements.

In accordance with the statutory provisions, you have the right to request the completion of personal data concerning you or the rectification of inaccurate personal data concerning you.

You have the right to obtain from us the erasure of personal data concerning you without undue delay where one of the grounds provided for by law applies and insofar as the processing or storage is not necessary.

You have the right to demand that we restrict processing if one of the legal requirements is met.

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format in accordance with the legal requirements or to request its transmission to another controller.

You have the right to withdraw your consent at any time.

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the provisions of the GDPR.

We will adapt the privacy policy as soon as changes to the data processing carried out by us make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g. consent) or other individual notification.

If we further develop our website and our offers or if legal or official requirements change, it may be necessary to amend this data protection notice.

Status: March 2025