IMPRESSUM
Scanderra GmbH
Stänzlergasse 7
4051 Basel
Switzerland
Tel + 41 (0) 61 508 1669
Registered under CHE 110 571 345
DISCLAIMER
Despite careful control we assume no liability for the content of external links, for the content of linked sites and their operators.
The information on the website does not replace the professional, individual counselling by dental care specialists, treatments or therapies in the event of illness.
All articles and images are copyrighted. Copies and reproduction only with permission.
CONTACT US:
COOKIES, PRIVACY POLICY
Information about cookies
What are “cookies”? Cookies are small text files that are stored on your computer or device when you use our websites.
Purpose of cookies We use cookies to make your visits and purchases on our websites more efficient. We also use cookies to improve the usability of our websites and to better understand your purchasing behaviour.
[This is how we use cookies]
We use cookies for the following purposes:
– To store your credentials. To identify you when you log in to our website.
– To remember products that you put in your shopping cart if you navigate to different pages during your visit, go to the opt-out page, or stop your visit without ultimately completing your purchase.
– To collect information that helps us send you ads that match your interests.
– To remember your surf settings, e.g. the preferred language, text size, layout of the page, or colour settings, so you can navigate our pages faster and easier. For collecting analysis results, e.g. Visitor numbers of our websites or the most visited websites. We use the collected analysis results for marketing purposes or for resource planning.
– To determine if our customers and visitors are accepting the changes we make to our websites.
Information that we collect through cookies
With the help of cookies we collect information about how you use our websites. However, our cookies do not store any personal data about you. We’ll just store a unique session ID number to retrieve your user profile and settings on your next visit.
Types of cookies
Temporary cookies: Such cookies are temporarily stored on your computer or device during your visit to our websites and then deleted.
Persistent cookies: Such cookies remain on your computer for a long time. We use persistent cookies in cases where we need to know who you are beyond the time of a visit.
Management of cookies
In the menu of most browsers you will find setting options for the use of cookies. Typically, a browser has the following setting options:
– View cookies
– Allow cookies
– Disable all or certain cookies
– Disable all cookies when closing the browser
– Block cookies
– Notify me when a cookie is to be set
Note: If you block our cookies in your browser settings, you will not be able to use certain areas of our websites; such as e.g. Services such as the shopping cart, order management or personalization will not be provided, and your browsing experience may be compromised. If you set “Clear all cookies” in your browser, your browser preferences will be erased when you close the browser.
Note: If you do not prevent the setting of cookies in your browser settings, our system will send cookies as soon as you visit one of our websites.
More about cookies
Further information about cookies can be found here:
www.international-chamber.co.uk/our-expertise/digitaleconomy
PRIVACY POLICY
1 Data protection at a glance
1.1 General information
The following information provides a simple overview of what happens to your personal data when you visit this website.
personal data when you visit this website. Personal data is any data that can be used to identify you personally. Detailed
information on the subject of data protection can be found in our data protection declaration listed under this text.
1.2 Data collection on this website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. Whose
contact details can be found in the section “Notice about the responsible party” in this
Privacy Policy.
How do we collect your data?
On the one hand, your data is collected by you providing it to us. This can be data that you enter in a contact form, for example.
Other data is collected automatically or with your consent when you visit the website by our IT systems. These are mainly technical data (e.g. Internet browser, operating system or time of the page view). The collection of this data takes place
automatically as soon as you enter this website.
What do we use your data for?
Some of the data is collected to ensure the error-free provision of the website.
Other data may be used to analyze your user behavior.
What rights do you have regarding your data?
You have the right at any time to receive information free of charge about the origin, recipient and purpose
of your stored personal data. You also have the right to to demand the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future.
In addition, you have the right, under certain circumstances, to restriction of the processing of your personal data. Furthermore
Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
For this and for further questions on the subject of data protection, you can contact us at any time.
1.3 Analysis tools and tools from third-party providers
When visiting this website, your surfing behavior may be statistically analyzed. This is done mainly with so-called analysis programs.
Detailed information on these analysis programs can be found in the following Privacy Policy.
2 General notes and mandatory information
2.1 Data protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations as well as this data protection declaration.
When you use this website, various personal data are collected. Personal data is data with which you can be personally identified.
can be identified. This privacy statement explains what data we collect
and what we use it for. It also explains how and for what purpose this is done.
We would like to point out that data transmission on the Internet (e.g. when communicating by
by e-mail) may have security gaps. A complete protection of the data against
access by third parties is not possible.
2.2 Note on the responsible office
The responsible party for data processing on this website is:
Scanderra GmbH
Stänzlergasse 7
4051 Basel
Switzerland
Phone: ++41 61 508 16 69
E-mail: inquiry@scanderra.com
The responsible party is the natural or legal person who alone or jointly with others
or jointly with others, determines the purposes and means of the processing of personal data
(e.g. names, e-mail addresses or similar).
2.3 Storage period
Insofar as no more specific storage period has been named within this data privacy statement
period, your personal data will remain with us until the purpose of the data
data processing ceases to apply. If you assert a justified request for deletion or if you
revoke your consent to data processing, your data will be deleted, unless we have
do not have any other legally permissible reasons for storing your personal
data (e.g. retention periods under tax law or commercial law); in the
In the latter case, the data will be deleted after these reasons no longer apply.
2.4 General information about the legal basis of the
data processing on this website
If you have consented to data processing, we process your
personal data on the basis of Art. 31 para. 2 DSG or Art. 31 para. 2 lit. e
DSG, if special categories of data are processed according to Art. 31 para. 2 lit. e DSG.
In the event of explicit consent to the transfer of personal data to
third countries, the data processing is also carried out on the basis of Art. 17 DSG. The
consent can be revoked at any time. If your data is required for the performance of a contract or for
contract or for the implementation of pre-contractual measures, we process your data on the basis of Art.
basis of Art. 31 para. 2 lit. a DSG. Furthermore, we process your data if
these are necessary for the fulfillment of a legal obligation on the basis of Art.
31 para. 1 DSG. Furthermore, data processing may be carried out on the basis of our legitimate
Interest according to Art. 6 para. 1 DSG. The relevant legal bases in each individual case are
legal basis is informed in the following paragraphs of this privacy policy.
2.5 Data Protection Officer
Scanderra GmbH
Stänzlergasse 7
4051 Basel
Switzerland
Phone: ++41 61 508 16 69
E-mail: inquiry@scanderra.com
2.6 Notice regarding data transfer to the USA and other
third countries
We use, among other things, tools from companies based in the USA or other third
third countries that are not secure under data protection law. If these tools are active, your
personal data may be transferred to these third countries and processed there. We
point out that in these countries no level of data protection comparable to the EU can be
can be guaranteed. For example, US companies are required to
personal data to security authorities without you as the data subject being able to take legal
legal action against this as a data subject. It can therefore not be ruled out that
that US authorities (e.g. intelligence services) may process, evaluate and use your data stored on US servers for
monitoring purposes, evaluate it and store it permanently. We have no influence on
have any influence on these processing activities.
2.7 Revocation of your consent to data processing
Many data processing operations are only possible with your express consent.
You can revoke consent you have already given at any time. The legality of the data
data processing carried out until the revocation remains unaffected by the revocation.
2.8 Right to object to data collection in special
cases as well as against direct advertising (Art. 32 DSG)
IF THE DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 31 ABS. 1 DPA,
YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR DATA AT ANY TIME FOR REASONS
SITUATION, TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO THE
THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS.
PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH A
PROCESSING IS BASED ON CAN BE FOUND IN THIS DATA PROTECTION DECLARATION. IF YOU
YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA CONCERNED
NO LONGER PROCESS YOUR PERSONAL DATA, UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE
COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND
FREEDOMS OR THE PROCESSING IS FOR THE ASSERTION,
EXERCISE OR DEFENSE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 32
ABS. 1 FADP).
IF YOUR PERSONAL DATA ARE PROCESSED FOR THE PURPOSE OF DIRECT
ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE
PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING.
SUCH ADVERTISING; THIS ALSO APPLIES TO PROFILING, INSOFAR AS IT IS CONNECTED WITH SUCH
SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA
YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT ADVERTISING.
DIRECT ADVERTISING (OBJECTION PURSUANT TO ARTICLE 21 OF THE GERMAN PRIVACY ACT).
2.9. right of appeal to the competent supervisory authority
In the event of violations of the DPA, the data subject shall have the right to lodge a complaint with the
supervisory authority. The right of complaint exists without prejudice to other
administrative or judicial remedies.
2.10. Right to data portability
You have the right to transfer data that we process automatically on the basis of your consent or in performance of a
contract, to yourself or to a third party in a common, machine-readable format,
machine-readable format. If you request the direct transfer of the
data to another responsible party, this will only be done insofar as it is technically
feasible.
2.11. SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries, this site uses
such as orders or inquiries that you send to us as the site operator.
an SSL or TLS encryption. You can recognize an encrypted connection
by the fact that the address line of the browser changes from “http://” to “https://” and by the
lock symbol in your browser bar.
If SSL or TLS encryption is activated, the data you send to us cannot be read by third parties.
cannot be read by third parties.
2.12. Encrypted payment transactions on this website
If, after the conclusion of a contract for which a fee is charged, you are obliged to provide us with your
payment data (e.g. account number for direct debit authorization), this data is required for the
data is required for payment processing.
Payment transactions via the common means of payment (Visa/MasterCard, direct debit) is made exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the fact that the address line of the changes from “http://” to “https://” and by the lock symbol in your browser line.
browser line.
With encrypted communication, the payment data you transmit to us cannot be read by third parties,
cannot be read by third parties.
2.13. Information, deletion and correction
Within the framework of the applicable legal provisions, you have the right at any time to
information free of charge about your stored personal data, their origin and
and recipients and the purpose of data processing and, if applicable, a right to correction
or deletion of this data. For this as well as for further questions on the subject of
personal data, you can contact us at any time.
2.14. Right to restriction of processing
You have the right to request the restriction of the processing of your personal data.
to demand. For this purpose, you can contact us at any time. The right to restriction
of processing exists in the following cases:
– If you dispute the accuracy of your personal data stored by us
dispute, we usually need time to verify this. For the duration of the
you have the right to demand the restriction of the processing of your personal data.
personal data.
– If the processing of your personal data unlawfully
happened/is happening, instead of erasure, you may request the restriction of the
Request data processing.
– If we no longer need your personal data, but you wish to use it for the
Exercise, defense or assertion of legal claims,
you have the right to demand the restriction of the processing of your
personal data instead of deletion.
– If you have lodged an objection pursuant to Art. 32 (1) DSG, a
Weighing between your interests and ours will be carried out. As long as
it has not yet been determined whose interests outweigh yours, you have the right to
Restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data may be
only with your consent or for the assertion, exercise or defense of legal claims.
assertion, exercise or defense of legal claims or to protect the rights of another natural or
rights of another natural or legal person or for reasons of important public interest of the
important public interest of the European Union or a Member State.
processed.
3 Data collection on this website
3.1 Cookies
Our Internet pages use so-called “cookies”. Cookies are small text files and do not cause any damage to your end device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) stored on your terminal device. Session cookies are automatically deleted at the end of your visit.
Permanent cookies remain stored on your terminal device until you delete them yourself or until they are automatically deleted by your web browser.
In some cases, cookies from third-party companies may also be stored on your terminal when you enter our site (third-party cookies). These enable us or you the use of certain services of the third party company (e.g. cookies for the processing of payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g., the shopping cart shopping cart function or the display of videos). Other cookies are used to
evaluate user behavior or display advertising.
Cookies that are required to carry out the electronic communication process, for the provision of certain functions requested by you (e.g. for the shopping cart function shopping cart function) or for optimizing the website (e.g. cookies for measuring the Web audience) are required (necessary cookies), are stored on the basis of Art. 31 Paragraph 1 DSG, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary Cookies for the technically error-free and optimized provision of its services. If consent has been requested for the storage of cookies and comparable recognition technologies, the processing is carried out exclusively on the basis of this consent (Art. 31 para. 1 lit. a DSG); the consent can be revoked at any time.
revocable.
You can set your browser in such a way that you are informed about the setting of cookies
cookies only in individual cases, to exclude the acceptance of cookies for specific
exclude the acceptance of cookies for certain cases or in general, as well as to
when closing the browser. If you deactivate cookies, the functionality of this website
functionality of this website may be limited.
If cookies are used by third parties or for analysis purposes, we will inform you of this as part of this privacy policy.
inform you separately about this within the framework of this data protection declaration and, if necessary, request your
request your consent.
3.2 Consent with Cookiebot
Our website uses the consent technology of Cookiebot to obtain your consent to the
consent to the storage of certain cookies on your end device or to the use of certain
technologies and to document this in a data protection-compliant manner. The provider of this
technology is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter referred to as “Cookiebot”).
“Cookiebot”).
When you enter our website, a connection is established to the servers of Cookiebot
servers to obtain your consent and other declarations regarding the use of cookies.
to obtain. Subsequently, Cookiebot stores a cookie in your browser in order to give you
to be able to assign the given consents or their revocation. The data collected in this way
data is stored until you request us to delete it, until you delete the Cookiebot cookie
yourself or the purpose for the data storage ceases to apply. Mandatory legal
retention obligations remain unaffected.
The use of Cookiebot takes place in order to obtain the legally required consent for the
for the use of cookies. The legal basis for this is Art. 31 para. 1 DSG.
Order processing
We have concluded a contract on order processing (AVV) with the above-mentioned
provider mentioned above. This is a contract prescribed by data protection law which
data protection law, which guarantees that the provider will only process the personal data
of our website visitors only in accordance with our instructions and in compliance with the DSG
processed.
3.3 Contact form
If you send us inquiries via the contact form, your information from the
form, including the contact details you provide there, will be stored by us for the purpose of
processing of the inquiry and in the event of follow-up questions. This
We do not pass on this data without your consent.
The processing of this data is based on Art. 31 para. 1 DSG, provided that your
request is related to the performance of a contract or is necessary for the implementation of
is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based
processing is based on our legitimate interest in the effective processing of the inquiries
(Art. 31 Para. 1 DSG) or on your consent (Art. 31 Para. 1 l DSG), if this has been requested.
if this has been requested; the consent can be revoked at any time.
The data you entered in the contact form will remain with us until you request us to
request deletion, revoke your consent to storage, or the purpose for which the data was stored
data storage ceases to apply (e.g. after the processing of your inquiry has been completed).
Mandatory legal provisions – in particular retention periods – remain unaffected.
remain unaffected.
3.4 Inquiry by e-mail or telephone
If you contact us by e-mail or telephone, your inquiry including all resulting personal data (name, address, telephone number, etc.) will be processed.
(name, inquiry) will be stored and processed by us for the purpose of processing your
and processed by us for the purpose of processing your request. We do not pass on this data without your
without your consent.
The processing of this data is based on Art. 31 para. 2 lit a DSG, provided that your
request is related to the performance of a contract or is necessary for the implementation of
is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based
processing is based on our legitimate interest in the effective processing of the inquiries
(Art. 31 para. 1 DSG) or on your consent (Art. 31 para. 2 lit. a
DSG) if this has been requested; the consent can be revoked at any time.
The data you send to us via contact requests will remain with us until you
request deletion, revoke your consent to storage or the purpose of the data is no longer valid.
Mandatory legal provisions – in particular legal retention periods – remain
remain unaffected.
3.5 Typeform
We have integrated Typeform on this website. The provider is Typeform S.L., Carrer
Bac de Roda, 163, 08018 Barcelona, Spain (hereinafter Typeform). Typeform enables us to create online forms and to integrate them on our website. The data you enter in our Typeform forms is stored on Typeform’s servers, where it is
stored on Typeform’s servers until you request us to delete it, or until you revoke your
revoke your consent to the storage of your data, or until the purpose for the
data storage ceases to apply (e.g. after your request has been processed).
Mandatory legal provisions – in particular retention periods – remain unaffected.
remain unaffected.
The use of Typeform is based on Art. 6 para. 1 DSG. The
website operator has a legitimate interest in functioning online forms.
Insofar as a corresponding consent has been requested, the processing is carried out
exclusively on the basis of Art. 31 para. 2 lit. a DSG, insofar as the consent allows the
storage of cookies or access to information in the user’s terminal device (e.g., device fingerprinting).
device fingerprinting). The consent can be revoked at any time.
Order processing
We have concluded a contract on order processing (AVV) with the above-mentioned
provider mentioned above. This is a contract prescribed by data protection law which
data protection law, which guarantees that this provider will only process the personal data
of our website visitors only in accordance with our instructions and in compliance with the DSG
processed.
valid from September 1, 2023
Page 17 of 71
3.6 Hubspot CRM
We use Hubspot CRM on this website. The provider is Hubspot Inc. 25 Street,
Cambridge, MA 02141 USA (hereinafter referred to as Hubspot CRM).
Hubspot CRM enables us, among other things, to manage existing and potential customers as well as
customer contacts. With the help of Hubspot CRM, we are able to,
customer interactions via email, social media or phone across different channels.
across different channels, and to sort and analyze them. The personal data collected in this way
data collected in this way can be evaluated and used for communication with the potential customer or for
for marketing measures (e.g. newsletter mailings). With Hubspot CRM
we are also able to record and analyze the user behavior of our contacts on our website.
and analyze it.
The use of Hubspot CRM is based on Art. 31 para. 1 DSG. The
website operator has a legitimate interest in the most efficient possible
customer management and customer communication. Insofar as a corresponding consent has been
has been requested, the processing is carried out exclusively on the basis of Art. 31 para. 2
lit. a DSG, insofar as the consent permits the storage of cookies or the access to
information in the user’s terminal device (e.g. device fingerprinting). The
Consent can be revoked at any time.
For details, please refer to Hubspot’s privacy policy:
https://legal.hubspot.com/de/privacy-policy.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
based. Details can be found here: https://www.hubspot.de/data-privacy/privacy-shield.
Order processing
We have concluded a contract on order processing (AVV) with the above-mentioned
provider mentioned above. This is a contract prescribed by data protection law which
data protection law, which guarantees that this provider will only process the personal data
of our website visitors only in accordance with our instructions and in compliance with the DSG
processed.
valid from September 1, 2023
Page 18 of 71
3.7 Registration on this website
You can register on this website to use additional functions on the site.
use. We will use the data entered for this purpose only for the purpose of using the
respective offer or service for which you have registered. The mandatory
registration must be provided in full.
Otherwise we will reject the registration.
For important changes, for example, in the scope of the offer or for technically necessary
technical changes, we will use the e-mail address provided during registration to inform you
to inform you in this way.
The processing of the data entered during registration takes place for the purpose of the
of the user relationship established by the registration and, if applicable, for the
initiation of further contracts (Art. 31 para. 2 lit. a ART. 31 ABS. 1 DSG).
The data collected during registration will be stored by us as long as you are registered on this website and will subsequently be deleted.
registered on this website and will be deleted afterwards. Legal
retention periods remain unaffected.
3.8 Registration with Google
Instead of registering directly on this website, you can register with Google
register. The provider of this service is Google Ireland Limited (“Google”), Gordon
House, Barrow Street, Dublin 4, Ireland.
To register with Google, you only need to enter your Google name and password.
password. Google will identify you and confirm your identity to our website.
confirm your identity.
When you register with Google, it may be possible for us to use certain information on
your account to complete your profile with us. Whether and which
information this is, you decide within the framework of your Google security settings,
which you can find here: https://myaccount.google.com/security and
https://myaccount.google.com/permissions.
The data processing that accompanies Google registration is based on our
legitimate interest in providing our users with the simplest possible registration process, which is
Valid as of September 1, 2023
Page 19 of 71
(Art. 31 para. 1 DSG). Since the use of the registration function is voluntary
and the users themselves can decide on the respective access options, there are
no conflicting overriding rights of the data subjects are apparent.
3.9 Registration with Facebook Connect
Instead of registering directly on this website, you can register with Facebook Connect
register. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal
Square, Dublin 2, Ireland. However, according to Facebook, the data collected will also be
also transferred to the USA and other third countries.
If you choose to register with Facebook Connect and click on the “Login
Connect with Facebook” button, you will automatically be redirected to the Facebook platform.
Facebook platform. There you can log in with your usage data
log in. This will link your Facebook profile to this website or our services.
linked. This link gives us access to your data stored on Facebook.
data. These are mainly:
– Facebook name
– Facebook profile and title picture
– Facebook title picture
– Email address stored at Facebook
– Facebook ID
– Facebook friends lists
– Facebook Likes (“Like” votes)
– birthday
– Gender (sex)
– Country
– language
This data is used to set up, provide and personalize your account.
your account.
valid as of September 1, 2023
Page 20 of 71
The registration with Facebook Connect and the associated
data processing operations are carried out on the basis of your consent (Art. 31 para. 1 DSG).
You can revoke this consent at any time with effect for the future.
Insofar as with the help of the tool described here personal data is collected on our
website is collected and forwarded to Facebook, we and Meta Platforms
Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing.
responsible for this data processing. The joint responsibility is limited
The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook.
The processing by Facebook that takes place after the forwarding is not part of the
joint responsibility. The obligations we share have been set forth in a
joint processing agreement. The text of the
Agreement can be found at: https://www.facebook.com/legal/controller_addendum.
According to this agreement, we are responsible for the provision of privacy information when
the Facebook tool and for the secure implementation of the tool on our website.
Tool on our website. For the data security of the Facebook products
is the responsibility of Facebook. Data subject rights (e.g., requests for information) regarding the
data processed by Facebook can be asserted directly with Facebook. If
If you assert the data subject rights with us, we are obliged to forward them to Facebook.
forward them.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission
based. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum, https://de-
en.facebook.com/help/566994660333381 and https://www.facebook.com/policy.php.
For more information, please see the Facebook Terms of Use and the
Facebook privacy policy. These can be found at: https://de-
en.facebook.com/about/privacy/ and https://de-de.facebook.com/legal/terms/.
valid as of September 1, 2023
Page 21 of 71
4. social media
4.1 Social media elements with Shariff.
Social media elements are used on this website (e.g. Facebook,
Twitter, Instagram, Pinterest, XING, LinkedIn, Tumblr).
You can usually identify the social media elements by the respective social media
logos. In order to ensure data protection on this website, we only use
these elements only together with the so-called “Shariff” solution. This application
prevents the social media elements integrated on this website from collecting your
personal data to the respective provider when you first enter the page.
transmitted.
Only when you activate the respective social media element by clicking the associated
button, a direct connection to the provider’s server is established (consent).
(consent). As soon as you activate the social media element, the respective provider receives
the information that you have visited this website with your IP address. If you
are logged into your respective social media account (e.g. Facebook) at the same time, the respective
the respective provider can assign the visit to this website to your user account.
Activating the plugin constitutes consent within the meaning of Art. 31 para. 1 ART. 31 ABS. 1
DSG. You can revoke this consent at any time with effect for the future.
The service is used to obtain the legally required consent for the
use of certain technologies. The legal basis for this is Art. 31 para. 1 DSG.
4.2 Facebook
Elements of the social network Facebook are integrated on this website. Provider
of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2,
Ireland. According to Facebook, however, the data collected is also transferred to the USA and other third
to other third countries.
valid as of September 1, 2023
Page 22 of 71
An overview of Facebook social media elements can be found here:
https://developers.facebook.com/docs/plugins/?locale=de_DE.
When the social media element is active, a direct connection is established between your
end device and the Facebook server is established. Facebook thereby receives the information,
that you have visited this website with your IP address. If you click the Facebook “Like-
button” while you are logged into your Facebook account, you can share the content of this website on your
contents of this website on your Facebook profile. This allows Facebook to associate the
the visit to this website to your user account. We point out that we as
provider of the pages have no knowledge of the content of the transmitted data and their
their use by Facebook. You can find more information on this in the
Privacy Policy of Facebook at: https://de-
en.facebook.com/privacy/explanation.
Insofar as consent has been obtained, the use of the above-mentioned service takes place on the
on the basis of Art. 31 Para. 1 DSG. The consent can be revoked at any time. If no
consent has been obtained, the use of the service is based on our legitimate
legitimate interest in the greatest possible visibility in social media.
media.
Insofar as with the help of the tool described here personal data is collected on our
website is collected and forwarded to Facebook, we and Meta Platforms
Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing.
responsible for this data processing. The joint responsibility is limited
The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook.
The processing by Facebook that takes place after the forwarding is not part of the
joint responsibility. The obligations we share have been set forth in a
joint processing agreement. The text of the
Agreement can be found at: https://www.facebook.com/legal/controller_addendum.
According to this agreement, we are responsible for the provision of privacy information when
the Facebook tool and for the secure implementation of the tool on our website.
Tool on our website. For the data security of the Facebook products
is the responsibility of Facebook. Data subject rights (e.g., requests for information) regarding the
data processed by Facebook can be asserted directly with Facebook. If
valid as of September 1, 2023
Page 23 of 71
you assert the data subject rights with us, we are obliged to forward them to Facebook.
forward them.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission
based. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum, https://de-
en.facebook.com/help/566994660333381 and https://www.facebook.com/policy.php.
valid as of September 1, 2023
Page 24 of 71
4.3 Twitter
Functions of the Twitter service are integrated on this website. These functions
are offered by the Twitter International Company, One Cumberland Place, Fenian
Street, Dublin 2, D02 AX07, Ireland.
When the social media element is active, a direct connection is established between your
end device and the Twitter server is established. Twitter thereby receives information about
your visit to this website. By using Twitter and the function
“Re-Tweet” function, the websites you visit will be linked to your Twitter account
and made known to other users. We would like to point out that we, as the provider of the
of the content of the transmitted data and its use by Twitter.
Twitter receive. You can find more information on this in the privacy policy of
Twitter at: https://twitter.com/de/privacy.
Insofar as consent has been obtained, the use of the aforementioned service is based on
basis of Art. 31 para. 1 DSG. The consent can be revoked at any time. If no
consent has been obtained, the use of the service is based on our legitimate
legitimate interest in the greatest possible visibility in social media.
media.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission
based. Details can be found here: https://gdpr.twitter.com/en/controller-to-controller-
transfers.html.
You can change your privacy settings on Twitter in the account settings at.
https://twitter.com/account/settings change.
effective as of September 1, 2023
Page 25 of 71
4.4 Instagram
On this website, functions of the service Instagram are integrated. These functions
offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Canal Harbour, Dublin 2, Ireland.
When the social media element is active, a direct connection is established between your
end device and the Instagram server is established. Instagram thereby receives information
about your visit to this website.
If you are logged into your Instagram account, you can view the contents of this website by clicking on the
Instagram button to link the content of this website to your Instagram profile. Thereby
Instagram can assign the visit to this website to your user account. We point
point out that we, as the provider of the pages, have no knowledge of the content of the transmitted
data as well as their use by Instagram.
Insofar as consent has been obtained, the use of the aforementioned service is based on
basis of Art. 31 para. 1 DSG. The consent can be revoked at any time. If no
consent has been obtained, the use of the service is based on our legitimate
legitimate interest in the greatest possible visibility in social media.
media.
Insofar as with the help of the tool described here personal data is collected on our
website is collected and forwarded to Facebook or Instagram, we and the
Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2,
Ireland are jointly responsible for this data processing. The joint
responsibility is limited exclusively to the collection of the data and their
their forwarding to Facebook or Instagram. The processing that takes place after the forwarding
processing by Facebook or Instagram is not part of the joint responsibility.
responsibility. Our joint obligations are set forth in a joint processing
Joint Processing Agreement. The text of the agreement
can be found at: https://www.facebook.com/legal/controller_addendum. According to this
agreement, we are responsible for providing the data protection information when using the
Facebook or Instagram tool and for the secure implementation of the tool on our website in accordance with
of the tool on our website. For the data security of the Facebook resp.
Instagram products is Facebook’s responsibility. Data subject rights (e.g.
valid as of September 1, 2023
Page 26 of 71
Requests for information) with regard to the data processed by Facebook or Instagram
you can assert directly with Facebook. If you assert the data subject rights with us
assert them, we are obliged to forward them to Facebook.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission
based. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum,
https://help.instagram.com/519522125107875 and https://de-
de.facebook.com/help/566994660333381.
For more information, please see Instagram’s privacy policy:
https://instagram.com/about/legal/privacy/.
Effective September 1, 2023
Page 27 of 71
4.5 LinkedIn
This website uses elements of the LinkedIn network. The provider is LinkedIn Ireland
Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
Each time a page of this website that contains elements of LinkedIn is accessed, a
connection to LinkedIn servers is established. LinkedIn is informed that you have visited
have visited this website with your IP address. If you click the “Recommend button” of
LinkedIn and are logged in to your account at LinkedIn, it is possible for LinkedIn to
possible to associate your visit to this website with you and your user account. We
point out that we, as the provider of the pages, have no knowledge of the content of the
transmitted data and their use by LinkedIn.
Insofar as consent has been obtained, the use of the above-mentioned service is based on
basis of Art. 31 para. 1 DSG. The consent can be revoked at any time. If no
consent has been obtained, the use of the service is based on our legitimate
legitimate interest in the greatest possible visibility in social media.
media.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission
based. Details can be found here:
https://www.linkedin.com/help/linkedin/answer/62538/datenubertragung-aus-der-eu-
dem-ewr-and-switzerland?lang=en
For more information, please see LinkedIn’s privacy policy at:
https://www.linkedin.com/legal/privacy-policy.
valid as of September 1, 2023
Page 28 of 71
4.6 XING
This website uses elements of the XING network. The provider is New Work SE,
Dammtorstrasse 30, 20354 Hamburg, Germany.
Each time one of our pages containing XING elements is accessed, a connection to XING servers is established.
to XING servers is established. As far as we are aware, no personal data is
to our knowledge. In particular, no IP addresses are stored
or the usage behavior is evaluated.
Insofar as consent has been obtained, the aforementioned service is used on the basis of Art. 31 Para.
basis of Art. 31 para. 1 DSG. The consent can be revoked at any time. If no
consent has been obtained, the use of the service is based on our legitimate
legitimate interest in the greatest possible visibility in social media.
media.
Further information on data protection and the XING Share button can be found in the
Privacy Policy of XING at:
https://www.xing.com/app/share?op=data_protection.
valid as of September 1, 2023
Page 29 of 71
5. analysis tools and advertising
5.1 Google Tag Manager
We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon
House, Barrow Street, Dublin 4, Ireland.
The Google Tag Manager is a tool with the help of which we can integrate tracking or statistical tools and
other technologies on our website. The Google Tag Manager
itself does not create user profiles, does not store cookies and does not perform any independent
analyses. It is only used for the administration and playout of the tools that are
integrated tools. The Google Tag Manager does, however, record your IP address, which is also transmitted to the
Google’s parent company in the United States.
The use of the Google Tag Manager is based on ART. 31 ABS. 1 DSG. The
website operator has a legitimate interest in a fast and uncomplicated integration and
integration and management of various tools on its website. Insofar as a
consent has been requested, the processing is carried out exclusively on the basis of Art.
basis of Art. 31 para. 1 DSG, insofar as the consent allows the storage of cookies or
access to information in the user’s terminal device (e.g. device fingerprinting).
includes. The consent can be revoked at any time.
5.2 Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is
Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyze the behavior of website visitors.
to analyze. In doing so, the website operator receives various usage data, such as.
page views, length of stay, operating systems used and the origin of the user. This
data is summarized in a user ID and assigned to the end device of the website
website visitor’s end device.
valid as of September 1, 2023
Page 30 of 71
Furthermore, we can use Google Analytics to record, among other things, your mouse movements, scrolling movements and
record clicks. Furthermore, Google Analytics uses various modeling approaches,
to complement the collected data sets and uses machine learning technologies in its data
Data Analysis.
Google Analytics uses technologies that enable the recognition of the user for the
the purpose of analyzing user behavior (e.g. cookies or device fingerprinting).
Fingerprinting). The information collected by Google about the use of this website
is usually transferred to a Google server in the USA and stored there.
stored there.
The use of this service is based on your consent in accordance with Art. 31 para. 1
DSG. The consent can be revoked at any time.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission
based. Details can be found here:
https://privacy.google.com/businesses/controllerterms/mccs/.
Browser plugin
You can prevent the collection and processing of your data by Google by
downloading and installing the browser plugin available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=de.
You can find more information on how Google Analytics handles user data in the
Privacy Policy of Google:
https://support.google.com/analytics/answer/6004245?hl=de.
Google signals
We use Google signals. When you visit our website, Google Analytics collects, among other things.
a. your location, search history and YouTube history, as well as demographic data
(visitor data). This data can be used with the help of Google signals for personalized
advertising with the help of Google Signal. If you have a Google account, the visitor data from Google
Google Signal visitor data will be linked to your Google account and used for personalized
advertising messages. The data is also used for the creation of
anonymized statistics on the user behavior of our users.
valid from September 1, 2023
Page 31 of 71
Order processing
We have entered into an order processing agreement with Google and implement the
strict requirements of the German data protection authorities when using Google Analytics.
Analytics in full.
Google Analytics e-commerce measurement
This website uses the “e-commerce measurement” function of Google Analytics. With the help
e-commerce measurement, the website operator can analyze the buying behavior of website
website visitors to improve its online marketing campaigns.
Here, information such as orders placed,
average order values, shipping costs and the time from viewing to purchasing a product.
of a product is recorded. This data can be summarized by Google under a transaction ID
which is assigned to the respective user or their device.
valid as of September 1, 2023
Page 32 of 71
5.3 Hotjar
This website uses Hotjar. The provider is Hotjar Ltd, Level 2, St Julians Business Centre, 3,
Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com).
Hotjar is a tool used to analyze your user behavior on this website. With Hotjar
we can record, among other things, your mouse movements, scrolling movements and clicks. Hotjar can
also determine how long you have remained with the mouse pointer on a certain position.
on a certain spot. From this information, Hotjar creates so-called heat maps, which can be used to
to determine which areas of the website are viewed preferentially by visitors.
by the website visitor.
Furthermore, we can determine how long you stayed on a page and when you left it.
you left it. We can also determine at which point you abandoned your entries in a
contact form (so-called conversion funnels).
In addition, Hotjar can be used to obtain direct feedback from website visitors.
be obtained. This function serves to improve the website operator’s web offerings.
Hotjar uses technologies that enable the recognition of the user for the purpose of
analysis of user behavior (e.g. cookies or use of device fingerprinting).
fingerprinting).
Insofar as consent has been obtained, the use of the above-mentioned service is carried out
exclusively on the basis of Art. 31 Para. 1 DSG. The consent can be
revocable. Insofar as no consent has been obtained, the use of this
service is based on Art. 31 para. 1 DSG; the website operator has a legitimate
interest in analyzing user behavior in order to optimize both its website and its advertising.
to optimize its advertising.
Deactivating Hotjar
If you would like to deactivate the data collection by Hotjar, click on the following
link and follow the instructions there: https://www.hotjar.com/policies/do-not-
track/
Please note that deactivating Hotjar must be done separately for each browser or end
end device separately.
valid as of September 1, 2023
Page 33 of 71
For more information about Hotjar and the data collected, please refer to the
Privacy Policy of Hotjar at the following link:
https://www.hotjar.com/privacy
Order processing
We have entered into an order processing agreement (AVV) with the above-mentioned
provider mentioned above. This is a contract that is required by data protection law
data protection law, which guarantees that the provider will only process the personal data
of our website visitors only in accordance with our instructions and in compliance with the DSG
processed.
valid from September 1, 2023
Page 34 of 71
5.4 WP Statistics
This website uses the analytics tool WP Statistics to statistically evaluate visitor
evaluate. Provider is Veronalabs, ARENCO Tower, 27th Floor, Dubai Media City, Dubai,
Dubai 23816, UAE (https://veronalabs.com).
WP Statistics allows us to analyze the use of our website. WP Statistics collects
log files (IP address, referrer, browser used, origin of the user,
search engine used) and actions that the website visitors have taken on the page (e.g.
(e.g. clicks and views).
The data collected with WP Statistics is stored exclusively on our own server.
stored.
The use of this analysis tool is based on Art. 31 para. 1 DSG. We have
have a legitimate interest in the anonymized analysis of user behavior in order to improve
optimize our web offer as well as our advertising. Insofar as a corresponding
consent has been requested, the processing is carried out exclusively on the basis of
Art. 31 para. 1 DSG, insofar as the consent allows the storage of cookies or the access to
information in the user’s terminal device (e.g. device fingerprinting). The
Consent can be revoked at any time.
valid as of September 1, 2023
Page 35 of 71
5.5 Google Ads
The website operator uses Google Ads. Google Ads is an online advertising program
of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display advertisements in the Google search engine or on third-party websites.
third party websites when the user enters certain search terms on Google (keyword targeting).
(keyword targeting). Furthermore, targeted advertisements can be displayed on the basis of the user data available at Google
data available at Google (e.g. location data and interests) (target group targeting).
(target group targeting). As the website operator, we can evaluate this data quantitatively
by analyzing, for example, which search terms led to the display of our ads and how many
our advertisements and how many advertisements have led to corresponding clicks.
have led to.
The use of this service is based on your consent in accordance with Art. 31 para. 1
DSG. The consent can be revoked at any time.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission
based. Details can be found here: https://policies.google.com/privacy/frameworks and
https://privacy.google.com/businesses/controllerterms/mccs/.
valid as of September 1, 2023
Page 36 of 71
5.6 Google AdSense (not personalized).
This website uses Google AdSense, a service for embedding advertisements.
The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4,
Ireland.
We use Google AdSense in “non-personalized” mode. In contrast to the
mode, the advertisements are not based on your previous user behavior and no user
user behavior and no user profile of you is created. Instead, so-called “context
Instead, so-called “contextual information” is used to select the advertisements. The
selected advertisements are then based, for example, on your location, the content of the
the content of the website you are on or your current search terms. More
about the differences between personalized and non-personalized targeting with
Google AdSense can be found at: https://support.google.com/adsense/answer/9007336.
Please note that even when using Google Adsense in non-personalized
cookies or comparable recognition technologies (e.g. device fingerprinting).
fingerprinting) may be used. According to Google, these are used to combat
fraud and abuse.
The use of this service is based on your consent according to Art. 31 para. 1
DSG. The consent can be revoked at any time.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission
based. Details can be found here:
https://privacy.google.com/businesses/controllerterms/mccs/.
You can independently adjust your advertising settings in your user account.
To do so, click on the following link and log in:
https://adssettings.google.com/authenticated.
More information about Google’s advertising technologies can be found here:
https://policies.google.com/technologies/ads and
https://www.google.de/intl/de/policies/privacy/.
Effective September 1, 2023
Page 37 of 71
5.7 Google Remarketing
This website uses the functions of Google Analytics Remarketing. The provider is
Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Remarketing analyzes your user behavior on our website (e.g. clicking on
products), in order to classify you in certain advertising target groups and subsequently
and then to display suitable advertising messages to you when you visit other online
(remarketing or retargeting).
Furthermore, the advertising target groups created with Google Remarketing can be linked with the
Google’s cross-device functions. In this way
interest-based, personalized advertising messages, which are displayed on the basis of your previous
surfing behavior on one end device (e.g. cell phone) can also be adapted to you on another of your
also be displayed on another of your end devices (e.g. tablet or PC).
If you have a Google account, you can object to the personalized advertising
at the following link: https://www.google.com/settings/ads/onweb/.
The use of this service is based on your consent in accordance with Art. 31 para. 1
DSG. The consent can be revoked at any time.
Further information and the data protection provisions can be found in the
Privacy Policy of Google at:
https://policies.google.com/technologies/ads?hl=de.
Formation of target groups with customer matching
For target group formation, we use, among other things, the customer matching of Google
Remarketing. In this process, we transfer certain customer data (e.g., e-mail addresses) from our
our customer lists to Google. If the customers in question are Google users and logged into their
Google account, they will be shown suitable advertising messages within the Google
network (e.g. on YouTube, Gmail or in the search engine).
valid as of September 1, 2023
Page 38 of 71
5.8 Google Conversion Tracking
This website uses Google Conversion Tracking. The provider is Google Ireland Limited
(“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
With the help of Google conversion tracking, Google and we are able to recognize whether the user has
has performed certain actions. For example, we can evaluate which
buttons on our website were clicked and how often, and which products were viewed or purchased
viewed or purchased. This information is used to create conversion statistics.
to create. We find out the total number of users who clicked on our ads and what actions they
and what actions they have taken. We do not receive any information with which
with which we can personally identify the user. Google itself uses cookies
Cookies or comparable recognition technologies for identification.
The use of this service is based on your consent in accordance with Art. 31 para. 1
DSG. The consent can be revoked at any time.
You can find more information about Google Conversion Tracking in the
Privacy Policy of Google: https://policies.google.com/privacy?hl=de.
5.9 Google DoubleClick
This website uses functions of Google DoubleClick. The provider is Google Ireland
Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland, (hereinafter referred to as “DoubleClick”).
“DoubleClick”).
DoubleClick is used to display interest-based advertisements to you throughout the entire
Google advertising network. With the help of DoubleClick, the advertisements can be
the advertisements can be adapted to the interests of the respective viewer. Thus, our
For example, our ads may be displayed in Google search results or in banner ads associated with
DoubleClick can be displayed.
In order to be able to display interest-based advertising to users, DoubleClick must recognize the
viewers and associate them with the web pages they have visited, clicks and other
other information on user behavior. For this purpose, DoubleClick
uses cookies or comparable recognition technologies (e.g. device fingerprinting).
valid as of September 1, 2023
Page 39 of 71
The collected information is combined into a pseudonymous user profile in order to
in order to display interest-based advertising to the relevant user.
The use of this service is based on your consent pursuant to Art. 31 para. 1
DSG. The consent can be revoked at any time.
For more information on how to object to the advertisements displayed by Google
advertisements displayed by Google can be found in the following links:
https://policies.google.com/technologies/ads and
https://adssettings.google.com/authenticated.
5.10. Facebook Pixel
This website uses the visitor action pixel from Facebook for conversion measurement.
The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square,
Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the
USA and to other third countries.
In this way, the behavior of page visitors can be tracked after they have clicked
on a Facebook ad after they have been redirected to the provider’s website.
This allows the effectiveness of the Facebook ads to be evaluated for statistical and
market research purposes and to optimize future advertising measures.
be optimized.
The data collected is anonymous for us as the operator of this website, we cannot draw any
draw conclusions about the identity of the users. However, the data is stored and processed by Facebook
stored and processed by Facebook, so that a connection to the respective user profile is possible
and Facebook can use the data for its own advertising purposes in accordance with Facebook’s
Data Usage Policy. This allows Facebook to facilitate the placement of
advertisements on Facebook pages as well as outside of Facebook. This
Use of the data can not be influenced by us as a site operator.
The use of this service is based on your consent pursuant to Art. 31 para. 1
DSG. The consent can be revoked at any time.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission
based. Details can be found here:
valid from September 1, 2023
Page 40 of 71
https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-
de.facebook.com/help/566994660333381.
Insofar as personal data is collected on our website with the help of the tool described here
website is collected and forwarded to Facebook, we and Meta Platforms
Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing.
responsible for this data processing. The joint responsibility is limited
The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook.
The processing by Facebook that takes place after the forwarding is not part of the
joint responsibility. The obligations we share have been set forth in a
joint processing agreement. The text of the
Agreement can be found at: https://www.facebook.com/legal/controller_addendum.
According to this agreement, we are responsible for the provision of privacy information when
the Facebook tool and for the secure implementation of the tool on our website.
Tool on our website. For the data security of the Facebook products
is the responsibility of Facebook. Data subject rights (e.g., requests for information) regarding the
data processed by Facebook can be asserted directly with Facebook. If
If you assert the data subject rights with us, we are obliged to forward them to Facebook.
forward them.
In Facebook’s data protection notices, you will find further information on protecting your
privacy: https://de-de.facebook.com/about/privacy/.
You can also use the remarketing function “Custom Audiences” in the section
Settings for advertisements at
https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
deactivate. To do this, you must be logged into Facebook.
If you do not have a Facebook account, you can disable usage-based advertising from
Facebook on the European Interactive Digital Advertising Alliance website:
http://www.youronlinechoices.com/de/praferenzmanagement/.
Effective September 1, 2023
Page 41 of 71
5.11. LinkedIn Insight Tag
This website uses the Insight Tag from LinkedIn. The provider of this service is LinkedIn
Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
Data processing by LinkedIn Insight Tag
With the help of the LinkedIn Insight Tag, we receive information about the visitors to our
website. If a website visitor is registered with LinkedIn, we can, among other things, obtain the professional
data (e.g., career level, size of company, country, location, industry, and
job title) of our website visitors and thus better target our site to the relevant
the respective target groups. Furthermore, with the help of LinkedIn Insight Tags, we can
measure whether visitors to our websites make a purchase or take another action (conversion measurement).
(conversion measurement). Conversion measurement can also take place across devices (e. g.
e.g. from PC to tablet). LinkedIn Insight Tag also offers a retargeting function,
with the help of which we can display targeted advertising outside of the website to visitors of our website.
website, whereby, according to LinkedIn, there is no identification of the
addressee of the advertisement takes place.
LinkedIn itself also collects so-called log files (URL, referrer URL, IP address,
device and browser properties and time of access). The IP addresses are
shortened or (if they are used to reach LinkedIn members across all devices) hashed (pseudo
LinkedIn members across devices) are hashed (pseudonymized). The direct identifiers of LinkedIn members
are deleted by LinkedIn after seven days. The remaining pseudonymized
data is then deleted within 180 days.
The data collected by LinkedIn cannot be assigned to specific individuals by us as the website operator.
be assigned to specific individuals. LinkedIn will store the collected personal data
of the website visitors on its servers in the USA and use them in the context of its own
advertising measures. For details, please refer to the privacy policy of LinkedIn
at https://www.linkedin.com/legal/privacy-policy#choices-oblig.
Legal basis
Insofar as consent has been obtained, the use of the above-mentioned service takes place
exclusively on the basis of Art. 31 para. 1 DSG. The consent can be
revocable. Insofar as no consent has been obtained, the use of this
valid from September 1, 2023
Page 42 of 71
service is based on Art. 31 (1) DSG; the website operator has a legitimate
interest in effective advertising measures including social media.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission
based. Details can be found here: https://www.linkedin.com/legal/l/dpa and
https://www.linkedin.com/legal/l/eu-sccs.
Objection to the use of LinkedIn Insight Tag.
You can object to the analysis of usage behavior as well as targeted advertising by LinkedIn under
the following link: https://www.linkedin.com/psettings/guest-
controls/retargeting-opt-out.
Furthermore, members of LinkedIn can opt out of the use of their personal information
for advertising purposes in the account settings. In order to prevent the linking of data
data collected on our website by LinkedIn and your LinkedIn account.
account, you must log out of your LinkedIn account before visiting our website.
website.
Order processing
We have concluded a contract on order processing (AVV) with the above-mentioned
provider mentioned above. This is a contract prescribed by data protection law which
data protection law, which guarantees that this provider will only process the personal data
of our website visitors only in accordance with our instructions and in compliance with the DSG
processed.
Data processing for advertising purposes
On the basis of article 31, paragraph 1 of the DSG, the data controller has the following rights
a legitimate interest in the case of data processing for advertising purposes. To
For the use of a personalized customer approach, we reserve the right on this
legal basis also the use of first name, last name, date of birth,
street, postal code and city. The duration of the storage of personal data
purposes is based on the principle of whether the storage is necessary for the advertising
is necessary for advertising purposes. We follow the principle of storing data
two years at the latest after the data is no longer used for advertising purposes.
deleted.
valid from September 1, 2023
Page 43 of 71
Own advertising purposes and advertising purposes of third parties
Insofar as you have concluded a contract with us or have had an advertising material sent to you
we will keep a record of you as an existing or prospective customer. In these
In these cases, we process your name and address in order to send you
information about new products and services. We
reserve the right, within the framework of our legitimate interests, to pass on your postal
contact data to companies in our group of companies and, if applicable, to selected
contract partners, so that they can also inform you about their products.
inform you about their products.
Advertising in line with your interests
In order to ensure that you only receive advertising information that is of
interest to you, we categorize and add further information to your customer profile.
with additional information. For this purpose, we use both statistical
information as well as personal information (e.g. basic data of your customer profile).
customer profile). The aim is to send you advertising based solely on your actual or perceived
needs and accordingly not to bother you with uninteresting advertising.
with uninteresting advertising.
Processing of the advertising mailings
The advertising mailings are processed on our behalf by a service provider, to which we have
by a service provider, to whom we pass on your data for this purpose.
Right of objection
You can object to the processing of data for the aforementioned purposes at any time
free of charge, separately for each communication channel and with effect for the future.
and with effect for the future. For this purpose, it is sufficient to send an e-mail or a postal
letter to the above contact details.
If you lodge an objection, the contact address concerned will be blocked for further
further data processing for advertising purposes. We would like to point out that in
exceptional cases, even after receipt of your objection, there may be a temporary
sending of advertising material even after receipt of your objection. This is due to the technical
necessary lead time for advertisements and does not mean that we will not implement your objection.
not implement your objection.
valid as of September 1, 2023
Page 44 of 71
5.12 Sentry
We use Sentry within the scope of our legitimate interest in a technically
online offer and its economically efficient design and optimization pursuant to Art.
optimization in accordance with Art. 31 para. 1 DSG for the logging of errors the service Sentry
of Functional Software, Inc, Sentry 45 Fremont Street, 8th Floor, San Francisco, CA 94105,
USA (hereinafter “Sentry”).
Sentry can be used to collect and log errors in the code and to analyze them for the purpose of
system stability. For this purpose, Sentry also collects your usage data, such as your
operating system, the software installed on your device, your IP address, your browser type,
operating system or the previously visited website (‘referring URL’). This data is collected by
Sentry pseudonymously and do not allow us to identify you as a user.
user.
This may result in a transfer of your data to the USA. We have concluded an
Sentry, according to which Sentry will only process your data in accordance with our
only process your data according to our instructions. This AVV also stipulates that the transfer of data to the
to the USA by Sentry only takes place within the scope of the standard contractual clauses.
For more information about Sentry’s use of your data, please see Sentry’s
Sentry privacy policy at https://sentry.io/privacy/.
effective as of September 1, 2023
Page 45 of 71
5.13. Outbrain
We have integrated Outbrain on this website. The provider is Outbrain Inc, 39 West.
13th Street, 3rd floor, New York, NY 10011, USA (hereinafter “Outbrain”).
When you visit a website on which Outbrain is embedded, Outbrain creates a
pseudonymous user profile (user ID), in which it is stored which content you have viewed or
or have read. Subsequently, on our website or on other websites, on which Outbrain is embedded
websites, on which Outbrain is integrated, further interest-oriented content or
or advertising can be displayed. For this purpose, among other things, your device type, your
IP address, browser type, web pages visited and articles read, time of access, and device ID.
and the device ID are stored and summarized in your user ID.
Furthermore, we use the Outbrain Pixel. When you enter our website, we can use the
this pixel, we can determine whether you already have an Outbrain User ID. In this way
advertisers from the Outbrain advertising network can measure the effectiveness of their
measure the effectiveness of their campaigns.
Insofar as consent has been obtained, the use of the aforementioned service will be
exclusively on the basis of Art. 31 para. 1 DSG. Consent can be revoked at any
revocable. Insofar as no consent has been obtained, the use of this
service is based on Art. 31 para. 1 DSG; the website operator has a legitimate
interest in analyzing user behavior in order to optimize both its website and its advertising.
to optimize its advertising.
For more information, please refer to Outbrain’s privacy policy at:
https://www.outbrain.com/legal/privacy#privacy-policy.
Furthermore, you can obtain a list of all cookies used by Outbrain at the following link.
Cookies used by Outbrain: https://www.outbrain.com/privacy/cookies/.
If you would like to view or customize your interest profile on Outbrain, click on
following link: https://my.outbrain.com/recommendations-settings/home.
Order Processing
We have entered into an order processing agreement (AVV) with the above-mentioned
provider mentioned above. This is a contract prescribed by data protection law which
data protection law, which guarantees that this provider will process the personal data
valid as of September 1, 2023
Page 46 of 71
of our website visitors only in accordance with our instructions and in compliance with the DSG
processed.
valid from September 1, 2023
page 47 from 71
5.14. TikTok
Description and scope of data processing
The social media application TikTok is an international video portal. It serves the
so-called lip-syncing of music videos and other short video clips.
TikTok is operated by the Chinese company ByteDance. The
TikTok’s privacy policy forms the basis on which TikTok processes all data
TikTok processes all data collected from users or provided by users.
provided by the Users. The person responsible for the processing of personal data is
according to the Privacy Policy, TikTok Technology Limited (“TikTok Ireland”), and TikTok
Information Technologies UK Limited (“TikTok UK”). In the privacy statement, most often
TikTok”, “we” or “us” for short. If you have given your consent to be
TikTok will use your data to show you personalized advertising.
Legal basis
The personalized advertising that TikTok displays to you is based on your consent. In
Otherwise, TikTok processes users’ data on the basis of a contract (art. 31 para. 1
sentence 1 letter a DSG), as a result of a balancing of interests (Art. 6 para. 1 DSG) or for the
fulfillment of legal obligations (Art. 6 para. 1 DSG). Consent can be revoked by the user
and processing based on a consideration of interests can be objected to in accordance with Art.
be objected to in accordance with Art. 32 DSG. For details, please refer to the
Privacy Policy and the Terms of Use of TikTok (link see below).
Purpose
TikTok processes personal data for a variety of purposes, including.
the provision of its services, to notify users of changes to the services, to provide the
to notify users of changes to the Services, to provide support to users, to allow users to use
users to share user content with other users, for the development of new services
Development of new services or to comply with legal obligations. TikTok collects
about its users, including: profile data, user content and usage data, location data
Usage Data, Location Data, information about their respective contacts/friends.
For more information about how your data is used and what data is
valid as of September 1, 2023
Page 48 of 71
is processed, please refer to the privacy policy and the
Terms of Use of TikTok (link see below).
Duration of storage
TikTok retains users’ data for as long as is necessary to provide the service to
service to the users, to fulfill its contractual obligations and to exercise its rights with respect to the
contractual obligations and to exercise its rights with respect to the information in question.
be able to do so. If the users’ information is not needed to provide the service, the users’ information will be
provide the service, TikTok will retain User Information only for as long as TikTok has a legitimate business
can pursue a legitimate business purpose in retaining such data. When a
User requests TikTok to delete his or her account, the account will initially be deactivated for a few
weeks. Subsequently, the account will be deleted. In this course
users’ personal data relating to the in-app messaging function will also be deleted.
will be deleted. Messages that you have sent to other users of the TikTok service,
remain stored on their devices. In its privacy policy (link see below), TikTok also points out
TikTok also points out any longer deletion periods or retention periods.
Revocation, objection and end of processing
TikTok offers its users the possibility to control their own user data (personal
Data) via the settings options to control and manage them. TikTok offers
also offers its users automated information services, with which you can obtain information about
how your data is processed. Within the framework of the legal requirements, you
you also have the right to request deletion and rectification of your data and to object to the use
the use of your data or have the use of your data restricted and revoke your consent at any time.
revoke the consent you have given at any time.
Supplementary note
Please note that the terms of use and the privacy policy of
TikTok may change at any time. Therefore, please inquire at regular intervals about the
about the topicality of these texts. Laedi Ortho does not assume any liability for
accuracy or completeness of the information provided, which is based on the
Terms of Use and Privacy Policy of TikTok. Our
present data protection information serves the purpose according to articles 13 ff. DSG required
information to the extent that Laedi Ortho provides services from TikTok by embedding
valid as of September 1, 2023
Page 49 of 71
of videos in one of our websites or TikTok is used by our employees for customers.
Employees is used on behalf of customers.
TikTok Terms of Use:
https://www.tiktok.com/legal/terms-of-use?lang=de
Privacy Policy:
https://www.tiktok.com/legal/privacy-policy?lang=de#section-1
Questions about TikTok’s privacy policy:
For users who have questions about TikTok’s privacy policy or who wish to contact TikTok’s
TikTok’s Privacy Officer, TikTok provides a contact form that is
Contact Form, which is linked above the Privacy Policy.
valid as of September 1, 2023
Page 50 of 71
6. newsletter
6.1 Newsletter Data
If you would like to receive the newsletter offered on the website, we require
from you an e-mail address as well as information that allows us to verify,
that you are the owner of the e-mail address and that you agree to receive the newsletter.
and that you agree to receive the newsletter. Further data will not be collected or only on a voluntary basis.
collected. For the handling of the newsletter we use newsletter service providers, which are
described below.
6.2 Shared use of Curaden AG customer data
Curaden AG, Amlehnstrasse 22, 6010 Kriens, Switzerland, develops the products and
services and makes them available to all contractual partners of the group of companies.
available. Curaden AG, together with its contractual partners, also designs the
advertising measures as well as newsletters and the websites. Customer data such as e-mail
addresses for use for advertising purposes and for general communication are stored by
collected by Curaden AG together with its contractual partners. They are joint
responsible parties. The collection and processing of the data is based on Art.
31 para. 1 DSG. Curaden AG and its contractual partners make available to the data subjects
the information required according to Art. 13 and 14 DSG in a precise, transparent,
understandable and easily accessible form in a clear and simple language.
free of charge. In doing so, each party shall provide the other party with all the necessary
necessary information from its sphere of activity to the other party.
Commented [TB2]: 7/31/2023: Adapt text or possibly
delete
valid as of September 1, 2023
Page 51 of 71
6.3 Mailchimp
This website uses the services of Mailchimp for sending newsletters. The provider
is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308,
USA.
Mailchimp is a service that, among other things, organizes and analyzes the sending of newsletters.
can be analyzed. If you enter data for the purpose of receiving newsletters (e.g.
e-mail address), these are stored on Mailchimp’s servers in the USA.
With the help of Mailchimp, we can analyze our newsletter campaigns. If you
open an email sent with Mailchimp, a file contained in the email (so-called web-become
file (so-called web-beacon) connects to Mailchimp’s servers in the USA. In this way it can be determined
whether a newsletter message has been opened and which links, if any, have been clicked.
In addition, technical information is recorded (e.g. time of retrieval, IP address,
browser type and operating system). This information cannot be assigned to the
newsletter recipient. It is used exclusively for the statistical
analysis of newsletter campaigns. The results of these analyses can be used
to better adapt future newsletters to the interests of the recipients.
If you do not want any analysis by Mailchimp, you must unsubscribe from the newsletter.
For this purpose, we provide a corresponding link in every newsletter message.
The data processing is based on your consent (Art. 31 para. 1 DSG). You
can revoke this consent at any time by unsubscribing from the newsletter. The
lawfulness of the data processing operations already carried out remains unaffected by the revocation.
unaffected.
The data you provide to us for the purpose of receiving the newsletter will be stored by
stored by us or the newsletter service provider until you unsubscribe from the newsletter and
newsletter service provider until you unsubscribe from the newsletter and will be deleted from the
deleted from the newsletter distribution list. Data stored by us for other purposes remains unaffected by this.
remain unaffected by this.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
based. Details can be found here: https://mailchimp.com/eu-us-data-transfer-statement/ and
https://mailchimp.com/legal/data-processing-addendum/#Annex_C_-
_Standard_Contractual_Clauses.
Valid as of September 1, 2023
Page 52 of 71
After you have unsubscribed from the newsletter distribution list, your email address will be stored by us
or the newsletter service provider, as the case may be, in a blacklist, insofar as this is necessary to
This is necessary to prevent future mailings. The data from the blacklist will only be used for this
used for this purpose and will not be merged with other data. This serves both
your interest as well as our interest in complying with the legal requirements
when sending newsletters (legitimate interest within the meaning of Art. 31 Para. 1 DSG). The
storage in the blacklist is not limited in time. You can object to the storage
object to the storage if your interests outweigh our legitimate interest.
For more details, please refer to the privacy policy of Mailchimp at:
https://mailchimp.com/legal/terms/.
Order processing
We have concluded a contract on order processing (AVV) with the above-mentioned
provider mentioned above. This is a contract prescribed by data protection law which
data protection law, which guarantees that this provider will only process the personal data
of our website visitors only in accordance with our instructions and in compliance with the DSG
processed.
valid from September 1, 2023
Page 53 of 71
6.4 SendGrid/Twilio
This website uses the cloud-based email marketing software SendGrid by Twilio for the
the dispatch of newsletters. The provider is Twilio Germany GmbH, Rosenheimer Str.
143C, 81671 Munich, Germany. SendGrid is a service that can be used to organize and
newsletter dispatch can be organized and analyzed. The data you enter for the purpose of
newsletter subscription (e.g. e-mail address) is stored on the servers of SendGrid.
SendGrid servers.
The servers that SendGrid uses for data processing are located in the USA, among other places, i.e.
Your email address may be transmitted to their US servers. What SendGrid
undertakes to comply with the data protection regulations of the EU, you can find out in their
Privacy Policy at https://www.twilio.com/legal/privacy and
https://www.twilio.com/legal/data-protection-addendum.
Our newsletters sent with SendGrid allow us to analyze the behavior of the
of the newsletter recipients. Among other things, this allows us to analyze how many recipients have opened the
opened the newsletter message and how often which link in the newsletter was clicked on.
was clicked. With the help of so-called conversion tracking, we can also analyze
whether a predefined action (e.g. purchase of a product on our website) was carried out after clicking on the link in the newsletter.
product on our website) has taken place. The data processing is based on your
consent (Art. 31 para. 1 DSG). You can revoke this consent at any time by
unsubscribing from the newsletter. The legality of the data processing operations that have already
data processing operations remains unaffected by the revocation.
If you do not want any analysis by SendGrid, you must unsubscribe from the newsletter.
For this purpose, we provide a corresponding link in each newsletter message.
Furthermore, you can also unsubscribe from the newsletter directly on the website.
The data you provide to us for the purpose of receiving the newsletter will be stored by
stored by us until you unsubscribe from the newsletter and, after unsubscribing from the newsletter
deleted from our servers as well as from the servers of SendGrid.
Data that has been stored by us for other purposes remains unaffected by this.
For more details, please refer to the privacy policy of SendGrid at:
https://sendgrid.com/policies/privacy/.
valid as of September 1, 2023
Page 54 of 71
7. plugins and tools
7.1 YouTube with enhanced data protection
This website embeds videos of YouTube. The operator of the pages is Google Ireland
Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
We use YouTube in extended data protection mode. This mode has the effect, according to
YouTube that YouTube does not store any information about the visitors to this website
before they watch the video. The transfer of data to YouTube-
partners is not necessarily excluded by the extended data protection mode.
excluded. Thus, YouTube – regardless of whether you watch a video – establishes a
connection to the Google DoubleClick network.
As soon as you start a YouTube video on this website, a connection is established to the
YouTube servers is established. In the process, the YouTube server is informed which
of our pages you have visited. If you are logged into your YouTube account,
you enable YouTube to assign your surfing behavior directly to your personal profile.
You can prevent this by logging out of your YouTube account.
Furthermore, after starting a video, YouTube may store various cookies on your
device or use comparable recognition technologies (e.g. device fingerprinting).
fingerprinting). In this way, YouTube can obtain information about visitors
visitors to this website. This information is used, among other things, to record video statistics
improve the user experience, and prevent fraud attempts.
If necessary, after the start of a YouTube video, further data processing
data processing operations may be triggered after the start of a YouTube video, over which we have no control.
YouTube is used in the interest of an appealing presentation of our online offers.
online offers. This represents a legitimate interest within the meaning of Art. 31 (1) DSG.
Insofar as a corresponding consent has been requested, the processing is carried out
exclusively on the basis of Art. 31 para. 1 DSG, insofar as the consent allows the
storage of cookies or access to information in the user’s terminal device (e.g., device fingerprinting).
device fingerprinting). The consent can be revoked at any time.
valid as of September 1, 2023
Page 55 of 71
For more information about data protection at YouTube, please see their
Privacy Policy at: https://policies.google.com/privacy?hl=de.
7.2 Vimeo without tracking (Do-Not-Track).
This website uses plugins of the video portal Vimeo. The provider is Vimeo Inc, 555 West
18th Street, New York, New York 10011, USA.
When you visit one of our pages equipped with Vimeo videos, a connection to the
connection to the Vimeo servers is established. In the process, the Vimeo server is informed
which of our pages you have visited. In addition, Vimeo obtains your IP address. We have
Vimeo so that Vimeo does not track your user activity and does not set cookies.
will not set any cookies.
The use of Vimeo takes place in the interest of an appealing presentation of our
online offers. This constitutes a legitimate interest within the meaning of Art. 31 (1) DSG.
Insofar as a corresponding consent has been requested, the processing is carried out
exclusively on the basis of Art. 31 para. 1 DSG; the consent can be revoked at any time.
revocable at any time.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission
and, according to Vimeo, on the basis of “legitimate business interests”. Details
can be found here: https://vimeo.com/privacy.
Further information on the handling of user data can be found in the
Vimeo privacy policy at: https://vimeo.com/privacy.
Effective September 1, 2023
Page 56 of 71
7.3 Google Maps
This site uses the map service Google Maps. The provider is Google Ireland Limited
(“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
To use the functions of Google Maps, it is necessary to store your IP address.
stored. This information is usually transferred to a Google server in the USA and stored there.
and stored there. The provider of this site has no influence on this
data transmission. If Google Maps is activated, Google may use Google Web Fonts for the purpose of the
uniform display of fonts Google Web Fonts. When calling up
Google Maps, your browser loads the necessary web fonts into your browser cache to display texts
and fonts are displayed correctly.
The use of Google Maps is in the interest of an appealing presentation of our online offerings
online offers and to make it easy to find the places we have indicated on the website.
on the website. This constitutes a legitimate interest within the meaning of Art. 31 para. 1 DSG
represents. Insofar as a corresponding consent has been requested, the processing is carried out
exclusively on the basis of Art. 31 para. 1 DSG, insofar as the consent allows the
storage of cookies or access to information in the user’s terminal device (e.g., device fingerprinting).
device fingerprinting). The consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
based. Details can be found here:
https://privacy.google.com/businesses/gdprcontrollerterms/ and
https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.
More information on the handling of user data can be found in the privacy policy
from Google: https://policies.google.com/privacy?hl=de.
valid as of September 1, 2023
Page 57 of 71
7.4 Google reCAPTCHA.
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on this website. Provider
is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA is to verify whether the data input on this website (e.g. in a
contact form) is made by a human being or by an automated program.
takes place. For this purpose, reCAPTCHA analyzes the behavior of the website visitor on the basis of various
various characteristics. This analysis begins automatically as soon as the website visitor enters the website.
enters the website. For the analysis, reCAPTCHA evaluates various information (e.g..
IP address, the length of time the website visitor spends on the website, or the user’s mouse
mouse movements). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run entirely in the background. Website visitors are not
that an analysis is taking place.
The storage and analysis of the data is based on Art. 31 para. 1 DSG. The
website operator has a legitimate interest in protecting its web offers against
automated spying and SPAM. Insofar as a
consent has been requested, processing is carried out exclusively on the basis of Art.
on the basis of Art. 31 Para. 1 of the German Data Protection Act (DSG), insofar as the consent allows cookies to be stored or
access to information in the user’s terminal device (e.g. device fingerprinting).
includes. The consent can be revoked at any time.
For further information on Google reCAPTCHA, please refer to Google’s
Privacy Policy and the Google Terms of Use at the following links:
https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de.
valid as of September 1, 2023
Page 58 of 71
7.5 Wordfence
We have integrated Wordfence on this website. The provider is Defiant Inc, Defiant,
Inc, 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter “Wordfence”).
Wordfence is used to protect our website from unwanted access or malicious
cyberattacks. For this purpose, our website establishes a permanent connection to Wordfence’s
Wordfence’s servers so that Wordfence can compare its databases with the accesses
website and, if necessary, block them.
The use of Wordfence is based on Art. 31 para. 1 DSG. The
website operator has a legitimate interest in the most effective possible protection of his
website from cyberattacks. If a corresponding consent has been requested,
the processing is carried out exclusively on the basis of Art. 31 Para. 1 DSG, insofar as the
consent permits the storage of cookies or access to information in the user’s terminal
of the user (e.g. device fingerprinting). The consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
based. Details can be found here: https://www.wordfence.com/help/general-data-
protection-regulation/.
Order processing
We have concluded a contract on order processing (AVV) with the above-mentioned
provider mentioned above. This is a contract prescribed by data protection law which
data protection law, which guarantees that the provider will only process the personal data
of our website visitors only according to our instructions and in compliance with ART. 31
ABS. 1 DSG processed.
valid as of September 1, 2023
Page 59 of 71
7.6 ManageWP
We manage this website with the help of the tool ManageWP. The provider is GoDaddy.com
WP Europe, Trg republike 5, 11000 Belgrade, Serbia (hereinafter ManageWP).
With ManageWP, we can, among other things, monitor the security and performance of our website and make automatic backups.
and make automatic backups. ManageWP thus has access to
all contents of the Website, including our databases. ManageWP is hosted on the
hosted on the provider’s servers.
The use of ManageWP is based on Art. 31 para. 1 DSG. The
website operator has a legitimate interest in ensuring the most effective and secure possible
operation of its website(s). If a corresponding consent has been requested,
the processing is carried out exclusively on the basis of Art. 31 Para. 1 DSG, insofar as the
consent permits the storage of cookies or access to information in the user’s terminal
of the user (e.g. device fingerprinting). The consent can be revoked at any time.
Order processing
We have concluded a contract on order processing (AVV) with the above-mentioned
provider mentioned above. This is a contract prescribed by data protection law which ensures that
data protection law, which guarantees that this provider will only process the personal data
of our website visitors only in accordance with our instructions and in compliance with the DSG
processed.
valid from September 1, 2023
Page 60 of 71
8. eCommerce and payment providers
8.1 Processing of customer and contract data
We collect, process and use personal customer and contract data to
Establishment, content design and modification of our contractual relationships.
Personal data about the use of this website (usage data)
we collect, process and use only to the extent necessary to enable the user to use the service.
to enable the user to use the service or to bill him for it. The legal basis for this
is Art. 31 para. 2 lit. a DSG.
The collected customer data will be stored after completion of the order or termination of the
business relationship and expiry of any existing statutory retention periods.
deleted. Legal retention periods remain unaffected.
8.2 Data transfer upon conclusion of contract for online stores,
Dealers and shipment of goods
If you order goods from us, we will pass on your personal data to the transport company entrusted with the
transport company entrusted with the delivery and to the payment service provider
payment service provider. Only such data will be disclosed that
the respective service provider needs to fulfill its task. The legal basis for this is
Art. 31 para. 2 lit. a DSG, which permits the processing of data for the fulfillment of a contract or
pre-contractual measures. Provided that you have given a corresponding consent in accordance with
Art. 31 para. 1 DSGerteilt, we will give your e-mail address to the delivery entrusted
delivery, so that they can inform you by e-mail about the shipping status of your order.
status of your order by e-mail; you can revoke this consent at any time.
revoke.
valid from September 1, 2023
Page 61 of 71
8.3 Data transfer upon conclusion of contract for services
and digital content
We transmit personal data to third parties only if this is necessary within the scope of the
necessary for the execution of the contract, for example to the credit institute commissioned with
credit institution.
A further transmission of data does not take place or only if you have expressly consented to the transmission.
expressly agreed to the transmission. A transfer of your data to third parties without
express consent, for example for advertising purposes, will not be made.
The basis for data processing is Art. 31 Para. 2 lit. a DSG, which permits the processing of
data for the fulfillment of a contract or pre-contractual measures.
8.4 Credit checks
In the case of a purchase on account or any other method of payment for which we provide advance
we may carry out a credit assessment procedure (scoring). For this purpose
data (e.g. name, address, age or bank details) to a credit agency.
a credit agency. On the basis of this data, the probability of a
of a payment default is determined. In the event of an excessive risk of non-payment, we may refuse the
refuse the relevant type of payment.
The credit check is carried out on the basis for the fulfillment of the contract (Art. 31 para. 2 lit. a DSG)
as well as for the avoidance of payment defaults (legitimate interest according to Art. 31 para. 1
DSG). If consent has been obtained, the credit check is carried out on the basis of
of this consent (Art. 6 para. 1 lit. ART. 31 ABS. 1 DSG); the consent can be revoked at any time.
revocable at any time.
8.5 Payment services
We integrate payment services from third-party companies on our website. When you make a
purchase from us, your payment data (e.g. name, payment amount,
account details, credit card number) processed by the payment service provider for the purpose of
payment processing. For these transactions, the respective contract and
valid from September 1, 2023
Page 62 of 71
data protection provisions of the respective providers apply to these transactions. The use of the payment service providers
is carried out on the basis of Art. 31 para. 2 lit. a DSG (contract processing) as well as in the interest of
smooth, convenient and secure payment process (Art. 31 para. 1 DSG).
DSG). Insofar as your consent is requested for certain actions, Art. 31 para. 1
DSGlegal basis for data processing; consent can be revoked at any time for the future.
revocable at any time in the future.
We use the following payment services / payment service providers within the scope of this website:
8.6 PayPal
The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard
Royal, L-2449 Luxembourg (hereinafter “PayPal”).
The data transfer to the USA is based on the standard contractual clauses of the EU Commission.
based. Details can be found here: https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.
For details, see PayPal’s privacy policy:
https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
8.7 Stripe
Provider for customers within the EU is Stripe Payments Europe, Ltd,1 Grand Canal
Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter “Stripe”).
The data transfer to the USA is based on the standard contractual clauses of the EU Commission.
based. Details can be found here: https://stripe.com/de/privacy and
https://stripe.com/de/guides/general-data-protection-regulation.
Details can be found in Stripe’s privacy policy at the following link.
read: https://stripe.com/de/privacy.
Effective September 1, 2023
Page 63 of 71
8.8 Sofort Bank Transfer
The provider of this payment service is Sofort GmbH, Theresienhöhe 12, 80339 Munich, Germany.
(hereinafter “Sofort GmbH”). With the help of the procedure “Sofortüberweisung” we receive
confirmation of payment in real time from Sofort GmbH and can immediately begin with the
begin with the fulfillment of our obligations. If you have chosen the payment method
“Sofortüberweisung”, you transmit the PIN and a valid TAN to the
Sofort GmbH, with which the latter can log into your online banking account. Sofort
GmbH automatically checks your account balance after logging in and carries out the
transfer to us with the help of the TAN you have transmitted. Subsequently
it immediately sends us a transaction confirmation. After logging in
your turnover, the credit limit of the overdraft facility and the existence of other accounts and their
of other accounts and their balances are checked automatically. In addition to the PIN and TAN
the payment data you have entered as well as your personal data will be transmitted to the
Sofort GmbH. The data about your person are your first and last name, address
address, telephone number(s), e-mail address, IP address and, if applicable, other data required for
Payment processing required data. The transmission of this data is necessary to
to establish your identity beyond doubt and to prevent fraud attempts. Details on the
Payment with Sofortüberweisung can be found in the following links:
https://www.sofort.de/datenschutz.html and https://www.klarna.com/sofort/.
8.9 Unzer
The provider of this payment service is Unzer GmbH, Vangerowstrasse 18, 69115
Heidelberg, Germany (hereinafter “Unzer”).
For details, please refer to Unzer’s privacy policy:
https://www.unzer.com/de/datenschutz/.
8.10. American Express
The provider of this payment service is American Express Europe S.A., Theodor-Heuss-Allee
112, 60486 Frankfurt am Main, Germany (hereinafter “American Express”).
valid as of September 1, 2023
Page 64 of 71
American Express may transfer data to its parent company in the United States. The
Data transfer to the USA is based on the Binding Corporate Rules. Details can be found
here: https://www.americanexpress.com/en-pl/company/legal/privacy-
center/european-implementing-principles/.
For more information, please see the American Express privacy policy:
https://www.americanexpress.com/de/legal/online-datenschutzerklarung.html.
8.11. Mastercard
The provider of this payment service is Mastercard Europe SA, Chaussée de Tervuren 198A,
B-1410 Waterloo, Belgium (hereinafter “Mastercard”).
Mastercard may transfer data to its parent company in the United States. The
Data transfer to the USA is based on Mastercard’s Binding Corporate Rules.
Details can be found here: https://www.mastercard.de/de-de/datenschutz.html and
https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf.
valid as of September 1, 2023
Page 65 of 71
8.12. VISA
The provider of this payment service is Visa Europe Services Inc, Branch.
London, 1 Sheldon Square, London W2 6TT, United Kingdom (hereinafter “VISA”).
The United Kingdom is considered a secure third country under data protection law. This means that
United Kingdom has a level of data protection that corresponds to the level of data protection in the
European Union.
VISA may transfer data to its parent company in the United States. The data transfer
to the USA is based on the standard contractual clauses of the EU Commission. Details can be found
here: https://www.visa.de/nutzungsbedingungen/visa-globale-
data-protection-notice/notice-of-status-questions-for-the-evr.html.
For more information, see VISA’s privacy policy:
https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.
8.13. PayU
Laedi Ortho offers the payment option via PayU, MIH PayU B.V. with registered office in.
Amsterdam, the Netherlands, registration number 52117839 (“PayU”), such as payment in advance, payment by credit card
credit card and payment on account. For this purpose, payment data may be transmitted to
PayU may be transmitted. Further information about the processing
personal data by this payment service provider can be found in the
Privacy Policy of PayU: https://corporate.payu.com/privacy/.
8.14. Payment services
We include third-party payment services on our website. When you make a
purchase from us, your payment data (e.g. name, payment amount,
account details, credit card number) is processed by the payment service provider for the purpose of
payment processing. For these transactions, the respective contract and
data protection provisions of the respective providers apply to these transactions. The use of the payment service providers
is carried out on the basis of Art. 31 Para. 2 lit. a DSG (contract processing) as well as in the interest of
of a payment transaction that is as smooth, convenient and secure as possible (Art. 31 para. 1
valid from September 1, 2023
Page 66 of 71
DSG). Insofar as your consent is requested for certain actions, Art. 31 para. 1
DSG is the legal basis for data processing; consent can be revoked at any time in the future.
revocable at any time in the future. We use the following payment services / payment service providers within the scope of this
website:
8.15. Apple Pay
The provider of the payment service is Apple Inc, Infinite Loop, Cupertino, CA 95014, USA. The
Privacy Policy of Apple can be found at: https://www.apple.com/legal/privacy/de-
ww/.
8.16. Google Pay
The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The
Privacy Policy of Google can be found here: https://policies.google.com/privacy.
8.17. Amazon Pay
The provider of this payment service is Amazon Payments Europe S.C.A., 38 Avenue J.F.
Kennedy, L-1855 Luxembourg.
Details on the handling of your data can be found in the privacy policy of Amazon
Pay at the following link:
https://pay.amazon.de/help/201212490?ld=APDELPADirect.
Valid as of September 1, 2023
Page 67 of 71
9. audio and video conferencing
9.1 Data processing
For communication with our customers, we use, among other things, online conferencing
tools. The tools we use in detail are listed below. When you communicate with
us via video or audio conference over the Internet, your personal data will be
personal data is collected and processed by us and the provider of the respective conference tool.
and processed.
The conferencing tools collect all data that you provide/enter for the use of the tools
(e-mail address and/or your telephone number). Furthermore, the conference tools process
the conference tools process the duration of the conference, start and end (time) of participation in the
conference, number of participants, and other “contextual information” related to the
with the communication process (metadata).
Furthermore, the provider of the tool processes all technical data that is necessary for the handling
of the online communication. This includes in particular IP addresses, MAC
addresses, device IDs, device type, operating system type and version, client version,
camera type, microphone or loudspeaker as well as the type of connection.
If content is exchanged, uploaded or otherwise made available within the tool, it is also
provided within the tool, this is also stored on the servers of the tool providers.
stored. Such content includes, in particular, cloud recordings, chat/immediate messages, voicemails, etc.
instant messages, voicemails, uploaded photos and videos, files, whiteboards and other
other information shared while using the Service.
Please note that we do not have full control over the
Data processing operations of the tools used. Our options are
largely depend on the corporate policy of the respective provider. Further notes
on data processing by the conference tools can be found in the
privacy statements of the tools used, which we have listed below this text.
listed below.
valid as of September 1, 2023
Page 68 of 71
9.2 Purpose and legal basis
The conference tools are used to communicate with prospective or existing
contracting partners or to offer certain services to our
Customers (Art. 31 para. 2 lit. a DSG). Furthermore, the use of the tools serves the
general simplification and acceleration of the communication with us or our
company (legitimate interest within the meaning of Art. 31 para. 1 DSG). Insofar as
consent has been requested, the tools in question are used on the basis of this consent.
This consent can be revoked at any time with effect for the future.
9.3 Storage period
The data directly collected by us via the video and conference tools will be deleted from our
deleted from our systems as soon as you request us to delete it, revoke your consent to the
storage or the purpose for storing the data no longer applies. Stored
Cookies remain on your terminal device until you delete them. Mandatory legal
retention periods remain unaffected.
We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes.
purposes, we have no influence on the storage period of your data. For details on this
please contact the operators of the conference tools directly.
valid as of September 1, 2023
Page 69 of 71
9.4 Conference tools used
We use the following conferencing tools:
9.5. webex
We use Webex. The provider of this service is Webex Communications Deutschland
GmbH, Hansaallee 249 c/o Cisco Systems GmbH, 40549 Düsseldorf, Germany.
It cannot be ruled out that the data processed with WebEx may be transferred to
third countries (e.g. to the USA). Webex has Binding Corporate
Rules (BCR) that have been approved by Dutch, Polish, Spanish and other relevant
European data protection regulators. These are
binding corporate rules that prohibit the transfer of data within a company to third
data transfer to third countries outside the EU and the EEA. Details
can be found here: https://www.cisco.com/c/de_de/about/trust-center/data-protection-and-
privacy-policy.html and
https://konferenzen.telekom.de/fileadmin/Redaktion/conference/cisco-
webex/Webex_Compliance_German_V1.0.pdf.
For details on data processing, see the Webex privacy policy:
https://www.cisco.com/c/de_de/about/legal/privacy-full.html.
Order processing
We have concluded an order processing agreement (AVV) with the above-mentioned
provider mentioned above. This is a contract prescribed by data protection law which
data protection law, which guarantees that this provider will only process the personal data
of our website visitors only in accordance with our instructions and in compliance with the DSG
processed.
valid from September 1, 2023
Page 70 of 71
10. own services
10.1 Handling of applicant data
We offer you the opportunity to apply to us (e.g., by e-mail, postal mail or
via online application form). In the following, we will inform you about the scope, purpose and
and use of your personal data collected in the course of the application process.
data. We assure you that the collection, processing and use of your data will be in
in accordance with applicable data protection law and all other statutory provisions.
and that your data will be treated in strict confidence.
10.2 Scope and purpose of data collection
When you send us an application, we process your associated
personal data (e.g. contact and communication data,
application documents, notes taken during job interviews, etc.), insofar as this is necessary
is necessary for the decision on the establishment of an employment relationship.
The legal basis for this is Art. 31 Par. 2 lit. a DSG (general contract initiation) and – if you have given your
if you have given your consent – Art. 31 para. 1 DSG. The consent can be
revocable. Your personal data will be passed on within our company
exclusively to persons who are involved in the processing of your application.
involved in processing your application.
If the application is successful, the data submitted by you will be used on the basis of Art.
on the basis of Art. 31 Para. 2 lit. a DSG (German Data Protection Act) for the purpose of carrying out the
employment relationship in our data processing systems.
valid as of September 1, 2023
Page 71 of 71
10.3 Retention period of the data
If we are unable to make you an offer of employment, if you decline an offer of employment, or if you
withdraw your application, we reserve the right to retain the data you have provided on the basis of our
data on the basis of our legitimate interests (Art. 31 Para. 1 DSG) for a period of up to six
months from the end of the application process (rejection or withdrawal of the application).
application) to be stored by us. After this period, the data will be deleted and the
physical application documents are destroyed. The retention serves in particular
purposes of proof in the event of a legal dispute. If it is evident that the data will be required
the expiry of the 6-month period (e.g. due to an impending or pending legal dispute), the data is
pending litigation), the data will not be deleted until the purpose for which it was
for further storage ceases to apply.
Longer storage may also take place if you have given us a corresponding
have given your consent (Art. 31 Para. 1 DSG) or if there are legal storage
legal obligations to retain data prevent deletion.
10.4 Inclusion in the applicant pool
If we do not make you a job offer, there may be the possibility of including you in our
applicant pool. In the event of inclusion, all documents and information
application will be transferred to the applicant pool in order to contact you in the event of suitable
contact you in case of suitable vacancies.
The inclusion in the applicant pool is based exclusively on your
express consent (Art. 31 para. 1 DSG). The provision of consent is voluntary
and is not related to the current application process. The person concerned can
revoke his consent at any time. In this case, the data will be irrevocably deleted from the
deleted irrevocably from the applicant pool, provided that there are no legal reasons for
exist.
The data from the applicant pool will be irrevocably deleted at the latest two years after the
irrevocably deleted no later than two years after consent is given.