Information according to Article 13 GDPR of CRIF GmbH
Information according to Article 13 GDPR of CRIF GmbH
These duties to provide information apply to the processing of personal data by us as the controller with regard to visits to our webpages www.crif.de.
Legally independent and responsible partners of CRIF GmbH
1. CRIF Bürgel Wirtschaftsinformationen Aachen Dammers & Bittner GmbH, address for the website at https://www.crifbuergel.de/de/standorte/aachen
2. BÜRGEL Wirtschaftsinformationen Georg Leimeister, address for the website at https://www.crifbuergel.de/de/standorte/aschaffenburg
3. CRIFBÜRGEL Hannover Bielefeld GmbH & Co. KG, address for the website at https://www.crifbuergel.de/de/standorte/bielefeld
4. "CRIF Bürgel-Chemnitz" Richter GmbH & Co. KG, address for the website at https://www.crifbuergel.de/de/standorte/chemnitz
5. CRIF Bürgel Coburg GmbH, address for the website at https://www.crifbuergel.de/de/standorte/coburg
6. BÜRGEL DRESDEN SCHARF GMBH, address for the website at https://www.crifbuergel.de/de/standorte/dresden
7. Bürgel Wirtschaftsinformationen Duisburg Inh. Marko Freche e.K., address for the website at https://www.crifbuergel.de/de/standorte/duisburg
8. BÜRGEL ESSEN Schaltmann GmbH & Co. KG; address for the website at https://www.crifbuergel.de/de/standorte/essen
9. CRIF Bürgel Frankfurt (Oder) GmbH; address for the website at https://www.crifbuergel.de/de/standorte/frankfurt-oder
10. CRIFBÜRGEL Regina Walzel-Loos & Ralph Krödel GbR; address for the website at https://www.crifbuergel.de/de/standorte/gera
11. Wanke KG. Handels- und Wirtschaftsinformationsdienst, Inkassobüro; address for the website at https://www.crifbuergel.de/de/standorte/giessen
12. CRIF Bürgel Grünzig GmbH & Co. KG; address for the website at https://www.crifbuergel.de/de/standorte/halle
13. CRIF Bürgel Iserlohn Jürgen Vogt e.K.; address for the website at https://www.crifbuergel.de/de/standorte/iserlohn
14. Martin Kirch KG; address for the website at https://www.crifbuergel.de/de/standorte/kaiserslautern
15. Bürgel Kassel Kilian & Wojacek GbR; address for the website at https://www.crifbuergel.de/de/standorte/kassel
16. Bernd Wefelscheid Bürgel Rheinland; address for the website at https://www.crifbuergel.de/de/standorte/koblenz
17. CRIF BÜRGEL Potsdam GmbH; address for the website at https://www.crifbuergel.de/de/standorte/potsdam
18. CRIF Bürgel Ressmann GmbH & Co. KG; address for the website at https://www.crifbuergel.de/de/standorte/reutlingen
19. CRIF Bürgel Saar Yvonne Böhm e.K.; address for the website at https://www.crifbuergel.de/de/standorte/saarland
20. Elmar Dömer Inh. Claudia Dömer e.K. Bürgel Siegen; address for the website at https://www.crifbuergel.de/de/standorte/siegen
21. CRIF Bürgel Ressmann Ulm e.K.; address for the website at https://www.crifbuergel.de/de/standorte/ulm
22. Buck KG; address for the website at https://www.crifbuergel.de/de/standorte/wuerzburg
1. Name and contact details of the company data protection officer
CRIF GmbH, Victor-Gollancz-Str. 5, 76137 Karlsruhe, Tel.: +49 721 25511-0
The company data protection officer of CRIF GmbH can be contacted at the above address, FAO Data Protection department or by email to datenschutz@crif.com.
2. Data processing by CRIF GmbH
2.1 Purposes of data processing, legal bases, retention period
When you visit our website, we collect, process and use personal data to the extent permitted by law or necessary for processing or if you have given your consent for this.
a) Visiting our website
When you visit our homepage, the web server of our website automatically processes information every time you visit it. This data is only used for statistical evaluations for the purpose of the operation, security and optimisation of the offer.
The legal basis for the collection of data via log files is point (b) of Article 6 (1) GDPR (for the fulfilment of the contract for the use of the homepage) and point (c) of Article 6 (1) GDPR (for the security of data processing). Furthermore, we have a legitimate interest within the meaning of point (f) of Article 6 (1) GDPR to continually improve and optimise the offering on our homepage in the interests of the users.
The data collected and stored via server log files is deleted after 7 days at the latest or - in the case of IP addresses - made anonymous by truncation.
b) Newsletter
You can subscribe to our free newsletter on our website. The registration takes place via a "double opt-in procedure". This means that after registration you will receive another email with a confirmation link. This validation is necessary to verify your email address.
The legal basis for sending the email is point (a) of Article 6 (1) GDPR (consent).
You can unsubscribe from our newsletter at any time. You will find a link to unsubscribe at the end of each newsletter. Deregistration is also seen as revocation of your consent. In this case, the data you have provided will be deleted.
c) Use of our online contact form
For further information about our services, please contact us via our online contact form. Your data will be stored in our Customer Relationship Management system ("CRM system") and forwarded internally for further processing. All personal data with which you provide us in connection with this contact request will be used only for the purposes of responding to your enquiry or making contact with you, and for the associated technical administration.
The legal basis for data processing is point (a) of Article 6 (1) GDPR (consent) or point (b) of Article 6 (1) GDPR (implementation of pre-contractual measures).
The enquiries will be deleted after two years at the latest. Legal retention periods shall be observed accordingly.
d) Order for address determination
You can place an order for address determination via our homepage. In such a case, the data provided by you will be used by our subsidiary, EURO-PRO Gesellschaft für Data Processing mbH, Lindenhof 1-3, 61279 Grävenwiesbach, for contract processing and will not be passed on to other third parties. EURO-PRO is responsible for the further processing of this data. EURO-PRO's Privacy Policy can be found at the following link: https://www.europro.de/datenschutz/
e) Data processing for online enquiries from data subjects
Personal data is collected, processed and used by us to the extent necessary to process your request for a data copy according to Article 15 GDPR. We also use your information as part of this process to update our CRIF GmbH database. For more information on the CRIF Bürgel process, please visit www.crif.de/en/privacy
f) Providing information
You may provide us with personal data relating to your business activities to enrich the database. This personal data will be made available to customers upon request and presentation of a legitimate interest.
Personal data of the person(s) entering the data on the CRIF GmbH website will only be used for administrative and technical reasons and up to a maximum of 180 days as well as in the context of possible legal disputes arising before the expiry of the deletion periods.
You can find more information on the CRIF procedure at www.crif.de/en/privacy
The legal basis for data processing here is point (a) of Article 6 (1) GDPR (consent) or point (b) of Article 6 (1) GDPR (implementation of (pre-)contractual measures).
Participation of our contractual partners in customer satisfaction surveys
As part of our annual customer satisfaction survey, we process personal data of participants. We process the participant's surname, first name, email address, telephone number and employer on a voluntary basis. The legal basis for data processing is Article 6(1)(f) GDPR. We transfer the data to our service provider Lamano GmbH & Co. KG (LamaPoll). The privacy policy of Lamano GmbH & Co. KG can be found here. We store the data until the customer satisfaction survey has been evaluated, at the latest 8 weeks after completion.
h) Participation in video conferences
CRIF processes personal data in connection with the preparation, implementation and follow-up of online meetings, video conferences and/or webinars (hereinafter: web meetings) using ‘Cisco Webex’.
Scope of processing
When using ‘Cisco Webex’, various types of personal data are processed. The scope of the data also depends on the information you provide before or during your participation in a web meeting. CRIF processes personal data aonly to the extent and for as long as this is necessary for the preparation, implementation and follow-up of online meetings.
When participating in a web meeting, depending on the settings selected and the content used, the following personal data, among other things, will be processed:
• User data: first name, last name, email address, profile picture (not mandatory)
• Meeting information: topic, description, participant IP addresses, device/hardware information, e.g. browser
• Transmission data: the transmitted audio signal, the transmitted image signal of the participants, if applicable, and any presentation data transmitted when using the screen sharing function.
When dialling in by telephone: information about the incoming and outgoing telephone number, country name, start and end time of the call, and, if applicable, additional connection data such as the IP address of the device.
Text, audio and video data: You may have the option of using the chat, question or survey function in a web meeting. In this case, the text you enter will be processed in order to display it in the web meeting. To enable the display of video and the playback of audio, data from the microphone of your end device and from any video camera on the end device will be processed for the duration of the meeting. You can switch off or mute the camera and/or microphone yourself at any time using the ‘Cisco Webex’ applications.
In order to participate in an online meeting or to enter the meeting room, you must provide at least your name.
CRIF uses ‘Cisco Webex’ to conduct online meetings. We do not record text, audio or video files in the context of ‘online meetings’.
Recording by participants is also not permitted.
Purposes and legal basis of processing
We process your data for the preparation, implementation and follow-up of web meetings within the scope of CRIF's business operations for internal communication, but also for communication with third parties, and for this purpose we use the software-as-a-service video conferencing solution ‘Cisco Webex’ from Cisco Systems Inc. based in San Jose, California (United States).
The ‘Cisco Webex’ tool is used to perform these tasks digitally.
The legal basis for the processing of personal data is Art. 6 (1) lit. f) GDPR.
External participants also declare their consent to the processing of personal data relating to their participation in a web meeting – at least implicitly – by participating in a web meeting. We expressly point this out in the invitation, which also contains the necessary meeting link. The consent constitutes a legal basis for data processing in accordance with Art. 6 (1) lit. a GDPR.
Note: Participants in web meetings can switch off or mute their camera and/or microphone at any time using the ‘Cisco Webex’ applications. The personal text, audio and video data of participants will be collected and processed if they contribute to the web meeting themselves by using/activating the corresponding function via chat, audio or video. The legal basis for external participants outside CRIF is consent in accordance with Art. 6 para. 1 lit. a) GDPR. By confirming the corresponding functions in ‘Cisco Webex’, participants implicitly declare their consent to the corresponding data processing.
Recipients of personal data
Personal data processed by CRIF in connection with the preparation, implementation and follow-up of web meetings is not generally passed on by CRIF to third parties outside the CRIF Group.
We use Cisco Webex, a software-as-a-service video conferencing solution from Cisco Systems Inc. based in San Jose, California (United States of America), to host web meetings. A corresponding agreement on data processing on behalf of CRIF has been concluded.
In this context, the user data required for the use of the service is passed on to CRIF's processor for the purpose of conducting the web meetings.
Data processing outside the European Union
‘Cisco Webex’ is a service provided by Cisco Systems Inc., which is based in the USA. Personal data may therefore also be processed in a third country. Cisco's privacy policy can be found here.
Data processing outside the European Union
‘Cisco Webex’ is a service provided by Cisco Systems Inc., which is based in the USA. Personal data may therefore also be processed in a third country. Cisco's privacy policy can be found here.
2.2 Categories of personal data that are processed
• When you visit our website, the name of the website you visited, the file you accessed, the date and time of access, the amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider
• When you subscribe to our newsletter, we collect your email address and, if applicable, your name and address
• Information on postal (non-)availability
• Information on functional characteristics, including the beneficial owner in companies, associations or foundations
• Information about you, e.g. surname (including previous surnames, which will be provided upon separate request), first name, date of birth, place of birth, address, previous addresses, email address(es), telephone number(s), tax identification number, consent data, bank details (if applicable), proof of income, device data
• Information on personal data that we transfer to our legal credit information database as part of a self-disclosure requested by the data subject, e.g. surname, first name, address, email address(es), telephone number(s), video recording
2.4 Categories of recipients of personal data
We only transfer your personal data for the purposes stated above. We have commissioned the following processors in connection with the provision of our websites and related services in accordance with Article 28 of the GDPR:
Our websites are technically operated and administered by redRobin. Brand Marketing Communications GmbH Virchowstraße 65b, 22767 Hamburg. The data protection provisions of redRobin. Brand Marketing Communications GmbH can be viewed at https://www.red-robin.de/de/datenschutz. Our websites are also hosted by pop-interactive GmbH, Wendenstraße 408, 20537 Hamburg, as a processor in accordance with Article 28 of the GDPR. The privacy policy of pop-interactive GmbH can be viewed at https://www.pop-i.de/privacy.
Our newsletter is sent by the mailing service provider Newsletter2Go GmbH, Köpenicker Strasse 126, 10179 Berlin, as a processor in accordance with Article 28 of the GDPR. The data protection provisions of Newsletter2Go can be viewed at https://www.newsletter2go.de/datenschutz/.
Other recipients may be external contractors of CRIF GmbH in accordance with Article 28 of the GDPR as well as external and internal CRIF departments. Many systems and technologies are shared within the CRIF Group. This enables CRIF GmbH to offer its contractual partners a more secure and uniform service. For this reason, within the CRIF Group, those companies and departments that require your data to fulfil the contractual and legal obligations of CRIF GmbH or to perform their respective functions within the CRIF Group will have access to your data.
In addition, data is transferred within the CRIF Group in compliance with the legal framework for the enrichment and updating of the data inventory. CRIF GmbH works with other technical service providers in order to be able to provide its services to its contractual partners.
If these service providers process personal data of data subjects outside the European Union, this may result in the transfer of this data to a country with a lower standard of data protection than that in the European Union. In such cases, CRIF GmbH ensures that the service providers in question guarantee an equivalent level of data protection by contract or other means. CRIF GmbH is also subject to the legal powers of intervention of state authorities.
2.5 Duration of data storage
CRIF GmbH only stores information about individuals for a specific period of time. The decisive criterion for determining this period is necessity.
Please refer to section 2.1 for the storage period for direct collection. If the information is transferred to the credit reference database, the storage periods set out in the Code of Conduct of the Association of Credit Reference Agencies (Verband ‘Die Wirtschaftsauskunfteien e. V.’), which can be viewed online at https://www.crif.de/code-of-conduct/, apply.
3. Rights of data subjects
Every data subject has the right to information from CRIF GmbH in accordance with Article 15 of the GDPR, the right to rectification in accordance with Article 16 of the GDPR, the right to erasure in accordance with Article 17 of the GDPR and the right to restriction of processing in accordance with Article 18 of the GDPR, as well as the right to data portability in accordance with Article 20 of the GDPR. In addition, you can contact the supervisory authority responsible for CRIF GmbH, the Bavarian State Office for Data Protection Supervision. Consent can be revoked at any time by contacting the relevant contractual partner.
According to Article 21(1) GDPR, data processing may be objected to on grounds relating to the particular situation of the data subject (e.g. residence in a women's shelter). The objection may be made informally and should be addressed to CRIF GmbH, Victor-Gollancz-Str. 5, 76137 Karlsruhe, Germany.
Cookies
We use cookies on our websites. Cookies are small text files that are automatically stored locally in the cache of your web browser on your device when you visit our site.
The cookie stores information that is related to the specific device used, such as language settings or screen resolutions. However, this does not mean that we immediately gain knowledge of your identity. Cookies are used, among other things, to enable certain functions of the websites and for technical session control.
We use so-called session cookies to recognise that you have already visited individual pages of our website within a session and to enable session control, e.g. to store form entries or shopping baskets during the session. Session cookies are deleted at the latest when you close your web browser.
In addition, we use temporary cookies to optimise and ensure user-friendliness, which are stored in the web browser of your end device for a defined period of time. If you visit our site again, it will automatically recognise that you have already visited our websites and what settings you have made so that you do not have to make them again.
We also use tracking cookies to statistically record the use of our website and to evaluate it for the purpose of optimising and advertising our offer. These cookies enable us to automatically recognise your device when you visit our site again and to locate it to a certain extent via IP addresses. These cookies are also automatically deleted after a defined period of time, at the latest after 365 days. More details can be found in the following chapter on web analysis.
Cookies that are necessary for the functioning of the website, cookies for session control and session cookies are processed in accordance with Article 6(1)(b) GDPR (performance of a contract). Data processing using cookies to optimise the websites and ensure user-friendliness is carried out in accordance with Article 6(1)(f) GDPR (legitimate interest) and for advertising purposes and web analysis in the case of tracking cookies in accordance with Article 6(1)(a) GDPR (consent).
You can also view our websites without cookies. However, most web browsers automatically accept cookies. You can set your web browser to prevent cookies from being stored or to always display a message before a new cookie is created. You can also delete cookies via your web browser. However, deleting or deactivating cookies may mean that you cannot use all the functions of our website to the same extent.
The following links show how the settings of commonly used browsers can be adjusted: Chrome Firefox Internet Explorer Safari.
5. Web analysis
a) Etracker
We use the web analysis service etracker, which is operated by etracker GmbH (‘etracker’) in Germany. This service collects and stores data for marketing and optimisation purposes. This data can be used to create usage profiles under a pseudonym. Cookies may be used for this purpose. Etracker cookies do not contain any information that enables a user to be personally identified. For more information, please visit www.etracker.com/de/datenschutz.html.Der. Data collection and storage can be revoked at any time with future effect at www.etracker.de/privacy?et=ET_PARAMETER.
b)
We use the web analytics service LeadLogic GmbH, Attilastraße 18, 12529 Schönefeld. With the help of this service, we identify visitors to our website with addresses and other information. We use the data to contact potential new customers and existing customers from the company division in a targeted manner. The IP address of all visitors is compared with the company list of LeadLogic GmbH. If the match is negative, i.e. the IP address is not on the company list, it is not stored. This means that visits by natural persons are not recorded.
For more information, please visit www.leadlogic.de/datenschutz/
c.) We use the lead generation service provided by Leadinfo B.V., Rotterdam, Netherlands. This service recognises visits to our website by companies based on IP addresses and shows us publicly available information such as company names or addresses. In addition, Leadinfo sets two first-party cookies to evaluate user behaviour on our website and processes domains from form entries (e.g. ‘leadinfo.com’) in order to correlate IP addresses with companies and improve its services. For more information, please visit www.leadinfo.com. You can opt out on this page: www.leadinfo.com/en/opt-out. If you opt out, your data will no longer be collected by Leadinfo.
6. Cloudflare
On this website, we use a content delivery network (‘CDN’) and security services provided by the technology service provider Cloudflare Inc. 101 Townsend St. San Francisco, CA 94107, USA (‘Cloudflare’). A content delivery network is an online service that is used in particular to deliver large media files (such as graphics, page content or scripts) via a network of regionally distributed servers connected via the Internet.
Cloudflare also protects our website from attacks, improves loading times through a network of servers and helps us to optimise the loading speeds of our website. Processing is carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in the secure and efficient provision of its services, in the prevention of attacks and misuse, and in the improvement of the stability and functionality of our website. Through the use of the Data Localisation Suite, personal data is only stored and processed within the EU.
Further information can be found in Cloudflare's privacy policy at https://www.cloudflare.com/de-de/trust-hub/privacy-and-data-protection.
7. Google AdWords
We use the online advertising programme Google AdWords, which is operated by Google Inc. (‘Google’) in the USA and includes conversion tracking.
Cookies may be used for this purpose. The cookie for conversion tracking is set when a user clicks on an ad placed by Google. These cookies expire after 30 days and are not used for personal identification. If the user visits certain pages of this offer and the cookie has not yet expired, we and Google can recognise that the user clicked on the ad and was redirected to this page. Each Google AdWords customer receives a different cookie. Cookies cannot therefore be tracked via the websites of AdWords customers. The information collected using the conversion cookie is used to compile conversion statistics for AdWords customers who have opted for conversion tracking. Customers are informed of the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. Users who do not wish to participate in tracking can easily deactivate the Google conversion tracking cookie via their Internet browser under user settings. These users are not included in the conversion tracking statistics.
For more information, please visit www.google.com/intl/de/policies/privacy/.
8. Microsoft Advertising (Microsoft Ads)
We use the online advertising service Microsoft Advertising (Microsoft Ads), which is operated by Microsoft Corporation (One Microsoft Way, Redmond, WA 98052, USA). This enables advertisers to deliver their ads on Microsoft websites and services such as Bing, MSN, Outlook.com and others. Microsoft Ads uses various technologies and data collection methods to display and optimise personalised ads. Cookies and similar technologies are used to collect and store information about your activities on Microsoft services. For more information, please see Microsoft's cookie policy.
We use Microsoft Ads conversion tracking to target our ads to potential customers on other websites. The conversion tracking tool allows us to see which keywords, ads, ad groups and campaigns lead to desired customer actions. We can measure how many customers interact with our ads on a device or browser and then complete a conversion. Based on this data, we can evaluate the success of individual advertising measures and optimise our online marketing activities and make our website more appealing in order to achieve a higher return on investment (ROI).
We have integrated a conversion tracking tag on our website to better analyse certain visitor actions. Cookies and similar technologies may be used here to collect and store information about your activities on Microsoft services.
For more information, please see Microsoft's cookie policy. Microsoft Ads collects various types of data to provide and optimise personalised ads, as well as information about the device used to access Microsoft services, such as device type, IP address, browser type and version, and device settings and configurations.
When access to location data is permitted, Microsoft Ads collects your location to display ads that are relevant to your location. Microsoft Ads may collect data about which ads you clicked on, which searches you performed, and which pages you visited in order to understand your interests in certain topics and deliver personalised ads. In addition, Microsoft Ads may collect information about your age, gender, and other demographic data to provide personalised ads.
Microsoft may also link the data to other Microsoft services and products, such as Microsoft Advertising, Microsoft Analytics, and Microsoft Dynamics 365. Microsoft Ads also uses the data for analytical purposes to measure and improve the effectiveness of ads and to generate reports. Microsoft may share personal data with third parties as part of Microsoft Ads to provide and optimise personalised ads.
The legal basis for the use of Microsoft Ads conversion tracking is your consent in accordance with Article 6(1)(a) of the GDPR, which you can revoke at any time via the consent tool.
For more information about how Microsoft Ads uses conversion data and Microsoft's privacy policy, please visit: https://advertise.bingads.microsoft.com/en-us/resources/policies/privacy-and-data-protection-policies.
9. Plug-ins and social media
Social plug-ins, such as ‘Like’ buttons, are also used on our websites. Some of these plug-ins are technically operated in countries outside Germany and the European Union, although some are offered via national companies within the EU. When you open a page of our website in your web browser that contains such a plug-in, your web browser establishes a direct connection to the provider's servers in the respective country. Through the integration of the plug-ins, the provider receives at least the information that your web browser has visited a specific page of our website, and possibly also other information that your web browser or the device you are using discloses. The content of the plug-in is loaded directly from the provider by your web browser and integrated into our website. If you are registered and/or logged in with the provider in question, your visit may also be assigned to your user account. If you interact with a plug-in, e.g. call up directions, this information is also transmitted directly from your web browser to the provider, where it is stored and, if necessary, used further. The purpose and scope of the data collection described above are primarily marketing measures taken by the provider. You can find details on this and on your rights and settings options for protecting your privacy directly in the privacy policy of the respective provider. The legal basis for this data processing on our websites is Article 6(1)(f) GDPR (legitimate interests). We do not store any data relating to interaction with plug-ins. If you do not want a provider to collect data about you via our websites, you must deactivate plug-ins in your web browser. Certain functions, such as the display of maps, will then no longer be available. If you want to avoid a link to any existing user account, you must log out before visiting our websites.
a) Facebook
This website uses a plug-in from the social network Facebook (1601 South California Avenue, Palo Alto, CA 94304, USA). You can recognise this by the ‘Like’ button and the Facebook logo. Further information about Facebook plug-ins can be found at http://developers.facebook.com/docs/plugins/
When you visit this website, the plugin establishes a connection between the Facebook server and your browser. This informs Facebook that you have visited this website using the IP address you are using. You can link content from this website to your Facebook profile if you are logged into your Facebook account and click the ‘Like’ button. Facebook will then associate your visit to this website with your user account. Only Facebook has knowledge of the content of the data transmitted and its use. Learn more about Facebook's privacy policy at http://de-de.facebook.com/policy.php
b) Twitter
This offer uses a plugin from the Twitter service. This service is provided by Twitter Inc. (1355 Market St., Suite 900, San Francisco, CA 94103, USA). By using Twitter and the ‘Re-Tweet’ function, the websites you visit are linked to your Twitter account and made known to other users. Data is also transferred to Twitter. The provider has no knowledge of the content of the data transmitted or its use by Twitter.
For more information, please visit http://twitter.com/privacy
You can change your privacy settings on Twitter in your account settings athttp://twitter.com/account/settings.
c) XING
Our website uses functions of the XING network. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany.
Each time you visit one of our pages that contains XING functions, a connection to XING servers is established. To the best of our knowledge, no personal data is stored. In particular, no IP addresses are stored or usage behaviour evaluated.
The use of the XING plugin is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in the widest possible visibility on social media. Further information on data protection and the XING share button can be found in XING's privacy policy at: https://www.xing.com/app/share?op=data_protection.
d) LinkedIn
Our website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
Each time you access one of our pages that contains LinkedIn functions, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our website with your IP address. If you click on the LinkedIn ‘Recommend’ button and are logged into your LinkedIn account, LinkedIn can associate your visit to our website with you and your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by LinkedIn.
The use of the LinkedIn plugin is based on Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in the widest possible visibility on social media. Further information can be found in LinkedIn's privacy policy at: https://www.linkedin.com/legal/privacy-policy.
e) YouTube
Our website uses plugins from the Google-operated site YouTube. The operator of the site is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited.
If you are logged into your YouTube account, you enable YouTube to associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account. Further information on the handling of user data can be found in YouTube's privacy policy at https://www.google.de/intl/de/policies/privacy.
10. Data security
When you visit our website, we use the widely used TLS (Transport Layer Security) procedure in conjunction with the highest level of encryption supported by your browser. This is usually 256-bit encryption. You can recognise whether an individual page of our website is being transmitted in encrypted form by the closed display of the key or lock symbol in the status bar of your web browser.
Furthermore, we use appropriate technical and organisational measures to ensure that data processing is carried out in a manner appropriate to the risk, in particular to protect your data against manipulation or unauthorised access. In doing so, we take into account the state of the art. Our security measures are adapted in line with technological developments.
As of 11/07/25
