Aviso legal

Sensorberg GmbH
Chausseestraße 86
10115 Berlin
Alemania

Tel.: +49 30 - 54 45 28 900

Directores generales y responsables del contenido: Daniel Gillard y Tony Manthey

Correo electrónico: info@sensorberg.com
Soporte: support@sensorberg.com

Registro mercantil: Juzgado de Primera Instancia de Berlín Charlottenburg
Número de registro: HR 153333 B
NIF-IVA: DE292836759

Política de privacidad (sitio web)

La versión en español de esta información está en proceso. Mientras tanto, puede consultar la versión en inglés a continuación.

In this privacy statement we inform you about the processing of personal data in the use of our website (www.sensorberg.com). Personal data is information relating to an identified or identifiable person. This mainly includes information that allows conclusions to be drawn about your identity, such as your name, telephone number, address or e-mail address. However, certain identifiers such as your IP address or the device ID of your end device used also belong to personal data.

1. Responsible and contact person

The contact person and so-called controller for the processing of your personal data when visiting this website within the meaning of the General Data Protection Regulation (GDPR) is the

Sensorberg GmbH
Chausseestraße 86
10115 Berlin
Telefon: +49 30 54 45 289 00
E-Mail: info@sensorberg.com

For all questions relating to data protection in connection with our products or the use of our website, you can also contact our Data Protection Officer at any time. This can be reached at the postal address above and at the e-mail address previously indicated (source: ‘e.g. Data Protection Officer’). We expressly point out that when using this email address, the content will not be exclusively noted by our Data Protection Officer. Therefore, if you wish to exchange confidential information, first ask for direct contact via this email address.

2. Data processing on our website
2.1 Accessing our website / connection data

When using our website, we process connection data that your browser automatically transmits to allow you to visit the website. This connection data includes the so-called HTTP header information, including the user agent, and includes in particular:

IP address of the requesting device;
method (e.g. GET, POST), date and time of request;
the address of the requested website and path of the requested file;
the previously requested website/file (HTTP suppliers);
information on the browser used and the operating system;
version of the HTTP protocol, HTTP status code, size of the delivered file;
request information such as language, type of content, encoding of content, character sets;
cookies of the requested domain stored on the terminal equipment.

The data processing of this connection data is essential to enable the website to be visited, to ensure the lasting functioning and safety of our systems and to maintain our website administratively in general. The connection data shall also be stored in internal log files for the purposes described above, in time and content limited to what is necessary, for example in the case of repeated or criminal calls that jeopardise the stability and security of our website, to find the cause for this and to deal with it.

The legal basis for this processing is Art. 6(1)(b) GDPR, provided that the page call is made in the course of the initiation or implementation of a contract, and, moreover, Art. 6(1)(b) lit. b GDPR due to our legitimate interest in enabling the website to be accessed and the permanent functioning and security of our systems. However, the automatic transmission of the connection data and the log files developed therefrom are not access to the information in the terminal device within the meaning of the implementation laws of the ePrivacy Directive of the EU member countries, in Germany § 25 TDDDG. Moreover, it would in any case be absolutely necessary.

Logfiles are generally stored for 30 days and then deleted. By way of exception, individual log files and IP addresses will be retained longer to prevent further attacks from this IP address in cyber attacks and/or to prosecute the attacker.

2.2. Contact

You have different ways to contact us (especially email). In this context, we process your data exclusively for the purpose of communicating with you. For the integration of our contact form, we use the services of CloudCannon (266 Hanover Street, Central Dunedin, Dunedin 9016, New Zealand), with which we have concluded a corresponding contract processing agreement.

The legal basis for this processing is Art. 6(1)(b)GDPR, to the extent that your information is needed to respond to your request or to initiate or execute a contract, and, moreover, Art. 6(1)(b) GDPR on the basis of our legitimate interest, that you can contact us and we can answer your request. We make commercial telephone calls only if you have given your consent for this. If you are not an existing customer, we will only send you promotional emails on the basis of your consent. The legal basis in these cases is Art. 6(1)(a) GDPR in conjunction with § 7(2)(1) or (2) UWG.

The data collected upon contact by us will be automatically deleted after complete processing of your request, unless we still need your request to fulfil contractual or statutory obligations (see paragraph 7 ‘storage period’).

2.3. Newsletter

You have the opportunity to register for our newsletters in which we regularly inform you about innovations on our products and actions. For this purpose, we use the services of Odoo S.A. (Chaussée de Namur, 40, 1367 Grand Rosière, Belgium). A contract processing agreement was concluded with Odoo S.A.

2.3.1 Newsletter registration

We use the so-called double opt-in procedure for ordering our newsletters, i.e. we will only send you newsletters by e-mail if you confirm in our notification email by clicking on a link that you are the owner or the holder of the specified e-mail address. If you confirm your email address, we will store your email address, the date of registration and the IP address used to register until you complete the newsletter. Storage is for the sole purpose of sending you the newsletters and proving your registration. In addition, we measure whether our newsletter can be delivered at all.

The legal basis of the processing is your consent pursuant to Art. 6(1)(a) GDPR. These can revoke them at any time with effect for the future by ordering the newsletter back. A corresponding logging link is located in every newsletter. Of course, notification to the contact details specified above or in the newsletter (e.g. by e-mail or letter) is also sufficient.

2.3.2. Newsletter tracking

We want to share relevant content as much as possible for our customers via our newsletter and better understand what they are actually interested in. This is why in our newsletters we use customary technologies to measure the interactions with the newsletters (e.g. opening the email, clicked links). We use this data in pseudonymous form for general statistical evaluations as well as for the optimization and further development of our content and customer communication. This is done on the one hand with the help of small graphics embedded in the newsletters (so-called pixels) and when opening the email make a connection to the server of the images. On the other hand, we use links where we first register a click on this link and only then forward it to the desired target page.

The legal basis for this is your consent pursuant to Art. 6(1)(a) GDPR. Access to the information in the terminal equipment is then made on the basis of the implementation laws of the ePrivacy Directive of the EU member countries, in Germany pursuant to § 25(1) TDDDG. You can withdraw your consent for the analysis of the usage behavior at any time with effect for the future by ordering the newsletter. You can also stop measuring the opening of an email by deactivating graphics or the issuance of HTML content in your email program by default

2.4. Applications

You can apply to open positions with us via our application management system Personio der Personio GmbH, Rundfunkplatz 4, 80335 Munich. The purpose of data collection is to select candidates for the possible justification of an employment relationship. For receiving and processing your application, we process the following personal data in particular (hereinafter referred to as ‘application data’):

first and last name;
e-mail address, telephone number;
application documents (e.g. certificates, CV);
the date of entry into service as soon as possible;
salary statements;

The legal basis for the processing of your application data is Art. 6(1)(b) and Art. 88(1) GDPR in conjunction with § 26(1)(1) BDSG.

We store your personal data with receipt of your application. If we accept your application and there is an employment relationship, we store your application data as long as these are necessary for the employment relationship and insofar as statutory regulations give rise to a requirement to retain it.

If we refuse your application, we will store your application data for no more than three months after the rejection of your application, unless you give us your consent to a longer storage. If you have given us your consent separately in accordance with Art. 6(1)(a) GDPR, we will store your data transmitted in the course of the application in our pool of applicants for a further 12 months after the termination of the application procedure in order to identify any other interesting points for you and to address you again if necessary. At the end of the period, the data shall be deleted. You may revoke this consent at any time with effect for the future.

3. Use of tools on the website
3.1 Applied technologies

This website uses various services and applications (collectively “tools”), which are offered either by ourselves or by third parties. These include in particular tools that use technologies to store or access information in the terminal equipment:

Cookies: information stored on the terminal, consisting in particular of a name, value, storage domain and expiry date. So-called session cookies (e.g. PHPSESSID) will be deleted after the session, while so-called persistent cookies will be deleted from the specified expiry date. Cookies can also be removed manually.
Web Storage (Local Storage / Session Storage): information stored on the terminal device, consisting of a name and a value. Information in the session storage will be deleted after the session, while information in the local storage will not have an expiry date and will in principle remain stored unless a solution mechanism has been established (e.g. storage of a local storage with time entry). Local and session storage information can also be removed manually.
JavaScript: programming codes (scripts) embedded or upgraded in the website that, for example, set cookies and web storage or actively collect information from the terminal device or about the user behaviour of visitors. JavaScript can be used for “active fingerprinting” and the creation of usage profiles. By setting in the browser, JavaScript can be blocked, but most services will no longer work.
Pixel: a tiny graphic automatically charged by a service, which can enable visitors to be recognized by automatically transmitting the usual connection data (in particular IP address, information about browsers, operating system, language, requested address and time of call) and, for example, to identify the opening of an email or visiting a website. Pixels can thus be used to make ‘passive fingerprinting’ and create usage profiles. The use of pixels can be prevented, for example, by blocking images, for example in e-mails, but the representation is then severely restricted.

These technologies and also the pure connection building on one side make it possible to create so-called ‘fingerprints’, i.e. usage profiles that occur even without the use of cookies or web storage and can still recognise visitors. Fingerprints due to the connection structure cannot be completely prevented manually.

Most browsers are set by default to accept cookies, perform scripts and display graphics. However, you can usually adjust your browser settings in such a way that all or certain cookies are rejected or scripts and graphics blocked. If you completely block the storage of cookies, the display of graphics and the execution of scripts, our services are not expected to work or not without interference.

Below, the tools we use are listed by category, whereby we notify you in particular of the providers of the tools, the storage period of cookies or information in the Local Storage and Session Storage and the transfer of the data to third parties. It also explains the cases in which we obtain your voluntary consent to use the tools and how you can revoke them.

3.2 Legal basis and revocation

3.2.1 Legal basis

Tools necessary for web site operation we use due to our legitimate interest in accordance with Art. 6(1)(f) GDPR to provide the basic functions of our website. In certain cases, these tools may also be necessary for the fulfilment of a contract or for the implementation of pre-contractual measures, then processing takes place in accordance with Art. 6(1)(b) GDPR. Access to and storage of information in the terminal equipment is essential in these cases and takes place on the basis of the implementation laws of the ePrivacy Directive of the EU member countries, in Germany pursuant to § 25(2) TDDDG.

We use all other unnecessary (optional) tools that provide additional functions on the basis of your consent pursuant to Art. 6(1)(a) GDPR. Access to and storage of information in the terminal equipment is then carried out on the basis of the implementation laws of the ePrivacy Directive of the EU member countries, in Germany pursuant to § 25(1) TDDDG. Data processing using these tools takes place only if we have received your consent for this in advance.

If personal data are transferred to third countries, we refer to paragraph 6 (‘data transfer to third countries’), including with regard to the risks that may arise therefrom. We shall inform you if an adequacy decision exists for the third country concerned or standard contractual clauses or other guarantees have been concluded for the use of certain tools. If you have given your consent to the use of certain tools and to the accompanying transfer of your personal data to third countries, we will transmit the data processed in the use of the tools (also) to third countries on the basis of this consent in accordance with Art. 49(1)(a) GDPR.

3.2.2 Obtaining your consent

To collect and manage your consents, we use a banner provided by the company Tarte au Citron (Amauri Champeaux, SIRET 520 271 669, 4 RUE LEO VALENTIN, 34500 Béziers, France). This banner informs you about the data processing on our website and gives you the option to consent to all, some, or none of the optional tools. The banner appears during your first visit to our website and whenever you revisit the consent settings to change or withdraw your consent. It will also appear during future visits if you have disabled the storage of cookies or if the cookies or information in the local storage have been deleted or have expired.

During your visit to our website, the banner collects your consents or withdrawals, your IP address, information about your browser, your device, and the time of your visit. It also stores necessary information on your device to document the consents and withdrawals you have given. For this purpose, a technically necessary cookie named "tarteaucitron" is set, which stores your decisions made within the banner for one year.

The data processing is necessary to provide you with the legally required consent management and to comply with our documentation obligations. The legal basis for this usage is Article 6(1)(f) GDPR, based on our legitimate interest in fulfilling the legal requirements for consent management. Access to and storage of information on your device in these cases is strictly necessary and takes place based on the implementation laws of the EU ePrivacy Directive, in Germany according to § 25(2) TDDDG. We have concluded a data processing agreement with Tarte au Citron in accordance with Article 28 GDPR.

3.2.3 Withdraw your consent or change your selection

You may withdraw your consent for certain tools, i.e. for the storage and access to information in the terminal equipment, the processing of your personal data and the transfer of your data to third countries, at any time with effect for the future.

3.3 Necessary tools

We use certain tools to enable the basic functions of our website (“necessary tools”). These include, for example, tools for preparing and displaying website content, managing and integrating tools, ensuring the security of our website, as well as for a data-saving, easy reach analysis. Without these tools, we cannot provide our service. This is why necessary tools are used without consent.

The legal basis for necessary tools is the need to fulfil our legitimate interests in accordance with Art. 6(1)(f) GDPR in providing the respective basic functions and operating our website. Access to and storage of information in the terminal equipment is essential in these cases and takes place on the basis of the implementation laws of the ePrivacy Directive of the EU member countries, in Germany pursuant to § 25(2) TDDDG.

In the event that personal data are transferred to third countries, we refer to paragraph 6 (‘transmission of data to third countries’) in addition to the information provided below.

3.3.1 Matomo

This website uses Matomo, an open source analysis software for statistical evaluation of visitor access. Matomo is operated on our own webspace (on-premise) and no data is passed on to third parties. JavaScript is used.

Matomo has been configured by us in a privacy-friendly manner, based on the configuration recommendations of the French data protection authority CNIL. We have made the following settings on data protection at Matomo:

When using Matomo, no cookies are used or other information is stored on the terminal device.
The IP address is cut by 2 bytes immediately after receipt and stored only in abridged form.
Processing with regard to the approximate location and the creation of the daily changing user ID will only be done using the anonymised IP address.
Old visitor blogs are automatically deleted after 90 days.
The browser’s ‘Do Not Track’ signal is observed and, if the signal is transmitted, the use of Matomo is disabled.
It is possible to switch off the use of Matomo manually (Opt out).

The following data could be stored in the user log together with a daily changing user ID:

abridged IP address;
Referrer URL (previously visited page);
called pages (date, time, URL, title, residence time);
downloaded files;
clicked links to other websites;
achievement of specific objectives (conversions), where appropriate;
Technical information: operating system; browser type, version and language; device type, mark, model and solution;
Approximate location (country and, if applicable, city based on reduced IP address).

The legal basis for this data processing is our legitimate interest pursuant to Art. 6(1)(f) GDPR to carry out a simple and data-saving scope analysis and, on the basis of this, identify errors on our website and optimize our website. Access to and storage of information in the terminal equipment is then absolutely necessary and takes place on the basis of the implementation laws of the ePrivacy Directive of the EU member countries, in Germany pursuant to § 25(2) TDDDG.

Further information can also be found in Matomo’s data protection instructions: https://matomo.org/privacy/.

3.4 Marketing tools

We also use optional tools for advertising purposes (‘marketing tools’). Some of the access data generated in the use of our website are used to create usage profiles that store in particular your usage behaviour, the advertisements viewed or clicked on by you and, from this, the classification into advertising categories, interests and preferences. By analysing and evaluating these access data, we are able to present you personalised advertising, i.e. advertising that meets your actual interests and needs, on our website and on the websites and services of other providers. In doing so, we also analyse your usage behaviour in order to recognise you on other pages and address you personalised on account of your use of our page (so-called retargeting). In addition, we evaluate the effectiveness and success of our advertising campaigns (in particular so-called conversions and leads).

The legal basis is your consent pursuant to Art. 6(1)(a) GDPR. Access to and storage of information in the terminal equipment is then carried out on the basis of the implementation laws of the ePrivacy Directive of the EU member countries, in Germany pursuant to Section 25(1) TDDDG. For the revocation of your consent, see 3.2.3: “Revocation of your consent or change of your choice”.

In the event that personal data are transferred to third countries, we refer to paragraph 6 (‘transmission of data to third countries’) in addition to the information provided below.

The data collected may include in particular:

the IP address of the device;
the information of a cookie and in the local or session storage;
the device identification of mobile devices (e.g. device ID, advertising ID);
Referrer URL (previously visited page);
called pages (date, time, URL, title, residence time);
downloaded files;
clicked links to other websites;
achievement of specific objectives (conversions), where appropriate;
Technical information: operating system; browser type, version and language; device type, mark, model and solution;
Approximate location (country and, if applicable, city).

However, the data collected are stored exclusively pseudonymously, so that no direct conclusions can be drawn about the persons.

3.4.2 Google Ads

Our websites use the Google Ads service, which is offered to people from the European Economic Area and Switzerland by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland and to all other people by Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (collectively Google).

Google Ads captures and analyzes customer actions defined by us using Google Ads Conversion Tracking (such as clicking on a display, page views, downloads). “Google Ads Remarketing” we use to show you individualized advertising messages for our products on Google partner websites. Both services use cookies, JavaScript, pixels and other technologies.

The following cookies are set and read by Google:

„IDE“ (390 days): recognition and distinction of visitors through a user ID, recording interaction with advertising, playing personalized advertising.

The legal basis for this data processing is your consent pursuant to Art. 6(1)(a) GDPR. Access to and storage of information in the terminal equipment is then carried out on the basis of the implementation laws of the ePrivacy Directive of the EU member countries, in Germany pursuant to § 25(1) TDDDG.

In addition, Google also processes the data to improve and further develop its own products and services, to aggregate statistical evaluation of conversions and to improve the quality and accuracy of conversions.

Your personal data may also be transferred by Google Ireland Limited to Google LLC in the USA. Google LLC has acceded to the EU-US Data Privacy Framework, which is why the transmission in this case takes place on the basis of the adequacy decision for the USA pursuant to Art. 45 GDPR.

If you use a Google account, Google may link your web and app browser history to your Google account and use information from your Google account to personalize ads, depending on the settings deposited in the Google account. If you do not wish this assignment to your Google account, it is necessary that you log in to Google before calling our website.

If you have not consented to the use of Google Ads, Google will only display general advertising that has not been selected on the basis of the information you collect on this website. In addition to withdrawing your consent, you also have the opportunity to disable personalized advertising in the settings for advertising at Google: https://adssettings.google.com/notarget.

Further information on the processing of personal data at Google can be found at: https://business.safety.google/privacy/.

3.4.3 LinkedIn Insight-Tag

Our website uses the LinkedIn Insight Tag service offered to people from the European Economic Area and Switzerland by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland and to all other people by LinkedIn Corporation, 2029 Stierlin Ct. Ste. 200 Mountain View, California 94043, USA (collectively “LinkedIn”).

This allows us to collect and evaluate statistical data about your visit and the use of our website. This allows you to display interest-based and relevant offers, recommendations and advertising on LinkedIn (retargeting). In this context, there is also an analysis of the effectiveness of advertisements (conversion tracking). LinkedIn uses cookies, pixels and JavaScript.

The following cookies are set and read by LinkedIn:

‘lidc’ (24 hours): optimisation of the selection of the data centre
‘bcookie’ (365 days): preventing misuse;
‘li_gc’ (180 days): storage of the consent of the user;

For more information on cookies, visit: https://de.linkedin.com/legal/l/cookie-table#third party.

If you are logged in to LinkedIn while you visit our website, LinkedIn can link the information collected to your member account and use it for the purposeful circuit of advertising on LinkedIn. You can view your privacy settings at LinkedIn at the following link: https://www.linkedin.com/psettings/enhanced-advertising.

We have concluded a contract processing agreement with LinkedIn. Your personal data may also be transmitted by LinkedIn Ireland Unlimited Company to LinkedIn Corporation in the USA. LinkedIn Corporation has joined the EU-US Data Privacy Framework, which is why the transmission in this case takes place on the basis of the adequacy decision for the USA pursuant to Art. 45 GDPR.

For further information, please refer to LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.

4. Online presence in social networks

We maintain online presence on social networks to communicate with customers and interested parties, among other things, and to inform them about our products.

4.1 Processing for advertising purposes by social network providers

The data of users are generally processed by the social networks concerned for market research and advertising purposes. Thus, usage profiles can be created on the basis of the interests of the users. For this purpose, cookies and other identifiers are stored on the final devices of the data subjects. On the basis of these usage profiles, advertisements within social networks, for example, are then also switched to third-party websites.

For the legal basis of the data processing carried out by the social networks under their own responsibility, please refer to the data protection notices of the respective social network. The links below also provide further information on the respective data processing as well as the opposition possibilities.

4.2 4.2 Processing for statistical purposes

As part of the operation of our online presence, we can access information such as statistics on the use of our online presence provided by social networks. These statistics are aggregated and may include in particular demographic information (e.g. age, gender, region, country) as well as data on interaction with our online presence (e.g., likes, subscription, sharing, viewing images and videos) and the contributions and content that are disseminated thereon. They may also provide information on the interests of users and which content and topics are particularly relevant to them. This information can also be used by us to adapt the design and our activities and content on the online presence and to optimize it for our audience. For details and links to the social network data that we can access as an online presence operator, please refer to the lower list. The collection and use of these statistics shall normally be subject to joint responsibility. Where applicable, the relevant contract is listed below.

The legal basis for data processing is Art. 6(1)(f) GDPR, based on our legitimate interest in effective information and communication with users, or Art. 6(1) (b) GDPR, in order to remain in contact with and inform our customers and to carry out pre-contractual measures with stakeholders.

4.3 Access to publicly available information

If you have an account with the social network, it is possible that we can see your publicly available information (e.g. your username) and media (e.g., images and videos) when we call your profile. In addition, the social network may allow us to contact you. This can be done, for example, through direct messages or through posted contributions. The content communication via the social network and the processing of content data is subject to the responsibility of the social network as a messenger and platform service.

4.4 Processing of publicly available information

As soon as we transfer or process personal data from you into our own systems, we are independently responsible for this and this is done for the implementation of pre-contractual measures and for the fulfilment of a contract in accordance with Art. 6(1)(b) GDPR or for the preservation of our legitimate interests in accordance with Art. 6(1)(f) GDPR in order to contact customers.

4.5 Data protection rights

We would like to point out that data protection requests can be made most efficiently with the respective provider of the social network, as only these providers have access to the data and can take appropriate measures directly. You can, of course, contact us with your concerns. In this case, we will process your request and forward it to the social network provider.

4.6 Online preferences used

Below is a list of information on the social networks on which we conduct online presence:

Facebook (Meta Platforms Ireland Ltd., Merrion Road, Dublin 4, D04 X2K5, Irland)
- Operation of the Facebook website in common responsibility on the basis of an agreement on the joint processing of personal data (so-called page insights supplement with regard to the controller): https://www.facebook.com/legal/terms/page_controller_addendum
- Information on processed site insights data and contact possibilities in case of data protection requests: https://www.facebook.com/legal/terms/information_about_page_insights_data
- Privacy Policy: https://www.facebook.com/privacy/policy/
- Opt-Out: https://www.facebook.com/settings?tab=ads.
Instagram (Meta Platforms Ireland Ltd., Merrion Road, Dublin 4, D04 X2K5, Irland)
- Instagram Business account based on an agreement on the joint processing of personal data (so-called page insights supplement regarding the controller): https://www.facebook.com/legal/terms/page_controller_addendum
- Information on processed site insights data and contact possibilities in case of data protection requests: https://www.facebook.com/legal/terms/information_about_page_insights_data
- Privacy Policy: https://privacycenter.instagram.com/policy/
- Opt-Out (Declaration): https://de-de.facebook.com/help/instagram/2885653514995517?locale=de_DE.
Google/ YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland)
- Privacy Policy: https://policies.google.com/privacy
- Opt-Out: https://www.google.com/settings/ads.
X (Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Irland)
- Privacy Policy: https://x.com/en/privacy
- Opt-Out: https://x.com/personalization.
LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Irland)
- Operation of the LinkedIn corporate website under joint responsibility on the basis of an agreement on the joint processing of personal data (so-called Page Insights Joint Controller Addendum): https://legal.linkedin.com/pages-joint-controller-addendum
- Information on processed site insights data and contact possibilities in case of data protection requests: https://legal.linkedin.com/pages-joint-controller-addendum
- Privacy Policy
- Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Xing/Kununu (New Work SE, Am Strandkai 1, 20457 Hamburg)
- Privacy Policy/ Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung.

5. Disclosure of data

In principle, disclosure of the data we collect will only take place if, in the specific case, there is a legal basis for data protection, in particular if:

In accordance with Art. 6(1)(a) GDPR, you have given your express consent to:
the disclosure pursuant to Art. 6(1)(f) GDPR is necessary for the purpose of asserting, exercising or defending legal claims and there is no reason to believe that you have an overriding interest in preventing the disclosure of your data;
we are legally obliged to pass on pursuant to Art. 6(1)(c) GDPR, in particular where this is necessary for prosecution or enforcement on the basis of official inquiries, court decisions and legal proceedings; or
permitted by law and required by Art. 6(1)(b) GDPR for the performance of contractual relationships with you or for the implementation of pre-contractual measures that take place upon your request.

Part of the data processing can be done by our service providers. In addition to the service providers mentioned in this privacy notice, this may include, in particular, data centers that store our website and databases, software providers, IT service providers that maintain our systems, agencies, market research companies, group companies and consultancy firms. If we disclose data to our service providers, they may use the data solely for the performance of their tasks. The service providers were carefully selected and commissioned by us. They are contractually bound by our instructions, have appropriate technical and organisational measures in place to protect the rights of the persons concerned and are regularly controlled by us.

6. Transmission of data to third countries

As explained in this privacy statement, we use services whose providers are partly located in so-called third countries (outside the European Union or the European Economic Area) or transfer personal data there, i.e. countries whose level of data protection does not correspond to that of the European Union.

If there is an adequacy decision of the European Commission (Art. 45 GDPR) for these countries, we base the data transmission on these countries. This concerns, for example, transmission to Argentina, Israel, Japan, Canada, the Republic of Korea, New Zealand, Switzerland, Uruguay or the United Kingdom. In the case of the USA, this applies only to the extent that the US receiver has certified for the EU-US Data Privacy Framework.

Insofar as the European Commission has not adopted an adequacy decision (Art. 45 GDPR) for the relevant country, we have taken appropriate measures to ensure an adequate level of data protection for any data transfers. These include, inter alia, the standard contractual clauses of the European Union or mandatory internal data protection rules (Art. 46 GDPR).

Where this is not possible, we base the transmission of data on exceptions to Art. 49 GDPR, in particular your express consent or the need for transmission for the performance of the contract or for the implementation of pre-contractual measures.

Provided that a third country transfer is foreseen and there is no adequacy decision or appropriate guarantees, it is possible and there is a risk that authorities in the respective third country (e.g. intelligence services) may gain access to the data transmitted in order to collect and analyse it and that enforceability of your data subject rights cannot be ensured. Upon obtaining your consent via the consent banner, you will also be informed about this.

7. Storage period

In principle, we only store personal data for as long as it is necessary to fulfil the purposes for which we collect the data. After that, we delete the data without delay, unless we still need the data until the expiry of the statutory limitation period for proof purposes for civil rights, due to legal retention obligations or there is a different legal basis for data protection in the specific individual case for the continuous processing of your data.

8. Your rights, in particular withdrawal and opposition

8.1 Overview of your rights

At any time, if the respective legal requirements are met, they shall be entitled to the rights to be affected as set out in Art. 7(3), Art. 15 – 21 GDPR:

right to withdraw your consent (Art. 7(3) GDPR);
right to object to the processing of your personal data (Art. 21 GDPR);
right to information about your personal data processed with us (Art. 15 GDPR);
Right to rectification of your personal data that we have illegally stored (Art. 16 GDPR);
the right to delete your personal data (Art. 17 GDPR);
the right to restrict the processing of your personal data (Art. 18 GDPR);
the right to data portability of your personal data (Art. 20 GDPR);
Right not to be subject to a decision based solely on automated processing which has legal effect or similarly significantly affects it, including, where appropriate, the right to obtain the intervention of a person by the controller, to present its own position and to challenge the decision (Art. 22 GDPR).

In order to assert your rights described here, you can contact the above contact details at any time. This also applies if you wish to receive copies of guarantees to prove an adequate level of data protection. If the respective legal requirements exist, we will comply with your privacy policy.

Your requests for the enforcement of data protection rights and our responses thereto shall be retained for documentation purposes for a period of up to three years and, in individual cases, if there are grounds for the enforcement, exercise or defence of legal claims. The legal basis is Art. 6(1)(f) GDPR, based on our interest in defending any civil rights under Art. 82 GDPR, avoiding fines under Art. 83 GDPR and fulfilling our accountability under Art. 5(2) GDPR.

8.2 Right of withdrawal and objection

8.2.1 Right of withdrawal

You have the right to revoke at any time an authorisation granted once in accordance with Art. 6(1)(a) GDPR to us. This means that we no longer continue the data processing based on this consent for the future. The withdrawal of the consent shall not affect the legality of the processing carried out on the basis of the consent pending withdrawal.

8.2.2 Right to object

General objection: Insofar as we process your data on the basis of Art. 6(1)(f) GDPR (legitimate interests), you have the right to object at any time to the processing of your data for reasons arising from your particular situation.

Opposition in direct advertising: If it is a contradiction against data processing for direct advertising purposes, you have a general right of opposition, which is implemented by us even without the indication of reasons.

8.2.3 Application of your rights

If you wish to make use of your right of withdrawal or opposition, a formal notification to the above contact details is sufficient.

8.3 Right of appeal

They finally have the right to complain to a data protection supervisory authority. You may, for example, apply this right to a supervisory authority in the Member State of your residence, workplace or place of suspected infringement. In Berlin, our seat, the competent supervisory authority is: Berlin Commissioner for Data Protection and Freedom of Information, Alt-Moabit 59-61, 10555 Berlin.

9. Duty to provide your data

In principle, there is no obligation to provide your data.

Insofar as the provision of your data is necessary to contact or use other services and functions (e.g. to register for the newsletter), corresponding input fields are marked as mandatory information (usually by an asterisk (*)). In this case, without this data provided, the specific service cannot be provided or the function cannot be used.

Other information not marked as compulsory fields, on the other hand, is voluntary. The input of such data is then not necessary for the provision of the service or for the use of the function and has no influence on the performance of the service.

10. Automated decision-making

Automated decision-making, including profiling in accordance with Art. 22 GDPR, with a legal or similarly significantly detrimental effect does not take place.

11. Amendments to the privacy policy

Occasionally, we update this privacy policy, for example when we adapt our website or change legal or regulatory requirements.

Version: 1.6 / Status: May 2025