Go to homepage
Contact Contact

Privacy policy 
Information according to DSGVO: 
Wandel Packaging Group GmbH & Co.KG 
Alleenstraße 27
72666 Neckartailfingen 

Represented by
Persönlich haftende Gesellschafterin
Huttenlocher Verwaltungs-GmbH
Amtsgericht Stuttgart HRB 221839
Firmensitz: Neckartailfingen

Contact
Telefon: +49 (0) 7127/18 02 – 0
E-Mail: info@wandel.group

Registereintrag Eintragung im Handelsregister.
Registergericht: Amtsgericht Stuttgart
Registernummer: HRA 220985

Umsatzsteuer-ID Umsatzsteuer-Identifikationsnummer gemäß §27 a Umsatzsteuergesetz: DE 146261549

Responsible for the content according to § 55 Abs. 2 RStV 
Wandel Packaging Group | Alleenstr. 27 | DE-72666 Neckartailfingen
Any data subject can contact our data protection officer directly at any time with any questions or suggestions regarding data protection. E-mail: datenschutz@wandel.group 
We hereby object to the use of contact data published within the scope of the imprint obligation by third parties for sending unsolicited advertising and information material. We reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails. With the following privacy policy, we would like to explain to you what types of personal data (hereinafter also referred to as “data”) we process, for what purposes and to what extent. The privacy policy applies to all processing of personal data carried out by us, both in the context of the provision of our services and in particular on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as “online offer”). The terms used are not gender-specific.  We are very delighted that you have shown interest in our enterprise. Data protection is of a particularly high priority for the management of the Wandel Packaging Group GmbH & Co. KG. The use of the Internet pages of the Wandel Packaging Group GmbH & Co. KG is generally possible without providing any personal data. However, if a data subject wishes to make use of special services of our company via our website, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject. The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to the Wandel Packaging Group GmbH & Co. KG in accordance with the country-specific data protection regulations. By means of this data protection declaration, we would like to inform the public about the type, scope and purpose of the personal data collected, used and processed by us. Furthermore, data subjects are informed of the rights to which they are entitled. As the controller, the Wandel Packaging Group GmbH & Co. KG, as the controller, has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, Internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone. 
Use of cookies 
Cookies are small text files or similar technologies that store information on users' end devices and read it from them. They are used in a variety of ways, for example to ensure the functionality and security of our online offers, to improve convenience or to create analyses of visitor flows. We always use cookies in accordance with the legal requirements. In cases where the use of cookies requires consent, we obtain this from our users in advance. Consent is required, for example, if cookies are not absolutely necessary for the operation of the website or the provision of specific functions. Where consent is not required, we base the use of cookies on our legitimate interests. These consist in particular of being able to provide expressly requested content and functions, for example by saving settings or ensuring the security and functionality of our online offering. Users can withdraw their consent to the use of cookies at any time. We provide transparent and comprehensible information about which cookies are used, what they are used for and the scope of consent. 
Processing of personal data by cookies 
Whether personal data is processed by cookies depends on the type and purpose of the cookie in question. If consent has been given, this serves as the legal basis in accordance with Art. 6 para. 1 lit. a GDPR. If consent is not required, the processing is based on our legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR. These interests are in particular the improvement of our online offer, ensuring technical functionality and the analysis of user behavior to optimize our content. 
Types and storage duration of cookies 
We distinguish between temporary and permanent cookies: Temporary cookies, also known as session cookies, only store information for the duration of a website visit. They are automatically deleted as soon as the user leaves the online offer and closes their browser or the corresponding app. Permanent cookies, on the other hand, remain stored on the user's device even after the browser or app has been closed. They make it possible, for example, to store log-in information so that the user can access content more quickly when they visit again, or they are used to measure reach. Unless we provide specific information, such cookies are stored for up to two years. 
Options for revocation and objection
Users can withdraw their consent to the use of cookies at any time. They are also free to object to the processing of their data by cookies, in particular via the corresponding privacy settings of their browser. Modern browsers offer extensive options for controlling, deleting or generally deactivating the use of cookies. We recommend that you regularly check and adjust your browser settings in order to maintain control over the use of data. 
Consent management 
In order to meet the requirements for transparent consent management, we use a consent management solution. This allows us to obtain and document consent to the use of cookies and to offer users the opportunity to change or withdraw their consent at any time. Consent is stored either on the server or in an opt-in cookie. In this way, we can ensure that no new request is made and that compliance with legal requirements is guaranteed. The consent data, including a pseudonymous identifier, information on the time and scope of the consent and information on the browser and end device used, are stored for up to two years. Data subjects and data Users of our online offering, such as website visitors or users of online services, are primarily affected by the processing of cookies. Metadata, communication and process data such as IP addresses, time stamps or unique identification numbers that are required for the functionality and analysis of our online offering are processed. Legal basis Depending on the purpose, the use of cookies is based either on the consent of the user (Art. 6 para. 1 lit. a GDPR) or on our legitimate interests (Art. 6 para. 1 lit. f GDPR). 
Collection of general data and information 
The website of the Wandel Packaging Group GmbH & Co. KG collects a series of general data and information each time the website is accessed by a data subject or an automated system. This general data and information is stored in the server log files. The (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our website (so-called referrer), (4) the sub-websites which are accessed via an accessing system on our website can be recorded, (5) the date and time of access to the website, (6) an internet protocol address (IP address), (7) the internet service provider of the accessing system and (8) other similar data and information used for security purposes in the event of attacks on our information technology systems. 
When using these general data and information, the Wandel Packaging Group GmbH & Co. KG does not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website as well as its advertisement, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, the Wandel Packaging Group GmbH & Co. KG analyzes anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
Data transfer within the organization and processing in third countries 
We may transfer personal data to other departments or units within our organization or grant them access to it. This is done either on the basis of our legitimate business and commercial interests or is necessary to fulfill our contractual obligations. Alternatively, we rely on the consent of the data subject or legal permission. If we process personal data in a third country outside the European Union (EU) or the European Economic Area (EEA), or if this data is processed in the context of the use of third-party services, disclosure or transfer to other persons, bodies or companies, this is only done in compliance with the legal requirements. The basis for such data transfers is an adequacy decision recognized by the EU Commission in accordance with Art. 45 GDPR or other suitable guarantees such as standard contractual clauses in accordance with Art. 46 para. 2 lit. c GDPR, express consent or contractual and legally required transfers in accordance with Art. 49 para. 1 GDPR. We will inform you of the specific basis for the third country transfer with the respective providers from the third country. Für weitere Informationen zu Angemessenheitsbeschlüssen können Sie das Informationsangebot der EU-Kommission einsehen: Datenschutz und internationale Dimension. As part of the so-called “Data Privacy Framework” (DPF), the EU Commission has recognized the level of data protection for certain companies in the USA as adequate (adequacy decision of 10.07.2023). A list of certified companies and further information on the DPF can be found on the website of the US Department of Commerce:Data Privacy Framework . In our data protection information, we inform you which service providers we use are certified under the Data Privacy Framework. Legal basis for data processing Art. 6 para. 1 lit. a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, for example for the supply of goods or the provision of services, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR. The same applies to processing operations that are necessary to carry out pre-contractual measures, for example in the case of inquiries about our products or services. If our company is subject to a legal obligation that requires the processing of personal data - for example to fulfill tax obligations - the processing is based on Art. 6 para. 1 lit. c GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. For example, in the event of an accident on our premises, it may be necessary to pass on information such as name, age or health insurance data to a doctor or hospital. In such cases, processing is carried out in accordance with Art. 6 para. 1 lit. d GDPR. In addition, processing operations may be based on Art. 6 para. 1 lit. f GDPR. This applies if the processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. Such legitimate interests may exist, for example, if the data subject is a customer of the controller (Recital 47 Sentence 2 GDPR). 
Advertising communication via e-mail, post, fax or telephone 
As part of our advertising communication, we process personal data in order to inform you about products, services and offers. This communication can take place via various channels, such as e-mail, post, telephone or fax. The processing is always carried out in compliance with the legal requirements, in particular the General Data Protection Regulation (GDPR). If you have given your consent for advertising communication, you can revoke this at any time without giving reasons or object to the further advertising use of your data. In the event of revocation or objection, we will store the data necessary to prove the previous authorization for a period of up to three years after the year of revocation or objection. This is done on the basis of our legitimate interests in order to be able to defend against possible claims. To ensure that we respect your wishes with regard to communication, we also store the data that is necessary to avoid contacting you again. Depending on the communication channel, this data includes, for example, your e-mail address, telephone number or name. The processed data includes inventory data such as name, address, contact information and customer number, contact data such as postal and e-mail addresses and telephone numbers and content data such as messages or contributions that you have received or written. This data is processed for the purposes of direct marketing, sales promotion and to increase our marketing activities. The data is stored and deleted in accordance with the general information on data storage and deletion in this privacy policy. The legal basis for the processing of this data is based on your consent in accordance with Art. 6 para. 1 lit. a) GDPR and on our legitimate interests in accordance with Art. 6 para. 1 lit. f) GDPR. 
Contact and inquiries via the website 
When contacting us, whether by post, via a contact form, by e-mail, by telephone or via social media, as well as in connection with existing user and business relationships, we process the information of the inquiring persons insofar as this is necessary to answer the contact inquiries and to carry out any requested measures. The following types of data may be processed: Inventory data (such as full name, residential address, contact information, customer number, etc.), contact data (such as postal and email addresses or telephone numbers), content data (such as textual or pictorial messages and contributions as well as information on their authorship or time of creation), usage data (such as page views, length of stay, click paths, intensity and frequency of use, device types and operating systems used as well as interactions with content and functions) as well as meta, communication and procedural data (such as IP addresses, time data, identification numbers and details of persons involved). Data subjects in this context are communication partners. The data is processed for the following purposes: communication, implementation of organizational and administrative procedures, collection of feedback (e.g. via online forms), provision of our online offer and to ensure a user-friendly design. The data is stored and deleted in accordance with the specifications in the section “General information on data storage and deletion”. The legal basis for processing is our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR and the fulfillment of contractual and pre-contractual obligations pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR. Additional information on processing operations, procedures and services: When contacting us via our contact form, by email or other communication channels, we process the personal data transmitted to process the respective request. This generally includes details such as name, contact information and any other information provided that is required for appropriate processing. This data is used exclusively for the purpose of establishing contact and communication. The legal basis for this is the fulfillment of the contract and pre-contractual inquiries in accordance with Art. 6 Para. 1 S. 1 lit. b GDPR and our legitimate interests in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR. As part of our online store and the order forms, we process the personal data of our customers in order to enable the selection, purchase and ordering of products and associated services. This also includes payment and delivery of the ordered goods. To process an order, we may use service providers, such as postal, forwarding and shipping companies, to ensure delivery or execution for our customers. We work together with banks and payment service providers to process payment transactions. The information required for the execution of an order is marked accordingly in the order process. This includes all necessary information for the delivery, provision and invoicing of the ordered goods as well as contact information in order to be able to contact you if necessary. The legal basis for the processing of this data is the fulfillment of a contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b GDPR). 
Routine erasure and blocking of personal data 
The controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which the controller is subject to. If the storage purpose no longer applies or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data is routinely blocked or erased in accordance with the statutory provisions. Rights of the data subject Right to confirmation Each data subject shall have the right granted by the European legislator to obtain from the controller the confirmation as to whether or not personal data concerning him or her are being processed. If a data subject wishes to avail himself of this right of confirmation, he or she may, at any time, contact any employee of the controller. Right to information Any person affected by the processing of personal data has the right granted by the European legislator of directives and regulations to obtain, at any time and free of charge, information from the controller concerning the personal data stored about him or her and a copy of that information. Furthermore, the European legislator has granted the data subject access to the following information: the purposes of processing the categories of personal data that are processed the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing the existence of the right to lodge a complaint with a supervisory authority if the personal data are not collected from the data subject: All available information about the origin of the data the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject Furthermore, the data subject has a right to information as to whether personal data has been transferred to a third country or to an international organization. If this is the case, the data subject also has the right to obtain information about the appropriate safeguards in connection with the transfer. If a data subject wishes to avail himself of this right of access, he or she may, at any time, contact any employee of the controller. 
Right to rectification 
Any person affected by the processing of personal data has the right granted by the European legislator of directives and regulations to demand the immediate correction of incorrect personal data concerning them. Taking into account the purposes of the processing, the data subject shall also have the right to have incomplete personal data completed, including by means of providing a supplementary statement. If a data subject wishes to exercise this right to rectification, he or she may, at any time, contact any employee of the controller. Right to erasure (right to be forgotten) Any person affected by the processing of personal data has the right, granted by the European legislator, to obtain from the controller the erasure of personal data concerning him or her without undue delay where one of the following grounds applies and insofar as the processing is not necessary The personal data have been collected or otherwise processed for purposes for which they are no longer necessary. The data subject withdraws consent on which the processing is based according to point (a) of Article 6(1) GDPR, or point (a) of Article 9(2) GDPR, and where there is no other legal ground for the processing. The data subject objects to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Art. 21 (2) GDPR. The personal data has been processed unlawfully. The personal data must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject. The personal data have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR. If one of the aforementioned reasons applies, and a data subject wishes to request the erasure of personal data stored by the Wandel Packaging Group GmbH & Co. KG, he or she may, at any time, contact any employee of the controller. The employee of the Wandel Packaging Group GmbH & Co. KG shall promptly ensure that the erasure request is complied with immediately. If the personal data have been made public by the Wandel Packaging Group GmbH & Co. KG has made the personal data public and our company, as the controller, is obliged pursuant to Article 17(1) of the GDPR to erase the personal data, the Wandel Packaging Group GmbH & Co. KG shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform other persons responsible for data processing who process the published personal data, that the person concerned has requested the deletion of all links to this personal data or of copies or replications of this personal data from these other persons responsible for data processing, insofar as the processing is not necessary. An employees of the Wandel Packaging Group GmbH & Co. KG will arrange the necessary measures in individual cases. 
Right to restriction of processing 
Any person affected by the processing of personal data has the right granted by the European legislator of directives and regulations to require the controller to restrict the processing if one of the following conditions is met: The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data. The processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead. The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims. The data subject has objected to processing pursuant to Article 21(1) GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject. If one of the aforementioned conditions is met, and a data subject wishes to request the restriction of the processing of personal data stored by the Wandel Packaging Group GmbH & Co. KG, he or she may, at any time, contact any employee of the controller. The employee of the Wandel Packaging Group GmbH & Co. KG will arrange the restriction of the processing. 
Right to data portability 
Any person affected by the processing of personal data has the right, granted by the European legislator, to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format. He or she also has the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on consent pursuant to point (a) of Article 6(1) GDPR or point (a) of Article 9(2) GDPR or on a contract pursuant to point (b) of Article 6(1) GDPR and the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. Furthermore, in exercising their right to data portability pursuant to Art. 20 (1) GDPR, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible and provided that this does not adversely affect the rights and freedoms of others. In order to assert the right to data portability, the data subject may at any time contact any employee of the Wandel Packaging Group GmbH & Co. KG at any time. 
Right to object 
Each data subject shall have the right granted by the European legislator to object, on grounds relating to his or her particular situation, at any time, to processing of personal data concerning him or her, which is based on point (e) or (f) of Article 6(1) GDPR. This also applies to profiling based on these provisions. The Wandel Packaging Group GmbH & Co. KG shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defense of legal claims. If the Wandel Packaging Group GmbH & Co. KG processes personal data for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing. This also applies to profiling insofar as it is associated with such direct advertising. If the data subject objects to the Wandel Packaging Group GmbH & Co. KG to the processing for direct marketing purposes, the Wandel Packaging Group GmbH & Co. KG will no longer process the personal data for these purposes. In addition, the data subject has the right, on grounds relating to his or her particular situation, to object to processing of personal data concerning him or her by the Wandel Packaging Group GmbH & Co. KG for scientific or historical research purposes or for statistical purposes pursuant to Article 89(1) GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest. In order to exercise the right to object, the data subject may contact any employee of the Wandel Packaging Group GmbH & Co. KG or another employee. The data subject is also free, in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, to exercise his or her right to object by automated means using technical specifications. Automated decisions in individual cases including profiling Each data subject shall have the right granted by the European legislator not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her, or similarly significantly affects him or her, if the decision (1) is not necessary for entering into, or performance of, a contract between the data subject and the controller, or (2) is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject's rights and freedoms and legitimate interests, or (3) is based on the data subject's explicit consent. If the decision (1) is necessary for entering into, or the performance of, a contract between the data subject and a data controller, or (2) it is based on the data subject's explicit consent, the Wandel Packaging Group GmbH & Co. KG shall implement suitable measures to safeguard the data subject's rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision. If the data subject wishes to exercise the rights concerning automated individual decision-making, he or she may, at any time, contact any employee of the controller. 
Right to withdraw consent under data protection law 
Any person affected by the processing of personal data has the right granted by the European legislator of directives and regulations to withdraw consent to the processing of personal data at any time. If the data subject wishes to exercise the right to withdraw the consent, he or she may, at any time, contact any employee of the controller. 
Data protection for applications and in the application process 
The controller collects and processes the personal data of applicants for the purpose of handling the application process. Processing may also be carried out electronically. This is particularly the case if an applicant submits relevant application documents to the controller electronically, for example by e-mail or via a web form on the website. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted two months after notification of the rejection decision, provided that no other legitimate interests of the controller stand in the way of deletion. Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG). 
Web analysis, monitoring, optimization 
Web analysis, also known as “reach measurement”, is used to evaluate the flow of visitors to our online offering. Pseudonymized data such as the behaviour, interests or demographic information of visitors (e.g. age or gender) can be recorded. We use reach analysis to identify, for example, when our online offering or its content and functions are used most frequently or which areas require optimization. We also use test procedures to test and optimize different versions of our website. For these purposes, profiles may be created that summarize data from a usage process. This involves storing and reading information in a browser or on an end device. The data collected includes, in particular, websites visited, content used, technical information (e.g. browser used, operating system) and usage times. If you have given your consent to the processing of your location data, this may also be recorded. Although the IP addresses of users are stored, they are protected by an IP masking procedure (pseudonymization by shortening the IP address). Clear data such as names or email addresses are not stored so that neither we nor the providers of the software used know the actual identity of the users. Legal basis and storage period The data is processed on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, or on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, in order to make our website efficient and user-friendly. Unless otherwise stated, cookies or similar technologies are stored for up to two years. Further information on cookies can be found in the “Cookies” section of this privacy policy. 
Google Analytics 
We use Google Analytics to analyze the use of our online offering and to create pseudonymous user profiles. Data such as the use of content, search terms, duration of use, geographical information and technical details (e.g. device type, browser) are collected. Data processing is carried out using cookies. The IP addresses of EU users are anonymized before further processing. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Further information can be found in Google's privacy policy and details on the data processing conditions. 
Google Tag Manager 
Google Tag Manager enables us to centrally manage tracking tags. It does not store any cookies and does not process any personal data directly. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR); Website: https://marketingplatform.google.com; Privacy Policy: https://policies.google.com/privacy; Data processing agreement: https://business.safety.google/adsprocessorterms; Basis for third country transfers: Data Privacy Framework (DPF). 
Online marketing
As part of online marketing, we process personal data in order to market advertising space and display content in line with the interests of users. Pseudonymous user profiles are created for this purpose, which contain data such as content viewed, websites used, communication partners and technical information (e.g. browser, operating system). The data is usually stored using cookies or similar technologies. Clear data is only processed if, for example, users are members of a social network that shares this data with us. We use Google Ads to place advertisements within the Google advertising network in order to display content to users who are presumed to be interested in it. In addition, we use conversion measurement to measure whether users have been motivated to take an action by the ad, such as completing a purchase. Processing is pseudonymous and we do not receive any personal user data, only aggregated reports on ad performance. However, Google may process data such as IP addresses and technical information. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Further information can be found in Google's privacy policy and data processing conditions. Data processing is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR or legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. You can object to the processing by deactivating cookies in your browser settings or by using the opt-out options provided by the providers. You can find a list of such opt-out options here: Europe;Canada; USA; Global. Further information on online marketing measures, including the technologies used and the storage duration of cookies (usually up to two years), can be found in the general information in this privacy policy. 
Presence in social networks 
We operate online presences in social networks in order to communicate with users active there and to provide information about our company. It should be noted that user data may be processed outside the European Union. This may entail risks for users, such as more difficult opportunities to enforce their rights. User data in social networks is generally processed for market research and advertising purposes. Profiles can be created based on the usage behavior and interests of users, which in turn are used to place interest-based advertisements within and outside the networks. Cookies are often stored on users' devices, which contain information about usage behavior and interests. These profiles can be created across platforms, especially if users are logged into their user account. For detailed information on the respective processing procedures and opt-out options, we recommend consulting the privacy policies of the social network operators. If users wish to make requests for information or assert their rights, the most effective way to do so is directly via the providers, as only they have access to the relevant user data. However, if you have any questions or require assistance, please do not hesitate to contact us. The data we process includes Contact data, such as postal and e-mail addresses or telephone numbers. Content data, such as text or image messages and contributions, including information on authorship or the time of creation. Usage data, such as page views, length of stay, click paths, intensity and frequency of use, device types used, operating systems and interactions with content and functions. Data subjects are in particular users of our website or other online services. The data is processed for the purposes of communication, feedback (e.g. via online forms) and public relations. The data is stored and deleted in accordance with the general information on data storage and deletion listed in our privacy policy. The legal basis for data processing is our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR. 
  •  Instagram: On the platform, users can share photos and videos, comment on and favorite posts, send messages and subscribe to profiles. The service provider is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, Ireland. Further information on data processing and objection options can be found in Instagram's privacy policy. 
  • Facebook pages: Together with Meta Platforms Ireland Limited, we are responsible for the collection (but not the further processing) of data from visitors to our Facebook page. This includes information about the content with which users interact, as well as technical data such as IP addresses, operating systems and cookie information. Further information can be found in the Facebook Data Policy and in the information on Page Insights. 
  • LinkedIn: Together with LinkedIn Ireland Unlimited Company, we are responsible for collecting data from visitors to our LinkedIn profiles, which is used to create “Page Insights”. The data collected includes information about content used, devices and user profiles. For further details on data processing, please refer to LinkedIn's privacy policy and the information on the Page Insights Joint Controller Addendum. The rights of users, such as the right to information, deletion and objection, are safeguarded in all cases and can be asserted directly with the respective platform operators. 

Plug-ins and embedded functions and content 
We embed functional and content elements on our website that are provided by the servers of their respective providers (hereinafter referred to as “third-party providers”). These are, for example, graphics, videos or city maps (hereinafter referred to as “content”). The integration of this content requires that the third-party providers process the IP address of the user, as the content could not be transmitted to the user's browser without the IP address. The IP address is therefore necessary in order to display the content or functions. We endeavor to only integrate content whose providers only use the IP address to provide the content. In addition, third-party providers may use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. These pixel tags can be used to analyze information such as visitor traffic on our website. Such pseudonymous information can also be stored in cookies on the user's device. These cookies contain, among other things, technical details about the browser and operating system used, information about referring websites, the time of the visit and the use of our online offering. This data can also be combined with information from other sources. If we ask users for their consent to integrate third-party content, the data processing is based on this consent. Otherwise, the data is processed on the basis of our legitimate interests in the efficient, economical and user-friendly provision of our services. Further information on this can be found in the section on cookies in this privacy policy. Processed data types: Usage data (e.g. page views, length of stay, click paths, intensity and frequency of use, device types and operating systems used, interactions with content and functions) Meta, communication and process data (e.g. IP addresses, time data, identification numbers) Data subjects: Users (e.g. visitors to our website, users of online services) Purposes of processing: Provision of our online offering and optimization of user-friendliness Storage and deletion: Deletion takes place in accordance with the information in the section “General information on data storage and deletion”. Cookies and similar storage methods may be stored on users' devices for up to two years, unless otherwise specified. 
Google Fonts 
We use Google Fonts for the uniform and technically optimized display of fonts and symbols. The fonts are provided via Google servers, usually in the USA. To provide the fonts, it is necessary for the user's IP address to be transmitted to Google. In addition, technical data such as language settings, screen resolution, operating system and hardware used may be transmitted to Google. When using Google Fonts, HTTP requests are sent from the user's browser to the Google Fonts Web API. The IP address, the requested URL, the user agent (information about the browser and operating system) and the referrer URL (the website on which the font is to be displayed) are transmitted. Google states that IP addresses are not stored or analyzed. The logged data is used exclusively to optimize and analyze the use of the fonts. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR) Privacy Policy: https://policies.google.com/privacy Further information: https://developers.google.com/fonts/faq/privacy?hl=de Basis for third country transfers: Data Privacy Framework (DPF) 
Securing online connections using TLS/SSL encryption technology (HTTPS)
Our online services are secured by TLS/SSL encryption technology (HTTPS) to protect the transmitted user data from unauthorized access. The Secure Sockets Layer (SSL) and Transport Layer Security (TLS) technologies form the basis for secure data transmission on the Internet. They encrypt the information exchanged between the website or app and the user's browser (or between two servers). TLS, as a further development of SSL, guarantees a particularly high level of security for all data transmissions. Websites that are secured by an SSL/TLS certificate can be recognized by the display of HTTPS in the URL bar of the browser - a clear sign that the data is being transmitted securely and encrypted. When processing personal data, it may be necessary to pass it on or disclose it to other bodies, companies, legally independent organizations or individuals. Recipients may include, for example, IT service providers or providers of services and content that are integrated into our website. In these cases, we strictly adhere to the legal requirements and conclude appropriate contracts or agreements with the recipients to ensure the protection of your data. 
Provision of the online offer and web hosting 
We process our users' data in order to provide them with our online services. For this purpose, we process, among other things, the user's IP address, which is required to transmit the content and functions of our online services to the user's browser or end device. The types of data processed include usage data, such as page views and length of stay, click paths, intensity and frequency of use, device types and operating systems used and interactions with content and functions. In addition, we process metadata, communication data and process data, including IP addresses, time data, identification numbers and persons involved, as well as log data, such as log files in connection with logins, data retrievals or access times. Users, such as website visitors or users of our online services, are affected by the data processing. Processing is carried out for the purposes of providing our online services and improving user-friendliness, ensuring the operation and provision of our IT infrastructure, such as servers and computers, and implementing security measures. The data is stored and deleted in accordance with the information in the section “General information on data storage and deletion”. The processing is based on the legal basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR.  Further information on processing processes, procedures and services: Provision of the online offer on rented storage space To provide our online offering, we use storage space, computing capacity and software that we rent from a server provider (web host) or otherwise obtain. Processing is carried out on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR. Collection of access data and log files Access to our online offering is logged in the form of so-called “server log files”. These contain information such as the address and name of the web pages and files accessed, the date and time of access, data volumes transferred, success messages, browser type and version, the user's operating system, referrer URL (the previously visited page), IP addresses and the requesting provider. The server log files are used for security purposes, such as avoiding server overloads due to abusive attacks (e.g. DDoS attacks) and ensuring the capacity utilization and stability of the servers. The legal basis for this is legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR. Log file information is stored for a maximum of 30 days and then deleted or anonymized. Hetzner We use the services of Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany, to provide storage space and computing capacity. The legal basis for this is Art. 6 para. 1 sentence 1 lit. f) GDPR. Further information can be found in Hetzner's privacy policy at https://www.hetzner.com/de/rechtliches/datenschutz. There is also an order processing contract, which can be viewed at https://docs.hetzner.com/de/general/general-terms-and-conditions/data-privacy-faq/. 
Legitimate interests in processing pursued by the controller or a third party
Where the processing of personal data is based on Article 6 I lit. f GDPR, our legitimate interest is to carry out our business in favor of the well-being of all our employees and our shareholders.  
Duration for which the personal data is stored  
The criterion for the duration of the storage of personal data is the respective statutory retention period. Once this period has expired, the corresponding data is routinely deleted, provided it is no longer required for the fulfillment or initiation of a contract. 
Legal or contractual provisions for the provision of personal data
Data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of non-provision We inform you that the provision of personal data is partly required by law (e.g. tax regulations) or may also result from contractual provisions (e.g. information on the contractual partner). Sometimes it may be necessary for a contract to be concluded for a data subject to provide us with personal data that must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with them. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before personal data is provided by the data subject, the data subject must contact one of our employees. Our employee will inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what the consequences would be if the personal data were not provided. 
Existence of automated decision-making 
As a responsible company, we do not use automated decision-making or profiling.

Privacy settings
We use cookies and other technologies on our website. Some of them are essential, while others help us improve this website and your experience. Personal data may be processed (e.g. IP addresses), for example for personalized ads and content or ad and content measurement. For more information about how we use your data, please see our Privacy Policy. You can revoke or adjust your selection at any time under .