This data privacy policy addresses the type, scope and purpose of the personally identifiable data (hereinafter referred to as “data”) that is processed within the framework of providing our services and our online presence along with associated websites, functions and content as well as our external online presence, such as our social media profile (hereinafter referred to collectively as “online offer”). With respect to terminology which is used, such as “processing” or “controller”, we refer to the definitions provided in Art. 4 of the General Data Privacy Regulation (GDPR).
Controller
Daniel von Meer
Varius Consulting Hamburg GmbH
Lottbeker Weg 131e
22395 Hamburg
Germany
vonmeer@varius-invest.de
Daniel von Meer
www.varius-aviation.com
Types of Data Processed
– Customer master data (e.g. personal master data, names or addresses).
– Contact data (e.g. email, telephone numbers).
– Content data (e.g. textual entries, photographs, videos).
– Usage data (e.g. visited websites, content interests, session times).
– Meta-/communication data (e.g. device information, IP addresses).
Categories of Affected Persons
Visitors to and users of the online offer (hereinafter, we refer to such affected persons collectively as “user(s)”).
Purpose of Processing
– Provision of the online offer, its functions and content.
– Response to contact inquiries and communication by users.
– Security measures.
– Audience outreach measurement/marketing
Terminology Used
“Personally identifiable data” pertains to all information which references an identified or identifiable natural person (hereinafter referred to as “user(s)”); a natural person is deemed identifiable if they can be identified directly or indirectly, in particular by means of attribution to an identifier such as a name, an identification code, location data, online identifier (e.g. cookies) or to one or several unique characteristics which are an expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.
“Processing” refers to any process or any series of processes which are conducted, with or without the aid of automated means, in connection with personally identifiable data. The term is broad in scope and comprises practically all forms of data management.
“Pseudonymization” refers to the processing of personally identifiable data in such a way that the personally identifiable data can no longer be attributed to a specific person without recourse to additional information, insofar as this additional information is stored separately and subject to technical and organizational measures that guarantee that the personally identifiable data cannot be attributed to an identified or identifiable natural person.
“Profiling” refers to any automated processing of personally identifiable data which involves the use of this personally identifiable data in order to evaluate specific personal aspects with reference to a natural person, in particular so as to analyze or predict the work performance, economic circumstances, health, personal preferences, interests, reliability, behavior, place of residence or change of residence of such a natural person.
The term “controller” refers to the natural or legal person, authority, institution or other office which, either alone or in cooperation with others, determines the purposes for and means by which personally identifiable data is processed.
“Processor” refers to the natural or legal person, authority, institution or other office who processes personally identifiable data at the behest of the controller.
Authoritative Legal Basis
As required by Art. 13 GDPR, we provide you with the legal basis upon which we process data. For users who fall within the scope of the General Data Privacy Regulation (GDPR), in other words those within the EU and EEA, insofar as the legal basis is not expressly cited in this data privacy policy the following shall apply:
The legal basis for our solicitation of consent is Art. 6 par. 1 lit. a and Art. 7 GDPR;
The legal foundation for processing in order to fulfill our services and meet contractual obligations as well as to respond to inquiries is Art. 6 par. 1 lit. b GDPR;
The legal foundation for processing in order to meet our legal obligations is Art. 6 par. 1 lit. c GDPR;
For the eventuality that the vital interests of the affected person or of another natural person require the processing of personally identifiable data, Art. 6 par. 1 lit. d GDPR serves as the legal foundation.
The legal foundation for processing required to fulfill a function in the public interest or in the exercise of public authority vested in the controller is Art. 6 par. 1 lit. e GDPR.
The legal foundation for processing in our legitimate interests is Art. 6 par. 1 lit. f GDPR.
The processing of data for purposes other than those for which it was originally collected is in accordance with Art 6 par. 4 GDPR.
The processing of special categories of data (as addressed in Art. 9 par. 1 GDPR) is in accordance with Art. 9 par. 2 GDPR.
Security Measures
As required by law and in consideration of the status of technology, implementation costs, the type, scope, circumstances and purposes of processing as well as the various probabilities of occurrence and severity of risks with respect to the rights and liberties of natural persons, we implement appropriate technological and organizational measures in order to guarantee a level of protection commensurate with the risk.
Such measures include in particular the safeguarding of confidentiality, integrity and accessibility of data by controlling physical access to such data as well as electronic access thereto, data entry, data sharing, restricting availability and data separation. Furthermore, we have put processes in place that guarantee awareness of user rights, deletion of data and response to any potential threats to data. Additionally, we already integrate the protection of personally identifiable data into the development process, in particular with respect to selection of hardware, software as well as processes that are consistent with principles of data protection, including the design of technological systems as well as defaults that promote data privacy.
Collaboration with data-processing contractors, parties bearing shared responsibility as well as third parties
Insofar as we reveal, transmit or provide other forms of access to data to other persons and companies (processing contractors, parties with shared responsibility as well as third parties) within the scope of our processing activities (e.g. if transmission of data to third parties, such as payment providers, is necessary in order to fulfill the contract), this occurs solely pursuant to legal permission, i.e. users having expressed their consent if this is required by law, or on the basis of our legitimate interests (e.g. in order for contracted businesses, web hosts etc. to fulfill their commitments).
Insofar as we reveal, transmit or provide some other form of access to data to other companies within our corporate group, this occurs in particular for administrative purposes on the basis of our legitimate interest and, beyond this, consistent with our legal obligations.
Transmission to Third Countries
Insofar as we process data in a third country (i.e. outside of the European Union (EU), the European Economic Area (EEA) or the Swiss Confederation) or this occurs in order to make use of third-party services, or if data is shared with other persons or companies, this occurs only if necessary to meet our (pre-)contractual obligations, on the basis of your consent, a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permission to do so, we process or leave data in a third country only if all legal requirements are met. This means, for example, that the processing must be consistent with certain special safeguards, such as official certification that a level of data privacy is guaranteed that is equivalent to that in the EU (e.g. the “Privacy Shield” in the USA) or compliance with officially recognized special contractual commitments.
The User’s Rights
You have the right to demand confirmation as to whether specific data is being processed, to receive information about the nature of said data and to receive a copy of said data as prescribed by law.
As prescribed by law, you have the right to demand that the data pertaining to you be complete and to require that any inaccurate data pertaining to you be corrected.
As prescribed by law, you have the right to demand that the data pertaining to you be deleted without delay, or to demand, as prescribed by law, that the processing of such data be restricted.
You have the right to demand that data pertaining to you, which you originally provided to us, be provided back to you and also to have such data transmitted to other responsible parties.
Furthermore, as prescribed by law you have the right to lodge a complaint with the responsible oversight authority.
Revocation Right
You have the right to revoke any consent you have given with future effect.
Objection Right
You may object to the future processing of data pertaining to you as prescribed by law. This objection may pertain, in particular, to the processing of data for direct advertising purposes.
Cookies and Objections to Direct Advertising
The term “cookies” applies to small files which are stored on the user’s computers. Different information may be stored by the cookies. A cookie is mainly used to store information about the user (as well as the device on which the cookie is stored) both during as well as after the user’s visit to the online offer. Temporary cookies, also known as “session cookies” or “transient cookies”, are those cookies which are deleted after a user has left the online offer and closed his/her browser. Such a cookie may store the contents of a shopping basket from an online shop or the user’s login status. Cookies are referred to as “permanent” or “persistent” if they remain stored even after the browser has been closed. In this way, for example, the login status can be stored if the user returns to the site after several days. Such a cookie might also store the interests of the user, which would in turn be used to measure audience outreach as well as for other marketing purposes. “Third-party cookies” are those cookies that are offered by providers other than the controller who operates the online offer (the controller’s own cookies are known as “first-party cookies”).
We may use temporary or permanent cookies, additional details of which we provide within the scope of our data privacy policy.
If users do not wish to have cookies stored on their computer, they are asked to deactivate the corresponding option in their browser’s system settings. Any cookies that have previously been stored can likewise be deleted within the system settings of your browser. Should you choose to block cookies, this may restrict the functionality of the online offer as a whole.
A general objection to the use of cookies for online marketing purposes may be expressed through a variety of services: especially with respect to tracking, by means of the US website http://www.aboutads.info/choices/ as well as the EU site http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be prevented by changing the corresponding settings of your browser. Bear in mind, however, that should you choose to do so, the full functionality of this online offer may no longer be available to you.
Deletion of Data
The data processed by us is deleted and the processing thereof restricted as required by law. Insofar as not expressly cited within the framework of this data privacy policy, the data we have stored is deleted as soon as it is no longer required for the intended purpose, unless such deletion is prohibited due to statutory retention requirements.
Insofar as data is not deleted because it is required for other legally permissible purposes, the processing thereof will be restricted. That is to say, the data will be locked and not used for any other purposes. This applies, for example, to data that must be retained as required by commercial or tax legislation.
Amendments and Updates to the Privacy Declaration
We ask you to consult the content of our data privacy declaration on a regular basis. We adapt our data privacy declaration as soon as changes in how we process data make this necessary. We will inform you as soon as any changes also require some kind of action on your part (e.g. consent) or if any other personal notification is required.
Agent Services
We process the data of our customers, clients and interested parties (hereinafter referred to collectively as “customers”) in accordance with Art. 6 par. 1 lit. b. GDPR, in order to fulfill our contractual or pre-contractual services to them. In this regard, the data, the type, scope, purpose and necessity of its processing is determined by the underlying contract. In general, this data will include master customer data (including name, address etc.) as well as contact data (email address, telephone etc.), contractual data (content and term of the contract, remuneration, information about the brokered businesses/insurers/services) and payment data (commissions, payment history, etc.). Furthermore, we may process information pertaining to the characteristics and circumstances of persons or of items belonging to them, if this is pertinent to the object of the agreement. This may include information about personal life circumstances, movable or immovable material goods.
Within the scope of our contract, we may also be required to process special categories of data in accordance with Art. 9 par. 1 GDPR, in particular with respect to the health of a person. In this regard, insofar as it is required by Art. 6 par. 1 lit a., Art. 7, Art. 9 par. 2 lit. a GDPR we will first solicit the expressed consent of the customer.
Insofar as it is necessary to fulfill the contract or required by law, within the framework of coverage inquiries, conclusion and execution of contracts we will provide customer data to the providers of brokered services/goods, insurers, reinsurers, brokerage pools, technical service providers, other service providers such as cooperating associations, as well as financial service providers, credit institutions and capital investment companies as well as social insurance providers, tax authorities, tax consultants, legal consultants, auditors, insurance ombudsmen and the offices of the Federal Financial Supervisory Authority (BaFin). Furthermore, we may engage the services of subcontractors such as sub-brokers. We will solicit the consent of the customer insofar as the customer’s consent is required in order to disclose/share such data (as might be the case, for example, with respect to special categories of data as addressed in Art. 9 GDPR).
The deletion of data will occur upon expiration of statutory retention requirements and other comparable obligations, while we will reassess the necessity of storing data every three years; otherwise, statutory retention obligations will apply.
In the case of statutory archiving requirements, deletion will occur upon the expiration thereof. With particular reference to German law pertaining to the insurance and financial sectors, the retention requirement is 5 years for consulting records, 7 years for brokerage contract notes and 5 years for brokerage contracts, as well as 6 years in general for commercially related documentation and 10 years for tax-related documents.
Contractual Services
We process the data of our contractual partners and interested parties as well as that of other clients, customers and other contractual partners (collectively referred to as “contractual partners”) in accordance with Art. 6 par. 1 lit. b. GDPR, in order to fulfill our contractual or pre-contractual services to them. The precise data which is processed, the type, the scope and the purpose as well as the need for the processing thereof is determined by the underlying contractual relationship.
Such processed data includes master data of our contractual partners (e.g. names and addresses), contact data (e.g. email addresses and telephone numbers) as well as contractual data (e.g. utilized services, contract terms, contractual communication, names of contact persons) and payment data (e.g. bank details, payment history).
Special categories of personally identifiable data are generally not processed by us, other than if they are components of a processing procedure which has been requested or contracted for.
We process data that is necessary in order to justify and fulfill contracted services and expressly point out the necessity of this data, insofar as this is not immediately evident to the contractual partner. This data is only shared with external persons or businesses if it is required within the framework of the contract. When processing data which has been entrusted to us within the scope of a contract, we handle this data in accordance with the instructions of the client as well as our legal obligations.
Within the framework of our online services, we may store the IP address as well as the precise point in time when the user initiated an action. Such storage is based upon our own legitimate interest, as well as the user’s interest in being protected from fraud or other unauthorized use. In general, such data will not be shared with third parties, unless it is necessary in order to pursue your claims in accordance with Art. 6 par. 1 lit. f. GDPR or there is a legal obligation to do so pursuant to Art. 6 par. 1 lit. c. GDPR.
Deletion of data will occur when the data is no longer required for the purposes of fulfilling contractual or fiduciary obligations, or for the management of contractual and comparable obligations. The necessity for continued storage of such data will be reviewed every three years; otherwise, statutory retention requirements will apply.
Administration, Accounting, Clerical, Contact Administration
We process data within the framework of our administrative duties as well as the organization of our business, financial accounting and in order to meet statutory requirements, which includes archiving. In doing so, we process the same data which we process within the scope of providing our contracted services. The legal basis for processing this information is provided by Art. 6 par. 1 lit. c. GDPR, Art. 6 par. 1 lit. f. GDPR. The processing of said data affects customers, interested persons, business partners and website visitors. The purpose of and our interest in processing the data lie in administration, financial accounting, clerical organization, archiving of data, that is to say in tasks which are associated with maintaining our business activities, meeting our obligations and providing our services. The deletion of data with respect to contractual services and contractual communication is in adherence with cited procedures for the respective processing activities.
In so doing, we reveal or transfer data to financial managers, consultants etc. such as tax consultants, auditors as well as revenue offices and payment providers.
Furthermore, on the basis of our legitimate business interests we store information about suppliers, organizers and other business partners, e.g. for the purposes of subsequent contact maintenance. Such data, which is predominantly focused on our own business, is generally stored on a permanent basis.
Business Analysis and Market Research
In order to operate our business commercially, to recognize market trends as well as respond better to the wishes of contractual partners and users, we analyze available data pertaining to business transactions, contracts, inquiries etc. In so doing, we process master data, communication data, contractual data, payment data, usage data, meta-data on the legal basis of Art. 6 par. 1 lit. f. GDPR, with affected persons including contractual partners, interested persons, customers, visitors and users of our online offer.
Analyses are conducted for the purposes of business analysis, marketing and market research. In so doing, we may reference profile information from registered users, such as those services they have utilized. The analyses help us to improve user-friendliness and optimize our offer as well as our business practices. These analyses are conducted for our own purposes and are not shared externally, insofar as data does not involve anonymized analysis of compiled statistics.
Insofar as such analyses or profiles are person-specific, pursuant to notice received from the user they will be deleted or anonymized, otherwise this will occur two years subsequent to conclusion of the contract. Furthermore, general business and trend analyses are conducted on an anonymous basis whenever possible.
Contact
When getting in contact with us (e.g. using the contact form, email, telephone or social media), the user’s information is utilized in order to process the contact request in accordance with Art. 6 par. 1 lit. b. (in the framework of contractual/pre-contractual relationships), Art. 6 par. 1 lit. f. (other requests) GDPR. The user’s information may be stored in a Customer Relationship Management System (“CRM System”) or comparable inquiry-handling system.
We delete inquiries insofar as they are no longer required. We reassess the necessity of storing inquiries every two years; furthermore, stored inquiries are subject to statutory archiving regulations.
CRM System Zendesk
We utilize the CRM system “Zendesk” from Zendesk, Inc., 989 Market Street #300, San Francisco, CA 94102, USA, in order to process user requests faster and more efficiently (based on our legitimate interest per Art. 6 par. 1 lit. f. GDPR).
Zendesk is certified under the Privacy Shield, which means it guarantees to abide by European data privacy laws (https://www.privacyshield.gov/participant?id=a2zt0000000TOjeAAG&status=Active).
Zendesk utilizes user data for the technical processing of inquiries and does not share this data with third parties. In order to utilize Zendesk, the user must at least provide a correct email address. Pseudonymic use is possible. When processing service requests, it may prove necessary to collect additional data (name, address).
If users do not consent either to data collection or data storage by means of the external Zendesk system, we offer alternative contact options in order to submit service requests, including email, telephone, fax or the postal service.
Users may obtain additional information from Zendesk’s own privacy policy: https://www.zendesk.de/company/customers-partners/privacy-policy/.
CRM System from Help Scout
We utilize the CRM system of provider Help Scout Inc., 131 Tremont St, Boston, MA 02111-1338, USA, in order to process user requests faster and more efficiently (based on our legitimate interest per Art. 6 par. 1 lit. f. GDPR).
Help Scout is certified under the Privacy Shield, which means it guarantees to abide by European data privacy laws insofar as data is processed in the USA (https://www.privacyshield.gov/participant?id=a2zt0000000KzX1AAK&status=Active).
Help Scout utilizes user data for the technical processing of inquiries and does not share this data with third parties. In order to utilize Help Scout, the user must at least provide a correct email address. Pseudonymic use is possible. When processing service requests, it may prove necessary to collect additional data (name, address).
If users do not consent either to data collection or data storage by means of the external Help Scout system, we offer alternative contact options in order to submit service requests, including email, telephone, fax or the postal service.
Users may obtain additional information from Help Scout’s own privacy policy: https://www.helpscout.net/company/legal/privacy/.
Newsletter
The following notice provides you with information about the our newsletter content, registration, mailing and statistical analysis, as well as your revocation rights. By subscribing to our newsletter, you expressly declare your consent to receipt of the newsletter as well as to the processes as described.
Content of the newsletter: We send out the newsletter, emails and other electronic notices containing commercial information (hereinafter referred to collectively as “newsletter”) only with the recipient’s consent or on the basis of legal permission. Inasmuch as, during the process of registering for the newsletter, the content thereof is outlined in concrete terms, such content is determinative for the user’s consent. Furthermore, our newsletters contain information about our products and other pertinent information (e.g. security notices), offers, specials and our company.
Double opt-in and logging: Registration for our newsletter involves a so-called double opt-in process. In other words, after you have registered you will receive an email in which you are asked to confirm your registration. This confirmation is necessary so that no one can sign up using someone else’s email address. All registrations for our newsletter are logged in order to prove that the registration process was conducted as required by law. This includes logging the time that the registration and confirmation were made as well as the IP address. Likewise, any changes made to data stored by the newsletter mailing provider are also logged.
Required registration data: In order to register for the newsletter, you will only need to provide your email address. You do also have the option to provide your name, which will allow us to personalize the salutation contained in the newsletter.
The mailing of the newsletter as well as analysis of the success thereof is conducted on the basis of the recipient’s consent per Art. 6 par. 1 lit. a, Art. 7 GDPR in conjunction with § 107 par. 2 TKG or, in the event that consent is not required, on the basis of our legitimate interest in direct marketing per Art. 6 par. 1 lt. f. GDPR in conjunction with § 107 par. 2 & 3 TKG.
The logging of the registration process is conducted on the basis of our legitimate interest per Art. 6 par. 1 lit. f GDPR. Our interest is focused on utilization of a user-friendly as well as secure newsletter system which both serves our commercial interests as well as meets the expectations of users, and which also permits us to provide evidence that consent has been expressed.
Cancellation/Revocation – You may cancel the newsletter at any time, i.e. revoke your consent. You will find a link to unsubscribe from the newsletter at the end of every newsletter. We may store email addresses for up to three years based on our legitimate interest, in order to prove that consent had previously been granted. The processing of such data is restricted to the purpose of defending ourselves against potential claims. The user may submit an individual deletion request at any time, insofar as this includes affirmation that consent had previously been given.
Hosting and Email Transmission
The hosting services which we utilize are intended to provide the following services: infrastructure and platform services, computing capacity, adequate storage as well as database services, email transmission, security features as well as technical maintenance required in order to operate our online offer.
To do so, we and/or our hosting provider process master data, contact data, content data, contractual data, usage data, meta- and communication data from the customer, interested persons and visitors to our online offer on the basis of our legitimate interest in providing an efficient and secure online offer per Art. 6 par. 1 lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of a contract for order processing).
Collection of Access Data and Log Files
On the basis of our legitimate interest per Art. 6 par. 1 lit. f. GDPR, we and/or our web hosts collect data about every access to the server where our service is located (so-called server log files). This access data includes the name of the webpage accessed, the file, the date and time of access, the amount of data transferred, whether or not the requested page opened successfully, the browser type and version, the user’s operating system, referrer URL (the website which had been visited immediately prior), IP address and the requesting provider.
For security purposes (e.g. to investigate instances of fraud or abuse), log file information is stored for a maximum period of 7 days, after which it is deleted. Data which needs to be stored for evidentiary purposes is excluded from this deletion provision until such time as the case in question has been resolved.
Google Analytics
On the basis of our legitimate interest (i.e. interest in the analysis, optimization and commercial operation of our online offer as per Art. 6 par. 1 lit. f. GDPR), we use Google Analytics, a web analysis service provided by Google LLC (“Google”). Google uses cookies. The information generated by this cookie about use of our online offer by the user is generally transmitted to a Google server in the USA and stored there.
Google is certified under the Privacy Shield, which means it guarantees to abide by European data privacy laws (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google will use this information on our behalf in order to analyze use of our online offer by the user, in order to compile reports about activities within our online offer as well as to provide us with other related information pertaining to use of our online offer and of the Internet in general. This process may involve use of processed data in order to create pseudonymous user profiles.
We only use Google Analytics in conjunction with activated IP anonymization. This means that the user’s IP address within member states of the European Union or in other states that are signatories to the charter of the European Economic Area are automatically truncated by Google. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA, where it is then truncated.
The IP address which is transmitted by the user’s browser is not merged by Google with other data. The user may prevent the storage of cookies by making corresponding changes to the settings of their browser software; Furthermore, the user may prevent collection and transmission of data pertaining to their use of our online offer to Google, as well as the processing thereof, by using the following link to download and install a browser plug-in: http://tools.google.com/dlpage/gaoptout?hl=de.
Additional information about data use by Google, your settings as well as blocking options can be found in Google’s own data privacy policy (https://policies.google.com/technologies/ads) as well as in Google’s ad settings (https://adssettings.google.com/authenticated).
The user’s personally identifiable data will be either deleted or anonymized after 14 months.
Online Presence on Social Media
We maintain an online presence within social networks and platforms in order to communicate with customers, interested persons and users who are active there and to provide them with information about our services.
We wish to expressly point out that the user’s data may be processed outside of the European Union. This might pose potential risks for users, for example because this might make it more difficult for users to assert their legal rights. With regards to US providers who are certified within the scope of the Privacy Shield, we note that they have committed themselves to adhering to the data privacy standards required by the EU.
Furthermore, as a rule the user’s data is processed for market-research and advertising purposes. This may result in creation of a usage profile of the user based on elicited usage behavior and user interests. In turn, the usage profile may be used in order to display advertising presumed to be of interest to the user, both inside and outside of particular platforms. To this end, cookies are generally stored on the user’s computers and contain the usage behavior as well as interests of the user. In addition, these usage profiles may also contain data independent of whatever devices are being used (especially if users are members of the various platforms and are logged in to them).
The processing of personally identifiable user data is on the legal basis of our legitimate interest in having effective information about the user and being able to communicate with the user consistent with Art. 6 par. 1 lit. f. GDPR. If the provider in question solicits the user’s consent to the processing of data (i.e. consent which is expressed, for example, by selecting a check box or clicking on a button), the legal basis for processing is Art. 6 par. 1 lit. a., Art. 7 GDPR.
For a detailed explanation of the various forms of data processing and the opt-out options, we draw your attention to the direct links we have listed to the respective providers.
Should you have any further questions or if you wish to assert your user rights, we point out that the most effective step is to contact the provider in question. Only these providers have access to pertinent user data, are able to provide requested information and are able to take whatever steps are necessary. Nonetheless, should further assistance be required you are more than welcome to contact us directly.
– Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) – privacy policy: https://www.facebook.com/about/privacy/, opt-out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.
– Google/ YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) – privacy policy: https://policies.google.com/privacy, opt-out: https://adssettings.google.com/authenticated, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
– Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) – privacy policy/opt-out: http://instagram.com/about/legal/privacy/.
– Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – privacy policy: https://twitter.com/de/privacy, opt-out: https://twitter.com/personalization, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
– Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA) – privacy policy/opt-out: https://about.pinterest.com/de/privacy-policy.
– LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland) – privacy policy https://www.linkedin.com/legal/privacy-policy, opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.
– Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany) – privacy policy/ opt-out: https://privacy.xing.com/de/datenschutzerklaerung.
– Wakalet (Wakelet Limited, 76 Quay Street, Manchester, M3 4PR, United Kingdom) – privacy policy/ opt-out: https://wakelet.com/privacy.html.
– Soundcloud (SoundCloud Limited, Rheinsberger Str. 76/77, 10115 Berlin, Germany) – privacy policy/ opt-out: https://soundcloud.com/pages/privacy.
Integration of Third-Party Services and Content
On the basis of our legitimate interest (i.e. our interest in the analysis, optimization and commercial operation of our online offer as addressed in Art. 6 par. 1 lit. f. GDPR), within our online offer we utilize content and/or services from third-party providers in order to integrate their content and services, such as videos and fonts (hereinafter referred to as “content”).
This always requires that the third-party provider of such content has access to the user’s IP address since, without the IP address, the third-party provider would be unable to send content to the user’s browser. In other words, the IP address is essential in order to present this content. We make every effort to only use content whose providers utilize the IP address solely to deliver content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. By means of these pixel tags, it is possible to analyze information pertaining to visitor traffic on the various pages of this website. Pseudonymic information may also be stored on the user’s device in the form of cookies, providing technical information about the browser and operating system, the referring websites, session times as well as other data pertaining to use of our online offer, which may in turn be merged with information from other sources.
Google Fonts
We integrate the use of fonts (“Google Fonts”) supplied by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.
Google Maps
We integrate the use of maps (“Google Maps”) supplied by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. This requires the processing of data that includes the IP address and location of the user, though this will not be collected without the user’s consent (as a rule, this is expressed in the settings on the user’s mobile device). This data may be processed in the USA. Privacy policy: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.
Created by RA Dr. Thomas Schwenke using Datenschutz-Generator.de