We have drawn up this privacy policy in order to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (data for short) we as the controller - and the processors (e.g. providers) commissioned by us - process, will process in the future and what legal options you have. The terms used are to be understood as gender-neutral.
This privacy policy applies to all personal data processed by our company and to all personal data processed by companies commissioned by us (processors). By personal data, we mean information within the meaning of Art. 4 No. 1 GDPR, such as a person's name, email address and postal address. The processing of personal data ensures that we can offer and invoice our services and products, whether online or offline. The scope of this privacy policy covers all online presences that we operate (websites, online shops, etc.) as well as all social media presences and email communication.
The data protection declaration of TWNTY Digital GmbH is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance. We use the following terms, among others, in this privacy policy:
Personal data is any information relating to an identified or identifiable natural person (hereinafter "person concerned"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Person concerned is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction on processing is the marking of stored personal data with the aim of restricting its future processing.
Profiling is any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other individual which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor is a natural or legal person, public authority, agency or other individual which processes personal data on behalf of the controller.
Recipient is a natural or legal person, public authority, agency or another individual, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular enquiry in accordance with Union or Member State law shall not be regarded as recipients.
Third party is a natural or legal person, public authority, agency or individual other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
Consent is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which the person concerned, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to the person concerned.
The use of this website is generally possible without providing personal data. If the opportunity for the input of personal or business data (e-mail address, name, address) is given, the input of this data takes place voluntarily. The use of all services offered is, as far as technically possible and reasonable, also permitted without providing such data or by providing anonymised data or a pseudonym.
In the following privacy policy, we provide you with transparent information on the legal principles and regulations, i.e. the legal basis of the General Data Protection Regulation, which enables us to process personal data. As far as EU law is concerned, we refer to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016. The EU General Data Protection Regulation can be viewed online at EUR-Lex. We only process data if at least one of the following conditions applies:
(Article 6 para. 1 lit. a GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of the data you enter in a contact form.
(Article 6 para. 1 lit. b GDPR): In order to fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a purchase contract with you, we require personal information in advance.
(Article 6 para. 1 lit. c GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally obliged to keep invoices for accounting purposes. These usually contain personal data.
(Article 6 para. 1 lit. f GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to operate our website securely and efficiently. This processing is therefore a legitimate interest.
The responsible provider or responsible individual for this website in terms of data protection law is:
TWNTY Digital GmbH
Schillerstraße 4, 04109 Leipzig
Authorized to represent: Kay Theuer
E-Mail: info@twnty.de
Impressum
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, email addresses, etc.).
It is a general criterion that we only store personal data for as long as is absolutely necessary for the provision of our services and products. This means that we delete personal data as soon as the reason for the data processing no longer exists. In some cases, we are legally obliged to store certain data even after the original purpose has ceased to exist, for example for accounting purposes. If you wish your data to be deleted or revoke your consent to data processing, the data will be deleted as quickly as possible, provided there is no obligation to store it. We will inform you below about the specific duration of the respective data processing if we have further information on this.
According to Articles 13, 14 GDPR, you have the following rights:
According to Article 15 GDPR, you have a right to information about whether we process your data. If this is the case, you have the right to receive a copy of the data and the following information: the purpose for which we are processing the data; the categories or the types of data that are processed; who receives this data and, if the data is transferred to third countries, how security can be guaranteed; how long the data is stored; the existence of the right to rectification, erasure or restriction of processing and the right to object to processing; that you can lodge a complaint with a supervisory authority (links to these authorities can be found below); the origin of the data if we have not collected it from you; whether profiling is carried out, i.e. whether data is automatically analyzed to create a personal profile of you.
According to Article 16 GDPR, you have a right to rectification of data, which means that we must correct data if you find errors.
According to Article 17 GDPR, you have the right to deletion ("right to be forgotten"), which specifically means that you may request the cancellation of your data.
According to Article 18 GDPR, you have the right to restriction of processing, which means that we may only store the data, but not use it any further.
According to Article 20 GDPR, you have the right to data portability, which means that we will provide you with your data in a commonly used format upon request.
According to Article 21 GDPR, you have the right to objection, which will result in a change to the processing after enforcement. If the processing of your data is based on Article 6 para. 1 lit. e (public interest, exercise of official authority) or Article 6 para. 1 lit. f (legitimate interest), you can object to the processing. We will then check as quickly as possible whether we can legally honor this objection. If data is used for direct marketing purposes, you can object to this type of data processing at any time. We may then no longer use your data for direct marketing. If data is used for profiling, you can object to this type of data processing at any time. We may then no longer use your data for profiling.
According to Article 77 GDPR, you have the right to lodge a complaint. This means that you can lodge a complaint with the data protection authority at any time if you believe that the processing of your personal data is in breach of the GDPR.
Um personenbezogene Daten zu schützen, haben wir sowohl technische als auch organisatorische Maßnahmen umgesetzt. Wo es uns möglich ist, verschlüsseln oder pseudonymisieren wir personenbezogene Daten. Dadurch machen wir es im Rahmen unserer Möglichkeiten so schwer wie möglich, dass Dritte aus unseren Daten auf persönliche Informationen schließen können. Artikel 25 DSGVO spricht hier von "Datenschutz durch Technikgestaltung und durch datenschutzfreundliche Voreinstellungen" und meint damit, dass man sowohl bei Software (z. B. Formularen) also auch Hardware (z. B. Zugang zum Serverraum) immer an Sicherheit denkt und entsprechende Maßnahmen setzt. Im Folgenden gehen wir, falls erforderlich, noch auf konkrete Maßnahmen ein.
We use HTTPS (Hypertext Transfer Protocol Secure) to transfer data securely on the internet. This enables us to fulfill data protection by design (Article 25 para. 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. An encrypted connection can be recognised by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in the browser line. If encryption is activated, the data that the user transmits to us cannot be read by third parties.
When you contact us and communicate by telephone, e-mail or online form, personal data may be processed. The data is processed for the handling and processing of your enquiry and the associated business transaction. The data will be stored for as long as necessary or as long as required by law. All those who contact us via the communication channels provided by us are affected by the aforementioned processes.
When you call us, the call data is stored pseudonymised on the respective end device and with the telecommunications provider used. In addition, data such as your name and telephone number may subsequently be sent by e-mail and stored for the purpose of responding to your enquiry. The data is deleted as soon as the business transaction has been completed and legal requirements permit.
If you communicate with us by email, data may be stored on the respective end device (computer, laptop, smartphone, etc.) and data may be stored on the email server. The data will be deleted as soon as the business transaction has been completed and legal requirements permit.
If you communicate with us using an online form, data is stored on our web server and may be forwarded to one of our email addresses. The data will be deleted as soon as the business transaction has been completed and legal requirements permit.
The processing of the data is based on the following legal bases: Art. 6 para. 1 lit. a GDPR - Consent (you give us your consent to store your data and continue to use it for purposes relating to the business case); Art. 6 para. 1 lit. b GDPR - Contract (it is necessary for the fulfillment of a contract with you or a processor such as the telephone provider or we need to process the data for pre-contractual activities such as the preparation of an offer); Art. 6 para. 1 lit. f GDPR - Legitimate interests (we want to process customer enquiries, e.g. for the preparation of an offer). B. the telephone provider or we need to process the data for pre-contractual activities, such as the preparation of an offer); Art. 6 para. 1 lit. f GDPR - Legitimate interests (We want to handle customer enquiries and business communication in a professional manner. This requires certain technical facilities such as email programmes, exchange servers and mobile network operators in order to operate communication efficiently).
Our website uses HTTP cookies to store user-specific data. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified. Cookies store certain user data about you, such as language or personal page settings. When you visit our site again, your browser transmits this user-related information back to our site. Thanks to cookies, our website knows who you are and offers you the settings you are used to. In some browsers, each cookie has its own file; in others, such as Firefox, all cookies are stored in a single file. There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programmes and do not contain viruses, Trojans or other "malware". Cookies also cannot access information on your PC.
The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the privacy policy. At this point, we would like to briefly explain the different types of HTTP cookies. There are four types of cookies: Essential cookies (These cookies are necessary to ensure basic website functions. For example, these cookies are needed when a user places a product in the shopping basket, then continues surfing on other pages and only goes to the checkout later. These cookies do not delete the shopping basket even if the user closes their browser window); Purpose cookies (These cookies collect information about user behavior and whether the user receives any error messages. These cookies are also used to measure the loading time and behavior of the website with different browsers); Targeting cookies (These cookies ensure better user-friendliness. For example, entered locations, font sizes or form data are saved) and advertising cookies (These cookies are also known as targeting cookies. They are used to deliver customized advertising to the user). When you visit a website for the first time, you are usually asked which of these cookie types you would like to allow. And of course this decision is also stored in a cookie.
The storage period depends on the cookie in question and is specified below. Some cookies are deleted after less than an hour, others can remain stored on a computer for several years. You can also influence the storage period yourself. You can delete all cookies manually at any time via your browser (see also "Right to object" below). Furthermore, cookies that are based on consent will be deleted at the latest after you withdraw your consent, thereby the legality of the storage until then remains unaffected. Temporary cookies (session cookies) are deleted at the latest after a user has left an online service and closed their end device (e.g. browser or mobile application). Permanent cookies remain stored even after the end device is closed. For example, the login status can be saved or content can be displayed directly when the user visits a website again.
You decide how and whether you want to use cookies. Regardless of which service or website the cookies originate from, you always have the option of deleting, deactivating or only partially allowing cookies. For example, you can block third-party cookies but allow all other cookies. If you want to find out which cookies have been stored in your browser, if you want to change or delete and manage cookie settings, you can adjust this in your browser settings or find information on this under the following links: Google Chrome, Apple Safari, Mozilla Firefox, Internet Explorer and Microsoft Edge. If you do not wish to have any cookies, you can set up your browser so that it always informs you when a cookie is to be set. You can then decide for each individual cookie whether or not to allow it. The procedure differs depending on the browser, in this case please refer to the settings or help of your browser.
The so-called "Cookie Guidelines" have been in place since 2009. These state that the storage of cookies requires your consent (Article 6 para. 1 lit. a GDPR). However, there are still very different reactions to these directives within the EU countries. In Austria, however, this directive has been implemented in § 96 para. 3 of the Telecommunications Act (TCA). In Germany, the cookie directives have not been implemented as national law. Instead, this directive was largely implemented in § 15 para. 3 of the Telemedia Act (TMA). For strictly necessary cookies, even if no consent has been given, there are legitimate interests (Article 6 para. 1 lit. f GDPR), which in most cases are of an economic nature. We want to provide visitors to the website with a pleasant user experience and certain cookies are often absolutely necessary for this. If cookies that are not absolutely necessary are used, this is only done with your consent. The legal basis in this respect is Article 6 para. 1 lit. a GDPR. In the following sections, you will be informed in more detail about the use of cookies if the software used utilizes cookies.
You can apply for a job in our company by email, online form or via a recruiting tool. All data that we receive and process from you as part of an application is considered application data. You always disclose personal data such as your name, date of birth, address and telephone number.
We process your data so that we can carry out a proper selection procedure in relation to the advertised position. We are also happy to keep your application documents in our application archive. This is because it often happens that, for a variety of reasons, we are not able to work with you for the advertised position, but we are impressed by you and your application and can very well imagine working with you in the future. If you give us your consent, we will archive your documents so that we can easily contact you for future jobs in our company. We guarantee that we will handle your data with particular care and will only ever process your data within the legal framework. Even within our company, your data will only be passed on to people who are directly involved with your application.
When you apply to us, we receive personal data, as mentioned above. However, only the data that is relevant to our decision as to whether or not we want to welcome you to our team will be processed in the course of the application process. Exactly which data is processed depends primarily on the job advertisement. In most cases, however, it will be your name, date of birth, contact details and proof of qualifications. If you submit your application via an online form, the data will be encrypted and forwarded to us. If you send us the application by email, this encryption does not take place. We can therefore accept no responsibility for the transmission route. However, as soon as the data is stored on our servers, we are responsible for the lawful handling of your data. During an application process, in addition to the above-mentioned data, information about your health or ethnic origin may also be requested so that we and you can exercise the rights relating to labor law, social security and social protection and at the same time comply with the corresponding obligations. This data is special category data. Here is a list of possible data that we receive and process from you: Name, contact address, email address, telephone number, date of birth, other or further information (which can be found in cover letters and CVs), proof of qualifications (e.g. certificates), special category data (e.g. ethnic origin, health data, religious beliefs), usage data (websites visited, access data etc.), metadata (e.g. IP address, device information).
If we accept you as a team member in our company, your data will be processed further for the purpose of the employment relationship and stored by us at least until the end of the employment relationship. All application documents will then be placed in your employee file. If we do not offer you the job, you reject our offer or withdraw your application, we may retain your data for up to 6 months after completion of the application process on the basis of legitimate interest (Article 6 paragraph 1 lit. f GDPR). After that, both your electronic data and all data from physical application documents will be completely deleted or destroyed. We keep your data so that we can answer any follow-up questions or so that we can provide evidence of the application in the event of a legal dispute. If a legal dispute arises and we may still need the data after the 6 months have expired, we will only delete the data when there is no longer any reason to retain it. If there are statutory retention obligations to be fulfilled, we must generally store the data for longer than 6 months. We may also store your data for longer if you have given your special consent. We do this, for example, if we can imagine working with you in the future. It is then helpful to have your data archived so that we can contact you easily. In this case, the data will be added to our applicant pool. Of course, you can revoke your consent to the longer storage of your data at any time. If you do not revoke your consent and do not provide new consent, your data will be deleted after 2 years at the latest.
The legal basis for the processing of your data is Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. b GDPR (contract or pre-contractual measures), Art. 6 para. 1 lit. f GDPR (legitimate interests) and Art. 9 para. 2 lit. a. GDPR (processing of special categories). If we include you in our applicant tool, this is done on the basis of your consent (Art. 6 para. 1 lit. a GDPR). We would like to point out that your consent in our application pool is voluntary, has no influence on the application process and you have the option to withdraw your consent at any time. This does not affect the lawfulness of the processing up to the time of revocation. In the case of the protection of vital interests, data processing is carried out in accordance with Art. 9 para. 2 lit. c GDPR. For the purposes of health care, occupational medicine, medical diagnostics, health or social care or treatment or for the management of health or social care systems and services, the processing of personal data is carried out in accordance with Art. 9 para. 2 lit. h GDPR. If you voluntarily provide data of special categories, the processing is carried out on the basis of Art. 9 para. 2 lit. a GDPR.
When you visit a website, information, including personal data, is automatically created and stored, including on this website. This data should be processed as sparingly as possible and only with justification. By website, we mean the entirety of all web pages on a domain, i.e. each individual page and all subpages. When you view a website on a computer, tablet or smartphone, a programme (web browser, e.g. Chrome, Safari, Firefox, Microsoft Edge) is used for this purpose. To display the website, the browser must connect to another computer (the so-called web server) where the website code is stored. The operation of a web server is handled by professional providers. They offer web hosting and thus ensure reliable and error-free storage of website data. When the browser on your computer (desktop, laptop, tablet or smartphone) connects and during data transfer to and from the web server, personal data may be processed. On the one hand, your computer stores data; on the other hand, the web server must also store data for a certain period of time in order to ensure proper operation.
The purposes of data processing are: Professional hosting of the website and securing the operation and provision of our online offer and user-friendliness, to maintain operational and IT security as well as the anonymous evaluation of access behavior to improve our offer and, if necessary, for criminal prosecution or prosecution of claims.
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. By default, the following data is automatically stored by the web server on which the website is stored during a visit to our website: the complete Internet address (URL) of the website accessed; browser and browser version (e.g. Chrome 87); the operating system used (e.g. Windows 10); the address or URL of the previously visited page (referrer URL), the host name and IP address of the device from which access is made, as well as the date and time in files, the so-called web server log files.
The web hosting services we use include sending, receiving and storing emails. For these purposes, the addresses of the recipients and senders and other information relating to the sending of emails (e.g. the providers involved) and the content of the respective e-mails are processed. The data may also be processed for the purpose of recognising SPAM. E-mails are generally not encrypted on the Internet; this fact should always be taken into account. Although e-mails are generally encrypted in transit, they are not encrypted on the servers from which they are sent and received (unless an end-to-end encryption process is used). We therefore accept no responsibility for the transmission path of emails between the sender and receipt on our server (web hosting, provider).
By default, the above-mentioned data is stored for a fortnight (by our provider on their servers) and then automatically deleted. We do not pass this data on, but we cannot rule out the possibility of this data being viewed by the authorities in the event of unlawful behavior.
We use the service for web hosting or the service for the provision of information technology infrastructure and related services (e.g. storage space and computing capacities) from the following service provider: ALL-INKL.COM - Neue Medien Münnich, Owner: René Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany; Website https://all-inkl.com; Privacy Policy: https://all-inkl.com/datenschutzinformationen. We have concluded an order processing contract (AVV) with the above-mentioned provider. This is a contract prescribed by data protection law, which guarantees that the provider will only process the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
The lawfulness of the processing of personal data in the context of web hosting results from Art. 6 para. 1 lit. f GDPR (protection of legitimate interests), because the use of professional hosting with a provider is necessary in order to present the company on the Internet in a secure and user-friendly manner and to be able to pursue attacks and claims from this if necessary. There is usually a contract between us and the hosting provider for order processing in accordance with Art. 28 f. GDPR, which ensures compliance with data protection and guarantees data security.
In addition to our website, we are also active on various social media platforms and maintain online presences within these social networks. User data may be processed so that we can target users who are interested in us via the social networks. In addition, elements of a social media platform may also be embedded directly in our website. This is the case, for example, if you click on a social button on our website and are forwarded directly to our social media presence. Social media refers to websites and apps through which registered members can produce content, disclose content or exchange content in certain groups and network with other members.
Our social media presence enables us to present our products and services to interested parties. The social media elements integrated on our website help you to switch to our social media content quickly and without complications. The data that is stored and processed through your use of a social media channel is primarily used to carry out web analyses. The aim of these analyses is to be able to develop more precise and personalized marketing and advertising strategies. Depending on your behavior on a social media platform, the analyzed data can be used to draw conclusions about your interests and create user profiles. This also enables the platforms to present you with customized advertisements. Cookies are usually set in your browser for this purpose, which store data on your usage behavior. By default, we assume that we remain responsible under data protection law, even if we use the services of a social media platform. However, the European Court of Justice has ruled that in certain cases the operator of the social media platform may be jointly responsible with us within the meaning of Art. 26 GDPR. If this is the case, we will point this out separately and work on the basis of an agreement to this effect. The essence of the agreement is then reproduced below for the platform concerned. Please note that when using the social media platforms or our built-in elements, your data may also be processed outside the European Union, as many social media channels, such as Facebook or Twitter, are American companies. As a result, you may not be able to claim or enforce your rights in relation to your personal data as easily.
Exactly which data is stored and processed depends on the respective provider of the social media platform. However, it usually involves data such as telephone numbers, email addresses, data that you enter in a contact form, user data such as which buttons you click, who you like or follow, when you visited which pages, information about your device and your IP address. Most of this data is stored in cookies. Data can be linked to your profile, especially if you have a profile on the social media channel you are visiting and are logged in. All data that is collected via a social media platform is also stored on the provider's servers. This means that only the providers have access to the data and can provide you with the appropriate information or make changes. If you want to know exactly what data is stored and processed by the social media providers and how you can object to data processing, you should read the company's privacy policy carefully. We also recommend that you contact the provider directly if you have any questions about data storage and data processing or wish to assert corresponding rights.
We will inform you about the duration of data processing below if we have further information on this. For example, the social media platform Facebook stores data until it is no longer required for its own purposes. However, customer data that is compared with our own user data is deleted within two days. In general, we only process personal data for as long as is absolutely necessary for the provision of our services and products. If required by law, for example in the case of accounting, this storage period may be exceeded.
You also have the right and the option to revoke your consent to the use of cookies or third-party providers such as embedded social media elements at any time. This works either via a cookie management tool used by us (insofar as it is necessary at all) or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser. As cookies may be used with social media tools, we also recommend that you read our general privacy policy on cookies. To find out exactly which of your data is stored and processed, you should read the privacy policies of the respective tools.
If you have consented to your data being processed and stored by integrated social media elements, this consent is the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). By default, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in fast and good communication with you or other customers and business partners if you have given your consent. Nevertheless, we only use the tools if you have given your consent. Most social media platforms also set cookies in your browser to store data. We therefore recommend that you read our data protection text on cookies carefully and consult the privacy policy or cookie guidelines of the respective service provider. Information on specific social media platforms - if available - can be found in the following sections.
We operate a company presence on the Facebook platform to advertise our products and services and to communicate with interested parties or customers. We are jointly responsible for this social media platform with Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. Facebook's data protection officer can be reached via a contact form https://www.facebook.com/help/contact/540977946302970. We have regulated the joint responsibility in an agreement regarding the respective obligations within the meaning of the GDPR. This agreement, which sets out the mutual obligations, is available at the following link: https://www.facebook.com/legal/terms/page_controller_addendum. The legal basis for the processing of personal data that takes place as a result and is described below is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in analyzing, communicating, selling and advertising our products and services. The legal basis may also be the user's consent to the platform operator in accordance with Art. 6 para. 1 lit. a GDPR. The user can revoke this consent for the future at any time by notifying the platform operator in accordance with Art. 7 para. 3 GDPR. When our online presence is accessed on the Facebook platform, user data (e.g. personal information, IP address, etc.) is processed by Facebook Ireland Ltd. as the operator of the platform in the EU. This user data is used for statistical information about the utilization of our company presence on Facebook. Facebook Ireland Ltd. uses this data for market research and advertising purposes and to create user profiles. Based on these profiles, Facebook Ireland Ltd. is able, for example, to advertise users within and outside of Facebook based on their interests. If the user is logged into their Facebook account at the time of access, Facebook Ireland Ltd. can also link the data to the respective user account. If the user contacts us via Facebook, the personal data entered by the user on this occasion will be used to process the enquiry. The user's data will be deleted by us if the user's enquiry has been conclusively answered and there are no legal obligations to retain the data, e.g. in the case of subsequent contract processing. Facebook Ireland Ltd. may also set cookies to process the data. If the user does not agree to this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. Cookies that have already been saved can also be deleted at any time. The settings for this depend on the respective browser. In the case of Flash cookies, processing cannot be prevented via the browser settings, but by the corresponding setting of the Flash player. If the user prevents or restricts the installation of cookies, this may mean that not all Facebook functions can be used to their full extent. Further information on the processing activities, their prevention and the deletion of data processed by Facebook can be found in Facebook's data policy: https://www.facebook.com/privacy/explanation. It cannot be ruled out that processing by Meta Platforms Ireland Limited also takes place via Meta Platforms, Inc, 1601 Willow Road, Menlo Park, California 94025 in the USA. Further information: Privacy policy, Facebook, Privacy Policy specifically for pages, Opt-Out, youronlinechoices.com and Privacy Shield.
We operate a company presence on the Instagram platform to advertise our products and services and to communicate with interested parties or customers. We are jointly responsible for this social media platform with Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. The data protection officer of Instagram can be reached via a contact form: https://www.facebook.com/help/contact/540977946302970. We have regulated the joint responsibility in an agreement regarding the respective obligations within the meaning of the GDPR. This agreement, which sets out the mutual obligations, is available at the following link: https://www.facebook.com/legal/terms/page_controller_addendum. The legal basis for the processing of personal data that takes place as a result and is described below is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in analyzing, communicating, selling and advertising our products and services. The legal basis may also be the user's consent to the platform operator in accordance with Art. 6 para. 1 lit. a GDPR. The user can revoke this consent for the future at any time by notifying the platform operator in accordance with Art. 7 para. 3 GDPR. When our online presence is accessed on the Instagram platform, user data (e.g. personal information, IP address, etc.) is processed by Facebook Ireland Ltd. as the operator of the platform in the EU. This user data is used for statistical information about the utilization of our company presence on Instagram. Facebook Ireland Ltd. uses this data for market research and advertising purposes and to create user profiles. Based on these profiles, Facebook Ireland Ltd. is able, for example, to advertise users within and outside of Instagram based on their interests. If the user is logged into their Instagram account at the time of access, Facebook Ireland Ltd. can also link the data to the respective user account. If the user contacts us via Instagram, the personal data entered by the user on this occasion will be used to process the enquiry. The user's data will be deleted by us if the user's enquiry has been conclusively answered and there are no statutory retention obligations to the contrary, e.g. in the case of subsequent contract processing. Facebook Ireland Ltd. may also set cookies to process the data. If the user does not agree to this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. Cookies that have already been saved can also be deleted at any time. The settings for this depend on the respective browser. In the case of Flash cookies, processing cannot be prevented via the browser settings, but by the corresponding setting in the Flash player. If the user prevents or restricts the installation of cookies, this may mean that not all Facebook functions can be used to their full extent. Further information on the processing activities, their prevention and the deletion of the data processed by Instagram can be found in Instagram's data policy: https://help.instagram.com/519522125107875. It cannot be ruled out that the processing by Facebook Ireland Ltd. also takes place via Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025 in the USA.
Xing is an internet-based social network that enables users to connect with existing business contacts and make new business contacts. Individual users can create a personal profile for themselves on Xing. Companies can, for example, create company profiles or publish job offers on Xing. The operating company of Xing is XING SE, Am Strandkai 1, 20457 Hamburg, Germany. The data protection provisions published by Xing, which can be accessed at https://privacy.xing.com/de/datenschutzerklaerung, provide information about the collection, processing and use of personal data by Xing. Xing has also published data protection information for the XING share button at https://www.xing.com/app/share?op=data_protection.
We maintain an online presence on LinkedIn to present our company and our services and to communicate with customers/prospects. LinkedIn is a service of LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, a subsidiary of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA. In this respect, we would like to point out that there is a possibility that user data may be processed outside the European Union, in particular in the USA. This may result in increased risks for users in that, for example, subsequent access to user data may be made more difficult. We also have no access to this user data. The access option lies exclusively with LinkedIn. You can find LinkedIn's privacy policy at: https://www.linkedin.com/legal/privacy-policy.
We use a link on our website to the social networks listed below. The legal basis for this is Art. 6 para. 1 lit. f GDPR. The legitimate interest is to improve the quality of use of our website. The plugins are integrated via a linked graphic. Only by clicking on the corresponding graphic will you be redirected to the service of the respective social network. After forwarding, the respective network collects information about you. This is initially data such as IP address, date, time and page visited. If you are logged into your user account of the respective network during this time, the network operator may be able to assign the information collected from the specific visit to your personal account. If you interact via a "Share" button of the respective network, this information can be stored in the personal user account and published if necessary. If you want to prevent the information collected from being directly assigned to your user account, you must log out before clicking on the graphic. It is also possible to configure your user account accordingly. The following social networks are linked on our website: Facebook: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, Privacy Policy; Instagram: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland, Datenschutzerklärung; LinkedIn: Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Irland, ein Tochterunternehmen der LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085 USA. Privacy Policy; Xing: New Work SE, Am Strandkai 1, 20457 Hamburg, Deutschland. Privacy Policy.
If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA) or the Swiss Confederation) or if this occurs in the context of the use of third-party services or disclosure or transfer of data to other persons or companies, this will only take place if it is done to fulfill our (pre)contractual obligations, on the basis of the user's consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual authorisations, we only process or have the data processed in a third country if the legal requirements are met. This means, for example, that the processing takes place on the basis of special guarantees, such as the officially recognised determination of a level of data protection corresponding to the EU (e.g. for the USA through the "Privacy Shield") or compliance with officially recognised special contractual obligations.
We use fonts from the Google Web Fonts font library (https://www.google.com/webfonts) to display the content of the website correctly and graphically appealing across browsers. However, the fonts we use from Google Web Fonts are stored locally on a server of TWNTY Digital GmbH (the fonts are stored locally as files) and there is no connection to Google's servers. There is therefore no connection to Google's script or font libraries and no transfer of personal data to Google's servers takes place. If your browser does not support web fonts, the content will be displayed in your browser in a standard font.
Our website uses Font Awesome icons from the American company Fonticons (307 S. Main St., Suite 202, Bentonville, AR 72712, USA) to display a uniform image of all icons used, regardless of the resolution of this website and the end devices used. Font Awesome is installed locally; there is no connection to Fonticons servers when you visit this website. The use of the Font Awesome library is in the interest of a uniform and appealing presentation of the online offer. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. You can view Font Awesome's privacy policy here: https://fontawesome.com/privacy.
Bootstrap (originally developed by a designer and developer at Twitter, now the most famous front-end framework and open source project worldwide) is used to display the content of the website correctly and graphically appealing across all browsers. Bootstrap is a free front-end CSS framework. It contains HTML and CSS-based design templates for typography, forms, buttons, tables, grid systems, navigation and other interface design elements as well as additional, optional JavaScript extensions. Bootstrap is installed locally; there is no connection to Bootstrap's servers when you visit this website. The use of the Bootstrap framework is in the interest of a uniform and appealing presentation of this online offer. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. Further information and Bootstrap's privacy policy can be found here: https://getbootstrap.com/.
To optimize the loading speed of this website and the correct display and function of visual effects, we also integrate jQuery or jQueryUI technologies from the OpenJS Foundation () on our website. jQuery is installed locally, a connection to jQuery servers does not take place when visiting this website. The use of jQuery is in the interest of a uniform and appealing presentation as well as the correct functionality of the online offer. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. You can find more information about jQuery at https://www.jquery.org und https://www.jquery.com.
This privacy policy is currently valid and is dated March 2024. Due to the further development of our website and offers or due to changed legal or official requirements, it may become necessary to change this privacy policy. The current privacy policy can be accessed and viewed here at any time. This privacy policy was created using the AdSimple data protection generator and the data protection generator of the law firm Weiß & Partner.