Information on the collection of personal data according to the GDPR for business partners/suppliers

As of: January 16, 2024

1. Data protection information for our website

We are pleased that you are visiting our website and would like to inform you as comprehensively as possible about the associated processing of your data. When you visit our website, personal data is collected from you.
This is data that is required so that you can use our website or that enables us to take your settings into account. This may also include information that you yourself provide to us using the contact options offered on these pages.
We use this data to ensure the proper operation and all functionalities of our website and to answer your inquiries. Below we will inform you about which data is collected on our website and for what purposes it is processed. You will also receive information about your rights and contact details from us and our data protection officer.

Further information can be found at the following links:

• Data policy information for customers
• Data policy information for business partner
• Data policy information for applicants
• Besondere Special data policy information for installment protection insurance
  

2.  Contact and data policy officer

This data protection declaration applies to the website of

MOINsure GmbH
Campus Altkarlshof, Am Kreuzgraben 1a, 18146 Rostock
eMail: datenschutz@hepster.com
Tel.: +49 381 203 888 00
www: partner.hepster.com

You can contact our data protection officer as follows:

ECOVIS Keller Rechtsanwälte PartG mbB
Rechtsanwalt Axel Keller, LL.M. / Senior Associate Karsten Neumann
Am Campus 1 - 11, 18182 Rostock-Bentwisch
Tel.: +49 381 12 88 49 - 0
eMail: dsb-nord(at)ecovis.com
www: www.ecovis.com/datenschutzberater

You have the right at any time to contact our data protection officer, free of charge and, if you wish, confidentially, to support you in enforcing your data protection rights.

3.  Purposes and legal basis of data processing, processor, and transfer to third parties in third countries

We will only use your personal data provided to us for the purposes for which they are intended.
The legal basis for the processing of your data may in particular be

• Your consent in accordance with Article 6 Paragraph 1 Letter a GDPR, for example by agreeing to the use of cookies or web analysis,
• the contract initiation and processing in accordance with Article 6 Paragraph 1 Letter b GDPR, for example, if you contact us using the form,
• our legitimate interest in accordance with Article 6 Paragraph 1 Letter f of the GDPR, for example in the context of public relations, ensuring the necessary functionalities of the website, IT and internet security, quality assurance, fraud prevention and the prosecution of criminal offences.

If you have given us consent for a specific purpose, you can revoke it informally at any time with effect for the future. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent before its revocation. Personal data is transmitted to government institutions and authorities exclusively on the basis of mandatory national legal regulations.
The persons commissioned by us to process the data are obliged to maintain confidentiality and to process the data lawfully. If your personal data is further processed for a purpose other than the original purpose, we will notify you accordingly.
We use the support of external service providers (contract processors) for certain technical processes relating to data analysis, processing and/or storage. Both we and the processor are obliged to comply with the technical and organizational measures in accordance with Art. 32 GDPR and the external service provider is also obliged to maintain confidentiality. Processing takes place exclusively on our behalf and on our instructions. Any processing of your personal data that goes beyond this order data processing will only take place with your explicit consent or in cases ordered by law and by authorities or courts.
Data will only be transferred to third countries (countries outside the European Economic Area - EEA) to the extent that this is necessary to fulfil the contract, is required by law, you have given your consent to data processing or is necessary to ensure various functionalities on the website. We will inform you about details separately if required by law.

4. Duration of data storage

In connection with the purely informational use of our homepage, we store the data that your browser transmits to our server for the period necessary to resolve malfunctions or error messages. Deletion usually takes place within 7 days after the end of the internet connection.
Further deletion periods depend on your use of the website.
If you contact us with a request using our contact options, we will store your collected personal data from the time of collection. We store the data collected in this way for the duration of our business relationship, which includes, among other things, the initiation and processing of a contract. In addition, we are subject to various storage and documentation obligations, which arise, among other things, from the Commercial Code (HGB), the Tax Code (AO) or other tax laws. The retention periods prescribed there are up to ten years after the end of the year in which the contractual relationship was terminated. Finally, with regard to the possibility of defending against legal claims and proof of fulfilment of data protection obligations, the storage period is also assessed according to the statutory limitation periods, which, according to Sections 195 ff. of the Civil Code (BGB), are generally 3 years from the end of the year in which the data was created .
In the event of further deletion periods, you will be informed further in the data protection declaration.

5. Rights of those affected (information for those affected in accordance with Chapter 3 GDPR)

You have the following data subject rights:

• the right to information in accordance with Art. 15 GDPR,
• the right to correction according to Art. 16 GDPR,
• the right to deletion according to Art. 17 GDPR,
• the right to restrict the processing of personal data in accordance with Art. 18 GDPR,
• the right to data portability in accordance with Art. 20 GDPR and
• the right to object to the processing of personal data in accordance with Article 21 GDPR.

In addition, according to Art. 77 GDPR, there is a right to lodge a complaint with a data protection authority. The complaint can be lodged with the data protection authority of the country where you reside or work or where the alleged violation occurred. If the data protection authority of another member state is responsible for the body about which you are complaining, the national data protection authority will coordinate with the other data protection authority. You can find an overview here: www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

The supervisory authority responsible for us is

The State Commissioner for Data Protection and Freedom of Information Mecklenburg-Western Pomerania
Schwerin Castle, Lennéstraße 1, 19053 Schwerin
Tel.: +49 385 594 94 0
Fax: +49 385 594 94 58
eMail: info@datenschutz-mv.de
www: www.datenschutz-mv.de
Contact: www.datenschutz-mv.de/kontakt/kontaktformular/

6. Functionality and presentation of the website

6.1. Cookies

We use cookies. Cookies are text files that are stored and stored on a computer system via an Internet browser. Cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows the websites and servers you visit to distinguish your individual browser from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified via the unique cookie ID.
By using cookies, we can provide the users of this website with more user-friendly services. Information and offers on our website can be optimized with the user in mind, for example by recognizing the user of the website. This means that you do not have to re-enter access data each time you visit the website, as this is done by the website and the cookie stored on the user's computer system.
However, when using cookies, a distinction must be made with regard to different purposes. To the extent that these small files are absolutely necessary to display the website properly, their use is not voluntary. The legal basis for the integration of cookies in this case is Art. 6 (1) lit.f GDPR.
In addition, cookies are also used on the website for the purpose of analyzing user behaviour or for marketing purposes. However, this use only occurs if you have given us your consent when you first access the website. However, you can prevent the setting of cookies through our website at any time by means of a corresponding setting in the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common internet browsers. If the setting of cookies is deactivated in the Internet browser used, not all functions of our website may be fully usable.

Listing cookies

Below you will find an overview of all cookies used according to the classification in our cookie banner.

Category: Necessary

Name of the cookie: hepster_session
Company: hepster
Purpose: After user consent, the hepster website sets cookies that are necessary to use the website and are used to display targeted offers
.Duration: 1 day

Name of the cookie: tracking-accepted
Company: hepster
Purpose: The user's decision to track in the cookie banner is stored here.
Duration: 30 days

Name of the cookie: CSRF_TOKEN / XSRF_TOKEN
Company: hepster
Purpose: ID for the app Security
Duration: 1 day

Name of the cookie: AWSALB / AWSALBCORS
Company: hepster
Purpose: Cookie is used to control the load balancer to evenly distribute the load on our servers
Duration: 7 days

Category: Statistics

Name of the cookie: et_scroll-depth
Company: tracker
Purpose: Registers whether the website's scroll depth detection is active.
Duration: Session

Name of the cookie: _et_coid
Company: tracker
Purpose: Used for cookie recognition.
Duration: 2 years

Name of the cookie: isSdEnabled
Company: tracker
Purpose: Recognises whether the scroll depth is measured for the visitor.
Duration: 1 day

Name of the cookie: pp2455 / affiliate_tracking
Company: FinanceAds
Purpose: Anonymised information on completed bookings is assigned to the affiliate partner and the affiliate partner is then paid a commission.
Duration: 60 days

Name of the cookie: ADCELLpid7425 / affiliate_tracking
Company: Adcell
Purpose: Anonymised information on completed bookings is assigned to the affiliate partner and the affiliate partner is then paid a commission.
Duration: 60 days

Name of the cookie: aw17549 / affiliate_tracking
Company: Awin
Purpose: Anonymised information on completed bookings is assigned to the affiliate partner and the affiliate partner is then paid a commission.
Duration: 60 days

Name of the cookie: bld/ affiliate_tracking
Company: Awin
Purpose: Sets a browser-specific ID to identify a new click from the same browser.
Duration: 1 year

Name of the cookie: affiliate_tracking
Company: hepster
Purpose: Anonymised information is assigned to the affiliate partner for completed bookings and a commission is then paid to the affiliate partner.
Duration: 1 month

Name of the cookie: mf_user
Company: Mouseflow
Purpose: Used to analyse user behaviour on our website in order to improve user guidance.
Duration: 90 days

Name of the cookie: mf_XXXXX
Company: Mouseflow
Purpose: Used to analyse user behaviour on our website in order to improve the user experience.
Duration: Session

Category: Marketing

Name of the cookie: NID
Company: Google.com
Purpose: Google uses cookies like the NID cookie to customise advertising in Google products like Google Search. With the help of such cookies, Google records, for example, your most recent search queries, your previous interactions with an advertiser's adverts or search results and your visits to an advertiser's website. This allows Google to display customised advertising on Google.
Duration: 180 days

Name of the cookie: DSID
Company: Google.com
Purpose: Google uses cookies such as the NID and SID cookies to customise advertising in Google products such as Google Search. For example, we use these cookies to track your most recent searches, your previous interactions with an advertiser's ads or search results, and your visits to an advertiser's website. This allows us to show you customised advertising on Google.
Duration: 180 days

Name of the cookie: __Secure-3PSID
Company: Google Ads (Google.com)
Purpose: Used for targeting purposes to build a profile of website visitors' interests in order to display relevant and personalised Google advertising.
Duration: 2 years

Name of the cookie: __Secure-3PAPISID
Company: Google Ads (Google.com)
Purpose: Used for targeting purposes to build a profile of website visitors' interests in order to display relevant and personalised Google advertising.
Duration: 2 years

Name of the cookie: __Secure-3PSIDC
Company: Google Ads (Google.com)
Purpose: Used for targeting purposes to build a profile of website visitors' interests in order to display relevant and personalised Google advertising.
Duration: 1 year

Name of the cookie: IDE
Company: Google DoubleClick (doubleclick.net)
Purpose: Cookie for ad preferences for non-Google websites. Used by Google DoubleClick to register and report the user's actions on the website after viewing or clicking on one of the provider's adverts, with the purpose of measuring the effectiveness of an advert and displaying targeted advertising to the user.
Duration: 1 year

Name of the cookie: MUID
Company: Bing (bing.com)
Purpose: Widely used by Microsoft as a unique user ID. The cookie enables user tracking by synchronising the ID in many Microsoft domains.
Duration: 13 months

Name of the cookie: _uetsid
Company: Bing (bing.com)
Purpose: Widely used by Microsoft as a unique user ID. The cookie enables user tracking by synchronising the ID in many Microsoft domains.
Duration: 30 minutes

Name of the cookie: ABDEF
Company: Bing (bing.com)
Purpose: no exact information available
Duration: 1 year 1 month

Name of the cookie: BCD
Company: Bing (bing.com)
Purpose: no exact information available
Duration: 1 year

Name of the cookie: _HPVN
Company: Bing (bing.com)
Purpose: no exact information available
Duration: 1 year 1 month

Name of the cookie: _RwBf
Company: Bing (bing.com)
Purpose: no exact information available
Duration: 1 year

Name of the cookie: SRCHD
Company: Bing (bing.com)
Purpose: This cookie is responsible for the functionality of Bing tracking or the website.
Duration: 1 year 1 month

Name of the cookie: SRCHHPGUSR
Company: Bing (bing.com)
Purpose: This cookie tracks and stores your user behaviour on our website and the interaction of the Bing Map interface.
Duration: 1 year 1 month

Name of the cookie: SRCHUID
Company: Bing (bing.com)
Purpose: This cookie tracks and stores your user behaviour on our website and the interaction of the Bing Map API.
Duration: 1 year 1 month

Name of the cookie: SRCHUSR
Company: Bing (bing.com)
Purpose: This cookie tracks and stores your user behaviour on our website and the interaction of the Bing Map API.
Duration: 1 year 1 month

6.2. Server-Log-Files

The provider of our website automatically collects and stores information in so-called server log files, which are automatically transmitted to us by your browser. The following can be recorded

• Browser types and versions used,
• the operating system used by the accessing system
• the website from which an accessing system reaches our website (so-called referrer),
• sub-websites which are accessed via an accessing system on our website
• the date and time of access to the website
• an internet protocol address (IP address),
• the internet service provider of the accessing system and
• other data and information used for security purposes in the event of attacks on our information technology systems.

We do not draw any conclusions about you when using this general data and information. Rather, this information is required to

• deliver the content of our website correctly
• optimise the content of our website and the advertising for it
• ensure the long-term functionality of our information technology systems and the technology of our website, and
• to provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber attack.

This data and information is therefore analysed by us both statistically and with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data we process. The processing is carried out within the scope of our legitimate interest in accordance with Art. 6 (1) f GDPR. The anonymous data of the server log files are stored separately from all your personal data. This data is not merged with other data sources. However, if there are any indications of unlawful use of our website, it is possible for us to check this data retrospectively.

6.3. Google Fonts (local)

On our website, we have integrated fonts from the provider Google for a uniform display of the fonts. We have installed Google Fonts locally, which means that a connection to Google's servers is not established. This means that no data is transferred to Google. The integration of the fonts is based on our legitimate interest in accordance with Article 6 Paragraph 1 Letter f of the GDPR. The operating company is Google LLC; 1600 Amphitheater Parkway; Mountain View, CA 94043; USA, represented in the EU by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.
Further information and Google's applicable data protection regulations can be found at developers.google.com/fonts/faq policies.google.com/privacy and policies.google.com/terms

6.4.  Prismic – CMS

The content of this website is hosted by Prismic (https://prismic.io). This is a service of Prismic Networks, Inc. 185 Alewife Brook Parkway, #410 Cambridge, MA 02138 hereinafter referred to as “Prismic”. In order to enable the content of our website to be displayed, a connection to the Prismic servers is established when our website is accessed. Prismic receives the information to which IP address the accessed content should be delivered. The legal basis is Art. 6 Para. 1 lit. f (protection of the legitimate interests of the person responsible) in order to enable the economic operation of this website.
Prismic points out that this service is GDPR-compliant and complies with the EU data protection laws (GDPR). https://prismic.io/legal/privacy, https://prismic.io/security).

6.5.  Popupsmart

We use various widgets from Popupsmart, 1777 NW 72bd Ave, Miami, FL33126, USA to draw attention to certain content and information.
Widgets used:

1. PopUp widget
2. Button widget

The required legal basis for processing the data is Art. 1 (6) (a) GDPR. For more information about the privacy policy of the company processing the data, please visit https://popupsmart.com/gdpr/.Popupsmart does not use, collect or store personal data.

7.  Communication

7.1. Contact and contact form

Our website contains information that enables quick electronic contact with our company and direct communication with us, which also includes a general address for so-called electronic mail (e-mail address). We have also integrated a contact form that you can use to contact us to be able to record. You have the opportunity to provide your title, first name, last name and telephone number on a voluntary basis. However, in order to communicate with us, it is essential that you include your email address and your specific request in the message.
If you contact us by email or via the contact form, the personal data you provide will be automatically saved. Such personal data transmitted on a voluntary basis will be stored for the purposes of processing or contacting you. This personal data will not be passed on to third parties.
Data transmission via the contact form is voluntary and takes place in accordance with Article 6 Paragraph 1 Letter a) GDPR. If the processing is necessary for the fulfilment of a contract or as part of the implementation of a pre-contractual measure, the data processing takes place in accordance with Article 6 Paragraph 1 Letter b) GDPR.
We use an external service provider (contract processor) for this technical process. Both we and the processor are obliged to comply with the technical and organizational measures in accordance with Art. 32 GDPR and the external service provider is also obliged to maintain confidentiality. Processing takes place exclusively on our behalf and on our instructions

7.2.  Sending information about our offerings and other messages, such as newsletters

Based on Article 6 Paragraph 1 Letters a and f, Article 7 GDPR as well as Section 1 and Section 7 Paragraph 3 UWG, we inform our customers and business partners at regular intervals about information and offers from our company.

a) Sending e-mails for the optimal fulfilment of the contract during the contract term.
In order to enable our customers to fulfil the contract in the best possible way and to ensure the functionality of our website, we send you in the course of initiating the contract and during the ongoing contractual relationship on the basis of § 1 VVG and Art. 6 Para. 1 lit. b GDPR one or more emails with the following content to the contact information you provided:

• Booking confirmation with all contract documents and documents
• Information about the end of protection
• Notice at the end of the contract
• Information Changes in the Insurance Product
• Reminder to renew on time
• Reminders to download invoices
• Contract status information and payment reminders
• Payment processing information
• Information about our customer service
• Customer survey for internal evaluation and improvement of performance in order to ensure better contract fulfilment for customers.
• Shipping of Amazon.de vouchers

b) Sending emails due to the sale of products and services
f you purchase insurance products and services on our website, we may send you information by email to the email address you provided based on Art. 6 Para. 1 lit. f GDPR without your consent -Send email address to your own, similar insurance products and services. This information may include, but is not limited to:

• Discounts and promotional offers on the same insurance product
• Discounts and promotional offers on products from the same insurance category

You can object to the sending of these emails at any time by email to marketing@hepster.com  or by post to MOINsure GmbH, Campus Altkarlshof, Am Kreuzgraben 1a, 18146 Rostock, Germany.

c) Newsletter for business partners

On our website for business customers, users are given the opportunity to subscribe to our company's newsletter. Which personal data is transmitted to the person responsible for processing when ordering the newsletter is determined by the input mask used for this purpose.
For legal reasons, a double opt-in confirmation email will be sent to an email address entered for the first time to send the newsletter. Procedure sent. This confirmation email is used to check whether the owner of the email address as the data subject has authorized receipt of the newsletter.
When you register for the newsletter, we also save the IP address assigned to you as well as the date and time of registration. The collection of this data is necessary in order to be able to trace any misuse of the e-mail address of a data subject at a later point in time and therefore serves our legal protection.
The personal data collected when registering for the newsletter is used exclusively for sending our newsletter used. Furthermore, subscribers to the newsletter could be informed by email if this is necessary for the operation of the newsletter service or a related registration, as could be the case in the event of changes to the newsletter offer or a change in technical circumstances. The personal data collected as part of the newsletter service will not be passed on to third parties.
You can cancel your subscription to our newsletter at any time. You can revoke your consent to the storage of personal data that you have given us for sending the newsletter at any time. For the purpose of revoking your consent, there is a corresponding link in every newsletter. To revoke your consent, you can contact us at any time by email at marketing@hepster.com or by post to MOINsure GmbH, Campus Altkarlshof, Am Kreuzgraben 1a, 18146 Rostock, Germany.

Tracking
Our emails may contain so-called tracking pixels. A web beacon is a miniature graphic that is embedded in emails sent in HTML format to enable log file recording and log file analysis. This allows a statistical analysis of the success or failure of online marketing campaigns to be carried out. Based on the embedded tracking pixel, we can see whether and when an email was opened by a recipient and which links in the email were accessed by the recipient.
We will use such personal data collected via the tracking pixels contained in the emails stored and evaluated in order to optimize the sending of emails and to better adapt the content of future emails to the interests of the recipients. This personal data will not be passed on to third parties.
Affected persons are entitled to revoke the declaration of consent provided at any time. After revocation, these personal data will be deleted by the person responsible for processing, unless the right to deletion is restricted by law. We automatically interpret unsubscribing from receiving the newsletter as a revocation of consent.

7.3. Email sending through HubSpot

We use the service provider HubSpot to send newsletters, product-specific emails and so-called marketing automation.
The service provider is HubSpot, Inc., 25 1ST St Ste 200, Cambridge, Massachusetts 02141-1802, USA. HubSpot currently has certification on the Data Privacy Framework List. According to the decision of the EU Commission, an adequate level of data protection must therefore be assumed.

7.4. Data analysis through HubSpot

With the help of HubSpot, we are able to analyze our newsletter campaigns. So we can e.g. For example, you can see whether a newsletter message has been opened and which links, if any, have been clicked. In this way, we can determine, among other things, which links were clicked particularly often. We can also see whether certain previously defined actions were carried out after opening/clicking (conversion rate). We can, for example, B. recognize whether you made a purchase after clicking on the newsletter.
HubSpot also allows us to divide (“cluster”) the newsletter recipients based on different categories. The newsletter recipients can be e.g. B. divided according to age, gender or place of residence. In this way, the newsletters can be better adapted to the respective target groups.
If you do not want HubSpot to analyze you, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.

Legal basis
We have entered into a contract with HubSpot in which we oblige HubSpot to protect our customers' data and not to pass it on to third parties. Data processing is based on your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke this consent at any time. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

Storage period
The data you provide to us for the purpose of subscribing to the newsletter will be stored by us or the newsletter provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored by us for other purposes remains unaffected.
After you have been removed from the newsletter distribution list, your email address may be stored in a blacklist by us or the newsletter service provider if this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interests. For more information, please see HubSpot's privacy policy at: https://legal.hubspot.com/privacy-policy

8. Social Media

8.1.  Use of social media plugins

The website also uses the integration of social media platforms such as Facebook, Twitter and Instagram. These platforms sometimes contain buttons and plugins that transmit data to the operators of the respective network platform when the page is loaded, i.e. without any further activity by the user.

8.2. Facebook

We have integrated components from Meta Platforms, Inc. (“Meta”) on this website. Facebook is a social network. A social network is a social meeting place operated on the Internet, i.e. an online community that usually enables users to communicate with each other and interact in a virtual space. A social network can serve as a platform for exchanging opinions and experiences or allow the Internet community to provide personal or company-related information. Facebook allows users of the social network to, among other things, create private profiles, upload photos and network via friend requests.
If you voluntarily click on the icon, you will be redirected to Facebook, over which we have no control.
The data processing on our website by Facebook takes place with your prior consent in accordance with Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time.
Facebook's operating company is Meta Platforms Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. If a data subject lives outside the USA or Canada, the person responsible for processing personal data is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
If you do not want data to be processed by Facebook, please do not click on the link.
Every time you access one of the individual pages of this website, which is operated by us and on which a Facebook component (Facebook plug-in) has been integrated, the Internet browser on your system is automatically prompted by the respective Facebook component to display the corresponding Download Facebook component from Facebook. A complete overview of all Facebook plug-ins can be accessed at developers.facebook.com/docs/plugins/. As part of this technical process, Facebook receives information about which specific subpage of our website you visit.
If you are logged in to Facebook at the same time, Facebook recognizes which specific subpage of our website you are visiting every time you access our website and for the entire duration of your stay on our website. This information is collected by the Facebook component and assigned to your Facebook account by Facebook. If you press one of the Facebook buttons integrated into our website, such as the “Like” button, or make a comment, Facebook assigns this information to your personal Facebook user account and stores this personal data. Depending on your privacy settings, your preferences may become visible to your Facebook friends.
Facebook always receives information via the Facebook component that you have visited our website if you are logged in to Facebook at the same time as you access our website; This occurs regardless of whether you click on the Facebook component or not.
If you do not want this information to be transmitted to Facebook in this way, you can prevent it from being transmitted by logging out of your Facebook account before accessing our website.
Facebook's published data policy, located at Meta | Privacy Center | Manage your privacy on Facebook, Instagram and Messenger | Facebook Privacy] provides information about the collection, processing and use of personal data by Facebook. It also explains what setting options Facebook offers to protect your privacy. In addition, various applications are available that make it possible to suppress data transmission to Facebook, for example the Facebook blocker from the provider Webgraph, which can be obtained at webgraph.com/resources/facebookblocker/. Such applications can be used by you to suppress data transmission to Facebook.
The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected will also be transferred to the USA and other third countries. The parent company Meta Platforms, Inc., 1 Meta Way, Menlo Park, California 94025-1453 (Facebook USA) is certified in the Data Privacy Framework List. According to the decision of the EU Commission, an adequate level of data protection must therefore be assumed.

Insight data analysis
The Conference of Independent Federal and State Data Protection Authorities (Data Protection Conference - DSK) has pointed out that Facebook is obliged to obtain effective consent to use data from all visitors to the Facebook page. The operators of a Facebook fan page, on the other hand, are obliged to obtain the necessary information about data usage from Facebook.
When you visit our fan page, Facebook collects personal data from users within the scope and scope of their responsibility. Such data collection by Facebook can also occur from visitors to this page who are not logged in to Facebook or registered as members. Information about data collection and further processing by Facebook as well as information about the implementation of your rights and decision-making options can be found in Facebook's data protection information.
By using the Facebook platform, we assume no responsibility for the processing of personal data and its transmission outside the European Union, in particular no responsibility for the implementation of the rights of those affected and the effectiveness of the consent.
We have no influence on the scope and no full access to the data collected or your profile data. You decide which information we receive through your Facebook settings or your browser settings when you visit a publicly accessible page, within the framework of Facebook's exclusive responsibility. In addition, you have the option in your Facebook settings to actively hide your “likes” or to stop following the fan page. Then your profile will no longer appear in the list of fans of this fan page.
We receive anonymous statistics from Facebook about the use and usage of the fan page. The following information is provided here, for example (so-called insight data):

• Followers: Number of people who follow our fan page - including growth and development over a defined time frame
• Reach: Number of people who see a specific post on our fan page and number of interactions on a post
• Ad performance: Number of people who saw an ad
• Demographics: Average age of visitors, gender, place of residence, language

We use these statistics, from which we cannot draw any conclusions about individual users, to constantly improve our online offering on Facebook and to better respond to the interests of our users. We cannot link the statistical data with our fans' profile data. You can use your Facebook settings to decide in which form targeted advertising is displayed to you.
We have entered into an agreement between joint controllers with Facebook regarding the processing of personal data in accordance with Article 26 GDPR.
As a result, Facebook is the sole controller for the processing of Insight data. In this regard, Facebook is responsible for fulfilling information obligations in accordance with Articles 12 and 13 of the GDPR, for exercising the rights of those affected in accordance with Articles 15 to 22 of the GDPR, for data security and also for the responsibility for reporting data protection violations (Articles 32 to 34 of the GDPR). Furthermore, Facebook remains the sole controller for the processing of other personal data.
We receive personal data via Facebook if you actively share it with us via a personal message on Facebook or if you use a form to transmit the data to us and actively send the data to us by clicking on a button. We use the data you provide (e.g. first name, last name) to answer your request if this is necessary.

8.3.  Instagram

We have integrated components of the Instagram service as links on our website. Instagram is a service that qualifies as an audiovisual platform and allows users to share photos and videos and also disseminate such data on other social networks. The data processing on our website by Instagram takes place with your prior consent in accordance with Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time. If you voluntarily click on the link, you will be redirected directly to Instagram. We have no influence on data processing by Instagram. If you do not agree to data processing by Instagram, please do not click the link.
The operating company for the Instagram services is Instagram LLC, 1 Meta Way, Building 14 First Floor, Menlo Park, CA, USA. Instagram is a subsidiary of Meta Platforms Inc., 1 Meta Way, Menlo Park, CA 94025, USA, represented in the EU by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. However, according to Facebook, the data collected will also be transferred to the USA and other third countries. The parent company Meta Platforms, Inc., 1 Meta Way, Menlo Park, California 94025-1453 (Facebook USA) is certified in the Data Privacy Framework List. According to the decision of the EU Commission, an adequate level of data protection must therefore be assumed.
Each time you access one of the individual pages of our website on which an Instagram component (Insta button) has been integrated, the Internet browser on your system is automatically prompted by the respective Instagram component to download a display of the corresponding component from Instagram. As part of this technical process, Instagram receives information about which specific subpage of our website you visit.
If you are logged in to Instagram at the same time, Instagram recognizes which specific subpage you visit each time you visit our website and for the entire duration of your stay on our website. This information is collected by the Instagram component and assigned to your Instagram account by Instagram. If you press one of the Instagram buttons integrated into our website, the data and information transferred will be assigned to your personal Instagram user account and stored and processed by Instagram.
Instagram always receives information via the Instagram component that you have visited our website if you are logged in to Instagram at the same time as you access our website; This occurs regardless of whether you click on the Instagram component or not.
If you do not want this information to be transmitted to Instagram in this way, you can prevent the transmission by logging out of your Instagram account before accessing our website.
Further information and Instagram’s applicable data protection regulations can be found at www.instagram.com/about/legal/privacy/.

8.4. LinkedIn

We have integrated buttons from the LinkedIn service on our website.
LinkedIn is an Internet-based social network that enables users to connect with existing business contacts and to make new business contacts.
The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043 , UNITED STATES. LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible for data protection matters outside the USA.
Each time you access one of the individual pages of our website on which a LinkedIn button (LinkedIn plug-in) has been integrated , the Internet browser on your system is automatically prompted by the respective LinkedIn component to download a representation of the corresponding component of LinkedIn. As part of this technical process, LinkedIn learns which specific subpage of our website you visit. If you are logged in to LinkedIn at the same time, LinkedIn recognizes which pages you visit each time you visit our website and for the entire duration of your stay on our website specific subpage you visit. This information is collected by the LinkedIn component and assigned to your respective LinkedIn account by LinkedIn. If you click on a LinkedIn button integrated on our website, LinkedIn assigns this information to your personal LinkedIn user account and stores this personal data. LinkedIn always receives information via the LinkedIn component that you have visited our website when you go to You are logged in to LinkedIn at the same time you access our website; This occurs regardless of whether you click on the LinkedIn component or not. If you do not want this information to be transmitted to LinkedIn in this way, you can prevent the transmission by logging out of your LinkedIn account before accessing our website. LinkedIn always receives information via the LinkedIn component that you have visited our website if you are logged in to LinkedIn at the same time as you access our website; This occurs regardless of whether you click on the LinkedIn component or not.
If you do not want this information to be transmitted to LinkedIn in this way, you can prevent the transmission by logging out of your LinkedIn account before accessing our website .
Further information and LinkedIn's applicable data protection regulations can be found at www.linkedin.com/legal/privacy-policy.

9. Tools for analysis

9.1.  etracker

We have integrated the etracker component on our website.
The operating company of etracker is etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany.
Etracker is a web analysis service for collecting, collecting and evaluating data about the behavior of visitors to our website. With the help of etracker, we are able to carry out a statistical reach analysis of our website and measure the success of our online marketing measures in order to optimize our online offering.
Etracker is a web analysis service for collecting, collecting and evaluating data about the behavior of visitors to our website. With the help of etracker, we are able to carry out a statistical reach analysis of our website and measure the success of our online marketing measures in order to optimize our online offering.
A web analysis service collects, among other things, data about which website you come from The person concerned came to a website (so-called referrer), which sub-pages of the website were accessed, how often and for how long a sub-page was viewed, the IP address and the device identifier.
Etracker sets a cookie in your system based on your consent. Every time you access one of the individual pages of this website and on which an etracker component has been integrated, your Internet browser is automatically prompted by the respective etracker component to transmit data to etracker for marketing and optimization purposes. The data generated with etracker is processed and stored by etracker exclusively in Germany.
You can revoke your consent at any time. In addition, you can prevent the setting of cookies at any time by means of an appropriate setting in the Internet browser used and thus permanently object to the setting of cookies. In addition, cookies already set by etracker can be deleted at any time via an Internet browser or other software programs.
Further information and etracker's applicable data protection regulations can be accessed at www.etracker.com/datenschutz/.

9.2. Google Tag Manager

We have integrated the Google Tag Manager component on our pages, which allows website tags to be managed via one interface. This ensures that other tags are triggered. We would like to point out that the triggered tags may collect data, which is not used by the tag manager.
The provider of this service is Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. The data collected may also be transferred to the USA. The parent company Google LLC; 1600 Amphitheater Parkway; Mountain View, CA 94043; USA has certification in the Data Privacy Framework List. According to the decision of the EU Commission, an appropriate level of data protection must therefore be assumed.
The data processing on our website by Google takes place with your express consent in accordance with Article 6 Paragraph 1 Letter a) GDPR via the consent banner we use. Google processes the following data based on this component: mouse movement, time, IP address, location, visitor behaviour, browser, tracking media, website visited, and time zone.
The applicable data protection regulations can be found at https://policies.google.com/privacy be retrieved.

9.3. Mouseflow

This website uses Mouseflow, a web analysis tool from Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark.
The data processing serves the purpose of analyzing this website and its visitors. For this purpose, data is collected and stored for marketing and optimization purposes. Usage profiles can be created from this data under a pseudonym.
Cookies can be used for this purpose. The web analysis tool Mouseflow records randomly selected individual visits (only with anonymized IP addresses). This creates a log of mouse movements and clicks with the intention of randomly replaying individual website visits and deriving potential improvements for the website from this. The data collected with Mouseflow will not be used to personally identify the visitor to this website without the separate consent of the person concerned and will not be combined with personal data about the bearer of the pseudonym.
Processing is carried out on the basis of Art. 6 (1) f). GDPR is based on the legitimate interest in direct customer communication and in the needs-based design of the website.
The following information can be recorded by your device and your browser:

• Clicks, mouse movements, hovering, scrolling
• Browser
• Device (Desktop/Tablet/Mobile)
• Language
• operating system
• Screen resolution
• Duration of visit
• Navigation (URLs)
• Page content (HTML)
• ISP & Location (City, State/Region, Country)
• Keyboard entries (only for non-EU/EEA data subjects in non-EU/EEA accounts and never for passwords, numbers or excluded fields.
• Referrer URL
• Visitor type (first-time visitors/returners)
• Individual tags or variables
• Answers in the feedback tool

The cookies that Mouseflow uses have different lifespans; some remain valid for up to 365 days, and some only remain valid during the current visit.
For reasons arising from your particular situation, you have the right to object at any time to this processing of personal data concerning you based on Art. 6 (1) f GDPR You can object to this.
To do this, you can deactivate recording on all websites that use Mouseflow globally for the browser you are currently using under the following link: https://mouseflow.de/opt-out/
You can find Mouseflow's data protection declaration here: https:// mouseflow.de/gdpr/

9.4. Dealfront

We use Dealfront as a tool to generate commercial leads, i.e. identifying company visits to our website as potential customers interested in our services or information. Only IP addresses of companies or business persons are processed for these purposes; the IP addresses are also processed pseudonymously, shortened by the last two digits; Legal basis: Consent (Art. 6 Para. 1 Sentence 1 Letter a) GDPR).
Service provider: Dealfront Germany GmbH, Durlacher Allee 73, 76131 Karlsruhe, Germany;
Further information can be found at https://www.echobot.de/datenschutz/

10. Online Marketing

10.1. DoubleClick by Google

We have integrated components from DoubleClick by Google on our website. DoubleClick is a Google brand under which special online marketing solutions are primarily marketed to advertising agencies and publishers. The operating company is Google LLC; 1600 Amphitheater Parkway; Mountain View, CA 94043; USA, represented in the EU by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.
DoubleClick by Google transfers data to the DoubleClick server with every impression as well as with clicks or other activities. Each of these data transfers triggers a cookie request to your browser. If the browser accepts this request, DoubleClick sets a cookie in your system. The purpose of the cookie is to optimize and display advertising. The cookie is used, among other things, to place and display user-relevant advertising and to create reports on or improve advertising campaigns. The cookie also serves to avoid multiple displays of the same advertisement.
DoubleClick uses a cookie ID that is necessary to process the technical process. The cookie ID is required, for example, to display an advertisement in a browser. DoubleClick can also use the cookie ID to record which advertisements have already been displayed in a browser in order to avoid double placement. The cookie ID also enables DoubleClick to record conversions. Conversions are recorded, for example, if a user was previously shown a DoubleClick ad and then made a purchase on the advertiser's website using the same internet browser.
The cookie script records the number of page views and the user's surfing behaviour on the page, the IP address of the user, previously visited pages and the keywords used for the search are recorded.
Every time you access one of the individual pages of our website on which a DoubleClick component has been integrated, your Internet browser is automatically activated by the respective DoubleClick component to transmit data to Google for the purposes of online advertising and billing of commissions. As part of this technical process, Google receives knowledge of data that Google also uses to create commission statements. Google can, among other things, track that you have clicked on certain links on our website.
The use of this component is based on Art. 6 Para. 1 lit. a) GDPR.
The processing is only lawful on the basis of your consent possible. We obtain this consent using a so-called consent banner, which appears immediately after you access our website.
You can revoke your consent at any time. You can prevent the setting of cookies at any time by appropriately setting the Internet browser used and thus permanently object to the setting of cookies. In addition, cookies already set by Google can be deleted at any time via an Internet browser or other software programs.
We have a contract with Google Ireland Ltd. concluded, which regulates data processing in the EU. If Google Ireland Ltd. Data is transmitted to the parent company Google LLC in the USA, Google Ireland Ltd. is responsible for the transmission. Google LLC currently has certification in the Data Privacy Framework List. According to the decision of the EU Commission, an adequate level of data protection must therefore be assumed. Further information and the applicable data protection regulations of DoubleClick by Google can be found at www.google.com/intl/de/policies/.

10.2. Google Ads Conversion Tracking

We use the Google Ads Conversion Tracking component on our website.
The component is provided by Google LLC; 1600 Amphitheater Parkway; Mountain View, CA 94043; USA, represented in the EU by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.
Our website uses Google Conversion Tracking for advertising measures through Google Ads in order to promote our offers and to attract the attention of potential customers and interested parties to excite.
Google Ads is an Internet advertising service that allows advertisers to display ads in both Google's search engine results and the Google advertising network. Google Ads allows an advertiser to define specific keywords in advance, using which an ad will only be displayed in Google's search engine results if the user uses the search engine to retrieve a keyword-relevant search result. In the Google advertising network, the ads are distributed on relevant websites using an automatic algorithm and taking into account the previously defined keywords. If you reach our website via a Google ad, Google will store a so-called conversion cookie on your system. A conversion cookie loses its validity after thirty days and is not used to identify you. If the cookie has not yet expired, the conversion cookie is used to track whether certain sub-pages, such as the shopping cart from an online shop system, were accessed on our website. The conversion cookie allows both us and Google to understand whether you came to our website via an ad and generated sales, i.e. completed or canceled a purchase of goods.
The use of this component is based on Art. 6 Paragraph 1 lit. a) GDPR.
Processing is only lawfully possible on the basis of your consent. We obtain this consent using a so-called consent banner, which appears immediately after you access our website. You can revoke your consent at any time. You can prevent the setting of cookies at any time by appropriately setting the Internet browser used and thus permanently object to the setting of cookies. To do this, you can generally deactivate the automatic setting of cookies or specifically block cookies from the domain googleleadservices.com.
The data and information collected through the use of the conversion cookie are used by Google to create visit statistics for our website. We in turn use these visit statistics to determine the total number of users who were referred to us via Ads advertisements, i.e. to determine the success or failure of the respective Ads advertisement and to optimize our Ads advertisements for the future . Neither our company nor other Google Ads advertising customers receive information from Google that could be used to identify you.
The conversion cookie is used to store personal information, such as the websites you visit. Every time you visit our website, personal data, including your IP address, is transmitted to Google. This personal data is stored by Google.
We have a contract with Google Ireland Ltd. concluded, which regulates data processing in the EU. If Google Ireland Ltd. Data is transmitted to the parent company Google LLC in the USA, Google Ireland Ltd. responsible for the transmission. Google LLC currently has certification in the Data Privacy Framework List. According to the decision of the EU Commission, an adequate level of data protection must therefore be assumed.
Further information and Google's applicable privacy policy can be found at policies.google.com/privacy and policies.google.com/terms.

10.3.  Google Ads

We have integrated Google Ads components on our website.
The component provider is Google LLC; 1600 Amphitheater Parkway; Mountain View, CA 94043; USA, represented in the EU by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. The responsible data protection supervisory authority is therefore the supervisory authority in Ireland.
With Google Ads, we reach potential customers who are searching for companies like ours in Google Search.
Based on certain keywords, it can be determined that an ad from our company should only appear in the results of a search for those terms or on pages that match the topic.
The purpose of data processing includes displaying advertising and creating visitor statistics.
The following categories of data are processed: advertisements viewed; cookie ID; Date and time of visit, device information; Geographic location; IP address, search terms; advertisements displayed, customer ID, impressions, online identifiers, and browser information.
The component sets a cookie on your system. This cookie makes it possible to place targeted advertising.
The components are used based on your consent on the basis of Art. 6 (1) a GDPR.
Processing is only lawfully possible on the basis of the consent you have given. We obtain this consent using a so-called consent banner, which appears immediately after you access our website. You can revoke your consent at any time. Through Google Ad, personal data and information, which also includes the IP address and is necessary for the collection and billing of the displayed advertisements, is transferred to Google LLC in the United States of America. This personal data is stored and processed in the United States of America. Google LLC may pass on the personal data collected via the technical process to third parties. Google LLC currently has certification in the Data Privacy Framework List. According to the decision of the EU Commission, an adequate level of data protection must therefore be assumed.

10.4. Google AdSense

We have integrated Google Adsense components on our website.
The component provider is Google LLC, 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA, represented in the EU by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.
The responsible data protection supervisory authority is therefore the supervisory authority in Ireland. Google AdSense is an online service that enables advertising to be placed on third-party sites. Google AdSense is based on an algorithm that selects the advertisements displayed on third-party sites to match the content of the respective third-party sites.
Google AdSense allows interest-based targeting of the Internet user, which is implemented by generating individual user profiles. The purpose of the Google AdSense component is to integrate advertisements on our website. Google AdSense sets a cookie in your system so that usage is analyzed our website makes it possible. Each time you access one of the individual pages on this website that has an integrated Google AdSense component, your Internet browser is automatically prompted by the respective Google AdSense component to transmit data to Google for the purposes of online advertising and the billing of commissions. As part of this technical process, Google gains knowledge of personal data, such as your IP address, which Google uses, among other things, to track the origin of visitors and clicks and subsequently enable commission billing.
The use of this component is based on Art. 6 Para. 1 lit. a) GDPR. Processing is only lawfully possible on the basis of your consent.
We obtain this consent using a so-called consent banner, which appears immediately after you access our website. You can revoke your consent at any time. You can prevent the setting of cookies at any time by making the appropriate settings in the Internet browser used and thus permanently object to the setting of cookies.
Google AdSense also uses so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in Internet pages to enable log file recording and log file analysis, which allows statistical evaluation to be carried out. Using the embedded tracking pixel, Google can recognize whether and when a website was opened by you and which links you clicked on. Web beacons are used, among other things, to evaluate the flow of visitors to a website.
Through Google AdSense, personal data and information, which also includes the IP address and is necessary for the collection and billing of the displayed advertisements, is transmitted to Google LLC in the United States of America. This personal data is stored and processed in the United States of America. Google LLC may pass on the personal data collected via the technical process to third parties. Google LLC currently has certification in the Data Privacy Framework List. According to the decision of the EU Commission, an adequate level of data protection must therefore be assumed. Google AdSense is explained in more detail at this link www.google.de/intl/de/adsense/start/.
Further information and Google's applicable data protection regulations can be found at www.google.de/intl/de/policies/privacy/ .

10.5. Google Remarketing

We have integrated Google Remarketing components on our website.
The component provider is Google LLC; 1600 Amphitheater Parkway; Mountain View, CA 94043; USA, represented in the EU by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland
Google Remarketing is a function of Google Ad that enables a company to display advertising to Internet users who have previously visited the company's website. The integration of Google Remarketing allows a company to create user-related advertising and therefore display interest-relevant advertisements to the Internet user.
The purpose of Google Remarketing is to display interest-relevant advertising. Google Remarketing enables us to display advertisements via the Google advertising network or on other websites that are tailored to the individual needs and interests of Internet users.
Google Remarketing sets a cookie in your system. This makes it possible for visitors to our website to be recognized if they subsequently access websites that are also members of the Google advertising network. Every time you visit a website on which the Google Remarketing service has been integrated, your internet browser automatically identifies itself to Google. The cookie is used to store personal information, such as the websites you visit. Every time you visit our website, personal data, including your IP address, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on the personal data collected via the technical process to third parties.
The use of this component is based on Article 6 Paragraph 1 Letter a) GDPR.
Processing is only lawfully possible on the basis of your consent. We obtain this consent using a so-called consent banner, which appears immediately after you access our website. You can revoke your consent at any time.
You can prevent the setting of cookies at any time by making the appropriate settings in the Internet browser used and thus permanently object to the setting of cookies.
The data subject also has the option of objecting to interest-based advertising by Google. To do this, please use the following link: adssettings.google.com/.
We have a contract with Google Ireland Ltd. concluded, which regulates data processing in the EU. If Google Ireland Ltd. Data is transmitted to the parent company Google LLC in the USA, Google Ireland Ltd. is responsible for the transmission. Google LLC currently has certification in the Data Privacy Framework List. According to the decision of the EU Commission, an adequate level of data protection must therefore be assumed. Further information and Google's applicable data protection regulations can be found at www.google.de/intl/de/policies/privacy/.

10.6. Bing Ads

On our website, we use the advertising program from Bing Ads and thus the conversion tracking from Microsoft Corporation, One Microsoft Way, Redmond, based on our legitimate interest in analyzing and optimizing our online offering within the meaning of Article 6 Paragraph 1 Letter f of the GDPR , WA 98052-6399, USA.
Microsoft Corporation currently has certification in the Data Privacy Framework List. According to the decision of the EU Commission, an adequate level of data protection must therefore be assumed.
This service enables us to track the activities of users on our website who have come to our website via Bing Ads advertisements and to display interest-based advertising. If you have reached our website via a Bing Ads ad, a cookie will be placed on your computer. Microsoft stores non-personal data about the use of the website (e.g. the length of time spent on the website and which areas of the website were accessed). We can also evaluate in an anonymous form whether and to what extent sales were made via this advertisement. Information about your identity is not collected. The information collected is transferred to Microsoft servers in the USA and stored there for a maximum of 180 days.
You can prevent the collection of data generated by the cookie and related to your use of the website and the processing of this data by deactivating the setting of cookies. This may limit the functionality of the website.
You can prevent the collection of your data by participating in the tracking process by refusing to set a cookie required for this - for example by using a browser setting that generally deactivates the automatic setting of cookies. This may limit the functionality of the website.
Further information about data protection and the cookies used by Microsoft Bing can be found on the Microsoft website.