Privacy Policy
Thank you for visiting our website. Below we inform you about the handling of your data in accordance with Art. 13 of the General Data Protection Regulation (GDPR).
Controller
The company named in the imprint is responsible for the data processing described below.
Usage data
When you visit our website, so-called usage data is temporarily processed on our web server in order to deliver the content of our website. In addition, we process the usage data for statistical purposes to ensure the quality of our websites. This data set consists of
- the name and address of the requested content
- the date and time of the request
- the amount of data transferred
- the access status (content transferred; content not found)
- the description of the web browser and operating system used
- the referral link, which indicates the page from which you came to our site
- the IP address of the requesting computer
Storage of the IP address for security purposes
In addition, we store the complete IP address transmitted by your web browser for a strictly limited period of four weeks in the interest of being able to recognise, limit and eliminate attacks on our websites. After this period, we delete the IP address. The legal basis is Art. 6 para. 1 lit. f GDPR.
Data security
In order to protect your data from unwanted access as comprehensively as possible, we take technical and organisational measures. We use an encryption process on our websites. Your data is transferred from your computer to our server and vice versa via the internet using TLS encryption. You can usually recognise this by the fact that the lock symbol is closed in the status bar of your browser and the address line begins with https://.
Web analytics (Google Analytics, LinkedIn Insight Tag, Matomo)
We use the web analysis tools "Google Analytics" and "LinkedIn Insight Tag" and "Matomo" to design our websites in line with requirements. Google Analytics and the LinkedIn Insight Tag and Matomo create usage profiles based on pseudonyms. For this purpose, permanent cookies are stored on your end device and read by us. In this way, we are able to recognise returning visitors and count them as such.
We host Matomo on our own servers. Google Analytics is provided to us by Google Ireland Limited and Google LLC (USA) as processors within the meaning of Art. 28 GDPR. The LinkedIn Insight Tag is provided to us by LinkedIn Ireland Unlimited Company and LinkedIn Inc. (USA) as processors within the meaning of Art. 28 GDPR. The data processing may also take place outside the EU or the EEA. With regard to Google LLC and LinkedIn Inc., an adequate level of data protection cannot be assumed due to processing in the USA. There is a risk that authorities may access the data for security and monitoring purposes without informing you or allowing you to seek redress. Please bear this in mind if you decide to give your consent to our use of Google Analytics and LinkedIn Insight Tag.
Data processing is based on your consent, provided you have given your consent via our banner. The transfer to a third country takes place on the basis of Art. 49 para. 1 lit. a GDPR.
You can revoke your consent at any time. To do so, please follow this link and make the appropriate settings via our banner.
Necessary cookies
We use cookies on our websites, which are necessary for the use of our websites. Cookies are small text files that are stored on your terminal device and can be read. A distinction is made between session cookies, which are deleted again as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. We do not use the cookies necessary for the operation of our websites for analysis, tracking or advertising purposes.
Necessary cookies may contain information about certain settings on the website. They may also be necessary to enable user navigation, security and implementation of the site. We use these cookies in accordance with Section 25 (2) No. 2 TTDSG.
You can set your browser to inform you about the placement of cookies. This makes the use of cookies transparent for you. You can also delete cookies at any time via the corresponding browser setting and prevent the setting of new cookies. Please note that our websites may then not be displayed, and some functions may no longer be technically available.
Third-party tracking technologies for advertising purposes.
We use cross-device tracking technologies so that you can be shown targeted advertising on other websites based on your visit to our websites and so that we can see how effective our advertising measures have been. The data processing is based on your consent, if you have given your consent via our banner. Your consent is voluntary and can be revoked at any time.
How does tracking work?
When you visit our websites, it is possible that the third-party providers mentioned below retrieve recognition features for your browser or terminal device (e.g. a so-called browser fingerprint), evaluate your IP address, store or read recognition features on your terminal device (e.g. cookies) or gain access to individual tracking pixels.
The individual characteristics can be used by the third-party providers to recognize your end device on other websites. We can order the placement of advertising from the relevant third-party providers, which is based on the pages visited on our site.
What does cross-device tracking mean?
If you log in to the third-party provider with your own user data, the respective recognition features of different browsers and end devices can be linked with each other. If, for example, the third-party provider has created a separate feature for the laptop, desktop PC or smartphone or tablet you use, these individual features can be assigned to each other as soon as you use a service of the third-party provider with your login data. In this way, the third-party provider can target our advertising campaigns across different end devices.
Which third-party providers do we use in this context?
Below, we list the third-party providers with whom we cooperate for advertising purposes. If the data is processed outside the EU or EEA in this context, please note that there is a risk that authorities may access the data for security and monitoring purposes without you being informed or being able to appeal. If we use providers in insecure third countries and you consent, the transfer to a third country will be based on Art. 49(1)(a) GDPR.
| Provider |
Adequate level of data protection |
Withdrawal of consent |
|---|---|---|
| Google Ads – Google Ireland Ltd, Google LLC | No adequate level of data protection. The transfer is made on the basis of Art. 49(1)(a) GDPR. | If you wish to withdraw your consent, please click below and make the appropriate setting via our banner. |
| Meta Pixel – Meta Platforms Ireland Limited, Meta Platforms, Inc. (formerly Facebook, Inc.) |
No adequate level of data protection. The transfer is made on the basis of Art. 49(1)(a) GDPR. | If you wish to withdraw your consent, please click below and make the appropriate setting via our banner. |
| LinkedIn Ads – LinkedIn Ireland Unlimited Company, LinkedIn Inc. | No adequate level of data protection. The transfer is made on the basis of Art. 49(1)(a) GDPR. | If you wish to withdraw your consent, please click below and make the appropriate setting via our banner. |
| Trade Desk - The UK Trade Desk Ltd., The Trade Desk, Inc. |
No adequate level of data protection. The transfer is made on the basis Art. 49(1)(a) GDPR. | If you wish to withdraw your consent, please click below and make the appropriate setting via our banner. |
Contact form
You have the option of contacting us via our contact form. To use our contact form, we first need the data marked as mandatory fields from you. We use this data on the basis of Art. 6 Para. 1 lit. f GDPR to answer your enquiry.
In addition, you can decide for yourself whether you would like to provide us with further information. This information is provided voluntarily and is not required for contacting us. We process your voluntary information on the basis of your consent.
Your data will only be processed to answer your enquiry. We delete your data if it is no longer required and there are no legal retention obligations to the contrary.
Embedded videos
We embed videos on our websites that are not stored on our servers. When you call up our pages with embedded videos, the content of the third-party provider that provides the videos is reloaded. This provides the third-party provider with the information that you have accessed our site as well as the usage data technically required in this context.
We have no influence on the further data processing by the third-party provider. However, when embedding the videos, we made sure to activate the extended data protection mode offered by the third-party provider. The extended data protection mode means that the third-party provider does not set any cookies.
Data processing is based on your consent, provided you have given your consent via our banner. The transfer to a third country takes place on the basis of Art. 49 para. 1 lit. a GDPR.
You can revoke your consent at any time. To do so, please follow this link and make the appropriate settings via our banner.
| Provider | Adequate level of data protection | Withdrawal of consent |
| Google Ireland Limited, Google LLC (YouTube ) | No adequate level of data protection | If you wish to withdraw your consent, please click below and make the appropriate setting via our banner. |
Newsletter
You can order a newsletter on our website. Please note that we require certain data (at least your e-mail address) to subscribe to the newsletter.
The newsletter will only be sent if you have given us your express consent. After you have placed an order on our websites, you will receive a confirmation e-mail at the e-mail address you have provided (so-called double opt-in). You can revoke your consent at any time. You can easily revoke your consent, for example, by clicking on the unsubscribe link in every newsletter.
When you subscribe to our newsletter, we store further data in addition to the data already mentioned, insofar as this is necessary for us to be able to prove that you have subscribed to our newsletter. This may include storing the full IP address at the time of ordering or confirming the newsletter, as well as a copy of the confirmation email we send. This data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR in the interest of being able to account for the lawfulness of the newsletter dispatch.
Mapping services
We embed map services on our websites that are not stored on our servers. When you call up our pages with embedded map services, the content of the third-party provider that provides the map services is reloaded. This provides the third-party provider with the information that you have accessed our site as well as the usage data technically required in this context. We have no influence on the further data processing by the third-party provider.
The embedding is based on Art. 6 para. 1 lit. f GDPR in the interest of enabling you to use map services.
| Provider | Adequate level of data protection | Withdrawal of consent |
| OpenStreetMap | Processing within EU/EEA | If you wish to object to the processing, please stop using our site. |
Storage duration
Unless we have already informed you in detail about the storage period, we delete personal data when they are no longer required for the aforementioned processing purposes and legal retention obligations do not prevent deletion.
Other processors
We pass on your data to service providers who support us in the operation of our websites and the associated processes as part of commissioned processing in accordance with Art. 28 GDPR. These are, for example, hosting service providers. Our service providers are strictly bound by instructions to us and are contractually obligated accordingly.
In the following, we will name the processors with whom we work, if we have not already done so in the preceding text of the data protection notice. If data is transferred outside the EU or EEA in this context, we provide information on the appropriate level of data protection.
| Processor | Purpose | Adequate level of data protection |
| uvensys GmbH | Web hosting and support | Processing within EU/EEA |
| LOOM GmbH | Web development and support | Processing within EU/EEA |
| Usercentrics GmbH | Provision of Consent Management Platform | Processing within EU/EEA |
| Google Ireland Limited, Google LLC | Provision of Google Tag Manager | No adequate level of data protection. The transfer is made on the basis of Art. 49(1)(a) GDPR. |
Your rights
When processing your personal data, the GDPR grants you certain rights as a data subject.
Right of access (Art. 15 GDPR)
You have the right to request confirmation as to whether personal data concerning you are being processed; if this is the case, you have the right to be informed about these personal data and to receive the information listed in detail in Article 15 of the GDPR.
Right of rectification (Art. 16 GDPR)
You have the right to request that inaccurate personal data concerning you be corrected without delay and, if necessary, that incomplete data be completed.
Right to erasure (Art. 17 GDPR)
You have the right to request that personal data concerning you be erased without delay, provided that one of the reasons listed in detail in Art. 17 GDPR applies.
Right to restriction of processing (Art. 18 GDPR)
You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR applies, e.g. if you have objected to the processing, for the duration of the review by the controller.
Right to data portability (Art. 20 GDPR)
In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or to request the transfer of this data to a third party.
Right of withdrawal (Art. 7 GDPR)
If the processing of data is based on your consent, you are entitled to revoke your consent to the use of your personal data at any time in accordance with Art. 7 (3) GDPR. Please note that the revocation only takes effect for the future. Processing that took place before the revocation is not affected.
| Right of objection (Art. 21 GDPR) If data is collected on the basis of Art. 6 (1) sentence 1 lit. f GDPR (data processing for the protection of legitimate interests) or on the basis of Art. 6 (1) sentence 1 lit. e GDPR (data processing for the protection of public interest or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. |
Right to complain to a supervisory authority (Art. 77 GDPR)
Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of data concerning you violates data protection provisions. In particular, the right of complaint may be asserted before a supervisory authority in the Member State of your habitual residence, your place of work or the place of the alleged infringement.
Assertion of your rights
Unless otherwise described above, please contact the office named in the imprint to assert your data subject rights.
Contact details of the data protection officer
Our external data protection officer will be happy to provide you with information on the subject of data protection under the following contact details:
datenschutz nord GmbH
Niederlassung Berlin
Kurfürstendamm 212
10719 Berlin
E-Mail: office@datenschutz-nord.de
If you contact our data protection officer, please indicate the responsible person named in the imprint.