82 / 100

Gizlilik Politikası

İçindekiler

1.Veri Koruma Genel Bakış

Genel Bilgi

Aşağıdaki bilgiler, bu web sitesini ziyaret ettiğinizde kişisel verilerinizle ne olacağı hakkında kolayca gezinebileceğiniz bir genel bakış sunacaktır. “Kişisel veri” terimi, kimliğinizi belirlemek için kullanılabilecek tüm verileri kapsar. Veri koruma konusuyla ilgili ayrıntılı bilgi için lütfen bu metnin altında yer alan Veri Koruma Beyanımızı inceleyin.

Bu web sitesinde veri kaydı

Bu web sitesinde veri kaydından sorumlu olan taraf (yani “kontroler”) kimdir?

Bu web sitesindeki veriler, bu Gizlilik Politikasında “Sorumlu taraf hakkında bilgi (GDPR’de ‘veri sorumlusu’ olarak anılır)” bölümünde iletişim bilgileri bulunan web sitesi işletmecisi tarafından işlenmektedir.

Verilerinizi nasıl kaydediyoruz?

Verilerinizi, bizimle paylaşmanız sonucunda toplarız. Bu, örneğin, iletişim formumuza girdiğiniz bilgiler olabilir.

Diğer veriler ise web sitemizi ziyaret ettiğinizde, IT sistemlerimiz tarafından otomatik olarak veya kayıt için verdiğiniz onay sonrasında kaydedilir. Bu veriler, öncelikle teknik bilgileri içerir (örneğin, web tarayıcısı, işletim sistemi veya siteye erişim zamanı). Bu bilgiler, web sitesine eriştiğinizde otomatik olarak kaydedilir.

Verilerinizi hangi amaçlarla kullanıyoruz?

Bilgilerin bir kısmı, web sitesinin hatasız sağlanmasını garanti altına almak için üretilir. Diğer veriler ise kullanıcı davranışlarınızı analiz etmek için kullanılabilir.

Bilgilerinizle ilgili hangi haklara sahipsiniz?

Kayıtlı kişisel verilerinizin kaynağı, alıcıları ve amaçları hakkında herhangi bir zamanda ücretsiz olarak bilgi alma hakkına sahipsiniz. Ayrıca verilerinizin düzeltilmesini veya silinmesini talep etme hakkınız da vardır. Veri işlemesine izin verdiyseniz, bu izni herhangi bir zamanda geri çekme seçeneğine sahipsiniz ve bu, gelecekteki tüm veri işlemlerini etkileyecektir. Dahası, belirli durumlarda verilerinizin işlenmesinin kısıtlanmasını talep etme hakkına sahipsiniz. Ayrıca, yetkili denetleme kurumuna şikayette bulunma hakkınız vardır.

Bu veya diğer veri koruma ile ilgili konular hakkında sorularınız varsa, bizimle iletişime geçmekten çekinmeyin.

Analiz araçları ve üçüncü şahıslar tarafından sağlanan araçlar

Bu web sitesini ziyaret ettiğinizde, gezinme alışkanlıklarınızın istatistiksel olarak analiz edilebileceği bir olasılık bulunmaktadır. Bu tür analizler genellikle analiz programları olarak adlandırdığımız programlarla gerçekleştirilir.

Bu analiz programları hakkında detaylı bilgi için lütfen aşağıda yer alan Veri Koruma Beyanımıza başvurun.

2. Barındırma ve İçerik Dağıtım Ağları (CDN)

Web sitemizin içeriğini şu sağlayıcıda barındırıyoruz:

Hetzner

Sağlayıcımız Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Almanya’dır (bundan sonra Hetzner olarak anılacaktır).

Detaylar için lütfen Hetzner’in veri gizliliği politikasını şu adresten inceleyin: Hetzner Veri Gizliliği Politikası: https://www.hetzner.com/de/rechtliches/datenschutz.

Hetzner’i, web sitemizin mümkün olan en güvenilir şekilde sunulmasına yönelik meşru bir çıkarımız olduğu temelinde kullanıyoruz (GDPR Madde 6(1)(f) uyarınca). Uygun onay alındıysa, işlemler yalnızca GDPR Madde 6(1)(a) ve § 25(1) TDDDG kapsamında gerçekleştirilir, bu onay çerezlerin depolanmasını veya kullanıcının cihazındaki bilgilere erişimi (örneğin, cihaz parmak izi alma) içeriyorsa. Bu onay her zaman geri alınabilir.

Veri işleme

Yukarıda bahsedilen hizmetin kullanımı için bir Veri İşleme Sözleşmesi (DPA) imzalamış bulunmaktayız. Bu, veri gizliliği yasaları gereğince zorunlu olan bir sözleşmedir ve Hetzner’in, web sitemizin ziyaretçilerinin kişisel verilerini sadece talimatlarımıza göre ve GDPR’e uygun olarak işleyeceğini garanti etmektedir.

Google Cloud CDN

Google Cloud CDN içerik dağıtım ağı kullanmaktayız. Sağlayıcı Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, İrlanda’dır.

Google, küresel dağıtımlı bir içerik dağıtım ağı sunmaktadır. Teknik olarak, tarayıcınız ile web sitemiz arasındaki bilgi transferi Google ağı üzerinden yönlendirilir. Bu, web sitemizin küresel erişilebilirliğini ve performansını artırmamıza olanak tanır.

Google Cloud CDN’nin kullanımı, web sitemizin en hatasız ve güvenli şekilde sunulmasına yönelik meşru çıkarımımıza dayanmaktadır (GDPR Madde 6(1)(f)).

ABD’ye veri aktarımı, Avrupa Komisyonu’nun Standart Sözleşme Şartları (SCC) temelinde gerçekleştirilmektedir. Detaylar için buraya bakabilirsiniz: https://cloud.google.com/terms/eu-model-contract-clause.

Google Cloud CDN hakkında daha fazla bilgiye şuradan ulaşabilirsiniz: https://cloud.google.com/cdn/docs/overview?hl=en.

Şirket, “AB-ABD Veri Gizliliği Çerçevesi” (DPF) kapsamında sertifikalıdır. DPF, Avrupa Birliği ile ABD arasında yapılan, ABD’deki veri işleme süreçlerinin Avrupa veri koruma standartlarına uygunluğunu sağlamayı amaçlayan bir anlaşmadır. DPF kapsamında sertifikalı her şirket, bu veri koruma standartlarına uymakla yükümlüdür. Daha fazla bilgi için lütfen sağlayıcıya aşağıdaki bağlantı üzerinden başvurun: https://www.dataprivacyframework.gov/participant/5780.

Veri İşleme

Yukarıda bahsedilen hizmetin kullanımı için bir veri işleme sözleşmesi (DPA) imzalamış bulunmaktayız. Bu sözleşme, veri gizliliği yasaları gereğince zorunlu olan bir sözleşmedir ve bu hizmet sağlayıcının, web sitemizin ziyaretçilerinin kişisel verilerini yalnızca talimatlarımıza göre ve GDPR’e uygun olarak işleyeceğini garanti etmektedir.

3. Genel bilgi ve zorunlu bilgiler

Veri Koruma

Bu web sitesinin işletmecileri ve sayfaları, kişisel verilerinizin korunmasını çok ciddiye almaktadır. Bu nedenle, kişisel verilerinizi gizli bilgi olarak ele alır ve yasal veri koruma düzenlemelerine ve bu Veri Koruma Beyanı’na uygun olarak işleriz.

Bu web sitesini kullandığınızda çeşitli kişisel bilgiler toplanacaktır. Kişisel veriler, sizi kişisel olarak tanımlamak için kullanılabilecek verileri kapsar. Bu Veri Koruma Beyanı, hangi verileri topladığımızı, bu verileri hangi amaçlarla kullandığımızı açıklar. Ayrıca bilgilerin nasıl ve hangi amaçla toplandığını da açıklar.

İnternet üzerinden veri iletiminin (örneğin, e-posta iletişimleri aracılığıyla) güvenlik açıklarına duyarlı olabileceğini size burada bildirmekteyiz. Verilerin tamamen üçüncü taraf erişimine karşı korunması mümkün değildir.

Veri Sorumlusu Hakkında Bilgi (GDPR’de “kontrolör” olarak adlandırılır)

Bu web sitesinde veri işleme sorumlusu:

Hacer İLHAN

Yeni Mahalle Ahmet Aliağa Bulvarı
Kumluca / Antalya

Telefon: 05071994635
E-Posta: info@mucizem-sensin.com

Kontrolör, kişisel verilerin (örneğin, isimler, e-posta adresleri vb.) işlenmesinin amaçları ve kaynakları konusunda tek başına veya diğerleriyle birlikte kararlar alan doğal kişi veya tüzel kişidir.

Depolama süresi

Bu gizlilik politikasında daha spesifik bir depolama süresi belirtilmediği sürece, kişisel verileriniz toplandığı amacın ortadan kalkmasına kadar bizimle kalacaktır. Silinme talebinde bulunursanız veya veri işleme izniniz çekilirse, verileriniz silinecektir, ancak vergi veya ticari hukukun belirlediği diğer yasal nedenlerimiz varsa (örneğin, depolama süreleri), bu durumda silme bu nedenlerin ortadan kalkmasının ardından gerçekleştirilecektir.

Bu web sitesinde veri işleme işlemlerinin hukuki dayanakları hakkında genel bilgi

Bu web sitesinde veri işleme işlemleri için hukuki dayanaklarla ilgili genel bilgi şöyledir: Eğer veri işleme işlemine onay verdiyseniz, kişisel verilerinizi GDPR’nin 6(1)(a) veya özel veri kategorileri ise 9(2)(a) maddelerine göre işleriz. Üçüncü ülkelere kişisel veri aktarımına açık onay verdiyseniz, veri işleme işlemi ayrıca GDPR’nin 49(1)(a) maddesine dayanmaktadır. Çerezlerin depolanmasına veya cihaz parmak izi alma yoluyla bilgilere erişime onay verdiyseniz, veri işleme işlemi ayrıca TDDDG’nin 25(1) maddesine dayanmaktadır. Bu onay her zaman geri alınabilir.Eğer verileriniz bir sözleşmenin yerine getirilmesi veya ön sözleşmeye ilişkin önlemlerin uygulanması için gerekiyorsa, verilerinizi GDPR’nin 6(1)(b) maddesine göre işleriz. Ayrıca, verilerinizin bir yasal yükümlülüğün yerine getirilmesi için gerekiyorsa, bunu GDPR’nin 6(1)(c) maddesine göre işleriz. Ayrıca, veri işleme işlemi GDPR’nin 6(1)(f) maddesine göre meşru çıkarımız doğrultusunda gerçekleştirilebilir. Her bir durum için ilgili hukuki dayanağa ilişkin bilgiler bu gizlilik politikasının ilgili paragraflarında sağlanmaktadır.

Veri Koruma Görevlisinin Atanması

Bir veri koruma görevlisi atadık.

Alper İLHAN

Telefon: 05464702346
E-Posta: webmaster@mucizen-sensin.com

Veri koruma yasaları altında güvenli olmayan üçüncü ülkelere veri transferi ve DPF (AB-ABD Veri Gizliliği Çerçevesi) sertifikası olmayan ABD şirketlerine veri transferi hakkında bilgi

Üçüncü ülkelerde veri koruma yasaları gereği güvenli olmayan ülkelerde bulunan şirketlerin teknolojilerini kullanıyoruz ve ayrıca AB-ABD Veri Gizliliği Çerçevesi (DPF) altında sertifikalı olmayan ABD şirketlerinin araçlarını da kullanıyoruz. Bu araçlar etkinleştirildiğinde, kişisel verileriniz bu ülkelere aktarılabilir ve bu ülkelerde işlenebilir. Üçüncü ülkelerde, veri koruma yasaları açısından AB ile karşılaştırılabilir bir veri koruma seviyesi garanti edilemeyeceğini lütfen dikkate alınız.

ABD genellikle, AB ile karşılaştırılabilir bir veri koruma seviyesine sahip güvenli bir üçüncü ülke olarak kabul edilmektedir. Dolayısıyla, veri alıcısı AB-ABD Veri Gizliliği Çerçevesi (DPF) altında sertifikalı veya uygun ek güvencelere sahipse, veri transferi ABD’ye yapılabilir. Üçüncü ülkelere veri aktarımı, veri alıcıları dahil olmak üzere bu Gizlilik Politikası’nda yer alan bilgilerde bulunabilir.

Kişisel verilerin alıcıları

İş faaliyetlerimiz kapsamında çeşitli dış taraflarla iş birliği yapıyoruz. Bazı durumlarda bu, kişisel verilerin bu dış taraflara aktarılmasını gerektirebilir. Kişisel verileri yalnızca sözleşme yerine getirilmesi gerektiğinde, yasal olarak bu gereklilik varsa (örneğin, vergi otoritelerine veri açıklaması), GDPR’nin 6(1)(f) maddesi uyarınca açıklama yapmamız gerekiyorsa veya başka bir yasal dayanak veri açıklamasına izin veriyorsa dış taraflara açıklıyoruz. Veri işleyicilerini kullanırken, müşterilerimizin kişisel verilerini yalnızca geçerli bir veri işleme sözleşmesi temelinde açıklıyoruz. Ortak işleme durumunda ise ortak işleme anlaşması yapılır.

Veri işleme izninizin geri çekilmesi

Birçok veri işleme işlemi yalnızca açık onayınıza tabidir. Önceden verdiğiniz herhangi bir onayı istediğiniz zaman geri çekebilirsiniz. Bu, geri çekmenizden önce gerçekleşen veri toplamanın yasallığına zarar vermez.

Veri toplama konusunda özel durumlarda itiraz hakkı; doğrudan reklama karşı itiraz hakkı (GDPR Madde 21)

IFADE EDİLEN VERİ, ART. 6(1)(E) YA DA (F) GDPR’YE DAYALI OLARAK İŞLENİYORSA, KENDİ BENZER DURUMUNUZDAN KAYNAKLANAN NEDENLERE DAYALI OLARAK KİŞİSEL VERİLERİNİZİN İŞLENMESİNE HER ZAMAN İTİRAZ HAKKINA SAHİPSİNİZ. BU DURUM AYNI ZAMANDA BU HÜKÜMLERE DAYALI PROFİLLER İÇİN DE GEÇERLİDİR. VERİNİN İŞLENMESİNİN DAYANDIĞI HUKUKİ DAYANAĞI TESPİT ETMEK İÇİN LÜTFEN BU VERİ KORUMA BEYANINA BAŞVURUN. İTİRAZDA BULUNURSANIZ, ETKİLENEN KİŞİSEL VERİLERİNİZİ ARTIK İŞLEMEYECEĞİZ, EĞER VERİLERİNİZİN İŞLENMESİ İÇİN SİZİN ÇIKARLARINIZI, HAKLARINIZI VE ÖZGÜRLÜKLERİNİZİ AĞIRLIKLI OLARAK ÜSTÜN KILAN ZORUNLU KORUMA DEĞERLİ NEDENLERİ SUNMAK İÇİN BİR KONUMDA DEĞİLSEK YA DA İŞLEMİN AMACI HUKUKİ HAKLARIN İLERLETTİRİLMESİ, KULLANILMASI YA DA SAVUNULMASI İSE (ART. 21(1) GDPR İTİRAZ).

EĞER KİŞİSEL VERİLERİNİZ DOĞRUDAN REKLAMCILIK İÇİN İŞLENİYORSA, BU TÜR REKLAMCILIK AMAÇLARI İÇİN ETKİLENEN KİŞİSEL VERİLERİNİZİN İŞLENMESİNE HER ZAMAN İTİRAZ ETME HAKKINA SAHİPSİNİZ. BU DURUM AYNI ZAMANDA BU DOĞRUDAN REKLAMCILIKLA İLİŞKİLİ PROFİLLER İÇİN DE GEÇERLİDİR. İTİRAZ EDİYORSANIZ, KİŞİSEL VERİLERİNİZ SONUÇ OLARAK DAHA SONRA DOĞRUDAN REKLAMCILIK AMAÇLARI İÇİN KULLANILMAYACAKTIR (ART. 21(2) GDPR İTİRAZ).

Şikayetimi ilgili denetim kurumuna iletmek hakkı

GDPR ihlalleri durumunda, veri konuları, özellikle ikamet ettikleri üye devlet, çalışma yeri veya iddia edilen ihlalin meydana geldiği yerdeki ilgili denetim kurumuna şikayette bulunma hakkına sahiptirler. Şikayet hakkı, diğer idari veya yargısal başvuru yollarının varlığından bağımsız olarak geçerlidir.

Veri taşınabilirliği hakkı

Onayınıza dayanarak veya bir sözleşmenin yerine getirilmesi amacıyla otomatik olarak işlediğimiz verilerin, sizin veya istediğiniz üçüncü bir tarafa, ortak, makine tarafından okunabilir bir formatta aktarılmasını talep etme hakkınız vardır. Verilerin doğrudan başka bir veri sorumlusuna aktarılmasını talep ederseniz, bu ancak teknik olarak mümkün olması durumunda gerçekleştirilir.

Verilerin düzeltilmesi ve yok edilmesi hakkında bilgi

Geçerli yasal düzenlemeler kapsamında, arşivlenmiş kişisel verileriniz hakkında bilgi talep etme hakkınız bulunmaktadır. Bu verilerin kaynağı, alıcıları ve verilerinizin işlenme amacı hakkında her zaman bilgi isteme hakkınız vardır. Ayrıca verilerinizin düzeltilmesi veya silinmesi talebinde bulunma hakkınız olabilir. Bu konuyla ilgili veya kişisel verilerle ilgili başka herhangi bir sorunuz varsa, her zaman bizimle iletişime geçmekten çekinmeyiniz.

İşleme kısıtlamaları talep etme hakkı

Kişisel verilerinizin işlenmesiyle ilgili olarak işleme sınırlaması talebinde bulunma hakkınız bulunmaktadır. Bunun için her zaman bizimle iletişime geçebilirsiniz. İşleme sınırlaması talep etme hakkı aşağıdaki durumlarda geçerlidir:

Eğer tarafımızca arşivlenen verilerinizin doğruluğunu tartışma konusu yaparsanız, genellikle bu iddiayı doğrulamak için zaman gerekecektir. Bu süreç devam ederken, kişisel verilerinizin işlenmesini sınırlamamızı talep etme hakkınız bulunmaktadır.
Kişisel verilerinizin işlenmesi yasadışı bir şekilde gerçekleştirildiyse/halen gerçekleştiriliyorsa, bu verilerin silinmesini talep etmek yerine verilerinizin işlenmesinin sınırlanmasını talep etme seçeneğiniz bulunmaktadır.
Eğer artık kişisel verilerinize ihtiyacımız yoksa ve bunları kullanarak yasal haklarınızı kullanmanız, savunmanız veya talepte bulunmanız gerekiyorsa, verilerinizin silinmesi yerine işlenmesinin sınırlanmasını talep etme hakkınız bulunmaktadır.
Eğer GDPR’nin 21(1). maddesi uyarınca itirazda bulunduysanız, haklarınız ve bizim haklarımız birbirine karşı tartılacaktır. Hangi tarafın çıkarlarının üstün olduğu belirlenene kadar, kişisel verilerinizin işlenmesinin sınırlanmasını talep etme hakkınız bulunmaktadır.

Kişisel verilerinizin işlenmesini sınırlamışsanız, bu veriler – arşivlenmeleri dışında – ancak sizin izniniz veya yasal haklarınızı talep etmek, kullanmak veya savunmak veya diğer doğal kişilerin veya hukuki kişilerin haklarını korumak veya Avrupa Birliği veya bir AB üye devleti tarafından belirtilen önemli kamu çıkarları için işlenebilir.

SSL ve/veya TLS şifreleme

Güvenlik nedenleri ve size web sitesi işletmecisi olarak sunduğunuz satın alma siparişleri veya sorular gibi hassas içeriğin iletilmesini korumak için, bu web sitesi SSL veya TLS şifreleme programını kullanmaktadır. Şifreli bir bağlantıyı, tarayıcının adres çubuğunun “http://”den “https://”e geçip ayrıca tarayıcı çubuğundaki kilit simgesinin görünüp görünmediğini kontrol ederek tanıyabilirsiniz.

SSL veya TLS şifrelemesi etkinleştirildiğinde, bize ilettiğiniz veriler üçüncü taraflar tarafından okunamaz.

İstenmeyen e-postaların reddedilmesi

Aşağıda yer alan iletişim bilgilerimizin, İnternet sitesinde yayımlanan yasal zorunlu bilgilerle birlikte, bize açıkça talep etmediğimiz tanıtım ve bilgi materyalleri göndermek için kullanılmasına itiraz ediyoruz. Bu web sitesinin işletmecileri olarak, örneğin SPAM mesajları aracılığıyla gönderilen istenmeyen tanıtım bilgileri durumunda yasal işlem başlatma hakkını saklı tutuyoruz.

4. Bu web sitesindeki verilerin kaydedilmesi

Çerezler

Web sitemiz ve sayfalarımız, endüstri tarafından “çerezler” olarak adlandırılan teknolojiyi kullanmaktadır. Çerezler, cihazınıza herhangi bir zarar vermeden küçük veri paketleridir. İki türde olabilirler: oturum süresince geçici olarak depolanırlar (oturum çerezleri) veya cihazınızda kalıcı olarak arşivlenirler (kalıcı çerezler). Oturum çerezleri, ziyaretinizi sonlandırdığınızda otomatik olarak silinirler. Kalıcı çerezler ise cihazınızda aktif olarak silinene kadar veya web tarayıcınız tarafından otomatik olarak silinene kadar arşivlenmeye devam ederler.

Çerezler tarafımızdan (birinci taraf çerezleri) veya üçüncü taraf şirketler tarafından (sözde üçüncü taraf çerezleri) oluşturulabilir. Üçüncü taraf çerezleri, üçüncü taraf şirketlerin belirli hizmetlerini web sitelerine entegre etmeye olanak tanır (örneğin, ödeme hizmetleri için çerezler).

Çerezlerin çeşitli işlevleri bulunmaktadır. Birçok çerez teknik olarak esastır çünkü bu çerezler olmadan belirli web sitesi işlevleri çalışmaz (örneğin, alışveriş sepeti işlevi veya videoların gösterimi). Diğer çerezler ise kullanıcı davranışlarını analiz etmek veya tanıtım amaçları için kullanılabilir.

Elektronik iletişim işlemlerinin performansı için gereken çerezler, kullanmak istediğiniz belirli işlevlerin sağlanması için gereken çerezler (örneğin, alışveriş sepeti işlevi için) veya web sitesinin optimizasyonu için gerekli olan çerezler (gereken çerezler) gibi, çeşitli işlevleri yerine getirmek için kullanılır. Bu çerezler, farklı bir hukuki dayanak gösterilmedikçe GDPR’nin 6(1)(f) maddesi uyarınca saklanır. Web sitesinin işletmecisinin, hizmetlerinin teknik olarak hatasız ve optimize edilmiş bir şekilde sunulmasını sağlamak için gereken çerezlerin saklanmasında meşru bir çıkarı bulunmaktadır. Eğer çerezlerin ve benzeri tanıma teknolojilerinin saklanmasına yönelik olarak sizden onay istenmişse, işleme yalnızca elde edilen onay temelinde (GDPR’nin 6(1)(a) maddesi ve TDDDG’nin 25(1) maddesi) gerçekleştirilir; bu onay her zaman geri alınabilir.

Tarayıcınızı öyle bir şekilde ayarlayabilirsiniz ki, her zaman çerezler yerleştirildiğinde bildirim alırsınız ve yalnızca belirli durumlarda çerezleri kabul edersiniz. Ayrıca, belirli durumlarda veya genel olarak çerezleri kabul etmeyi reddedebilir veya tarayıcı kapanırken çerezlerin otomatik olarak silinmesi işlevini etkinleştirebilirsiniz. Çerezler devre dışı bırakılırsa, bu web sitesinin işlevleri sınırlı olabilir.

Bu web sitesinde hangi çerezler ve hizmetlerin kullanıldığına dair bilgiyi bu gizlilik politikasında bulabilirsiniz.

Consent with Usercentrics

This website uses the consent technology of Usercentrics to obtain your consent to the storage of certain cookies on your device or for the use of specific technologies, and to document the former in a data protection compliant manner. The party offering this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 München, Germany, website: https://usercentrics.com/ (hereinafter referred to as “Usercentrics”).

Whenever you visit our website, the following personal data will be transferred to Usercentrics:

Your declaration(s) of consent or your revocation of your declaration(s) of consent
Your IP address
Information about your browser
Information about your device
The date and time you visited our website
Geolocation

Moreover, Usercentrics shall store a cookie in your browser to be able to allocate your declaration(s) of consent or any revocations of the former. The data that are recorded in this manner shall be stored until you ask us to eradicate them, delete the Usercentrics cookie or until the purpose for archiving the data no longer exists. This shall be without prejudice to any mandatory legal retention periods.

The Usercentrics banner on this website has been configured with the assistance of eRecht24. This can be identified by the eRecht24 logo. To display the eRecht24 logo in the banner, a connection to the image server of eRecht24 will be established. In conjunction with this, the IP address is also transferred; however, is only stored in anonymized form in the server logs. The image server of eRecht24 is located in Germany with a German provider. The banner as such is provided exclusively by Usercentrics.

Usercentrics uses cookies to obtain the declarations of consent mandated by law. The legal basis for the use of specific technologies is Art. 6(1)(c) GDPR.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

Consent with ConsentManager

Our website uses the ConsentManager consent technology to obtain your consent to the storage of certain cookies on your device or for the use of certain technologies and data protection legislation compliant documentation of the former. The party offering this technology is Jaohawi AB, Håltegelvägen 1b, 72348 Västerås, Sweden, website: https://www.consentmanager.de (hereinafter referred to as “ConsentManager”).

Whenever you visit our website, a connection to ConsentManager’s servers will be established to obtain your consent and other declarations regarding the use of cookies.

Moreover, ConsentManager shall store a cookie in your browser to be able to allocate your declaration(s) of consent or any revocations of the former. The data that are recorded in this manner shall be stored until you ask us to eradicate them, delete the ConsentManager cookie or until the purpose for archiving the data no longer exists. This shall be without prejudice to any mandatory legal retention periods.

ConsentManager uses cookies to obtain the declarations of consent mandated by law. The legal basis for the use of such cookies is Art. 6(1)(c) GDPR.

Data processing

Consent with Cookie Notice & Compliance

Our website uses the consent technology of Cookie Notice & Compliance for GDPR to obtain your consent for the archiving of certain cookies on your device or for the use of certain technologies and for the data protection compliant documentation of the former.

Cookie Notice & Compliance for GDPR is installed locally on our servers so that a connection with third party servers does not occur. Cookie Notice & Compliance for GDPR stores a cookie in your browser to be able to allocate the granted consent and their revocation to you. The cookie stays active for 1 month. Your data is stored until you ask us to delete it, delete the consent cookie yourself or the purpose of data archiving is no longer valid. This does not affect mandatory statutory retention periods.

Cookie Notice & Compliance for GDPR is being used to obtain the consent for the use of cookies required by law. The legal basis is Art. 6(1)(c) GDPR.

Consent with Complianz

Our website uses Complianz’s consent technology to obtain your consent to store certain cookies on your device or for the use of certain technologies and to document this consent in a manner compliant with data protection regulations. The provider of this technology is Complianz B.V., Kalmarweg 14-5, 9723 JG Groningen, the Netherlands (hereinafter “Complianz”).

Complianz is hosted on our servers, so no connection to the servers of the provider of Complianz is established. Complianz stores a cookie in your browser in order to be able to allocate the consents granted to you or their revocation. The data collected in this way is stored until you request us to delete it, delete the Complianz cookie yourself or until the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected.

Complianz serves to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6(1)(c) GDPR.

Server log files

The provider of this website and its pages automatically collects and stores information in so-called server log files, which your browser communicates to us automatically. The information comprises:

The type and version of browser used
The used operating system
Referrer URL
The hostname of the accessing computer
The time of the server inquiry
The IP address

This data is not merged with other data sources.

This data is recorded on the basis of Art. 6(1)(f) GDPR. The operator of the website has a legitimate interest in the technically error free depiction and the optimization of the operator’s website. In order to achieve this, server log files must be recorded.

Contact form

If you submit inquiries to us via our contact form, the information provided in the contact form as well as any contact information provided therein will be stored by us in order to handle your inquiry and in the event that we have further questions. We will not share this information without your consent.

The processing of these data is based on Art. 6(1)(b) GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6(1)(f) GDPR) or on your agreement (Art. 6(1)(a) GDPR) if this has been requested; the consent can be revoked at any time.

The information you have entered into the contact form shall remain with us until you ask us to eradicate the data, revoke your consent to the archiving of data or if the purpose for which the information is being archived no longer exists (e.g., after we have concluded our response to your inquiry). This shall be without prejudice to any mandatory legal provisions, in particular retention periods.

Request by e-mail, telephone, or fax

If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.

These data are processed on the basis of Art. 6(1)(b) GDPR if your inquiry is related to the fulfillment of a contract or is required for the performance of pre-contractual measures. In all other cases, the data are processed on the basis of our legitimate interest in the effective handling of inquiries submitted to us (Art. 6(1)(f) GDPR) or on the basis of your consent (Art. 6(1)(a) GDPR) if it has been obtained; the consent can be revoked at any time.

The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

Communication via WhatsApp

For communication with our customers and other third parties, one of the services we use is the instant messaging service WhatsApp. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

The communication is encrypted end-to-end (peer-to-peer), which prevents WhatsApp or other third parties from gaining access to the communication content. However, WhatsApp does gain access to metadata created during the communication process (for example, sender, recipient, and time). We would also like to point out that WhatsApp has stated that it shares personal data of its users with its U.S.-based parent company Meta. Further details on data processing can be found in the WhatsApp privacy policy at: https://www.whatsapp.com/legal/#privacy-policy.

The use of WhatsApp is based on our legitimate interest in communicating as quickly and effectively as possible with customers, interested parties and other business and contractual partners (Art. 6(1)(f) GDPR). If a corresponding consent has been requested, data processing is carried out exclusively on the basis of the consent; this consent may be revoked at any time with effect for the future.

The communication content exchanged between you and us on WhatsApp remains with us until you request us to delete it, revoke your consent to storage or the purpose for which the data is stored ceases to apply (e.g. after your request has been processed). Mandatory legal provisions, in particular retention periods, remain unaffected.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt00000011sfnAAA&status=Active.

We use WhatsApp in the “WhatsApp Business” variant.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.whatsapp.com/legal/business-data-transfer-addendum?lang=en.

We have set up our WhatsApp accounts in such a way that there is no automatic synchronization of data with the address book on the smartphones in use.

We have concluded a data processing agreement (DPA) with the above-mentioned provider.

Google Calendar

On our website, you have the option to set up appointments with our company. For planning purposes, we use Google Calendar. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”).

To make reservations for an appointment, you will enter the requested data and your preferred meeting date into the dedicated screen. The data you enter will be used to plan, conduct, and possibly also follow up on the appointment. The appointment information will be stored on the servers of Google Calendar on our behalf. You may review the company’s data protection policy here: https://policies.google.com/privacy.

The data recorded in this manner will be stored until you ask us to delete them, revoke your consent to the archiving of your data or until the purpose of archiving the data no longer exists. This does not affect mandatory statutory provisions – in particular those governing retention periods.

The legal basis for the processing of the data is Art. 6(1)(f) GDPR. The operator of the website has a legitimate interest in ensuring that appointments with customers and prospective customers can be scheduled as easily as possible. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.

Data transfer to the US is based on the standard contractual clauses of the EU Commission. Details can be found here: https://workspace.google.com/terms/dpa_terms.html and https://cloud.google.com/terms/sccs.

Data processing

Registration on this website

You have the option to register on this website to be able to use additional website functions. We shall use the data you enter only for the purpose of using the respective offer or service you have registered for. The required information we request at the time of registration must be entered in full. Otherwise, we shall reject the registration.

To notify you of any important changes to the scope of our portfolio or in the event of technical modifications, we shall use the e-mail address provided during the registration process.

We shall process the data entered during the registration process on the basis of your consent (Art. 6(1)(a) GDPR).

The data recorded during the registration process shall be stored by us as long as you are registered on this website. Subsequently, such data shall be deleted. This shall be without prejudice to mandatory statutory retention obligations.

Registration with Google

Instead of registering directly on this website, you can register with Google. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To register with Google, you must only enter your Google name and password. Google will identify you and confirm your identity to our website.

When you sign in with Google, we may be able to use certain information in your account to complete your profile with us. You decide whether you want this information to be used and if so, which information it is, within the framework of your Google security settings, which you can find here: https://myaccount.google.com/security and https://myaccount.google.com/permissions.

The data processing associated with Google’s registration is based on our legitimate interest in making the registration process as simple as possible for our users (Art. 6(1)(f) GDPR). Since the use of the registration function is voluntary and the users themselves can decide on the respective access options, no conflicting predominant rights of the data subjects are apparent.

The comment function on this website

When you use the comment function on this website, information on the time the comment was generated and your e-mail-address and, if you are not posting anonymously, the username you have selected will be archived in addition to your comments.

Storage of the IP address

Our comment function stores the IP addresses of all users who enter comments. Given that we do not review the comments prior to publishing them, we need this information in order to take action against the author in the event of rights violations, such as defamation or propaganda.

Subscribing to comments

As a user of this website, you have the option to subscribe to comments after you have registered. You will receive a confirmation e-mail, the purpose of which is to verify whether you are the actual holder of the provided e-mail address. You can deactivate this function at any time by following a respective link in the information e-mails. The data entered in conjunction with subscriptions to comments will be deleted in this case. However, if you have communicated this information to us for other purposes and from a different location (e.g., when subscribing to the newsletter), the data shall remain in our possession.

Storage period for comments

Comments and any affiliated information shall be stored by us and remain on this website until the content the comment pertained to has been deleted in its entirety or if the comments had to be deleted for legal reasons (e.g., insulting comments).

Legal basis

Comments are stored on the basis of your consent (Art. 6(1)(a) GDPR). You have the right to revoke at any time any consent you have already given us. To do so, all you are required to do is sent us an informal notification via e-mail. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your revocation.

Gravatar

We have integrated Gravatar on this website. The provider is Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA (hereinafter Gravatar).

Gravatar is a tool that lets you provide personal images (avatars) to users of our website. The avatars serve as visual representations of the users and are displayed wherever a user interacts with the platform (e.g., in forums or chats). When a user interacts with the platform, their avatar is displayed based on the choices associated with their email address. This adds a personal touch to the users’ online presence and simplifies the identification process, as the selected image is associated with the users when they are active online.

When commenting or interacting on our website with Gravatar enabled, the hash of the email address of the user using Gravatar (used as an ID) is processed by Gravatar.

The use of Gravatar is based on Art. 6 (1)(f) GDPR. The website operator has a legitimate interest in an appealing presentation of its forums. Insofar as a corresponding consent was requested, the processing is carried out exclusively on the basis of Art. 6 (1)(a) GDPR and § 25 (1) TDDDG. This consent can be revoked at any time.

For further details, please refer to the provider’s privacy policy: https://automattic.com/privacy/.

Data processing

5. Social media

eRecht24 Safe Sharing Tool

Users may share the content of this website and its pages in a data protection law compliant manner on social networks, such as Facebook, X et al. For this purpose, this website uses the eRecht24 Safe Sharing Tool. This tool does not establish a direct connection between the network and the user until the user has actively clicked on one of the buttons. The click on this button constitutes content as defined in Art. 6(1)(a) GDPR and § 25 (1) TDDDG. This consent may be revoked by the user at any time, which shall affect all future actions.

This tool does not automatically transfer user data to the operators of these platforms. If the user is registered with one of the social networks, an information window will pop up as soon as the social media elements of Facebook, X et al is used, which allows the user to confirm the text prior to sending it.

Our users have the option to share the content of this website and its page in a data protection law compliant manner on social networks, without entire browsing histories are being generated by the operators of these networks.

This service is used to obtain the consent to the use of certain technologies required by law. The legal basis for this is Art. 6(1)(c) GDPR.

Facebook

We have integrated elements of the social network Facebook on this website. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. According to Facebook’s statement the collected data will be transferred to the USA and other third-party countries too.

An overview of the Facebook social media elements is available under the following link: https://developers.facebook.com/docs/plugins/.

If the social media element has been activated, a direct connection between your device and the Facebook server will be established. As a result, Facebook will receive information confirming your visit to this website with your IP address. If you click on the Facebook Like button while you are logged into your Facebook account, you can link content of this website to your Facebook profile. Consequently, Facebook will be able to allocate your visit to this website to your user account. We have to emphasize that we as the provider of the website do not receive any information on the content of the transferred data and its use by Facebook. For more information, please consult the Data Privacy Policy of Facebook at: https://de-de.facebook.com/privacy/explanation.

The use of this service is based on your consent in accordance with Art. 6 (1)(a) GDPR and § 25 (1) TDDDG. Consent can be revoked at any time.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found under: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://de-de.facebook.com/help/566994660333381 and https://www.facebook.com/policy.php.

X (formerly Twitter)

We have integrated functions of the social media platform X (formerly Twitter) into this website. These functions are provided by the parent company X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The branch Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland, is responsible for the data processing of individuals living outside the United States.

If the social media element has been activated, a direct connection between your device and X’s server will be established. As a result, X (formerly Twitter) will receive information on your visit to this website. While you use X (formerly Twitter) and the “Re-Tweet” or “Repost” function, websites you visit are linked to your X (formerly Twitter) account and disclosed to other users. We must point out, that we, the providers of the website and its pages do not know anything about the content of the data transferred and the use of this information by X (formerly Twitter). For more details, please consult the X (formerly Twitter) Data Privacy Declaration at: https://x.com/en/privacy.

The use of this service is based on your consent in accordance with Art. 6 (1)(a) GDPR and § 25 (1) TDDDG. Consent can be revoked at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://gdpr.x.com/en/controller-to-controller-transfers.html.

You have the option to reset your data protection settings on X (formerly Twitter) under the account settings at https://x.com/settings/account.

Instagram

We have integrated functions of the public media platform Instagram into this website. These functions are being offered by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.

If the social media element has been activated, a direct connection between your device and Instagram’s server will be established. As a result, Instagram will receive information on your visit to this website.

If you are logged into your Instagram account, you may click the Instagram button to link contents from this website to your Instagram profile. This enables Instagram to allocate your visit to this website to your user account. We have to point out that we as the provider of the website and its pages do not have any knowledge of the content of the data transferred and its use by Instagram.

The use of this service is based on your consent in accordance with Art. 6 (1)(a) GDPR and § 25 (1) TDDDG. Consent can be revoked at any time.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook or Instagram. The processing by Facebook or Instagram that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found under: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook or Instagram tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook or Instagram products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook or Instagram directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://privacycenter.instagram.com/policy/ and https://de-de.facebook.com/help/566994660333381.

For more information on this subject, please consult Instagram’s Data Privacy Declaration at: https://privacycenter.instagram.com/policy/.

This website uses elements of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Any time you access a page of this website that contains elements of LinkedIn, a connection to LinkedIn’s servers is established. LinkedIn is notified that you have visited this website with your IP address. If you click on LinkedIn’s “Recommend” button and are logged into your LinkedIn account at the time, LinkedIn will be in a position to allocate your visit to this website to your user account. We have to point out that we as the provider of the websites do not have any knowledge of the content of the transferred data and its use by LinkedIn.

The use of this service is based on your consent in accordance with Art. 6 (1)(a) GDPR and § 25 (1) TDDDG. Consent can be revoked at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.linkedin.com/help/linkedin/answer/a1343190/datenubertragung-aus-der-eu-dem-ewr-und-der-schweiz?lang=de.

For further information on this subject, please consult LinkedIn’s Data Privacy Declaration at: https://www.linkedin.com/legal/privacy-policy.

We use elements of the social network Pinterest on this website. The network is operated by Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.

If you access a site or page that contains such an element, your browser will establish a direct connection with Pinterest’s servers. During this process, the social media element transfers log data to Pinterest’s servers in the United States. The log data may possibly include your IP address, the address of the websites you visited, which also contain Pinterest functions. The information also includes the type and settings of your browser, the data and time of the inquiry, how you use Pinterest and cookies.

The use of this service is based on your consent in accordance with Art. 6 (1)(a) GDPR and § 25 (1) TDDDG. Consent can be revoked at any time.

For more information concerning the purpose, scope and continue processing and use of the data by Pinterest as well as your affiliated rights and options to protect your private information, please consult the data privacy information of Pinterest at: https://about.pinterest.com/en/privacy-policy.

6. Analysis tools and advertising

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

The Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store cookies, and does not carry out any independent analyses. It only manages and runs the tools integrated via it. However, the Google Tag Manager does collect your IP address, which may also be transferred to Google’s parent company in the United States.

The Google Tag Manager is used on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and administration of various tools on his website. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior patterns of website visitors. To that end, the website operator receives a variety of user data, such as pages accessed, time spent on the page, the utilized operating system and the user’s origin. This data is summarized in a user-ID and assigned to the respective end device of the website visitor.

Furthermore, Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. Google Analytics uses various modeling approaches to augment the collected data sets and uses machine learning technologies in data analysis.

Google Analytics uses technologies that make the recognition of the user for the purpose of analyzing the user behavior patterns (e.g., cookies or device fingerprinting). The website use information recorded by Google is, as a rule transferred to a Google server in the United States, where it is stored.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You may revoke your consent at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

IP anonymization

Google Analytics IP anonymization is active. As a result, your IP address will be abbreviated by Google within the member states of the European Union or in other states that have ratified the Convention on the European Economic Area prior to its transmission to the United States. The full IP address will be transmitted to one of Google’s servers in the United States and abbreviated there only in exceptional cases. On behalf of the operator of this website, Google shall use this information to analyze your use of this website to generate reports on website activities and to render other services to the operator of this website that are related to the use of the website and the Internet. The IP address transmitted in conjunction with Google Analytics from your browser shall not be merged with other data in Google’s possession.

Browser plug-in

You can prevent the recording and processing of your data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

For more information about the handling of user data by Google Analytics, please consult Google’s Data Privacy Declaration at: https://support.google.com/analytics/answer/6004245?hl=en.

Google Signals

We use Google Signals. Whenever you visit our website, Google Analytics records, among other things, your location, the progression of your search and YouTube progression as well as demographic data (site visitor data). This data may be used for customized advertising with the assistance of Google Signal. If you have a Google account, your site visitor information will be linked to your Google account by Google Signal and used to send you customized promotional messages. The data is also used to compile anonymized statistics of our users’ online patterns.

Contract data processing

We have executed a contract data processing agreement with Google and are implementing the stringent provisions of the German data protection agencies to the fullest when using Google Analytics.

WP Statistics

This website uses the WP Statistics analysis tool to evaluate visitor accesses statistically. The provider is Veronalabs, Tatari 64, 10134, Tallinn, Estonia (https://veronalabs.com).

WP Statistics can be used to analyze the use of our website. In doing so, WP Statistics records, among other things, log files (IP address, referrer, browser used, origin of the user, search engine used) and actions that the website visitors have taken on the site (e.g. clicks and views).

The data collected with WP Statistics is stored exclusively on our own server.

The use of this analysis tool is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the anonymized analysis of user behavior in order to optimize both our websites and our advertising. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.

IP anonymization

We use WP Statistics with anonymized IP. Your IP address is shortened so that it can no longer be directly assigned to you.

7. Newsletter

Newsletter data

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only on a voluntary basis. For the handling of the newsletter, we use newsletter service providers, which are described below.

Mailchimp with deactivated success measurement

This website uses the services of Mailchimp to send out its newsletters. The provider is the Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.

Among other things, Mailchimp is a service that can be deployed to organize the sending of newsletters. Whenever you enter data for the purpose of subscribing to a newsletter (e.g. your e-mail address), the information is stored on Mailchimp servers in the United States. We have deactivated the success measurement of Mailchimp, so Mailchimp will not evaluate your behavior when opening our newsletter.

If you do not want Mailchimp to receive your data, you must unsubscribe from the newsletter. We provide a link for you to do this in every newsletter message.

The data is processed based on your consent (Art. 6(1)(a) GDPR). You may revoke any consent you have given at any time by unsubscribing from the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place prior to your revocation.

The data deposited with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter or the newsletter service provider and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored for other purposes with us remain unaffected.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://mailchimp.com/eu-us-data-transfer-statement/ and https://mailchimp.com/legal/data-processing-addendum/#Annex_C_-_Standard_Contractual_Clauses.

After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist, if such action is necessary to prevent future mailings. The data from the blacklist is used only for this purpose and not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6(1)(f) GDPR). The storage in the blacklist is indefinite. You may object to the storage if your interests outweigh our legitimate interest.

For more details, please consult the Data Privacy Policies of Mailchimp at: https://mailchimp.com/legal/terms/.

Data processing

Newsletter mailing to existing customers

If you order goods or services from us and enter your e-mail address, this e-mail address may subsequently be used by us to send you newsletters, provided we inform you of this in advance. In such a case, only direct advertising for our own similar goods or services will be sent via the newsletter. You can unsubscribe from this newsletter at any time. There is a corresponding link in every newsletter for this purpose. In this case, the legal basis for sending the newsletter is Art. 6 (1)(f) GDPR in conjunction with Section 7 (3) UWG.

After you unsubscribe from the newsletter distribution list, we may store your email address in a blacklist to prevent future mailings to you. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1)(f) GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

8. Plug-ins and Tools

Google Fonts

To ensure that fonts used on this website are uniform, this website uses so-called Google Fonts provided by Google. When you access a page on our website, your browser will load the required fonts into your browser cache to correctly display text and fonts.

To do this, the browser you use will have to establish a connection with Google’s servers. As a result, Google will learn that your IP address was used to access this website. The use of Google Fonts is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in a uniform presentation of the font on the operator’s website. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.

If your browser should not support Google Fonts, a standard font installed on your computer will be used.

For more information on Google Fonts, please follow this link: https://developers.google.com/fonts/faq and consult Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.

Font Awesome (local embedding)

This website uses Font Awesome to ensure the uniform use of fonts on this site. Font Awesome is locally installed so that a connection to Fonticons, Inc.’s servers will not be established in conjunction with this application.

For more information on Font Awesome, please and consult the Data Privacy Declaration for Font Awesome under: https://fontawesome.com/privacy.

Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter referred to as “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

The purpose of reCAPTCHA is to determine whether data entered on this website (e.g., information entered into a contact form) is being provided by a human user or by an automated program. To determine this, reCAPTCHA analyzes the behavior of the website visitors based on a variety of parameters. This analysis is triggered automatically as soon as the website visitor enters the site. For this analysis, reCAPTCHA evaluates a variety of data (e.g., IP address, time the website visitor spent on the site or cursor movements initiated by the user). The data tracked during such analyses are forwarded to Google.

reCAPTCHA analyses run entirely in the background. Website visitors are not alerted that an analysis is underway.

Data are stored and analyzed on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the protection of the operator’s websites against abusive automated spying and against SPAM. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.

For more information about Google reCAPTCHA please refer to the Google Data Privacy Declaration and Terms Of Use under the following links: https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en.

ChatGPT

We use ChatGPT for our customer communication. The provider is OpenAI, 3180 18th St, San Francisco, CA 94110, USA, https://openai.com. We use ChatGPT for the following tools:

ChatBot

When you start a conversation with us via our website and ChatGPT is activated, your input (including metadata) is transferred to ChatGPT’s servers and processed there to generate a suitable response.

OpenAI reserves the right to process the input made in ChatGPT for training its own algorithm. We cannot judge the exact way in which the data is processed.

The use of ChatGPT is based on Art. 6 (1)(f) GDPR. The website operator has a legitimate interest in the most efficient customer communication possible using modern technical solutions. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1)(a) GDPR and § 25 (1) TDDDG. The consent can be revoked at any time.

You can obtain further information here: https://openai.com/policies/privacy-policy.

Data processing

ManageWP

We administrate this website with the assistance of the ManageWP tool. The provider is GoDaddy.com WP Europe, Trg republike 5, 11000 Belgrade, Serbia (hereinafter referred to as ManageWP).

Among other things, ManageWP ensures that we can monitor the security and performance of our website as well as generate automatic backups. Consequently, ManageWP has access to all of the website’s content, including our databases. ManageWP is being hosted on the provider’s servers.

The use of ManageWP is based on Art. 6 (1)(f) GDPR. The website operator has a legitimate interest in a website(s) that work(s) as effectively and securely as possible. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.

Data processing

9. Online-based Audio and Video Conferences (Conference tools)

Data processing

We use online conference tools, among other things, for communication with our customers. The tools we use are listed in detail below. If you communicate with us by video or audio conference using the Internet, your personal data will be collected and processed by the provider of the respective conference tool and by us. The conferencing tools collect all information that you provide/access to use the tools (email address and/or your phone number). Furthermore, the conference tools process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” related to the communication process (metadata).

Furthermore, the provider of the tool processes all the technical data required for the processing of the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection.

Should content be exchanged, uploaded, or otherwise made available within the tool, it is also stored on the servers of the tool provider. Such content includes, but is not limited to, cloud recordings, chat/ instant messages, voicemail uploaded photos and videos, files, whiteboards, and other information shared while using the service.

Please note that we do not have complete influence on the data processing procedures of the tools used. Our possibilities are largely determined by the corporate policy of the respective provider. Further information on data processing by the conference tools can be found in the data protection declarations of the tools used, and which we have listed below this text.

Purpose and legal bases

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6(1)(b) GDPR). Furthermore, the use of the tools serves to generally simplify and accelerate communication with us or our company (legitimate interest in the meaning of Art. 6(1)(f) GDPR). Insofar as consent has been requested, the tools in question will be used on the basis of this consent; the consent may be revoked at any time with effect from that date.

Duration of storage

Data collected directly by us via the video and conference tools will be deleted from our systems immediately after you request us to delete it, revoke your consent to storage, or the reason for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal retention periods remain unaffected.

We have no influence on the duration of storage of your data that is stored by the operators of the conference tools for their own purposes. For details, please directly contact the operators of the conference tools.

Conference tools used

We employ the following conference tools:

Google Meet

We use Google Meet. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For details on data processing, please see the Google privacy policy: https://policies.google.com/privacy?hl=en.

Data processing

10. Custom Services

Handling applicant data

We offer website visitors the opportunity to submit job applications to us (e.g., via e-mail, via postal services on by submitting the online job application form). Below, we will brief you on the scope, purpose and use of the personal data collected from you in conjunction with the application process. We assure you that the collection, processing, and use of your data will occur in compliance with the applicable data privacy rights and all other statutory provisions and that your data will always be treated as strictly confidential.

Scope and purpose of the collection of data

If you submit a job application to us, we will process any affiliated personal data (e.g., contact and communications data, application documents, notes taken during job interviews, etc.), if they are required to make a decision concerning the establishment or an employment relationship. The legal grounds for the aforementioned are § 26 BDSG according to German Law (Negotiation of an Employment Relationship), Art. 6(1)(b) GDPR (General Contract Negotiations) and – provided you have given us your consent – Art. 6(1)(a) GDPR. You may revoke any consent given at any time. Within our company, your personal data will only be shared with individuals who are involved in the processing of your job application.

If your job application should result in your recruitment, the data you have submitted will be archived on the grounds of § 26 BDSG and Art. 6(1)(b) GDPR for the purpose of implementing the employment relationship in our data processing system.

Data Archiving Period

If we are unable to make you a job offer or you reject a job offer or withdraw your application, we reserve the right to retain the data you have submitted on the basis of our legitimate interests (Art. 6(1)(f) GDPR) for up to 6 months from the end of the application procedure (rejection or withdrawal of the application). Afterwards the data will be deleted, and the physical application documents will be destroyed. The storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the expiry of the 6-month period (e.g., due to an impending or pending legal dispute), deletion will only take place when the purpose for further storage no longer applies.

Longer storage may also take place if you have given your agreement (Article 6(1)(a) GDPR) or if statutory data retention requirements preclude the deletion.

Admission to the applicant pool

If we do not make you a job offer, you may be able to join our applicant pool. In case of admission, all documents and information from the application will be transferred to the applicant pool in order to contact you in case of suitable vacancies.

Admission to the applicant pool is based exclusively on your express agreement (Art. 6(1)(a) GDPR). The submission agreement is voluntary and has no relation to the ongoing application procedure. The affected person can revoke his agreement at any time. In this case, the data from the applicant pool will be irrevocably deleted, provided there are no legal reasons for storage.

The data from the applicant pool will be irrevocably deleted no later than two years after consent has been granted.

Popular

Gizlilik Politikası (14/06/2024)

Gizlilik Politikası

1.Veri Koruma Genel Bakış

Genel Bilgi

Bu web sitesinde veri kaydı

Bu web sitesinde veri kaydından sorumlu olan taraf (yani “kontroler”) kimdir?

Verilerinizi nasıl kaydediyoruz?

Verilerinizi hangi amaçlarla kullanıyoruz?

Bilgilerinizle ilgili hangi haklara sahipsiniz?

Analiz araçları ve üçüncü şahıslar tarafından sağlanan araçlar

2. Barındırma ve İçerik Dağıtım Ağları (CDN)

Hetzner

Veri işleme

Google Cloud CDN

Veri İşleme

3. Genel bilgi ve zorunlu bilgiler

Veri Koruma

Veri Sorumlusu Hakkında Bilgi (GDPR’de “kontrolör” olarak adlandırılır)

Depolama süresi

Bu web sitesinde veri işleme işlemlerinin hukuki dayanakları hakkında genel bilgi

Veri Koruma Görevlisinin Atanması

Veri koruma yasaları altında güvenli olmayan üçüncü ülkelere veri transferi ve DPF (AB-ABD Veri Gizliliği Çerçevesi) sertifikası olmayan ABD şirketlerine veri transferi hakkında bilgi

Kişisel verilerin alıcıları

Veri işleme izninizin geri çekilmesi

Veri toplama konusunda özel durumlarda itiraz hakkı; doğrudan reklama karşı itiraz hakkı (GDPR Madde 21)

Şikayetimi ilgili denetim kurumuna iletmek hakkı

Veri taşınabilirliği hakkı

Verilerin düzeltilmesi ve yok edilmesi hakkında bilgi

İşleme kısıtlamaları talep etme hakkı

SSL ve/veya TLS şifreleme

İstenmeyen e-postaların reddedilmesi

4. Bu web sitesindeki verilerin kaydedilmesi

Çerezler

Consent with Usercentrics

Data processing

Consent with ConsentManager

Data processing

Consent with Cookie Notice & Compliance

Consent with Complianz

Server log files

Contact form

Request by e-mail, telephone, or fax

Communication via WhatsApp

Google Calendar

Data processing

Registration on this website

Registration with Google

The comment function on this website

Storage of the IP address

Subscribing to comments

Storage period for comments

Legal basis

Gravatar

Data processing

5. Social media

eRecht24 Safe Sharing Tool

Facebook

X (formerly Twitter)

Instagram

LinkedIn

Pinterest

6. Analysis tools and advertising

Google Tag Manager

Google Analytics

IP anonymization

Browser plug-in

Google Signals

Contract data processing

WP Statistics

IP anonymization

7. Newsletter

Newsletter data

Mailchimp with deactivated success measurement

Data processing

Newsletter mailing to existing customers

8. Plug-ins and Tools

Google Fonts

Font Awesome (local embedding)

Google reCAPTCHA