Data Protection Policy & Cookie Guidelines

Table of Contents

General Information

Objective and Responsibility

  1. This Data Protection Policy is to inform you about the nature, scope and purpose of the processing of personal data in relation to our online service and the associated websites, features and contents (hereinafter collectively referred to as “online service” or “website”).
  2. The provider of the online service and responsible for the data protection law is Fairmas GmbH (EUREF-Campus 13, 10829 Berlin, Germany) – hereinafter referred to as “provider”, “we”, “our” or “us”.
  3. Our online service is made available by 1 & 1 Internet SE, Elgendorfer Str. 57, 56410 Montabaur.
  4. Our Data Protection Officer can be contacted via the email address: datenschutz@fairmas.com (Data Protection Officer: IT.DS Beratung).
  5. The term “user” or “you” encompasses all customers, interested people, employees and visitors of our online service.

Legal Bases

We collect and process personal data based on the following legal grounds:

  1. Consent in accordance with Article 6 paragraph 1 (a) General Data Protection Regulation (GDPR). Consent meaning any freely given, specific, informed and unambiguous indication of agreement, which could be in the form of a statement or any other unambiguous confirmatory act, given by the data’s subject consenting to the processing of personal data relating to him or her.
  2. Necessity for the performance of a contract or in order to take steps prior to entering into a contract according to Article 6 paragraph 1 (b) GDPR, meaning the data is required in order for us to fulfil our contractual obligations towards you or to prepare the conclusion of a contract with you.
  3. Processing to fulfil a legal obligation in accordance with Article 6 paragraph 1 (c) GDPR, meaning that e.g. the processing of data is required by law or other provisions.
  4. Processing in order to protect legitimate interests in accordance with Article 6 paragraph 1 (f) GDPR, meaning that the processing is necessary to protect legitimate interests pursued by us or by a third party, unless such interests are overridden by your interests or fundamental rights and freedoms which require the protection of personal data.

Data Subject Rights

You have the following rights with regards to the processing of your data through us:

  1. The right to lodge a complaint with a supervisory authority in accordance with article 13 paragraph 2 lit. d GDPR and article 14 paragraph 2 lit. e GDPR.
  2. Right of access in accordance with Article 15 GDPR
  3. Right to rectification in accordance with Article 16 GDPR
  4. Right to erasure („right to be forgotten“) in accordance with Article 17 GDPR
  5. Right to restriction of processing in accordance with Article 18 GDPR
  6. Right to data portability in accordance with Article 20 GDPR
  7. Right to objection in accordance with Article 21 GDPR

Note: Users can object to the processing of their personal data in accordance to the legal requirements at any time with effect for the future. The objection can be lodged in particular against processing for direct marketing purposes.

Without prejudice to any other administrative or judicial remedy, you have the right to complain to a supervisory authority, in particular in the Member State where you are staying, working or suspected of infringing, if you believe that the processing of personal data concerning you is contrary to the GDPR.

Data Erasure and Storage Duration

The personal data of the data subject will be erased or blocked as soon as the purpose of the storage is deleted. In addition, such storage may take place if provided for by the European or national legislator in EU regulations, laws or other regulations to which the controller is subject. Blocking or erasure of the data also takes place when a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for conclusion of a contract or fulfillment of the contract.

Security of Processing

  1. We have implemented appropriate and state-of-the-art technical and organizational security measures (TOMs). Thus, the data processed by us are protected against accidental or intentional manipulation, loss, destruction and unauthorized access.
  2. The security measures include in particular the encrypted transfer of data between your browser and our server.

Data Transfers to Third Parties, Subcontractors and Third Party Providers

  1. A transfer of personal data to third parties only takes place within the scope of legal requirements. We only disclose users’ data to third parties, when necessary, e.g. for billing purposes or other purposes when the transfer is required to fulfill contractual obligations towards the users.
  2. If we use subcontractors for our online service, we have made appropriate contractual arrangements as well as adequate technical and organizational measures with these companies.
  3. If we use content, tools or other means from other companies (hereinafter collectively referred to as “third party providers“) whose registered offices are located in a third country, it is assumed that a transfer of data to the home countries of these third party providers occurs. The transfer of personal data to third countries takes place exclusively only, if an adequate level of data protection, the user’s consent or another legal permission is present.

Concrete Data Processing

Collection of Information on the Use of the Online Service

  1. When using our online service, information may be transferred automatically from the browser of the user to us; this information includes the name of the accessed website, file, date and time of the access, amount of data transferred, notification about successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.
  2. The processing of this information takes place based on legitimate interests in accordance with Article 6 paragraph 1 (f) GDPR (e.g. to optimize the online service) as well as to ensure the security of processing in accordance with Article 5 paragraph 1 (f) GDPR (e.g. for the defense and clarification purposes of cyberattacks).
  3. The information is automatically deleted 4 weeks after the end of the connection – i. e. use of the online service – provided there are no other retention periods.
  4. The collection of the data and the storage of the data in log files is absolutely necessary for the provision of the online service. Therefore, the user has no possibility of erasure, objection or correction.

Contact Form and Contact via Email

  1. When contacting us (via online form or email), the data provided by the user will be processed exclusively for processing the inquiry and its handling.
  2. Any other use of the data is only based on the consent of the user.
  3. User data are stored in our Customer Relationship Management System (“CRM System”) or a comparable software / database. The legal storage periods for business letters apply.

Booking online appointments

  1. Our website optionally uses the following external services to book online appointments:
  • “Microsoft Bookings” – office365.com (part of Microsoft Office 365) provided by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521 (hereinafter: “Microsoft”). Information on data protection at Microsoft can be found at https://privacy.microsoft.com/privacystatement.
  • „”Calendly” is a service of Calendly, LLC, 3423 Piedmont Road NE, Atlanta, GA 30305-1754, United States. Information on data protection at Calendly can be found at https://calendly.com/privacy.
  1. The connection to the respective external service is only established when you click on a button on our website to access the online booking function.
  2. Please note that you are not obliged to use one of these external services to make an appointment. If you do not wish to use the service, please use another offered contact option to make an appointment.
  3. The legal basis for the data transfer, storage and processing is your consent in accordance with Article 6 (1) lit. a GDPR.
  4. Please note that when using the service, you leave our area of responsibility and that different data protection provisions apply to the respective external service. This includes in particular the use of cookies.

Complianz GDPR/CCPA Cookie Consent

  1. Our website uses the cookie consent technology of “Complianz GDPR/CCPA Cookie Consent” to obtain your consent to the storage of certain cookies in your browser and to document this in a data protection compliant manner. The provider of this technology is Complianz B.V., Atoomweg 6b, 9743 AK Groningen, Netherlands (hereinafter Complianz).
  2. When you enter our website, a Complianz cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored.
  3. The data collected will be stored until you request us to delete it or delete the Complianz cookie yourself, or until the purpose for storing the data no longer applies. Mandatory legal retention periods remain unaffected. Details on data processing by Complianz can be found at https://complianz.io/privacy-statement.
  4. The Complianz cookie consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 p. 1 lit. c DSGVO.

Google Analytics

  1. We use Google Analytics, a web analytics service provided by Google Ireland Limited (Gordon House Barclays Dublin Ireland – hereinafter “Google”), on the basis of your consent for the analysis, optimization and economic operation of our online offer pursuant to Art. 6 para. 1 lit. a. DSGVO Google Analytics, a web analytics service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) – hereinafter “Google”). Google uses cookies and other technologies. The information generated by the service about the use of the online offer by the users is transmitted to a Google server in the USA and processed there. For more information regarding the privacy policy and terms of use of Google Analytics, please visit marketingplatform.google.com/about/analytics/ and www.google.de/intl/de/policies/.
  2. Google will act for us within the scope of a commissioned processing pursuant to Article 28 DSGVO. We have concluded a data protection agreement with Google, which contains the EU standard data protection clauses.
  3. In addition, we have concluded a shared responsibility agreement pursuant to Article 26 GDPR with Google for the use of Google’s measurement services (cf. https://support.google.com/analytics/answer/9012600). Within this framework, we have agreed with Google to be responsible for the fulfillment of information obligations and for ensuring data subject rights in accordance with Chapter 3 of the GDPR, as well as for the security of processing and reporting/notification obligations. (Articles 32 to 34 of the GDPR). Google will use the information to evaluate the use of our online offer by the users, to compile reports on the activities within this online offer and to provide us with further services related to the use of this online offer and internet use. In doing so, pseudonymous usage profiles of the users can be created from the processed data.
  4. We use Google Analytics with IP anonymization enabled.
  5. Google Analytics uses so-called “cookies“, which are text files placed on your computer, to help the website analyze how you use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, Google will shorten your IP address within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website and Internet use. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at http://tools.google.com/dlpage/gaoptout?hl=en.
  6. For more information about Google’s use of your data, your choices and your ability to opt-out, please visit Google’s websites at https://policies.google.com/technologies/partner-sites?hl=en (“How Google uses data when you use our partners’ websites or apps”), https://policies.google.com/-technologies/ads(“How Google uses data for advertising purposes”) and https://adssettings.google.com/authenticated (“How Google manages the information it uses to serve ads to you”).

Google Web Fonts

  1. In order to display our content correctly and graphically appealing across browsers, we use “Google Web Fonts” of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”) on this website to display fonts.
  2. The privacy policy of the library operator Google can be found here: https://www.google.com/policies/privacy/.
  3. The Google Fonts are installed locally on our server. A connection to Google servers does not take place.

Google reCAPTCHA

    1. We use the reCAPTCHA service from Google, which protects our website from spam and abuse. The service prevents automated software (so-called bots) from carrying out abusive activities on our websites, i.e. it checks whether the entries made actually originate from a human being. Google collects the following data:

o Referrer (address of the page on which the captcha is used).
o IP address of the user
o Google account (if the user is logged in to Google, this is recognised and assigned)
o The user’s input behaviour (e.g. speed of input into the form fields, order in which the user selects the input fields) is used to improve pattern recognition at Google.
o Browser, browser size and resolution, browser plug-ins, date, language setting
o Display instructions (CSS) and scripts (Javascript) of the website
o Mouse and touch events within the page.

  1. Furthermore, Google reads the cookies from other Google services such as Gmail, Search and Analytics. All of the above data is sent to Google in encrypted form. No personal data is read or stored from the input fields of the respective form.

Google Tag Manager

  1. We use the service called Google Tag Manager from Google. “Google” is a group of companies and consists of Google Ireland Ltd. (provider of the service), Gordon House, Barrow Street, Dublin 4, Ireland as well as Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and other affiliated companies of Google LLC.
  2. We have concluded an order processing agreement with Google. The Google Tag Manager is an auxiliary service and only processes personal data itself for technically necessary purposes. The Google Tag Manager takes care of loading other components, which in turn may collect data. The Google Tag Manager does not access this data.
  3. For more information on the Google Tag Manager, please see Google’s privacy policy https://policies.google.com/privacy.
  4. Please note that American authorities, such as intelligence agencies, could potentially gain access to personal data that is inevitably exchanged with Google due to the Internet Protocol (TCP) when this service is integrated, due to American laws such as the Cloud Act.

DoubleClick

  1. DoubleClick by Google is a service of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).
  2. Doubleclick by Google uses cookies to show you advertisements that are relevant to you. Your browser is assigned a pseudonymous identification number (ID) to check which ads have been displayed in your browser and which ads have been called. The cookies do not contain any personal information. Using the DoubleClick cookies allows Google and its affiliate websites to serve ads based on previous visits to our or other websites on the Internet. The information generated by the cookies is transmitted by Google to a server in the USA for analysis and stored there. Under no circumstances will Google match your data with other data collected by Google.
  3. By using our website, you consent to the processing of data about you by Google and the manner of data processing described above as well as the named purpose.
  4. You may refuse the use of cookies by selecting the appropriate settings on your browser. You can also prevent Google from collecting the data generated by the cookies and relating to your use of the website and from processing this data by Google by downloading and installing the browser plug-in available under the following link under “Extension for DoubleClick deactivation”.
  5. For more information about DoubleClick by Google and privacy, please visit: https://policies.google.com/technologies/ads?hl=en

Outgoing Links to Social Networks

  1. Our websites contain outgoing links to social networks.
  2. By actively clicking on such a link and at the same time logging into the corresponding social network, it cannot be ruled out that the operator of the social network will access data of the user.
  3. Currently, outbound links to the websites of the following networks are displayed: Facebook, Twitter, Xing, LinkedIn, Google Plus and SlideShare.

Job Offers

  1. In the Job Offers/Careers section, you will find our current job advertisements.
  2. Contacting us is established via the mail-to function of your device. An email will be sent from your local email client to our respective employee.
  3. We point out that the transmission of data on the Internet (e.g. communication via email) may be subject to security gaps. Complete protection of data against access by third parties is not possible.
  4. You can revoke the use of your personal data at any time free of charge with effect for the future.

WordPress Stats

  1. This website uses the WordPress tool Stats on the basis of your consent in accordance with Art. 6 Para. 1 lit. a GDPR in order to statistically evaluate visitor access. The provider is Automattic Inc, 60 29th Street #343, San Francisco, CA 94110-4929, USA.
  2. WordPress Stats uses cookies that are stored on your computer and allow an analysis of the use of the website. The information generated by the cookies about the use of our website is stored on servers in the USA. Your IP address is anonymised after processing and before storage.
  3. “WordPress Stats” cookies remain on your terminal device until you delete them.

Vimeo

  1. We use the provider Vimeo for the integration of videos. Vimeo is operated by Vimeo, LLC (headquarters: 555 West 18th Street, New York, New York 10011; USA).
  2. We use plugins from the provider Vimeo on some of our websites. When you play a Vimeo video, e.g. by clicking on the start button of a video (consent in accordance with Article 6 (1) a GDPR), a connection is established to the Vimeo servers. If you are logged in as a Vimeo member, Vimeo assigns this information to your personal user account. You can prevent this assignment by logging out of your Vimeo user account before using our website and deleting the corresponding cookies from Vimeo.
  3. Further information on data processing and information on data protection by Vimeo can be found at https://vimeo.com/privacy.

Live Chat Sendinblue

  1. On our website we use the chat – plugin from Sendinblue. The provider is sendinblue.com. (7 Rue de Madrid, 75008 Paris, France). You can use Sendinblue to start direct communication with our employees.
  2. Sendinblue records data (browser information, visited page content and conversation) anonymously with visit of the website, and when information is exchanged between the visitor and our employee. Information about your usage and related live chat data is stored on servers in the European Union. For the purpose of responding to your inquiry, data that you voluntarily provide to us by using Sendinblue, such as your name, email address and the content of the message, will be processed.
  3. Sendinblue uses cookies to enable a personal conversation in the form of a real-time chat on the website with you. These are “session” cookies that are deleted after you visit the website.
  4. Legal basis for the processing of the data is your consent pursuant to Art. 6 para. 1 lit. a DSGVO by using the chat. As well as our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f DSGVO. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO.
  5. The storage of the chat history (including personal user data) on the servers of Sendinblue is limited to three months.
  6. you can prevent the collection of your data by Sendinblue by not using the chat function of this website. In addition, you can install an add-in in your browser that blocks this plug-in.
  7. Sendinblue also provides us with some statistical features, such as movement profiles on our website. However, this information does not allow us to draw conclusions about you personally.
  8. further information on data protection at Sendinblue: https://www.sendinblue.com/rgpd

Smartlook

  1. We use the Smartlook analysis software from Smartsupp.com s.r.o., Milady Horakove 13, 602 00 Brno, Czech Republic, as part of our legitimate interest in a technically flawless online experience and its economically efficient structure and optimisation in accordance with Art. 6 Para. 1 lit.f DSGVO.
  2. This tool records movements on the observed websites in so-called heat maps. This allows us to see anonymously where visitors click and how far they scroll. This enables us to design our website in a better and more customer-friendly way. The protection of your personal data is very important to us when using this tool. All data is collected without us being able to assign it to specific users. We can only track how the mouse was moved, where it was clicked and how far it was scrolled. Furthermore, the screen size of the device, the type of device, information on the browser, the country from which access was made and the preferred language are recorded. If personal data of you or third parties are displayed on a website, these are automatically hidden by smartlook. They are therefore not traceable for us.
  3. You can prevent the use of the Smartlook tool by using a “Do Not Track header”. Then no data will be collected about your visit to our website. To do so, you must set your browser accordingly.
  4. You can also deactivate the Smartlook tool alone using the opt-out switch under : https://www.smartlook.com/opt-out/
  5. You can find Smartlook’s privacy policy here: https://help.smartlook.com/en/articles/3244452-privacy
  6. Each recording will be saved for a period of 10 days. After that, it will be deleted.
  7. Your personal data may be collected by us or third parties such as Smartsupp.com, s.r.o., VAT ID CZ03668681.

Cookie Policy

General

We use cookies to continuously improve our online offer for you. Below you will learn more about the cookies we use and how you can change your settings.

Additional information

Further information on cookies can be found at the following addresses http://www.allaboutcookies.org and http://www.youronlinechoices.com

Types of cookies

We divide cookies into the following four categories depending on their function and purpose:

(1) Mandatory required cookies

(2) Performance Cookies

(3) Functional cookies and

(4) Marketing Cookies

Cookie settings

When opening our site for the first time, you can decide whether to accept or reject the use of cookies by simply clicking on the corresponding button. With the exception of the cookies that are mandatory for technical reasons for the smooth use of our site, the cookies are disabled. By clicking “Accept”, you consent to the use of ALL cookies.

List of cookies used

  • Mandatory required cookies
NameSupplierPurposeDuration
mc_session_ids[default]Mandatory required cookies Math Captcha by dFactoryCaptcha Plugin for the protection of contact formsAfter the end of the session
mc_session_ids[multi][0]Mandatory required cookies Math Captcha by dFactoryCaptcha Plugin for the protection of contact formsAfter the end of the session
mc_session_ids[multi][1]Mandatory required cookies Math Captcha by dFactoryCaptcha Plugin for the protection of contact formsAfter the end of the session
mc_session_ids[multi][2]Mandatory required cookies Math Captcha by dFactoryCaptcha Plugin for the protection of contact formsAfter the end of the session
mc_session_ids[multi][3]Mandatory required cookies Math Captcha by dFactoryCaptcha Plugin for the protection of contact formsAfter the end of the session
mc_session_ids[multi][4]Mandatory required cookies Math Captcha by dFactoryCaptcha Plugin for the protection of contact formsAfter the end of the session
viewed_cookie_policyStrictly necessary cookiesGDPR Cookie Consent Plugin1 year
  • Performance cookies
NameSupplierPurposeDuration
cmplz_banner-statusComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_functionalComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_marketingComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_policy_idComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_policy_preferencesComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_rt_banner-statusComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_rt_functoinalComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_rt_marketingComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_rt_policy_idComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_preferences/strong>Complianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_statisticsComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_rt_statisticsComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
_gidPerformance Cookie by Google AnalyticsRegister a unique ID that is used to generate statistical information about how the visitor uses the site.1 day
_gaPerformance Cookie by Google AnalyticsRegister a unique ID that is used to generate statistical information about how the visitor uses the site.2 years
_gatPerformance Cookie by Google AnalyticsUsed to throttle the polling rate.10 minutes
_ga_F920ZGC5H0Google AnalyticsAnalytics400 days
NIDGoogleUsed to display Google ads in Google services for logged out users.6 months
vuidVimeoUsed to optimise the video player.2 years
SibConversations.clientIdSendinblueUnknownUnknown
SibConversations.lastPageViewAtSendinblueUnknownUnknown
SibConversations.referrerSendinblueUnknownUnknown
ssupp_CHAT_KEYSmartsuppStores draft messages6 months
SL_C_23361dd035530_KEYSmartlookTo analyse a visitor's behaviour on the website2 years
SL_C_23361dd035530_SIDSmartlookTo analyse a visitor's behaviour on the website2 years
SL_C_23361dd035530_VIDSmartlookTo analyse a visitor's behaviour on the website2 years
elementorElementorHosting
Local storage		indefinitely
ClientIdoffice365.comUnknown365 days
OIDCoffice365.comUnknown182 days
OutlookSessionoffice365.comUnknown0 days

Possibilities of Objection

You can object to the use of cookies, which are used for measuring the range of coverage and advertising purposes, via
  1. Deactivation page of the Network Advertising Initiative: http://optout.networkadvertising.org/
  2. The US-American website: http://www.aboutads.info/choices
  3. The European website http://www.youronlinechoices.com/uk/your-ad-choices/

Changes to the Data Protection Policy

  1. We reserve the right to change this data protection policy in relation to data processing, in order to adapt it to changed legal situations, to changes in the online service or to data processing.
  2. If user consents are required or components of the data protection policy contain provisions of the contractual relationship with the users, the changes will only be made with the users’ consent.
  3. Users are requested to inform themselves regularly about the content of this privacy policy

Version: February 2023