Data Protection Policy & Cookie Guidelines

Table of Contents

General Information

Objectives and Responsibility

  1. This privacy policy informs you about the type, scope and purpose of the processing of personal data in relation to our online offer and the associated websites, functions and content (hereinafter jointly referred to as “online offer” or “website”); see section 2.
  2. Details on data processing for the purpose of carrying out our business processes are described in section 3.
  3. The provider of the online offer and responsible under data protection law is Fairmas GmbH (EUREF-Campus 13, 10829 Berlin, Germany) – hereinafter referred to as “provider”, “we” or “us”.
  4. Our online offer is provided by STRATO AG, Otto-Ostrowski-Straße 7, 10249 Berlin . The server location is Germany.
  5. Our data protection officer can be contacted via the e-mail address datenschutz@fairmas.com (data protection officer: IT.DS Beratung).
  6. The term “user” includes all customers and visitors to the online offer.

Legal Bases

In principle, we collect and process personal data based on the following legal bases:

 

  1. Consent pursuant to Article 6(1)(a) of the General Data Protection Regulation (GDPR). Consent is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
  2. Necessity to fulfill the contract or to carry out preparatory measures in accordance with Article 6 paragraph 1 lit. b GDPR, i.e. the data is necessary so that we can fulfill our contractual obligations towards you or we need the data to prepare the conclusion of a contract with you.
  3. Processing for compliance with a legal obligation pursuant to Article 6(1)(c) GDPR, i.e. processing of data is required by law or other regulations.
  4. Processing for the purposes of legitimate interests in accordance with Article 6(1)(f) GDPR, i.e. processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data.

 

The specific legal bases for the individual processing operations are listed in the following sections.

Data Subject Rights

You are entitled to the following rights with regard to data processing by us:

  1. Right of access pursuant to Article 15 GDPR
  2. Right to rectification pursuant to Article 16 GDPR
  3. Right to erasure (“right to be forgotten”) pursuant to Article 17 GDPR
  4. Right to restriction of processing pursuant to Article 18 GDPR
  5. Right to data portability pursuant to Article 20 GDPR
  6. Right to object pursuant to Article 21 GDPR

Note: Users can object to the processing of their personal data in accordance with the legal requirements at any time with effect for the future. The objection can be made in particular against processing for direct marketing purposes.

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

Data Erasure and Storage Duration

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.

Safety of processing

  1. We have implemented appropriate and state-of-the-art technical and organizational security measures (TOMs). This protects the data processed by us against accidental or intentional manipulation, loss, destruction and unauthorized access.
  2. The security measures include in particular the encrypted transmission of data between your browser and our server.

Data Transfers to Third Parties, Subcontractors and Third Party Providers

  1. Personal data is only transferred to third parties within the framework of the legal requirements. We only pass on user data to third parties if this is necessary, e.g. for billing purposes or for other purposes if the transfer is necessary to fulfill contractual obligations to the users.
  2. If we use subcontractors for our online offering, we have taken suitable contractual precautions and appropriate technical and organizational measures with these companies.
  3. If we use content, tools or other means from other companies (hereinafter jointly referred to as “third-party providers“) and their registered office is located in a third country, it can be assumed that data will be transferred to the countries in which the third-party providers are based. We will only transfer personal data to third countries if there is an adequate level of data protection, user consent or other legal permission.

Specific data processing in the context of our online offering

Collection of information on the use of the online offer

  1. When using the online offer, information is automatically transmitted to us by the user’s browser; this includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.
  2. This information is processed on the basis of legitimate interests in accordance with Article 6(1)(f) GDPR (e.g. optimization of the online offer) and to ensure the security of processing in accordance with Article 5(1)(f) GDPR (e.g. to defend against and investigate cyber attacks).
  3. The information is automatically 4 weeks after the end of the connection – i.e. use of the online offer – provided that there are no other retention periods to the contrary.
  4. The collection of the data and the storage of the data in log files is absolutely necessary for the provision of the online offer. The user therefore has no right to erasure, objection or rectification.

Contact Form and Contact via Email

  1. When contacting us (via online form or e-mail), the data provided by the user will be processed exclusively for the purpose of processing the request and handling it.
  2. The data will only be used for other purposes with the user’s consent.
  3. User data is stored in our customer relationship management system ( “CRM System “) or a comparable software/database. The statutory retention periods for business letters apply.

Complianz GDPR/CCPA Cookie Consent

  1. Our website uses the cookie consent technology of “Complianz GDPR/CCPA Cookie Consent” to obtain your consent to the storage of certain cookies in your browser and to document this in compliance with data protection regulations. The provider of this technology is Complianz B.V., Atoomweg 6b, 9743 AK Groningen, Netherlands (hereinafter referred to as Complianz).
  2. When you enter our website, a compliance cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored.
  3. The data collected will be stored until you ask us to delete it or delete the Complianz cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected. Details on data processing by Complianz can be found at https://complianz.io/privacy-statement.

Information about Google services

  1. We use various services of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland on our website. You can find more detailed information on the individual concrete services of Google that we use on this website in the further data protection declaration. 
  2. By integrating Google services, Google may collect and process information (including personal data). It cannot be ruled out that Google also transmits the information to a server in a third country. The transmission to the USA depends on the function in which personal data is transmitted. As the responsible party, we ourselves may transfer data to Google in the USA for further use. Currently, there is no adequacy decision according to Art. 45 DSGVO. However, the transfer can be based on standard contractual clauses. Google has committed to comply with the Standard Contractual Clauses (SCC) for the transfer of personal data to third countries. 

    More information on the Standard Contractual Clauses is available at 

    https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractuals-clauses-scc_de and at https://policies.google.com/privacy/frameworks?hl=de 

  3. We ourselves cannot influence which data Google actually collects and processes. However, Google states that, in principle, the following information (including personal data) may be processed, among others: 

    – Log data (in particular the IP address) 

    – Location-related information 

    – Unique application numbers 

    – Cookies and similar technologies 

    Information on the types of cookies used by Google can be found at https://policies.google.com/technologies/types. 

  4. if you are logged into your Google account, Google may add the processed information to your account and treat it as personal data, depending on your account settings.
  5. Google states the following about this, among other things: 

    “If you are not signed in to a Google Account, we store the data we collect with unique identifiers associated with the browser, app or device you are using. This allows us to ensure, for example, that your language settings are retained across all browsing sessions. If you are signed into a Google Account, we also collect data that we store in your Google Account and consider to be personal data.” (https://privacy.google.com/take-control.html) 

  6. You can prevent this data from being added directly by logging out of your Google account or also by making the appropriate account settings in your Google account. Furthermore, you can change your cookie settings (e.g. delete cookies, block cookies, etc.).
  7. You can find more detailed information in Google’s privacy policy, which you can access here: https://www.google.com/policies/privacy/.
  8. you can find information on Google’s privacy settings at https://privacy.google.com/take-control.html.

Google Analytics

  1. We use Google Analytics, a web analytics service provided by Google Ireland Limited (Gordon House Barclays Dublin Ireland – hereinafter “Google”), on the basis of your consent for the analysis, optimization and economic operation of our online offer pursuant to Art. 6 para. 1 lit. a. DSGVO Google Analytics, a web analytics service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) – hereinafter “Google”). Google uses cookies and other technologies. The information generated by the service about the use of the online offer by the users is transmitted to a Google server in the USA and processed there. For more information regarding the privacy policy and terms of use of Google Analytics, please visit marketingplatform.google.com/about/analytics/ and www.google.de/intl/de/policies/.
  2. Google will act for us within the scope of a commissioned processing pursuant to Article 28 DSGVO. We have concluded a data protection agreement with Google, which contains the EU standard data protection clauses.
  3. In addition, we have concluded a shared responsibility agreement pursuant to Article 26 GDPR with Google for the use of Google’s measurement services (cf. https://support.google.com/analytics/answer/9012600). Within this framework, we have agreed with Google to be responsible for the fulfillment of information obligations and for ensuring data subject rights in accordance with Chapter 3 of the GDPR, as well as for the security of processing and reporting/notification obligations. (Articles 32 to 34 of the GDPR). Google will use the information to evaluate the use of our online offer by the users, to compile reports on the activities within this online offer and to provide us with further services related to the use of this online offer and internet use. In doing so, pseudonymous usage profiles of the users can be created from the processed data.
  4. We use Google Analytics with IP anonymization enabled.
  5. Google Analytics uses so-called “cookies“, which are text files placed on your computer, to help the website analyze how you use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, Google will shorten your IP address within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website and Internet use. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at http://tools.google.com/dlpage/gaoptout?hl=en.
  6. For more information about Google’s use of your data, your choices and your ability to opt-out, please visit Google’s websites at https://policies.google.com/technologies/partner-sites?hl=en (“How Google uses data when you use our partners’ websites or apps”), https://policies.google.com/-technologies/ads(“How Google uses data for advertising purposes”) and https://adssettings.google.com/authenticated (“How Google manages the information it uses to serve ads to you”).

Google Tag Manager

  1. We use the Google Tag Manager on our website. The Google Tag Manager is a service of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. 
  2. Through the Google Tag Manager, we can integrate various codes and services in an orderly and simplified manner on our website. The Google Tag Manager enables us to integrate various codes and services on our website in an orderly and simplified manner. The Google Tag Manager implements the tags or “triggers” the embedded tags. When a tag is triggered, Google may process information (including personal data) and process it. It cannot be ruled out that Google also transmits the information to a server in a third country.
  3. You can find information on the standard contractual clauses and the transmission to the USA by us to Google and other relevant data on data processing by Google in the context of the use of Google services in this data protection declaration under section 2.4 “Information on Google services”.
  4. In particular, the following personal data are processed by the Google Tag Manager: – Online identifiers (including cookie identifiers).  – IP address 
  5. In addition, you can find further detailed information on the Google Tag Manager on the websites https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/ as well as https://policies.google.com/privacy/(section “Data we receive based on your use of our services”). 
  6. Furthermore, we have concluded an order processing contract with Google for the use of the Google Tag Manager (Art. 28 DSGVO). Google processes the data on our behalf in order to trigger the stored tags and to display the services on our website. Google may transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. 
  7. If you have deactivated individual tracking services (e.g. by setting an opt-out cookie), the deactivation remains in place for all tracking tags concerned that are integrated by Google Tag Manager. 
  8. By integrating the Google Tag Manager, we pursue the purpose of being able to carry out a simplified and clear integration of various services. Furthermore, the integration of the Google Tag Manager optimises the loading times of the various services. 
  9. The legal basis for the processing of personal data described here in the context of the measurement process is your express consent in accordance with Art. 6 Para. 1 lit. a DSGVO.
  10. The legal basis for processing those data that are processed in the context of obtaining consent is our legitimate interest pursuant to Art. 6 (1) lit. f DSGVO. We have a legitimate interest in being able to prove that you have given your consent to the measurement procedure (Art. 7 (1) DSGVO).

DoubleClick

  1. DoubleClick by Google is a service of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).
  2. Doubleclick by Google uses cookies to show you advertisements that are relevant to you. Your browser is assigned a pseudonymous identification number (ID) to check which ads have been displayed in your browser and which ads have been called. The cookies do not contain any personal information. Using the DoubleClick cookies allows Google and its affiliate websites to serve ads based on previous visits to our or other websites on the Internet. The information generated by the cookies is transmitted by Google to a server in the USA for analysis and stored there. Under no circumstances will Google match your data with other data collected by Google.
  3. By using our website, you consent to the processing of data about you by Google and the manner of data processing described above as well as the named purpose.
  4. You may refuse the use of cookies by selecting the appropriate settings on your browser. You can also prevent Google from collecting the data generated by the cookies and relating to your use of the website and from processing this data by Google by downloading and installing the browser plug-in available under the following link under “Extension for DoubleClick deactivation”.

  5. For more information about DoubleClick by Google and privacy, please visit: https://policies.google.com/technologies/ads?hl=en
  6. If you have deactivated individual tracking services (e.g. by setting an opt-out cookie), the deactivation remains in place for all tracking tags concerned that are integrated by Google Tag Manager. 
  7. By integrating the Google Tag Manager, we pursue the purpose of being able to carry out a simplified and clear integration of various services. Furthermore, the integration of the Google Tag Manager

Outgoing Links to Social Networks

  1. Our websites contain outgoing links to social networks.
  2. By actively clicking on such a link and at the same time logging into the corresponding social network, it cannot be ruled out that the operator of the social network will access data of the user.
  3. Currently, outbound links to the websites of the following networks are displayed: Facebook, Twitter, Xing, LinkedIn, Google Plus and SlideShare.

Job Offers

  1. In the Job Offers/Careers section, you will find our current job advertisements.
  2. Contacting us is established via the mail-to function of your device. An email will be sent from your local email client to our respective employee.
  3. We point out that the transmission of data on the Internet (e.g. communication via email) may be subject to security gaps. Complete protection of data against access by third parties is not possible.
  4. You can revoke the use of your personal data at any time free of charge with effect for the future.

WordPress Stats

  1. This website uses the WordPress tool Stats on the basis of your consent in accordance with Art. 6 Para. 1 lit. a GDPR in order to statistically evaluate visitor access. The provider is Automattic Inc, 60 29th Street #343, San Francisco, CA 94110-4929, USA.
  2. WordPress Stats uses cookies that are stored on your computer and allow an analysis of the use of the website. The information generated by the cookies about the use of our website is stored on servers in the USA. Your IP address is anonymised after processing and before storage.
  3. “WordPress Stats” cookies remain on your terminal device until you delete them.

Vimeo

  1. We use the provider Vimeo for the integration of videos. Vimeo is operated by Vimeo.com Inc (headquarters: 555 West 18th Street, New York, New York 10011; USA).
  2. We use plugins from the provider Vimeo on some of our websites. When you play a Vimeo video, e.g. by clicking on the start button of a video (consent in accordance with Article 6 (1) a GDPR), a connection is established to the Vimeo servers. If you are logged in as a Vimeo member, Vimeo assigns this information to your personal user account. You can prevent this assignment by logging out of your Vimeo user account before using our website and deleting the corresponding cookies from Vimeo.
  3. Vimeo acts as an independent controller; i.e. Vimeo is neither a processor according to Art. 28 GDPR nor a joint controller according to Art. 26 GDPR. A data transfer to Vimeo only takes place on the basis of your consent in connection with the EU standard contractual clauses (Controller To Controller).
  4. Further information on data processing and information on data protection by Vimeo can be found at https://vimeo.com/privacy.
  5. You can find Vimeo’s cookie policy here: https://vimeo.com/cookie_policy

Live Chat Sendinblue/ Brevo

  1. On our website we use the chat – plugin from Brevo. The provider is brevo.com. (7 Rue de Madrid, 75008 Paris, France). You can use Brevo to start direct communication with our employees.
  2. Brevo records data (browser information, visited page content and conversation) anonymously with visit of the website, and when information is exchanged between the visitor and our employee. Information about your usage and related live chat data is stored on servers in the European Union. For the purpose of responding to your inquiry, data that you voluntarily provide to us by using Brevo, such as your name, email address and the content of the message, will be processed.
  3. Brevo uses cookies to enable a personal conversation in the form of a real-time chat on the website with you. These are “session” cookies that are deleted after you visit the website.
  4. Legal basis for the processing of the data is your consent pursuant to Art. 6 para. 1 lit. a DSGVO by using the chat. As well as our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f DSGVO. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO.
  5. The storage of the chat history (including personal user data) on the servers of Brevo is limited to three months.
  6. you can prevent the collection of your data by Brevo by not using the chat function of this website. In addition, you can install an add-in in your browser that blocks this plug-in.
  7. Brevo also provides us with some statistical features, such as movement profiles on our website. However, this information does not allow us to draw conclusions about you personally.
  8. further information on data protection at Brevo: https://www.sendinblue.com/rgpd
  9. The service sends requests to the following domains:
  • cloudfront.net (Amazon Cloudfront)
  • sendinblue.com
  • brevo.com

Smartlook

  1. We use the Smartlook analysis software from Smartsupp.com s.r.o., Milady Horakove 13, 602 00 Brno, Czech Republic, as part of our legitimate interest in a technically flawless online experience and its economically efficient structure and optimisation in accordance with Art. 6 Para. 1 lit.f DSGVO.
  2. This tool records movements on the observed websites in so-called heat maps. This allows us to see anonymously where visitors click and how far they scroll. This enables us to design our website in a better and more customer-friendly way. The protection of your personal data is very important to us when using this tool. All data is collected without us being able to assign it to specific users. We can only track how the mouse was moved, where it was clicked and how far it was scrolled. Furthermore, the screen size of the device, the type of device, information on the browser, the country from which access was made and the preferred language are recorded. If personal data of you or third parties are displayed on a website, these are automatically hidden by smartlook. They are therefore not traceable for us.
  3. You can prevent the use of the Smartlook tool by using a “Do Not Track header”. Then no data will be collected about your visit to our website. To do so, you must set your browser accordingly.
  4. You can also deactivate the Smartlook tool alone using the opt-out switch under : https://www.smartlook.com/opt-out/
  5. You can find Smartlook’s privacy policy here: https://help.smartlook.com/en/articles/3244452-privacy
  6. Each recording will be saved for a period of 10 days. After that, it will be deleted.
  7. Your personal data may be collected by us or third parties such as Smartsupp.com, s.r.o., VAT ID CZ03668681.

WordPress Static Files

  1. This website uses WordPress Static Files to quickly display graphical elements (e.g. flags). These elements are retrieved from the domain w.org. The provider is Automattic Inc, 60 29th Street #343, San Francisco, CA 94110-4929, USA. 
  2. The legal basis is the balancing of interests according to Art. 6 para. 1 lit. f DSGVO. 

Plausible Analytics

  1. We use the web analytics service “Plausible Analytics” to continuously optimise our offer, both technically and in terms of content. Plausible is a trademark of Plausible Insights OÜ, Västriku tn 2, 50403, Tartu, Estonia, Registration number 14709274, hereinafter referred to as “Plausible”.
  2.  Plausible takes a particularly privacy-friendly approach to analysing your visit. For this purpose, Plausible collects the following information, among others: Date and time of your visit, title and URL of the pages visited, incoming links, the country you are in and the user agent of your browser software. Plausible does not use or store “cookies” on your terminal device. All personal data (e.g. your IP address) is stored completely anonymously in the form of a so-called hash. A hash is an encryption of data that cannot be reversed, i.e. cannot be “decrypted”. In this way, we can analyse your visit without storing personal data in a form that would be readable by us, plausible or third parties.
  3. Further information on the technical implementation can be found here: https://plausible.io/privacy-focused-web-analytics.
  4. Further information on data protection at Plausible can be found at https://plausible.io/data-policy.
  5. The legal basis for the processing is the balancing of interests according to Art. 6 para. 1 lit. f DSGVO.

Content Delivery Network

Personal data provided to third parties:

  1. We use the content delivery network “Nitropack CDN”. The provider of this service is Nitropack LLC (801 Garden Street 3 А, Prof. Georgi Bradistilov Str.1700 Sofia, Bulgaria) – hereinafter Nitropack.
  2. A CDN is an online service that is used in particular to deliver large media files (such as graphics, page content or scripts) through a network of regionally distributed servers connected via the Internet. Its use leads to a more efficient provision and improvement of the stability and functionality of our website.
  3. In order to provide the service, it is necessary to process the following data in particular: IP addresses, device information and referrer URL. This data is only processed temporarily at Nitropack.
  4. The legal basis for the processing is the balancing of interests pursuant to Art. 6 (1) (f) GDPR. Our legitimate interest lies in optimizing the loading time of our website.
  5. By using the service, a connection to nitroscripts.com is established. Furthermore, cookies and similar technologies required for the provision of the service are used.
  6. Details on data protection at Nitropack can be found at https://nitropack.io/page/privacy.

Processing for the purpose of carrying out our business processes

Applications

For reasons of better readability, the simultaneous use of masculine and feminine and various forms of language is dispensed with – within the framework of the following explanations. All personal designations apply to all genders: m/f/d. 

Direct applications

We offer you the opportunity to apply to us (e.g. online, by e-mail or by post). In the following, we inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data will be carried out in accordance with applicable data protection law and all other legal provisions and that your data will be treated in strict confidence.

Scope and purpose of the data collection

If you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes in the context of job interviews, etc.) insofar as this is necessary to decide on the establishment of an employment relationship. The legal basis for this is § 26 BDSG (initiation of an employment relationship), Art. 6 para. 1 lit. b DSGVO (general contract initiation) and – if you have given your consent – Art. 6 para. 1 lit. a DSGVO. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application. if the application is successful, the data submitted by you will be stored in our data processing systems on the basis of § 26 BDSG and Art. 6 para. 1 lit. b DSGVO for the purpose of implementing the employment relationship.

Retention period of the data

If we are unable to make you a job offer, if you reject a job offer or withdraw your application, we reserve the right to retain the data you have provided on the basis of our legitimate interests (Art. 6 para. 1 lit. f DSGVO) for up to 6 months from the end of the application process (rejection or withdrawal of the application). The data will then be deleted and the physical application documents destroyed. This storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), the data will only be deleted when the purpose for continued retention no longer applies. Longer storage may also take place if you have given your consent (Art. 6 para. 1 lit. a DSGVO) or if legal storage obligations prevent deletion. 

Inclusion in the applicant pool

1. if we do not make you a job offer, it may be possible to include you in our applicant pool. If you are accepted, all documents and details from your application will be included in the applicant pool so that we can contact you in the event of suitable vacancies. 

2. The inclusion in the applicant pool is based exclusively on your express consent (Art. 6 para. 1 lit. a DSGVO). The provision of consent is voluntary and is not related to the current application process. The person concerned can revoke his/her consent at any time. In this case, the data from the applicant pool will be irrevocably deleted, provided there are no legal reasons for retention. 

3. The data from the applicant pool will be irrevocably deleted no later than two years after consent has been given. 

Online appointment booking

 

  1. Our website optionally uses the following external services for online appointments:
  • “Microsoft Bookings” – office365.com (part of Microsoft Office 365) of the provider Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521 (hereinafter: “Microsoft”). Information on data protection at Microsoft can be found at https://privacy.microsoft.com/de-de/privacystatement.
  • “Calendly” is an offer from Calendly, LLC, 3423 Piedmont Road NE, Atlanta, GA 30305-1754, United States. Information on data protection at Calendly can be found at https://calendly.com/privacy.
  1. The connection to the respective external service is only established when you call up the online booking function via a button on our website.
  2. We would like to point out that you are not obliged to use one of these external services to make an appointment. If you do not wish to use the service, please use another of the contact options offered to make an appointment.
  3. The legal basis for data transmission, storage and processing is your consent in accordance with Article 6(1)(a) GDPR.
  4. Please note that you leave our area of responsibility when using the service and that different data protection provisions apply to the respective external service. This includes in particular the use of cookies.

Cookie Policy

General

We use cookies to continuously improve our online offer for you. Below you will learn more about the cookies we use and how you can change your settings.

Additional information

Further information on cookies can be found at the following addresses http://www.allaboutcookies.org and http://www.youronlinechoices.com

Types of cookies

We divide cookies into the following four categories depending on their function and purpose:

(1) Mandatory required cookies

(2) Performance Cookies

(3) Functional cookies and

(4) Marketing Cookies

Cookie settings

When opening our site for the first time, you can decide whether to accept or reject the use of cookies by simply clicking on the corresponding button. With the exception of the cookies that are mandatory for technical reasons for the smooth use of our site, the cookies are disabled. By clicking “Accept”, you consent to the use of ALL cookies.

List of cookies used

  • Mandatory required cookies
NameSupplierPurposeDuration
mc_session_ids[default]Mandatory required cookies Math Captcha by dFactoryCaptcha Plugin for the protection of contact formsAfter the end of the session
mc_session_ids[multi][0]Mandatory required cookies Math Captcha by dFactoryCaptcha Plugin for the protection of contact formsAfter the end of the session
mc_session_ids[multi][1]Mandatory required cookies Math Captcha by dFactoryCaptcha Plugin for the protection of contact formsAfter the end of the session
mc_session_ids[multi][2]Mandatory required cookies Math Captcha by dFactoryCaptcha Plugin for the protection of contact formsAfter the end of the session
mc_session_ids[multi][3]Mandatory required cookies Math Captcha by dFactoryCaptcha Plugin for the protection of contact formsAfter the end of the session
mc_session_ids[multi][4]Mandatory required cookies Math Captcha by dFactoryCaptcha Plugin for the protection of contact formsAfter the end of the session
viewed_cookie_policyStrictly necessary cookiesGDPR Cookie Consent Plugin1 year
  • Performance cookies
NameSupplierPurposeDuration
cmplz_banner-statusComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_functionalComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_marketingComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_policy_idComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_policy_preferencesComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_rt_banner-statusComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_rt_functoinalComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_rt_marketingComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_rt_policy_idComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_preferences/strong>Complianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_statisticsComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
cmplz_rt_statisticsComplianz GDPR/CCPA Cookie ConsentConsent Management365 days
_gidPerformance Cookie by Google AnalyticsRegister a unique ID that is used to generate statistical information about how the visitor uses the site.1 day
_gaPerformance Cookie by Google AnalyticsRegister a unique ID that is used to generate statistical information about how the visitor uses the site.2 years
_gatPerformance Cookie by Google AnalyticsUsed to throttle the polling rate.10 minutes
_ga_F920ZGC5H0Google AnalyticsAnalytics400 days
NIDGoogleUsed to display Google ads in Google services for logged out users.6 months
vuidVimeoUsed to optimise the video player.2 years
SibConversations.clientIdSendinblueUnknownUnknown
SibConversations.lastPageViewAtSendinblueUnknownUnknown
SibConversations.referrerSendinblueUnknownUnknown
ssupp_CHAT_KEYSmartsuppStores draft messages6 months
SL_C_23361dd035530_KEYSmartlookTo analyse a visitor's behaviour on the website2 years
SL_C_23361dd035530_SIDSmartlookTo analyse a visitor's behaviour on the website2 years
SL_C_23361dd035530_VIDSmartlookTo analyse a visitor's behaviour on the website2 years
elementorElementorHosting
Local storage
indefinitely
ClientIdoffice365.comUnknown365 days
OIDCoffice365.comUnknown182 days
OutlookSessionoffice365.comUnknown0 days

Possibilities of Objection

You can object to the use of cookies, which are used for measuring the range of coverage and advertising purposes, via
  1. Deactivation page of the Network Advertising Initiative: http://optout.networkadvertising.org/
  2. The US-American website: http://www.aboutads.info/choices
  3. The European website http://www.youronlinechoices.com/uk/your-ad-choices/

Changes to the Data Protection Policy

  1. We reserve the right to change this data protection policy in relation to data processing, in order to adapt it to changed legal situations, to changes in the online service or to data processing.
  2. If user consents are required or components of the data protection policy contain provisions of the contractual relationship with the users, the changes will only be made with the users’ consent.
  3. Users are requested to inform themselves regularly about the content of this privacy policy

Version: May 2024