3. Data collection on our website
Which cookies do we use?
We use so-called cookies for our website. Cookies are small text files that are sent from the web server to your browser when you visit our website and are stored by the browser on your end device for later retrieval.
We use the following cookies on our websites:
name, purpose and storage period
You can determine yourself whether cookies can be set and retrieved by means of the settings in your browser. You can, for example, completely deactivate the storage of cookies in your browser, restrict it to certain websites or configure your browser so that it automatically notifies you as soon as a cookie is to be set and asks you to confirm this. You can block or delete individual cookies. However, for technical reasons, this may result in some functions of your website being impaired and no longer functioning fully.
b) Server log data
Our website collects a series of general data and information with each call by a data subject or an automated system. This general data and information is stored in the server log files. The following data may be collected
- browser types and versions used,
- the operating system used by the accessing system,
- the website from which an accessing system arrives at our website (so-called referrer),
- the subpages that are accessed via an accessing system on our website,
- the date and time of access to the website
- the Internet protocol address (IP address),
- the Internet service provider of the accessing system and
- other similar data and information that serve to avert danger in the event of attacks on our information technology systems.
When using these general data and information, we do not draw any conclusions about the data subject. This information is much more needed to
- to deliver the contents of our website correctly,
- optimize the content of our website and the advertising for it,
- to ensure the long-term functionality of our information technology systems and the technology of our website, and
- to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack.
This anonymously collected data and information is therefore evaluated by us on the one hand statistically and on the other hand with the aim of increasing data protection and data security in our company. Our aim is to ensure an optimal level of protection for the personal data we process.
The data processing is therefore based on a legitimate interest pursuant to Art. 6 (1) lit. f DS-GVO. The anonymous data of the server log files are stored separately from any personal data provided by a data subject, e.g. information in a form. The duration of storage is determined by whether storage is still necessary for one of the aforementioned purposes. If this is not the case and there is no other legal basis for storage, the log files and the information contained therein are deleted after 3 days.
c) Contact option via the website
Based on statutory provisions, our website contains data that enable a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts us by e-mail, the personal data transmitted by the data subject will be stored automatically. Such personal data transmitted to us on a voluntary basis by a data subject will be stored for the purpose of processing or contacting the data subject. This personal data is not passed on to third parties. We delete the data accruing in this context after storage is no longer necessary, or processing is restricted if there are legal retention obligations.
The legal basis for the processing is Art. 6 (1) lit. b DSGVO if a contractual relationship exists between us and the data subject or is to be established at the request of the data subject, e.g. cooperation requests. In all other cases, the legal basis is Art. 6 (1) lit. f DSGVO. Our legitimate interest is to comply with the legal requirements to provide an electronic means of contact, which necessarily involves the following data processing.
We store the data collected by us via e-mail and the communication to answer your inquiry only as long as this is necessary for the purpose underlying the processing. The concrete storage period can vary greatly here. If no contractual relationship is established in response to your inquiry, your data will be deleted after one year at the latest, unless there is another legal basis for further processing.
If there is a contractual relationship between you and us or if this comes about as a result of your request, the data will be deleted at the latest 10 years after the end of the contractual relationship, provided that there is no other legal basis for storage.
If the data processing is based on a legitimate interest, the data will be deleted if you exercise your right to object pursuant to Art. 21 (1) DSGVO and there are no longer compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
For security reasons, we strongly recommend that you only transmit e-mails in encrypted form. There are considerable risks associated with the transmission of unencrypted messages. Therefore, please do not send us any sensitive data by unencrypted e-mail.
d) SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
e) Newsletter subscription
On our website, we offer users the possibility to subscribe to our enterprise’s newsletter. The personal data transmitted to the controller when the newsletter is ordered is specified in the input mask used for this purpose.
We inform the subscribers via this newsletter at regular intervals about new products, company events, trade fair participations, sales promotions, service times or other professional topics related to our products. In principle, the newsletter of our company can only be received by the data subject if.
- (1) the data subject has a valid e-mail address and
- (2) the data subject registers to receive the newsletter.
For legal reasons, a confirmation email is sent to the email address entered by a data subject for the first time for the newsletter dispatch using the double opt-in procedure. This confirmation e-mail serves to verify whether the owner of the e-mail address as the data subject has authorized the receipt of the newsletter.
When registering for the newsletter, we also store the IP address of the computer system used by the data subject at the time of registration, as assigned by the Internet service provider (ISP), as well as the date and time of registration. The collection of this data is necessary in order to be able to trace the (possible) misuse of a data subject’s e-mail address at a later point in time and therefore serves as a legal safeguard for the controller.
The personal data collected in the context of a registration for the newsletter are used exclusively for sending our newsletter. Furthermore, subscribers to the newsletter could be informed by e-mail if this is necessary for the operation of the newsletter service or a related registration, as could be the case in the event of changes to the newsletter offer or changes in the technical circumstances. For the dispatch of the newsletter, we use a service provider, the company The Rocket Science Group LLC d/b/a Mailchimp, with whom we have concluded an order processing agreement. The service provider is based in the USA and therefore a third country under data protection law. There is a transfer of personal data to the provider based in the USA. An adequate level of data protection in accordance with the General Data Protection Regulation is not ensured there. The basis for the transfer to a third country is your consent pursuant to Art. 49 (1) sentence 1 lit. a DSGVO.
Otherwise, no personal data collected as part of the newsletter service will be passed on to third parties. The subscription to our newsletter can be cancelled by the data subject at any time. The consent to the storage of personal data that the data subject has given us for the newsletter dispatch can be revoked at any time. For the purpose of revoking consent, a corresponding link can be found in each newsletter. Furthermore, it is also possible to unsubscribe from the newsletter mailing at any time by sending an e-mail to email@example.com or to inform the controller of this in another way.
f) Newsletter tracking
Our newsletters receive so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in such emails that are sent in HTML format to enable log file recording and log file analysis.
This enables a statistical evaluation of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, we can see if and when an e-mail was opened by you and which links located in the e-mail were called by you. Such personal data collected via the tracking pixel contained in the newsletters is stored and evaluated by us in order to optimize the newsletter dispatch and to better adapt the content of future newsletters to your interests. The data processed by the tracking pixel will be stored for a period of 365 days.
The legal basis for the data processing is Art. 6 para. 1 lit. a DSGVO in conjunction with the consent you have given.
This personal data will not be passed on to third parties. You are entitled at any time to revoke the separate declaration of consent given in this regard via the double opt-in procedure. After revocation, this personal data will be deleted by us. We automatically interpret an unsubscription from the receipt of the newsletter as a revocation.
g) Use of the WordPress plugin WP Statistics
We use the WordPress plugin “WP Statistics” (https://wp-statistics.com) of the provider “Verona Labs” 5460 West Main Street, Verona, NY 13478, USA, (https://veronalabs.com) in our website. The plugin is used by us to analyze user behavior on our website. The processing is based on a legitimate interest within the meaning of Art. 6 para. 1 lit. f. DS-GVO as the legal basis. Our legitimate interest is to be able to provide the user with content that is as tailored as possible and interesting to the user through the analysis of user behavior, and thus to be able to optimize our Internet offering.
Your IP address is completely replaced by a hash value to protect your online identity, so subsequent identification is no longer possible. Neither is a cookie used to track your Internet activities, nor is geolocation performed. All data is also stored and processed exclusively on our local web server within Germany.
h) Use of Google Fonts
This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. A connection to Google servers does not take place.
i) Social networks and external links
In addition to this website, we also maintain presences in various social media, which you can access via corresponding buttons on our website. Insofar as you visit such a presence, personal data may be transmitted to the provider of the social network. It is possible that, in addition to the storage of the data specifically entered by you in this social medium, further information will also be processed by the provider of the social network. Furthermore, the provider of the social network may process the most important data of the computer system from which you visit it – for example, your IP address, the processor type and browser version used, including plug-ins. If you are logged in with your personal user account of the respective network while visiting such a website, this network can assign the visit to this account.
The purpose and scope of the data collection by the respective medium as well as the further processing of your data there as well as your rights in this regard can be found in the respective provisions of the respective responsible party, e.g. under:
We would also like to point out that our website contains further links to external third-party websites, whereby we have no influence on the processing of data on these third-party websites.
j) Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
Google Analytics cookies are stored on the basis of Art. 6 (1) lit. a DSGVO, i.e. the consent given by you when calling up the website via our Consent banner. The declaration of consent also explicitly refers to the transfer of personal data to the provider based in the USA. An adequate level of data protection in accordance with the General Data Protection Regulation is not ensured there.
We have activated the IP anonymization function on this website. This means that your IP address will be shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.
[google_analytics_optout]Click here to disable Google Analytics[/google_analytics_optout].
Objection to data collection
You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie will be set that will prevent the collection of your data during future visits to this website: Google Analytics opt-out.
Order data processing
We have concluded an order data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Demographic characteristics with Google Analytics
This website uses the “demographic characteristics” function of Google Analytics. This allows reports to be generated that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google as well as visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown in the item “Objection to data collection”.
k) Embedded videos and images from external websites
Some of our pages contain embedded content from YouTube. When merely calling up a page from our website with embedded videos from our YouTube channel, the IP address is transmitted to the provider. In the case of YouTube, the IP address is transmitted to Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (“Google”). The data transfer only takes place if you have given your consent in the cookie banner.
The legal basis for the data processing is Art. 6 para. 1 lit. a DSGVO in conjunction with the consent you have given. Your consent also refers to the transfer of personal data to a third country (USA) in accordance with the notice in the cookie banner (Art. 49 para. 1 lit. a DSGVO). It is pointed out once again that, according to the current status, there are no suitable data protection guarantees and no adequate level of data protection there. In particular, there is a possibility of access to the personal data by US authorities.