Compliance and Data Protection

Privacy Policy

Last update:  29. September 2025

Thank you for your interest in the information on our website!

With the help of this Privacy Policy we would like to inform the users of our website about the type, scope and purpose of the personal data processed. Personal data in this context is all information that can be used to personally identify you as a user of our website (theoretically in an alternative way or by linking various data), including your IP address. Information that is stored in cookies is generally not or only in exceptional cases personally identifiable; however, cookies are covered by specific regulations that makes the permissibility of the use of cookies dependent on their purpose to a large extent on the active consent of the user.

In a general section of this Privacy Policy, we provide you with information on data protection, which generally applies to our processing of data, including data collection on our website. In particular, you as a data subject will be informed about the rights to which you are entitled.

The terms used in our Privacy Policy and our data protection practice are based on the provisions of the EU General Data Protection Regulation ("GDPR") and other relevant national legal provisions.

Controller according to the GDPR

ENGEL AUSTRIA GmbH
Ludwig-Engel-Straße 1
4311 Schwertberg
Austria

e: dataprotection@engel.at
t:+43 (0) 50 620 0 

Data collection on our website

On the one hand, personal data is collected from you when you expressly communicate such data to us, on the other hand, data, especially technical data, is automatically collected when you visit our website. Some of this data is collected to ensure that our website functions without errors. Other data may be used for analysis purposes. However, you can use our website without a need to provide personal information.

Technologies on our website

Algolia

Provider: Algolia Inc, 301 Howard Street, Suite 300, San Francisco, CA 94105, USA.
Purpose: Search Engine Service
Category: Technically Required
Recipient: USA
Data processed: IP Address, Website Visit Details, Search Query Data
Data subjects: Users
Technology: JavaScript call
Legal basis: Consent
Website: https://www.algolia.com/
Further information:
https://www.algolia.com/policies/privacy/

ATTENTION! Within the scope of this service, data transfer to the U.S. takes place or cannot be excluded. We would like to point out that as of July 10, 2023, the European Commission has issued an adequacy decision on the EU-US data privacy framework (Data Privacy Framework). Accordingly, organizations or companies (as data importers) in the U.S. that are registered in a public list under the self-certification option of the Data Privacy Framework provide an adequate level of protection for data transfers. Whether the specific provider of this service is already certified can be found here: https://www.dataprivacyframework.gov/s/participant-search  

On our website, we use the Algolia service to search for page content. It is a tool for real-time search, whereby the user of the website receives direct feedback on his input. This service therefore has access to the search queries entered by you in the web browser. In order to use the Algolia Search function, it is necessary to store your IP address and your search query. This information is usually transferred to a server of Algolia in Europe or in the USA and stored there. The use of the Algolia search is in the interest of a good accessibility and easy findability of our online offer. The use is voluntary by entering a search query.

Cookies and Local Storage

We use cookies to make our website as user-friendly and functional as possible for you. Some of these cookies are stored on the device you use to access the site. 

Cookies are small packages of data that are exchanged between your browser and our web server whenever you visit our website. They do not cause any damage and are used solely to recognise website visitors. Cookies can only store information provided by your browser, e.g. information that you have entered into your browser or that is available on the website. Cookies cannot execute code and cannot be used to access your terminal device. 

The next time you access our website using the same device, the information stored in the cookies can then either be sent back to us (“first-party cookie”) or to a web application of third party to whom the cookie belongs (“third-party cookie”).  The information that is stored and sent back allows each web application to recognise that you have already accessed and visited the website using the browser on your device. 

Cookies contain the following information:

• Cookie name
• Name of the server from which the cookie originates
• Cookie ID number
• An expiry date, after which the cookie will be automatically deleted

We classify cookies in the following categories depending on their purpose and function:  

• Technically necessary cookies, to ensure the technical operation and basic functions of our website. These types of cookies are used, for example, to maintain your settings while you navigate our website; or they can ensure that important information is retained throughout the session (e.g. login, shopping cart). 
• Statistics cookies, to understand how visitors interact with our website by collecting and analysing information on an anonymous basis only. In this way we gain valuable insights to optimize both the website and our products and services. 
• Marketing cookies, to provide targeted promotional and marketing activities for users on our website.
• Unclassified cookies are cookies that we are trying to classify together with individual cookie providers.

Depending on the storage period, we also divide cookies into session and persistent cookies. Session cookies store information that is used during your current browser session. These cookies are automatically deleted when the browser is closed. No information remains on your device. Persistent cookies store information between two visits to the website. Based on this information, you will be recognized as a returning visitor on your next visit and the website will react accordingly. The lifespan of a persistent cookie is determined by the provider of the cookie.

The legal basis for using technically necessary cookies is our legitimate interest in the technically fault-free operation and smooth functionality of our website. The use of statistics and marketing cookies is subject to your consent. You can withdraw your consent for the future use of cookies at any time. Your consent is voluntary. If consent is not given, no disadvantages arise. For more information about the cookies we actually use (specifically, their purpose and lifespan), refer to this Privacy Policy and to the information in our cookie banner about the cookies we use.

You can also set your web browser so that it does not store any cookies in general on your device or so that you will be asked each time you visit the site whether you accept the use of cookies. Cookies that have already been stored can be deleted at any time. Refer to the Help section of your browser to learn how to do this.
 
Please note that a general deactivation of cookies may lead to functional restrictions on our website. 

On our website, we also use so-called local storage functions (also called "local data"). This means that data is stored locally in the cache of your browser, which continues to exist and can be read even after you close the browser - as long as you do not delete the cache or data is stored within the session storage. 

Third parties cannot access the data stored in the local storage. If special plug-ins or tools use the local storage functions, you are informed within the description of the respective plug-in or tool. 

If you do not wish plug-ins or tools to use local storage functions, you can control this in the settings of your respective browser. We would like to point out that this may result in functional restrictions.

DoubleClick Floodlight

DoubleClick Floodlight is a service provided by Google- Floodlight cookies enable you to understand whether you complete certain actions on social media platforms after you see or click through a display/video ad on Google or other platforms through DoubleClick. DoubleClick uses this cookie to understand the content that you have interacted with on our sites so that it can later send you targeted advertising.
https://support.google.com/ds/answer/2839090?hl=en

Download of documents and papers

We are willing to provide you with useful documentation and documents for your personal use. You will receive these documents either as an e-mail or as a file download.

In order to receive the requested materials, a user only needs to provide the contact information we request. The provision of the data is voluntary. We reserve the right to check the correctness of the data – for example, by means of a double opt-in procedure in which the e-mail address provided must be confirmed – and to provide you with the requested materials by e-mail or as a download link only after this has been checked.
By downloading or requesting the materials, you consent to the contact data being used for marketing purposes.

The processing of this personal data is based on the voluntary provision of the requested data by the user. The consent can be revoked for the future at any time via the contact details provided in this privacy policy. However, we store the data and the associated downloads for a maximum of 3 years in order to be able to safeguard or defend legal claims, for example.

Integration of services and contents of third parties

To analyze and optimize our website, we use content or service offerings from third parties to display their content and services, such as videos or fonts.

This always presupposes that the third-party providers of this content recognize the IP address of the user that is required for the presentation of this content. We make every effort to use only such content whose respective providers use the IP address only to deliver the content. The processing of your data is based on our legitimate interest in optimizing our online offering pursuant to Art. 6 paragraph 1 lit. f GDPR. Third party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. Pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, visit times and other information about the use of our online services, as well as may be linked to such information from other sources. 

The processing of your data in the cookies is based on your consent in accordance with Art. 6 paragraph 1 lit. a GDPR. You can revoke this consent at any time with effect for the future.

For further details, please refer to the specific services described in more detail in this privacy policy.

Performance of our statutory and contractual services

We process personal data of our members, functionaries, promoters, interested parties, customers or other persons in accordance with Art. 6 paragraph 1 lit. b GDPR, insofar as we offer them contractual services or within the framework of an existing business relationship. Otherwise, we process the data of data subjects pursuant to Art. 6 paragraph 1 lit. f GDPR on the basis of our legitimate interests, especially in the case of administrative tasks or public relations work.

The data processed and the appropriateness of their processing shall be determined in accordance with the present contract. This includes the master data of the persons (e.g. name, address), as well as the contact data (e.g. e-mail address, telephone), the contract data and, if we offer payable services or products, billing data (e.g., account details, etc.).

Pursuant to Art. 5 paragraph 1 lit. e GDPR, we are obliged to delete personal data as soon as the purpose for processing has been fulfilled. In this context, we would like to point out that legal storage obligations and periods represent a legitimate purpose for the processing of personal data. 

eRecruiter

In the context of application procedures via our website we use a tool of the company eRecruiter GmbH, Am Winterhafen 4, A-4020 Linz, Austria ("eRecruiter"). 

eRecruiter enables our visitors to apply for open positions with us. The use of this service is based on your voluntariness. When you use this service, your browser establishes a direct connection with the eRecruiter servers. In doing so, the information is transmitted to eRecruiter that your browser has visited the corresponding page of our online offer. For this purpose, your IP address is transmitted to eRecruiter. However, based on our information, the IP address is not used by eRecruiter for purposes other than the execution of the service and is not merged with other data.

For more information about eRecruiter please refer to the eRecruiter privacy policy at https://www.erecruiter.net/en/p/privacy-policy

Facebook Social-Plugins

On our website we use social plugins of the social network Facebook, which are operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). With these social plugins users of our website have the opportunity to share the content of our website within Facebook (through 'LIKE'- or 'SHARE'-options).
Legal basis: Consent, Data Privacy Framework,
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC&status=Active

For these data processing we are jointly responsible with Facebook according to Art 26 GDPR. The information required for joint responsibility in accordance with Art 13 paragraph 1 lit. a and b GDPR can be found in the Facebook data policy at https://www.facebook.com/policy.php. The addition for responsible persons, which we have concluded with Facebook in order to determine the fulfillment of the obligation under the GDPR with regard to joint responsibility, applies. In this regard, it has been agreed with Facebook that Facebook is responsible for fulfilling the rights of data subjects in accordance with Articles 15-20 of the GDPR regarding personal data stored by Facebook after joint processing.

We have taken precautions on our website to ensure that such a plugin does not cause your browser to connect directly to Facebook's servers when you view a page.

If you interact with the plugins, for example by pressing the 'LIKE'- or 'SHARE'-button, your IP address and the corresponding information will be transmitted directly to a Facebook server and stored there.

If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook account. The information is also published on Facebook and displayed to your Facebook friends. We would like to point out that Facebook can use this information for the purpose of advertising, market research and tailoring Facebook pages to suit your needs. To this end, Facebook creates user, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook. 

Further information on how Facebook processes personal data, including the legal basis on which Facebook relies and the possibilities for exercising the rights of data subjects vis-à-vis Facebook, can be found in the Facebook Data Policy at https://www.facebook.com/policy.php.

Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, i.e. according to our information they are adopted for all devices, such as desktop computers or mobile devices.

Competition Participation

Our website occasionally offers participation in competitions. In order to participate in a competition, it is necessary to provide certain personal data. The data collected in the course of participation will be used exclusively to carry out and process the respective competition.

If the e-mail address or other personal data is to be used for marketing purposes (e.g. sending newsletters or offers), a separate notice will be provided in connection with the respective competition. The data will only be used for marketing purposes if the participants have given their express and voluntary consent. This consent can be revoked at any time with effect for the future.

In the course of processing, it may be necessary to pass on personal data to business partners, for example for the delivery or payment of prizes. However, data will only be passed on if this is necessary to carry out the competition.

If the data of winners is to be published as part of a competition (e.g. on the website or in social media), express consent will be obtained in advance. This consent can be revoked at any time with effect for the future.

Once the competition has been completed and fully processed, the personal data collected will be deleted, provided there are no statutory retention obligations or no consent has been given for longer storage.

Participation in the competition is voluntary and legal recourse is excluded.

Legal recourse is always excluded for participation in the competition.

Additional information on the rights of data subjects and the relevant contact details are listed in the general section of this privacy policy.

Google Ads

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent company: Google LLC (USA).
Purpose: Personalized Advertising, Conversion Tracking, Remarketing, Performance Measurement of Campaigns
Category: Marketing
Recipients: EU, USA
Data processed: IP Address, Website Visit Details, User Data
Data subjects: Users
Technology: JavaScript Call, Cookies
Legal basis: Consent, Certification according to the EU-US Data Privacy Framework,
Website: https://www.google.com
Further information:
https://policies.google.com/privacy
https://safety.google/intl/en/principles/
https://business.safety.google/privacy/
https://business.safety.google/adsprocessorterms/
Here you can find out where exactly Google data centers are located: https://www.google.com/about/datacenters/inside/locations/

On this website, the Google Ads service is used for the purpose of advertising our products and services.  Google Ads is Google's in-house online advertising system. 

It is important for us to know whether an interested visitor ultimately becomes our customer. To be able to measure this, there is the so-called "conversion tracking". Furthermore, we would like to be able to address visitors to our website again and in a targeted manner. We achieve this through so-called "remarketing (retargeting)".

Google Ads serves both "conversion tracking" and "remarketing", i.e. we can see what happened after you clicked on one of our ads. In order for this service to work, cookies are used and visitors are sometimes added to remarketing lists in order to be served only certain advertising campaigns.

Our goal is to ensure that the offer of our website is targeted to those visitors who are actually interested in our offer through the use of Google Ads. The data from "conversion tracking" allows us to measure the benefit of individual advertising measures and optimize our website for our visitors. Conversion can be measured through the use of cookies.

We can also track whether they found us on the website via a Google Ads campaign. In cooperation with an analysis tool such as Google Analytics, the measurement of campaign success can be further refined. The processing of the data is done by Google. We only receive a report with statistical evaluations. For example, we know the number of users who clicked on our ad and we can determine which campaign was well received.

We have no influence on how Google uses the data. According to information from Google, however, the data is stored in encrypted form on secure servers in the U.S., among other places.

Google Analytics

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, e-mail: support-de@google.com
Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Purpose: Web analysis, performance measurement, conversion tracking, collection of statistical data
Category: Statistics
Recipient: EU, USA
Processed data: IP address, details of the website visit, user data
Data subjects: Website visitors
Technology: JavaScript call, cookies (details in the cookie list), fingerprinting, local storage
Legal basis: Consent (purpose)
Certifications: EU-U.S. Data Privacy Framework, Swiss-U.S. Data Privacy Framework, UK Extension to the EU-U.S. Data Privacy Framework
Further information:
https://policies.google.com/privacy
https://safety.google/intl/de/principles/
https://business.safety.google/privacy/
https://business.safety.google/adsprocessorterms/
Here you can find out exactly where Google data centers are located: https://www.google.com/about/datacenters/locations/

On our website, we use the functions of the web analysis service Google Analytics to analyze user behavior and to optimize our website. The reports provided by Google are used to analyze the performance of our website and to measure the success of possible campaigns via our website.

Google Analytics uses cookies that enable us to analyze the use of our website. All details (name, purpose, storage duration) of the cookies can be found in our specific list of cookies used.

Google Analytics can use local storage. This is an alternative to using cookies to store the client ID. This makes it possible to track user behavior without setting cookies.

Information about the use of the website such as browser type/version, operating system used, the previously visited page, host name of the accessing computer (IP address), time of the server request are usually transmitted to a Google server and stored there. We have concluded a contract with Google for this purpose.

Google will use this information on our behalf to evaluate the use of our website, to compile reports on the activities within our website and to provide us with further services associated with the use of our website and the Internet.

We only use Google Analytics with IP anonymization activated by default. This means that the IP address of a user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. According to Google, the IP address transmitted by a user's browser as part of Google Analytics is not linked to other Google data. 

During the website visit, user behavior is recorded in the form of so-called events. These can be the following:

• Page views, the click path of a user
• First visit to our website
• Websites visited
• Start of a session
• Interaction with our website
• User behavior (e.g. clicks, scrolls, dwell time, bounce rates)
• File downloads
• Viewed / clicked ads
• Interaction with videos
• internal search queries

is also recorded:

• approximate location (region)
• Date and time of the visit
• IP address (in abbreviated form)
• technical information about the browser or the end devices used (e.g. language setting, screen resolution)
• Internet provider
• Referrer URL (via which website/advertising medium a user came to our website)

This data is essentially processed by Google for its own purposes, such as profiling (without us being able to influence this).

The data on the use of our website will be deleted immediately after the end of the retention period set by us. Google Analytics specifies a standard retention period of 2 months for user and event data, with a maximum retention period of 14 months. This retention period also applies to conversion data. The following options are available for all other event data: 2 months, 14 months, 26 months (Google Analytics 360 only), 38 months (Google Analytics 360 only), 50 months (Google Analytics 360 only). We choose the shortest storage period that corresponds to our intended use. You can ask us at any time about the retention period we have currently set.

Data whose retention period has been reached is automatically deleted once a month.

Additional details can be found in the linked further information. It is recommended that you check these links regularly for changes, as Google Analytics may update its functions and privacy policy. Further information on rights and contact details can be found in the general section of this privacy policy.

Google Datastudio

On our website we use an additional data management tool of Google Analytics - Google Data Studio - to visually create custom reports and interactive dynamic dashboards for our users.

For this purpose we use the data from Google Analytics and no other interfaces to data sources (such as Google AdWords, Attribution 360, BigQuery, Cloud SQL, MySQL, Google Spreadsheets, YouTube Analytics ect.) The web tool does not require a local application and can be started via the web. Access is via a browser, the data sources are connected directly via Google Data Studio.

You can find further information on how to use Google Data Studio at: https://support.google.com/datastudio/answer/6283323

Google Fonts

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company Google LLC (USA), https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
Purpose: Integration of fonts
Category: Statistics
Recipients: EU, USA (possible)
Data processed: IP address, language settings, screen resolution, version and name of browser.
Data subjects: website visitors
Technology: JavaScript call
Legal basis: Consent, Data Privacy Framework
Website: www.google.com
Further information: https://developers.google.com/fonts/faq https://policies.google.com/privacy https://www.google.com/about/datacenters/inside/locations/

To display fonts consistently, our website uses Web Fonts which are provided by Google. 

To display web fonts, the web browser you use must connect with a Google server. This informs Google that our website is being accessed via your IP address. The IP address from the browser of the device you are using to access our site is also stored by Google. If your browser does not support Web Fonts, your device will display the site using a standard font type. With each Google Font request, your IP address is automatically transferred to a Google server along with information such as your language preferences, display resolution, version and name of your browser. The usage data collected by Google enables them to determine the popularity of specific font types. Google publishes these findings on internal analytics sites (e.g. Google Analytics).

Google Fonts enables us to use fonts on our own website without uploading them to our server. Google Fonts is an important building block for maintaining the high quality of our website. All Google fonts are automatically optimized for the web. This reduces the data volume and is particularly advantageous for use on mobile devices. When you visit our site, the low file size allows for quicker loading times. Furthermore, Google Fonts are secure Web Fonts that support all major browsers.  

Google stores requests for CSS assets for one day on its servers. This enables us to use the fonts with the support of a Google style sheet. The font files are stored by Google for one year. To delete data prematurely, you must contact Google Support ( https://support.google.com ).

Google Maps

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC (USA)
Purpose: Integration of Map Services
Category: Statistics
Recipients: EU, USA
Data processed: IP Address, Website Visit Details, User Data
Data subjects: Users
Technology: JavaScript Call, Cookies
Legal basis: Consent, Data Privacy Framework, https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
Website: https://www.google.com
Further information:
https://policies.google.com/privacy
https://safety.google/intl/en/principles/
https://business.safety.google/adsprocessorterms/
Here you can find out where exactly Google data centers are located: https://www.google.com/about/datacenters/inside/locations/

On our website, the service Google Maps is integrated in order to better display geographical information about locations for users. 

Google Maps is an online map service with which geographic information can be made more legible via a terminal device. Among other things, directions are displayed or map sections of a location can be integrated into a website. 

When Google Maps is called up, the browser establishes a connection to Google's servers. This enables Google to know that our website has been accessed via the user's IP address. The use of Google Maps enables Google to collect and process data about the use of the service.

For the provision of this service, Google Maps processes, among other things, entered search terms as well as latitude and longitude coordinates on the basis of the IP address. If the route planner function of Google Maps is used, the entered starting address is also stored. This data processing is carried out exclusively by Google and is not within our sphere of influence.

We would like to point out that a cookie called "NID" is set by Google when running this service. Google Maps does not currently offer us the option to run this service in a mode without this cookie. The NID cookie contains information about your user behavior, which Google uses to optimize its own services and to provide individual, personalized advertising for you.

Google anonymizes data in server logs by deleting a portion of the IP address and cookie information after 9 and 18 months, respectively.

Location and activity data is stored for either 3 or 18 months and then deleted. Users can also manually clear history at any time via a Google account. To completely prevent location tracking, a user must turn off the "Web and App Activity" section in their Google account.

Google Marketing Platform / Google Ad Manager

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent company: Google LLC (USA)
Purpose: Personalized Advertising, Conversion Tracking, Remarketing, Campaign Performance Measurement
Category: Marketing
Recipients: EU, USA
Data processed: IP Address, Website Visit details, User data
Data subjects: Users
Technology: JavaScript Call, Cookies
Legal basis: Consent, Data Privacy Framework, https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
Website: https://www.google.com
Further information:
https://policies.google.com/privacy
https://safety.google/intl/de/principles/
https://business.safety.google/privacy/
https://business.safety.google/adsprocessorterms/
Here you can find out where exactly Google data centers are located: https://www.google.com/about/datacenters/inside/locations/

On this website, the Google Ads service is used for the purpose of advertising our products and services.  Google Ads is Google's in-house online advertising system. 

It is important for us to know whether an interested visitor ultimately becomes our customer. To be able to measure this, there is the so-called conversion tracking. Furthermore, we would like to be able to address visitors to our website again and in a targeted manner. We achieve this through so-called remarketing (retargeting).

Google Ads serves both conversion tracking and remarketing, i.e. we can see what happened after you clicked on one of our ads. In order for this service to work, cookies are used and visitors are sometimes included in remarketing lists in order to be served only with certain advertising campaigns.

This is done by means of a pseudonymous identification number (pID), which the browser of a user receives and is assigned to him. This pID enables the service to recognize which ads have already been displayed to a user and which have been called up. The data is used to serve ads across websites by enabling Google to identify the pages visited by the user. 

Our goal is that the offer of our website through the use of Google Ads targeted to those visitors who are actually interested in our offer. The data from conversion tracking allows us to measure the benefit of individual advertising measures and optimize our website for our visitors. Conversion can be measured through the use of cookies.

The information generated is transferred by Google to a server in the U.S. for evaluation and stored there. A transfer of data by Google to third parties only takes place due to legal regulations or in the context of commissioned data processing. Under no circumstances will Google link data of a user with other data collected by Google.

Google reCAPTCHA

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company Google LLC (USA),
Purpose: Protection against Misuse, Spam Prevention
Category: Technically Required
Recipients: EU, USA
Data processed: IP Address, Website Visit Details
Data subjects: User
Technology: JavaScript Call, Cookies, Local Storage
Legal basis: Legitimate Interest, Data Privacy Framework, https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
Website: https://www.google.com
Further information:
https://policies.google.com/privacy https://developers.google.com/recaptcha/
https://policies.google.com/privacy
https://safety.google/intl/en/principles/
https://business.safety.google/adsprocessorterms/
Here you can find out where exactly Google data centers are located: https://www.google.com/about/datacenters/locations/

On our website, the Google reCAPTCHA service is used to protect against abuse by non-human visitors (bots) and to prevent spam.

When reCAPTCHA is started, the browser establishes a connection to Google's servers. This enables Google to know that our website has been accessed via a user's IP address.

The purpose of reCAPTCHA is to verify whether the data entry on our website is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the user's behavior based on various characteristics. This analysis begins automatically as soon as the user starts our website. For the analysis, reCAPTCHA evaluates various information.

According to our information, the following data is processed by Google:

• the address of the page from which the visitor comes
• IP address
• Information about the operating system
• Cookies
• Mouse and keyboard behavior
• Date and language settings
• All Java-Script Objects
• Screen resolution

The data collected during the analysis is forwarded to and used by Google. The reCAPTCHA analyses run entirely in the background.

Cookies are used for the processing of the service.  These cookies require a unique identifier for tracking purposes. According to Google, the IP address is not merged with other data from other Google services, unless a user is logged into his Google account while using the reCAPTCHA plug-in. Furthermore, reCAPTCHA also uses the local storage on the user's device to store data.

Google Signals for Google Analytics

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC (USA).
Purpose: Additional function to Google Analytics, Cross-device tracking
Category: Statistics
Recipients: EU, USA
Processed data: IP Address, User Data
Data subjects: Users
Technology: Add-on to Google Analytics
Legal basis: consent, data privacy framework, https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
Website: https://www.google.com
Further information:
Explanations about Google Analytics in this privacy statement
https://policies.google.com/privacy
https://safety.google/intl/en/principles/
https://business.safety.google/adsprocessorterms/
Here you can find out where exactly Google data centers are located:
https://www.google.com/about/datacenters/locations/

On our website, we have extended existing Google Analytics features with Google Signals. It is Google Signals a cross-device tracking of users, which is integrated within Google Analytics.

By activating Google Signals for Google Analytics, data is processed and assigned to your Google account. Google can thus recognize, for example, if you have viewed products on our website via your smartphone and only purchased them later via another end device, e.g. via your computer. Google Signals makes it possible to run cross-device campaigns.

By activating Google Signals for Google Analytics, user data such as location, search history and other data about the use of our website is collected. This gives us better information about interests and demographic characteristics. This information helps us to form specific target groups of users in Google Analytics in order to better respond to wishes and interests.

Personalization by Google Signals is only possible if a user is logged into his Google account and allows personalized advertising and if a user has consented to the use of Google Analytics on our website. 

The privacy policy on the use of Google Analytics can also be found in this privacy policy.

Google Tag Manager

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent company: Google LLC (USA)
Purpose: Launching Tools and Plugins
Category: Technically Required
Recipients: EU, USA (possible)
Data processed: IP Address
Data subjects: User
Technology: JavaScript Call
Legal basis: legitimate interest, Data Privacy Framework, https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
Website: https://www.google.com
Further information:
https://policies.google.com/privacy
https://safety.google/intl/en/principles/
https://business.safety.google/adsprocessorterms/
Here you can find out where exactly Google data centers are located: https://www.google.com/about/datacenters/locations/

The Google Tag Manager service is used on our website.

The Tag Manager is a service that allows us to manage website tags via an interface. This allows us to include code snippets such as tracking codes or conversion pixels on websites without interfering with the source code. In doing so, the data is only forwarded by the Tag Manager, but neither collected nor stored. The Tag Manager itself is a cookie-less domain and does not process any personal data, as it serves purely to manage other services in our online offering. 

When the Google Tag Manager is started, the browser establishes a connection to Google's servers.  These are mainly located in the U.S. Through this, Google obtains knowledge that our website was called up via the IP address of a user. 

The Tag Manager ensures the resolution of other tags, which in turn may collect data. However, the Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this remains in place for all tracking tags that are implemented with the Tag Manager.

GoToMeeting

We use the service GotoMeeting of LogMeIn Inc., Boston, Massachusetts, USA, https://www.gotomeeting.com/ ("GoToMeeting") to conduct online meetings and organise webinars.

ATTENTION! Within the scope of this service, data transfer to the U.S. takes place or cannot be excluded. We would like to point out that as of July 10, 2023, the European Commission has issued an adequacy decision on the EU-US data privacy framework (Data Privacy Framework). Accordingly, organizations or companies (as data importers) in the U.S. that are registered in a public list under the self-certification option of the Data Privacy Framework provide an adequate level of protection for data transfers. Whether the specific provider of this service is already certified can be found here: https://www.dataprivacyframework.gov/s/participant-search  

We have concluded a data processing agreement with GoToMeeting for the processing of data in the US, the level of protection is guaranteed by the use of the EU standard contractual clauses.

Further information on data protection can be found under the item "Online-meetings and webinars" in this privacy policy and at https://www.logmein.com/trust for the use of this service. 

Hosting

In the context of hosting our website, all data that arises in connection with the operation and use of the website is processed. This includes, in particular, content data, usage data, communication data, and technical data that are necessary for providing and securely operating the website.

The storage and processing of this data is necessary to enable access to the website, ensure the stability and security of the online offering, and to technically optimize the website.

To provide our online presence, we use the services of external web hosting providers. In this context, the data generated during the operation of the website is transmitted to these service providers or processed by them on our behalf. Processing is carried out exclusively in accordance with legal requirements and based on contractual agreements for data processing on behalf.

Further information on the handling of personal data in connection with hosting can be found in the privacy policy of this website.

Instagram Social-Plugins

To improve our online presence, the functions and content of the Instagram service are integrated into our website. The provider of these functions and services is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland, holding company: Meta Platforms, Inc. (USA)
Legal basis: Consent, Data Privacy Framework,
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC&status=Active

For these data processing we are jointly responsible with Facebook according to Art 26 GDPR. 

The information required for joint responsibility in accordance with Article 13 paragraph 1 lit. a) and b) GDPR can be found in the Facebook data policy at https://www.facebook.com/about/privacy. The addition for responsible persons, which we have concluded with Facebook in order to determine the fulfillment of the obligation under the GDPR with regard to joint responsibility, applies. In this regard, it has been agreed with Facebook that Facebook is responsible for fulfilling the rights of data subjects in accordance with Articles 15-20 of the GDPR regarding personal data stored by Facebook after joint processing.

Users of our website have the opportunity to share the content of our website within Instagram.

We have taken precautions on our website to ensure that such a plugin does not cause your browser to establish a direct connection to Facebook's servers when you view a page.

Only when you interact with the plug-ins, for example when you confirm the button with the Instagram camera, will your IP address and the corresponding information be transmitted directly to a Facebook server and stored there. However, an active action on your part is required, which is why the data processing in this case is based on your consent according to Art. 6 paragraph 1 lit. a GDPR.  

If you are logged in to Instagram, Instagram can assign your visit to our website directly to your Instagram account. The information is also published on your Instagram account and displayed to your contacts there. If you do not want Instagram to associate the data collected via our website directly with your Instagram account, you must log out of Instagram. 

For more information about privacy, please refer to Instagram's Privacy Policy: http://instagram.com/about/legal/privacy/.

Instagram-Fanpage

We are pleased that you are visiting our Instagram page and would like to inform you about the processing of data that takes place when you use our online offer on Instagram. The data controller within the meaning of the GDPR for the operation of our Instagram page is us, together with Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland, holding company: Meta Platforms, Inc. (USA) ("Instagram") within the meaning of Art 26 GDPR.

Within the scope of this service, data transfer to the U.S. takes place or cannot be excluded. We would like to point out that as of July 10, 2023, the European Commission has issued an adequacy decision on the EU-US data privacy framework (Data Privacy Framework). Accordingly, organizations or companies (as data importers) in the U.S. that are registered in a public list under the self-certification option of the Data Privacy Framework provide an adequate level of protection for data transfers. Google is certified under the Data Privacy Framework: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC&status=Active

Below we explain which functions are offered when visiting our Instagram page and which processing of your personal data takes place in this context. 

Community functions

We offer various community functions on our Instagram page with which you can interact with other users, for example by posting on our posts, leaving comments or "liking" or sharing posts.

Please note that these areas are publicly accessible and any personal information you post or provide when signing up can be viewed by other users. We cannot control how other users of our Instagram page use this information. In particular, we cannot prevent unsolicited messages from being sent to you.

We collect all data entered as part of the community features in order to provide you with the community features as intended. Content posted in community areas may be stored for an unlimited period of time. If at any time you wish to have any posted content removed, please contact us using the contact details provided in this privacy policy.

Usage Analysis / Insights

When you visit our Instagram page, we analyse how you use it (Instagram Insights). With the help of Instagram insights, we learn more about our followers and the people who interact with us on Instagram. We see insights about gender, age range and location. We can also see which posts and stories are viewed the most and which are interacted with the most. Insights and metrics also include paid activities. Reach, accounts reached, impressions and impressions per day reflect both paid and organic activity.

The information required under the GDPR on data processing in the context of Instagram Insights can be obtained from Instagram; currently in Instagram's privacy notices at https://help.instagram.com/519522125107875.
Within the framework of Instagram Insights, we ourselves only receive anonymised statistics - we have no access to personal data processed by Instagram.

Receivers of your data

As the operator of this platform, Instagram, Inc. (181 South Park Street Suite 2 San Francisco, CA 94107 USA), as well as other companies that may be located outside the European Economic Area, have access to your data in order to enable the operation of the Instagram site. For more information, please see Instagram's privacy policy ( https://help.instagram.com/519522125107875).  

Contact

Our website offers various options for contacting us, for example via contact forms or e-mail addresses provided. When contacting us, the personal data provided will be processed exclusively for the purpose of processing and responding to the respective inquiry. The processing takes place insofar as this is necessary to carry out pre-contractual measures or to fulfill a contract, or on the basis of legitimate interests, for example to maintain customer relationships or to document processes.

It may be necessary to provide certain data in order to fully process an inquiry. Without this information, it may not be possible to process the request, or only to a limited extent.

Personal data from contact requests may also be stored in a customer or prospective customer database on the basis of legitimate interests in order to optimize communication and support. Use for marketing purposes only takes place if separate consent has been obtained or a legitimate interest exists and there are no overriding interests of the data subject that require protection.

Personal data from contact inquiries will only be stored for as long as is necessary for the processing and handling of the inquiry or for as long as there are statutory retention obligations. After final processing of the inquiry and expiry of any legal deadlines, the data will be deleted or anonymized. As a rule, deletion takes place at the latest after three years without further contact, unless there are longer statutory or contractual retention obligations.

Additional information on the rights of data subjects and the relevant contact details are listed in the general section of this privacy policy.

LinkedIn Insight Tag

Provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, Email: info@linkedin.com
Parent company: LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA
Purpose: Website analysis, conversion tracking and optimization of LinkedIn advertising campaigns
Category: Marketing
Recipient: EU, USA
Processed data: IP address, time of visit, pages visited, device information, browser type, operating system, demographic data (e.g. job title, company, industry)
Affected: Website visitors
Technology: Cookies (details in the cookie list), JavaScript
Legal basis: Consent (purpose)
Certifications: EU-US Data Privacy Framework, Swiss-US Data Privacy Framework, UK Extension to the EU-US Data Privacy Framework
Website: https://business.linkedin.com/marketing-solutions/insight-tag
Further information:
https://www.linkedin.com/legal/privacy-policy
https://www.linkedin.com/help/lms/answer/85787 https://www.linkedin.com/help/linkedin/answer/a1445756?lang=en-US

We use the LinkedIn Insight Tag service on our website to analyze website visits, track conversions, and optimize LinkedIn advertising campaigns. The LinkedIn Insight Tag is a JavaScript code implemented on our website. When a visitor visits our website, the tag loads and collects various data about the visit.

The tool collects information such as IP address, time of visit, pages visited, device information, browser type, and operating system. Additionally, demographic data such as job title, company, and industry are collected if the visitor is logged into LinkedIn. This data is aggregated and anonymized to gain insights into our website visitors and measure the performance of our LinkedIn campaigns.

The LinkedIn Insight Tag uses cookies to identify visitors across multiple sessions and to attribute conversions. All details (name, purpose, storage duration) regarding the cookies can be found in our specific list of cookies used.

The collected data is stored for a period of up to 90 days before being aggregated and anonymized. After the expiration of the statutory retention periods, the data is deleted immediately.

Additional details can be found in the linked additional information. We recommend checking these links regularly for changes, as LinkedIn may update the functionality of the LinkedIn Insight Tag. Additional information on the rights of data subjects and the corresponding contact details are provided in the general section of this privacy policy.

LinkedIn Social-Plugins

On our website functions and content of LinkedIn are used to improve our online presence. This service is provided by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland ("LinkedIn"). 

Legal basis: Consent, Data Privacy Framework,
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000L0UZAA0&status=Active

Users of our website have the opportunity to share the content of our website within LinkedIn.

We have taken precautions on our website to ensure that such a plugin does not cause your browser to connect directly to LinkedIn's servers when a page is viewed.

Only when you interact with the plugins, for example by clicking the "Recommend" button, your IP address and the corresponding information will be transmitted directly to a LinkedIn server and stored there. However, an active action on your part is required, therefore the data processing in this case is based on your consent according to Art. 6 paragraph 1 lit. a GDPR.

If you are logged in to your LinkedIn account, it is possible for LinkedIn to assign your visit to our website to you and your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by LinkedIn. If you do not agree, you must log out of your LinkedIn account.

The latest data protection information on LinkedIn can be found on this website: https://www.linkedin.com/legal/privacy-policy?_l=en_EN

LinkedIn Company Profile

We are pleased that you are visiting our LinkedIn company profile and inform you about the processing of data that takes place when you use our company page on LinkedIn. The data controller within the meaning of the GDPR for the operation of our LinkedIn company profile is us, together with LinkedIn Ireland Unlimited Company ("LinkedIn") within the meaning of Art 26 GDPR. The competent supervisory authority for LinkedIn is the Irish data protection authority.

Insofar as you visit or follow our LinkedIn company profile, LinkedIn processes personal data that gives us insight into visitor numbers via anonymous statistics. Via these statistics, it is possible to evaluate visitor interactions in an anonymous form (so-called page insights). To create these statistics, LinkedIn uses data that you as a user have provided in your LinkedIn profile, e.g. data on your function, country, industry, seniority, company size and employee status. With the insight into visitor statistics, LinkedIn does not provide us with any personal data, but only aggregated and thus anonymous data. We cannot draw any conclusions about individual members with the help of this data. 

Data processing within the scope of our LinkedIn company profile is carried out by us under joint responsibility with LinkedIn. The division of data protection obligations between LinkedIn and us are regulated in the following agreement: https://legal.linkedin.com/pages-joint-controller-addendum

For more information on how LinkedIn processes personal data, including the legal bases on which LinkedIn relies and how data subjects can exercise their rights against LinkedIn, please see LinkedIn's data policy at https://de.linkedin.com/legal/privacy-policy .

Meta Pixel

Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, e-mail: privacy@facebook.com
Parent company: Meta Platforms, Inc, 1601 Willow Road, Menlo Park, CA 94025, USA
Purpose: Web analysis, tracking (conversion)
Category: Marketing
Recipient: EU, USA
Processed data: Visitor data (e.g. IP address, location data), behavioral data (e.g. clicks, duration of visit, conversion data), device data (e.g. browser type, operating system), e-commerce data (e.g. order ID, product information)
Data subjects: Website visitors
Technology: JavaScript, cookies (details in the cookie list), tracking pixels
Legal basis: Consent (purpose)
Certifications: EU-U.S. Data Privacy Framework, Swiss-U.S. Data Privacy Framework, UK Extension to the EU-U.S. Data Privacy Framework
Website: https://www.facebook.com/business/tools/meta-pixel
Further information:
https://www.facebook.com/privacy/policy/
https://www.facebook.com/legal/terms

The Meta Pixel service of the social network Facebook is used on our website for the analysis, optimization and economic operation of our online offer.

With the help of Meta Pixel, it is possible for Meta to determine the visitors to our website as a target group for the display of personalized ads. Accordingly, we use Meta Pixel to display the advertisements placed by us only to those users who have also shown an interest in our online offering or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that we transmit to Meta (so-called “custom audiences”). With the help of Meta Pixel, we also want to ensure that our meta ads correspond to the potential interest of users and are not annoying. With the help of Meta Pixel, we can also track the effectiveness of the Meta Ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a meta ad (so-called “conversion”).

The actions of users are stored in one or more cookies. These cookies make it possible to match Meta user data (such as IP address, user ID) with the data of a Facebook account. The data collected is anonymous and not visible to us and can only be used in the context of advertisements. Users can prevent the link to their Facebook account by logging out before taking any action. 

To set which types of ads are displayed within Facebook, users can go to the page set up by Meta and follow the instructions on the settings for usage-based advertising: https://www.facebook.com/settings?tab=ads  

The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.

Additional details can be found in the linked further information. It is recommended that you check these links regularly for changes, as Meta may update its functions and privacy policy. Further information on rights and contact details can be found in the general section of this privacy policy.

Facebook-Fanpage

We are pleased that you visit our Facebook-Fanpage. Therefore we would like to inform you about the processing of data that results from the use of our online services on Facebook. We are the controller for the operation of our Fanpage page together with Meta Platforms Ireland Limited, 4 Grand Canal Square Grand Canal Harbor, Dublin 2, Ireland in accordance with Article 26 GDPR. The data protection authority responsible for Facebook is the Irish Data Protection Authority.

The information required for joint responsibility in accordance with Art 13 paragraph 1 lit. a and b GDPR can be found in the Facebook data policy at https://www.facebook.com/about/privacy as well as the agreement for joint controller at https://www.facebook.com/legal/terms/page_controller_addendum

The addition for responsible persons, which we have concluded with Facebook in order to determine the fulfillment of the obligation under the GDPR with regard to joint responsibility, applies. In this regard, it has been agreed with Facebook that Facebook is responsible for fulfilling the rights of data subjects in accordance with Articles 15-22 of the GDPR regarding personal data stored by Facebook after joint processing.

With our Facebook-Fanpage we operate our internet appearance in addition to this website. Therefore, the operation on the Facebook-Fanpage is in our legitimate interest within the meaning of Art 6 paragraph 1 lit. f GDPR. Your data (IP address, cookie information) and the following information / activities are processed by Facebook:

• number of calls of a page or a post or a video from a page
• information whether a page is subscribed or no longer subscribed
• information whether a page or post is marked as "Like" or "Dislike"
• information whether a page is recommended in a post or comment
• comments, shares, or responds to a posting, including the type of response
• information whether a article is hidden or reported as spam
• information wether clicking on a link from another page on Facebook or from a website outside of Facebook leads to the page
• information whether the mouse is moved over the name or the profile picture of a page to see a preview of the page content
• information whether the website, phone number, "route plan" button or another button on a page is clicked
• Information about whether you are logged in to a computer or a mobile device while visiting a page or interacting with it or its content

In order for this information to be processed, Facebook records your IP address and other information that is available on your terminal device in the form of cookies. According to Facebook, the IP address is anonymised. 

Due to the constant development of Facebook, the availability and processing of the above mentioned data is periodically changing, so we therefore have to refer to the privacy policy of Facebook for more details.

The "Insights" of our Facebook fan page are used to statistically evaluate above data and are made available to us by Facebook without any personal reference. You can find more information on this at https://www.facebook.com/help/pages/insights  

These statistics are generated and provided by Facebook. As the operator of the Facebook-Fanpage, we have no influence on the generation and display of these statistics. We cannot deactivate this function or prevent the generation and processing of data. Only Facebook decides regarding the processing of Insight data. 

We use this aggregated data to make our contributions and activities on our Facebook-Fanpage more attractive to users. In accordance with the Facebook Terms of Use, which each user has agreed to when creating a Facebook profile, we may identify subscribers and fans of the site and view their profiles and other shared information. 

If you are a registered Facebook user and use the commenting, sharing and rating features, you are also responsible for doing so. If you like our site and you click on "Like" or "Subscribe", you will appear in the list we provide and we will be able to view your public profile. You can unsubscribe at any time. Which data you share with the public is up to you. However, we do not use this data for any purpose other than operating our Facebook-Fanpage.

Please note that Facebook processes the data for its own purposes (in particular for the display of content and advertisements, the provision, protection and improvement of Facebook products) on the basis of its own Data Policy under https://www.facebook.com/policy.php and terms of use. Facebook also transfers data to countries outside the European Union and also third countries for which Facebook has, according to our information, given suitable guarantees in accordance with Art. 46 GDPR. Opt-out options can be found in the settings of your Facebook account.

As part of the Page Insights amendment, Facebook agrees to assume primary responsibility pursuant to the GDPR for the processing of Insight data and to fulfil all obligations under the GDPR with regard to the processing of Insight data (including Articles 12 and 13 GDPR, Articles 15 to 22 GDPR and Articles 32 to 34 GDPR). In addition, Facebook will make the essential contents of the Page Insights amendment available to the data subjects concerned. You can therefore directly exercise your data subject rights (rights to information, correction, deletion, restriction of processing and data transferability) vis-à-vis Facebook.

If you are currently logged in to Facebook as a user, a cookie with your Facebook ID is located on your terminal device. This enables Facebook to track that you have visited our website and how you have used it. This also applies to all other Facebook pages. Via Facebook buttons integrated into websites, Facebook is able to record your visits to these websites and assign them to your Facebook profile. This data can be used to offer content or advertising tailored to you.

If you want to avoid this, you should log off from Facebook or deactivate the "Stay logged in" function. This will delete Facebook information that can be used to identify you immediately. 

Further information on how Facebook processes personal data, including the legal basis on which Facebook relies and the possibilities for exercising the rights of data subjects vis-à-vis Facebook, can be found in the Facebook Data Policy at https://www.facebook.com/policy.php

Microsoft Clarity

Provider: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland
Parent company: Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052, USA,
E-mail: privacy@microsoft.com
Purpose: Analysis of user behavior on websites, improvement of user-friendliness
Category: Statistics
Recipient: USA, EU
Processed data: User behavior, clicks, scroll movements, mouse movements, device information, IP address (shortened), browser information, screen recordings
Data subjects: Website visitors
Technology: JavaScript, cookies (details in the cookie list), local storage
Legal basis: Consent (purpose)
Certifications: EU-U.S. Data Privacy Framework, Swiss-U.S. Data Privacy Framework, UK Extension to the EU-U.S. Data Privacy Framework
Website: https://clarity.microsoft.com
Further information:
https://privacy.microsoft.com/privacystatement
https://clarity.microsoft.com/terms
https://learn.microsoft.com/compliance/regulatory/offering-eu-model-clauses
https://www.microsoft.com/concern/privacy

On our website, we use the Microsoft Clarity service to analyze user behavior in order to improve the user-friendliness of our website. Microsoft Clarity is a free analytics tool that provides insights into visitors' interactions with our website.

The tool collects various types of data to create a comprehensive picture of user behavior. This includes clicks, scroll movements and mouse movements. This information is used to generate heat maps that provide visual representations of the most frequently clicked and viewed areas of our website.

Microsoft Clarity also records individual user sessions, whereby personal information such as input or sensitive data is automatically made unrecognizable. These recordings enable us to better understand user navigation and potential problems.

The tool also collects technical information such as device type, browser version and screen resolution. The IP addresses of users are stored in abbreviated form to ensure anonymity.

Microsoft Clarity uses JavaScript code embedded in our website to collect data. This code sets cookies and uses the browser's local storage to store information and ensure the functionality of the tool. All relevant information about the cookies, including name, purpose of use and storage duration, is contained in our detailed list of cookies used.

The data collected by Microsoft Clarity is stored for a period of up to one year. At the end of this period or when you stop using the service, the data will be deleted, provided there are no statutory retention obligations.

Additional details can be found in the linked further information. We recommend that you check these links regularly for changes, as Microsoft may update the functionality and data processing of Clarity. Additional information on the rights of data subjects and the relevant contact details can be found in the general section of this privacy policy.

Newsletter - Dispatch Service Provider

The newsletters are sent by the listed dispatch service provider. The dispatch service provider is employed on the basis of a written data processing agreement with us in accordance with Art. 28 ff GDPR.

The dispatch service provider can use the recipient's data in pseudonymous form, i.e. without allocation to a user, to optimize or improve its own services, e.g. for the technical optimization of the dispatch and presentation of the newsletter or for statistical purposes. However, the dispatch service provider does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties.

Newsletter Registration

You can register for a newsletter on our website. The newsletter provides regular information about products, services, offers and promotions.

Consent to our newsletter is given in a so-called double opt-in procedure. After entering the e-mail address, a confirmation e-mail with an activation link is sent. Only after clicking on this link will the registration be completed and the e-mail address added to the mailing list. This procedure serves to ensure that only the owner of the specified e-mail address registers and that misuse by third parties is prevented. 

When registering for the newsletter, the data provided (e-mail address), the time of registration and confirmation, the IP address and changes to the data are logged. This logging serves exclusively to prove proper registration and to protect against misuse.

The newsletter is only sent on the basis of express consent. In addition, the newsletter may also be sent to existing customers if the email address was collected in connection with the purchase of goods or services. In this case, information on similar products and services will be sent by email without the need to register separately for the newsletter.

You can unsubscribe from the newsletter at any time. A corresponding unsubscribe link can be found in every newsletter. Alternatively, you can also unsubscribe by contacting us.

After unsubscribing, the e-mail address and the associated verification data will be stored for a limited period of time in order to be able to prove previously given consent or the existing customer relationship if necessary. The data will only be stored for as long as is necessary to fulfill legal obligations to provide evidence and documentation or to defend against possible claims. The data is then deleted or anonymized. The data will not be used for any other purpose.

Additional information on the rights of data subjects and the relevant contact details are listed in the general section of this privacy policy.

Newsletter Tracking

We would like to point out that we evaluate your user behavior when the newsletter is sent. For this evaluation, the emails sent contain so-called web beacons or tracking pixels, which we store. For the evaluations we link the mentioned data and the web beacons with your email address. Links received in the newsletter also contain these tracking IDs. The legal basis is Art. 6 paragraph 1 lit. f GDPR.

The information is stored for as long as you have subscribed to the newsletter. After unsubscribing, we only save the data purely statistically and anonymously.

Such tracking is not possible if you have deactivated the display of images by default in your email program. In this case, the newsletter will not be displayed in full and you may not be able to use all functions. If you display the images manually, the above-mentioned tracking takes place.

Pardot Marketing Automation System

On our website we use the Pardot Marketing Automation System ("Pardot MAS"), a special software for recording and evaluating the use of a website by website visitors of Pardot LLC, 950 E. Paces Ferry Rd. Suite 3300 Atlanta, GA 30326, USA ("Pardot").

When you visit this website, Pardot records your click path and creates an individual usage profile using a pseudonym. For this purpose, cookies are used which enable your browser to be recognized. If Pardot processes personal data, the processing takes place exclusively on our behalf and according to our instructions.

Further information on data protection can be found under: https://help.salesforce.com/articleView?id=pardot_basics_cookies.htm&type=5

Salesforce

On our website, the CRM system of the provider salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich ("salesforce") is used for the efficient processing of user queries. The address of the US parent company is: The Landmark @ One Market Street, Suite 300, San Francisco, CA 94105, USA.
Legal basis: Consent, Data Privacy Framework,
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000KzLyAAK&status=Active

salesforce uses user data only for the technical processing of inquiries and does not pass them on to third parties. In order to use salesforce, it is necessary to provide at least a correct e-mail address. A pseudonymous use is possible. In the course of processing service requests, it may be necessary to collect further data (name, address). 

We use this service for being able to answer user enquiries quickly and efficiently and possibly also to fulfil pre-contractual obligations. salesforce uses user data only for the technical processing of enquiries and does not pass them on to third parties. In order to use salesforce, it is necessary to provide at least a correct e-mail address. A pseudonymous use is possible. In the course of processing service requests, it may be necessary to collect further data (name, address).

The use of salesforce is of course voluntary. If you do not agree, we offer you alternative contact options for submitting inquiries by e-mail, telephone or post. 

For more information, please refer to salesforce's privacy policy: https://www.salesforce.com/de/company/privacy/. Salesforce is a certified licensee of the TRUSTe Privacy Seal.

SalesViewer

On our website, personal data is collected and stored with the SalesViewer® technology of SalesViewer® GmbH, Bongardstraße 29, 44787 Bochum, Germany ("SalesViewer") for marketing, market research and optimization purposes. In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally.

According to the provider, Salesviewer is 100% GDPR-compliant and has been tested for conformity and security in accordance with EU data protection law. See the following Privacy Compliance Statement: https://www.salesviewer.com/made-in-germany (German). For more information about Salesviewer's privacy policy, visit https://www.salesviewer.com/datenschutz?locale=en.

The data stored by Salesviewer will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them.

The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on https://www.salesviewer.com/opt-out in order to prevent SalesViewer from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.

Server Log Files

For technical reasons, particularly to ensure a functioning and secure website, we process the technically necessary data about accesses to our website in so-called server log files which your browser automatically sends to us. 

The access data we process includes:

• The name of the website you are accessing  
• The browser type (including version) you use
• The operating system you use
• The site you visited before  accessing our site (referrer URL)
• The time of your server request
• The amount of data transferred
• The host name of computer (IP address) you are using to access the site

This data cannot be traced back to any natural person and is used solely to perform statistical analyses and to operate and improve our website while also optimising our site and keeping it secure. This data is sent exclusively to our website operator. The data is neither connected nor aggregated with other data sources. In case of suspicion of unlawful use of our website, we reserve the right to examine the data retroactively. This data processing takes place on the legal grounds of our legitimate interest in maintaining a technically fault-free and optimal website.

The access data is deleted within a short period of time after serving its purpose (usually within a few days) unless further storage is required for evidence purposes. In such cases, the data is stored until the incident is definitively resolved.

Social Networks

We take the current discussion about data protection in social networks very seriously, as we ourselves operate appearances in social networks in order to inform the active users there about our range of services. The specific social media we use for this purpose are represented on our website by logos. In this regard, we would like to point out that, on the basis of current case law, we have a joint controllership within the meaning of Art 26 GDPR with the respective operator of the social network. We have taken the necessary precautions for this as far as the provider has made this possible for us. The primary responsibility according to GDPR for the processing of personal data in the respective social network lies with the respective provider of the social network. In the case of the assertion of rights of persons affected, we state that these are best asserted with the social networks themselves. We as operators do not make any decisions regarding the processing of data in the social network. Only the respective provider has access to the data of the users and can therefore only take direct measures. 

User data can be processed in social networks for advertising and market research purposes. Among other things, users can create their own user profiles based on their various interests. The user profiles can then be used, for example, to place targeted advertisements within and outside the social media. For these purposes, cookies are also used by the social medium in which the user behaviour and interests of the users are stored. Furthermore, these user profiles may also contain data on the users as members of the respective social media, provided that they are logged in to these.

For a detailed description of the respective processing operations and the possibilities for objection or revocation, please refer to the data protection declaration of the respective social network.

A selection of the most important providers of social media including additional information can be found here:

• Facebook

Provider: Anbieter: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland, Holding company: Meta Platforms, Inc. (USA)
Website: https://www.facebook.com
Additional information: https://www.facebook.com/legal/terms/information_about_page_insights_data
Joint Controllership: https://www.facebook.com/legal/terms/page_controller_addendum
Further privacy information:
https://www.facebook.com/about/privacy

Within the scope of this service, data transfer to the U.S. takes place or cannot be excluded. We would like to point out that as of July 10, 2023, the European Commission has issued an adequacy decision on the EU-US data privacy framework (Data Privacy Framework). Accordingly, organizations or companies (as data importers) in the U.S. that are registered in a public list under the self-certification option of the Data Privacy Framework provide an adequate level of protection for data transfers. Meta is certified under the Data Privacy Framework: https://www.dataprivacyframework.gov/list

• Xing

Provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Deutschland
Website: https://www.xing.de
Additional information: https://privacy.xing.com/en

• LinkedIn

Provider: LinkedIn Ireland, LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
Website: https://www.linkedin.com
Additional information: https://www.linkedin.com/legal/privacy-policy

Within the scope of this service, data transfer to the U.S. takes place or cannot be excluded. We would like to point out that as of July 10, 2023, the European Commission has issued an adequacy decision on the EU-US data privacy framework (Data Privacy Framework). Accordingly, organizations or companies (as data importers) in the U.S. that are registered in a public list under the self-certification option of the Data Privacy Framework provide an adequate level of protection for data transfers. LinkedIn is certified under the Data Privacy Framework: https://www.dataprivacyframework.gov/list

• Pinterest

Provider: Pinterest Inc., 635 High Street, Palo Alto, 94301 California, USA
Website: https://www.pinterest.com
Additional information: https://policy.pinterest.com/en-gb/privacy-policy

ATTENTION! Within the scope of this service, data transfer to the U.S. takes place or cannot be excluded. We would like to point out that as of July 10, 2023, the European Commission has issued an adequacy decision on the EU-US data privacy framework (Data Privacy Framework). Accordingly, organizations or companies (as data importers) in the U.S. that are registered in a public list under the self-certification option of the Data Privacy Framework provide an adequate level of protection for data transfers. Whether the specific provider of this service is already certified can be found here: https://www.dataprivacyframework.gov/list  

• X

Provider: X Corp., 1355 Market Street, Suite 900, San Francisco, 94301 California, USA
Website: https://www.twitter.com
Additional information: https://twitter.com/en/privacy

ATTENTION! Within the scope of this service, data transfer to the U.S. takes place or cannot be excluded. We would like to point out that as of July 10, 2023, the European Commission has issued an adequacy decision on the EU-US data privacy framework (Data Privacy Framework). Accordingly, organizations or companies (as data importers) in the U.S. that are registered in a public list under the self-certification option of the Data Privacy Framework provide an adequate level of protection for data transfers. Whether the specific provider of this service is already certified can be found here: https://www.dataprivacyframework.gov/list  

• YouTube: 

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Website: https://www.google.com
Additional information: https://policies.google.com/privacy?hl=en-GB

Within the scope of this service, data transfer to the U.S. takes place or cannot be excluded. We would like to point out that as of July 10, 2023, the European Commission has issued an adequacy decision on the EU-US data privacy framework (Data Privacy Framework). Accordingly, organizations or companies (as data importers) in the U.S. that are registered in a public list under the self-certification option of the Data Privacy Framework provide an adequate level of protection for data transfers. Google is certified under the Data Privacy Framework: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active

• Tik Tok: 

Provider: TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Irland – TikTok's mother company is based in China.
Website: https://www.tiktok.com
Additional informationen: https://www.tiktok.com/legal/page/eea/privacy-policy/en

ATTENTION! Within the scope of this service, data transfer to China takes place or cannot be excluded.

Whatchado:

Provider: whatchado GmbH, Möllwaldplatz 4/39, 1040 Wien, Österreich
Website:   https://www.whatchado.com
Additional information:   https://www.whatchado.com/en/about-us , https://www.whatchado.com/en/terms/users/

• kununu:

Provider: kununu GmbH, einer Tochter der XING SE, Dammtorstraße 30, 20354 Hamburg, Deutschland
Website: https://www.kununu.com/
Additional information: https://privacy.xing.com/en/privacy-policy

SSL Encryption

Within your visit to our website, we use the widespread SSL procedure (Secure Socket Layer) in conjunction with the highest level of encryption supported by your browser. You can tell whether an individual page of our website is transmitted in encrypted form by the closed representation of the key or lock symbol in the lower status bar of your browser. We use this encryption procedure on the basis of our justified interest in the use of suitable encryption techniques.

We also make use of suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments and kept state-of-the-art.

Survey Monkey

Provider: SurveyMonkey Europe UC, 2 Shelbourne Buildings, Second Floor, Shelbourne Road, Dublin 4, Ireland, parent company: SurveyMonkey Inc, 1 Curiosity Way, San Mateo, California 94403, USA
Purpose: Conducting surveys
Category: external service
Recipient country: EU, third country (USA)
Processed data: IP address, survey data
Data subjects: Survey participants
Technology: JavaScript call, cookies
Legal basis: Consent (voluntary participation), EU-US Privacy Framework, UK Extension, Swiss-US Data Privacy Framework (via Momentive Inc.)
Website: https://www.surveymonkey.com/
Further information:
https://de.surveymonkey.com/mp/legal/privacy/

Surveys are conducted from time to time via our website and users are asked to participate voluntarily. We use the online survey tool SurveyMonkey to conduct the survey. 

In order to participate in the survey, data is collected from participants and used by us for the purpose of improving customer service, designing new and improving existing products, complying with legal obligations (social responsibility), etc.

We would like to expressly point out that SurveyMonkey reserves the right to collect, process, use and forward information and evaluations for its own purposes. SurveyMonkey also reserves the right to transfer this information to third parties, possibly also to the US.

By participating in a survey, the user agrees to the above-mentioned data processing and that the data entered in the survey will be stored on SurveyMonkey's servers.

Targeting with Google Analytics

We use Google Analytics on this website to display ads placed by Google and its partners only to users who have shown an interest in our online services or who have specific characteristics or interests that we share with Google. We also use remarketing audiences to ensure that our ads match users' potential interests. In addition, the explanations are given under Google Analytics also apply.

Webcare

Provider: DataReporter GmbH, Zeileisstraße 6, 4600 Wels, Austria.
Purpose: Consent Management
Category: technically required
Recipient: EU, AT
Data processed: IP Address, Consent Data
Data subjects: Users
Technology: JavaScript call, Cookies, Swarmcrawler
Legal basis: Legitimate interest, consent (swarmcrawler to evaluate search results)
Website: https://www.datareporter.eu/
Further information: https://www.datareporter.eu/company/info

On our website, we use the Webcare tool for consent management. Webcare records and stores the decision of each user of our website. Our Consent Banner ensures that statistical and marketing technologies such as cookies or external tools are only set or started if the user has expressly consented to their use.

We store information on the extent to which the user has confirmed the use of cookies. The user's decision can be revoked at any time by accessing the cookie setting and managing the declaration of consent. Existing cookies are deleted after revocation of consent. For the storage of information about the status of the consent of the user, a cookie is also set, which is referred to in the cookie details. Furthermore, the IP address of the respective user(s) is transmitted to DataReporter's servers when this service is called up. The IP address is neither stored nor associated with any other data of the user, it is only used for the correct execution of the service.

With the help of Webcare, our website is regularly checked for technologies relevant to data protection. This investigation is only carried out for those users who have expressly given their consent (for statistical or marketing purposes). The search results of the users are evaluated by Webcare in an anonymous form and only in relation to technologies and used for the fulfillment of our information obligations. To start the Swarmcrawler technology, a request is sent to our servers and the IP address of the user is transmitted for the purpose of data transfer. Servers are selected which are geographically close to the respective location of the user. It can be assumed that for users within the EU, a server with a location within the EU will also be selected. The IP address of the user is not stored and is removed immediately after the end of the communication.

Webcare Statistics

The WebCare statistics function enables us to anonymously record the interactions of the users of our website with our Consent Banner. The statistics only record whether the Consent Banner was opened and which actions were carried out (purposes of consent, revocation). Only statistical data and no activities related to the specific user are stored. The visitor's IP address is only used for the purpose of the connection and is completely deleted after the connection is terminated.

The use of the WebCare statistics function is based on our legitimate interest in reviewing the performance of our Consent Banner and the related accessibility of our online offer.

The statistical data is stored for 30 days, older data is automatically deleted.

You can find more information about this function in the provider's help section at: https://help.datareporter.eu/docs/webcare/webcare_consent_statistic/

Further information on data protection can be found at: https://www.datareporter.eu/company/info

X Channel (formely Twitter Channel)

We use the technical platform and services of X Corp, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA for our short messaging service.

We would like to point out that you use our X short messaging service and its functions at your own risk. This applies in particular to the use of the interactive functions (e.g. sharing, rating).  Alternatively, you can also access the information offered there on our website.

The data collected about you when you use the service is processed by X and may be transferred to countries outside the European Union. This includes your IP address, the application used, information on the device you are using (including device ID and application ID), information on websites accessed, your location and your mobile phone provider.
This data is assigned to the data of your X account or your X profile.

We have no influence on the type and scope of the data processed by X, the type of processing and use or the disclosure of this data to third parties. Information about which data is processed by X and for what purposes it is used can be found in X's privacy policy,
can be found in X's privacy policy ( https://x.com/privacy) as well as the option to view your own data at X ( https://help.x.com/de/managing-your-account/accessing-your-x-data).

You also have the option of requesting information via the X data protection form or the archive requests:
https://support.x.com/forms/privacy
https://help.x.com/de/managing-your-account/how-to-download-your-x-archive

As the provider of the information service, we do not collect or process any other data from your use of our short messaging service.

You have the option of restricting the processing of your data in the general settings of your X account and under “Data protection and security”. On mobile devices (smartphones, tablet computers), you can also restrict X's access to contact and calendar data, photos, location data, etc. in the settings options there. However, this depends on the operating system used. 

Further information on these points can be found on the following X support pages:
https://support.x.com/articles/105576#

YouTube

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC (USA)
Purpose: Integration of Video Content, Collection of Statistical Data
Category: Statistics
Recipients: EU, USA
Data processed: IP Address, Website Visit Details, User Data
Data subjects: Users
Technology: JavaScript Call, Cookies, Device Fingerprinting, Local Storage
Legal basis: Consent, Data Privacy Framework, https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
Website: https://www.youtube.com
Further information: https://www.youtube.com/intl/ALL_at/howyoutubeworks/user-settings/privacy/
https://policies.google.com/privacy
https://safety.google/intl/en/principles/
https://support.google.com/youtube/answer/10364219?hl=en

On our website, we use the YouTube service to embed videos.

We have activated the extended data protection mode on YouTube. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch a video. However, the disclosure of data to YouTube partners is not excluded by the extended data protection mode.

As soon as you start a YouTube video, a connection to YouTube's servers is established. This tells YouTube which of our pages you have visited. If you are logged into your YouTube account, you thereby enable YouTube to assign your surfing behaviour directly to your personal profile. This can be prevented by logging out of your account.

Furthermore, YouTube can save various cookies on your end device after starting a video or use comparable technologies (e.g. device fingerprinting). YouTube also uses the local storage on your end device. In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve the user experience and prevent fraud attempts

Youtube Channel

We operate a YouTube channel of the provider Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. 

Within the scope of this service, data transfer to the U.S. takes place or cannot be excluded. We would like to point out that as of July 10, 2023, the European Commission has issued an adequacy decision on the EU-US data privacy framework (Data Privacy Framework). Accordingly, organizations or companies (as data importers) in the U.S. that are registered in a public list under the self-certification option of the Data Privacy Framework provide an adequate level of protection for data transfers. Google is certified under the Data Privacy Framework: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active

We would like to point out that you use our YouTube channel and its functions on your own responsibility. This applies in particular to the possibility of discussion with other users. 

We have no influence or control over the type and scope of the data processed by Google, as well as the way in which this data is processed and used or passed on to third parties. By using Google, your personal data will be collected, transferred, stored, disclosed and used by Google and transferred to, and stored and used in, the United States, Ireland and any other country in which Google does business, regardless of your country of residence. There is a transfer to Google-affiliated companies as well as to other trustworthy companies or persons who process them on behalf of Google. 

Google processes your voluntarily entered data such as name and user name, email address and telephone number. Google also processes the content that you create, upload or receive from others when using the services. This includes, for example, photos and videos that you save, documents and spreadsheets that you create, and comments that you write on YouTube videos. Google also evaluates the content you share to determine what topics you are interested in, stores and processes messages you send directly to other users, and may use GPS data, wireless network information or your IP address to determine your location in order to serve you advertising or other content. For analysis, Google may use analytics tools such as Google Analytics. If tools of this kind are used by Google for our YouTube channel, we have neither commissioned this nor otherwise supported it in any way. 

Finally, Google also receives information when you view content, for example, even if you have not created an account. This log information may include your IP address, browser type, operating system, information about the website you visited previously and the pages you viewed, your location, your mobile service provider, the device you are using (including device ID and application ID), the search terms you used and cookie information. 

You have options to limit the processing of your data in the general settings of your Google account. In addition to these tools, Google also offers specific privacy settings for YouTube. 

For more information on using a YouTube channel, please see Google's Privacy Statement for Google products at https://policies.google.com/technologies/product-privacy

For more general information on data protection, please refer to Google's privacy policy at https://policies.google.com/privacy

Yumpu

Our website uses the service Yumpu to display our online publications (catalogues, magazines, flyers, etc.). The provider of Yumpu is i-magazine AG, Gewerbestrasse 3, 9444 Diepoldsau, Switzerland ("Yumpu").

Switzerland is a third country approved by the EU Commission, in which personal data enjoy an adequate level of protection comparable to European data protection law.

When you access an online publication, a connection is established to the servers of Yumpu. In the process, the IP address is transmitted to Yumpu's servers and they are also informed which of our pages you have visited. For this purpose, information about the time and duration of use is also stored. Without the transmission of the IP address, the contents of an online publication could not be sent to the respective browser and displayed properly for the user. In the course of use, cookies are set on the part of Yumpu. According to our information, Yumpu uses data exclusively for the purpose of displaying an online publication.

Yumpu serves to be able to present the contents of our website, in particular of online publications (catalogues, magazines, flyers, etc.), in a uniform and appealing manner. In any case, this constitutes a legitimate interest pursuant to Art 6 paragraph 1 lit f GDPR.

Further information on Yumpu can be found in the data protection declaration of i-magazine AG at https://www.yumpu.com/en/info/privacy_policy

General information on data protection

The following provisions in its principles apply not only to the data collection on our website, but also in general to other processing of personal data.

Personal data

Personal data is information that can be assigned to you individually. Examples include your address, your name as well as your postal address, email address or telephone number. Information such as the number of users who visit a website is not personal data because it is not assigned to a person.

Legal basis for the processing of personal data

Unless more specific information is provided in this Privacy Policy (e.g. in the case of the technologies used), we may process personal data from you on the basis of the following legal principles:

• consent in accordance with Art. 6 paragraph 1 lit. a of the GDPR- The data subject has given his or her consent to the processing of his or her personal data for one or more specific purposes.
• Fulfillment of a contract and pre-contractual measures pursuant to Art. 6 paragraph 1 lit. b of the GDPR- Processing is necessary for the fulfillment of a contract to which the data subject is a party or for the implementation of pre-contractual measures.
• Legal obligation pursuant to Art. 6 paragraph 1 lit. c of the GDPR- Processing is necessary for the performance of a legal obligation.
• Protection of vital interests pursuant to Art. 6 paragraph 1 lit. d of the GDPR- Processing is necessary to protect the vital interests of the data subject or of another natural person.
• Reasonable interests pursuant to Art. 6 paragraph 1 lit. f of the GDPR- The processing is necessary to protect the legitimate interests of the controller or of a third party unless the interests or fundamental rights and freedoms of the data subject prevail.

Please note that in addition to the provisions of the GDPR, national data protection regulations may apply in your or our home country.

Transfer of personal data

Your personal data will not be transferred to third parties for purposes other than those listed in this Privacy Policy.

We will only transfer your personal data to third parties if:

• you have given your express consentin accordance with Art. 6 paragraph 1 lit. a of the GDPR,
• the transfer pursuant to Art. 6 paragraph 1 lit. f of the GDPRis necessary to safeguard reasonable interests,as well as to assert, exercise or defend legal claims and there is no reason to assume that you have a prevailing interest worthy of protection by not disclosing your data,
• there is a legal obligationto transfer the data in accordance with Art. 6 paragraph 1 lit. c of the GDPR,as well as this is legally permissible and / or
• it is required according to Art. 6 paragraph 1 lit. b of the GDPRfor the processing of contractual relationshipswith you.

Cooperation with processors

We carefully select our service providers who process personal data on our behalf. If we commission third parties to process personal data on the basis of a data processing agreement, this is done in accordance with Art. 28 of the GDPR.

Transfer to third countries

If we process data to a third country or if this is done in the context of using the services of third parties or disclosure or transfer of data to other persons or companies, this is only done on the legal basis described above for the transfer of data.

Subject to express consent or contractual necessity, we process or allow data to be processed only in third countries  in accordance with Art. 44 - 49 of the GDPRwith a recognized level of data protection or on the basis of special guarantees, such as contractual obligations through so-called standard contractual clauses of the EU Commission, the existence of certifications or binding corporate rules.

Data transfer to the U.S.

We would like to explicitly point out that as of July 10, 2023, the EU Commission has issued an adequacy decision on the EU-US data protection framework (Data Privacy Framework) pursuant to Art. 45 paragraph 1 GDPR. Accordingly, organizations or companies (as data importers) in the US that are registered in a public list as part of the self-certification of the Data Privacy Framework provide an adequate level of protection for data transfers. Whether the specific provider of a service is already certified can be found here: https://www.dataprivacyframework.gov/s/participant-search

The Data Privacy Framework provides a valid legal basis for the transfer of personal data to the USA. This creates binding guarantees to comply with all ECJ requirements; for example, it provides that access by U.S. intelligence services to EU data is limited to a necessary and proportionate level and that a data protection review court is created to which individuals in the EU also have access.

If a transfer of data by us to the US takes place at all or if a service provider based in the US is used by us, we refer to this explicitly in this Privacy Policy (see in particular the description of the technologies used on our website).

It should be noted that aside from significant improvements, the Data Privacy Framework is only partial and only applies to data transfers to those data importers in the U.S. that appear on the public list of certified organizations/companies.

What can the transfer of personal data to the US mean for you as a user and what risks are involved?

Risks for you as a user as far as data importers in the USA are concerned, which are not covered by the Data Privacy Framework, are in any case the powers of the US secret services and the legal situation in the U.S., which currently, according to the European Court of Justice, no longer ensure an adequate level of data protection. Among others, these are the following:

• Section 702 of the Foreign Intelligence Surveillance Act (FISA) does not provide for any restrictions on the surveillance measures of the secret services or guarantees for non-US citizens.
• Presidential Policy Directive 28 (PPD-28) does not provide effective remedies for those affected against actions by U.S. authorities and does not provide barriers to ensuring proportionate measures.
• The ombudsman provided for in the Privacy Shield does not have sufficient independence from the executive; he cannot issue binding orders to the U.S. secret services.

Legally compliant transfer of data to the U.S. on the basis of the standard contractual clauses for data importers not covered by the Data Privacy Framework?

In June 2021, the European Commission adopted new Standard Contractual Clauses (SCC) in Decision 2021/914/EU. These create a new legal basis for data transfers where the level of data protection is not the same as in the EU.

Legally compliant transfer of data to the U.S. based on consent?

If a data transfer to a service provider based in the U.S. takes place that is not covered by the Data Privacy Framework and this data transfer is based on explicit consent, we provide explicit information about this in this privacy policy, in particular in the description of the technologies used on our website.

What measures do we take to ensure that data transfers to the U.S. are legally compliant?

Where US providers offer the option, we choose to process data on EU servers. This should technically ensure that the data is located within the European Union and that access by US authorities is not possible.

Storage periods in general

If no explicit storage period is specified during the collection of data (e.g. in the context of a declaration of consent), we are obliged to delete personal data in accordance with Art. 5 paragraph 1 lit. e of the GDPRas soon as the purpose for processing has been fulfilled. In this context, we would like to point out that legal storage obligations represent a legitimate purpose for the further processing of affected personal data.

Personal data will be stored and retained by us in principle until the termination of a business relationship or until the expiry of any applicable guarantee, warranty or limitation periods, in addition, until the end of any legal disputes in which the data is required as evidence, or in any event until the expiry of the third year following the last contact with a business partner.

Storage periods in particular

As part of the description of individual technologies on our website, there are specific references to the storage period of data. In our cookie table, you will be informed about the storage period of individual cookies. In addition, you always have the possibility to ask us directly about the specific storage period of data. To do so, please use the contact data listed in this Privacy Policy.

Rights of data subjects

Data subject have the right:

• (i) in accordance with Art. 15 of the GDPR, to request informationabout your personal data processed by us. In particular, you may request information on the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned duration of storage, the existence of a right of rectification, deletion, restriction of processing or opposition, the existence of a right of appeal, the origin of your data, if not collected by us, as well as the existence of automated decision making including profiling and, where applicable, meaningful information on the details thereof;
• (ii) in accordance with Art. 16 of the GDPR,to demand without delay the correctionof incorrect or incomplete personal data stored by us;
• (iii) in accordance with Art. 17 of the GDPR, under specific circumstances to demand the deletionof your personal data stored with us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
• (iv) in accordance with Art. 18 of the GDPR,to demand the (temporary) restriction of the processingof your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer require the data, but you require it for the assertion, exercise or defense of legal claims or you have lodged an objection to the processing in accordance with Art. 21 of the GDPR;
• (v) in accordance with Art. 20 of the GDPR,to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller; However, this only covers those of your personal data that we process with the help of automated processes after your consent or on the basis of a contract with you;
• (vi) in accordance with Art. 21 of the GDPR,if your personal data are processed on the basis of our legitimate interest, to objectto the processing of your personal data for reasons arising from your specific situation or if the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without indicating a specific situation.
• (vii) in accordance with Art. 7 paragraph 3 of the GDPR,you may at any time revoke your consentto us. As a result, we may no longer continue the data processing based on this consent in the future. Among other things, you have the option of revoking your consent to the use of cookies on our website with effect for the future by calling up our Cookie Settings.
• (viii) in accordance with Art. 77 of the GDPRto complainto a data protection authority regarding the illegal processing of your data by us. As a rule, you can contact the data protection authority at your usual place of residence or workplace or at the headquarters of our company.

The responsible data protection authority for ENGEL AUSTRIA GmbH is:

Österreichische Datenschutzbehörde
Barichgasse 40-42, 1030 Wien, Österreich
Tel.: +43 1 52 152-0, dsb@dsb.gv.at

Assertion of rights of data subjects

You yourself decide on the use of your personal data. Should you therefore wish to exercise one of your above-mentioned rights towards us, you are welcome to contact us by email at dataprotection@engel.at or by post, as well as by telephone.

Please assist us in specifying your request by answering questions from our responsible employees regarding the specific processing of your personal data. If there are reasonable doubts about your identity, we may request a copy of your identification.

For questions regarding data protection, you can reach us at dataprotection@engel.at or at the other contact details stated in this Privacy Policy.

Schwertberg, on   29. September 2025

Download as PDF

About cookies

Cookies are small data packages that are exchanged between your browser and our web server. Cookies can only store information provided by your browser.

Depending on the intended use, cookies are either technically necessary or are used for statistical or marketing purposes. The use of technically required cookies is based on our legitimate interest in the technically correct operation and smooth functionality of our website. The use of statistics and marketing cookies requires your consent. This is voluntary and can be revoked at any time for the future by calling up our cookie settings.

You can also set your browser to generally prevent the storage of cookies. Once cookies have been set, you can delete them at any time. How all this works in details can be found in the help function of your browser. Please note that a general deactivation of cookies may lead to functional restrictions on our website.

You can find more detailed information on what data is stored in cookies, for what purposes they are used and for how long data is stored in our data protection declaration and in our cookie banner.

Required

Technically necessary cookies are used to enable the technical operation of a website and make it functional for you. The use is based on our legitimate interest to provide a technically flawless website. However, you can generally disable the use of cookies in your browser. 

Surname	Purpose	Creator	Storage time	Domain
__ctmid	ensures the functionality and usability of the page and is used to track errors.	Fraud Detection	Session	www.wintec-machines.com
_GRECAPTCHA	ensures the functionality and usability of the page and is used to track errors.	Google	6 months	www.wintec-machines.com
actionBox-(ID)	ensures the functionality and usability of the page and is used to track errors.		Session	www.wintec-machines.com
chosenCountry	save settings and preferences of the user such as the current language setting.		Session	www.wintec-machines.com
chosenLanguage	save settings and preferences of the user such as the current language setting.		Session	www.wintec-machines.com
cookieconsent_mode	contains the information to what extent the user has confirmed the use of cookies.	DataReporter GmbH	12 months	www.wintec-machines.com
cookieconsent_status	contains the information to what extent the user has confirmed the use of cookies.	DataReporter GmbH	12 months	www.wintec-machines.com
li_adsId	ensures the functionality and usability of the page and is used to track errors.		Session	www.wintec-machines.com
searchtoken	ensures the functionality and usability of the page and is used to track errors.		Session	www.wintec-machines.com
serviceContact	ensures the functionality and usability of the page and is used to track errors.		Session	www.wintec-machines.com

Statistics

Statistics cookies collect information about how websites are used to improve their attractiveness, content and functionality. A use takes place only with your consent and only as long as you have not deactivated the respective cookie.

Surname	Purpose	Creator	Storage time	Domain
_clsk	Contains information to help distinguish users from the page. Gathers data about user visits, such as which pages are relevant.	Microsoft	Session	www.wintec-machines.com
_ga	Contains information to help distinguish users from the page. Gathers data about user visits, such as which pages are relevant.	Google	1 year	www.wintec-machines.com
_ga_(GA4-ID)	Contains information to help distinguish users from the page. Gathers data about user visits, such as which pages are relevant.	Google	Session	www.wintec-machines.com

Marketing

Marketing cookies come from external advertising companies and are used to collect information about the websites visited by the user. A use takes place only with your consent and only as long as you have not deactivated the respective cookie.

Surname	Purpose	Creator	Storage time	Domain
_clck	registers a unique ID that identifies and recognizes the user. Used for targeted advertising.	Microsoft	Session	www.wintec-machines.com
_fbc	registers a unique ID that identifies and recognizes the user. Used for targeted advertising.	Facebook	Session	www.wintec-machines.com
_fbp	registers a unique ID that identifies and recognizes the user. Used for targeted advertising.	Facebook	3 months	www.wintec-machines.com
_gcl_au	registers a unique ID that identifies and recognizes the user. Used for targeted advertising.	Google	3 months	www.wintec-machines.com
_gcl_aw	registers a unique ID that identifies and recognizes the user. Used for targeted advertising.	Google	Session	www.wintec-machines.com
_gcl_gs	registers a unique ID that identifies and recognizes the user. Used for targeted advertising.	Google	Session	www.wintec-machines.com
bcookie	registers a unique ID that identifies and recognizes the user. Used for targeted advertising.	LinkedIn	12 months	linkedin.com
IDE	registers a unique ID that identifies and recognizes the user. Used for targeted advertising.	Google	1 year	doubleclick.net
li_gc	registers a unique ID that identifies and recognizes the user. Used for targeted advertising.	LinkedIn	6 months	linkedin.com
lidc	registers a unique ID that identifies and recognizes the user. Used for targeted advertising.	LinkedIn	1 day	linkedin.com
NID	registers a unique ID that identifies and recognizes the user. Used for targeted advertising.	Google		www.google.com
test_cookie	registers a unique ID that identifies and recognizes the user. Used for targeted advertising.	Google	16 minutes	doubleclick.net