Privacy Policy


Below we inform you about the processing of your personal data in connection with your use of our online offering.


Controller

COM.Create GmbH

Körberheide 101
48157 Münster

Phone: +49 (0) 251 59 06 45 72
Email: hello@com-create.com


Contact Person

For any questions regarding data protection, please use the contact details provided above.


Retention Period

We generally delete your personal data when it is no longer necessary for the purposes for which it was collected or otherwise processed.

If we have requested your consent and you have given it, we will delete your personal data if you revoke your consent and no other legal basis for processing exists.

We delete your personal data if you object to the processing and there are no overriding legitimate grounds for processing, or if you object to processing for the purpose of direct marketing or profiling related thereto.

If deletion is not possible because processing is still required to fulfill a legal obligation (such as statutory retention periods) or for the assertion, exercise, or defense of legal claims, we will restrict the processing of your personal data.

Further information regarding the retention period can also be found in the following sections.


Your Rights

You have the following rights with respect to your personal data:
- Right of access
- Right to rectification
- Right to erasure
- Right to restriction of processing
- Right to object to processing
- Right to data portability

You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data based on Article 6(1)(e) or (f) of the GDPR; this also applies to profiling based on these provisions. We will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims.
If we process your personal data for direct marketing purposes, you have the right to object at any time to such processing; this also applies to profiling insofar as it is related to such direct marketing. In that case, we will no longer process your personal data for these purposes.

You have the right to withdraw any consent to the processing of your personal data at any time, should you have given us such consent. The lawfulness of processing based on your consent prior to its withdrawal shall remain unaffected.

You have the right to lodge a complaint with a supervisory authority regarding our processing of your personal data.


Provision of Your Personal Data

The provision of your personal data is generally neither required by law nor by contract and is not necessary for the conclusion of a contract. You are not obliged to provide your personal data. In cases where it is required, we will inform you separately at the time of collection (for example, by marking the mandatory fields in input forms).

Failure to provide your personal data will generally result in us being unable to process your personal data for one of the purposes described below, and you will not be able to take advantage of an offer related to that processing (for example, without providing your email address you will not receive our newsletter).


Web Hosting

For web hosting, we use external services. These services may have access to personal data that is processed as part of your use of our online offering. Further information about the services we use, the scope of data processing, and the technologies and procedures employed by the respective services can be found in the additional information provided at the end of this section and via the links provided there.

Google Cloud
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://cloud.google.com/
Further information & data protection: https://policies.google.com/?hl=de
The transfer of personal data to third countries is carried out depending on the respective Google service and under the applicable EU Standard Contractual Clauses, insofar as these are offered by Google. Further information on this and on Google's responsibilities can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses is available there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.

Webflow
Provider: Webflow, Inc., United States of America.
Website: https://webflow.com/hosting
Further information & data protection: https://webflow.com/legal/privacy and https://webflow.com/legal/eu-privacy-policy
Assurance: EU Standard Contractual Clauses. A copy of the EU Standard Contractual Clauses can be requested from us. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.


Web Server Log Files

We process your personal data in order to display our online offering to you and to ensure the stability and security of our online offering. In doing so, information (for example, the requested element, accessed URL, operating system, date and time of the request, browser type and version, IP address, protocol used, data volume transferred, user agent, referrer URL, time difference to Greenwich Mean Time (GMT) and/or HTTP status code) is stored in so-called log files (access logs, error logs, etc.).

If we have requested your consent and you have given it, the legal basis for the processing is Article 6(1)(a) of the GDPR. If we have not requested your consent, the legal basis for the processing is Article 6(1)(f) of the GDPR. Our legitimate interest is to display our online offering properly and to ensure its stability and security.


Security

For security reasons and to protect the transmission of your personal data and other confidential content, we employ encryption on our domain. You can recognize this by the “https://” string and the padlock symbol in the browser’s address bar.


Contact

If you contact us, we process your personal data in order to handle your inquiry.

If we have requested your consent and you have granted it, the legal basis for the processing is Article 6(1)(a) of the GDPR. If we have not requested your consent, the legal basis for the processing is Article 6(1)(f) of the GDPR. Our legitimate interest in this case is the processing of your inquiry. If the processing is necessary for the performance of a contract with you or for the implementation of pre-contractual measures based on your request, the legal basis for the processing is also Article 6(1)(b) of the GDPR.

To provide and maintain our email inboxes, we use external services. These services may have access to personal data that is processed in the context of your contact with us. Further information regarding the services used, the scope of data processing, and the technologies and procedures employed by the respective services can be found in the following additional information about the services we use and via the links provided there.

Gmail
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://www.google.com/intl/de/gmail/about/
Further information & Data Protection: https://policies.google.com/?hl=de
The transfer of personal data to third countries is carried out depending on the respective Google service and subject to the applicable EU Standard Contractual Clauses, insofar as these are offered by Google. Further information on this and on Google’s responsibilities can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses is available for review there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.

To support the processing of your inquiry, we use support systems (appointment booking systems, live chats, ticket systems, or helpdesks, etc.) and employ external services for this purpose. These services may have access to personal data that is processed in the context of your contact with us via a support system. Further information regarding the services used, the scope of data processing, and the technologies and procedures employed by the respective services can be found in the following additional information about the services we use and via the links provided there.

Calendly
Provider: Calendly, LLC, United States of America.
Website: https://calendly.com/de
Further information & Data Protection: https://calendly.com/privacy, https://calendly.com/security and https://help.calendly.com/hc/de/articles/360007032633

Assurance: EU Standard Contractual Clauses. A copy of the EU Standard Contractual Clauses can be requested from us. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.


Cookies & Similar Technologies

Cookies are used. Cookies are text information that is stored on your device. A distinction is made between session cookies, which are deleted immediately after you close your browser, and persistent cookies, which are deleted only after a certain period of time.

In addition to cookies, similar technologies (tracking pixels, web beacons, etc.) may also be used. The following explanations regarding cookies also apply to similar technologies. Likewise, these explanations apply to further processing related to cookies and similar technologies (such as analysis & marketing). This also applies in particular to any consent you may have given for the use of cookies. Such consent also extends to other technologies and to further processing related to cookies and similar technologies.

Cookies can serve to enable the use of certain functions. They can also be used to measure the reach of our online offering, to tailor it according to demand and interests, and thereby optimize our online offering and our marketing. Cookies may be employed by us and by external service providers.

We use a consent tool to manage the cookies used and the related consents. You can find details about the cookies employed (purpose, retention period, any external service, etc.) and about the consent tool in the following sections and within the consent tool we use.

If we have requested your consent and you have provided it, the legal basis for the processing is Article 6(1)(a) of the GDPR. If we have not requested your consent, the legal basis for the processing is Article 6(1)(f) of the GDPR. Our legitimate interest is the management of the cookies used and the related consents. Depending on the purpose of the processing, our legitimate interests can be derived from the following sections.

You can prevent the storage of cookies by adjusting your browser settings. Below, we provide links for common browsers where you can find further information on managing cookie settings:
- Firefox: https://support.mozilla.org/de/kb/verbesserter-schutz-aktivitatenverfolgung-desktop
- Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en
- Internet Explorer / Edge: https://support.microsoft.com/de-de/windows/l%C3%B6schen-und-verwalten-von-cookies-168dab11-0753-043d-7c16-ede5947fc64d
- Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac
- Opera: https://help.opera.com/de/latest/web-preferences/#cookies
- Yandex: https://browser.yandex.com/help/personal-data-protection/cookies.html

You can find further options to object at the following links: https://www.youronlinechoices.eu/, https://youradchoices.ca/en/tools, https://optout.aboutads.info/?c=2&lang=EN, and https://optout.networkadvertising.org/?c=1.

If you prevent the storage of cookies, this may impair the proper functioning of our online offering. If you delete all cookies, the aforementioned settings will also be lost and will need to be re-established.

Furthermore, you can activate the “Do Not Track” function in your browser to signal that you do not wish to be tracked. Below, we provide links for common browsers where you can find further information on the “Do Not Track” setting:
- Firefox: https://support.mozilla.org/de/kb/wie-verhindere-ich-dass-websites-mich-verfolgen
- Chrome: https://support.google.com/chrome/answer/2790761?co=GENIE.Platform%3DDesktop&hl=de
- Internet Explorer / Edge: https://support.microsoft.com/de-de/windows/verwenden-von-do-not-track-in-internet-explorer-11-ad61fa73-d533-ce96-3f64-2aa3a332e792
- Opera: https://help.opera.com/de/latest/security-and-privacy/
- Safari no longer supports the “Do Not Track” function as of February 2019. You can prevent cross-site tracking in Safari using the following link: https://support.apple.com/de-de/guide/safari/sfri40732/12.0/mac
- Yandex: https://yandex.com/support/browser/personal-data-protection/ytp.html

You can also revoke or manage your consent regarding the cookies used in the consent tool we employ.


Analytics & Marketing

We process your personal data in order to measure the reach of our online offering, to tailor it according to demand and interests, and thereby optimize our online offering and our marketing.

If we have requested your consent and you have given it, the legal basis for processing is Article 6(1)(a) of the GDPR. If we have not requested your consent, the legal basis for processing is Article 6(1)(f) of the GDPR. Our legitimate interest in this case is the optimization of our online offering and our marketing.

For analytics and marketing, we use external services. In doing so, profiling (for purposes of advertising, personalized information, etc.) may also occur. Profiling may take place across different services and devices. Further information regarding the services we use, the scope of data processing, and the technologies and procedures employed by the respective services—as well as whether profiling takes place when using the respective services, and, where applicable, information about the underlying logic, the scope, and the intended effects of such processing for you—can be found in the additional information about the services we use at the end of this section and via the links provided there.

Further information on cookies & similar technologies can be found above.

Google Ads Conversion Tracking
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://support.google.com/google-ads/answer/1722022?hl=de
Further information & data protection: https://policies.google.com/?hl=de
The transfer of personal data to third countries is carried out depending on the respective Google service and subject to the applicable EU Standard Contractual Clauses, insofar as these are offered by Google. Further information on this and on Google’s responsibilities can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses can be viewed there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.

Google Ads Enhanced Conversions
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://support.google.com/google-ads/answer/9888656?hl=de
Further information & data protection: https://policies.google.com/?hl=de
The transfer of personal data to third countries is carried out depending on the respective Google service and subject to the applicable EU Standard Contractual Clauses, insofar as these are offered by Google. Further information on this and on Google’s responsibilities can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses can be viewed there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.

Google Analytics
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://marketingplatform.google.com/intl/de/about/analytics/
Further information & data protection: https://support.google.com/analytics/answer/6004245?hl=de and https://policies.google.com/?hl=de
The transfer of personal data to third countries is carried out depending on the respective Google service and subject to the applicable EU Standard Contractual Clauses, insofar as these are offered by Google. Further information on this and on Google’s responsibilities can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses can be viewed there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.

Google Analytics 4
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://support.google.com/analytics/answer/10089681?hl=de
Further information & data protection: https://support.google.com/analytics/answer/6004245?hl=de and https://policies.google.com/?hl=de
The transfer of personal data to third countries is carried out depending on the respective Google service and subject to the applicable EU Standard Contractual Clauses, insofar as these are offered by Google. Further information on this and on Google’s responsibilities can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses can be viewed there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.

Google Remarketing
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://support.google.com/google-ads/answer/2453998
Further information & data protection: https://policies.google.com/?hl=de
The transfer of personal data to third countries is carried out depending on the respective Google service and subject to the applicable EU Standard Contractual Clauses, insofar as these are offered by Google. Further information on this and on Google's responsibilities can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses can be viewed there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.

Google Tag Manager
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://support.google.com/tagmanager/answer/6102821?hl=de
Further information & data protection: https://policies.google.com/?hl=de
The transfer of personal data to third countries is carried out depending on the respective Google service and subject to the applicable EU Standard Contractual Clauses, insofar as these are offered by Google. Further information on this and on Google's responsibilities can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses can be viewed there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.

LinkedIn Conversion Tracking
Provider: If you are located in the EU, the European Economic Area (EEA), or Switzerland, this service is provided by LinkedIn Ireland Unlimited Company, Ireland. If you are located outside the EU, the European Economic Area (EEA), or Switzerland, this service is provided by LinkedIn Corporation, United States of America.
Website: https://business.linkedin.com/de-de/marketing-solutions/conversion-tracking
Further information & data protection: https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy and https://de.linkedin.com/legal/cookie-policy?trk=homepage-basic_footer-cookie-policy
Assurance: EU Standard Contractual Clauses. A copy of the EU Standard Contractual Clauses can be requested from us.

LinkedIn Insight Tag
Provider: If you are located in the EU, the European Economic Area (EEA), or Switzerland, this service is provided by LinkedIn Ireland Unlimited Company, Ireland. If you are located outside the EU, the European Economic Area (EEA), or Switzerland, this service is provided by LinkedIn Corporation, United States of America.
Website: https://business.linkedin.com/de-de/marketing-solutions/insight-tag
Further information & data protection: https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy and https://de.linkedin.com/legal/cookie-policy?trk=homepage-basic_footer-cookie-policy
Assurance: EU Standard Contractual Clauses. A copy of the EU Standard Contractual Clauses can be requested from us.

Microsoft Advertising
Provider: Microsoft Ireland Operations Limited, Ireland. Microsoft Ireland Operations Limited is a subsidiary of Microsoft Corporation, United States of America.
Website: https://about.ads.microsoft.com/de-de
Further information & data protection: https://privacy.microsoft.com/de-de/ and https://www.microsoft.com/de-de/trust-center/privacy
Assurance: EU Standard Contractual Clauses. A copy of the EU Standard Contractual Clauses can be requested from us. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.


Social Media Presences

We maintain social media presences on external services in order to communicate with users and thereby optimize our online offering and our marketing.

This privacy policy also applies to the following social media presences:
- Facebook: https://www.facebook.com/COMCreate-192849388936095
- Instagram: https://www.instagram.com/com.create/
- LinkedIn: https://www.linkedin.com/company/com-create
- YouTube: https://www.youtube.com/channel/UCUh2BxgkLkuVAqwurKjQVUQ
- WhatsApp Business

If we have requested your consent and you have given it, the legal basis for processing is Article 6(1)(a) of the GDPR. If we have not requested your consent, the legal basis for processing is Article 6(1)(f) of the GDPR. Our legitimate interest in this regard is the optimization of our online offering and our marketing.

In the context of using external services, profiling (for purposes of advertising, personalized information, etc.) may also occur. Profiling may take place across different services and devices. Further information on the services used, the scope of the data processing, and the technologies and procedures employed when using the respective services, as well as whether profiling takes place with these services—and, where applicable, information about the underlying logic, the scope, and the intended effects of such processing for you—can be found in the additional information on the services we use at the end of this section and via the links provided there.

Facebook
Provider: Meta Platforms Ireland Limited, Ireland. Meta Platforms Ireland Limited is a subsidiary of Meta Platforms, Inc., United States of America.
Website: https://www.facebook.com
The provider and we are jointly responsible. We have concluded an appropriate agreement with the provider. You can view this agreement at https://www.facebook.com/legal/terms/page_controller_addendum and https://www.facebook.com/legal/controller_addendum.
Further information & data protection: https://developers.facebook.com/docs/plugins/, https://www.facebook.com/legal/terms/information_about_page_insights_data, https://www.facebook.com/privacy/policy/, https://de-de.facebook.com/policies/cookies/, https://www.facebook.com/help/566994660333381?ref=dp and https://de-de.facebook.com/help/568137493302217
Assurance: EU Standard Contractual Clauses. A copy of the EU Standard Contractual Clauses can be requested from us. The provider has joined the EU‑US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.

Instagram
Provider: Meta Platforms Ireland Limited, Ireland. Meta Platforms Ireland Limited is a subsidiary of Meta Platforms, Inc., United States of America.
Website: https://www.instagram.com
Further information & data protection: https://help.instagram.com/581066165581870 and https://help.instagram.com/519522125107875
Assurance: EU Standard Contractual Clauses. A copy of the EU Standard Contractual Clauses can be requested from us. The provider has joined the EU‑US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.

LinkedIn
Provider: If you are located in the EU, the European Economic Area (EEA) or Switzerland, this service is provided by LinkedIn Ireland Unlimited Company, Ireland. If you are located outside the EU, the European Economic Area (EEA) or Switzerland, this service is provided by LinkedIn Corporation, United States of America.
Website: https://www.linkedin.com
Further information & data protection: https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy and https://de.linkedin.com/legal/cookie-policy?trk=homepage-basic_footer-cookie-policy
Assurance: EU Standard Contractual Clauses. A copy of the EU Standard Contractual Clauses can be requested from us.

WhatsApp
Provider: If users reside in a country within the European Economic Area (which also includes the European Union) and any other covered country or territory (collectively referred to as the European Region), the service is provided by WhatsApp Ireland Limited, Ireland. If users reside in a country outside the European Region, the service is provided by WhatsApp LLC, United States of America.
Website: https://www.whatsapp.com/
Further information & data protection: https://www.whatsapp.com/privacy, https://www.whatsapp.com/legal/ and https://www.whatsapp.com/legal/privacy-policy-eea
Assurance: EU Standard Contractual Clauses. A copy of the EU Standard Contractual Clauses can be requested from us. The provider has joined the EU‑US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.

YouTube
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://www.youtube.com
Further information & data protection: https://policies.google.com/?hl=de
The transfer of personal data to third countries is carried out depending on the respective Google service and subject to the applicable EU Standard Contractual Clauses, insofar as these are offered by Google. Further information on this and on Google’s responsibilities can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses can be viewed there. The provider has joined the EU‑US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.


Social Media Content/Plugins

We use social media content/plugins from external services to display content and functions of the external services to you, thereby optimizing our online offering and our marketing.

If we have requested your consent and you have given it, the legal basis for processing is Article 6(1)(a) of the GDPR. If we have not requested your consent, the legal basis for processing is Article 6(1)(f) of the GDPR. Our legitimate interest in this regard is the optimization of our online offering and our marketing.

In the context of using external services, profiling (for purposes of advertising, personalized information, etc.) may also occur. Profiling may take place across different services and devices. Further information on the services used, the scope of the data processing, and the technologies and procedures employed when using the respective services, as well as whether profiling takes place with these services—and, if applicable, information about the underlying logic, the scope, and the intended effects of such processing for you—can be found in the additional information on the services we use at the end of this section and via the links provided there.

LinkedIn
Provider: If you are located in the EU, the European Economic Area (EEA), or Switzerland, this service is provided by LinkedIn Ireland Unlimited Company, Ireland. If you are located outside the EU, the European Economic Area (EEA), or Switzerland, this service is provided by LinkedIn Corporation, United States of America.
Website: https://www.linkedin.com
Further information & data protection: https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy and https://de.linkedin.com/legal/cookie-policy?trk=homepage-basic_footer-cookie-policy
Assurance: EU Standard Contractual Clauses. A copy of the EU Standard Contractual Clauses can be requested from us.


Fonts & Scripts

We use fonts and scripts from external services in order to display our online offering to you and to ensure that current fonts and scripts are always provided.

If we have requested your consent and you have given it, the legal basis for processing is Article 6(1)(a) of the GDPR. If we have not requested your consent, the legal basis for processing is Article 6(1)(f) of the GDPR. Our legitimate interest in this regard is the proper display of our online offering and ensuring the provision of current fonts and scripts.

In the context of using external services, profiling (for purposes of advertising, personalized information, etc.) may also occur. Profiling may take place across services and devices. Further information on the services used, the scope of the data processing, and the technologies and procedures employed in connection with the respective services, as well as whether profiling occurs when using the respective services—and, if applicable, information about the underlying logic, the scope, and the intended effects of such processing for you—can be found in the additional information on the services we use at the end of this section and via the links provided there.

Google Fonts
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://fonts.google.com/
Further information & data protection: https://policies.google.com/?hl=de
The transfer of personal data to third countries is carried out depending on the respective Google service and subject to the applicable EU Standard Contractual Clauses, insofar as these are offered by Google. Further information on this and on Google's responsibilities can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses can be viewed there. The provider has joined the EU‑US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.


Maps

We use maps from external services to show you our location and to enable the use of additional functions of these external services in connection with the maps.

If we have requested your consent and you have given it, the legal basis for processing is Article 6(1)(a) of the GDPR. If we have not requested your consent, the legal basis for processing is Article 6(1)(f) of the GDPR. Our legitimate interest in this regard is the simplified use of maps.

In the context of using external services, profiling (for purposes of advertising, personalized information, etc.) may also occur. Profiling may take place across services and devices. Further information on the services used, the scope of the data processing, and the technologies and procedures employed in connection with the respective services, as well as whether profiling occurs when using the respective services—and, if applicable, information about the underlying logic, the scope, and the intended effects of such processing for you—can be found in the additional information on the services we use at the end of this section and via the links provided there.

Google Maps
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://www.google.de/maps
Further information & data protection: https://policies.google.com/?hl=de
The transfer of personal data to third countries is carried out depending on the respective Google service and subject to the applicable EU Standard Contractual Clauses, insofar as these are offered by Google. Further information on this and on Google's responsibilities can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses can be viewed there. The provider has joined the EU‑US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.


Review Platforms

We use review platforms and process your personal data in order to have our services evaluated and thereby optimize our online offering and our marketing.

If we have requested your consent and you have given it, the legal basis for processing is Article 6(1)(a) of the GDPR. If we have not requested your consent, the legal basis for processing is Article 6(1)(f) of the GDPR. Our legitimate interest in this regard is the optimization of our online offering and our marketing.

If we or the review platforms we use have requested your consent and you have given it, we or the review platforms process your personal data in order to remind you to submit a review. The legal basis for processing is Article 6(1)(a) of the GDPR.

Further information on the review platforms we use, the scope of the data processing, and the technologies and procedures employed in connection with the respective review platforms can be found in the additional information on the review platforms we use at the end of this section and via the links provided there.

Google Customer Reviews
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://support.google.com/merchants/answer/7124326?hl=de
Further information & data protection: https://policies.google.com/?hl=de
The transfer of personal data to third countries is carried out depending on the respective Google service and subject to the applicable EU Standard Contractual Clauses, insofar as these are offered by Google. Further information on this and on Google's responsibilities can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses can be viewed there. The provider has joined the EU‑US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.


Fonts & Scripts (continued)

We use fonts and scripts from external services in order to display our online offering to you and to ensure that current fonts and scripts are always provided.

If we have requested your consent and you have given it, the legal basis for processing is Article 6(1)(a) of the GDPR. If we have not requested your consent, the legal basis for processing is Article 6(1)(f) of the GDPR. Our legitimate interest in this regard is the proper display of our online offering and ensuring the provision of current fonts and scripts.

In the context of using external services, profiling (for purposes of advertising, personalized information, etc.) may also occur. Profiling may take place across services and devices. Further information on the services used, the scope of the data processing, and the technologies and procedures employed in connection with the respective services, as well as whether profiling occurs when using the respective services—and, if applicable, information about the underlying logic, the scope, and the intended effects of such processing for you—can be found in the additional information on the services we use at the end of this section and via the links provided there.


Maps (continued)

We use maps from external services to show you our location and to enable the use of additional functions of these external services in connection with the maps.

If we have requested your consent and you have given it, the legal basis for processing is Article 6(1)(a) of the GDPR. If we have not requested your consent, the legal basis for processing is Article 6(1)(f) of the GDPR. Our legitimate interest in this regard is the simplified use of maps.

In the context of using external services, profiling (for purposes of advertising, personalized information, etc.) may also occur. Profiling may take place across services and devices. Further information on the services used, the scope of the data processing, and the technologies and procedures employed in connection with the respective services, as well as whether profiling occurs when using the respective services—and, if applicable, information about the underlying logic, the scope, and the intended effects of such processing for you—can be found in the additional information on the services we use at the end of this section and via the links provided there.


Review Platforms (continued)

We use review platforms and process your personal data in order to have our services evaluated and thereby optimize our online offering and our marketing.

If we have requested your consent and you have given it, the legal basis for processing is Article 6(1)(a) of the GDPR. If we have not requested your consent, the legal basis for processing is Article 6(1)(f) of the GDPR. Our legitimate interest in this regard is the optimization of our online offering and our marketing.

If we or the review platforms we use have requested your consent and you have given it, we or the review platforms process your personal data in order to remind you to submit a review. The legal basis for processing is Article 6(1)(a) of the GDPR.

Further information on the review platforms we use, the scope of the data processing, and the technologies and procedures employed in connection with the respective review platforms can be found in the additional information on the review platforms we use at the end of this section and via the links provided there.

Google Customer Reviews
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://support.google.com/merchants/answer/7124326?hl=de
Further information & data protection: https://policies.google.com/?hl=de
The transfer of personal data to third countries is carried out depending on the respective Google service and subject to the applicable EU Standard Contractual Clauses, insofar as these are offered by Google. Further information on this and on Google's responsibilities can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses can be viewed there. The provider has joined the EU‑US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.


Job Applications

If you apply to us, we process your personal data in order to conduct the application process and to make a decision regarding the establishment of an employment relationship. Upon completion of the application process, we restrict the processing of your personal data and delete or destroy it no later than six months after you receive a rejection, or we return your application documents to you and delete or destroy any copies, unless you have consented to us continuing to use your personal data.

If we have requested your consent and you have given it, the legal basis for the processing is Article 6(1)(a) GDPR. If we have not requested your consent, the legal basis for the processing is Article 6(1)(f) GDPR. Our legitimate interest is the proper conduct of the application process and, where applicable, the defense against claims arising from the rejection of an application. If the processing is necessary for the decision regarding the establishment of an employment relationship, the legal basis for the processing is also § 26(1) sentence 1 of the German Federal Data Protection Act (BDSG).


CAPTCHAs

We use CAPTCHAs to protect our online offering from abusive, machine-generated and/or automated inputs (for example, in forms) and to prevent any misuse.

If we have requested your consent and you have given it, the legal basis for the processing is Article 6(1)(a) GDPR. If we have not requested your consent, the legal basis for the processing is Article 6(1)(f) GDPR. Our legitimate interest is the protection of our online offering and the prevention of misuse.

To provide the CAPTCHAs, we use external services. In doing so, profiling may also occur. Profiling may take place across services and devices. Further information regarding the services used, the scope of the data processing, and the technologies and procedures employed by the respective services—as well as whether profiling occurs when using these services, and, where applicable, information about the underlying logic, the scope, and the intended consequences of such processing for you—can be found in the additional information on the services we use at the end of this section and via the links provided there.

Google reCAPTCHA
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://www.google.com/recaptcha/
Further information & data protection: https://policies.google.com/?hl=de
The transfer of personal data to third countries is carried out depending on the respective Google service and subject to the applicable EU Standard Contractual Clauses, insofar as these are offered by Google. Further information on this and on Google’s responsibilities can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses can be viewed there. The provider has joined the EU‑US Data Privacy Framework (https://www.dataprivacyframework.gov), which, based on a decision by the European Commission, ensures an adequate level of data protection.


Comments

If you leave comments using the designated functions (for blog posts, products, etc.), we process your personal data in order to display your comments and to prevent any misuse.

If we have requested your consent and you have given it, the legal basis for the processing is Article 6(1)(a) GDPR. If we have not requested your consent, the legal basis for the processing is Article 6(1)(f) GDPR. Our legitimate interest is the proper display of your comments and the prevention of misuse.

 

This privacy policy was created using the configurator from getLaw.de.

Kontakt