With the following privacy policy, we would like to inform you about the types of your personal data, hereinafter also referred to briefly as “data”, that we process, for what purposes and to what extent. The privacy policy applies to all processing of personal data carried out by us, both in the context of providing our services and, in particular, on our websites, in mobile applications and within external online presences, such as our social media profiles, hereinafter collectively referred to as the “online offering”.
The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects concerned.
Types of data processed
Contact data.
Content data.
Usage data.
Meta/communication data.
Categories of data subjects
Communication partners.
Users.
Purposes of processing
Provision of contractual services and customer service.
Contact inquiries and communication.
Reach measurement.
Tracking.
Management and response to inquiries.
Feedback.
Profiles with user-related information.
Provision of our online offering and user-friendliness.
Information technology infrastructure.
Relevant legal bases
Below you will find an overview of the legal bases of the GDPR on which we process personal data. Please note that, in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or registered office. If more specific legal bases are relevant in individual cases, we will inform you of these in the privacy policy.
Consent (Art. 6(1) sentence 1 lit. a GDPR) - The data subject has given consent to the processing of personal data concerning them for one specific purpose or for several specific purposes.
Performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1 lit. b GDPR) - Processing is necessary for the performance of a contract to which the data subject is party, or in order to take pre-contractual measures at the request of the data subject.
Legitimate interests (Art. 6(1) sentence 1 lit. f GDPR) - Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, unless the interests or fundamental rights and freedoms of the data subject that require the protection of personal data override those interests.
In addition to the data protection provisions of the General Data Protection Regulation, national data protection regulations apply in Germany. This includes, in particular, the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG). The BDSG contains, in particular, special provisions on the right of access, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes and transmission, as well as automated decision-making in individual cases, including profiling. It also regulates data processing for the purposes of employment relationships (§ 26 BDSG), in particular with regard to the establishment, performance or termination of employment relationships and the consent of employees. Furthermore, the data protection laws of the individual federal states may apply.
Security Measures
In accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of processing, as well as the different likelihoods and severity of the threat to the rights and freedoms of natural persons, we take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk.
The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data, as well as access, input, disclosure, securing availability and separation of the data. Furthermore, we have established procedures that ensure the exercise of data subject rights, the deletion of data and responses to threats to the data. In addition, we take the protection of personal data into account already during the development or selection of hardware, software and procedures, in accordance with the principle of data protection by design and by default.
SSL encryption (https): To protect your data transmitted via our online offering, we use SSL encryption. You can recognize encrypted connections of this kind by the prefix https:// in the address bar of your browser.
Use of Cookies
Cookies are small text files or other storage markers that store information on end devices and read information from end devices. For example, they can be used to store the login status in a user account, the contents of a shopping cart in an online shop, the content accessed or functions used within an online offering. Cookies may also be used for various purposes, such as ensuring the functionality, security and convenience of online offerings, and creating analyses of visitor flows.
Notes on consent: We use cookies in accordance with legal requirements. Therefore, we obtain prior consent from users unless this is not required by law. Consent is not required, in particular, if storing and reading information, including cookies, is strictly necessary in order to provide users with a telemedia service expressly requested by them, namely our online offering. Revocable consent is clearly communicated to users and contains information about the respective use of cookies.
Notes on legal bases under data protection law: The legal basis under data protection law on which we process users’ personal data with the help of cookies depends on whether we ask users for consent. If users consent, the legal basis for processing their data is the consent given. Otherwise, the data processed with the help of cookies is processed on the basis of our legitimate interests, for example in the commercial operation of our online offering and improving its usability, or, if this takes place in the context of fulfilling our contractual obligations, when the use of cookies is necessary in order to fulfill our contractual obligations. We explain the purposes for which we process cookies in the course of this privacy policy or as part of our consent and processing procedures.
Storage duration: With regard to storage duration, the following types of cookies are distinguished:
Temporary cookies, also known as session cookies: Temporary cookies are deleted at the latest after a user leaves an online offering and closes their end device, such as a browser or mobile application.
Permanent cookies: Permanent cookies remain stored even after the end device is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, user data collected with the help of cookies can be used for reach measurement. Unless we provide users with explicit information on the type and storage duration of cookies, for example when obtaining consent, users should assume that cookies are permanent and that the storage duration may be up to two years.
General notes on withdrawal and objection (opt-out): Users can withdraw the consent they have given at any time and may also object to processing in accordance with the legal requirements under Art. 21 GDPR. Users can also declare their objection via the settings of their browser, for example by disabling the use of cookies, although this may also restrict the functionality of our online services. An objection to the use of cookies for online marketing purposes can also be declared via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/.
Further information on processing operations, procedures and services:
Processing of cookie data on the basis of consent: We use a cookie consent management procedure through which users’ consent to the use of cookies, or to the processing and providers named within the cookie consent management procedure, is obtained and can be managed and withdrawn by users. The declaration of consent is stored so that the request does not have to be repeated and so that consent can be proven in accordance with legal obligations. Storage may take place on the server side and/or in a cookie, known as an opt-in cookie, or with the help of comparable technologies, in order to be able to assign consent to a user or their device. Subject to individual information about the providers of cookie management services, the following information applies: The duration of storage of consent may be up to two years. A pseudonymous user identifier is created and stored together with the time of consent, information on the scope of consent, for example which categories of cookies and/or service providers, as well as the browser, system and end device used.
Provision of the Online Offering and Web Hosting
In order to provide our online offering securely and efficiently, we use the services of one or more web hosting providers, from whose servers, or servers managed by them, the online offering can be accessed. For these purposes, we may use infrastructure and platform services, computing capacity, storage space and database services, as well as security services and technical maintenance services.
The data processed in the context of providing the hosting offering may include all information relating to users of our online offering that arises in the course of use and communication. This regularly includes the IP address, which is necessary in order to deliver the content of online offerings to browsers, and all entries made within our online offering or on websites.
Types of data processed: Content data, such as entries in online forms; usage data, such as websites visited, interest in content and access times; meta/communication data, such as device information and IP addresses.
Data subjects: Users, such as website visitors and users of online services.
Purposes of processing: Provision of our online offering and user-friendliness; information technology infrastructure, operation and provision of information systems and technical devices such as computers and servers.
Further information on processing operations, procedures and services:
Collection of access data and log files: We ourselves, or our web hosting provider, collect data on every access to the server, known as server log files. Server log files may include the address and name of the accessed websites and files, the date and time of access, transferred data volumes, notification of successful access, browser type and version, the user’s operating system, referrer URL, meaning the previously visited page, and, as a rule, IP addresses and the requesting provider. Server log files may be used for security purposes, for example to avoid overloading the servers, particularly in the case of abusive attacks known as DDoS attacks, and also to ensure server utilization and stability; Legal bases: Legitimate interests (Art. 6(1) sentence 1 lit. f GDPR); Deletion of data: Log file information is stored for a maximum period of 30 days and then deleted or anonymized. Data whose further retention is required for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified.
Contact and Inquiry Management
When contacting us, for example via contact form, email, telephone or social media, as well as within existing user and business relationships, the information provided by the inquiring persons is processed insofar as this is necessary to respond to the contact inquiries and any requested measures.
The response to contact inquiries and the management of contact and inquiry data within the framework of contractual or pre-contractual relationships are carried out in order to fulfill our contractual obligations or to respond to contractual or pre-contractual inquiries, and otherwise on the basis of legitimate interests in responding to inquiries and maintaining user or business relationships.
Types of data processed: Contact data, such as email and telephone numbers; content data, such as entries in online forms; usage data, such as websites visited, interest in content and access times; meta/communication data, such as device information and IP addresses.
Data subjects: Communication partners.
Purposes of processing: Provision of contractual services and customer service; contact inquiries and communication; management and response to inquiries; feedback, for example collecting feedback via online form; provision of our online offering and user-friendliness.
Legal bases: Performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1 lit. b GDPR); legitimate interests (Art. 6(1) sentence 1 lit. f GDPR).
Further information on processing operations, procedures and services:
Contact form: If users contact us via our contact form, email or other communication channels, we process the data provided to us in this context in order to handle the communicated request. For this purpose, we process personal data within pre-contractual and contractual business relationships insofar as this is necessary for their fulfillment and otherwise on the basis of our legitimate interests as well as the interests of the communication partners in responding to the requests and our statutory retention obligations; Legal bases: Performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1 lit. b GDPR), legitimate interests (Art. 6(1) sentence 1 lit. f GDPR).
Web Analytics, Monitoring and Optimization
Web analytics, also referred to as reach measurement, serves to evaluate visitor flows to our online offering and may include behavior, interests or demographic information about visitors, such as age or gender, as pseudonymous values. With the help of reach analysis, we can, for example, identify at what time our online offering or its functions or content are most frequently used or invite reuse. We can also determine which areas require optimization.
In addition to web analytics, we may also use testing procedures, for example to test and optimize different versions of our online offering or its components.
Unless otherwise stated below, profiles, meaning data summarized for a usage process, may be created for these purposes, and information may be stored in and read from a browser or end device. The information collected includes, in particular, websites visited and elements used there, as well as technical information such as the browser used, the computer system used and information about usage times. If users have consented to the collection of their location data by us or by the providers of the services we use, location data may also be processed.
The IP addresses of users are also stored. However, we use an IP masking procedure, meaning pseudonymization by shortening the IP address, to protect users. In general, no clear user data, such as email addresses or names, is stored in the context of web analytics, A/B testing and optimization, but rather pseudonyms. This means that neither we nor the providers of the software used know the actual identity of the users, but only the information stored in their profiles for the purposes of the respective procedures.
Types of data processed: Usage data, such as websites visited, interest in content and access times; meta/communication data, such as device information and IP addresses.
Data subjects: Users, such as website visitors and users of online services.
Purposes of processing: Reach measurement, such as access statistics and recognition of returning visitors; profiles with user-related information, meaning creation of user profiles; tracking, such as interest-based or behavior-based profiling and use of cookies; provision of our online offering and user-friendliness.
Security measures: IP masking, meaning pseudonymization of the IP address.
Legal bases: Consent (Art. 6(1) sentence 1 lit. a GDPR).
Further information on processing operations, procedures and services:
Google Analytics: We use Google Analytics to measure and analyze the use of our online offering on the basis of a pseudonymous user identification number. This identification number does not contain any unique data, such as names or email addresses. It is used to assign analysis information to an end device in order to identify which content users have accessed within one or more usage processes, which search terms they have used, whether they have accessed them again or interacted with our online offering. The time of use and its duration are also stored, as are the sources of users who refer to our online offering and technical aspects of their end devices and browsers. In doing so, pseudonymous profiles of users with information from the use of different devices are created, whereby cookies may be used. Google Analytics does not log or store individual IP addresses for EU users. However, Analytics provides coarse geographic location data by deriving the following metadata from IP addresses: city, including the derived latitude and longitude of the city, continent, country, region, subcontinent and ID-based counterparts. For EU traffic, IP address data is used exclusively for this derivation of geolocation data before being immediately deleted. It is not logged, is not accessible and is not used for any further purposes. When Google Analytics collects measurement data, all IP queries are performed on EU-based servers before the traffic is forwarded to Analytics servers for processing; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal bases: Consent (Art. 6(1) sentence 1 lit. a GDPR); Website:https://marketingplatform.google.com/intl/de/about/analytics/; Security measures: IP masking, meaning pseudonymization of the IP address; Privacy policy:https://policies.google.com/privacy; Data processing agreement:https://business.safety.google/adsprocessorterms/; Basis for third-country transfers: Data Privacy Framework (DPF); Opt-out option: Opt-out plugin: https://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertisements: https://myadcenter.google.com/personalizationoff; Further information:https://business.safety.google/adsservices/ (types of processing and data processed).
Google Tag Manager: We use Google Tag Manager, software from Google that enables us to centrally manage so-called website tags via a user interface. Tags are small code elements on our website that are used to record and analyze visitor activities. This technology helps us improve our website and the content offered on it. Google Tag Manager itself does not create user profiles, does not store cookies with user profiles and does not carry out any independent analyses. Its function is limited to simplifying and making more efficient the integration and management of tools and services that we use on our website. Nevertheless, when Google Tag Manager is used, users’ IP addresses are transmitted to Google, which is technically necessary in order to implement the services we use. Cookies may also be set in the process. However, this data processing only takes place if services are integrated via the Tag Manager. For more detailed information on these services and their data processing, please refer to the further sections of this privacy policy; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal bases: Consent (Art. 6(1) sentence 1 lit. a GDPR); Website:https://marketingplatform.google.com; Privacy policy:https://policies.google.com/privacy; Data processing agreement: https://business.safety.google/adsprocessorterms; Basis for third-country transfers: Data Privacy Framework (DPF).
Plugins and Embedded Functions and Content
We integrate functional and content elements into our online offering that are obtained from the servers of their respective providers, hereinafter referred to as “third-party providers”. These may include, for example, graphics, videos or city maps, hereinafter uniformly referred to as “content”.
The integration always requires that the third-party providers of this content process the users’ IP address, since without the IP address they would not be able to send the content to the users’ browser. The IP address is therefore required for the display of this content or these functions. We make every effort to use only content whose respective providers use the IP address solely for the delivery of the content. Third-party providers may also use so-called pixel tags, invisible graphics also referred to as “web beacons”, for statistical or marketing purposes. Through pixel tags, information such as visitor traffic on the pages of this website can be evaluated. The pseudonymous information may also be stored in cookies on the users’ device and may contain, among other things, technical information about the browser and operating system, referring websites, visit time and further information about the use of our online offering, and may also be combined with such information from other sources.
Types of data processed: Usage data, such as websites visited, interest in content and access times; meta/communication data, such as device information and IP addresses.
Data subjects: Users, such as website visitors and users of online services.
Purposes of processing: Provision of our online offering and user-friendliness.
Further information on processing operations, procedures and services:
Integration of third-party software, scripts or frameworks, such as jQuery: We integrate software into our online offering that we retrieve from servers of other providers, for example function libraries that we use for the purpose of displaying or improving the user-friendliness of our online offering. In this process, the respective providers collect the users’ IP address and may process it for the purpose of transmitting the software to the users’ browser, as well as for security purposes and for evaluating and optimizing their offering. - We integrate software into our online offering that we retrieve from servers of other providers, for example function libraries that we use for the purpose of displaying or improving the user-friendliness of our online offering. In this process, the respective providers collect the users’ IP address and may process it for the purpose of transmitting the software to the users’ browser, as well as for security purposes and for evaluating and optimizing their offering; Legal bases: Legitimate interests (Art. 6(1) sentence 1 lit. f GDPR).
Google Fonts, retrieved from Google servers: Retrieval of fonts and symbols for the purpose of technically secure, maintenance-free and efficient use of fonts and symbols with regard to up-to-dateness and loading times, their uniform display and consideration of possible licensing restrictions. The provider of the fonts is informed of the user’s IP address so that the fonts can be made available in the user’s browser. In addition, technical data, such as language settings, screen resolution, operating system and hardware used, is transmitted, which is necessary for providing the fonts depending on the devices used and the technical environment; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Legal bases: Legitimate interests (Art. 6(1) sentence 1 lit. f GDPR); Website:https://fonts.google.com/; Privacy policy:https://policies.google.com/privacy.
Presences in Social Networks (Social Media)
We maintain online presences within social networks and process user data in this context in order to communicate with users active there or to provide information about us.
We point out that user data may be processed outside the European Union. This may result in risks for users, for example because it could make it more difficult to enforce users’ rights.
Furthermore, users’ data within social networks is generally processed for market research and advertising purposes. For example, usage profiles can be created on the basis of users’ usage behavior and the interests derived from it. These profiles may in turn be used, for example, to place advertisements inside and outside the networks that presumably correspond to users’ interests. Therefore, cookies are generally stored on users’ computers, in which users’ usage behavior and interests are stored. In addition, data may also be stored in the usage profiles independently of the devices used by the users, particularly if they are members of the respective platforms and are logged in there.
For a detailed description of the respective forms of processing and the opt-out options, we refer to the privacy policies and information provided by the operators of the respective networks.
Also in the case of requests for information and the assertion of data subject rights, we point out that these can be most effectively asserted with the providers. Only the providers have access to the users’ data and can take appropriate measures and provide information directly. Should you nevertheless need assistance, you may contact us.
Types of data processed: Contact data, such as postal and email addresses or telephone numbers; content data, such as text or image messages and posts, as well as related information such as details on authorship or time of creation; usage data, such as page views and length of stay, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions.
Data subjects: Users, such as website visitors and users of online services.
Purposes of processing: Communication; feedback, such as collecting feedback via online form; public relations.
Retention and deletion: Deletion in accordance with the information in the section “General Information on Data Storage and Deletion”.
Further information on processing operations, procedures and services:
Instagram: Social network that enables the sharing of photos and videos, commenting on and favoriting posts, sending messages, and following profiles and pages; Service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland; Legal bases: Legitimate interests (Art. 6(1) sentence 1 lit. f GDPR); Website:https://www.instagram.com; Privacy policy:https://privacycenter.instagram.com/policy/; Basis for third-country transfers: Data Privacy Framework (DPF).
Facebook Pages: Profiles within the social network Facebook - We are jointly responsible with Meta Platforms Ireland Limited for the collection, but not the further processing, of data from visitors to our Facebook page, known as a “fan page”. This data includes information about the types of content that users view or interact with, or the actions they take, see “Things you and others do and provide” in the Facebook Data Policy: https://www.facebook.com/privacy/policy/, as well as information about the devices used by users, such as IP addresses, operating system, browser type, language settings and cookie data; see “Device information” in the Facebook Data Policy: https://www.facebook.com/privacy/policy/. As explained in the Facebook Data Policy under “How do we use this information?”, Facebook also collects and uses information to provide analytics services, known as “Page Insights”, for page operators so that they can gain insights into how people interact with their pages and the content associated with them. We have concluded a special agreement with Facebook, “Information about Page Insights”, https://www.facebook.com/legal/terms/page_controller_addendum, which regulates in particular which security measures Facebook must observe and in which Facebook has agreed to fulfill data subject rights, meaning users can, for example, address information or deletion requests directly to Facebook. The rights of users, in particular to access, erasure, objection and complaint to the competent supervisory authority, are not restricted by the agreements with Facebook. Further information can be found in the “Information about Page Insights” (https://www.facebook.com/legal/terms/information_about_page_insights_data). The joint responsibility is limited to the collection by and transmission of data to Meta Platforms Ireland Limited, a company based in the EU. The further processing of the data is the sole responsibility of Meta Platforms Ireland Limited, which particularly concerns the transmission of the data to its parent company Meta Platforms, Inc. in the USA; Service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland; Legal bases: Legitimate interests (Art. 6(1) sentence 1 lit. f GDPR); Website:https://www.facebook.com; Privacy policy:https://www.facebook.com/privacy/policy/; Basis for third-country transfers: Data Privacy Framework (DPF).
LinkedIn: Social network - We are jointly responsible with LinkedIn Ireland Unlimited Company for the collection, but not the further processing, of data from visitors that is created for the purpose of generating “Page Insights” statistics for our LinkedIn profiles. This data includes information about the types of content that users view or interact with, or the actions they take, as well as information about the devices used by users, such as IP addresses, operating system, browser type, language settings and cookie data, and information from users’ profiles, such as job function, country, industry, seniority, company size and employment status. Data protection information on LinkedIn’s processing of user data can be found in LinkedIn’s privacy notices: https://www.linkedin.com/legal/privacy-policy We have concluded a special agreement with LinkedIn Ireland, the “Page Insights Joint Controller Addendum”, https://legal.linkedin.com/pages-joint-controller-addendum, which regulates in particular which security measures LinkedIn must observe and in which LinkedIn has agreed to fulfill data subject rights, meaning users can, for example, address information or deletion requests directly to LinkedIn. The rights of users, in particular to access, erasure, objection and complaint to the competent supervisory authority, are not restricted by the agreements with LinkedIn. The joint responsibility is limited to the collection of the data by and transmission to Ireland Unlimited Company, a company based in the EU. Further processing of the data is the sole responsibility of Ireland Unlimited Company, which particularly concerns the transmission of the data to its parent company LinkedIn Corporation in the USA; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Legal bases: Legitimate interests (Art. 6(1) sentence 1 lit. f GDPR); Website:https://www.linkedin.com; Privacy policy:https://www.linkedin.com/legal/privacy-policy; Basis for third-country transfers: Data Privacy Framework (DPF); Opt-out option:https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Changes and Updates to the Privacy Policy
We ask you to regularly inform yourself about the content of our privacy policy. We adapt the privacy policy as soon as changes to the data processing carried out by us make this necessary. We will inform you as soon as the changes require any action on your part, for example consent, or any other individual notification.
If we provide addresses and contact information of companies and organizations in this privacy policy, please note that the addresses may change over time and we ask you to check the information before contacting them.
Rights of Data Subjects
As a data subject, you have various rights under the GDPR, which arise in particular from Articles 15 to 21 GDPR:
Right to object: You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you that is carried out on the basis of Art. 6(1) lit. e or f GDPR; this also applies to profiling based on those provisions. If personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.
Right to withdraw consent: You have the right to withdraw consent you have given at any time.
Right of access: You have the right to request confirmation as to whether data concerning you is being processed and to receive access to this data, as well as further information and a copy of the data in accordance with legal requirements.
Right to rectification: In accordance with legal requirements, you have the right to request the completion of data concerning you or the correction of inaccurate data concerning you.
Right to erasure and restriction of processing: In accordance with legal requirements, you have the right to request that data concerning you be deleted without delay, or alternatively, in accordance with legal requirements, to request restriction of the processing of the data.
Right to data portability: You have the right to receive data concerning you that you have provided to us in a structured, commonly used and machine-readable format in accordance with legal requirements, or to request its transmission to another controller.
Complaint to a supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, your place of work or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the provisions of the GDPR.
Definitions of Terms
In this section, you will find an overview of the terms used in this privacy policy. Many of the terms are taken from the law and are primarily defined in Art. 4 GDPR. The statutory definitions are binding. The following explanations, by contrast, are intended primarily to aid understanding. The terms are sorted alphabetically.
Personal data: “Personal data” means any information relating to an identified or identifiable natural person, hereinafter referred to as the “data subject”; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier such as a cookie, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Profiles with user-related information: The processing of “profiles with user-related information”, or “profiles” for short, includes any form of automated processing of personal data consisting of the use of such personal data to analyze, evaluate or predict certain personal aspects relating to a natural person. Depending on the type of profiling, this may include different information concerning demographics, behavior and interests, such as interaction with websites and their content, etc. Cookies and web beacons are often used for profiling purposes.
Reach measurement: Reach measurement, also referred to as web analytics, serves to evaluate visitor flows to an online offering and may include the behavior or interests of visitors in certain information, such as website content. With the help of reach analysis, website owners can, for example, identify at what time visitors visit their website and which content they are interested in. This allows them, for example, to better adapt website content to the needs of their visitors. For reach analysis purposes, pseudonymous cookies and web beacons are often used to recognize returning visitors and thus obtain more precise analyses of the use of an online offering.
Tracking: “Tracking” refers to the ability to trace users’ behavior across multiple online offerings. As a rule, behavioral and interest information relating to the online offerings used is stored in cookies or on the servers of the providers of tracking technologies, known as profiling. This information can subsequently be used, for example, to show users advertisements that are likely to correspond to their interests.
Controller: The “controller” is the natural or legal person, public authority, agency or other body that, alone or jointly with others, determines the purposes and means of the processing of personal data.
Processing: “Processing” means any operation or set of operations performed on personal data, whether or not by automated means. The term is broad and includes practically any handling of data, whether collection, evaluation, storage, transmission or deletion.
Cookie Details
Essential
Essential cookies enable basic functions and are necessary for the proper function of the website.
Name
Description
Duration
wpconsent_preferences
This cookie is used to store the user's cookie consent preferences.
30 days
Google Tag Manager
Google Tag Manager simplifies the management of marketing tags on your website without code changes.
Name
Description
Duration
cookiePreferences
Registers cookie preferences of a user
2 years
td
Registers statistical data on users' behaviour on the website. Used for internal analytics by the website operator.
session
Statistics
Statistics cookies collect information anonymously. This information helps us understand how visitors use our website.
Google Analytics
Google Analytics is a powerful tool that tracks and analyzes website traffic for informed marketing decisions.
Used only with old Urchin versions of Google Analytics and not with GA.js. Was used to distinguish between new sessions and visits at the end of a session.
End of session (browser)
__utmz
Contains information about the traffic source or campaign that directed user to the website. The cookie is set when the GA.js javascript is loaded and updated when data is sent to the Google Anaytics server
6 months after last activity
__utmv
Contains custom information set by the web developer via the _setCustomVar method in Google Analytics. This cookie is updated every time new data is sent to the Google Analytics server.
2 years after last activity
__utmx
Used to determine whether a user is included in an A / B or Multivariate test.
18 months
_ga
ID used to identify users
2 years
_gali
Used by Google Analytics to determine which links on a page are being clicked
30 seconds
_ga_
ID used to identify users
2 years
_gid
ID used to identify users for 24 hours after last activity
24 hours
_gat
Used to monitor number of Google Analytics server requests when using Google Tag Manager
1 minute
_gac_
Contains information related to marketing campaigns of the user. These are shared with Google AdWords / Google Ads when the Google Ads and Google Analytics accounts are linked together.
90 days
__utma
ID used to identify users and sessions
2 years after last activity
__utmt
Used to monitor number of Google Analytics server requests
10 minutes
__utmb
Used to distinguish new sessions and visits. This cookie is set when the GA.js javascript library is loaded and there is no existing __utmb cookie. The cookie is updated every time data is sent to the Google Analytics server.
30 minutes after last activity
Marketing
Marketing cookies are used to follow visitors to websites. The intention is to show ads that are relevant and engaging to the individual user.
Meta
Name
Description
Duration
xs
Facebook
sb
Facebook
datr
Facebook
fr
Facebook
_fbc
Facebook
_fbp
Facebook
TikTok
TikTok Pixel tracking
Name
Description
Duration
ttclid
TikTok
_ttp
Tracking for TikTok
13 Months
Cookie Consent
We use cookies to improve your experience on our site. By using our site, you consent to cookies.
Cookie Preferences
Manage your cookie preferences below:
Essential cookies enable basic functions and are necessary for the proper function of the website.
Name
Description
Duration
Cookie Preferences
This cookie is used to store the user's cookie consent preferences.
30 days
Google Tag Manager simplifies the management of marketing tags on your website without code changes.
Name
Description
Duration
cookiePreferences
Registers cookie preferences of a user
2 years
td
Registers statistical data on users' behaviour on the website. Used for internal analytics by the website operator.
session
Statistics cookies collect information anonymously. This information helps us understand how visitors use our website.
Google Analytics is a powerful tool that tracks and analyzes website traffic for informed marketing decisions.
Used only with old Urchin versions of Google Analytics and not with GA.js. Was used to distinguish between new sessions and visits at the end of a session.
End of session (browser)
__utmz
Contains information about the traffic source or campaign that directed user to the website. The cookie is set when the GA.js javascript is loaded and updated when data is sent to the Google Anaytics server
6 months after last activity
__utmv
Contains custom information set by the web developer via the _setCustomVar method in Google Analytics. This cookie is updated every time new data is sent to the Google Analytics server.
2 years after last activity
__utmx
Used to determine whether a user is included in an A / B or Multivariate test.
18 months
_ga
ID used to identify users
2 years
_gali
Used by Google Analytics to determine which links on a page are being clicked
30 seconds
_ga_
ID used to identify users
2 years
_gid
ID used to identify users for 24 hours after last activity
24 hours
_gat
Used to monitor number of Google Analytics server requests when using Google Tag Manager
1 minute
_gac_
Contains information related to marketing campaigns of the user. These are shared with Google AdWords / Google Ads when the Google Ads and Google Analytics accounts are linked together.
90 days
__utma
ID used to identify users and sessions
2 years after last activity
__utmt
Used to monitor number of Google Analytics server requests
10 minutes
__utmb
Used to distinguish new sessions and visits. This cookie is set when the GA.js javascript library is loaded and there is no existing __utmb cookie. The cookie is updated every time data is sent to the Google Analytics server.
30 minutes after last activity
Marketing cookies are used to follow visitors to websites. The intention is to show ads that are relevant and engaging to the individual user.
