3.1 Description and scope of the data processing

Upon each access to our website, our system will automatically collect data and information from the computer system of the accessing computer. The following data (hereinafter “Log Data”) will be collected:

• information regarding the browser type and version used (“User Agent”);
• the user’s operating system;
• information regarding the device type (e.g., mobile or desktop)
• the user’s Internet service provider;
• the user’s IP address (if executed by the services used - e.g., Google Analytics; in that case, explanations can be found in the relevant section of the service);
• date, time and duration of the access;
• websites from which the user’s system is referred to our website (“Referrers”);
• websites accessed by the user’s system through our website.

With the exception of the IP address, the aforementioned Log Data do not allow a reference to persons; a reference to persons can only be established through the allocation, or link, of the Log Data to an IP address.

3.2 Purpose of the data processing

The collection and processing of the Log Data, in particular, the IP address, is made for the purpose of providing the content of our website to the user, i.e., for the purpose of the communication between the user and our web and/or online offer. The temporary storage of the IP address is necessary for the duration of the respective communication. That storage is necessary to address the communications between the user and our web and/or online offer, or to use our web and/or online offer, respectively.

Any processing and storage of the IP address in log files in excess of the communications is made for the purpose of ensuring the functionality of our web and online offers, to optimise those offers, and to ensure the security of our IT systems.

In other respects, we will analyse those data for statistical purposes. This will be done in aggregated form, and individual users cannot be traced back.

3.3 Legal basis

The legal basis for the collection and processing of the Log Data, to the extent that they constitute personal data, is Article 6(1)(b) GDPR, as well as national legal bases (if any), which apply specifically.

The legal basis for the storage of the IP address in excess of the scope of the communication is Article 6(1)(f) GDPR (safeguarding of legitimate interests), as well as national legal bases (if any), which apply specifically.

3.4 Data deletion and storage period

The data will be erased once they are no longer necessary for the purpose of their collection. In the event of a collection of the data to provide the website, this will be the case once the respective session - the visit to the website - ends. The additional storage of Log Data, including the IP address, will be made for the purpose of system security for a period of no longer than seven days from the end of the access to the site by the user.

The additional processing and/or storage of Log Data is possible and admissible if the IP addresses of the users are deleted, or modified in such a manner that the Log Data can no longer be allocated to an IP address, after the expiry of the aforementioned storage period of seven days.

3.5 Option to object and remove

The collection of Log Data to provide the website, including their storage in log files within the limits set out above, is mandatory for the operation of the website. Therefore, the user has no option to object.

Different provisions apply to the processing of Log Data for analysis purposes, which is governed by the provisions of section 8 below - subject to the web analysis tools and the type of data analysis (personal/anonymous/pseudonym) used from time to time.

4.1 Description and scope of the data processing

Our website uses cookies and similar technologies (hereinafter, collectively, “Cookies”). “Cookies” are text files which are stored in the Internet browser, or by the Internet browser on the user’s computer system. Cookies do not contain any programmes and cannot place any malicious codes on your computer. If a user accesses a website, a Cookie may be stored in the user’s computer system. That Cookie contains a characteristic character string, which makes it possible to clearly identify the browser upon a repeated retrieval of the website. Our Cookies only contain personal data if you have explicitly consented thereto, so that your privacy will be protected. Depending on the type of the Cookie and the possibility to allocate a Cookie to an IP address, there exists, however, the possibility to establish a personal reference to the user. We will only make such an allocation to verify the services expressly requested by you and to exclude you from undesired services.

We differentiate between a) technically necessary Cookies, b) analysis Cookies and c) third-party Cookies:

a) We use technically necessary Cookies to make our web and/or online offer more user-friendly. In technically necessary Cookies, the following data are stored and transmitted to our systems:

• language settings
• information regarding the terminal device/PC used and its settings
• articles in a shopping cart
• articles in a shopping cart
• log-in information

b) We use analysis Cookies (also known as “session Cookies”) to analyse the users’ surfing behaviour on our web and/or online offers for the purpose of advertising, market research or the needs-oriented structuring of our offers. In analysis Cookies, the following data are stored and transmitted to our systems:

• search terms entered
• frequency of page views
• use of website functions
• data collected through Google Analytics can be found in detail at https://support.google.com/analytics#topic=3544907

The data concerning users collected in this manner will be pseudonymised by technical measures. Thereafter, the data can no longer be allocated to the accessing user.

c) “Third-party Cookies” are Cookies which are not set by our web servers but, rather, by third-party providers. These include, for example, the integration of the “Like” button. If the “Like” button is clicked, Facebook will set its “own” Cookie in the user’s browser. Third-party Cookies can never be searched and/or analysed by us. Only the third-party providers are responsible for such Cookies; we have no influence on them.

See sections 7 and 8 as regards the third-party suppliers.

If you opt against the use of Cookies, we will set a “do-not-track” Cookie, by which our web server will recognise that no additional Cookies may be set. In that case, or if you set your browser such that it does not accept Cookies generally, this may result in functional limitations to our offer; for example, services such as log-in areas or content filters cannot be provided.

Most browsers accept Cookies automatically. You can delete any Cookies set on your terminal device at any time, or set your browser such that it does not accept Cookies generally; this may result in the functional limitations to our offer. Please consult the instructions in your browser, or by your terminal device manufacturer, for details as to how to do this.

4.2 Purpose of the data processing

acceptance of language settings

remembering search terms

The user data collected through technically necessary Cookies will not be used to create user profiles.

Analysis Cookies are used to improve the quality of our website and its contents. By analysis Cookies, we learn how the website is used and can thereby constantly improve our offers (see above).

4.3 Legal basis

The legal basis for the use of technically necessary Cookies is Article 6(1)(b) GDPR, to the extent that a personal reference to the user can be established and the use is necessary for the purpose of providing our web and/or online offers for the performance of a contract and, in other respects, Article 6(1)(f), as the use also safeguards legitimate interests for the purpose of providing web and/or online offers.

The legal basis for the processing of personal data while using analysis Cookies is Article 6(1)(a) GDPR if the user has given his or her consent, to the extent that a personal reference to the user can be established. If analysis Cookies are used to prepare pseudonymous analyses, the legal basis is Article 6(1)(f) GDPR (safeguarding of legitimate interests), as well as national legal bases (if any), which apply specifically.

4.4 Data deletion and storage period

The Cookies are set in the user’s terminal device (smart device/PC) and transmitted to our websites from there. Two forms of Cookies are used, “permanent Cookies” and “session Cookies”. Session Cookies are stored for the duration of a browser session and are deleted when the browser is closed. Permanent Cookies will not be deleted when the browser is closed but will, rather, be stored in the user’s terminal device for a longer period.

The transmission of Flash Cookies cannot be prevented through the browser settings but, rather, through changes to the settings of the Flash Player.

4.5 Option to object and remove

When accessing our website, users will be notified of the use of Cookies through an info banner and will be referred to this data privacy statement. The user’s consent to the processing of the personal data used in that context will also be obtained through the banner.

As a user, you have full control over the use and storage of Cookies. You can generally deactivate or limit the transmission of Cookies by changing the settings in your Internet browser. You can at any time delete Cookies which have already been set. This can also be done automatically. If Cookies are deactivated for our website, it will be possible that not all functions of the website can be used in full. You can find further information regarding the use of Cookies at www.meine-cookies.org or youronlinechoices.com.

You can at any time object to the use of Cookies to prepare pseudonymous user profiles (see “Analysis Cookies” above) with effect for the future. You can exercise your right to object through the info banner or the aforementioned setting options of your browser.

5.1 Description and scope of the data processing

If you wish to subscribe for the newsletter offered by us, we will require a valid email address from you. To verify whether you are the owner of the email address stated, or that its owner agrees to the sending of the newsletter, we will, after the first registration step, send an automated email to the email address stated (“double opt-in”). We will not include the email address stated in our distribution list before a confirmation of the newsletter registration through a link in the confirmation email. We will not collect any data other than the email address and the details regarding the confirmation of the registration.

If you are a customer of us, we can also send the newsletter to you.

5.2 Purpose of the data processing

Your data will only be processed for the purpose of sending the newsletter.

5.3 Legal basis

The legal basis for that processing is Article 6(1)(a) GDPR (consent, which you have given to us upon the registration for the newsletter). If you are a customer of us and we can, therefore, also send the newsletter to you without your explicit prior consent, the legal basis will be Article 6(1)(f) GDPR; in that case, our legitimate interest is our interest in advertising identical and similar products.

5.4 Data deletion and storage period

Subject to a request for deletion, the data regarding the sending of the newsletter will be stored so long as we require those data to send the newsletter. Therefore, the data will be deleted if you actively unsubscribe the newsletter, or if we are notified more than [twice] that a newsletter is undeliverable, or if we discontinue the sending of the subscribed newsletter generally.

5.5 Option to object and remove

You can unsubscribe the newsletter at any time; the statements regarding the right to revoke the consent apply in addition.

6.1 Description and scope of the data processing

We use your data to be able to present to you offers or advertising measures tailored to your needs. In addition, we invite users from time to time to take part in surveys, which help us to improve our products, our service and our website.

6.2 Purpose of the data processing

Your personal data will only be used for advertising and/or marketing purposes, as well as to conduct customer satisfaction surveys, if a relevant consent or another legal basis exists, which also allows advertising and/or marketing activities in the absence of a consent.

6.3 Legal basis

The legal basis for advertising and/or marketing activities on the basis of a consent is Article 6(1)(a) GDPR; the statements regarding the consent apply mutatis mutandis.

The legal basis for the sending of advertising is Article 6(1)(f) GDPR, in conjunction with § 7, section 3 German Act Against Unfair Competition, if you are a customer of us and we have received your email address in connection with the sale of a product or service.

The legal basis for customer surveys is Article 6(1)(f) GDPR.

6.4 Data deletion and storage period

Subject to a request for deletion, your data which are processed for advertising and marketing purposes will be stored for as long as you do not actively indicate to us that you are not interested in our products and services and, in other respects, for a period of three (3) years from the last contacting by you (e.g., email, query, participation in a marketing measure such as a customer survey).

Subject to a request for deletion, your data collected in a customer survey will be stored for as long as is necessary to carry out and analyse the customer survey. The analysed data will be stored in aggregated form in such a manner that an allocation to an individual person will no longer be possible.

6.5 Option to object and remove

You can object to the collection of your data for advertising and marketing purposes any time; the statements regarding the right to revoke the consent apply in addition. You can stop customer surveys at any time; if the survey has not yet been completed, the data collected up to then will be discarded.

7.1 General

We have integrated buttons (plug-ins”) of various social networks on our websites in order that you can also use the interactive options of the social networks used by you on our websites such as, for example, to create bookmarks. Those plug-ins offer various functions, the subject matter and scope of which are determined by the operators of the social networks.

Please note that we do not offer the social networks and have no influence on the data processing by the respective service providers. Further information on the treatment of data can be found at the following links or addresses, respectively:

7.2 Two-click procedure for the protection of your data

We use a “two-click procedure” to better protect your personal data. By clicking the button next to the respective plug-in, the plug-in will be activated; this is indicated by a change of colour of the plug-in from grey to coloured. Thereafter, you can use the respective plug-in by clicking the button of the plug-in. Please note that the IP address of your browser session can be linked to your own profile with the respective social network if you are logged in there at that time. Also, your visit to our website can be linked to your profile with the social network if the social network remembers you through a Cookie of the social network which was set earlier and still exists in your computer.

7.3 Facebook

This offer uses social plug-ins (“Plug-Ins”) of the social network, facebook.com, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). The Plug-Ins can be recognised by one of the Facebook logos (a white “f” on a blue tile, the term “Like”, or a “thumb-up” sign) or have the addition, “Facebook Social Plug-In”. The list and look of the Facebook Social Plug-Ins can be inspected at developers.facebook.com/docs/plugins/. If you call up a website of this offer which contains such a button, your browser will establish a direct connection to Facebook’s servers. The content of the plug-in will be transmitted by Facebook directly to your browser and will be embedded in the website by it. Therefore, we have no influence on the scope of the data collected by Facebook by means of that plug-in and, therefore, inform you in accordance with our state of knowledge: By the inclusion of the plug-in, Facebook will receive the information that you have called up the respective page of our offer. If you are logged in at Facebook at the same time, Facebook can associate the visit with your Facebook account. If you interact with the Plug-Ins, for example, if you click the “Like” button or send a comment, the relevant information will be transmitted by your browser directly to Facebook and will be stored there. If you are no Facebook member, it will still be possible that Facebook finds out, and stores, your IP address. According to Facebook, only an anonymised IP address will be stored in Germany. The purpose and scope of the data collection, the further processing and use of the data by Facebook, as well as your related rights and setting options to protect your privacy, are specified in the data privacy statement of Facebook at www.facebook.com/about/privacy/. If you are a Facebook member and do not wish that Facebook collects data about you through this offer and links such data to your member data stored by Facebook, you must log out at Facebook before visiting the Internet presence. Additional settings and objections to the use of data for advertising purposes are possible in the Facebook profile settings: www.facebook.com/settings.

7.4 Twitter

This offer uses the buttons of the service, Twitter. Those buttons are offered by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA (“Twitter”). They can be recognised by terms like “Twitter” or “Follow”, together with a stylised blue bird. By using those buttons, you can share a contribution or site of this offer at Twitter or follow us at Twitter. If you call up a website of that Internet presence which contains such button, your server will establish a direct connection to Twitter’s servers. The content of the Twitter buttons will be transmitted by Twitter directly to your browser. Therefore, we have no influence on the scope of the data collected by Twitter by means of that plug-in and will inform you in accordance with our state of knowledge, according to which only your IP address and the URL of the respective website will be transmitted when using the button and will not be used for any purpose other than the presentation of the button. Additional information can be found in the data privacy statement of Twitter at twitter.com/privacy.

7.5 XING

This offer uses the “Xing” button of the social network, XING, which is operated by XING AG, Gänsemarkt 43, 20354 Hamburg/Germany (“Xing”). The button can be recognised by the term “Xing” on a coloured, mostly petrol-coloured, background. When calling up any of our websites which contain that button, your browser will establish a connection to the servers of Xing, with which the “Xing Share Button” functions (in particular, the calculation/display of the counter value) will be performed. Therefore, we have no influence on the scope of the data collected by Xing by means of that button and will inform you in accordance with our state of knowledge. According to Xing, Xing does not store any personal data of you regarding the calling-up of our websites, does not store any IP addresses and will not analyse your user behaviour regarding the use of cookies in connection with the “Xing Share Button”. The current data protection information regarding the “XING Share Button” from time to time and additional information can be found at the following website: www.xing.com/app/share. To prevent the transmission and storage of data regarding you and your surfing behaviour by Xing, you must log out at Xing before visiting our websites and delete cookies (if any) from your browser.

7.6 LinkedIn

This website uses plug-ins of the social network, “linkedin.com”, which is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (“LinkedIn”). Those plug-ins are marked by a LinkedIn logo. When you call up any of our websites which contains such a plug-in, your browser will establish a direct connection with the servers of LinkedIn. We have no influence on the scope of the data collected by LinkedIn by means of the plug-in and will inform you in accordance with our state of knowledge. By calling up the website which contains the plug-in, it will be transmitted to LinkedIn which of our web pages you have visited. If you are logged in as a YouTube member when doing so, YouTube will associate that information with your personal user accounts with those platforms. If you are logged in with LinkedIn at the same time, LinkedIn may associate that information with your LinkedIn account.

Please note that an exchange of that information will be made as early as upon calling up the website which contains the plug-in, regardless of whether or not you interact with the plug-in. If you interact with the plug-in, for example, by clicking the “share” button, the related information will be transmitted directly to LinkedIn and will be stored there. The purpose and scope of the data collection and the further processing and use of the data by LinkedIn, as well as your related rights and setting options regarding the protection of your privacy, can be found in the privacy notices of LinkedIn at linkedin.com/legal/privacy-policy.

To prevent the transmission and storage of data regarding yourself and your surfing behaviour by LinkedIn, you must log out at LinkedIn before visiting our websites and delete cookies (if any) from your browser.

7.7 YouTube Plug-ins (Videos)

This website uses plug-ins of Youtube.de/Youtube.com, which is - represented by Google Inc. - operated by Youtube, LLC, Cherry Ave., USA (“YouTube”). If you call up a page of our Internet presence which contains such a plug-in, a connection to the YouTube servers will be established, and the plug-in will be shown on the website by a notification to your browser. Therefore, we have no influence on the scope of the data collected by YouTube by means of that button and will inform you in accordance with our state of knowledge. By calling up the website which contains the plug-in, it will be transmitted to the YouTube server which of our web pages you have visited. If you are logged in as a YouTube member when doing so, YouTube will associate that information with your personal user accounts with those platforms. When using functions of the plug-in, for example, when clicking the start button of a video or sending a comment, that information will be associated, for example, with your YouTube user account; this can only be prevented by you by logging out at YouTube before using the plug-in. Information regarding the collection and use of the platforms or plug-ins can be found in the data privacy statement of YouTube: www.youtube.com.

8.1 General

To optimise our websites and to adapt our websites to the changing habits and technical requirements of our users, we use web analysis tools. In so doing, we measure, for example, what elements are visited by the users, whether the information looked for can be easily found etc. That information will only become interpretable and meaningful if a larger group of users is monitored. To this end, the collected data will be aggregated, i.e., combined to form larger units.

Thereby, we can adapt the design of pages or optimise contents, for example, if we find out that a relevant part of the visitors use new technologies, or cannot find existing information at all, or only with difficulty.

In our web and online offers, we carry out the following analysis or use the following web analysis tools, respectively:

8.2 HubSpot

This website uses HubSpot, a service of HubSpot Inc., a US software supplier with a branch office in Ireland (HubSpot Inc., 2nd floor 30 North Wall Quay, Dublin 1, Ireland, phone +353 1 5187500), by which we cover specific aspects of our online marketing, including

• Content Management (e.g., the contents of the website)
• Email Marketing (newsletters and automated mailings, for example, to provide information about updates)
• Social Media Publishing & Reporting (e.g., LinkedIn)
• Reporting (e.g., traffic sources, accesses etc.)
• Contact Management (e.g., user segmentation & CRM)
• Provision of landing pages and contact forms

Where this is required by law, we will ask you, in advance and separately, for your consent to the collection, storage and processing of your data. With your consent, HubSpot will use “Web Beacons” and cookies, which are stored on your computer and enable us to analyse your use of the website. The collected information (e.g., the IP address, the geographic location, the browser type, the duration of the visit and the pages viewed) is analysed by HubSpot on our behalf in order to generate reports regarding the visit and the pages viewed by you. If you do not wish a collection through cookies generally, you may at any time prevent the storage of cookies through your browser settings.

The data collected by us through HubSpot will be used by us exclusively to provide, and optimise, our marketing. Your data can then be used by us to contact you, as a visitor of our website, and to ascertain which of our services might be interesting for you. If you subscribe to our email news and download studies and other documents, we will also be able through HubSpot to analyse your visits through your additional details (in particular, name/email address) and to inform you about your preferred topics in a targeted manner. We also provide our registration service through HubSpot. The registration service enables you, as a visitor of our website, to learn more about our enterprise, to download content, and to provide us with your contact details and additional information about yourself and your enterprise. If this is required by law, we will ask you in advance and separately to grant your prior consent to the collection, storage and processing of your data.

The data collected by us through HubSpot are stored on the servers of our contractor, HubSpot, in the USA. We have established the necessary requirements in order that this is in line with EU data protection law. You can inspect the complete privacy policy of HubSpot here. HubSpot will also inform you here in relation to the compliance with EU data protection law by HubSpot Inc. HubSpot provides information regarding the cookies used by it here and here.

8.3 Data protection - Google Analytics

This website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses "cookies", which facilitate an analysis of the use of the website by our customers on a pseudonymous and/or anonymous basis.

The information generated by the cookie about your use of the website will normally be transmitted to, and stored by, Google on servers in the United States. If IP anonymisation is activated on this website, your IP address will, however, be shortened by Google before the transmission in the member states of the European Union or other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a server of Google in the USA and will be shortened there. Google will use that information on our behalf to compile reports on website activities and to provide other services to the website operator relating to website activities and Internet usage. The IP address transmitted from your browser in connection with Google Analytics will not be aggregated with other data of Google.

You can prevent the storage of cookies by selecting the appropriate settings on your browser; however, please note that if you do this you may not be able to use the full functionality of our website.

If you do not wish an analysis by Google Analytics, you have the following options:

• You can prevent the collection by Google Analytics by clicking the following link. An opt-out cookie will be set, which will prevent the future collection of your data by Google Analytics when accessing this website: tools.google.com/dlpage/gaoptout

Note: If you delete your cookies, the opt-out cookie will also be deleted and will possibly have to be activated by you once more.

• You can also prevent the collection of the data (including your IP address) in relation to your use of the website which are generated by the Google Analytics cookie, as well as the processing of those data by Google, by downloading and installing the browser plug-in which is available through the following link tools.google.com/dlpage/gaoptout.

We use Google Analytics to analyse data from AdWords and the double-click cookie for statistical purposes. Should you not want that we do this, you can deactivate this through the Ads Preferences Manager.

9.1 Description and scope of the data processing

On our website, there is a contact form, which users can use for contacting us electronically. If users use that option, the data entered in the input mask will be transmitted to, and stored by, us. Those data may include the following:

• Salutation
• First name
• Last name
• Department
• Position
• Company name
• Company’s street and street number
• Company’s postcode and town
• Country
• Interests
• Comment field
• Event-related input fields
• Topic-related input fields

When sending the message, the following data will also be processed and stored:

• The user’s IP address
• Date and time of the sending

Alternatively, users can contact us through the email address stated on our website. In that case, the user’s personal data transmitted through the email will be stored. In no event will the data be disclosed to third parties, unless we must use the services of third parties to process the request.

9.2 Purpose of the data processing

The data will be processed exclusively to process the relevant request by the user. The other data collected during the transmission serve the purpose of preventing a misuse of the contact form and to warrant the security of our IT systems.

9.3 Legal basis

Where the data processing is made to perform an order or a request by a customer, the legal basis is Article 6(1)(b) GDPR, regardless of whether the contact is established through the contact form or by email.

If a consent by the user exists, the legal basis will be Article 6(1)(a) GDPR.

The legal basis for the collection of additional data during the transmission is Article 6(1)(b) GDPR; the legitimate interest in that respect is the prevention of misuse and to warrant system security (see above).

9.4 Data deletion and storage period

The data will be deleted once they are no longer necessary for the purpose of their collection. In relation to the personal data from the input mask of the contact form and the personal data transmitted by email, this will be the case once the respective communication with the user ends and/or the user’s query has been finally answered. The communication will have ended, or the query will have been finally answered, if it results from the circumstances that the matter in question has been conclusively clarified. A deletion will be substituted by a storage including blocking if the continued storage of the data is required for reasons specified in section 2.6 above.

The personal data collected during the transmission will be deleted after seven days, at the latest.

9.5 Right to object and remove

Users may at any time stop communications wit us and/or withdraw their query and object to the use of their data. In that case, the communication cannot be continued. All personal data stored in connection with the contacting will be deleted in that case, unless the continued storage of the data is required for reasons specified in section 2.6 above.

We have taken the necessary technical and organisational safety measures to protect your personal data from a loss and misuse. For example, your data are stored in a safe operating environment which cannot be publicly accessed. Should you wish to contact us by email, please note that the confidentiality of the transmitted information will not be warranted. The contents of emails can be inspected by third parties. Therefore, we recommend that you send any confidential information such as application documents to us exclusively by post.

Statutory and/or organisational reasons may from time to time require modifications or adjustments of this Data Privacy Statement. Please refer to the most current version of this Data Privacy Statement from time to time, to which you will automatically be directed by clicking the link displayed to you when Cookies are requested. Any modifications will always apply to personal data collected in future. The protection of the data collected and stored by us before the modification will not be affected thereby.

The GDPR grants you, as the data subject of the processing of personal data, certain rights, of which we inform you at eur-lex.europa.eu/legal-content/EN/TXT/PDF/ in Chapter 3.

Should you have any questions regarding data protection, please contact us. To do so, we recommend that you use the contact address specified in section 1 above or the contact details in our legal notice.