DATA PROTECTION DECLARATION

Your cookie settings

Adjust cookie settings

Your cookie history

DateVersionConsent

OPT-OUT GOOGLE ANALYTICS

OPT-OUT FACEBOOK PIXEL

Welcome to our website https://www.excelsior-hotel.de/en! Thank you for visiting our website and for your interest in our company. Our website can generally be used without providing personal data. Personal data according to Art. 4 No. 1 of the GDPR will only be collected if we have a legal basis to do so (e.g. contract, your request, our legitimate interest) or we have your consent. Your personal data will be processed for the purpose of providing the service you requested.

We further undertake to treat the information provided by you with the utmost care and responsibility in accordance with the General Data Protection Regulation (GDPR – Regulation (EU) 2016/679) at all times. This also applies in particular to cooperation with third parties. To this end, this site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the change in the address line of the browser from “http://” to “https://” and by the lock symbol in your browser line. With SSL or TLS encryption enabled, third parties cannot gain unauthorized access to the data that you transmit to us.

Our Data Protection Declaration is regularly updated and adapted to new legal requirements or case law. We therefore recommend that you regularly reread this Data Protection Declaration.

The following describes how, for what purpose, and on what legal basis we collect, handle, process, and store certain data we collect about you.

1. Information in line with Article 13 of the GDPR

a. Name and contact information of the controller, Art. 4 No. 7 GDPR:

Hotel Excelsior München GmbH & Co.KG
Excelsior & Vinothek by Geisel
Schützenstr. 11
80335 Munich, Germany
Phone: +49  89 / 551 370

E-Mail: excelsior@geisel-privathotels.de

b.Name and address of the data protection officer

Franziska Rosin
Pfarrer-Ludwig-Weg 6
86919 Utting am Ammersee

E-mail: info@franziska-rosin.de

2. Collection and use of non-personal data
a. Log file

When visiting our website https://www.excelsior-hotel.de/en, the browser being used on your device automatically transmits information to our website server. This information is temporarily stored in a log file. The following information is collected without intervention from you and stored until automatically erased:

  • IP address of the enquiring server,
  • date and time of access,
  • name and URL of the file retrieved,
  • website initiating the access (referrer URL),
  • browser used and, where applicable, the operating system of your computer as well as the name of your access provider.

The aforementioned data are processed by us for the following purposes:

  • ensuring a smooth connection to the website,
  • ensuring convenient use of our website,
  • analysing system security and stability, as well as
  • improving our offer.

The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f of the GDPR. Our legitimate interest results from the above purposes for data collection. It is not possible for us to attribute this data to a specific person.

b. Cookies

A “cookie” is a small text file that is created and stored on your computer when you visit our website. Cookies are used to make our service more user-friendly, more effective and safer. Some of the cookies we use are erased after the browser session has ended, i.e. after you close your browser (so-called session cookies). Other cookies stay on your device and enable us to recognize your browser the next time you visit our site (persistent cookies).

You can configure your browser to notify you about cookies and decide whether to accept the cookie, or to block specific or all cookies. You can learn how to delete cookies in the most common browsers and change cookie settings here, among other things:

Deactivating cookies may limit the functionality of this website.

c. Cookie consent with Borlabs Cookie

Our website uses cookie consent technology from Borlabs Cookie to obtain your consent to store certain cookies in your browser and to document these in accordance with data protection regulations. The provider of this technology is Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg, Germany (hereinafter “Borlabs”).

When you visit our website, a Borlabs cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This data will not be passed on to the provider of Borlabs Cookie.

The collected data will be stored until you request us to delete it or until you delete the Borlabs cookie itself or until the purpose for which the data is stored no longer applies. Compulsory legal retention periods remain unaffected. Details about the data processing of Borlabs Cookie can be found at https://borlabs.io/kb/what-information-does-borlabs-cookie-store/.

The use of Borlabs cookie consent technology is done in order to obtain the legally required consents for the use of cookies. The legal basis for this is Art. 6 para. 1 p. 1 lit. f GDPR.

3. Temporary uses and end uses

In general, you can visit our website without providing any personal information. We only collect personal data if you voluntarily provide it to us as part of your booking or when contacting us (e.g. via contact form or e-mail). You can see which data is collected from the respective input forms.

The processing of this data is based on Art. 6 para. 1 lit. b GDPR, provided that your enquiry is associated with the fulfillment of a contract or required for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of the inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested. After completing the contract, your data is blocked from further processing and erased following expiration of the file retention periods under tax and commercial law, unless you have expressly consented to further use of your data or we have reserved the right to use data beyond this, as permitted by law and about which we inform you below.

You can give your consent at any time informally and without giving reasons by sending a message to the contact option described above. The lawfulness of the data processing operations carried out up until revocation and mandatory statutory provisions – in particular retention periods – shall remain unaffected by this.

Further use of your data in detail:

a. Contact form
When you send us enquiries using the contact form, we store your information from the contact form including the contact information you indicated there for the purpose of processing the enquiry and in the event of follow-up questions. This data will not be shared without your consent.The data entered in the contact form is processed on the basis of a legitimate interest according to Art. 6 para. 1 lit. f GDPR.The data from the contact form is stored by us until you request us to erase it, withdraw your consent to storage or the purpose of the data storage no longer applies (e.g. after the processing of your enquiry has been completed).

b. Requests via email, phone or fax

When contacting us by e-mail, phone or fax, your inquiry including all personal data generated in the process (name, inquiry reason) will be stored and processed for the purpose of processing your request. This data will not be shared without your consent.

c. E-mail newsletter

To subscribe to our newsletter, we use what is known as the double opt-in procedure; this means that after you have registered, we will send you an e-mail to the e-mail address you have provided, in which we ask you to confirm that you wish to receive the newsletter. If the subscription is not confirmed within 24 hours, your information will be blocked and automatically deleted after one month. If you subscribe to our newsletter, we use the following data – which is required for this purpose or which you have separately provided – to send you our e-mail newsletter on a regular basis in accordance with your consent:

  • E-mail address (required field)
  • Salutation, title, first name, last name (optional)
  • The IP address of the computer from which access occurs
  • Date and time of registration

We use your e-mail address independently of the contract processing. Beyond that we store the IP addresses used by you and the date and time subscribed and confirmed. The purpose of the method is to be able to prove and if necessary resolve misuse of your personal data. The legal basis for this processing is Art. 6 para. 1 S. 1 lit. a of the GDPR.

After you have unsubscribed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. Storage in the blacklist does not have a time limit.

d. Maileon

This website uses Maileon to send newsletters. The provider is XQueue GmbH, Christian-Pleß-Str. 11-13, 63069 Offenbach am Main, Germany. Maileon is a service that can be used to organize and analyze the sending of newsletters, among other things. The data you enter for the purpose of receiving the newsletter is stored on Maileon’s servers in Germany.

If you do not want Maileon to analyze your data, you must unsubscribe from the newsletter. We provide a link for this in every newsletter. You can also unsubscribe from the newsletter directly on our website.

e. Data analytics and more

Maileon helps us analyze our newsletter campaigns. For example, we can see whether a newsletter was opened and which links, if any, were clicked. This enables us to determine, among other things, which links have been clicked on particularly often. In addition, we can analyze whether certain actions were performed after opening/clicking (conversion rate). This enables us to see, for example, whether you have made a purchase after clicking on the newsletter.

Maileon also allows us to divide (“cluster”) newsletter recipients based on different categories. In the process, newsletter recipients can be broken down by age, gender or place of residence, for example. In this way, newsletters can be better adapted to the respective target groups. We have concluded a contract with Maileon which obliges Maileon to protect our customers’ data and not to pass it on to third parties.

For detailed information about Maileon’s features, please see the following link https://maileon.com/.

f. Postal advertising

We also reserve the right to store your first and last name, your postal address and – insofar as we have received this additional information from you within the framework of the contractual relationship – your title, academic level, year of birth, and your profession, industry or business designation in summarized lists and to use them for our own advertising purposes, e.g. to send you interesting offers and information about our products by post.

g. TrustYou

We use functions from TrustYou GmbH on our website. TrustYou collects and analyzes guest reviews, questionnaires and social media posts on the Internet. The reviews generated by TrustYou are an efficient way for us to improve our service. TrustYou’s service gives you the best overview of what guests say about the hotel. Ratings that you pass on to TrustYou are received and stored by them.

For more information, please see TrustYou’s privacy statement at https://www.trustyou.com/downloads/TrustYou_GmbH_Privacy_Policy_ENG_12-2020_clean.pdf

h. Online booking system SynXis

As part of the marketing cooperation with Preferred Hotels, we have integrated SynXis, a service provided by Sabre Hospitality Solutions GmbH, Unterschweinstiege 2 – 14, 60549 Frankfurt am Main, Germany, as a booking platform on our site. The booking platform offers you the possibility to make a reservation. If you click on “BOOK”, the input mask will open; there you can enter your reservation data. Sabre Hospitality Solutions GmbH processes the data you enter on our behalf.

This includes the following data:

  • Title
  • Surname, first name
  • Address
  • E-mail
  • Date of birth
  • Credit card details

Your personal data will then be used to process your booking and will be deleted after the legal storage periods have expired.

Sabre Hospitality Solutions GmbH processes this data in its system on our behalf. We receive anonymized aggregated statistical data from SynXis – e.g. country statistics, agency reports, sales reports – which help us improve our offer.

You can view the privacy policy of Sabre Hospitality Solutions GmbH here: https://www.sabre.com/about/privacy/.

i. Reservation of tables (OpenTable)

In order to facilitate reservations for you, we integrate the reservation mask of OpenTable on our website. We use the reservation software of the service “OpenTable” of the provider OpenTable Inc, 1 Montgomery St., Suite 700, San Francisco, CA 94014, USA. The data for guests making reservations from Germany are processed by OpenTable GmbH, Zeil 109, Frankfurt 60313. We use this reservation tool to offer our guests the possibility to reserve tables with us online. In doing so, different types of data about you are stored: First, data that you submit to the third-party provider in the course of your requested reservation that personally identifies you (such as your name, email address or contact details). Second, data that does not identify you but is relevant to your use of the partner websites (such as dwell time, geographic data). Third, we also collect data such as preferences that you voluntarily provide to OpenTable. The reservation via the tool constitutes consent within the meaning of Art. 6 (1) lit. a DSGVO. This consent can be revoked at any time with effect for the future.

For more information on data use and storage, please refer to the data protection information on the website of our partner: https://www.opentable.de/legal/privacy-policy

k. Use of THE HOTELS NETWORK

This website uses a cookie from the service provider THE HOTELS NETWORK, S.L., Av. Diagonal, 439, 3º-1ª, 08036 Barcelona, Spain. This cookie takes the form of a hexadecimal character set and is used to identify users with a unique ID. The cookie is used to identify users the next time they visit the hotel’s website in the network. It also allows us to personalize the user experience. The storage period of the data transferred to THE HOTELS NETWORK is 2 years. The legal basis for the processing of this personal data is Art. 6 para. 1 lit. a EU-GDPR via our cookie banner.

For more information, please visit THE HOTELS NETWORK’s website and privacy policy at https://www.thehotelsnetwork.com/en/privacy-policy/

4. Data protection notice for applicants

We offer you the opportunity to apply for a job with us (e.g. by e-mail, by post or via online application form). In the following we inform you about the scope, purpose and use of your personal data collected during the application process. We assure you that the collection, processing and use of your data will be in accordance with the applicable data protection laws and all other legal requirements, and that your data will be treated in strict confidence.

a. Scope and purpose of data collection

If you send us an application, we will process your associated personal data (e.g. contact and communication data, application documents, notes taken during job interviews) insofar as this is necessary to decide on the establishment of an employment relationship. The legal basis for this is § 26 of the BDSG-neu (new German Data Protection Act) under German law (initiation of an employment relationship), Art. 6 para. 1 lit. b of the GDPR (general contract initiation) and – if you have given your consent – Art. 6 para. 1 lit. a of the GDPR. Consent can be revoked at any time. Within our company, your personal data will only be passed on to persons who are involved in the processing of your application.

If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of § 26 of the BDSG-neu (new German Data Protection Act) and Art. 6 para. 1 lit. b of the GDPR for the purpose of carrying out the employment relationship.

b. Duration of storage of the data

If we are unable to offer you a job, if you reject a job offer or if you withdraw your application, we reserve the right to keep the data you have submitted with us for up to 6 months from the end of the application procedure (rejection or withdrawal of the application) on the basis of our legitimate interests (Art. 6 para. 1 lit. f of the GDPR). The data is then deleted and the physical application documents destroyed. The storage is especially for the purpose of proof in case of a legal dispute. If it is evident that the data will be required after the 6-month period (e.g. due to an imminent or pending legal dispute), the data will only be deleted when the purpose for further storage no longer applies.

A longer storage period can also take place if you have given your consent (Art. 6 para. 1 lit. a of the GDPR) or if legal storage obligations prevent deletion.

c. Inclusion in the applicant pool

If we do not make you a job offer, there may be the possibility of including you in our pool of applicants. In the event of inclusion, all documents and details from the application will be transferred to the applicant pool in order to contact you in the event of suitable vacancies.

Admission to the applicant pool is based solely on your express consent (Art. 6 para. 1 lit. a of the GDPR). Giving consent is voluntary and has no relation to the ongoing application process. You can revoke your consent at any time. In this case, the data will be irrevocably deleted from the applicant pool, unless there are legal reasons for retention.

The data will be irrevocably deleted from the applicant pool no later than two years after consent has been granted.

5. Data transfer for contract fulfillment

We only transmit personal data to third parties if this is necessary for the purpose of contract processing. The legal basis for data processing is Art. 6 para. 1 lit. b of the GDPR, which allows the processing of data to fulfill a contract or precontractual measures. Further transmission of the data does not take place or takes place only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.

a. Identity and credit check when selecting payment methods

We use external payment service providers, the platforms of which allow users and us to make payment transactions. The terms and conditions and the data protection declarations of the respective payment service providers apply to the payment transactions, which can be accessed within the respective websites or transaction applications. We also refer to these for further information and assertion of revocation, information and other data subject rights:

The data processed by the payment service providers includes inventory data (e.g., name and address), bank data (e.g., account numbers or credit card numbers), passwords, TANs and checksums, as well as contract-, sum- and recipient-related information. This information is necessary to carry out the transactions. However, the data entered is only processed by the payment service providers and stored with them. This means that we do not receive any account or credit card-related information, only information confirming or denying receipt of payment. Under certain circumstances, the data may be transmitted to credit agencies by the payment service providers. The purpose of this transmission is to check identity and creditworthiness. More information about this can be found in the terms and conditions and data protection declarations of the payment service providers – see links above.

This is done in the context of the fulfillment of contracts on the basis of Art. 6 para. 1 lit. b. of the GDPR with your consent. We also use external payment service providers on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. b. GDPR in order to offer our users effective and secure payment options.

b. Data transmission for the shipment of goods

If you have given us your consent to do so, we will pass on your e-mail address to the shipping service provider so that they can keep you informed about the progress of the shipment. This will help us to avoid wrong deliveries and unnecessary delivery attempts.

Further transmission of the data does not take place or takes place only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.

6. Non-personal plug-ins and tools

We have concluded a contract with Google for order processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

a. Google (Universal) Analytics

We use Google Analytics for the purpose of tailoring our pages to your needs and continuously optimising them. This is a web analytics service provided by Google Inc. (https://www.google.de/intl/en/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). In this context we create pseudonymized usage profiles and use cookies. The information generated by the cookie about your use of the website such as

  • browser type/version,
  • operating system used,
  • referrer URL (the previously visited page),
  • host name of the accessing computer (IP address),
  • time of the server request,

are transmitted to a Google server in the USA, where they are then stored. The information is used to analyze website use, to generate reports about website activities and to provide other services related to website use and internet use for the purposes of market research and needs-based design of this website. This information may also be shared with third parties where required by law or if third parties process this data on our behalf. Your IP address will never be merged with Google data. The IP addresses are anonymized to prevent merging (IP masking).

You can configure the settings of your browser software to prevent cookies from being installed, in which case, however, you may not be able to make full use of all functions of this website. You can prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en

As an alternative to the browser plug-in, you can click this link to prevent future collection by Google Analytics on this website. This will save an opt-out cookie to your device. If you delete the cookies, you will need to click the link again.

b. IP anonymization

We have activated the IP anonymization function on this website. As a result, Google will truncate your IP address within Member States of the European Union or other contracting states to the Agreement on the European Economic Area before transmission to the USA. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information, to analyze your use of the website, to compile reports on the website activities and to provide the website operator with other services associated with the use of the website and the Internet. The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google.

c. Google Ads and Google Conversion Tracking

This website uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Within the scope of Google Ads, we use so-called conversion tracking. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are text files that are stored by the internet browser on the user’s computer system. These cookies lose their validity after 30 days and are not used for personal identification of the user. When the user visits certain pages on this website and the cookie is still valid, it allows Google and I to recognize the user clicked the advertisement and was redirected to this page.

Every Google Ads customer receives a different cookie. Cookies can therefore not be tracked via the websites of Google Ads customers. The information collected by the conversion cookie is used to compile conversion statistics for Google Ads customers who decided to use conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, you will not receive information that can be used to identify users personally.

You can configure your browser to alert you when cookies are being placed and to decide individually whether to accept them, to block certain cookies, or to block all cookies, and to delete cookies automatically after closing your browser. Deactivating cookies may limit the functionality of this website.

You can find more information about Google Ads and Google Conversion Tracking in Google’s privacy policy: https://policies.google.com/privacy?hl=en.

d. Google Web Fonts

For the uniform display of fonts, this page uses web fonts provided by Google. Google Fonts are installed locally. A connection to Google servers is not established.

For more information about Google Web Fonts, see: https://developers.google.com/fonts/faq

and Google’s privacy policy: https://policies.google.com/privacy?hl=en.

e. AppDynamics

The booking system uses the services of AppDynamics International Ltd, 150 Aldersgate Street, London EC1A 4AB, England, a company of the Cisco Systems, Inc. corporate group, for the purpose of performance monitoring. This allows TravelClick to automatically collect errors, crashes, network traffic, page load information, and other application-related metrics to help us monitor the operation of our sites and improve our services. To do this, AppDynamics sets a cookie that is only valid during the visit to the website. AppDynamics processes non-personal or pseudonymous data, such as client ID, session ID as well as page views, content deliveries (vacancies and suppliers) and the booking price.

AppDynamics processes this information on behalf of TravelClick within (AppDynamics International Ltd.) and also outside of the EU/EEA through AppDynamics LLC, 303 Second Street, North Tower, 8th Floor, San Francisco, CA, 94107 in the USA. The transfer of data to the USA is permitted under Art. 45 of the GDPR, as AppDynamics is certified under Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt0000000GnJ2AAK), indicating that an adequate level of data protection exists and we have entered into corresponding written data protection agreements with the provider.

The only way for you to object to the processing of the pseudonymous data by AppDynamics is to deactivate or not allow cookies to be set in your browser settings, as we have no influence on this process.

f. Web fonts from Monotype Imaging Holdings inc. (“Monotype”)

For the uniform display of fonts, our website uses web fonts provided by Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, Massachusetts 01801 USA. When you call up a page, the browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. The Monotype fonts are kept locally on our server. This ensures that the IP addresses of visitors to our website are not transmitted to Monotype.

g. MyFonts Counter

Our website uses MyFonts Counter, a web analytics service provided by MyFonts Inc, 500 Unicorn Park Drive, Woburn, MA 01801, USA. On the basis of the licence conditions, page view tracking is performed by counting the number of visits to the website for statistical purposes and transmitting them to MyFonts. MyFonts only collects anonymized data. The transfer of data may occur through the activation of Java Script code in your browser. To prevent MyFonts from executing Java Script code altogether, you can install a Java Script blocker (e.g. www.noscript.net). For more information about MyFonts Counter, please see MyFonts’ privacy policy at https://www.myfonts.com/legal/terms-and-conditions-of-business.

h. Google Maps

This site uses the map service Google Maps via an API. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To use the functions of Google Maps it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. We have no influence on this data transmission.

The use of Google Maps is in the interest of presenting of our online offers in an attractive way and enabling the locations we have indicated on the website to be found easily.

More information on the handling of user data is available from Google’s Privacy Policy at: https://policies.google.com/privacy?hl=en.

i. Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. With reCAPTCHA, we check whether the data were entered on these websites (e.g. in contact form) by an automated program or by a person. reCAPTCHA analyzes the behavior of website visitors based on various characteristics. This analysis starts automatically as soon as the website visitor accesses the website. For the analysis, reCAPTCHA evaluates different information (e.g. IP address, the website visitor lingering on the website, or mouse activity made by the user). The data recorded in the context of the analysis are forwarded to Google. The reCAPTCHA analysis runs completely in the background. Website visitors are not notified that the analysis is ongoing.

For more information about Google reCAPTCHA, see the Google Privacy Policy and the Google Terms of Service at the following links: https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en.

j. Google DoubleClick

This website uses functions of Google DoubleClick. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (hereinafter “DoubleClick”).

DoubleClick is used to show you interest-based ads across the Google advertising network. The ads can be targeted to the interests of the respective viewer with the help of DoubleClick. For example, our advertising may be displayed in Google search results or in advertising banners associated with DoubleClick.

In order to display interest-based advertising to users, DoubleClick must be able to identify the respective viewer. In order to do this, a cookie is stored in the user’s browser, in which the websites visited by the user, clicks and various other information are stored. This information is combined to create a pseudonymous user profile in order to display interest-based advertising to the user in question.

You can change the settings of your browser so that it no longer stores cookies. However, this may restrict the accessible functions on the website. It should also be noted that DoubleClick may use other technologies to create user profiles. Therefore, turning off cookies does not guarantee that user profiles will no longer be created.

For more information on how to object to the advertisements displayed by Google, please see the following link: https://policies.google.com/technologies/ads.

k. GA Audience

Our website uses GA Audience, a service provided by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter “GA Audience”). GA Audience uses, among other things, cookies that are stored on your computer as well as other mobile devices (e.g. smartphones, tablets) that enable the use of the respective devices to be analyzed. Some of the data is evaluated across devices. Google Audience has access to the cookies created in the use of Google AdWords and Google Analytics. Within the scope of use, data, such as the IP address and activities of the user in particular, may be transmitted to a server of the company Google Inc. and stored there. Google Inc. may transfer this information to third parties where required to do so by law, or where such third parties process the information. You can prevent the collection and forwarding of personal data (especially your IP address) and the processing of this data by disabling the execution of Java Script in your browser or installing a tool such as NoScript. You can also prevent the Google cookie from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link (https://tools.google.com/dlpage/gaoptout?hl=en).

Further information on data protection when using GA Audience can be found at the link below: https://support.google.com/analytics/answer/2700409?hl=en&ref_topic=2611283

l. Adobe Fonts

This website uses Adobe web fonts for the uniform display of certain fonts. The provider is Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (hereinafter “Adobe”).

When visiting this website, your browser loads the required fonts directly from Adobe so that they can be displayed correctly on your device. In doing so, your browser establishes a connection with the Adobe servers in the USA. This informs Adobe that this website was accessed from your IP address. According to a statement from Adobe, no cookies are stored when the fonts are provided.

Adobe is certified in accordance with the EU-US Privacy Shield. The Privacy Shield is an agreement between the United States of America and the European Union that seeks to ensure compliance with European data protection standards. You can find more information at https://www.adobe.com/de/privacy.html.

m. Gstatic

A web service of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter “Gstatic”) is loaded on our website. We use this data to ensure the full functionality of our website. As part of this, your browser may transmit personal data to Gstatic. The legal basis for the data processing is Art. 6 para. 1 lit. f of the GDPR. Our legitimate interest lies in the error-free functioning of the website. The data is deleted as soon as the purpose of its collection has been fulfilled. For more information about the handling of the transferred data, please see the privacy policy of Gstatic: https://policies.google.com/privacy?hl=en.

You can prevent the collection and processing of your data by Gstatic by disabling the execution of script code in your browser or installing a script blocker in your browser.

7. Social plugins

Social plugins (“plugins”) of social networks are used on our website. These services are provided by companies such as Meta Platforms Inc, Twitter, Instagram LLC. etc. (“providers”).

When visiting a page on our website with this type of plugin your browser connects directly to the providers’ servers. The content of the plugin is transmitted directly to your browser and integrated into the page. Through the integration of the plugins, the providers receive information that your browser has accessed the respective page of our website, even if you do not have a profile or are not currently logged in. This information (including your IP address) is transmitted by your browser directly to a server of the respective provider in the USA and stored there. If you are logged in to one of the services, they can directly assign the visit to our website to your respective profile. If you interact with the plugins, the corresponding information is also transmitted directly to a server of the providers and stored there. The information will also be published on your respective accounts in the social networks and displayed there to your contacts.

The data collected in this way enables the operators of the social media portals to create user profiles in which your preferences and interests are stored. This enables interest-based advertising to be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising may be displayed on all devices on which you are or were logged in.

Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are largely determined by the corporate policy of the respective provider. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. Please refer to the terms of use and data protection provisions of the respective social media portals for further details.

If you do not want the following social networks to assign the data collected via our website directly to your profile in the respective service, you must log out of the corresponding service before visiting our website. You can also prevent plugins using browser add-ons such as the script blocker NoScript (https://noscript.net/).

Detailed information about the social network plugins we use:

a. Facebook

Plugins of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA are integrated on our website. You can recognize the Facebook plug-ins by the Facebook logo or the “Like” button on our page. An overview of the Facebook plug-ins can be found here: https://developers.facebook.com/docs/plugins/.
When you visit our website, the plug-in establishes a direct connection between your browser and the Facebook server. Facebook receives the information that you have visited our site with your IP address. If you click the Facebook “Like” button while logged into your Facebook account, you can link the content of our website to your Facebook profile. This allows Facebook to associate your visit to our website with your user account. We would like to point out that we, as the provider of the website, have no knowledge of the content of the transmitted data or its use by Facebook.
More information is available in Facebook’s Privacy Policy at https://www.facebook.com/policy.php.
If you do not want Facebook to be able to associate visits to our website to your Facebook user account, please log out of your Facebook user account.

b. Facebook Pixel

This website uses a visitor action pixel from Facebook for conversion tracking. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the collected data is also transferred to the USA and other third countries.

This makes it possible to track the behavior of page visitors after they have been redirected to the provider’s website by clicking on a Facebook ad. This allows the effectiveness of Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized.

The collected data is anonymous for us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook, meaning that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook Data Policy. This enables Facebook to present ads on Facebook pages as well as outside of Facebook. This use of data cannot be influenced by us as the website operator.

You can find more information about protecting your privacy in Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

You can also disable the “Custom Audiences” remarketing feature in the Ad Settings section at https://www.facebook.com/adpreferences/advertisers/?entry_product=ad_settings_screen. To do this, you must be logged in to Facebook.

If you do not have a Facebook account, you can opt out of usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website: https://www.youronlinechoices.com/de/praferenzmanagement/.

c. Registration with Facebook Connect

Instead of registering directly on this website, you can register using Facebook Connect. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the collected data is also transferred to the USA and other third countries.

If you choose to register with Facebook Connect and click on the “Login with Facebook”/”Connect with Facebook” button, you will be automatically redirected to Facebook’s platform. There you can log in with your user data. This will link your Facebook profile to this website and our services. This link gives us access to your data stored on Facebook. These include, in particular, Facebook name, Facebook profile picture, Facebook cover picture, email address registered with Facebook, Facebook ID, Facebook friends lists, Facebook likes, birthday, gender, country and language.  This data is used to set up, provide and personalize your account.

For more information, see the Facebook Privacy Policy and the Facebook Terms of Use: https://www.facebook.com/about/privacy/ and https://www.facebook.com/legal/terms/.

d. Instagram

Instagram functions are integrated on our website. These functions are provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA (hereinafter “Instagram”). If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to our website with your user account. We would like to point out that we, as the provider of the website, have no knowledge of the content of the transmitted data or its use by Instagram.
For more information, please see Instagram’s privacy policy: https://help.instagram.com/155833707900388/.

e. YouTube videos

We have integrated YouTube videos into our website, which are stored at http://www.youtube.com and can be directly viewed via our website. YouTube is a service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. When you visit a page on our website that contains one of these plugins, clicking on the icon will establish a direct connection to Google’s servers. The content of the plugin is transmitted by Google directly to your browser and integrated by it into the website. By integrating the plugins, Google receives the information that a user has accessed the corresponding page on our website. If you are logged into YouTube, Google can attribute the visit to your YouTube account. If you interact with the plugins, for example by posting a comment, the corresponding information is transmitted directly from your browser to Google and stored there. For the purpose and scope of the data collection and further processing and use of the data by YouTube, as well as your related rights and options to protect your privacy, please refer to the Google privacy policy. If you do not want Google to collect data about you when you use the plugin, you must log out of Google before visiting our website.

More information from the third-party provider: YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, https://policies.google.com/technologies/product-privacy?hl=en.

8. Your rights at a glance

According to the EU General Data Protection Regulation, you are entitled to the following rights under Art. 13 para. 2 lit. b of the GDPR:

a. Right of access by the data subject

You can request information free of charge about the scope, origin and recipients of the stored data as well as the purpose and duration of storage (Art. 15 GDPR).

b. Right to rectification

You can request that incorrect or incomplete data be corrected or supplemented at any time (Art. 16 GDPR).

c. Right to restriction of processing and deletion

If the legal requirements are met, you may request the deletion or restriction of processing (Art. 17, 18 GDPR).

d. Right to data portability

If you have consented to the data processing or if a contract for data processing exists and the data processing is carried out with the help of automated procedures, you may have a right to data portability (Art. 20 GDPR).

e. Right of objection

You may revoke your consent to the processing of your personal data at any time with effect for the future (Art. 21 GDPR).

If the processing is carried out for direct marketing purposes, you may exercize this right at any time as described above. Insofar as processing is carried out for other purposes, you have the right to object only on grounds relating to your particular situation.

After you have exercized your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the purpose of asserting, exercising or defending legal claims.

This does not apply if the processing is for direct marketing purposes. In that case, we will no longer process your personal data for this purpose.

If you have any questions, comments or requests regarding the processing of your personal data by us, please use the contact options above or our contact form.

f. Retention period

After completion of the contract, the data will initially be stored for the duration of the warranty period, thereafter taking into account statutory retention periods, in particular those under tax and commercial law, and then deleted after expiry of the period, unless you have consented to further processing and use.

Last updated: November 2022