Data Protection

• Data Protection Information for Visitors to Our Website
• Data protection information in accordance with Articles 13 and 14 of the GDPR for customers and suppliers

‍

DataProtection Information for Visitors to Our Website

Thank you for visiting our website and for your interest in our company and our services. We respect your privacy and ensure the protection of your personal data by processing it in accordance with the contents of these data protection regulations and the applicable data protection laws.

You can visit our website without telling us who you are. For the purpose of displaying our websites, you are only obliged to provide the data transmitted by your browser to our server (see “Log Files”). Further personal data will only be stored if you provide it voluntarily on the website or use corresponding functions, e.g., when using our contact form or registering.

In the following, you will find our data protection regulations for visitors to our website:

• Contact
• Cookies
• Fan Pages
• Logfiles
• Google Analytics
• Google Ads Conversion Tracking
• Google Tag Manager
• LinkedIn Insight Tag
• LinkedIn Analytics
• Withdrawal of Consent and Objection to Data Processing
• Your Rights
• Responsible

Contact

You can enter your personal data on our website to contact us. Only data marked with an asterisk is mandatory. It is always required to provide your email address and phone number, as we reserve the right to respond to your inquiry either by email or phone. Providing further data may be helpful for the processing of your request, but it is not mandatory (optional). With your consent, the data is used and stored exclusively for the purpose of processing your message (Art. 6 para. 1 s. 1 lit. a GDPR). A use for other purposes or a passing on to third parties does not take place unless you explicitly agree (consent).

With your consent, we use Calendly, a service provided by Calendly, Inc. (115 E Main St., Ste A1B Buford, GA 30518 USA), to arrange appointments. Please note that by using Calendly, you are subject to Calendly's terms of use and privacy policy. You also have the option of viewing the cookies used by Calendly and giving or withdrawing your consent to the use of cookies by Calendly through the cookie notice that applies exclusively to Calendly.

To protect against spam and abuse, Calendly uses the service Cloudflare Turnstile (Cloudflare, Inc., USA). Your IP address is processed for technical purposes to detect automated access. This processing is necessary to securely provide the form functionality (Art. 6 para. 1 lit. f GDPR). Use for analysis or marketing purposes does not take place. If data is transferred to the USA, this is done on the basis of the EU-U.S. Data Privacy Framework.

Any data that is transferred to Calendly, Inc. (USA), is done so on the basis of the EU Commission’s adequacy decision on the EU-U.S. Data Privacy Framework. For further information regarding data processing by Calendly, please visit: https://calendly.com/legal/privacy-notice

Cookies

Cookies are very small files used by web pages and stored on your device by your browser, which can provide us or a third party with certain information.

Transient cookies are automatically deleted when you close your browser. This includes, in particular, session cookies. These save a so-called session ID, which allows various requests from your browser to be allocated to a common session. This will allow your device to be recognized when you return to our website. Session cookies are deleted when you log out or close your browser.

Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. In contrast to transient cookies, persistent cookies are not automatically deleted when the browser is closed. You can delete cookies at any time in the security settings of your browser.

We process cookies that are absolutely necessary to provide a service expressly requested by the user (“essential cookies”) within the scope of our legitimate interest in providing and operating the website on the basis of Art. 6 para. 1 s. 1 lit. f GDPR and §25 para. 2 TTDSG.

Information on cookies that are set when you visit our website and that are necessary for the technical operation of the website is listed in our cookie banner under the category “Essential”.

Moreover, further information is stored on or accessed from your terminal device that is not strictly necessary to provide the service explicitly requested by the user. The information is only stored or accessed if you give your consent (Art. 6 para. 1 s. 1 lit. a GDPR and §25 para. 1 TTDSG). For details on the type of information, purpose of processing, storage period of the information, and possible recipients of the data, please refer to the following section of this privacy statement.

You can adjust your browser settings to prevent it from accepting cookies or to only save or not save certain cookies. You can find more information on this in the help system of your browser. If your browser rejects all cookies, it is possible that not all functions of this website can be used.

Fan Pages

In order to provide customers, partners, or otherwise interested parties with up-to-date information and to get in contact with them, we operate so-called “fan pages” on the following social networks in addition to our own website: LinkedIn

The data processing operations are carried out by the provider of the social media platform. Data processing outside the European Union cannot be ruled out. The provider of the platform may provide us with aggregated usage data, but we do not have access to personal data if you only visit the fan page.

The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. In the case of consent in the form of an opt-in (“tick checkbox”, “click button”) or any other form of obtaining consent, the legal basis is Art. 6 para. 1 lit. a GDPR. Consent may be withdrawn at any time without stating any reasons to the person to whom it was given, with effect for the future.

Since data processing is carried out by the provider of the platform, we recommend that you contact the respective provider of the platform for your rights to access, rectification, deletion, data portability, and objection regarding your visit to our fan page. Of course, we will support you in exercising your rights when needed.

In addition, cookies may be set on your device. For the purposes and legal basis for the use of cookies, please refer to “Cookies” in this privacy statement or to the privacy statement of the platform provider.

For further information, please refer to the following links:

• LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; http://www.linkedin.com/legal/privacy-policy. If data is transferred to the LinkedIn Corporation (USA), this is done on the basis of the EU Commission’s adequacy decision on the EU-U.S. Data Privacy Framework.

Logfiles

Each time you access our website, we collect the following information about your computer: the IP address of your computer, the request from your browser, and the time of this request. In addition, the status and the amount of data transferred are recorded within the scope of this request, as well as product and version information about the browser used and the operating system of your computer. We further record the website from which our site was accessed. The IP address of your computer is only stored for the duration of your visit to the website and is then immediately deleted or made anonymous by shortening it. The remaining data is stored for a limited period of time. We use this data for the operation of our website, in particular to detect and eliminate errors, determine the level of utilization of the website, and make adjustments or improvements (legal basis: Art. 6 para. 1 s. 1 lit. f GDPR).

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

We use Google Analytics to analyze and regularly improve the use of our website. The statistics obtained enable us to improve our products and services and create a more interesting experience for you as a user. The legal basis for the use of Google Analytics is your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR.

Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. Information on the cookies used in the context of Google Analytics can be found in our cookie banner under the category “Statistics”.

Data such as page views and clicks, internal search queries, downloads, interactions with videos, technical settings in browsers and terminal devices (as described in “log files”), and your IP address are recorded. IP addresses are only processed in shortened form in order to eliminate direct personal references.

On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity, and providing other services relating to website activity and internet usage to the website operator. In the context of Google Analytics, the IP address transmitted by your browser will not be merged with other Google data.

You can withdraw your consent for the processing of personal data using Google Analytics at any time. You may also disable the saving of cookies via the respective settings on your browser, however, please note that you may not be able to use the full functionality of this website in this case.

You can also prevent the collection and processing of data generated through cookies and related to your use of the website (including your IP address) by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

• For more information on the purpose and scope of data collection and its processing, please refer to Google Analytics' Privacy Policy

Any data that is transferred to Google, LLC (USA) is done so on the basis of the EU Commission’s adequacy decision on the EU-U.S. Data Privacy Framework.

Google AdWords Conversion Tracking

We use the services of Google Ads to promote our products and services on external websites through advertising materials (so called Google Ads). This enables us to evaluate the effectiveness of individual advertising campaigns in relation to the collected campaign data. Our legitimate interest is to provide advertising that is relevant to you, enhance the appeal of our website, and ensure a fair and accurate calculation of advertising costs.

These advertising materials are delivered by Google via so called “Ad Servers.” For this purpose, we use Ad Server cookies that enable the measurement of certain performance indicators, such as the display frequency of advertisements or user clicks. When you access our website via a Google advertisement, a cookie is placed on your device by Google Ads. Further details regarding the cookies used in connection with Google Ads Conversion Tracking can be found in our cookie notice window under “Statistics” when visiting our website. This cookie generally stores analytical data, such as the unique cookie ID, the number of ad impressions per placement (frequency), the last impression (relevant for post view conversions), and opt out information indicating that the user no longer wishes to be targeted.

These cookies allow Google to recognize your Internet browser. If a user visits certain pages of a Google Ads customer’s website and the cookie stored on their device has not yet expired, Google and the customer can identify that the user clicked on a specific advertisement and was redirected to the corresponding page. Each Google Ads customer is assigned a unique cookie, which means that cookies cannot be tracked across the websites of different Google Ads customers. We do not collect or process any personal data ourselves in connection with the advertising measures mentioned. We only receive statistical evaluations from Google. These evaluations allow us to determine which of the advertising measures used are particularly effective. We do not receive any further data from the use of these advertising materials, and in particular, we cannot identify users based on this information.

Due to the marketing tools used, your browser automatically establishes a direct connection to Google's server. We have no influence over the extent and further use of the data collected by Google through the use of this tool, and therefore inform you according to our current state of knowledge: By integrating Ads Conversion, Google receives the information that you have accessed the respective part of our website or clicked on one of our ads. If you are registered with a Google service, Google may associate your visit with your account. Even if you are not registered with Google or not logged in, it is still possible for the provider to obtain and store your IP address.

You can opt out of this tracking process in several ways:

a) by not consenting to the use and processing of cookies for marketing purposes;

b) by adjusting your browser settings accordingly, especially by blocking third party cookies, which will prevent you from receiving advertisements from third party providers;

c) by deactivating cookies for conversion tracking and configuring your browser to block cookies from the domain “www.googleadservices.com” (see https://www.google.de/settings/ads); please note that this setting will be deleted if you delete your cookies;

d) by disabling interest based advertising from providers participating in the self regulation program “About Ads” through the link http://www.aboutads.info/choices; this setting will also be deleted if you delete your cookies;

e) by permanently disabling such features in your browser (e.g., Firefox, Internet Explorer, or Google Chrome) via the link http://www.google.com/settings/ads/plugin. Please note that if you choose to disable these functions, you may not be able to use all the features of this website to their full extent.

The legal basis for the processing of your data is your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR. For further information on Google's privacy policy, please visit: http://www.google.com/intl/en/policies/privacy.

Any data that is transferred to Google, LLC (USA) is done so on the basis of the EU Commission’s adequacy decision on the EU-U.S. Data Privacy Framework.

Google Tag Manager

This website uses the Google Tag Manager, which is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

This service allows for the management of components used on the website. It is possible that these managed components process personal data or utilize cookies that may require consent. Information regarding the data processing practices of these components is provided in this Privacy Policy.

The Google Tag Manager itself does not collect any personal data. The service also does not access the content of the managed components, nor does it set or process any cookies independently.

LinkedIn Insight Tag

With your consent, this website uses the LinkedIn Insight Tag, an application of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. The LinkedIn Insight Tag cookies collect the following data: IP address, device and browser properties, URL, and referrer URL. We have no control over data processing at LinkedIn. If you are logged into LinkedIn with a user account, LinkedIn can link your user behavior to your user account. If applicable, LinkedIn stores your data as a usage profile and may use it for advertising purposes.

• For more information on the purpose and scope of data collection and its processing by LinkedIn, please refer to LinkedIn’s Privacy Policy

We use LinkedIn Insight Tags to analyze and regularly improve the use of our website. LinkedIn provides us with non-personal aggregated reports about our website’s audience and ad performance. The statistics obtained enable us to improve our products and services and create a more interesting experience for you as a user. The legal basis for the use of LinkedIn Insight Tags is your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR. More information about these cookies is available in our cookie banner under the category “Marketing”.

If data is transferred to the LinkedIn Corporation (USA), this is done on the basis of the EU Commission’s adequacy decision on the EU-U.S. Data Privacy Framework.

LinkedIn Analytics

Our website uses features of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. Each time you access one of our pages that contains LinkedIn features, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our website with your IP address. If you are logged into your LinkedIn account, LinkedIn can associate your visit to our website with your user account. LinkedIn Analytics also allows us to evaluate our profiles on LinkedIn (e.g., how often registration downloads have occurred).

With your consent (Art. 6 para. 1 s. 1 lit. a GDPR), the cookies listed in our cookie banner are used. For further information, please refer to the category “Marketing” in the cookie banner.

• For further information on LinkedIn's privacy policy, please visit: https://www.linkedin.com/legal/privacy-policy

If data is transferred to the LinkedIn Corporation (USA), this is done on the basis of the EU Commission’s adequacy decision on the EU-U.S. Data Privacy Framework.

Withdrawal of Consent and Objection

If you have given us your consent, you can withdraw it at any time, with effect for the future.

You may object to our processing of your personal data wherever the processing is based on a balancing of interests. When exercising such an objection, we ask you to provide us with the reasons why you do not want your personal data to be processed in the manner carried out by us. In the event of your justified objection, we will review the situation and either cease or adjust our processing of data or state our compelling reasons for continuing the processing that are worthy of protection.

You can object to the processing of your personal data for purposes of advertising and data analysis at any time.

You can send your revocation or objection using the contact details given under “Person Responsible”.

Your Rights

You are entitled to the following rights with respect to your personal data:

• Right of access
• Right to rectification or erasure
• Right to restriction of processing
• Right of objection to processing
• Right to data portability.

You also have the right to lodge a complaint regarding our processing of your personal data with a data protection supervisory authority.

Person Responsible

These privacy notices apply to the processing of data by: InformMe GmbH, Weihenstephaner Straße 12, Design Offices, 81673 Munich, Germany, kontakt@informme.info‍

Email: datenschutzanfragen@xdsb.de or at our postal address by adding “to the data protection officer”

‍

Data Protection Information in Accordance with Articles 13 and 14 of the GDPR for Customers and Suppliers

The following information is intended to provide you with an overview of the personal data we process and inform you of your rights under data protection laws.

• Responsible and Data Protection Officer
• Sources of Personal Data
• Purposes and Legal Basis of Processing
• Recipients of Personal Data
• Transfer to Third Countries or International Organisations
• Storage Duration of Data
• Rights of Data Subjects
• Obligation to Provide Data
• Automated Decision-Making or Profiling

Person responsible for data processing

These privacy notices apply to the processing of data by: InformMe GmbH, Weihenstephaner Straße 12, Design Offices, 81673 Munich, Germany, kontakt@informme.info‍

Email: datenschutzanfragen@xdsb.de or at our postal address by adding “to the data protection officer”

What are the sources of personal data?

We process personal data that we have obtained from business relationships (e.g., with customers or suppliers) or from inquiries to our company. Normally, we receive this data directly from a contractual party or an inquiring person. However, personal data may also originate from public sources (e.g., commercial registers), provided that the processing of such data is permitted. Data may also have been legitimately transmitted to us by other companies. Depending on the individual case, we also store our own information on this data (e.g., as part of an ongoing business relationship).

Depending on the individual case, this may include master data (e.g., name, address), contact information (e.g., telephone number, email address), contract and billing data for the fulfillment of our contractual obligations or necessary data for the processing of an inquiry, possibly also data on creditworthiness, advertising and sales data, and other data from comparable categories.

For what purposes and on what legal basis is personal data processed?

We process personal data in accordance with data protection laws, in particular the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

a.) In the context of the fulfillment of a contract or for the implementation of pre-contractual measures (Art. 6 para. 1 s. 1 lit. b GDPR). We process personal data primarily for the fulfillment of contractual obligations and the provision of related services, or in the context of a corresponding contract initiation (e.g., contract negotiations, preparation of offers). The specific purposes here are determined by the individual service or product to which the business relationship or contract initiation relates.

b.) In the context of fulfilling a legal obligation (Art. 6 para. 1 s. 1 lit. c GDPR). In many situations, we are required by law to collect certain personal data from you and to disclose or make it available to certain, usually public, entities. For example, we provide the tax authorities with the personal data required for tax calculation in accordance with the relevant statutory provisions.

c.) In the context of the balancing of interests (Art. 6 para. 1 s. 1 lit. f GDPR). We also collect and process personal data to safeguard legitimate interests in the following situations:

• Processing general inquiries about our products and services
• Checking creditworthiness via respective credit agencies to assess the risk of default in business relationships
• Advertising or market research
• Video surveillance for the protection of domiciliary rights on our company premises or building
• Assertion of legal claims and defense in legal disputes
• Ensuring IT security and IT operation
• Measures for building and plant security (e.g., access authorizations)
• Measures to improve our internal business processes and product optimization measures
• Furthermore, we may use systems for communication purposes (e.g., video conferencing systems, chats, etc.). Depending on the form of communication, we may process your contact information, messages and image and audio recordings. Recordings of images or audio transmissions will not be taken without your explicit consent. Please also note the respective privacy statements of the providers’ tools.

d.) In the context of consent (Art. 6 para. 1 s. 1 lit. a GDPR). In some situations, the processing of your personal data is not mandatory and is only permitted with your consent. In these cases, we will inform you of this circumstance, in particular of the voluntary nature of the consent given and the possibility of withdrawal at any time with effect for the future. This is the case, for instance:

• for certain processing of data via our website (see the privacy statement on our website),
• in certain advertising situations (subject to permission of use, if required by law).

Recipients of Personal Data

In general, the company only grants access to your data to entities that need to work with your data (“need-to-know principle”), i.e., need access to this data in order to fulfill a contractual or legal obligation. These may also include service providers and vicarious agents who act on behalf of the company and/or have been obligated to the confidential processing of the data. In certain situations, we may transmit your data to

• public authorities (e.g., tax authorities) when there’s a legal obligation,
• other companies as part of the fulfillment of the contractual relationship, in the context of a balancing of interests, or on the basis of your consent. In individual cases, depending on the business relationship or order, these may be, for instance, companies involved in the provision of our services, logistics partners, marketing service providers, credit bureaus, banks, tax consultants, or lawyers.

Is data transferred to a third country or to an international organization?

We may transfer personal data to other entities in countries outside the European Union (third country) insofar as it is necessary for the execution of the business relationship, if it is required by law, or if you have given us your consent to do so.

In certain situations, we use or reserve the right to use service providers that may either have their registered office in a third country or, in turn, may have service providers with a registered office in a third country.

According to Art. 45 GDPR, a data transfer to a third country is permitted if the European Commission has decided that an adequate level of protection exists in that country. In the absence of such a decision, a data transfer to a third country is permissible if the responsible entity has provided appropriate safeguards (e.g., so-called standard data protection clauses issued by the European Commission) and the data subject has enforceable rights and effective legal remedies (Art. 46 GDPR).

As a matter of principle, we only work with entities in a third country that meet the listed criteria.

Storage Duration of Data

We process and store your personal data as long as it is necessary for the fulfillment of our contractual and legal obligations. If the storage of personal data is no longer required for the fulfillment of these obligations, it will be deleted, unless there are legal storage obligations, such as commercial and tax retention obligations under the German Fiscal Code and the German Commercial Code (6 or 10 years) and for the preservation of evidence within the framework of statutory periods of limitation.

Data subject rights

You are entitled to the following rights with respect to your personal data:

• Right of access
• Right to rectification or erasure
• Right to restriction of processing
• Right of objection to processing
• Right to data portability.

You also have the right to lodge a complaint regarding our processing of your personal data with a data protection supervisory authority.

However, you also have the possibility of contacting our company’s data protection officer (also confidentially).

If you have given us consent (Art. 6 para. 1 s. 1 lit. a GDPR), you can withdraw it at any time with effect for the future. You may object to the processing of your personal data wherever the processing is based on the balancing of interests (Art. 6 para. 1 s. 1 lit. f GDPR). When exercising such an objection, we ask you to provide us with the reasons why you do not want your personal data to be processed in the manner carried out by us. In the event of your justified objection, we will review the situation and either cease or adjust our processing of data or state our compelling reasons for continuing the processing that are worthy of protection.

You can object to the processing of your personal data for advertising purposes at any time.

Obligation to the provision of data

In the context of the fulfillment or initiation of a contract, you must provide the personal data necessary for the fulfillment of the contract or the implementation of pre-contractual measures and their associated obligations. Furthermore, you must provide the personal data that we are required to collect by law. We will not be able to conclude or fulfill a contract with you without this data.

In cases of data collection based on consent, the provision of data by you is voluntary and not mandatory. However, if you do not give consent, we will not be able to provide the services or benefits based on data processing by means of consent. You may withdraw your consent at any time with effect for the future, even after giving it.

Does automated decision-making or profiling take place?

No.