1) Introduction and Contact Details of the Controller
1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data refers to all data with which you can be personally identified.
1.2 The controller for data processing on this website, within the meaning of the General Data Protection Regulation (GDPR), is Managing Director Armin Bender, AQON INTELLIGENCE UG, Oberstraße 3, 47829 Krefeld, Germany, Tel.: +49 (0) 3378 189 89 42, E-Mail: info@aqon-intelligence.de. The controller for the processing of personal data is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

2) Data Collection When Visiting Our Website
2.1 When using our website for purely informational purposes, i.e., if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to the page server (so-called “server log files”). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:
– Our visited website
– Date and time of access
– Amount of data sent in bytes
– Source/reference from which you accessed the page
– Browser used
– Operating system used
– IP address used (if applicable: in anonymized form)
Processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to subsequently check the server log files if there are concrete indications of unlawful use.
2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the string “https://” and the lock symbol in your browser’s address bar.

3) Hosting & Content Delivery Network
For the hosting of our website and the display of page content, we use a provider who performs its services itself or through selected sub-contractors exclusively on servers within the European Union.
All data collected on our website is processed on these servers.
We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.

4) Cookies
To make visiting our website attractive and to enable the use of certain functions, we use cookies, which are small text files stored on your device. Some of these cookies are automatically deleted after closing the browser (so-called “session cookies”), while others remain on your device for a longer period and allow the storage of page settings (so-called “persistent cookies”). In the latter case, you can find the storage duration in the overview of your web browser’s cookie settings.
If personal data is also processed by individual cookies used by us, the processing is carried out either in accordance with Art. 6 para. 1 lit. b GDPR for the performance of the contract, in accordance with Art. 6 para. 1 lit. a GDPR in the case of consent given, or in accordance with Art. 6 para. 1 lit. f GDPR to protect our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the website visit.
You can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or generally.
Please note that if cookies are not accepted, the functionality of our website may be limited.

5) Contacting Us
5.1 WhatsApp Business
You have the option to contact us via the WhatsApp messaging service of WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. For this purpose, we use the so-called “Business Version” of WhatsApp.
If you contact us via WhatsApp regarding a specific business matter (e.g., an order placed), we store and use your mobile number used on WhatsApp and – if provided – your first and last name in accordance with Art. 6 para. 1 lit. b GDPR for processing and responding to your request. Based on the same legal basis, we may ask you via WhatsApp to provide further data (order number, customer number, address, or email address) to assign your inquiry to a specific process.
If you use our WhatsApp contact for general inquiries (e.g., about our range of services, availability, or our website), we store and use your mobile number used on WhatsApp and – if provided – your first and last name in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in providing the requested information efficiently and promptly.
Your data will always only be used to respond to your inquiry via WhatsApp. No disclosure to third parties will take place.
Please note that WhatsApp Business gains access to the address book of the mobile device we use for this purpose and automatically transmits phone numbers stored in the address book to a server of the parent company Meta Platforms Inc. in the USA. For the operation of our WhatsApp Business account, we use a mobile device whose address book only stores the WhatsApp contact data of users who have also contacted us via WhatsApp.
This ensures that every person whose WhatsApp contact data is stored in our address book has already consented to the transmission of their WhatsApp phone number from the address books of their chat contacts in accordance with Art. 6 para. 1 lit. a GDPR by accepting the WhatsApp Terms of Service when first using the app on their device. The transmission of data of users who do not use WhatsApp and/or have not contacted us via WhatsApp is thus excluded.
For the purpose and scope of data collection and the further processing and use of data by WhatsApp, as well as your rights and settings options for protecting your privacy, please refer to WhatsApp’s privacy policy: https://www.whatsapp.com/legal/?eea=1#privacy-policy
We have concluded a data processing agreement with the provider, which protects the data of our website visitors and prohibits disclosure to third parties.
In the context of the aforementioned processing, data transfers to servers of Meta Platforms Inc. in the USA may occur.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.
5.2 When you contact us (e.g., via contact form or email), personal data will be processed – exclusively for the purpose of processing and responding to your request and only to the extent necessary for this purpose.
The legal basis for the processing of this data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact aims at concluding a contract, an additional legal basis for processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted when it can be inferred from the circumstances that the matter concerned has been conclusively clarified and provided that no statutory retention obligations conflict with this.

6) Web Analytics Services
6.1 Google Analytics 4
This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), which enables an analysis of your use of our website.
By default, when you visit the website, Google Analytics 4 sets cookies, which are stored as small text modules on your device and collect certain information. The scope of this information also includes your IP address, which is, however, truncated by Google by the last digits to exclude direct personal identification.
The information is transmitted to Google servers and processed there. Transfers to Google LLC, based in the USA, are also possible.
Google uses the collected information on our behalf to evaluate your use of the website, compile reports on website activities for us, and provide other services related to website and internet usage. The truncated IP address transmitted by your browser within the scope of Google Analytics will not be merged with other Google data. The data collected within the scope of Google Analytics 4 is stored for a period of two months and then deleted.
All processing described above, in particular the setting of cookies on the device used, only takes place if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR.
Without your consent, Google Analytics 4 will not be used during your visit to the site. You can revoke your given consent at any time with effect for the future. To exercise your right of revocation, please deactivate this service via the “Cookie Consent Tool” provided on the website.
We have concluded a data processing agreement with Google, which ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.
Further legal information on Google Analytics 4 can be found at https://business.safety.google/intl/de/privacy/, https://policies.google.com/privacy?hl=de&gl=de and https://policies.google.com/technologies/partner-sites

Demographic Features
Google Analytics 4 uses the special function “demographic features” and can thereby create statistics that provide information about the age, gender, and interests of website visitors. This is done by analyzing advertising and information from third-party providers. This allows target groups for marketing activities to be identified. However, the collected data cannot be assigned to a specific person and will be deleted after being stored for a period of two months.
Google Signals
As an extension to Google Analytics 4, Google Signals can be used on this website to create cross-device reports. If you have activated personalized ads and linked your devices to your Google account, Google can, subject to your consent to the use of Google Analytics in accordance with Art. 6 para. 1 lit. a GDPR, analyze your usage behavior across devices and create database models, including cross-device conversions. We do not receive personal data from Google, but only statistics. If you wish to stop cross-device analysis, you can deactivate the “Personalized advertising” function in your Google account settings. To do this, follow the instructions on this page: https://support.google.com/My-Ad-Center-Help/answer/12155764?hl=de
Further information on Google Signals can be found at the following link: https://support.google.com/analytics/answer/7532985?hl=de
UserIDs
As an extension to Google Analytics 4, the “UserIDs” function can be used on this website. If you have consented to the use of Google Analytics 4 in accordance with Art. 6 para. 1 lit. a GDPR, have set up an account on this website, and log in to this account on different devices, your activities, including conversions, can be analyzed across devices.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.
6.2 1&1 IONOS WebAnalytics
This website uses the web analytics service of the following provider: 1&1 IONOS Internet SE, Elgendorfer Str. 57, 56410 Montabaur, Germany
With the help of cookies and/or comparable technologies (tracking pixels, web beacons, algorithms for reading device and browser information), the service collects and stores pseudonymized visitor data, including information about the device used such as the IP address and browser information, to evaluate it for statistical analyses of user behavior on our website and to create pseudonymized usage profiles. Among other things, this allows for the evaluation of movement patterns (so-called heatmaps), which show the duration of page visits and interactions with page content (e.g., text input, scrolling, clicks, and mouse-overs). Pseudonymization generally excludes direct personal identification. No merging with clear data about you collected in other ways takes place.
All processing described above, in particular the reading or storing of information on the device used, will only be carried out if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your given consent at any time with effect for the future by deactivating this service in the “Cookie Consent Tool” provided on the website.
We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.

7) Retargeting/ Remarketing and Conversion Tracking
7.1 Microsoft Advertising
This website uses retargeting technology from the following provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
This enables us to specifically address visitors to our website with personalized, interest-based advertising who have already shown interest in our shop and our products. The advertisements are displayed based on a cookie-based analysis of past and current user behavior.
In the case of retargeting technology, a cookie is stored on your computer or mobile device to collect pseudonymized data about your interests and thus adapt the advertising individually to the stored information. These cookies are small text files stored on your computer or mobile device. You will then be shown advertisements that are highly likely to match your product and information interests.
All processing described above, in particular the setting of cookies for reading information on the device used, will only be carried out if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR. Without this consent, retargeting technology will not be used during your visit to the site.
You can revoke your given consent at any time with effect for the future. To exercise your right of revocation, please deactivate this service in the “Cookie Consent Tool” provided on the website.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.
7.2 Google Ads Conversion Tracking
This website uses the online advertising program “Google Ads” and, within the framework of Google Ads, the conversion tracking of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).
We use Google Ads to draw attention to our attractive offers on external websites with the help of advertising materials (so-called Google Adwords). In relation to the data of the advertising campaigns, we can determine how successful the individual advertising measures are. Our aim is to show you advertising that is of interest to you, to make our website more interesting for you, and to achieve a fair calculation of the advertising costs incurred.
The cookie for conversion tracking is set when a user clicks on an ad placed by Google. Cookies are small text files that are stored on your device. These cookies usually expire after 30 days and are not used for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies cannot therefore be tracked across the websites of Google Ads customers. The information obtained with the help of the conversion cookie is used to create conversion statistics for Google Ads customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.
Within the scope of using Google Ads, personal data may also be transferred to the servers of Google LLC. in the USA.
Details on the processing initiated by Google Ads Conversion Tracking and Google’s handling of data from websites can be found here: https://policies.google.com/technologies/partner-sites
All processing described above, in particular the setting of cookies for reading information on the device used, will only be carried out if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your given consent at any time with effect for the future by deactivating this service in the “Cookie Consent Tool” provided on the website.
You can also permanently object to the setting of cookies by Google Ads Conversion Tracking by downloading and installing the Google browser plug-in available at the following link:
https://support.google.com/My-Ad-Center-Help/answer/12155656?hl=de
To address users whose data we have received in the context of business or business-like relationships with even more interest-based advertising, we use a customer matching function within Google Ads. For this purpose, we electronically transmit one or more files with aggregated customer data (primarily email addresses and phone numbers) to Google. Google does not gain access to clear data, but automatically encrypts the information in the customer files during the transmission process using a special algorithm. The encrypted information can then only be used by Google to match it to existing Google accounts that the data subjects have set up. This enables personalized advertising to be displayed across all Google services linked to the respective Google account.
The transmission of customer data to Google only takes place if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke this consent at any time with effect for the future. Further information on Google’s data protection measures regarding the customer matching function can be found here: https://support.google.com/google-ads/answer/6334160?hl=de&ref_topic=10550182
Google’s privacy policy can be viewed here: https://business.safety.google/intl/de/privacy/ and https://www.google.de/policies/privacy/
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.

8) Page Functionalities
8.1 Wistia
This website uses plugins for displaying and playing videos from the following provider: Wistia, Inc., 17 Tudor Street, Cambridge, Massachusetts, 02139 USA
When you access a page of our website that contains such a plugin, your browser establishes a direct connection to the provider’s servers at the latest when the video starts playing, in order to load the content. Certain information, including your IP address, is transmitted to the provider.
Furthermore, the provider may use cookies when the video starts playing to collect information about user behavior, create playback statistics, and prevent abusive behavior.
If you are logged into a user account with the provider during your visit to the site, your data will be directly assigned to your account when you click on a video. If you do not wish for this assignment to your account, you must log out before activating the playback button.
The data processing by loading content from the provider’s servers for playback purposes is carried out based on our legitimate interest in the appealing design of our website in accordance with Art. 6 para. 1 lit. f GDPR.
The setting of cookies for reading information on the device used, however, only takes place if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your given consent at any time with effect for the future by deactivating this service via the “Cookie Consent Tool” provided on the website.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.
8.2 Google Maps
This website uses an online map service from the following provider: Google Maps (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).
Google Maps is a web service for displaying interactive (country) maps to visually present geographical information. By using this service, our location is displayed to you, and any journey is made easier.
Even when accessing the subpages into which the Google Maps map is integrated, information about your use of our website (such as your IP address) is transmitted to Google servers and stored there; this may also involve a transfer to the servers of Google LLC. in the USA. This occurs regardless of whether Google provides a user account through which you are logged in or whether a user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish for this assignment to your profile with Google, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them.
The collection, storage, and evaluation are carried out in accordance with Art. 6 para. 1 lit. f GDPR based on Google’s legitimate interest in displaying personalized advertising, market research, and/or the needs-based design of Google websites. You have a right to object to the creation of these user profiles, for the exercise of which you must contact Google. If you do not agree with the future transmission of your data to Google in the context of using Google Maps, you also have the option of completely deactivating the Google Maps web service by switching off the JavaScript application in your browser. Google Maps and thus also the map display on this website can then no longer be used.
Insofar as legally required, we have obtained your consent for the processing of your data described above in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your given consent at any time with effect for the future. To exercise your right of revocation, please follow the possibility described above for lodging an objection.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.
Further information on Google’s privacy policy can be found here: https://business.safety.google/intl/de/privacy/
8.3 Google Translate
This website uses the translation service “Google Translate” from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”) via an API integration. For the translation to be automatically displayed in your chosen national language, the browser you use connects to Google’s servers. Google uses so-called “cookies” for this purpose, which are text files stored on your computer that enable an analysis of your use of the website. The information generated by the cookie about your use of this website (including the truncated IP address) is usually transmitted to a Google server and stored there; this may also involve a transfer to the servers of Google LLC. in the USA.
All processing described above, in particular the setting of cookies for reading information on the device used, will only be carried out if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your given consent at any time with effect for the future by deactivating this service in the “Cookie Consent Tool” provided on the website.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.
Further information on Google’s privacy policy can be found here: https://business.safety.google/intl/de/privacy/
8.4 Google Customer Reviews (formerly Google Certified Shops program)
We work with Google as part of the “Google Customer Reviews” program. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). This program gives us the opportunity to collect customer reviews from users of our website. After a purchase on our website, you will be asked if you would like to participate in an email survey from Google.
If you give your consent in accordance with Art. 6 para. 1 lit. a GDPR, we will transmit your email address to Google. You will receive an email from Google Customer Reviews asking you to rate your shopping experience on our website. The rating you submit will then be summarized with our other ratings and displayed in our Google Customer Reviews badge and in our Merchant Center dashboard. In addition, your rating will be used for Google Seller Ratings. In the context of using Google Customer Reviews, personal data may also be transferred to the servers of Google LLC. in the USA.
You can revoke your consent at any time by sending a message to the data controller or to Google.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.
Further information on Google’s privacy policy can be found here: https://business.safety.google/intl/de/privacy/
8.5 Google Meet
For conducting online meetings, video conferences, and/or webinars, we use this provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
This may also involve a transfer to the servers of Google LLC. in the USA.
The provider processes various data, the scope of which depends on what data you provide before or during participation in an online meeting, video conference, or webinar. Your data as a communication participant is processed and stored on the provider’s servers. This may include your login data (name, email address, phone number (optional), and password) and session data (topic, participant IP address, device information, description (optional)).
In addition, image and sound contributions from participants as well as voice input in chats may be processed.
For the processing of personal data that is necessary for the fulfillment of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 para. 1 lit. b GDPR serves as the legal basis. Insofar as you have given us consent to process your data, the processing is based on Art. 6 para. 1 lit. a GDPR. You can revoke your given consent at any time with effect for the future.
Otherwise, the legal basis for data processing when conducting online meetings, video conferences, or webinars is our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR in the effective conduct of the online meeting, webinar, or video conference.
We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.
Further information on Google’s privacy policy can be found here: https://business.safety.google/intl/de/privacy/
8.6 Loom
For conducting online meetings, video conferences, and/or webinars, we use this provider: Loom Inc., 85 2nd St, San Francisco, CA 94105, USA
The provider processes various data, the scope of which depends on what data you provide before or during participation in an online meeting, video conference, or webinar. Your data as a communication participant is processed and stored on the provider’s servers. This may include your login data (name, email address, phone number (optional), and password) and session data (topic, participant IP address, device information, description (optional)).
In addition, image and sound contributions from participants as well as voice input in chats may be processed.
For the processing of personal data that is necessary for the fulfillment of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 para. 1 lit. b GDPR serves as the legal basis. Insofar as you have given us consent to process your data, the processing is based on Art. 6 para. 1 lit. a GDPR. You can revoke your given consent at any time with effect for the future.
Otherwise, the legal basis for data processing when conducting online meetings, video conferences, or webinars is our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR in the effective conduct of the online meeting, webinar, or video conference.
We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework
8.7 TeamViewer
For conducting online meetings, video conferences, and/or webinars, we use this provider: TeamViewer Germany GmbH, Bahnhofsplatz 2, 73033 Göppingen
The provider processes various data, the scope of which depends on what data you provide before or during participation in an online meeting, video conference, or webinar. Your data as a communication participant is processed and stored on the provider’s servers. This may include your login data (name, email address, phone number (optional), and password) and session data (topic, participant IP address, device information, description (optional)).
In addition, image and sound contributions from participants as well as voice input in chats may be processed.
For the processing of personal data that is necessary for the fulfillment of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 para. 1 lit. b GDPR serves as the legal basis. Insofar as you have given us consent to process your data, the processing is based on Art. 6 para. 1 lit. a GDPR. You can revoke your given consent at any time with effect for the future.
Otherwise, the legal basis for data processing when conducting online meetings, video conferences, or webinars is our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR in the effective conduct of the online meeting, webinar, or video conference.
We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.
8.8 Zoom
For conducting online meetings, video conferences, and/or webinars, we use this provider: Zoom Video Communications Inc., 55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA
The provider processes various data, the scope of which depends on what data you provide before or during participation in an online meeting, video conference, or webinar. Your data as a communication participant is processed and stored on the provider’s servers. This may include your login data (name, email address, phone number (optional), and password) and session data (topic, participant IP address, device information, description (optional)).
In addition, image and sound contributions from participants as well as voice input in chats may be processed.
For the processing of personal data that is necessary for the fulfillment of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 para. 1 lit. b GDPR serves as the legal basis. Insofar as you have given us consent to process your data, the processing is based on Art. 6 para. 1 lit. a GDPR. You can revoke your given consent at any time with effect for the future.
Otherwise, the legal basis for data processing when conducting online meetings, video conferences, or webinars is our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR in the effective conduct of the online meeting, webinar, or video conference.
We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.

9) Tools and Miscellaneous
9.1 – DATEV
To handle our accounting, we use the service of the cloud-based accounting software provided by: DATEV eG, Paumgartnerstr. 6-14, 90429 Nuremberg, Germany
The provider processes incoming and outgoing invoices and, where applicable, our company’s bank transactions in order to automatically capture invoices, match them to transactions, and generate financial accounting in a partially automated process.
If personal data is processed in this context, the processing is carried out on the basis of our legitimate interest in the efficient organization and documentation of our business processes pursuant to Art. 6(1)(f) GDPR.
9.2 Cookie consent tool
This website uses a so-called “cookie consent tool” to obtain effective user consent for cookies requiring consent and cookie-based applications. The “cookie consent tool” is displayed to users when they access the site in the form of an interactive user interface, where consent for certain cookies and/or cookie-based applications can be granted by ticking a box. By using the tool, all cookies/services requiring consent are only loaded if the respective user grants the corresponding consent by ticking the box. This ensures that such cookies are only set on the user’s device if consent has been granted.
The tool sets technically necessary cookies to store your cookie preferences. As a rule, no personal user data is processed in this context.
If, in individual cases, personal data (such as the IP address) is nevertheless processed for the purpose of storing, assigning, or logging cookie settings, this is carried out pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interest in legally compliant, user-specific, and user-friendly consent management for cookies and thus in a legally compliant design of our website.
A further legal basis for the processing is Art. 6(1)(c) GDPR. As the controller, we are under a legal obligation to make the use of technically non-essential cookies dependent on the respective user’s consent.
Where required, we have concluded a data processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.
Further information about the operator and the settings options of the cookie consent tool can be found directly in the corresponding user interface on our website.
9.3 Cloudflare
For security purposes, this website uses the service of the following provider: Cloudflare, Inc., 101 Townsend St. San Francisco, CA 94107, USA
The provider protects the website and the associated IT infrastructure against unauthorized third-party access, cyberattacks, and against viruses and malware. The provider collects users’ IP addresses and, where applicable, other data about their behavior on our website (in particular accessed URLs and header information) in order to detect and prevent illegitimate page access and threats. The collected IP address is compared with a list of known attackers. If the collected IP address is identified as a security risk, the provider may automatically block it from accessing the site. The information collected in this way is transmitted to a server of the provider and stored there.
The data processing described is carried out pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interests in protecting the website against harmful cyberattacks and in safeguarding the integrity and security of its structure and data.
We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.
9.4 – Adobe Acrobat Sign
For the digital signing of documents, we use the services of the following provider:
Adobe Systems Software Ireland Limited, 4-6 Riverwalk, City West Business Campus, Dublin 24, Ireland
The service enables the legally valid signing of documents by electronic signature from any end device.
For this purpose, in addition to the electronic signature for verification and proof of signing, the service collects, stores, and transmits usage data of the end device used (in particular the IP address) as well as certain transaction data.
Processing is carried out on the basis of our legitimate interest in efficient business management that saves response time, and in customer-friendly and effective document management pursuant to Art. 6(1)(f) GDPR.
We have concluded a data processing agreement with the provider, which protects the data of our website visitors and prohibits disclosure to third parties.
– Docusign
For the digital signing of documents, we use the services of the following provider: Docusign International (EMEA) Ltd., 5 Hanover QuayGrand Canal Dock, Dublin, D02 VY79, Ireland
The service enables the legally valid signing of documents by electronic signature from any end device.
For this purpose, in addition to the electronic signature for verification and proof of signing, the service collects, stores, and transmits usage data of the end device used (in particular the IP address) as well as certain transaction data.
Processing is carried out on the basis of our legitimate interest in efficient business management that saves response time, and in customer-friendly and effective document management pursuant to Art. 6(1)(f) GDPR.
We have concluded a data processing agreement with the provider, which protects the data of our website visitors and prohibits disclosure to third parties.

10) Data subject rights
10.1 Applicable data protection law grants you the following data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the stated legal basis for the respective requirements for exercising these rights:
– Right of access pursuant to Art. 15 GDPR;
– Right to rectification pursuant to Art. 16 GDPR;
– Right to erasure pursuant to Art. 17 GDPR;
– Right to restriction of processing pursuant to Art. 18 GDPR;
– Right to be informed pursuant to Art. 19 GDPR;
– Right to data portability pursuant to Art. 20 GDPR;
– Right to withdraw consent granted pursuant to Art. 7(3) GDPR;
– Right to lodge a complaint pursuant to Art. 77 GDPR.
10.2 RIGHT TO OBJECT
IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTERESTS WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT AT ANY TIME, FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE DATA CONCERNED. HOWEVER, FURTHER PROCESSING REMAINS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENSE OF LEGAL CLAIMS.
IF YOUR PERSONAL DATA IS PROCESSED BY US FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSES OF SUCH MARKETING. YOU MAY EXERCISE THE OBJECTION AS DESCRIBED ABOVE.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

11) Duration of storage of personal data
The duration of storage of personal data is determined by the respective legal basis, the purpose of processing and—where applicable—additionally by the respective statutory retention period (e.g., retention periods under commercial and tax law).
When processing personal data on the basis of explicit consent pursuant to Art. 6(1)(a) GDPR, the data concerned will be stored until you withdraw your consent.
If statutory retention periods exist for data processed in the context of contractual or quasi-contractual obligations on the basis of Art. 6(1)(b) GDPR, such data will be routinely deleted after the retention periods have expired, provided that it is no longer required for contract performance or contract initiation and/or we no longer have a legitimate interest in continued storage.
When processing personal data on the basis of Art. 6(1)(f) GDPR, such data will be stored until you exercise your right to object pursuant to Art. 21(1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.
When processing personal data for the purpose of direct marketing on the basis of Art. 6(1)(f) GDPR, such data will be stored until you exercise your right to object pursuant to Art. 21(2) GDPR.
Unless otherwise stated in the other information in this policy regarding specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

Copyright notice: This privacy policy was prepared by the specialist attorneys of IT-Recht Kanzlei and is protected by copyright (https://www.it-recht-kanzlei.de)