Data protection

Business purpose and processing of personal data

We process the personal data (hereinafter referred to as “data”) of our customers, applicants, suppliers, employees and business partners exclusively in order to provide our services with the highest quality and reliability. Data is processed in both automated and non-automated form.

This usually involves the following data: Name and address/address as well as e-mail address, account details and telephone numbers (landline and mobile). In addition, within the scope of our services, especially for the realisation of our logistical and commissioning processes, data for personnel-related tasks may also be processed in the special category (application content, contracts and details). This is always subject to necessity, lawfulness and purpose in accordance with Article 5 GDPR.

“Processing of data” refers to the following processes, for example: Collecting, recording, organising, storing, using, transmitting, disseminating and erasing data (Article 4 No. 2 General Data Protection Regulation – GDPR).

We process data that is required for the justification and fulfilment of contractual services and point out the necessity of its disclosure. Disclosure to external parties only takes place if it is really necessary in the context of an order. When processing data provided to us as part of an order, we act in accordance with the instructions of the client and the legal requirements of order processing in accordance with Art. 28 GDPR and do not process the data for any purpose other than the purpose of the order.

Who can you contact?

We have commissioned an external data protection consultancy to implement data protection-related tasks for our company and appointed it as the external data protection officer. This person is available to you as a direct contact in all data protection matters relating to our company.

Responsible body / data protection officer / supervisory authority

Responsible person	Data Protection Officer	Supervisory authority
APIANDO GROUP Zaunheimer Str. 18 56072 Koblenz Telefon: +49 (0) 261 953297 0 E-mail: Managing Director: Marvin Stammel	Rennings Umsetzungsberatung Neuss Daniela Rennings Am Hagelkreuz 6 41469 Neuss Tel: 0211-87 939 160 Email:	Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz Hintere Bleiche 34 55116 Mainz Telefon: +49 (0) 6131 8920-0 Telefax: +49 (0) 6131 8920-299 E-mail:

In addition, as a data subject, you have the right to contact the competent supervisory authority directly if you have any questions.

What are your rights?

You can contact us at any time if you have any questions about your data protection rights or wish to assert any of the following rights:

• Right of cancellation in accordance with Art. 7 para. 3 GDPR (e.g. you can contact us if you wish to revoke a previously given consent to a newsletter)
• Right to information in accordance with Art. 15 GDPR (e.g. you can contact us if you would like to know what data we have stored about you)
• Rectification in accordance with Art. 16 GDPR (e.g. you can contact us if your e-mail address has changed and we should replace the old e-mail address)
• Deletion in accordance with Art. 17 GDPR (e.g. you can contact us if you want us to delete certain data that we have stored about you)
• Restriction of processing in accordance with Art. 18 GDPR (e.g. you can contact us if you would like us not to delete your e-mail address, but only to use it to send essential e-mails)
• Data portability in accordance with Art. 20 GDPR (e.g. you can contact us to receive your data stored by us in a compressed format, e.g. because you want to make the data available to another service provider)
• Objection to the collection of data in special cases and to direct advertising in accordance with. Art. 21 GDPR (e.g. you can contact us if you do not agree with one of the advertising or analysis procedures specified here)
• Right to lodge a complaint with the competent supervisory authority pursuant to Art. 77 para. 1, f. GDPR (e.g. you can also contact the data protection supervisory authority directly in the event of complaints)

Categories of affected persons

Visitors and users of our online offer (hereinafter we also refer to the data subjects collectively as “users”).

Furthermore, interested parties, customers, suppliers, service providers and business partners as well as advertisers and employees who work with us in a spirit of trust.

Purpose of the processing

Provision of the online offer, its functions and content Processing of contractual and legal processes for commissioning and order execution, answering contact requests and communication with e.g. users, customers, suppliers and applicants, security and protection measures for the website and reach measurement/marketing (cookies and analysis tools).

In addition, personal data will only be processed within the scope of our business purpose, taking into account Article 6 GDPR and Article 9 GDPR para. 2 lit. h. This is always done under the aspect of necessity, lawfulness and adequacy for the purpose, in accordance with Article 5 GDPR.

Data will only be passed on to third parties if we are legally obliged to do so.

Relevant legal bases for processing

In accordance with Art. 13 GDPR, we inform the users of our website and our customers of the legal basis of our data processing. For users from the scope of the General Data Protection Regulation (GDPR), i.e. the EU and the EEC, the following applies if the legal basis is not mentioned in the data protection declaration:

• the legal basis for obtaining consent is Art. 6 para. 1 lit. a and Art. 7 GDPR;
• the legal basis for the processing for the fulfillment of our services and implementation of contractual measures as well as answering inquiries is Art. 6 para. 1 lit. b GDPR;
• the legal basis for processing to fulfill our legal obligations is Art. 6 para. 1 lit. c GDPR;
• In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.
• the legal basis for the processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller is Article 6(1)(e) GDPR.
• the legal basis for processing to protect our legitimate interest is Art. 6 para. 1 lit. f GDPR.
• the processing of data for purposes other than those for which they were collected is governed by the provisions of Art. 6 (4) GDPR.
• the processing of special categories of data (in accordance with Art. 9 para. 1 GDPR) is determined in accordance with the provisions of Art. 9 para. 2 GDPR (in the context of personnel services).

Deletion of data and storage duration
Unless otherwise stated, we will delete your data as soon as it is no longer required. Your data will also be blocked or deleted if a storage period prescribed by law expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract. Certain data may have to be stored for longer for legal reasons. You can of course request information about the stored data and their retention periods at any time. We regularly check whether it is necessary to retain the data; in the case of statutory retention obligations, the data will be deleted after their expiry (e.g. 6 years in accordance with Section 257 (1) HGB, 10 years in accordance with Section 147 (1) AO).

We are required by law to retain basic information about our customers (including contracts, proof of identity, financial and transaction data) for legal, compliance and tax purposes for up to 10 years, even after the business relationship has ended.

We may store your data for a longer period of time if we are legally permitted to do so, e.g. to defend ourselves against legal action.

If no retention period is specified by law, we determine the appropriate retention period for personal data, taking into account all relevant legal criteria.

In certain circumstances, we may anonymize your personal data (so that it can no longer be linked to you and we cannot identify you). We do this for research or statistical purposes. In this case, we may use this anonymized data indefinitely without informing you.

Visit our website

When you visit our website, SSL or TLS encryption is used to protect the transmission of incoming and outgoing requests. You can recognize an encrypted connection by the fact that the address line of the browser begins with “https://” and by the lock symbol in the browser line. If you simply wish to browse our website, no personal data will be collected, with the exception of the data that your browser transmits to enable you to visit the website, first and foremost:
Name of the website accessed (e.g. the website that has just been accessed)

• Date and time of retrieval (e.g. 11:45 on 25.05.2018)
• Volume of data transferred (e.g. 2427 bytes)
• Notification of successful retrieval (e.g. information as to whether there was an error when the page was called up)
• Browser type and version (e.g. the Firefox 60.0.1 browser used)
• the operating system of the user (e.g. MacOS 10.13.4)
• Referrer URL (the previously visited page)
• IP address and the requesting provider (e.g. 95.91.215.example or 2a02:8109:9440:1198:bdb1:551f:example)
• Status codes (e.g. status code 200: request successfully processed)

The most interesting data for you as a user of our website is the IP address, as this is data that can theoretically be traced back to you as a person. As a protective measure in favor of your privacy, all data is therefore deleted from the website after your visit. The purpose of temporarily storing the data at the beginning is to ensure the connection, accessibility and correct display of our website. The IP address and the aforementioned technical data are required to display the website, prevent display problems and resolve error messages. The legal basis for this is our legitimate interest pursuant to Art. 6 para. 1 lit. f. GDPR as the provider of the online offer.

SSL encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL encryption is activated, the data that you send via the contact form, for example, cannot be read by third parties.

Collection, processing and disclosure of personal data upon commissioning

When commissioning our services, we collect and process personal data only insofar as this is necessary to fulfill and process the order and to process the request. The provision of the data is necessary for the conclusion of the contract or for the completion of the order. Failure to provide the data means that no contract can be concluded. The processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR and is necessary for the fulfillment of the contract with you. Your data will only be passed on if required by law and as part of contractual and pre-contractual processes. In all cases, we strictly observe the legal requirements. The scope of data transmission is limited to a minimum.

Types of data processed

• Inventory data (e.g., personal master data, names or addresses, application documents).
• Contact details (e.g., e-mail, telephone numbers)
• Content data (e.g., text entries, photographs, videos)
• Usage data (e.g., websites visited, interest in content, access times)
• Meta/communication data (e.g., device information, IP addresses)

Contact us

When contacting us (e.g. by e-mail, telephone, contact form or via social media), the user’s details, including all resulting personal data (name, e-mail address), will be used to process the contact request and its handling in accordance with Art. 6 para. 1 lit. b. (in the context of contractual/pre-contractual relationships), Art. 6 para. 1 lit. f. GDPR (other requests). The user’s details may be stored in a system-supported environment (“CRM system”) or comparable applications. We delete requests if they are no longer required. The necessity is checked regularly. Furthermore, the statutory archiving and retention obligations apply. Inquiries that are not relevant or do not need to be stored are deleted. This applies in particular to unsolicited advertising.

Request by e-mail, telephone or fax

If you contact us by e-mail or telephone, we will store and process your inquiry, including all personal data (name, inquiry), for the purpose of processing your request. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 para. 1 lit. a GDPR) and/or on our legitimate interest (Art. 6 para. 1 lit. f GDPR), as we are very interested in the effective processing of the inquiries addressed to us.

Login- APIANDO 24/7 FULFILLMENT-DASHBOARD

For our more direct, internal and external communication (e.g. with customers, suppliers), we offer a secure log-in (interface) to our dashboard. Access is only possible with a user name and password. Upon registration and your legitimation (granted and authorized access), your login data will be processed by us in the interface environment. You will receive further information regarding use when you are assigned a log-in.

Security measures

We take appropriate technical and organizational measures (TOM) in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different likelihood and severity of the risk to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.

The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, transfer, safeguarding of availability and its separation. Furthermore, procedures are in place to ensure that the rights of data subjects are exercised, data is deleted and we respond to data threats. Furthermore, we take the protection of personal data into account as early as the development and selection of hardware, software and processes, in accordance with the principle of data protection through technology design and data protection-friendly default settings. This applies in particular to our online offering and the information compiled here. System and process-side GoBD conformity is also taken into account.

Cooperation with processors, joint controllers and third parties

If we disclose data to other persons and companies (processors, joint controllers or third parties) as part of our processing, transfer it to them or otherwise grant them access to the data, this will only be done on the basis of legal permission.

We ensure that cooperation with business partners and service providers is either regulated by an order processing contract or that a declaration of commitment to confidentiality and compliance with data and business secrecy has been concluded. In the case of shared responsibility, we ensure that our business partners are also committed to data protection.

Transfers to third countries

If data is processed in a third country (i.e. countries outside the European Union) or in the context of the use of third-party services (software, applications, etc.), this only takes place if it is necessary to fulfill our (pre)contractual obligations or if we have consent to do so. Subject to legal or contractual permissions, we only process or have the data processed in a third country if the legal requirements are met. This means, for example, that the processing takes place on the basis of special guarantees or compliance with officially recognized, special contractual obligations. Here, the EU standard contractual clauses, which became binding in 2021, are our standard for providers from third countries. You can find further information on this at https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc/standard-contractual-clauses-international-transfers_de

Newsletter and magazines

We only send newsletters, emails and other electronic notifications with advertising information (hereinafter “newsletter”) with the consent of the recipient or with legal permission. If the contents of the newsletter are specifically described when subscribing to the newsletter, they are decisive for the user’s consent. In addition, our newsletters contain information about our services, optimization and important information for our business partners and subscribers.

The registration for our newsletter takes place in a so-called double opt-in procedure. This means that after registering, you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that no one else (third parties) can register in your name or with someone else’s e-mail address.

We use Mailchimp to send our newsletter in a technically supported and automated manner. A newsletter distribution platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.

Subscriptions to the newsletter are logged in order to be able to prove the registration process in accordance with legal requirements. This includes storing the time of registration and confirmation as well as the IP address.

Changes to your data stored with MailChimp are also logged. Further information regarding compliance with the GDPR can be found at https://mailchimp.com/de/gdpr/.

Cookie banner and cookie notice

According to the ruling of the BGH, an active cookie banner is required if cookies (not required) are used. Our website uses the cookie consent technology of Borlabs Cookie to obtain your consent to the storage of certain cookies in your browser and to document this in compliance with data protection regulations. The provider of this technology is Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg, Germany (hereinafter referred to as Borlabs).

When you enter our website, a cookie for the cookie notice is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This data is not passed on to the provider of the cookie banner.

The data collected will be stored until you ask us to delete it or the cookie banners delete themselves or the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected. Details on data processing by Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie

Borlabs cookie consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 sentence 1 lit. c GDPR.

Note on deactivating or deleting cookies

Every user can set their web browser so that the storage of cookies on their end device is generally prevented or they are asked each time whether they agree to the setting of cookies. Once cookies have been set, the user can delete them at any time. How this works is described in the help function of the respective web browser.

Please note: a general deactivation of cookies may lead to functional limitations of websites.

Right to object to direct advertising / own settings in your browser

A general objection to the use of cookies used for online marketing purposes can be declared for a large number of services, especially in the case of tracking, via the US website https://www.aboutads.info/choices/ or the EU website https://www.youronlinechoices.com/. Furthermore, the storage of cookies can be achieved by deactivating them in the browser settings. Please note that you may then only be able to use website functions to a limited extent.

You can configure, block and delete cookies in your browser settings. The Federal Office for Information Security provides helpful information and instructions for the most common browsers: https://www.bsi-fuer-buerger.de/BSIFB/DE/Empfehlungen/EinrwirtungSoftware/EinrwirtungBrowser/Sicherheitsmassnahmen/Cookies/cookies_node.html

Hosting and e-mail delivery

The hosting services we use from our provider serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, e-mail dispatch, security services and technical maintenance services that we use for the purpose of operating this online offering.

We, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online offer on the basis of our legitimate interest in the efficient and secure provision of this online offer in accordance with Art. 6 para. 1 lit. f GDPR in conjunction with. Art. 28 GDPR (conclusion of order processing contract).

Data protection information in the application process

We are pleased if our employment offer on our website arouses your interest. We process applicant data only for the purpose and in the context of the application process in accordance with the legal requirements. Application data is processed to fulfill our (pre-)contractual obligations in the context of the application process within the meaning of Art. 6 para. 1 lit. b. GDPR and Art. 6 para. 1 lit. f. GDPR if the data processing becomes necessary for us, e.g. in the context of legal proceedings (in Germany, § 26 BDSG also applies).

The application process requires applicants to provide us with their application details and the relevant documents. The necessary applicant data is derived from the job descriptions and generally includes personal details, postal and contact addresses and the documents relating to the application, such as cover letter, CV and certificates. Applicants can also voluntarily provide us with additional information.

By submitting their application to us, applicants consent to the processing of their data for the purposes of the application process in accordance with the type and scope set out in this data protection information.

Insofar as special categories of personal data within the meaning of Art. 9 para. 1 GDPR are voluntarily or necessarily communicated as part of the application process, they are also processed in accordance with Art. 9 para. 2 lit. b GDPR (e.g. health data, such as severely disabled status or ethnic origin). Insofar as special categories of personal data within the meaning of Art. 9 para. 1 GDPR are requested from applicants as part of the application process, their processing is also carried out in accordance with Art. 9 para. 2 lit. a GDPR (e.g. health data if this is necessary for the exercise of the profession).

Applicants can send us their applications via the Indeed.com portal. Job advertisements on our website are linked directly to the Indeed portal. Please note that your data will be processed by Indeed in accordance with their data protection information.

If you send us your application by e-mail, please note that e-mails are generally not sent in encrypted form and you must ensure that they are encrypted yourself. We therefore cannot assume any responsibility for the transmission path of the application between the sender and receipt on our server and therefore recommend using the Indeed portal. to 10 MB.

The data provided by applicants may be further processed by us for the purposes of the employment relationship in the event of a successful application or placement. Otherwise, if the application is unsuccessful, the applicant’s data will be deleted. Applicants’ data will also be deleted if an application is withdrawn, which applicants are entitled to do at any time. If the application is sent by post, the documents will be returned to the applicant’s postal address at our expense.

The deletion takes place, subject to a justified revocation by the applicant, after a period of six months so that we can answer any follow-up questions about the application and meet our obligations to provide evidence under the Equal Treatment Act. Invoices for any reimbursement of travel expenses are archived in accordance with tax law requirements.

Tools and products on our website

In order to make websites not only interesting and modern, but also secure, it is necessary to integrate specialized services on the website. Our website is created with the help of the WordPress content management system. Below you will find an overview of the services and products we have integrated on our website with brief explanations of how they work.

We have compiled this information to the best of our knowledge and belief and refer to the respective data protection guidelines/data protection declarations provided by the provider.

Google Analytics

We use Google Analytics, a web analysis service of Google Inc. 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be shortened by Google beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You can prevent the storage of cookies by selecting the appropriate settings in your browser software. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link. As an alternative to the browser plugin or within browsers on mobile devices, please click on the following link to set an opt-out cookie that will prevent Google Analytics from collecting data within this website in the future (this opt-out cookie only works in this browser and only for this domain; if you delete your cookies in this browser, you must click this link again):

Deactivating Google Analytics

Further information and Google’s privacy policy can be found at:

https://www.google.de/intl/de/policies/privacy/

http://www.google.com/analytics/terms/de.html

https://www.google.com/intl/de_de/analytics/“

Google Tag Manager

Google Tag Manager is a solution from Google Inc. with which we can manage our website tags via an interface. Google Tag Manager is a cookie-free domain that does not collect or store any personal data. Google Tag Manager merely triggers other tags, which in turn may collect data. The Google Tag Manager cannot access this data. If you have deactivated it at domain or cookie level, this deactivation will remain in place for all tracking tags that have been implemented via Google Tag Manager.

Google AdWords

We use Google AdWords on our websites. Google AdWords is an online advertising program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Adwords enables us to place advertisements in the Google search engine or on third-party websites if the user enters certain search terms into Google (keyword targeting). Furthermore, targeted advertisements can be placed based on the usage data available at Google (e.g. location data and interests) (target group targeting). As the website operator, we can evaluate this data quantitatively by analyzing, for example, which search terms led to our ads being displayed and how many ads led to corresponding clicks.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, which you have given us via the upstream consent banner (cookie banner). You can revoke your consent at any time in the settings.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.

Google conversion tracking (extended conversion tracking)

In addition, our website uses the extended Google Conversion Tracking. The provider here is also Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google conversion tracking, Google and we can recognize whether the user has carried out certain actions. For example, we can analyze which buttons on our website were clicked how often and which products were viewed or purchased particularly frequently. This information is used to create conversion statistics. We find out the total number of users who have clicked on our ads and what actions they have taken. We do not receive any information with which we can personally identify the user. Google itself uses cookies or comparable recognition technologies that are set on our website for identification purposes.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, which you have given us via the upstream consent banner (cookie banner). You can revoke your consent at any time in the settings.

You can find more information about Google Conversion Tracking in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

DoubleClick

By using Google tools to analyze the activities on our website, another cookie “doubleclick.net” is set. This relates to clicks on ads that are placed on the Google Display Network on publisher websites as part of the AdSense program and whose target URLs are not marked with tags. Here too, we do not receive any information with which we can personally identify the user. Google itself uses cookies or comparable recognition technologies for identification purposes, which are set on our website.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, which you have given us via the upstream consent banner (cookie banner). You can revoke your consent at any time in the settings.

You can find more information about Google Conversion Tracking in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

Google Fonts and Google Photos

By using the aforementioned Google tools to analyze the activities on our website, additional cookies “GoogleFonts and GooglePhotos” are set. Google Fonts are fonts that can be downloaded by your browser from Google’s servers. This is done without transmitting any data to Google other than parts of your IP address and the desired font. Please read Google’s privacy policy to find out how Google uses your IP address for font requests. Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.

The GooglePhotos cookie is set by the provider Google LLC to store images and videos when photos are used and embedded on our website.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, which you have given us via the upstream consent banner (cookie banner). You can revoke your consent at any time in the settings.

Youtube and Youtube NoCookie

In order to give you an active and real insight into our company, we provide you with recordings and video footage from our company in the form of playable videos. These are provided by us in the YouTube environment.

According to the provider YouTube, YouTube Nocookie is a code for embedding, including the corresponding URL, which allows us as a website operator to integrate videos on our website without tracking cookies. We have activated the extended data protection mode for this purpose. The use of this service is also based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, which you have given us via the upstream consent banner (cookie banner). You can revoke your consent at any time in the settings.

Video conferencing/communication (online media)

In order to be able to communicate with our customers and business partners as personally as possible, even in special times and situations, we use the appropriate software solutions available to offer telephone conferences, online meetings and video conferences as required.

To take part in “online meetings” or to enter a “meeting room”, you may be asked to provide at least your name. This is so that the moderator can grant you access. Anonymous participation is often also possible.

Personal data that is processed in connection with participation in “online meetings” is not passed on to third parties unless it is intended to be passed on. Please note that content from “online meetings”, as with face-to-face meetings, is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on.

Meeting metadata: Topic, description (optional), participant IP addresses, device/hardware information. For recordings: MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of the online meeting chat.

Other recipients: The provider of the online conference necessarily receives knowledge of the above-mentioned data. It should be noted that, depending on the provider, data may be processed outside the European Union. If the service is provided by a provider from the USA, personal data is usually processed in a third country.

Online presence on social media

We maintain online presences within social networks and platforms in order to communicate with the customers, interested parties and users active there and to inform them about our services.

We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce the rights of data subjects.

Furthermore, user data is generally processed for market research and advertising purposes. For example, usage profiles can be created from the usage behaviour and resulting interests of the users. The user profiles can in turn be used, for example, to place adverts inside and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the user’s computer, in which the user’s usage behaviour and interests are stored. Furthermore, data can also be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).

The processing of users’ personal data is based on our legitimate interests in effective information and communication with users in accordance with Art. 6 para. 1 lit. f. GDPR. GDPR. If the users are asked by the respective providers of the platforms for consent to the data processing described above, the legal basis for the processing is Art. 6 para. 1 lit. a., Art. 7 GDPR.

For a detailed description of the respective processing and the possibilities of objection (opt-out), we refer to the following linked information from the providers.

In the case of requests for information and the assertion of data subject rights, we would also like to point out that these can be asserted most effectively with the providers. Only the providers have access to the user’s data and can take appropriate measures and provide information directly. If you still need help, you can contact us.

Facebook/meta, pages, groups, (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) on the basis of an agreement on joint processing of personal data – Privacy Policy: https://www.facebook.com/about/privacy/, especially for pages: https://www.facebook.com/legal/terms/information_about_page_insights_data, Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com.

We also have a company page (fan page) in the Facebook/meta environment. Here you will find separate data protection information, which also refers to the agreement on joint processing.

Google/ YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) – Datenschutzerklärung: https://policies.google.com/privacy, Opt-Out: https://adssettings.google.com/authenticated

LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Irland) – Datenschutzerklärung https://www.linkedin.com/legal/privacy-policy, Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

Objection to advertising e-mails

We hereby object to the use of our contact data published in the context of the imprint obligation to send unsolicited advertising and information material. As the site operator of the pages offered, we expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

Changes and updates to the data protection information

Please inform yourself regularly about the content of this data protection information. This is because it will be updated as soon as changes to the data processing carried out by us make this necessary or legal requirements demand it.

RUN/Apiando as at 07/2023