Impressum

Privacy Policy

1. Introduction

This website is operated by: bowbridge Software GmbH.

It is very important to us to handle the data of our website visitors with confidence and to protect them in the best possible way. For this reason, we make every effort to comply with the requirements of the GDPR.

Below we explain how we process your data on our website. To do this, we use language that is as clear and transparent as possible so that you really understand what happens to your data.

2. General information

2.1 Processing of personal data and other terms

Data protection applies to the processing of personal data. Personal means all data with which you can be personally identified. This is, for example, the IP address of the device (PC, laptop, smartphone, etc.) in front of which you are currently sitting. Such data is processed when ‘something happens to it’. Here, for example, the IP is transmitted from the browser to our provider and stored there automatically. This is then a processing (according to Art. 4 No. 2 GDPR) of personal data (according to Art. 4 No. 1 GDPR).

These and other legal definitions can be found in Art. 4 GDPR.

2.2 Applicable regulations/laws – GDPR, BDSG and TDDDG

The scope of data protection is regulated by laws. In this case, these are the GDPR (General Data Protection Regulation) as a European regulation and the BDSG (Federal Data Protection Act) as a national law.

In addition, the TDDDG supplements the provisions of the GDPR as far as the use of cookies is concerned.

2.3 The person in charge

The person responsible for data processing on this website is the controller within the meaning of the GDPR. This is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

You can reach the person in charge at:

bowbridge Software GmbH, Altrottstr. 31, 69190 Walldorf, GERMANY
webmaster@bowbridge.net

2.4 This is how data is basically processed on this website

As we have already established, there is data (e.g. IP address) that is collected automatically. This data is mainly required for the technical provision of the website. If we also use personal data or collect other data, we will inform you of this or ask for your consent.

Other personal data you share with us knowingly.

Detailed information on this can be found below.

2.5 Your Right

The GDPR provides you with comprehensive rights. These are, for example, the free information about the origin, recipient and purpose of your stored personal data. In addition, you can request the correction, blocking or deletion of this data or complain to the competent data protection supervisory authority. You can revoke any consent you have given at any time.

You can find out in detail what these rights are and how to exercise them in the last section of this Privacy Policy.

2.6 Data protection – Our view

Data protection is more than just a chore for us! Personal data is of great value and careful handling of this data should be a matter of course in our digitalized world. In addition, you as a website visitor should be able to decide for yourself what “happens” to your data, when and by whom. We therefore undertake to comply with all legal provisions, collect only the data that is necessary for us and, of course, treat it confidentially.

2.7 Disclosure and deletion

The transfer and deletion of data are also important and sensitive topics. Therefore, we would like to briefly inform you in advance about our general approach to this.

A transfer of data only takes place on the basis of a legal basis and only if this is unavoidable. This may be the case in particular if it is a so-called Data Processor and a Data Processing Agreement has been concluded in accordance with Art. 28 GDPR.

We delete your data when the purpose and the legal basis for processing cease to apply and the deletion does not conflict with any other legal obligations. A ‘good’ overview of this is also provided by Art. 17 GDPR.

For all further information, please refer to this Privacy Policy and contact the responsible person if you have any specific questions.

2.8 Hosting

This website is hosted on our own servers. We store the personal data collected on this website on our servers. This is on the one hand the automatically collected and stored log files (see below for more details), as well as all other data provided by the website visitors.

The legal basis for the processing is Art. 6 para. 1 lit. a, b and f GDPR, as well as § 25 para. 1 TDDDG, insofar as consent includes the storage of cookies or access to information in the terminal device of the website visitor or user within the meaning of the TDDDG.

In doing so, we only process data that is necessary for the fulfillment of our service obligation.

2.9 Legal basis

The processing of personal data always requires a legal basis. The GDPR provides for the following possibilities in Art. 6 (1) Sentence 1:

a) The data subject has given his/her consent to the processing of personal data concerning him/her for one or more specific purposes;

b) the processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures taken at the data subject’s request;

c) processing is necessary for compliance with a legal obligation to whichthe person responsible is subject to;

d) the processing is necessary in order to protect the vital interests of the data subject or another natural person;

e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested inthe person in charge was transferred;

f) processing is necessary for the purposes of safeguarding the legitimate interests ofof the responsible person(s) orof a/an third party necessary, unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data override this, in particular where the data subject is a child.

In the following sections, we will provide you with the specific legal basis for the respective processing.

3. What happens on our website

By visiting our website, we process personal data from you.

To protect this data as best as possible against unauthorized access by third parties, we use SSL or TLS encryption. You can recognize this encrypted connection by the fact that a https:// or a lock symbol is displayed in the address bar of your browser.

In the following, you will learn what data is collected when you visit our website, for what purpose this is done and on what legal basis.

3.1 Data collection when calling up the website

By calling up the website, information is automatically stored in so-called server log files. This is the following information:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address

This data is temporarily required in order to be able to display our website to you permanently and without problems. In particular, this data thus serves the following purposes:

  • System security of the website
  • System stability of the website
  • Website troubleshooting
  • Connecting to the website
  • Website presentation

The data processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR and is based on our legitimate interest in the processing of this data, in particular the interest in the functionality of the website as well as its security.

If possible, this data is stored pseudonymously and deleted after the respective purpose has been achieved.

Insofar as the server log files allow the identification of the person concerned, the data is stored for a maximum period of 14 days. An exception exists if a security-relevant event occurs. In this case, the server log files are stored until the elimination and final clarification of the security-relevant event.

For the rest, a consolidation with other data does not take place.

3.2 Cookies

3.2.1 General

This website uses so-called cookies. This is a data record, information that is stored in the browser of your terminal device and is related to our website.

By setting cookies, the navigation of the website in particular can be made easier for the visitor.

In our Cookie Consent Tool, you will find all information about the cookies that we have in use on our website (if applicable, after your consent).

3.2.2 Reject cookies

You can manage all cookies that are not technically necessary directly via our cookie consent tool.

The setting of cookies can be prevented by adjusting the settings of your browser.

Here you can find the corresponding links to frequently used browsers:

Mozilla Firefox:https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen?redirectslug=Cookies+l%C3%B6schen&redirectlocale=en

Google Chrome:https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=de

Microsoft Edge:https://support.microsoft.com/de-de/windows/l%C3%B6schen-und-verwalten-von-cookies-168dab11-0753-043d-7c16-ede5947fc64d

Safari:https://support.apple.com/de-de/guide/mdm/mdmf7d5714d4/web andhttps://support.apple.com/de-de/guide/safari/sfri11471/mac. As far asYou another browseruseit is recommended to use the nameYour browser and ‘delete and manage cookies’ in a search engine and follow the official link toyours browser to follow.

Alternativeyou can use your Cookie settings also underwww.aboutads.info/choices/ orwww.youronlinechoices.commanage.

However, we must inform you that comprehensive blocking/deletion of cookies may lead to impairments in the use of the website.

3.2.3 Technically necessary cookies

We use technically necessary cookies on this website to ensure that our website functions without errors and in accordance with applicable laws. They help to make the website user-friendly. Some functions of our website cannot be displayed without the use of cookies.

The legal basis for this is, depending on the individual case, Art. 6 para. 1 lit. b, c and/or f GDPR.

3.2.4 Technically unnecessary cookies

We also use cookies on our website that are not technically necessary. These cookies are used, among other things, to analyze the surfing behavior of the website visitor or to offer functions of the website that are not technically necessary.

The legal basis for this is your consent pursuant to Art. 6 para. 1 lit. a GDPR.

Technically unnecessary cookies are only set with your consent, which you can revoke at any time in the cookie consent tool.

3.3 Data processing through user input

3.3.1 Own data collection

We offer the following (services) on our website: Access to advanced documentation, Access to the customer portal.

For this purpose, we collect the following data:

Name

E-mail address

Phone number

The legal basis for this data processing is Art. 6 para. 1 lit. b GDPR.

The data will be deleted as soon as the respective purpose ceases to apply and it is possible in accordance with the legal requirements.

3.3.2 Contact

a) E-mail

When you contact us by email, we process your email address and any other data contained in the email. This data is stored on the mail server and in some cases on the respective end devices. Depending on the request, the legal basis for this is regularly Art. 6 para. 1 lit. f GDPR or Art. 6 para. 1 lit. b GDPR. The data will be deleted as soon as the respective purpose no longer applies and it is possible in accordance with the legal requirements.

b) Phone

If you contact us by telephone, the call data may be stored pseudonymously on the respective terminal device and with the telecommunications provider used. Personal data collected during the telephone call will only be processed in order to handle your request. Depending on the request, the legal basis for this is regularly Art. 6 para. 1 lit. f GDPR or Art. 6 para. 1 lit. b GDPR. The data will be deleted as soon as the respective purpose ceases to apply and it is possible according to the legal requirements.

c) Contact form

We offer a contact form. This is used to contact our company.

In this form we usually process your first and last name, your telephone number, your e-mail address, a postal address and the content of the message. The data is stored on our web server and forwarded internally to the respective responsible e-mail addresses.

The legal basis for data processing is Art. 6 para. 1 lit. f GDPR, as we have a legitimate interest in responding to your request and in an uncomplicated way of contacting you. If the contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

We delete this data no later than 3 months after receipt, unless it is required for a contractual relationship that has arisen.

We bind the contact form of

Hubspot

HubSpot, Inc, 25 First Street, 2nd Floor, Cambridge, MA 02141, United States of America,

https://legal.hubspot.com/privacy-policy?_ga=2.80487636.2109353776.1547219595-1840724365.1539588495

on our website.

3.3.3 Questionnaires/forms

a) WordPress

We use the functions of WordPress on our website to implement questionnaires. This is a service provided by Automattic Inc, 60 29th Street #343, San Francisco, CA 94110, USA.

This service allows us to create online forms to collect messages, requests or other input for our website and embed them there.

WordPress receives the data entered in the form on our website.

WordPress uses essential, functional, analysis and marketing cookies. They are used to ensure the functions of WordPress, to analyze user behavior and to conduct personalized marketing.

Cookies that are not essential are only set with consent. This consent can be revoked at any time. The legal basis for this is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as this consent includes access to information in the user’s terminal device or the storage of cookies within the meaning of the TDDDG.

In addition, the legal basis for the use of WordPress is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in creating online forms and integrating them into our website so that they function properly. Insofar as the data processing via the form serves to offer our contractual services, the legal basis is Art. 6 para. 1 lit. b GDPR.

The data entered by the website visitor in the form will be stored on the WordPress servers until the website visitor requests deletion, a given consent to storage is revoked or the purpose for storing the data no longer applies. Mandatory statutory provisions on retention periods remain unaffected.

More information:

https://wordpress.org/about/privacy/.

3.4 Cookie Consent Tool

3.4.1 Cookie Notice & Compliance

To ensure that only those cookies are set on our website for which there is a legal basis, we use the consent management tool Cookie Notice & Compliance from Hu-manity Rights Inc, 300 Carnegie Center, Suite 150, Princeton, NJ, New Jersey 08540, USA.

This service is used to obtain the consent of the website visitor to the storage of certain cookies in his/her browser or the use of certain technologies and to document this in accordance with data protection law.

When this website is called up, the consent given by the website visitor(s) or the revocation of consent is stored as a Hu-manity Rights Inc. cookie in the browser of the website visitor(s). For this purpose, a connection is established to the servers of Hu-manity Rights Inc.

The legal basis is Art. 6 para. 1 lit. c GDPR. Hu-manity Rights Inc. is used to obtain the legally required consent for the use of cookies.

Until the website visitor requests deletion or Hu-manity Rights Inc. deletes the data itself or the purpose for storing the data no longer applies, the collected data will be stored. This does not affect the mandatory statutory retention periods.

3.5 Newsletter

3.5.1 Hubspot

We use Hubspot to provide our newsletter. This service is provided by Hubspot Inc, 25 Street, Cambridge, MA 02141 USA.

Through this service, the sending of newsletters can be organized and analyzed. The data entered to receive the newsletter is stored on the servers of the service.

With the help of Hubspot, interactions with the newsletter can be analyzed. Conversion rates can also be determined and newsletter users can be categorized in order to adapt the newsletter to different target groups.

The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time by unsubscribing from the newsletter. The legality of the processing that has already taken place remains unaffected by any revocation.

The data will be deleted when the contract between us and Hubspot ends, unless the website visitor revokes his/her consent beforehand. If this is the case, the data will be deleted from the distribution list.

Hubspot is certified under the EU-US Data Privacy Framework.

More details:

https://legal.hubspot.com/de/privacy-policy.

3.6 Mailing service

3.6.1 Google Mail

We use Google Mail as a mailing service. This service is provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

It is an e-mail service.

The processing is either based on consent according to Art. 6 para. 1 lit. a GDPR, as far as we use the mailing service to contact our leads. The consent can be revoked at any time.

When sending e-mails for the specific purpose of initiating a contract or in an existing contractual relationship, the legal basis for the processing is Art. 6 (1) lit. b GDPR, as the services used serve customer management and the fulfillment of our contractual performance.

The data will be deleted at the end of the contract between us and Google.

In the case of data transfer to the USA, the standard contractual clauses (SCC) of the EU Commission apply.

More details:

https://policies.google.com/privacy?hl=de.

3.6.2 WP Mail SMTP Plugin

We integrate the functions of the WP Mail SMTP plugin on our website. This is offered by WPForms LLC, WPForms 7732 Maywood Crest Dr, West Palm Beach, FL 33412, USA.

WP Mail SMTP improves the deliverability of emails from WordPress by enabling a reliable connection to SMTP services. SMTP (Simple Mail Transfer Protocol) is an industry standard for sending emails. Proper SMTP configuration helps to increase the deliverability of emails by enabling authentication of emails sent from your website. No personal data of website visitors is stored.

More information:

https://wpmailsmtp.com/privacy-policy/.

3.6.3 mailersend

https://app.mailersend.com/

3.7 Analysis and tracking tools

3.7.1 Google Analytics

We use Google Analytics on this website. Google Analytics is a web analytics service. This service is provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics uses cookies to recognize the user and thus analyze usage behavior. These cookies are only set with consent. Consent can be revoked at any time and managed in our cookie consent tool.

The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG.

The information collected here is usually transferred to a Google server in the USA and stored there. On July 10, 2023, the European Commission adopted an adequacy decision for the USA. Google LLC is certified under the EU-US Privacy Framework. However, as the Google servers are located worldwide and data transfer to third countries (e.g. Singapore) cannot be ruled out, the EU Commission’s Standard Contractual Clauses (SCC) apply.

The use of Google Analytics results in IP anonymization. The IP address of the respective user is shortened on servers within the member states of the EU (or the European Economic Area) in such a way that it is no longer possible to trace it back to a natural person. In addition, Google undertakes to provide appropriate data protection via the Google Ads data processing conditions and creates an evaluation of website use and website activity and provides the services associated with use. The Google Ads Data Processing Terms apply to companies that are subject to the EU General Data Protection Regulation (GDPR) of the European Economic Area (EEA), the California Consumer Privacy Act (CCPA) or similar regulations.

An additional browser plugin can be used to prevent the information collected (such as the IP address) from being sent to Google and used by Google. The plugin and further informationyou will find underhttps://tools.google.com/dlpage/gaoptout?hl=de.

Otherwise, the storage period depends on the type of data processed. Each customer can choose how long Google Analytics stores data before it is automatically deleted. The maximum lifespan of a Google Analytics cookie is two years.

Further information on the use of data by Googleyou will findalso underhttps://support.google.com/analytics/answer/6004245?hl=de. For all further questionsyou can also directly tosupport-deutschland@google.com turn.

3.7.2 YouTube

On this website we embed YouTube videos. YouTube is an online video platform. This service is offered by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

As soon as you start a video on our website, a connection to the YouTube servers is established. YouTube may set cookies on the end device of the website visitor after the start of a video in order to save settings and preferences and subsequently serve personalized advertising. The information obtained from this is also used for video statistics, to improve the user experience and to prevent fraud attempts.

The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as this consent includes access to information in the user’s terminal device or the storage of cookies within the meaning of the TDDDG. This consent can be revoked at any time.

More information:

https://policies.google.com/privacy?hl=de.

3.7.3 HubSpot

On our website, we integrate functions of HubSpot, a comprehensive marketing, sales and CRM service of HubSpot, Inc, 25 First Street, Cambridge, MA 02141, USA. HubSpot offers a variety of tools for managing customer relationships, automating marketing campaigns, analyzing user behavior and supporting sales and customer service processes. Among other things, IP addresses, pages visited, usage data, interaction data, location information and technical data such as browser type and operating system are processed. The data is processed for the purpose of analyzing user behavior, optimizing our website, managing customer relationships and conducting marketing campaigns. The legal basis for the processing is the performance of a contract or pre-contractual measures pursuant to Art. 6 para. 1 lit. b GDPR and Art. 6 para. 1 lit. f GDPR on the basis of a legitimate interest, if the processing is necessary to improve our services and to optimize sales and customer service processes. HubSpot sets cookies that are used for analysis, functionality and marketing purposes. These cookies are only set with consent, which can be revoked at any time. Data is transferred to a third country, in particular to the USA. The standard contractual clauses (SCC) of the EU Commission are used to ensure an adequate level of data protection. The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected or consent is withdrawn. Mandatory statutory retention periods remain unaffected. Further information on data processing by HubSpot can be found here:https://www.hubspot.com/privacy-policy.

3.8 Social media profiles

In addition to our website, our company is also present on social networks. Here we want to present our company and create the opportunity to get in touch with us.

We also use the opportunity to place advertisements and job advertisements on social media.

In the following, we provide information about what data we and the respective social network process when you visit and interaction with our profile.

3.8.1 LinkedIn

We operate a LinkedIn profile onhttps://www.linkedin.com/. This social network is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

a) Interaction with our company profile

When you visit our LinkedIn profile and interact with us via it, we process personal data. personal data. On the one hand, the data made publicly available on the profile. On the other hand, we also process the personal data contained in posts, comments or direct messages to us. Through interactions such as liking or sharing, we can see the user profile with the public information.

The legal basis for this processing is Art. 6 para. 1 lit. f GDPR. It is in our legitimate interest interest to provide relevant and interesting content and to enable the use and functionality of our LinkedIn profile

Insofar as an inquiry is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures, our processing is based on Art. 6 para. 1 lit. b GDPR.

b) Page Insights

LinkedIn provides us with aggregated statistics and insights (called Page Insights) that tell us how people interact with our Company Page. Among other things, we receive information about the number of profiles that view, comment on or otherwise interact with our posts, as well as aggregated demographic and other information that helps us learn about the interaction with our page or LinkedIn profile. Pages Insights provided to us by LinkedIn consist of aggregated data, and LinkedIn does not provide us with any personally identifiable information about members in relation to Page Insights. We also have no way of linking Page Insights to individual members.

When placing ads, LinkedIn provides us with information about the types of people who see our ads and about the success of our ads. Personal data is only passed on to us if this person has consented to such processing. We also receive information from LinkedIn that allows us to understand which of our ads led to a purchase being made or an action being taken.

The purpose of processing this data is to analyze our reach and to adapt our content and advertisements to user interests. By evaluating this data, we can recognize how our content, our profile and our advertising are consumed. This enables us to create target group-specific content and place advertisements in order to better market our company and our services.

The processing is based on our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

When processing personal data in the course of the so-called Page Insights, the processing is carried out in joint responsibility with LinkedIn in accordance with Art. 26 para. 1 GDPR.

To this end, we have entered into a corresponding agreement with LinkedIn, which is available here (https://legal.linkedin.com/pages-joint-controller-addendum) can be viewed.

The contact details of LinkedIn are:

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

For LinkedIn, you can contact the data protection officer at the following link:

https://www.linkedin.com/help/linkedin/ask/TSO-DPO.

3.8.2 Processing by LinkedIn

In connection with your visit to our company profile, LinkedIn may also process additional personal data. In this case, the processing is carried out under the sole responsibility of LinkedIn and without our knowledge. You can find more information from LinkedIn on this at:

https://de.linkedin.com/legal/privacy-policy.

3.8.3 LinkedIn Ads

We also integrate the functions of LinkedIn Ads on our website.

With the help of LinkedIn Ads, we can easily create effective ads that can be seen by a large audience on LinkedIn.

LinkedIn collects personal data for this purpose using cookies. This is used to evaluate the behavior of the users in order to analyze the effectiveness of the advertising measures and to adapt them for future campaigns in a more user-oriented manner.

These cookies are only set with consent. Consent can be revoked at any time. The legal basis for this is Art. 6 para. 1 lit. a GDPR.

Otherwise, the legal basis for the processing of data by LinkedIn Ads is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in expanding and optimizing our advertising presence on the LinkedIn platform.

3.9 Xing

We operate a Xing page. This social media platform is offered by New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany.

3.9.1 Interaction with our company profile

When you visit our Xing profile and interact with us via it, we process personal data. On the one hand, the data made publicly available on the profile. On the other hand, we also process the personal data contained in posts, comments or direct messages to us. Through interactions such as liking or sharing, we can see the user profile with the public information.

The company profile also gives you the opportunity to contact us as the operator using the contact details provided.

If users are logged in to XING with their user account when they access the company page, information about accessing the service can be assigned to the respective user account. This information is also available to us as the operator of the company profile. The provision of information can be avoided by logging out of the XING user account before accessing the company page.

The legal basis for the processing is Art. 6 para. 1 lit. f GDPR. It is in our legitimate interest to provide relevant and interesting content, to maintain business contacts, to draw attention to our services and job advertisements and to get in touch with visitors to our profile and interested parties.

Insofar as an inquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures, our processing is based on Art. 6 para. 1 lit. b GDPR.

3.9.2 Processing of personal data and cookies by Xing

When using and accessing our company profile, personal data is also processed by Xing. Xing is solely responsible for this processing. We have no influence on the processing by Xing.

If you have given your consent (for example by setting your XING status to “actively looking for a job”), Xing will contact you directly to suggest suitable job offers.

The processing of data can be restricted in the privacy settings.

Xing’s Privacy Policy can be viewed here:

https://privacy.xing.com/de/datenschutzerklaerung

3.10 X (formerly Twitter)

We use the short message service “X” (formerly Twitter). This is a service of X Corp, 1355 Market Street, Suite 900, San Francisco, CA 94103 USA. Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland, is responsible for the data processing of persons living outside the United States.

3.10.1 Interactions with our account

In principle, we do not collect and process any data from you when you use our short message service. The data you enter on X, in particular your user name and the content published under your account, will be processed by us on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR, insofar as your tweets may be retweeted, we may reply to them or tweets may be written that refer to your account. The data freely published and disseminated on X is thus included by us and made accessible to our followers.

3.10.2 Data processed by X

We have no control over the nature and extent of the data processed by X Corp., how it is processed and used, or whether it is disclosed to third parties. When you use X, your personal data will be collected, transferred, stored, disclosed and used by X Corp. and transferred to, stored and used in the United States, Ireland and any other country in which X Corp. does business, regardless of your country of residence.

On the one hand, X processes all voluntarily entered data such as name and user name, e-mail address, telephone number or the contacts in the address book, insofar as these have been uploaded or synchronized.

On the other hand, X also evaluates the shared content to determine which topics the user is interested in. X processes and stores confidential messages that are sent directly to other users. Using GPS data, information on wireless networks or the IP address, X can determine the user’s location.

X also receives information about what content is viewed, even if the user has not created an account.

X processes so-called “log data”. This includes the IP address, the browser type, the operating system, information on the previously accessed website and the pages accessed, the location, the mobile phone provider, the end device used (including device ID and application ID), the search terms used and cookie information.

Due to the fact that X Corp. is a non-European provider that only has a European branch in Ireland, it is not bound by German data protection regulations in its own opinion. This concerns, for example, the rights to information, blocking or deletion of data or the possibility of objecting to the use of usage data for advertising purposes.

The processing of data can be restricted in the general settings of the X account and under “Data protection and security”. In addition, on mobile devices (smartphones, tablet computers), X’s access to contact and calendar data, photos, location data, etc. can be restricted in the settings options there. However, this depends on the operating system used.

Further information can be found here:

https://help.twitter.com/de/safety-and-security/x-privacy-settings.

Information on the processing of data by X can be found in X’s Privacy Policy:

https://twitter.com/de/privacy.

Information can also be requested via the X data protection form or the archive requests:

https://support.twitter.com/forms/privacy.

3.10.3 YouTube

We operate a profile on YouTube. This is a video platform of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, which enables us to publish video content and interact with our audience.

3.10.4 Data processing by us

We also process the data of profile visitors. In doing so, we process data from your use of our profile, which is provided to us by YouTube.

This information includes statistics on visits to our profile, reports on the playback time of our videos, user interaction (e.g. “I like” or comments), as well as information about individual people who actively interact with our page, e.g. by subscribing or using YouTube’s communication options.

The data entered on YouTube, in particular the user name and the content published under the account, is made visible and processed by us through interactions with our profile.

We process this data to enable communication and to optimize our content in terms of reach and target group.

The legal basis for the processing is a legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR for the purposes mentioned.

3.10.5 Data processing by YouTube

When visiting our YouTube channel or interacting with our YouTube channel, YouTube collects personal data such as IP address, device information, geographic information, as well as activity on the platform, including videos viewed, interactions such as likes, comments and subscriptions. This data may be collected through cookies and similar technologies that are stored on the device.

YouTube uses this information to operate and improve the platform, to serve personalized ads and to perform analytics and measurements to understand how users interact with the content. In addition, data processing helps to evaluate and improve the reach and effectiveness of content.

The processing of data by YouTube takes place, among other things, on the basis of your consent, which is expressed by accepting the cookie policy on YouTube.

The data collected by YouTube may be shared within the Google group of companies and with third parties who may be located in countries outside the European Union, including the USA. Google LLC is certified by the EU-U.S. Data Privacy Framework, which ensures that an adequate level of data protection is maintained even when data is transferred to third countries.

We have no influence on the scope of the data processed by YouTube, the type of processing and use or the transfer of this data to third parties. We also have no effective control options in this respect.

Information on what data is processed by YouTube and for what purposes can be found in YouTube’s Privacy Policy: https://policies.google.com/privacy?hl=de&gl=de.

3.11 Third-party content

3.11.1 Google Fonts

We have integrated Google Fonts locally on our server. Thus, despite the use, no data is transmitted to Google.

3.11.2 Updraft Plus

We use the Updraft Plus service. This service is provided by Updraft WP Software Ltd, Welsh Ice Britannia House, Caerphilly Business Park, Caerphilly, Wales, CF83 3GG.

UpdraftPlus is a WordPress backup plugin that enables full manual or scheduled backups of all WordPress files, databases, plugins and themes. It offers features such as restoring backups directly from the WordPress control panel, migrating or cloning WordPress websites and integrating with various cloud storage options for secure backups.

With the help of this service, the entire WordPress installation is encrypted (SFTP/SCP) at regular intervals.

The legal basis for the processing of personal data is otherwise Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in protecting our website through regular backups.

More information:

https://updraftplus.com/data-protection-and-privacy-centre/.

3.11.3 jQuery

We use functions of jQuery on our website, which is operated by the JS Foundation, 1 Letterman Drive, San Francisco, CA 94129, USA. jQuery is a JavaScript library that simplifies HTML document processing, event handling, animation and Ajax interactions for faster web development. The service processes technical data such as IP addresses and information about the device and browser used to ensure the functionality of the website. The purpose of data processing is to provide and improve the functionality of our website through the use of the jQuery library. The legal basis for data processing is Art. 6 para. 1 lit. f GDPR, as there is a legitimate interest in providing a technically flawless and user-friendly website. jQuery does not set its own cookies. Data is transferred to the USA, whereby suitable guarantees such as standard contractual clauses (SCC) of the EU Commission are used. Data is not stored for longer than is necessary to provide the functionality. Further information on data processing can be found here: https://images.prismic.io/openjsf/ba00b254-685f-4e54-b1ca-17984b0f3e55_OpenJS-Foundation-Privacy-Policy-2019-11-15.pdf.

3.11.4 WP Rocket

We use the caching plugin WP Rocket on our website, developed by WP Media, 4 rue de la République, 69001 Lyon, France. WP Rocket optimizes the loading speed and performance of WordPress pages through page caching, browser caching, GZIP compression, JavaScript optimization, CSS optimization and lazy loading of images. Technical data such as URL structures, file content (CSS, JavaScript, HTML), server configurations and WordPress settings are processed. The purpose of data processing is to improve website performance. The legal basis for processing is Art. 6 para. 1 lit. f GDPR, as there is a legitimate interest in optimizing the website. WP Rocket does not set cookies by default, but certain functions may use cookies if they are activated. The legal basis for this is Art. 6 para. 1 lit. a GDPR. No data is transferred to third countries; data processing takes place exclusively on our own web server. The data is only stored temporarily in the cache and is automatically deleted when the website is updated. Further information on data processing:

https://wp-rocket.me/terms/.

3.12 CRM systems

3.13 vtiger

https://www.vtiger.com/

3.14 Cloud backups

We use cloud backup functions on our website to protect the data and content of the website from data loss, corruption or security incidents. This ensures that the website can be restored quickly and completely in the event of a server failure, a hacker attack or other unforeseen events.

If personal data is stored on our website, it is transferred to the servers of the respective provider during backups. The legal basis for data processing is Art. 6 para. 1 lit. f GDPR, as we have a legitimate interest in backing up our data.

We use the following cloud backup service:

Akamai Connected Cloud

https://www.linode.com/

4. This is also important

Finally, we would like to inform you in detail about your rights and how you will be informed about changes in data protection requirements.

4.1 Your Rights in detail

4.1.1 Right to information according to Art. 15 GDPR

You can request information about whether personal data about you is being processed. If this is the case, you can request further information on the type and manner of processing. A detailed list can be found in Art. 15 (1) lit. a to h GDPR.

4.1.2 Right to rectification according to Art. 16 GDPR

This right includes the correction of inaccurate data and the completion of incomplete personal data.

4.1.3 Right to deletion according to Art. 17 GDPR

This so-called ‘right to be forgotten’ gives you the right, under certain conditions, to request the deletion of personal data by the controller. This is generally the case if the purpose of the data processing has ceased to exist, if consent has been revoked or if the initial processing took place without a legal basis. A detailed list of reasons can be found in Art. 17 (1) a to f GDPR. Furthermore, this “right to be forgotten” corresponds with the obligation of the controller under Art. 17 (2) GDPR to take appropriate measures to bring about a general erasure of the data.

4.1.4 Right to restriction of processing according to Art. 18 GDPR

This right is subject to the conditions set out in Art. 18(1)(a) to (d).

4.1.5 Right to data portability according to Art. 20 GDPR

Here, the basic right to receive one’s own data in a common form and to transfer it to another data controller is regulated. However, this only applies to data processed on the basis of consent or a contract pursuant to Art. 20 (1) (a) and (b) and to the extent that this is technically feasible.

4.1.6 Right of objection according to Art. 21 GDPR

In principle, you can object to the processing of your personal data. This applies in particular if your interest in objecting outweighs the legitimate interest of the controller in the processing and if the processing relates to direct marketing and or profiling.

4.1.7 Right to “decision in individual cases” according to Art. 22 GDPR

In principle, you have the right not to be subject to a decision based solely on automated processing (including profiling) which produces legal effects concerning you or similarly significantly affects you. However, this right is also subject to limitations and supplements in Art. 22 (2) and (4) GDPR.

4.1.8 Other rights

The GDPR contains comprehensive rights to inform third parties about whether or how you have asserted rights under Art. 16, 17, 18 GDPR. However, this only applies insofar as this is possible or feasible with reasonable effort.

We would like to take this opportunity to once again inform you of your right to withdraw your consent in accordance with Article 7 (3) of the GDPR. However, this does not affect the lawfulness of the processing carried out up to that point.

In addition, we would also like to inform you about your rights according to §§ 32 ff. BDSG, which, however, are largely congruent with the rights just described.

4.1.9 Right of appeal according to Art. 77 GDPR

You also have the right to lodge a complaint with a data protection supervisory authority if you consider that the processing of personal data relating to you infringes this Regulation.

5. What if tomorrow the GDPR is abolished or other changes take place?

The current status of this Privacy Policy is 20.01.2025. From time to time it is necessary to adapt the content of the Privacy Policy in order to react to actual and legal changes. We therefore reserve the right to amend this Privacy Policy at any time. We will publish the amended version in the same place and recommend that you read the Privacy Policy regularly.