Privacy Policy

Last updated 03/13/25

1) Introduction and contact details of the responsible person

1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about how we handle your personal data when you use our website. Personal data refers to all data that can be used to personally identify you.

1.2 The controller for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is NZYM Deutschland GmbH, Georg-Knorr-Str. 1, 85662 Hohenbrunn, Germany, Tel.: +49 89 660797-0, Email: info@nzym.group. The controller for the processing of personal data is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data.

1.3 The controller has appointed a data protection officer who can be contacted as follows: Petra Meilhammer, Georg-Knorr-Straße 1, 85662 Hohenbrunn, 089/6607970, meilhammer@drniedermaier.com

2) Data collection when visiting our website

2.1 If you use our website for informational purposes only, i.e., if you do not register or otherwise provide us with information, we only collect data that your browser transmits to the website server (so-called "server log files"). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:

Our visited website
Date and time of access
Amount of data sent in bytes
Source/reference from which you came to the page
Browser used
Operating system used
IP address used (if applicable: in anonymized form)

Processing is carried out in accordance with Art. 6 (1) (f) GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be shared or used for any other purpose. However, we reserve the right to subsequently review the server log files if there are concrete indications of illegal use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the character string "https://" and the lock symbol in your browser bar.

3) Hosting & Content-Delivery-Network

Webflow

The provider is Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter “Webflow”). When you visit our website, Webflow collects various log files, including your IP address.

Webflow is a tool for creating and hosting websites. Webflow stores cookies or other recognition technologies necessary for the website’s display, the provision of certain functionalities, and security.

For details, please refer to Webflow’s privacy policy: https://webflow.com/legal/eu-privacy-policy.

The use of Webflow is based on Art. 6 (1) lit. f GDPR. We have a legitimate interest in a reliable presentation of our website. If consent has been requested, processing occurs solely based on Art. 6 (1) lit. a GDPR and § 25 (1) TTDSG, if the consent includes cookie storage or access to information on the user’s device (e.g., device fingerprinting) under the TTDSG. Consent can be revoked at any time.

Data transfer to the USA

This is based on the EU Commission’s Standard Contractual Clauses. Details can be found here: https://webflow.com/legal/eu-privacy-policy.

Data Processing Agreement

We have concluded a Data Processing Agreement (DPA) with the service provider mentioned above. This is a legally required contract that ensures that Webflow processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

‍

4) Cookies

To make visiting our website more attractive and enable the use of certain functions, we use cookies, i.e., small text files stored on your device. Some of these cookies are automatically deleted after closing your browser (so-called "session cookies"); others remain on your device for a longer period and allow you to save page settings (so-called "persistent cookies"). In the latter case, you can find out how long cookies are stored in the overview of your web browser's cookie settings.

If personal data is also processed by individual cookies used by us, the processing is carried out in accordance with Art. 6 (1) (b) GDPR either to execute the contract, in accordance with Art. 6 (1) (a) GDPR in the event of consent being given, or in accordance with Art. 6 (1) (f) GDPR to protect our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the site visit.

You can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies in certain cases or in general.

Please note that if you do not accept cookies, the functionality of our website may be limited.

5) Contact

5.1 WhatsApp-Business

You have the option of contacting us via the WhatsApp messaging service provided by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. For this purpose, we use the so-called "Business Version" of WhatsApp.

If you contact us via WhatsApp regarding a specific transaction (for example, a placed order), we will store and use the mobile phone number you use for WhatsApp and – if provided – your first and last name in accordance with Art. 6 (1) (b) GDPR to process and respond to your request. Based on the same legal basis, we may ask you via WhatsApp to provide additional data (order number, customer number, address, or email address) so that we can assign your request to a specific process.

If you use our WhatsApp contact for general inquiries (e.g. about the range of services, availability or our website), we will save and use the mobile phone number you use on WhatsApp and - if provided - your first and last name in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest in the efficient and timely provision of the requested information.

Your data will only be used to respond to your request via WhatsApp. It will not be shared with third parties.

Please note that WhatsApp Business receives access to the address book of the mobile device we use for this purpose and automatically transfers telephone numbers stored in the address book to a server of the parent company Meta Platforms Inc. in the USA. To operate our WhatsApp Business account, we use a mobile device whose address book only stores the WhatsApp contact data of users who have contacted us via WhatsApp.

This ensures that every person whose WhatsApp contact details are stored in our address book has consented to the transmission of their WhatsApp telephone number from the address books of their chat contacts in accordance with Art. 6 (1) (a) GDPR by accepting the WhatsApp Terms of Use upon first use of the app on their device. The transmission of data from users who do not use WhatsApp and/or have not contacted us via WhatsApp is therefore excluded.

For information on the purpose and scope of data collection and the further processing and use of data by WhatsApp, as well as your rights and setting options for protecting your privacy, please refer to WhatsApp's privacy policy: https://www.whatsapp.com/legal/?eea=1#privacy-policy

We have concluded a data processing agreement with the provider that protects the data of our site visitors and prohibits its transfer to third parties.

As part of the above-mentioned processing, data may be transferred to Meta Platforms Inc. servers in the USA.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision of the European Commission.

5.2 When you contact us (e.g., via contact form or email), personal data is collected. The data collected when you use a contact form is stated in the respective contact form. This data is stored and used exclusively for the purpose of responding to your inquiry or for the contact and the associated technical administration.

The legal basis for processing this data is our legitimate interest in responding to your request in accordance with Art. 6 (1) (f) GDPR. If your contact is aimed at concluding a contract, an additional legal basis for processing is Art. 6 (1) (b) GDPR. Your data will be deleted after your request has been finally processed. This is the case if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided there are no statutory retention periods to the contrary.

6) Use of customer data for direct marketing

6.1 Registration for our email newsletter

If you subscribe to our email newsletter, we will regularly send you information about our offers. The only mandatory information required to receive the newsletter is your email address. Providing additional data is voluntary and will be used to address you personally. We use the so-called double opt-in procedure to send the newsletter. This means that we will only send you an email newsletter once you have expressly confirmed that you consent to receiving the newsletter. We will then send you a confirmation email asking you to confirm that you wish to receive the newsletter in the future by clicking on a corresponding link.

By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6 (1) (a) GDPR. When you register for the newsletter, we save the IP address entered by your Internet service provider (ISP) as well as the date and time of registration so that we can trace any possible misuse of your email address at a later date. The data we collect when you register for the newsletter will be used exclusively for the purposes of advertising via the newsletter. You can unsubscribe from the newsletter at any time using the link provided for this purpose in the newsletter or by sending a corresponding message to the person responsible named above. After unsubscribing, your email address will be immediately deleted from our newsletter distribution list unless you have expressly consented to further use of your data or we reserve the right to use the data in any other way that is permitted by law and about which we inform you in this declaration.

6.2 Rapidmail

Our e-mail newsletter is sent via this provider: rapidmail GmbH, Wentzingerstraße 21, 79106 Freiburg, Germany

Based on our legitimate interest in effective and user-friendly newsletter marketing, we will pass on the data you provided when registering for the newsletter to this provider in accordance with Art. 6 (1) (f) GDPR so that they can send the newsletter on our behalf.

Subject to your express consent in accordance with Art. 6 (1) (a) GDPR, the provider also conducts a statistical evaluation of the success of newsletter campaigns using web beacons or tracking pixels in the emails sent, which can measure opening rates and specific interactions with the newsletter content. Device information (e.g., time of access, IP address, browser type, and operating system) is also collected and evaluated, but not merged with other data sets.
You can revoke your consent to newsletter tracking at any time with future effect.

We have concluded a data processing agreement with the provider that protects the data of our site visitors and prohibits its transfer to third parties.

6.3 WhatsApp-Newsletter

If you subscribe to our WhatsApp newsletter, we will regularly send you information about our offers via WhatsApp. The only mandatory information required to receive the newsletter is your mobile phone number.

To receive the newsletter, please add the mobile phone number you provided to your mobile device's address contacts and send us the message "Start" via WhatsApp. By sending this WhatsApp message, you consent to the use of your personal data in accordance with Art. 6 (1) (a) GDPR for the purpose of sending the newsletter. We will then add you to our newsletter distribution list.

The data we collect when you register for the newsletter will be processed exclusively for the purposes of contacting you for advertising purposes via the newsletter. You can unsubscribe from the newsletter at any time by sending us the message "Stop" via WhatsApp. After unsubscribing, your mobile phone number will be immediately deleted from our newsletter distribution list unless you have expressly consented to further use of your data or we reserve the right to use the data in any other way that is permitted by law and about which we will inform you in this statement.

To send our WhatsApp newsletter, we use a mobile device whose address book exclusively stores the WhatsApp contact details of our newsletter recipients. This ensures that every person whose WhatsApp contact details are stored in our address book has consented to the transmission of their WhatsApp telephone number from the address books of their chat contacts in accordance with Art. 6 (1) (a) GDPR by accepting the WhatsApp Terms of Use when using the app for the first time on their device. Therefore, the transmission of data from users who do not use WhatsApp and/or have not contacted us via WhatsApp is excluded.

We have concluded a data processing agreement with WhatsApp that protects the data of our newsletter recipients and prohibits its transfer to third parties.

As part of the above-mentioned processing, data may be transferred to Meta Platforms Inc. servers in the USA.

6.4 - Single

Our WhatsApp newsletter is sent via this provider: Sinch Sweden AB, Lindhagensgatan 74, 112 18 Stockholm, Sweden

Based on our legitimate interest in effective and user-friendly newsletter marketing, we will pass on your telephone number linked to your WhatsApp account and, if applicable, your first and last name to this provider in accordance with Art. 6 (1) (f) GDPR so that they can send the newsletter on our behalf.

Subject to your express consent in accordance with Art. 6 (1) (a) GDPR, the provider also conducts a statistical evaluation of the success of newsletter campaigns using web beacons or tracking pixels in the sent WhatsApp messages, which can measure opening rates and specific interactions with the newsletter content. Device information (e.g., time of access, IP address, browser type, and operating system) is also collected and evaluated, but not merged with other data sets.

You can revoke your consent to newsletter tracking at any time with future effect.

We have concluded a data processing agreement with the provider that protects the data of our site visitors and prohibits its transfer to third parties.

6.5 Advertising by post
Based on our legitimate interest in personalized direct advertising, we reserve the right to store your first and last name, postal address, and—if we have received this additional information from you as part of the contractual relationship—your title, academic degree, year of birth, and professional, industry, or business name in accordance with Art. 6 (1) (f) GDPR, and to use it to send you interesting offers and information about our products by post.
You can object to the storage and use of your data for this purpose at any time.

7) Web analysis services

7.1 Google Analytics 4

This website uses Google Analytics 4, a web analysis service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), which enables an analysis of your use of our website.

By default, when you visit the website, Google Analytics 4 sets cookies. These cookies are stored on your device as small text blocks and collect certain information. This information also includes your IP address, which Google truncates to prevent it from being directly linked to your personal information.

The information is transferred to Google servers and processed there. This may also involve transfers to Google LLC, based in the USA.

Google uses the information collected on our behalf to evaluate your use of the website, to compile reports on website activity for us, and to provide other services related to website activity and internet usage. The IP address transmitted and abbreviated by your browser as part of Google Analytics will not be merged with other Google data. The data collected as part of the use of Google Analytics 4 will be stored for a period of two months and then deleted.

All processing described above, in particular the setting of cookies on the device used, will only take place if you have given us your express consent in accordance with Art. 6 (1) (a) GDPR.
Without your consent, Google Analytics 4 will not be used during your visit to the site. You can revoke your consent at any time with effect for the future. To exercise your right of revocation, please deactivate this service using the "Cookie Consent Tool" provided on the website.

We have concluded a data processing agreement with Google that ensures the protection of our site visitors' data and prohibits unauthorized disclosure to third parties.

Further legal information on Google Analytics 4 can be found at https://business.safety.google/intl/de/privacy/ , https://policies.google.com/privacy?hl=de&gl=de and at https://policies.google.com/technologies/partner-sites

Demographic characteristics
Google Analytics 4 uses the special “demographic characteristics” function and can use this to create statistics that make statements about the age, gender and interests of site visitors. This is done by analyzing advertising and information from third parties. This can be used to identify target groups for marketing activities. However, the data collected cannot be assigned to a specific person and is deleted after being stored for a period of two months.

Google Signals
As an extension to Google Analytics 4, Google Signals can be used on this website to create cross-device reports. If you have activated personalized ads and linked your devices to your Google Account, Google can analyze your usage behavior across devices and create database models, including for cross-device conversions, subject to your consent to the use of Google Analytics in accordance with Art. 6 (1) (a) GDPR. We do not receive any personal data from Google, only statistics. If you would like to stop cross-device analysis, you can deactivate the "Personalized Advertising" function in your Google Account settings. To do so, follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=de . Further information about Google Signals can be found at the following link: https://support.google.com/analytics/answer/7532985?hl=de .

User IDs:
This website uses the "User IDs" feature as an extension to Google Analytics 4. If you have consented to the use of Google Analytics 4 in accordance with Art. 6 (1) (a) GDPR, have set up an account on this website, and log in to this account on multiple devices, your activities, including conversions, can be analyzed across devices.

7.2 Google Tag Manager

This website uses “Google Tag Manager”, a service provided by the following provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”).

Google Tag Manager provides a technical basis for bundling various web applications, including tracking and analytics services, and calibrating, controlling, and linking them to conditions via a uniform user interface. Google Tag Manager itself does not store or read information on user devices. Nor does the service perform any independent data analyses. However, when you access a page, Google Tag Manager transmits your IP address to Google, where it may store it. Transmission to Google LLC servers in the USA is also possible.

This processing will only be carried out if you have given us your express consent in accordance with Art. 6 (1) (a) GDPR. Without this consent, Google Tag Manager will not be used during your visit to the site. You can revoke your consent at any time with future effect. To exercise your revocation, please deactivate this service using the "Cookie Consent Tool" provided on the website.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

Further legal information about Google Tag Manager can be found at https://business.safety.google/intl/de/privacy/ and https://policies.google.com/privacy?hl=de&gl=de

8) Retargeting/ Remarketing und Conversion-Tracking

8.1 Meta Pixel with advanced data comparison

Within our online offering, we use the "Meta Pixel" service of the following provider in the extended data matching mode: Meta Platforms Ireland Limited, 4 Grand Canal Quare, Dublin 2, Ireland ("Meta")

If a user clicks on an ad placed by us on Facebook or Instagram, a parameter is added to the URL of our linked page using "Meta Pixel." This URL parameter is then entered into the user's browser after redirection via a cookie set by our linked page. Furthermore, this cookie records specific customer data, such as the email address, which we collect on our website linked to the Facebook or Instagram ad during transactions such as purchases, account registrations, or registrations (extended data matching). The cookie is then read and enables the transmission of the data, including the specific customer data, to Meta.

We use "Meta Pixel" with advanced data matching to make our advertisements (so-called "ads") on Facebook and/or Instagram more effective and to ensure that they correspond to the interests of users or have certain characteristics (e.g. interests in certain topics or products determined based on the websites visited) that we transmit to Meta (so-called "custom audiences").

In addition, we analyze the effectiveness of our ads by tracking whether users were redirected to our website after clicking on an ad (conversion). Compared to the standard "Meta Pixel" variant, the enhanced data matching feature helps us better measure the effectiveness of our advertising campaigns by tracking more attributed conversions.

All transmitted data is stored and processed by Meta so that it can be assigned to the respective user profile and Meta can use the data for its own advertising purposes in accordance with Meta's data usage guidelines ( https://www.facebook.com/about/privacy/ ). The data may enable Meta and its partners to place ads on and off Facebook.

All processing described above, in particular the setting of cookies for reading information on the device used, will only be carried out if you have given us your express consent in accordance with Art. 6 (1) (a) GDPR. You can revoke your consent at any time with future effect by deactivating this service in the "Cookie Consent Tool" provided on the website.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

The information generated by Meta is generally transferred to a Meta server and stored there; in this context, it may also be transferred to Meta Platforms Inc. servers in the USA.

8.2 Google Ads Remarketing

This website uses retargeting technology from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

For this purpose, Google places a cookie in the browser of your device, which automatically enables interest-based advertising using a pseudonymous cookie ID and based on the pages you visit. Further data processing only takes place if you have consented to Google linking your internet and app browsing history with your Google Account and using information from your Google Account to personalize ads that you view on the web. In this case, if you are logged in to Google while visiting our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, Google will temporarily link your personal data with Google Analytics data to create target groups. When using Google Ads Remarketing, personal data may also be transferred to the servers of Google LLC in the USA.

All processing described above, in particular the setting of cookies for reading information on the device used, will only be carried out if you have given us your express consent in accordance with Art. 6 (1) (a) GDPR. Without this consent, retargeting technology will not be used during your visit to the site.

You can revoke your consent at any time with future effect. To exercise your revocation, please deactivate this service using the "Cookie Consent Tool" provided on the website.

Details on the processing initiated by Google and how Google handles data from websites can be found here: https://policies.google.com/technologies/partner-sites

Further information on Google's privacy policy can be found here: https://business.safety.google/intl/de/privacy/ and https://www.google.de/policies/privacy/

8.3 Google Ads Conversion-Tracking

This website uses the online advertising program "Google Ads" and, as part of Google Ads, conversion tracking provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). We use Google Ads to draw attention to our attractive offers on external websites with the help of advertising materials (so-called Google Adwords). Based on the data from the advertising campaigns, we can determine the success of individual advertising measures. Our goal is to show you advertising that is of interest to you, to make our website more interesting for you, and to achieve a fair calculation of the advertising costs incurred.

The cookie for conversion tracking is set when a user clicks on an ad placed by Google Ads. Cookies are small text files that are stored on your device. These cookies usually expire after 30 days and are not used for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies cannot therefore be tracked across the websites of Google Ads customers. The information collected using the conversion cookie is used to compile conversion statistics for Google Ads customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. When using Google Ads, personal data may also be transferred to Google LLC servers in the USA.

Details on the processing initiated by Google Ads Conversion Tracking and how Google handles data from websites can be found here: https://policies.google.com/technologies/partner-sites

You can also permanently object to the setting of cookies by Google Ads Conversion Tracking by downloading and installing the browser plug-in from Google available at the following link:
https://www.google.com/settings/ads/plugin?hl=de

Please note that certain features of this website may not be available or may only be available to a limited extent if you have deactivated the use of cookies.
Google's privacy policy can be viewed here: https://business.safety.google/intl/de/privacy/ and https://www.google.de/policies/privacy/

8.4 Microsoft Advertising Universal Event Tracking

This website uses conversion tracking technology from the following provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA

To use Universal Event Tracking, a tag is stored on every page of our website that interacts with the conversion cookie set by Microsoft. This interaction makes user behavior on our website trackable and sends the collected information to Microsoft. This allows certain predefined goals, such as purchases or leads, to be statistically recorded and evaluated in order to tailor the targeting and content of our offerings to suit users' interests. The tags are never used to personally identify users.

All processing described above, in particular the setting of cookies for reading information on the device used, will only be carried out if you have given us your express consent in accordance with Art. 6 (1) (a) GDPR. Without this consent, retargeting technology will not be used during your visit to the site.

You can revoke your consent at any time with future effect. To exercise your revocation, please deactivate this service using the "Cookie Consent Tool" provided on the website.

9) Page functionalities

9.1 Facebook-Plugins

Our website uses social network plugins from the following provider: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

These plugins enable direct interactions with content on the social network.

In order to increase the protection of your data when you visit our website, the plugins are initially deactivated and integrated into the site using the so-called “2-click” or “Shariff” solution.

This integration ensures that when you access a page of our website that contains such plugins, no connection is established with the provider's servers.

Only when you activate the plug-in and thus consent to the data transfer in accordance with Art. 6 (1) (a) GDPR will your browser establish a direct connection to the provider's servers. Regardless of whether you log in to an existing user profile, a certain amount of information about your device (including your IP address), your browser, and your page browsing history will be transmitted to the provider and, if necessary, further processed there.

If you are logged into an existing user profile on the provider's social network, information about interactions via the plug-in will also be published there and displayed to your contacts.
You can revoke your consent at any time by deactivating the activated plug-in by clicking on it again. However, this revocation will not affect the data that has already been transferred to the provider.

Data may also be transferred to: Meta Platforms Inc., USA

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

9.2 Instagram-Plugins

Our website uses social network plugins from the following provider: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland

These plugins enable direct interactions with content on the social network.

This integration ensures that when you access a page of our website that contains such plugins, no connection is established with the provider's servers.

Only when you activate the plug-ins and thus give your consent to the data transfer in accordance with Art. 6 (1) (a) GDPR does your browser establish a direct connection to the provider's servers. In doing so, regardless of whether you log in to an existing user profile, a certain amount of information about the device you are using (including your IP address), your browser and your page history is transmitted to the provider and may be further processed there.

If you are logged into an existing user profile on the provider's social network, information about interactions carried out via the plug-ins will also be published there and displayed to your contacts.
You can revoke your consent at any time by deactivating the activated plug-in by clicking on it again. However, the revocation has no effect on the data that has already been transmitted to the provider.

Data may also be transferred to: Meta Platforms Inc., USA

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

9.3 Google Maps

This website uses an online map service from the following provider: Google Maps (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

Google Maps is a web service for displaying interactive maps to visually present geographical information. Using this service, you will be shown our location and, if necessary, make it easier to find us.

As soon as you access the sub-pages in which the Google Maps map is integrated, information about your use of our website (such as your IP address) is transmitted to Google servers and stored there. This may also involve transmission to the servers of Google LLC in the USA. This occurs regardless of whether Google provides a user account through which you are logged in or whether a user account already exists. If you are logged in to Google, your data is assigned directly to your account. If you do not wish to be assigned to your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates this.

The collection, storage, and analysis are carried out in accordance with Art. 6 (1) (f) GDPR on the basis of Google's legitimate interest in displaying personalized advertising, market research, and/or tailoring Google websites to meet your needs. You have the right to object to the creation of these user profiles; you must contact Google to exercise this right. If you do not agree to the future transmission of your data to Google when using Google Maps, you also have the option of completely deactivating the Google Maps web service by disabling JavaScript in your browser. Google Maps, and thus also the map display on this website, can then no longer be used.

To the extent legally required, we have obtained your consent to the processing of your data as described above in accordance with Art. 6 (1) (a) GDPR. You can revoke your consent at any time with future effect. To exercise your consent, please follow the objection option described above.

Further information on Google's data protection can be found here: https://business.safety.google/intl/de/privacy/

9.4 Google Customer Reviews (formerly Google Certified Retailer Program)

We partner with Google through the Google Customer Reviews program. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). This program allows us to collect customer reviews from users of our website. After making a purchase on our website, you will be asked whether you would like to participate in an email survey from Google.

If you give your consent in accordance with Art. 6 (1) (a) GDPR, we will transmit your email address to Google. You will receive an email from Google Customer Reviews asking you to rate your purchase experience on our website. The rating you submit will then be summarized with our other reviews and displayed in our Google Customer Reviews logo and on our Merchant Center dashboard. Your rating will also be used for Google Seller Ratings. Using Google Customer Reviews may also result in the transmission of personal data to Google LLC's servers in the USA.

You can revoke your consent at any time by sending a message to the data controller or to Google.

Further information on Google's privacy policy can be found here: https://business.safety.google/intl/de/privacy/

9.5 Zoom

For online meetings, video conferences and/or webinars, we use this provider: Zoom Video Communications Inc., 55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA

The provider processes various types of data, with the extent of the data processed depending on which data you provide before or during participation in an online meeting, video conference, or webinar. Your data as a communication participant is processed and stored on the provider's servers. This may include, in particular, your login data (name, email address, telephone number (optional), and password) and session data (subject, participant IP address, device information, description (optional)).

In addition, image and sound contributions from participants as well as voice inputs in chats can be processed.
Art. 6 (1) (b) GDPR serves as the legal basis for the processing of personal data that is necessary for the fulfillment of a contract with you (this also applies to processing operations that are necessary to carry out pre-contractual measures). If you have given us your consent to process your data, the processing will be carried out on the basis of Art. 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future.
Furthermore, the legal basis for data processing when conducting online meetings, video conferences or webinars is our legitimate interest pursuant to Art. 6 (1) (f) GDPR in the effective conduct of the online meeting, webinar or video conference.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

9.6 Applications for job vacancies by email

We advertise currently vacant positions in a separate section on our website, for which interested parties can apply by email to the contact address provided.

Applicants must provide all personal information necessary for a sound assessment, including general information such as name, address, and contact details, as well as performance-related documentation and, where applicable, health-related information. Application details can be found in the job posting.

After receiving the application by email, the data will be stored and evaluated exclusively for the purpose of processing the application. For follow-up inquiries, we will use either the applicant's email address or telephone number. Processing is based on Art. 6 (1) (b) GDPR (or Section 26 (1) BDSG), according to which completing the application process is considered the initiation of an employment contract.

If special categories of personal data within the meaning of Art. 9 (1) GDPR (e.g. health data such as information on severe disability) are requested from applicants as part of the application process, the processing will be carried out in accordance with Art. 9 (2) (b) GDPR so that we can exercise the rights arising from employment law and social security and social protection law and fulfil our obligations in this regard.

Cumulatively or alternatively, the processing of special categories of data may also be based on Article 9 (1) (h) GDPR if it is carried out for the purposes of preventive healthcare or occupational medicine, for the assessment of the applicant's ability to work, for medical diagnostics, care or treatment in the health or social sector or for the administration of systems and services in the health or social sector.

If the applicant is not selected or withdraws their application prematurely, their submitted data and all electronic correspondence, including the application email, will be deleted after a maximum of six months following notification. This period is based on our legitimate interest in answering any follow-up questions regarding the application and, if necessary, fulfilling our obligations under the regulations on equal treatment of applicants.

In the event of a successful application, the data provided will be processed on the basis of Art. 6 (1) (b) GDPR (when processed in Germany in conjunction with Section 26 (1) BDSG) for the purpose of carrying out the employment relationship.

10) Tools and Other

Cookie-Consent-Tool

This website uses a so-called "cookie consent tool" to obtain effective user consent for cookies and cookie-based applications that require consent. The "cookie consent tool" is displayed to users when they visit the page in the form of an interactive user interface, where consent for specific cookies and/or cookie-based applications can be given by checking the boxes. By using the tool, all cookies/services that require consent are only loaded if the respective user gives their consent by checking the corresponding boxes. This ensures that such cookies are only placed on the user's device if consent has been given.

The tool uses technically necessary cookies to save your cookie preferences. Personal user data is generally not processed.

If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning or logging cookie settings, this is done in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website.

A further legal basis for processing is Art. 6 (1) (c) GDPR. As the controller, we are legally obliged to make the use of technically unnecessary cookies dependent on the respective user's consent.

Where necessary, we have concluded a data processing agreement with the provider, which ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

Further information about the operator and the setting options of the cookie consent tool can be found directly in the corresponding user interface on our website.

11) Rights of the data subject

11.1 The applicable data protection law grants you the following data subject rights (rights of information and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the legal basis stated for the respective conditions for exercising these rights:

Right to information pursuant to Art. 15 GDPR;
Right to rectification pursuant to Art. 16 GDPR;
Right to erasure pursuant to Art. 17 GDPR;
Right to restriction of processing pursuant to Art. 18 GDPR;
Right to information pursuant to Art. 19 GDPR;
Right to data portability pursuant to Art. 20 GDPR;
Right to revoke consent given in accordance with Art. 7 (3) GDPR;
Right to lodge a complaint pursuant to Art. 77 GDPR.

11.2 RIGHT OF OBJECTION

IF WE PROCESS YOUR PERSONAL DATA BASED ON OUR OVERRIDING LEGITIMATE INTEREST AS PART OF A BALANCE OF INTERESTS, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME WITH FUTURE EFFECT FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION.

If you exercise your right to object, we will stop processing the data in question. However, we reserve the right to continue processing if we can demonstrate compelling legitimate grounds for the processing that override your interests, fundamental rights, and freedoms, or if the processing serves to assert, exercise, or defend legal claims.

If we process your personal data for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing purposes. You can exercise your right of objection as described above.

IF YOU EXERCISE YOUR RIGHT OF OBJECTION, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

12) Duration of storage of personal data

The duration of storage of personal data is determined by the respective legal basis, the purpose of the processing and – where applicable – also by the respective statutory retention period (e.g. retention periods under commercial and tax law).

When processing personal data on the basis of an express consent in accordance with Art. 6 (1) (a) GDPR, the data concerned will be stored until you revoke your consent.

If there are statutory retention periods for data that are processed within the framework of legal transactions or obligations similar to legal transactions on the basis of Art. 6 (1) (b) GDPR, these data will be routinely deleted after the retention periods have expired, provided that they are no longer required to fulfil or initiate a contract and/or we no longer have a legitimate interest in continuing to store them.

When processing personal data on the basis of Art. 6 (1) (f) GDPR, these data will be stored until you exercise your right of objection in accordance with Art. 21 (1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

When processing personal data for the purpose of direct advertising on the basis of Art. 6 (1) (f) GDPR, these data will be stored until you exercise your right of objection in accordance with Art. 21 (2) GDPR.

Unless otherwise stated in the other information in this statement on specific processing situations, stored personal data will be deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.

‍

Website by

Max Dreyer