Privacy Policy at OECHSLER AG

We are pleased that you are interested in our company and our products and services and would like you to feel secure when visiting our website with regard to the protection of your data. Because we take this very seriously. It goes without saying that we comply with the provisions of the European General Data Protection Regulation (GDPR), the German Federal Data Protection Act („Bundesdatenschutzgesetz“ – BDSG) and the Telecommunications Telemedia Data Protection Act („Telekommunikation-Telemedien-Datenschutz-Gesetz“ – TTDSG).

As part of our information obligations, we would like to make this privacy statement as transparent as possible. To this end, we set out below the purpose limitation of the processing of your data, the use of cookies, tracking/analysis tools, social media and other third-party services and inform you about your rights.

If, despite the following data protection information, any questions regarding the handling of your personal data remain unanswered, you are welcome to contact us or our data protection officer (see below for contact details).

1. Responsible entity

The

OECHSLER AG
Matthias-Oechsler-Straße 9
91522 Ansbach
Germany
Phone: +49 981 1807-0
Fax: +49 981 1807-2220
E-mail: datenschutz@oechsler.com

as the operator of this website (https://www.oechsler.com/), is the responsible body (controller) within the meaning of the GDPR, which alone or jointly with others determines the purposes and means of the processing of personal data, hereinafter "data".

2. Definitions

To ensure that our data protection declaration is easy for you to read and understand, we will explain the terms used in advance.

"Personal data" is, according to Article 4 No. 1 GDPR, any information relating to an identified or identifiable natural person (data subject). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier (such as name, address, telephone number, e-mail address, IP address, location data or specific characteristics such as the genetic, economic and social identity of that natural person).

According to Article 4 No. 2 GDPR, "processing" means any operation or set of operations which is performed upon data, whether or not by automatic means. This includes, in particular, collection, recording, organization, classification, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or making available, alignment, combination, restriction, erasure or destruction.

According to Article 4 No. 11 GDPR, "consent" of the data subject means any freely given, specific, informed and unambiguous indication of his or her wishes in the form of a statement or other unambiguous affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.

According to Article 4 No. 8 GDPR, a "processor" is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.

According to Paragraph 2 (2) No. 6 TTDSG, a "terminal device" is any device connected directly or indirectly to the interface of a public telecommunications network for sending, processing or receiving messages (for example, a desktop PC, a cell phone or a tablet PC).

With regard to the other data protection terms used, we refer to the definitions of Article 4 GDPR.

3. Scope of the processing of personal data

In principle, it is not necessary for you to provide data in order to use our website. In certain cases, however, we need your name and address as well as other information so that we can provide the requested services.

The same applies, for example, to the sending of information material and ordered goods or to answering individual questions. Where this is necessary, we will inform you accordingly. In addition, we only process data that you provide to us voluntarily and, where applicable, data that we automatically collect when you visit our website.

If you make use of services, we generally only collect data that we need to provide the services. If we ask you for further data, it is voluntary information.

4. Purpose limitation of the processing of personal data

We process the data you provide in accordance with the principles of data economy and purpose limitation (Article 5 (1) (b) and (c) GDPR). The purpose limitation principle means that data is collected for specified, explicit and legitimate purposes and may not be further processed in a manner incompatible with those purposes. Further processing for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes is not considered incompatible with the original purposes.

In principle, we process your data for the purpose of answering your inquiries, processing your orders or providing you with access to certain information or offers. In order to maintain customer relations, it may also be necessary for us or a third party commissioned by us to use this data to inform you about product offers or to conduct online surveys to better meet the tasks and requirements of our customers.

We will process the data you provide online only for the purposes disclosed to you.

5. Legal bases for the processing of personal data

In principle, any processing of personal data is prohibited by law (Article 5 (1) (a) GDPR in conjunction with Article 6 (1) (1) GDPR, so-called legal prohibition with reservation of permission). Data processing is only permitted if it falls under one of the following permissions:

Insofar as we obtain your consent for data processing operations, the consent pursuant to Article 6 (1) (1) (a) GDPR constitutes the legal basis for the processing of your data. In the case of special categories of personal data within the meaning of Article 9 (1) GDPR (for example, health data), Article 9 (2) (a) GDPR is also the relevant legal provision.

When processing data that are necessary for the fulfillment of the requested service, we refer to Article 6 (1) (1) (b) GDPR as the legal basis.

Insofar as data processing is necessary for the fulfillment of a legal obligation to which our company is subject, Article 6 (1) (1) (c) GDPR serves as the legal basis.

If the processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Article 6 (1) (1) (f) GDPR forms the legal basis for the processing.

In the further course of our data protection declaration, we list the relevant legal basis for each individual data processing operation. The processing may also be based on several legal bases.

6. Legal bases for storing information in the end user's terminal equipment or accessing information already stored in the terminal equipment

The storage of information in the end user's terminal equipment or access to information already stored in the terminal equipment is only permitted if it is covered by one of the following permissions:

  • Paragraph 25 (1) TTDSG: If the end user has consented on the basis of clear and comprehensive information.
  • Paragraph 25 (2) No. 1 TTDSG: If the sole purpose is to carry out the transmission of a message via a public telecommunications network.
  • Paragraph 25 (2) No. 2 TTDSG: If the storage or access is absolutely necessary so that the provider of a telemedia service can provide a telemedia service expressly requested by the user.

In the further course of our data protection declaration, we list - where necessary - the relevant legal basis in each case.

7. Data deletion and storage period

Unless a more specific retention period is listed in our Privacy Policy, it is determined by the following rules:

We only store your data until the purpose has been fulfilled and no other legal storage obligations exist (for example, storage obligations under commercial or tax law).

If you have given us your consent, we will store your data until you revoke your consent, provided there is no other legal basis for processing your data and no legal retention periods prevent deletion.

In addition, in individual cases, for example for evidentiary purposes, longer storage may be indicated for the defense or enforcement of civil or public law claims.

8. Disclosure of data to third parties

Your data will only be passed on to third parties in exceptional cases,

  • to external service providers acting on our behalf (order processors) if this is necessary for the purpose of implementing the contractual relationship,
  • to companies affiliated with us, insofar as this is necessary for the fulfillment of contractual obligations,
  • to state institutions and authorities if we are legally obliged to do so or
  • if you consent to this.

We conclude the corresponding agreements on commissioned processing with the commissioned processors on the basis of Article 28 GDPR. The service companies commissioned by us are obliged to maintain confidentiality and to comply with the provisions of the GDPR and the BDSG. The data passed on may only be used by our service providers to fulfill their task. Any other use of the information is not permitted and does not take place with any of the service processors entrusted by us.

The transmission and further processing of data to institutions and authorities entitled to receive information will only take place within the framework of the relevant laws or if we are obliged to do so by a court decision.

Beyond this, we do not pass on any data to third parties unless you have expressly consented to this.

Of course, we will respect your wishes if you do not want to provide us with your data to support our customer relationship (especially for direct marketing or market research purposes). We will neither sell your data to third parties nor market it in any other way unless you have given us your consent to do so.

9. Data transfers to a third country

If, in the course of using third-party services, data is disclosed or transferred to third parties in a third country, i.e. outside the European Union or the European Economic Area, and data is further processed, this will only be done on the basis of your consent, a legal obligation, our legitimate interests or if it is necessary for the fulfillment of our (pre-)contractual obligations. Subject to legal or contractual permissions, we will only process data or have data processed in a third country if the special requirements of Article 44 et seq. GDPR are met. This means, for example, that the processing is carried out on the basis of special guarantees, such as the officially recognized determination of a level of data protection corresponding to the European Union or compliance with officially recognized special contractual obligations (for example, standard contractual clauses for the transfer of personal data to third countries, so-called "EU standard contractual clauses" or "standard contractual clauses - SCC"). Where applicable, a transfer of personal data to third countries or to international organizations will exceptionally take place based on your explicit consent pursuant to Article 49 (1) (1) (a) GDPR. If this is the case, we will point this out to you once again in our data protection declaration - explaining the existing possible risks of such data transfers.

10. Data collected automatically when you visit our website

When using our website, the following data may be automatically processed in so-called server log files (log files) for organizational and technical reasons:

  • the names of the visited Internet pages,
  • the sub-websites that are accessed via an accessing system on our website,
  • the website from which an accessing system arrives at our website (so-called referrer),
  • the browser you use (type and version),
  • the operating system you are using,
  • the date and time of access to the website,
  • the search engines used,
  • the names of downloaded files,
  • the Internet Protocol (IP) address and
  • the Internet service provider of the accessing system
  • other similar data and information that serve the defense against dangers in the event of attacks on our information technology systems.

When processing this data, we do not draw any conclusions about the data subject. Rather, the information serves the purpose,

  • to deliver the website content in a technically correct manner,
  • to optimize the website content as well as the advertising for it,
  • to ensure the long-term functionality of our information technology systems and the technology of our website, and
  • Provide law enforcement authorities with the information necessary for prosecution (for example, in the event of a cyberattack).

The data and information collected are therefore only evaluated statistically and with the aim of increasing data protection and data security, in order to ultimately ensure an optimal level of protection. The data and information of the server log files are also stored separately from any data provided by a data subject.

Our overriding legitimate interests according to Article 6 (1) (1) (f) GDPR form the legal basis for the collection and evaluation of the server log files. Our interest as the operator of this website to collect them for the

reasons mentioned above outweighs your interest in not collecting the data. The decisive factor for this balancing result is that logging promotes technical data protection and the intrusion resulting from its use is of low intensity. Furthermore, the data is collected for the purpose of fulfilling contracts with our potential and existing customers. The legal basis for this is Article 6 (1) (1) (b) GDPR.

11. Web hosting

Our website is hosted by an external service provider (so-called web hoster or hosting provider).

Our hosting provider for this website is:

Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
Germany

Therefore, the data collected when visiting our website is stored on the servers of the hosting provider. This is mainly data that is automatically collected when visiting the website (see above). Our hosting provider will only process the data to the extent necessary to fulfill its service obligations. This provider is subject to our instructions regarding the provision of its services. To ensure the rights and obligations under data protection law, a contract on commissioned processing in accordance with Article 28 GDPR has been concluded with this provider.

We use the hosting provider to offer you our website. Through this, we guarantee you a safe and fast online offer through a professional service provider. Namely, the hosting provider has the necessary resources and expertise.

Our overriding legitimate interests pursuant to Article 6 (1) (1) (f) GDPR form the legal basis for the use of the hosting provider. Our interest as the operator of this website in using a web hoster for the reasons stated above outweighs your interest in not using one. The decisive factor for this balancing result is that this promotes technical data protection and the intrusion resulting from its use is of low intensity. Furthermore, the use of a hosting provider is for the purpose of fulfilling contracts with our potential and existing customers. The legal basis for this is Article 6 (1) (1) (b) GDPR.

12. Cookies

12.1 General

When you visit our website, we may store information on your terminal equipment in the form of a cookie. Cookies are small text files that are sent from a web server to your browser and stored on the data carrier of your terminal equipment.

Some cookies are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your terminal equipment and allow your browser to be recognized the next time you visit (so-called permanent cookies or persistent cookies). Permanent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. However, you can also delete them yourself or have them deleted automatically by your browser.

If cookies are set, they process certain user information such as browser and location data as well as IP address values to an individual extent. The purpose and functionality of the individual cookies varies, which is why these contents may be shown to you again separately in our privacy policy.

The cookies we use do not usually store any of the user's personal data other than the IP address. This information is used to automatically recognize you the next time you visit our website and to facilitate navigation.

Cookies from third parties (so-called third-party cookies) may also be stored on your terminal device when you visit our website. These enable you or us to use a certain service of the third party.

Of course, you can also view our website without cookies. If you do not want us to recognize your terminal device, for example, you can prevent cookies from being stored on your data carrier by activating the "do not accept cookies" function in your browser settings. Please refer to the operating instructions of your browser manufacturer for details on how this works. If you do not accept cookies, however, this may lead to functional restrictions of our offers.

Cookies that are necessary for the technically error-free and optimized provision of our services (so-called "technically necessary cookies" such as for a shopping cart function or a real-time chat) are stored on your terminal device on the basis of Paragraph 25 (2) No. 2 TTDSG. Consent on your part is not required for this. Any subsequent data processing, on the other hand, is based on Article 6 (1) (1) GDPR. As a rule, we have an overriding legitimate interest in processing the information of the technically necessary cookies in order to provide you with our website in an error-free and optimized manner (Article 6 (1) (1) (f) GDPR). Depending on the cookie use, however, other legal bases may also be relevant, which is why we may present these to you separately for each cookie used in our privacy policy. In the case of technically unnecessary cookies (so-called "optional cookies"), access to your terminal equipment only takes place if you have given us your consent in accordance with Paragraph 25 (1) TTDSG. The subsequent data processing, if any, is also based on your consent pursuant to Article 6 (1) (1) (a) GDPR.

If we use third-party or optional cookies on our website, we will inform you about this in the further course of our data protection declaration.

You can also find detailed information on the cookies used (function, storage period, access options for third parties, etc.) at from our consent management tool ("Cookiebot").

You can adjust the cookie settings at any time and revoke any consent you have already given for the future.

12.2 Cookiebot

We use the consent management tool "Cookiebot" on our website.

The consent management tool "Cookiebot" is operated by Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (https://www.cookiebot.com/de/).

"Cookiebot" enables us to display a notice about the use of cookies (so-called "cookie banner") and to integrate cookies in a data protection-compliant manner via opt-in. This means that technically unnecessary cookies will only be set and any associated data will only be processed if you as a website visitor give us your consent (Paragraph 25 (1) TTDSG and Article 6 (1) (1) (a) GDPR). For this purpose, you will be asked in a cookie banner when you call up our website to select which cookies and services may be used.

"Cookiebot" uses technically necessary cookies ("CookieConsent") to store your consents, which you have given when visiting our website. According to Paragraph 25 (2) No. 2 TTDSG, no consent is required from you for accessing your terminal equipment. The subsequent data processing is necessary to fulfill a legal obligation. The legal basis for this is Article 6 (1) (1) (c) GDPR. This is because according to Article 5 (2) GDPR, we as the controller must demonstrate compliance with the principles of data processing (Article 5 (1) GDPR), in particular the principle of lawfulness of data processing (Article 5 (1) (a) GDPR). If we fail to comply with this legal obligation, this could be legally disadvantageous for us (such as the imposition of a fine, Article 83 GDPR). The collected data will be stored until you request us to delete it or until you delete the cookie "CookieConsent" yourself or until the purpose for storing the data no longer applies. This data will not be passed on to the provider of "Cookiebot". Mandatory legal retention periods remain unaffected.

Detailed information on the cookie used (function, storage period, access options for third parties, etc.) can be found at in our consent management tool ("Cookiebot").

For more information about the consent management tool "Cookiebot", please visit https://www.cookiebot.com/de/p....

change preferences

13. Analysis and tracking tools

13.1 General

When visiting our website, your usage behavior can also be statistically evaluated. This is done primarily with cookies and with so-called analysis programs. The analysis of your usage behavior is usually anonymous; the usage behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You can find detailed information on this below:

13.2 Google Tag Manager

We use the organization tool "Google Tag Manager" on our website.

The "Google Tag Manager" is operated by Google LLC ("Google"), 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States of America, or if the service is provided in the European Union, by Google Ireland Limited, Google Building, Gordon House, Barrow Street, Dublin 4, Ireland (https://tagmanager.google.com/).

The "Google Tag Manager" allows us to integrate various codes and services on our website in an orderly and simplified manner. The "Google Tag Manager" implements the so-called tags or triggers the embedded tags. Tags are small sections of code that, for example, record your activities on our website. You can find more details about the individual tags and how they work in our privacy policy. By using the "Google Tag Manager", we pursue the purpose of being able to carry out a simplified and clear integration of various services. Furthermore, the integration of the "Google Tag Manager" optimizes the loading times of the various services.

When a tag is triggered, Google may process data and information via the "Google Tag Manager". In particular, the following data is processed:

  • Online identifiers (including cookie identifiers)
  • IP address

The information generated by this about your website usage is transmitted to Google servers, which are distributed worldwide (https://www.google.com/about/d...). A large part of the servers are located in the United States of America, which is why your data is also stored there. In the event that personal data is transferred to Google LLC, which is based in the United States of America, Google LLC has taken appropriate measures (such as concluding EU standard contractual clauses), which generally ensure compliance with the level of data protection applicable in the European Union. More detailed information can be found in the Google Ads Controller Data Protection Terms (https://business.safety.google...). However, it cannot be ruled out that US authorities will access the data stored by Google. The United States of America is currently considered a third country from a data protection perspective. You do not have the same rights there as within the European Union. You may not have any legal remedies against access by authorities.

The data is stored only as long as necessary for the intended purpose or as required by law.

If a corresponding consent to activate the service has been requested and granted, the processing of the data is based on your consent pursuant to Article 6 (1) (1) (a) GDPR. With your consent to use this service, you also consent to any data transfer to Google in a third country in accordance with Article 49 (1) (1) (a) GDPR. You can revoke your consent at any time with effect for the future by clicking on Cookie Settings and unchecking "Google Tag Manager". An opt-out cookie will then be set, which prevents the collection of your data during future visits to this website. The provision of personal data is not required by law or contract, nor is it necessary for the conclusion of a contract. You are also not obliged to provide your data. However, we would like to point out that the deactivation or non-provision may result in you not being able to use our website or not being able to use it to its full extent.

For more information about the "Google Tag Manager" service, see:

Furthermore, you can also contact the Google contact person at https://support.google.com/pol... regarding the service.

13.3 Google Analytics

We use the web analytics service "Google Analytics" on our website.

The web analytics service "Google Analytics" is operated by Google LLC ("Google"), 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States of America, or if the service is provided in the European Union, by Google Ireland Limited, Google Building, Gordon House, Barrow Street, Dublin 4, Ireland (https://analytics.google.com/a...).

"Google Analytics" is used by us primarily for analysis and marketing purposes. The reports generated by "Google Analytics" enable us to optimize our virtual presence. The statistical data show us the strengths and weaknesses of our website. We want you to feel comfortable on our website and therefore provide you only with the web content you want. Furthermore, we would like to use our financial means in a targeted manner in order to be able to offer our services to you at the best possible price.

"Google Analytics" is a tracking tool used for traffic analysis of our website. For this purpose, a tracking code is integrated into the source code of our website. When you visit our website, this tracking code records your actions on our website. As soon as you leave our website, this data is sent to the servers of "Google Analytics" and stored there. This data is then processed by Google and provided to us as reports about your user behavior. Among other things, the generation of the following reports is technically possible:

  • Acquisition reports (How can we reach more people?).
  • Ad reports (How successful is our online advertising?)
  • Conversion reports (How successful are individual marketing measures?)
  • Real-time reports (What is happening on our website right now?)
  • Behavioral reports (How are people interacting with our website?)
  • Target group reports (Who is interested in us?)

By using the tracking code, which is linked to a cookie, "Google Analytics" is enabled to perform an analysis of your website usage. For this purpose, a random but unique user ID is created. This is used to distinguish individual website visitors and to evaluate pseudonymous user profiles. Among other things, the following data is recorded during your visit to the website:

  • Pages viewed
  • Date and time of your visit
  • Orders including the turnover and the ordered products
  • The achievement of "website goals" (for example, contact requests)
  • Your behavior on the pages (for example, click path, scrolling behavior, and dwell time).
  • Your approximate location (country and city).
  • Your IP address (in shortened form, so that no clear assignment is possible)
  • Technical information such as browser, ISP, terminal equipment and screen resolution
  • Source of origin of your visit (i.e. via which website or advertising medium you came to us)

In particular, the following cookies from "Google Analytics" are used for this purpose.

  • Cookie name: _ga
    • Purpose: The JavaScript "analytics.js" uses the cookie "_ga" by default to store the user ID. This is basically used to distinguish between individual website visitors.
    • Storage period: 2 years
  • Cookie name: _gat
    • Purpose: The cookie is used to lower the request rate.
    • Storage time: 1 minute
  • Cookie name: _gid
    • Purpose: The cookie is also used to distinguish individual website visitors.
    • Storage duration: 1 day

This list is not exhaustive and may be changed at any time due to technical changes on the part of Google, over which we have no control.

Detailed information on the cookies used (function, storage period, access options of third parties, etc.) can be found at in our consent management tool ("Cookiebot") .
The information generated by this about your website usage is transmitted to Google servers, which are distributed worldwide (https://www.google.com/about/d...). A large part of the servers are located in the United States of America, which is why your data is also stored there. In the event that IP anonymization is activated on this website, however, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area (so-called IP masking). Only in exceptional cases will the full IP address be transmitted to a Google server in the United States of America and shortened there. IP anonymization is active on this website. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. In the event that personal data is transferred to Google LLC, which is based in the United States of America, Google LLC has taken appropriate measures (such as concluding EU standard contractual clauses), which fundamentally ensure compliance with the level of data protection applicable in the European Union. More detailed information can be found in the Google Ads Controller Data Protection Terms (https://business.safety.google...). However, it cannot be ruled out that US authorities will access the data stored by Google. The United States of America is currently considered a third country from a data protection perspective. You do not have the same rights there as within the European Union. You may not have any legal remedies against access by authorities.
The IP address transmitted by your browser as part of "Google Analytics" is not merged with other data from Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. Furthermore, you can object to the collection of the data generated by the cookie and related to your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available at http://tools.google.com/dlpage/gaoptout?hl=de.
If you have given your consent to the setting or storage of cookies and to the activation of the service, access to your terminal equipment and the subsequent processing of the data will be based on your consent pursuant to Paragraph 25 (1) TTDSG in conjunction with Article 6 (1) (1) (a) GDPR. With your consent to the use of this service, you also consent to any data transfer to Google in a third country in accordance with Article 49 (1) (1) (a) GDPR. You can revoke your consent at any time with effect for the future, by clicking on Cookie Settings and unchecking "Google Analytics". An opt-out cookie will then be set, which prevents the collection of your data during future visits to this website.
We would like to point out at this point that by using the service, "Google Fonts" (fonts) may be reloaded and a connection to Google's servers is automatically established for this purpose. "Google Fonts" is a collection of fonts for commercial and personal use. Through "Google Fonts" fonts are made available, which visually improve the service called. In the process, the following data is transmitted to Google:

  • IP address
  • Aggregated usage figures
  • Font request
  • Referrer URL
  • CSS requests
  • User Agent
  • Browser information

From a technical point of view, we cannot prevent this - despite the possible local integration of Google Fonts. If you have therefore consented to the use of this service, this consent also expressly extends to the use of "Google Fonts".

For more information about the web analytics service "Google Analytics", see:

Furthermore, you can also contact the Google contact person at https://support.google.com/pol... regarding the service.

13.4 Google reCAPTCHA (v2)

We use the CAPTCHA service "Google reCAPTCHA" on our website.

The CAPTCHA service "Google reCAPTCHA" is operated by Google LLC ("Google"), 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States of America, or if the service is provided in the European Union, by Google Ireland Limited, Google Building, Gordon House, Barrow Street, Dublin 4, Ireland (https://developers.google.com/...).

The word CAPTCHA represents an abbreviation and stands for "completely automated public Turing test to tell computers and humans apart". A CAPTCHA is used on our part to determine whether a human or a machine (in particular a bot) is interacting with our website. "Google reCAPTCHA" is therefore used by us, for example, to protect our contact form from misuse. In this way, we want to provide you with the assurance that our website is protected against particular cyber dangers.

"Google reCAPTCHA" is thereby integrated directly into the source code of the website via a JavaScript code. With the version we use, you basically only have to tick a box "I am not a robot" and no longer have to perform any required actions. "Google reCAPTCHA" checks whether the website visitor is human based on the interaction in the background. For this purpose, "Google reCAPTCHA" performs a probability calculation. In order to perform the calculation, however, some data and information is required. For this purpose, the following data is collected:

  • IP address
  • Referrer URL
  • Operating system
  • Cookies if applicable
  • Mouse movements/keyboard strokes
  • Dwell time
  • Device settings (for example, date, language settings, browser information, screen resolution, or location).
  • Restricted location and usage data

For this purpose, "Google reCAPTCHA" largely accesses already existing cookies. For example on:

  • Cookie name: IDE
  • Cookie name: 1P_JAR
  • Cookie name: ANID
  • Cookie name: CONSENT
  • Cookie name: NID
  • Cookie name: DV

This list is not exhaustive and may be changed at any time due to technical changes on the part of Google, over which we have no control. If "Google reCAPTCHA" does not classify you as a human, you will also be confronted with an image or sound recognition task.

Detailed information on the cookies used (function, storage period, access options of third parties, etc.) can be found at in our consent management tool ("Cookiebot").
The information generated by this about your website usage is transmitted to Google servers, which are distributed worldwide (https://www.google.com/about/d...). A large part of the servers are located in the United States of America, which is why your data is also stored there. In the event that personal data is transferred to Google LLC, which is based in the United States of America, Google LLC has taken appropriate measures (such as concluding EU standard contractual clauses), which generally ensure compliance with the level of data protection applicable in the European Union. More detailed information can be found in the Google Ads Controller Data Protection Terms (https://business.safety.google...). However, it cannot be ruled out that US authorities will access the data stored by Google. The United States of America is currently considered a third country from a data protection perspective. You do not have the same rights there as within the European Union. You may not have any legal remedies against access by authorities.
If you have given your consent to the setting or storage of cookies and to the activation of the service, access to your terminal equipment and the subsequent processing of the data will be based on your consent pursuant to Paragraph 25 (1) TTDSG in conjunction with Article 6 (1) (1) (a) GDPR. With your consent to the use of this service, you also consent to any data transfer to Google in a third country in accordance with Article 49 (1) (1) (a) GDPR. You can revoke your consent at any time with effect for the future by closing our website and calling it up again.

We would like to point out at this point that by using the service, "Google Fonts" (fonts) may be reloaded and a connection to Google's servers is automatically established for this purpose. "Google Fonts" is a collection of fonts for commercial and personal use. Through "Google Fonts" fonts are made available, which visually improve the service called. In the process, the following data is transmitted to Google:

  • IP address
  • Aggregated usage figures
  • Font request
  • Referrer URL
  • CSS requests
  • User Agent
  • Browser information

From a technical point of view, we cannot prevent this - despite the possible local integration of Google Fonts. If you have therefore consented to the use of this service, this consent also expressly extends to the use of "Google Fonts".

For more information about the CAPTCHA service "Google reCAPTCHA", see:

Furthermore, you can also contact the Google contact person at https://support.google.com/pol... regarding the service.

13.5 Google Ads

We use the "Google Ads" service on our website.

"Google Ads" is operated by Google LLC ("Google"), 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States of America, or if the Service is provided in the European Union, by Google Ireland Limited, Google Building, Gordon House, Barrow Street, Dublin 4, Ireland (https://ads.google.com).

This service enables us to draw attention to our attractive offers with the help of advertising media (so-called "Google Ads") within the Google advertising network.

We use "Google Ads" for marketing and optimization purposes, in particular to serve ads that are relevant and interesting to you, to improve campaign performance reports and to achieve a fair calculation of advertising costs.

We ourselves do not collect and process any personal data during the advertising measures. We only receive statistical evaluations from Google. Based on these evaluations, we can see which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising media; in particular, we cannot identify users on the basis of this information.

We and Google are considered independent data controllers with respect to the "Google Ads" service. In this respect, each party individually determines the purposes and means for the processing of personal data and complies with the requirements of data protection law. More detailed information can be found in the Google Ads Controller Data Protection Terms (https://business.safety.google...).

In the event that personal data is transferred to Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043), which is based in the United States of America (USA), Google LLC has taken appropriate measures (such as concluding EU standard contractual clauses), which generally ensure compliance with the level of data protection applicable in the European Union. However, it cannot be ruled out that US authorities will access the data stored by Google. The United States of America is currently considered a third country from a data protection perspective. You do not have the same rights there as within the European Union/European Economic Area. You may not have any legal remedies against access by authorities.

If a corresponding consent to the setting or storage of cookies was requested and granted, the processing is carried out exclusively on the basis of Paragraph 25 (1) TTDSG in conjunction with Article 6 (1) (1) (a) GDPR. With your consent to the use of this service, you also consent to any data transfer to Google in a third country in accordance with Article 49 (1) (1) (a) GDPR. You can revoke your consent at any time with effect for the future by clicking on Cookie Settings and unchecking "Google Ads". An opt-out cookie will then be set, which prevents the collection of your data during future visits to this website.

You can prevent the installation of cookies by deleting existing cookies and deactivating a storage of cookies in the settings of your browser. We would like to point out that in this case you may not be able to use all functions of our website to their full extent. Preventing the storage of cookies is also possible by setting your browser to block cookies from the domain "www.googleadservices.com". In addition, you can deactivate interest-based ads via the link http://optout.aboutads.info. This setting will be removed when you delete your cookies. Detailed information on the cookies used (function, storage period, access options of third parties, etc.) can be found at in our consent management tool ("Cookiebot").

Further information on data use by Google, on setting and objection options, and on data protection can be found on the following Google web pages:

In connection with the "Google Ads" service, we use the following functions:

13.5.1 Google Ads Conversion Tracking

In order to measure the success of our advertising campaigns and to achieve a fair calculation of advertising costs, we use conversion tracking as part of "Google Ads". In particular, we pursue the goal of making our website more attractive and displaying advertising that is of interest to you.

With conversion tracking, Google sets a cookie when a user calls up an ad placed by Google. If the user visits certain pages of this website, we and Google can recognize that the user has called up the ad and was redirected to this page. The following data is processed in the process:

  • IP address
  • Browser and device information (for example, the operating system)
  • the referrer URL
  • the timestamp of the visit, the cookie ID
  • general usage data, such as the ads clicked on, as well as the web request

The information collected through this is used to create conversion statistics. This tells us the total number of users who have viewed our ads and been redirected to our website, as well as performed certain actions on our website. However, we do not receive any information that can be used to personally identify users. The cookie lifetime is 30 days by default. The data is deleted as soon as it is no longer needed for processing purposes. Furthermore, we store a Google Click ID. This is parameter that is passed in the URL when a Google ad is called up. The Google Click ID records information about the called advertising medium, such as source, medium, campaign, ad group, search term and search term option. Using this information, we can determine which visitor to our website came from which ad. This allows us to evaluate the success of our ad placement. The Google Click ID is stored in a separate cookie, called gclid. The storage period is 90 days.

The data is deleted as soon as it is no longer needed for processing purposes. Detailed information on the cookies used (functionality, storage period, third-party access options, etc.) can be found at in our consent management tool ("Cookiebot").

For more information about Google's privacy policy, please visit https://policies.google.com/pr....

13.5.2 Google Ads Remarketing

With the "Google Ads" remarketing function, we can target users within the Google advertising network who have already interacted with our website. We operate both standard remarketing, in which you are shown non-personalized, i.e. standardized, advertising, and dynamic remarketing. In dynamic remarketing, we evaluate the user behavior of website visitors in order to be able to display personalized advertising to you on subsequently accessed pages within the Google advertising network. For these purposes, Google sets cookies in the browser of your terminal device, which automatically enables interest-based advertising by means of a pseudonymous cookie ID and based on the pages you visit. The following data is processed in the process:

  • The IP address
  • Browser and device information (for example, the operating system)
  • the referrer URL
  • the timestamp of the visit
  • the cookie ID
  • the web request
  • general usage data, such as the pages visited

The collected data is stored for up to 18 months. Detailed information on the cookies used (function, storage period, access options for third parties, etc.) can be found at in our consent management tool ("Cookiebot").

Additional data processing only takes place if you have consented to Google linking your internet and app browsing history to your Google account and using information from your Google account to personalize ads you view on the internet. In this case, if you are logged in to Google while visiting our website, Google uses your data (possibly together with Google Analytics data) to create and define target group lists for cross-device remarketing.

For more information, please visit https://policies.google.com/te....

13.6 LinkedIn Insight Tag

With your consent, we use the "LinkedIn Insight Tag" of the social network LinkedIn on our website. The "LinkedIn Insight Tag" is an analysis and tracking tool.

LinkedIn is operated by LinkedIn Corporation, 1000 West Maude Avenue Sunnyvale, California 94085, United States of America or, if the Service is provided in the European Union, by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (https://business.linkedin.com/...).

Through the use of the "LinkedIn Insight Tag", it is possible for the LinkedIn Corporation to determine the visitors to our online offer as a target group for the display of advertisements (so-called "LinkedIn Ads") (retargeting). Accordingly, with the use of the "LinkedIn Insight Tag" we pursue the purpose of displaying the LinkedIn Ads we have placed only to those LinkedIn users who have also shown an interest in our online offer or who have certain characteristics (for example, interest in certain topics or products determined on the basis of the web pages visited), which we transmit to the LinkedIn Corporation (so-called "Custom Audiences"). In this way, we also want to ensure that our LinkedIn ads correspond to the potential interest of the users and do not have a harassing effect. For this purpose, we can analyze, among other things, the key professional data (for example, job title, industry, location, company size, career level) of our website visitors. Using the "conversion" tool of "LinkedIn Insight Tag", we can also track your actions (for example, placing an order) after you have seen or accessed a LinkedIn ad. Conversion measurement can also be done across devices. This is used to monitor and analyze the effectiveness of our LinkedIn ads in particular for statistical and market research purposes. The collected data is anonymous for us as the operator of this website, we cannot draw any conclusions about the identity of the users. In this respect, the LinkedIn Corporation does not share any personal data with us, but only provides summarized reports on the website target group and ad performance.

The "LinkedIn Insight Tag" is a JavaScript code that is embedded on our website. Through the "LinkedIn Insight Tag", your web browser automatically establishes a direct connection with the servers of the LinkedIn Corporation. The LinkedIn Corporation itself creates so-called log files with the following content:

  • URL
  • Referrer URL
  • IP address
  • Device and browser properties
  • Time of access

The IP addresses are shortened or (if they are used to reach LinkedIn users across devices) hashed (pseudonymized). In the process, the "LinkedIn Insight Tag" also sets a cookie in the user's web browser. The data is anonymized within seven days and the anonymized data is in turn deleted within 90 days.

This may also result in a transmission to the servers of LinkedIn Corporation in the United States of America. We have no influence on this. LinkedIn Corporation uses standard contractual clauses approved by the European Commission and relies on adequacy decisions regarding certain countries to legitimize data transfers from the European Economic Area to the United States of America or other third countries. Details on this can be found at https://www.linkedin.com/legal... and https://www.linkedin.com/legal.... However, it cannot be ruled out that US authorities in particular will access the data stored by LinkedIn Corporation. The United States of America is currently considered a third country from a data protection perspective. You do not have the same rights there as within the European Union/European Economic Area. If applicable, you are not entitled to legal remedies against access by authorities. With your consent to the use of the "LinkedIn Insight Tag", you also expressly agree to a possible transfer of your data to a third country - such as the United States of America (Article 49 (1) (1) (a) GDPR).

We have no influence on the scope and further use of the data collected by the LinkedIn Corporation through the use of this service. To the best of our knowledge, the integration of the "LinkedIn Insight Tag" provides the LinkedIn Corporation with the information that you have clicked on one of our ads or accessed the corresponding web page of our website (including your IP address). If you are registered with a service of the LinkedIn Corporation, the LinkedIn Corporation can assign the visit to your user account. The LinkedIn Corporation may use this information for the purpose of advertising, market research and demand-oriented design of the LinkedIn pages. For this purpose, LinkedIn Corporation and its partners create usage, interest and relationship profiles, for example, to evaluate your use of our website with regard to the advertisements displayed to you on LinkedIn, to inform other LinkedIn users about your activities on our website and to provide other services associated with the use of LinkedIn. Cookies may also be stored on your terminal equipment for this purpose. Even if you are not registered with LinkedIn, or have not logged in, it is possible that the provider will learn and store your IP address and other identifiers. To avoid a link between data collected on our website by LinkedIn Corporation and your LinkedIn user account, you must log out of your LinkedIn user account before visiting our website.

Provided you are registered with LinkedIn, you can set which types of advertisements are displayed to you within LinkedIn by visiting the page set up by LinkedIn and following the instructions there on the settings for usage-based advertising: https://www.linkedin.com/psett.... The settings are platform-independent, which means they are applied to all end devices, such as desktop computers or mobile devices.

For the purpose and scope of the data collection and the further processing and use of the data by LinkedIn Corporation, as well as your rights in this regard and setting options for protecting your privacy, please refer to the privacy policy of LinkedIn Corporation. For more information, please visit https://www.linkedin.com/legal....

If you have given us your consent, your consent is the legal basis for the use of the "LinkedIn Insight Tag" and the associated processing of personal data (Article 6 (1) (1) (a) GDPR). If information is stored or accessed on your terminal equipment (for example, through cookies), your consent pursuant to Paragraph 25 (1) TTDSG is the relevant legal basis for this. Detailed information on the cookies used (functionality, function duration, access options of third parties, etc.) can be found at in our consent management tool ("Cookiebot").

You can revoke your consent at any time with effect for the future. If you wish to deactivate the tracking of the "LinkedIn Insight Tag" or revoke your consent, please uncheck the "LinkedIn Insight Tag" service under "Cookie settings". However, this may lead to certain restrictions in the functions and user-friendliness of our offer.

13.7 Microsoft Bing Ads

Our website uses a conversion tracking tool from Microsoft Corporation. This involves a cookie being placed on your computer by Microsoft Bing Ads if you are directed to our site via a Microsoft Bing ad. This allows Microsoft Bing and us to detect that someone has clicked on the ad, been redirected to our website and reached the previously determined target page (conversion page). This process only informs us of the overall number of users who have clicked on a Bing ad and then been redirected to a conversion page. No personal information relating to the identity of the user is disclosed. If you would not like to take part in this tracking process, you can refuse to allow the necessary cookies to be placed on your computer – for example using a browser setting that prevents cookies being placed automatically. Further information on data privacy and the cookies used by Microsoft Bing can be found on the Microsoft website at: https://privacy.microsoft.com/en-us/privacystatement.

13.8 Hubspot

On this website, we use the service HubSpot for various purposes. HubSpot is a software company from the USA with a branch in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, telephone: +353 1 5187500.

Hubspot is an integrated software solution that we use to implement various tasks in our online marketing. These include in particular:

Email marketing, social media publishing, reporting, contact management (e.g. user segmentation & CRM), landing pages and contact forms.

Our sign-up service allows visitors to our website to learn more about our company, download content and provide their contact information and other demographic information. This information, as well as our website content, is stored on servers operated by our software partner HubSpot. It may be used by us to contact visitors to our website and to determine which of our company's services are of interest to them. All information we collect is subject to this privacy policy. We use all information collected solely to optimise our marketing efforts.

Hubspot's privacy policy can be found at:

https://legal.hubspot.com/priv...;

Further information from HubSpot on the topics of IT security and data protection can be found here:

https://legal.hubspot.com/secu...;

"Hubspot" enables us to display a notice about the use of cookies (so-called "cookie banner") and to integrate cookies in a data protection-compliant manner via opt-in. This means that technically unnecessary cookies will only be set and any associated data will only be processed if you, as a website visitor, give us your consent (§ 25 para. 1 TTDSG and Art. 6 para. 1 UAbs. 1 letter a DS-GVO). For this purpose, you will be asked in a cookie banner when you call up our website to select which cookies and services may be used.

"Hubspot" uses technically necessary cookies __hs_opt_out, __hs_do_not_track, __hs_initial_opt_in, __hs_cookie_cat_pref, __hs_gpc_banner_dismisshs, _ab_test, <id>_key, hs-messages-is-open, hs-messages-hide-welcome-message, __hsmem, hs-membership-csrf, hs_langswitcher_choice, __cfruid, __cf_bm, in order to implement basic technical functions and to manage the consent you have given when visiting our website. In accordance with § 25 para. 2 no. 2 TTDSG, no consent is required from you to access your terminal equipment. The subsequent data processing is necessary to fulfil a legal obligation. The legal basis for this is Art. 6 para. 1 UAbs. 1 lit. c DS-GVO. This is because according to Art. 5 (2) DS-GVO, we as the controller must demonstrate compliance with the principles of data processing (Art. 5 (1) DS-GVO), in particular the principle of lawfulness of data processing (Art. 5 (1) (a) DS-GVO). If we fail to comply with this legal obligation, this could be legally disadvantageous for us (such as the imposition of a fine, Art. 83 DS-GVO). You can find detailed information on the cookie used (function, storage period, access options for third parties, etc.) in our consent management tool ("Cookiebot").

Further information on the consent management tool "Cookiebot" can be found at https://www.cookieyes.com/priv... (data protection declaration) and https://www.cookieyes.com/dpa/ (data processing agreement).

More information on the cookies used by HubSpot can be found at:

https://knowledge.hubspot.com/...;

As part of the optimisation of our marketing measures, the following data may be collected and processed via HubSpot:

  • Geographical position
  • Browser type
  • Navigation information
  • Referral URL
  • Performance data
  • Information on how often the application is used
  • Mobile apps data
  • Login information for the HubSpot subscription service
  • Files viewed on site
  • Domain names
  • Pages viewed
  • Aggregated usage
  • Operating system version
  • Internet service provider
  • IP address
  • Device identifier
  • Duration of visit
  • Where the application was downloaded from
  • Operating system
  • Events that occur within the application
  • Access times
  • Clickstream data
  • Device model and version

In addition, we also use Hubspot to provide contact forms.

The legal basis of the processing is your consent pursuant to Art. 6 (1) lit. a DSGVO. If you do not want HubSpot to collect and process the aforementioned data, you can refuse your consent or revoke it at any time with effect for the future.

The personal data will be kept for as long as it is necessary to fulfil the purpose of the processing. The data will be deleted as soon as they are no longer required to achieve the purpose.

Within the scope of processing via HubSpot, data may be transferred to the USA. The security of the transfer is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a level of security that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to ensure an adequate level of security, your consent pursuant to Art. 49 (1) a of the GDPR may serve as the legal basis for the transfer to third countries.

14. Other services

14.1 Google Maps (cookie banner solution)

We use the online map service "Google Maps" on our website.

The online map service "Google Maps" is operated by Google LLC ("Google"), 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States of America, or if the service is provided in the European Union, by Google Ireland Limited, Google Building, Gordon House, Barrow Street, Dublin 4, Ireland (https://www.google.de/maps/).

"Google Maps" is a web service for displaying interactive (land) maps to visually display geographical information. By using this service, our location is displayed to you and a possible journey is made easier. We use this service to optimize our website for you. We want to save you time and provide you with the necessary address data immediately and clearly, which is why we have integrated "Google Maps" directly into our website using HTML code.

By embedding "Google Maps" the following data is collected:

  • Search terms
  • IP address
  • Latitude and longitude coordinates
  • - When using the route planner function: entered start address

In particular, the following cookie from "Google Maps" is used for this purpose:

Cookie name: NID

Purpose: The cookie "NID" is used to customize advertisements to your Google search. For this purpose, a unique ID is stored in the cookie to collect your personal settings for advertising purposes.

Detailed information on the cookie used (function, storage period, access possibilities of third parties, etc.) can be found at in our consent management tool ("Cookiebot").

Subject to your consent, when you access those subpages in which the map of "Google Maps" is integrated, the information generated by this about your website use is transmitted to Google servers, which are distributed around the world (https://www.google.com/about/d...). A large part of the servers are located in the United States of America, which is why your data is also stored there. In the event that personal data is transferred to Google LLC, which is based in the United States of America, Google LLC has taken appropriate measures (such as concluding EU standard contractual clauses), which generally ensure compliance with the level of data protection applicable in the European Union. However, it cannot be ruled out that US authorities will access the data stored by Google. The United States of America is currently considered a third country from a data protection perspective. You do not have the same rights there as within the European Union. You may not have any legal remedies against access by authorities.

The data transfer described above takes place regardless of whether Google provides a user account via which you are logged in or whether a user account exists. If you are logged in to Google, your data will be directly assigned to your user account. If you do not wish to have your data associated with your Google profile, you must log out before visiting the website. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them. If a user account exists, privacy settings can be made at Google at https://safety.google/privacy/....

If you have given your consent to the setting or storage of cookies and to the activation of the service, access to your terminal equipment and the subsequent processing of the data will be based on your consent in accordance with Paragraph 25 (1) TTDSG in conjunction with Article 6 (1) (1) (a) GDPR. With your consent to the use of this service, you also consent to any data transfer to Google in a third country in accordance with Article 49 (1) (1) (a) GDPR. You can revoke your consent at any time with effect for the future by clicking on Cookie Settings and unchecking "Google Maps". An opt-out cookie will then be set, which prevents the collection of your data during future visits to this website.

We would like to point out at this point that by using the service, "Google Fonts" (fonts) may be reloaded and a connection to Google's servers is automatically established for this purpose. "Google Fonts" is a collection of fonts for commercial and personal use. Through "Google Fonts" fonts are made available, which visually improve the service called. In the process, the following data is transmitted to Google:

  • IP address
  • Aggregated usage figures
  • Font request
  • Referrer URL
  • CSS requests
  • User Agent
  • Browser information

From a technical point of view, we cannot prevent this - despite the possible local integration of Google Fonts. If you have therefore consented to the use of this service, this consent also expressly extends to the use of "Google Fonts".

For more information about the online map service "Google Maps", please visit:

Furthermore, you can also contact the Google contact person at https://support.google.com/pol... regarding the service.

15. Your inquiries by e-mail, telephone, fax or contact form

15.1 Contact

If you contact us by e-mail, telephone, fax or via our contact form, the data you provide will be processed. We use this data to be able to process your request. The processing of the data is based on your consent in accordance with Article 6 (1) (1) (a) GDPR. However, depending on the circumstances, the processing of the data may also be based on Article 6 (1) (1) (b) GDPR (fulfillment of pre-contractual or contractual obligations) or on Article 6 (1) (1) (f) GDPR (overriding legitimate interest in the effective and efficient processing of your request).

As soon as the respective conversation with you has ended and the facts concerned have been conclusively clarified, we will delete the data accruing in this context. Mandatory legal provisions, such as statutory retention obligations, remain unaffected.

We would like to point out that data transmission via e-mail is generally not encrypted. A (complete) protection of the data can therefore not be guaranteed with this type of contact.

15.2 Contact form

If you use our contact form to contact us, we will ask you for personal information. In order for us to be able to answer the inquiry, it is necessary to provide a valid e-mail address. Further information about your person can - unless otherwise stated - be provided voluntarily.

Your data will be processed by e-mail.

The contact form is sent using end-to-end encryption.

Your data is stored on protected servers in the Federal Republic of Germany in compliance with data protection regulations.

By pressing the "Submit Form" button, you consent to the processing of your contact information for the above purposes. If you do not agree to this, you must cancel the process. No sending of the form content and no processing of your data will then take place. You can revoke your consent as stated above at any time with effect for the future.

We use your data only to the extent necessary for processing your requests and for further correspondence with you. The data collected by us for the use of the contact form will be stored for the purpose of processing the request and in case of follow-up questions and deleted after completion of your request under data protection law, unless there is another legal obligation to retain data.

15.3 Passing on data to service companies

We use various services of third parties for the operation and optimization of our website and our services and for the execution of contracts. In this context, it is necessary that the data required for the fulfillment of tasks, in particular for central IT services or the hosting of our website as well as for the payment and delivery of products, are passed on to them.

When passing on your data, we always ensure the highest possible level of security. We assure you that the third parties involved have been carefully selected by us beforehand and are contractually obligated. Insofar as a third party is active for us by way of commissioned processing (for example, for hosting the website), we ensure that appropriate data protection precautions and data security measures have been agreed with the third parties commissioned by us.

We pass on the personal data necessary for the delivery of ordered goods, such as first name, last name, address to logistics companies and the parcel / postal service provider specified in the order, such as DHL,DPD, UPS and Hermes. This is necessary in particular for the fulfillment of contracts and to protect our legitimate interests or those of a third party (Article 6 (1) (1) (b) and (f) GDPR).

In addition, we transmit the data provided during the order process to payment service providers or to a financing bank for their own use in the processing of the contract, if applicable.

During payment, we do not collect and store any payment transaction information such as credit card numbers or bank details. You only provide this information directly to the respective payment service provider.

16. E-mail newsletter

If you are offered the option of ordering a newsletter on our website and you register for such a newsletter, we process the data collected from you in this context as follows:

16.1 Purpose of data processing and registration for the newsletter

The only mandatory information for sending the newsletter is your e-mail address. We store this information for the delivery of the newsletter. Through the e-mail newsletter, we would like to inform you at regular intervals about our company and our goods or services. In this way, we provide you with information that is important to you. Furthermore, the e-mail newsletter also serves to inform you about changes to the newsletter offer or in the event of a change in technical circumstances. The data collected as part of the newsletter service is not passed on to third parties.

The legal basis for data processing is your consent pursuant to Article 6 (1) (1) (a) GDPR. We have logged your consent and are obliged to keep its content available for retrieval at all times.

The provision of further, separately marked data and information is voluntary. They are used for the purpose of personal addressing and/or personalization of the e-mail newsletter.

16.2 Double opt-in procedure

If you register for an e-mail newsletter, the data you provide and transmit will be electronically recorded and stored by us. The purpose of this processing is first of all the implementation of the so-called double opt-in procedure, with which you can consent to the regular sending of the e-mail newsletter. This means that after you have submitted your data, we will send you an e-mail to the e-mail address you have provided and ask you in this e-mail to confirm that you wish to receive the newsletter. If no confirmation of your registration is received, your data will be deleted after 24 months at the latest.

After your confirmation, we store your IP address, the content of the confirmation e-mail and the time of confirmation. The purpose of this procedure is to prove your registration for the e-mail newsletter and, if necessary, to be able to recognize and prevent possible misuse of your data. The legal basis for this is Article 6 (1) (1) (c) GDPR (fulfillment of a legal obligation). Failure to comply with the double opt-in procedure when sending an e-mail newsletter, for example, would constitute an unlawful business act (see Paragraph 7 (1) and (2) No. 2 UWG – „Gesetz gegen den unlauten Wettbewerb“; German Act Against Unfair Competition).

16.3 Duration of storage

The data collected during registration (e-mail address and voluntary information) will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. This is the case after a cancellation of the newsletter or a revocation of your consent.

16.4 Revocation of your consent

You can revoke your consent to the transmission of the newsletter at any time with effect for the future and thereby unsubscribe from the newsletter. You can declare the revocation by calling up the hyperlink provided in each newsletter. In addition, you also have the option of contacting us directly with a revocation.

16.5 CleverReach

We use the service "CleverReach" for our newsletter.

The "CleverReach" service is operated by CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (https://www.cleverreach.com/).

We use the "CleverReach" service to organize our newsletter. Furthermore, we use "CleverReach" to analyze user behavior for our own advertising and market research purposes. The data you enter to receive the newsletter (for example, your e-mail address) is stored on servers of CleverReach GmbH & Co. KG in Germany or Ireland. CleverReach GmbH & Co KG uses this information to send and statistically evaluate the newsletters on our behalf. For the evaluation, the newsletters sent by e-mail contain so-called tracking pixels. Tracking pixels are small graphics that enable log file recording and log file analysis. When a newsletter with a tracking pixel is opened, this small image is downloaded from a server on the Internet, and the download is registered there. In this way, the operator of the server can see when and how many users requested this pixel-code, or whether and when an e-mail was opened or a website was visited. The tracking pixel automatically establishes a direct connection with the CleverReach GmbH & Co. KG server. This makes it possible to determine whether a newsletter message was opened and which hyperlinks, if any, were clicked. With the help of so-called conversion tracking, it can also be analyzed whether a predefined action (for example, purchase of a product on our website) has taken place after clicking on such hyperlinks. Furthermore, the following technical information is recorded:

  • Time of the call
  • IP address
  • Browser type
  • Operating system

The data is collected exclusively pseudonymously and is not linked with your other data; a direct personal reference is therefore excluded. This data is only used for the statistical analysis of newsletter campaigns. The analysis results can be used to better adapt future newsletters to the interests of the addressees. If you wish to object to the data analysis, you must unsubscribe from the newsletter.

The "CleverReach" service retains data until we instruct CleverReach GmbH & Co. KG to delete it. Furthermore, the data you provide for the purpose of receiving the newsletter will be stored by us or by CleverReach GmbH & Co. KG until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe. Data that has been stored by us for other purposes remains unaffected by this.

CleverReach GmbH & Co. KG will only process the data to the extent necessary to fulfill its service obligations. It is subject to our instructions regarding the provision of its services. To ensure the rights and obligations under data protection law, a contract on commissioned processing has been concluded with CleverReach GmbH & Co. KG in accordance with Article 28 GDPR.

The processing of the data is based on your consent in accordance with Article 6 (1) (1) (a) GDPR. With your consent to subscribe to the email newsletter, you also consent to any data transfer to CleverReach GmbH & Co. KG that may take place. You can revoke your consent at any time with effect for the future by contacting us.

After you have unsubscribed from the newsletter distribution list, your e-mail address will be stored by us or by CleverReach GmbH & Co. KG in a so-called blacklist, if necessary, in order to prevent future newsletter distribution. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters. The data processing is based on Article 6 (1) (1) (f) GDPR. The storage in the blacklist is not limited in time. You can object to the storage (see below).

For more information about the "CleverReach" service, see:

Furthermore, you can also contact the CleverReach GmbH & Co. KG contact person regarding the service at the e-mail address "info@cleverreach.com".

17. Application procedure

17.1 Scope of data processing

You have the opportunity to view job postings on our website and then apply for them.

For your participation in the application process, it is necessary to provide data. This data includes, among other things, identification data such as first name, last name, date of birth, contact data such as address, telephone number or e-mail address, as well as data relating to your educational and/or professional background such as school and work certificates, data on training, internships or previous employers. This data may originate from documents provided by you, such as a cover letter, a resume, an application photo, certificates or other evidence of professional qualifications. Data that is mandatory for participation in the application process is marked accordingly as mandatory data.

We will only pass on the data to persons who are involved in processing your application.

Insofar as no third-party provider is named in this data protection declaration whose service we use to provide the online application function, no data is passed on to third parties.

17.2 Purpose and legal basis of data processing

We process the above data for the purpose of carrying out the application process. Insofar as you have given us your consent, the legal basis for the data processing is Article 6 (1) (1) (a) GDPR. You may revoke your consent at any time with effect for the future. However, insofar as the processing of the above data is carried out for the purpose of initiating an employment relationship/contractual relationship, the legal basis for the data processing is Article 88 (1) GDPR in conjunction with Paragraph 26 (1) BDSG or Article 6 (1) (1) (b) GDPR.

17.3 Duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the event that an employment relationship, training relationship, internship or other service relationship is established following the application process, the data will initially continue to be stored and transferred to the personnel file. Otherwise, the application process ends with the receipt of a rejection. In this case, the data will be deleted after six months. Deletion does not take place if further processing and storage of your data is necessary in individual cases for the assertion, exercise or defense of legal claims. In this case, we have an overriding legitimate interest in the further processing and storage of your data. The legal basis for this is Article 6 (1) (1) (f) GDPR. Deletion will also not take place if we are obliged to continue storing your data due to legal regulations (Article 6 (1) (1) (c) GDPR).

17.4 Revocation and objection

You can revoke any consent given to us at any time with effect for the future. You can object to the processing of your data at any time. In particular, you have the option to withdraw your application. As part of the application process, you should only provide us with the data that is required for participation in the application process and its implementation. There is no legal or contractual obligation to provide data. However, we would like to point out that without this data we will not be able to carry out the application process and consider your application. The same applies in the event of an objection to the processing of your data. You can have the data stored about you changed at any time.

17.5 Reference to the information letter for people applying

For further information, please refer to the information letter for applicants on the processing of personal data pursuant to Article 12 et seq. GDPR. You can access this at "Informationsschrieben für Bewerber".


17.6 SalesViewer

This website uses SalesViewer® technology from SalesViewer® GmbH to collect and store data for marketing, market research and optimization purposes on the basis of the website operator's legitimate interests (Art. 6(1)(f) GDPR).

For this purpose, a javascript-based code is used to collect company-related data and the corresponding use. The data collected using this technology is encrypted using a non-reversible one-way function (known as hashing). The data is immediately pseudonymized and is not used to personally identify the visitor to this website.

The data stored by Salesviewer is deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations.

You can object to the collection and storage of data at any time with effect for the future by clicking on this link https://www.salesviewer.com/op... to prevent SalesViewer® from collecting data on this website in the future. An opt-out cookie for this website will be stored on your device. If you delete your cookies in this browser, you must click on this link again.

18. Appearances in social networks (social media) and on other websites

We maintain publicly accessible profiles on social networks.

On our website, you may also find a link to these profiles. However, unless otherwise stated in our privacy policy, this is merely a link to the external websites. Unlike so-called social media plug-ins, for example, the integration of the hyperlink on our website does not yet process any data of the website visitors in relation to the social networks. In contrast, calling up and visiting the profile by activating the link initiates a number of data processing processes.

We maintain social media profiles in order to communicate with users and interested parties and to present information about us. This enables us to better align our products and services with the needs of interested parties. In addition, we want to meet you in the virtual place and communicate with you where you already feel comfortable and know your way around. This improves the overall communication between you and us.

For this purpose, we make use of the technical platform and services of third-party providers. Since the providers of the social networks - in addition to us - pursue their own purposes, we are considered joint controllers under data protection law in accordance with Article 26 GDPR. We would like to point out that you use our social media profiles and their functions on your own responsibility. This applies in particular to the use of the interactive functions (for example, commenting and sharing). When you visit our profiles, the providers of the social media platforms collect, among other things, your IP address and other information that is present in the form of cookies on your terminal equipment. This information is used to provide us, as the operator of the social media profile, with anonymized statistical information about the interaction with our profile. We use the statistics to improve your experience when visiting our social media presence. However, we do not have access to the usage data that the social network provider collects to create these statistics.

When visiting our profiles, your data will be collected, used and stored not only by us, but also by the operators of the respective social network due to joint responsibility. This happens even if you yourself do not maintain a profile in the respective social network. The individual data processing operations and their scope differ depending on the operator of the respective social network. If you are logged into the platform in your profile, it is possible to regularly track how you have moved around the Internet via a cookie on your terminal equipment. Via social media plugins integrated into websites (for example, a Like button), it is also possible for the platforms to record your visits to these websites and assign them to your respective profile. Based on this data, user profiles can be created and content tailored to you or advertising content relevant to you can be offered by the platform operators. If you wish to avoid this, you should log out or deactivate the "stay logged in" function, delete the cookies present on your terminal equipment and restart your browser. We do not know in detail how the social media platforms use the data for their own purposes, how long this data is stored and whether data is passed on to third parties. To our knowledge, the platform providers will primarily use the data obtained to improve the platform's own advertising system. Data processing may differ depending on whether you are registered and logged in to the social network or visit our profile as a non-registered and/or non-logged-in user. Details about the collection and storage of your data as well as the type, scope and purpose of its use by the operator are described by the providers in their own privacy statements (see below). Furthermore, you will also find information there about contact options as well as about the settings options for advertisements.

The data collected about you in this context is processed by the platforms and may be transferred to countries outside the European Union, in particular the United States of America (USA). The providers listed below - insofar as they are not originally European companies - maintain an appropriate level of data protection according to their own statements. We have concluded the standard data protection clauses with the companies for this purpose. However, it cannot be ruled out that U.S. authorities may access the data stored by the platform providers. The United States of America is currently considered a third country from a data protection perspective. You do not have the same rights there as within the European Union. You may not have any legal remedies against access by authorities.

In contrast, we as a user of a social media profile only process - apart from the anonymized statistical evaluation of profile visits (see already above for this) - the data from your use of our service that you provide to us and that requires interaction. For example, if you ask a question that we can only answer by e-mail or via the social network messaging system, we will store your information in accordance with the general principles of our data processing, which we describe in this privacy policy. The legal basis for processing your data on the social media platform is - depending on the facts and context – Article 6 (1) (1) (a), (b) or (f) GDPR. Our legitimate interest lies in particular in presenting our products and services in a promotionally effective manner and communicating effectively and efficiently with you. The data processing operations carried out by the social networks may be based on different legal bases. These must be disclosed to you separately by the respective operator. Access to your terminal equipment - in particular through the use of cookies - is governed by Paragraph 25 (1) or (2) No. 2 TTDSG. You can find more details about the cookies or comparable technologies used in the privacy policy or cookie policy of the respective providers of the social networks (see below). You are not obliged to provide us with your personal data. However, this may be necessary for individual functionalities of our profiles in social networks (for example, to respond to your inquiry). These functionalities will not be available to you or only to a limited extent if you do not provide us with your data.

To exercise your data subject rights, you can contact both us or the provider of the social media platform. To the extent that one party is not responsible for responding or must obtain the information from the other party, we or the provider will forward your request to the respective partner. Please contact the social media platform provider directly for questions about profiling, processing of your data when using the social network. For questions about the processing of your interaction with us, write to the contact details we provide. Please note that despite the joint responsibility, we do not have full influence on the data processing procedures of the operators of the social networks.

For more information on social networks and how you can protect your data, visit www.youngdata.de. Youngdata is the youth portal of the independent data protection authorities of the federal and state governments, as well as the canton of Zurich.

In the following, we would like to explain which profiles we maintain with which providers. If you would like to visit our social media profiles, you can find the exact locations in the imprint of our website. We have linked the social media profiles there accordingly.

18.1 Facebook

We use the social network "Facebook".

"Facebook" is operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (https://www.facebook.com/).

You can find more information on the social network "Facebook" at

18.2 LinkedIn

We use the social network "LinkedIn".

"LinkedIn" is operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (https://www.linkedin.com/).

You can find more information about the social network "LinkedIn" at

18.3 YouTube

We use the social network "YouTube".

"YouTube" is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (https://www.youtube.com/).

You can find more information on the social network "YouTube" at

18.4 XING

We use the social network "XING".

"XING" is operated by New Work SE, Am Strandkai 1, 20457 Hamburg, Germany (https://www.xing.com/).

You can find more information about the social network "XING" at

19. Make.com

Data collection in the context of linking online tools with Make

On our website, we incorporate Make provided by Celonis Inc, One World Trade Center, 87th Floor, New York, NY, 10007, USA ("Make"). Make enables us to integrate the services of other platforms provided by third parties. This allows these platform providers to gain knowledge of your activities in relation to the respective platform.

The legal basis for the processing is Art. 6 (1) lit. f DSGVO.

Third-party services that we integrate with Make are services provided by LinkedIn Inc and CleverReach.

We have concluded a contract for commissioned processing pursuant to Art. 28 DSGVO and the EU standard data protection clauses with Make and remain responsible for the protection of your data.

For more information on terms of use and data protection, please visit https://www.make.com/en/terms-... and https://www.make.com/en/privac....

20. Children and teenagers

Our website is aimed exclusively at potential applicants, customers, interested parties as well as business partners and representatives of the press.

Persons under the age of 16 should not transmit any data to us without the consent of their legal representatives (usually parents or guardians). We do not request data from children and young people who have not yet reached the age of 16. We do not collect these and do not pass them on to third parties.

21. Security of your data

We have taken technical and organizational security measures in accordance with legal requirements to protect your data from loss, destruction, manipulation and unauthorized access.

The security measures include in particular the encrypted transmission of data between your browser and our server. This website uses TLS encryption for security reasons and to protect the transmission of confidential content such as requests that you send to us as the site operator. You can recognize an encrypted connection in particular by the fact that the address line of your browser changes from "http://" to "https://" and by the padlock symbol. If TLS encryption is activated, data that you transmit to us cannot be read by third parties.

All of our employees and all persons involved in data processing, as well as the service companies commissioned by us, are obligated to comply with the GDPR, the BDSG and other laws relevant to data protection, as well as to handle data confidentially.

Our security measures are regularly reviewed and continuously revised in line with technological developments.

22. Existence of automated decision making

As a responsible company, we do not use automatic decision-making or profiling.

23. Data subject rights

If we process your data, you have extensive rights as a data subject. You can assert these against us at any time. You will find the necessary contact details at the beginning of our data protection declaration. In the following, we would like to present your data subject rights to you in detail.

23.1 Revocation of consents

If you have given us your consent to the processing of your data, you can revoke your consent at any time with effect for the future in accordance with Article 7 (3) (1) GDPR. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

These statements also apply to consent pursuant to Paragraph 25 (1) TTDSG.

23.2 Right to information

You can obtain information about your data processed by us at any time within the scope of Article 15 GDPR. In particular, you can request information about the purposes of processing, the categories of data processed, categories of possible recipients and the planned storage period.

23.3 Right to rectification

You are entitled to request a correction or completion of your data stored by us in case of inaccuracy of the data within the scope of Article 16 GDPR.

23.4 Right to deletion

Within the scope of Article 17 GDPR, you can demand the erasure of the data if the storage of the data is no longer necessary and there is no other legal basis for the processing. In addition, you may request erasure if you have objected to the processing and there are no overriding legitimate grounds for further processing of your data and if your data has been processed unlawfully or if there is a legal obligation to erase it under European or national law.

23.5 Right to restriction of processing

In addition, you have a right to restriction of processing within the scope of Article 18 GDPR,

  • if you dispute the accuracy of the data for a period of time that allows the data controller to verify the accuracy of the data,
  • if the processing is unlawful but you refuse to erase the data,
  • the purpose of the processing has ceased to exist, but the data are necessary to assert your legal claims, or
  • if you have objected in accordance with Article 21 GDPR and it has not yet been determined whether the legitimate grounds of the controller outweigh your interests.

23.6 Right to data portability

Within the scope of Article 20 GDPR, you have the right to receive the data concerning you in a common, structured and machine-readable format (data portability). In addition, you can, under certain conditions, obtain that your data is transferred directly from a responsible party, insofar as this is technically possible.

23.7 Right of objection

You have the right to object to the use of your data for the above-mentioned purposes at any time (Article 21 GDPR). This is possible insofar as the objection is directed against direct advertising or there are reasons for this that arise from your particular situation. In the case of objection to direct advertising, you have a general right of objection, which is implemented by us without specifying a particular situation.

23.8 Right of complaint to the supervisory authority

In addition, we would like to point out that - without prejudice to any other administrative or judicial remedy - you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, your place of work or the place of the alleged infringement, if you consider that the processing of data relating to you infringes the GDPR.

A current list of supervisory authorities (for the non-public sector) with address can be found at https://www.bfdi.bund.de/DE/In....

The supervisory authority for data protection responsible for us is:

Bavarian State Office for Data Protection Supervision (Bayerisches Landesamt für Datenschutzaufsicht)

Promenade 18
91522 Ansbach
Phone: +49 981 180093-0
E-mail: poststelle@lda.bayern.de
Website: https://lda.bayern.de/

24. Questions, suggestions, complaints to the data protection officer

If you have any questions about our privacy policy or the processing of your data, you can contact our data protection officer directly:

Peter Dorscht
Law and data protection
Phone: 0981 / 1807 6372
Mobile: 0151 / 14 04 44 03
E-Mail: datenschutz@oechsler.com

He is also available as a contact person in the event of requests for information, suggestions or complaints.

25. Change to our privacy policy

We reserve the right to change our security and data protection measures if this becomes necessary due to
technical developments. In these cases, we will also adapt our data protection notices accordingly. Therefore, please note the respective current version of our data protection declaration. The current status is April 2023.

Stay up-to-date with our newsletter.

Gain exclusive insights on our latest innovations, corporate news and upcoming events.