Privacy policy
We protect your data on all levels. Your safety is our greatest asset.
GDPR-compliant
Made in Germany
Introduction
We as sync.blue (a product of phonebridge GmbH) take the protection of your data very seriously. This privacy policy explains our practices in relation to the collection and processing of your data. Further information on security can be found at www.sync.blue/en/sicherheit.
Who we are
The controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is
sync.blue®
by phonebridge GmbH
Sophie-Scholl-Str. 51
45721 Haltern am See
Germany
+49 (2364) 8873040
sync.blue
Contacting the data protection comissioner
The data protection officer of the controller is
DataCo GmbH Sandstr. 33
80335 Munich
Munich, Germany
+49 89 7400 45840
On this page we inform you about the processing of your personal data on the website.
How we collect and use your personal data depends on how you interact with us or which services you use. We will only collect, use or share your personal data where we have a legitimate purpose and legal basis for doing so.
What do we mean by legal basis?
Consent (Art. 6 para. 1 sentence 1 lit. a GDPR)- You have given us your consent to process your personal data for the specific purpose we have explained to you. You have the right to withdraw your consent at any time. For more information on how you can withdraw your consent, please refer to the subsections “Exercising your rights” in the following sections of this Privacy Policy.
Contract (Art. 6 para. 1 sentence 1 lit. b GDPR) - We need to use your data to fulfill a contract you have with us. Alternatively, it is necessary to use your data because we have asked you to do so or you have taken certain steps yourself before entering into this contract.
Legal obligation (Art. 6 para. 1 sentence 1 lit. c GDPR) - We must use your data to comply with the law.
Vital interests (Art. 6 para. 1 sentence 1 lit. d GDPR) - The processing of your data is necessary to protect your vital interests or those of another person. For example, to protect you from serious physical harm.
Public task (Art. 6 para. 1 sentence 1 lit. e GDPR) - The processing of your data is necessary for the performance of a task carried out in the public interest or because it is covered by a task defined by law, e.g. for a statutory function.
Legitimate interests (Art. 6 para.1 p.1 lit. f GDPR) - The processing of your data is necessary to support a legitimate interest that we or another party have, only if your own interests do not prevail.
Please note that we may not be able to provide you with our website services if your data is processed to fulfill a contract or a legal obligation and you do not provide the requested data.
Data sharing and international transfer
As explained in this Privacy Policy, we use various service providers to help us deliver our services and keep your data secure. When we use these service providers, it is necessary for us to share your personal data with them.
We have entered into agreements with all service providers to whom we share your data, which oblige them to protect your data.
If your personal data is transferred outside the EU, we ensure that your personal data receives an equivalent level of protection, either because the country to which your data is transferred has an "adequate" data protection standard according to the European Commission, or by applying another safeguard, such as an enhanced contractual agreement, i.e., the Standard Contractual Clauses (SCCs) adopted by the European Commission.
For example, when we use US service providers, we rely on either the SCC or the EU-US Data Privacy Framework, depending on the provider. You can request a copy of the SCCs we have entered into with our service providers by sending an email to the email address provided in this Privacy Policy.
Your rights
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:
1. The right to information (Article 15 GDPR)
-
You have the right to request confirmation from us as to whether personal data concerning you is being processed. If so, you have the right to information about this data and the following information:
-
Purposes of processing
-
Categories of personal data
-
Recipients or categories of recipients
-
Planned storage period or the criteria for determining this period
-
Existence of the rights to rectification, erasure, restriction, or objection
-
Right to lodge a complaint with the competent supervisory authority
-
Origin of the data (if collected from a third party)
-
Existence of automated decision-making, including profiling, with meaningful information about the logic involved, its scope, and the expected effects
-
Transfer of personal data to a third country or international organization, if applicable
2. Right to rectification (Article 16 GDPR)
If your personal data is incorrect or incomplete, you have the right to request that it be corrected or completed without undue delay.
3. Right to restriction of processing (Article 18 GDPR)
If one of the following conditions is met, you have the right to request that the processing of your personal data be restricted:
-
You contest the accuracy of your personal data for a period that enables us to verify the accuracy of the personal data.
-
In the context of unlawful processing, you refuse to delete the personal data and instead request that the use of the personal data be restricted.
-
We no longer need your personal data for the purposes of the processing, but you need your personal data to assert, exercise, or defend your legal claims, or after you have objected to the processing, for the duration of the review to determine whether our legitimate reasons outweigh your reasons.
4. Right to erasure ("right to be forgotten") (Article 17 GDPR)
If one of the following reasons applies, you have the right to request the immediate erasure of your personal data:
-
Your data is no longer necessary for the purposes for which it was originally collected.
-
You withdraw your consent and there is no other legal basis for the processing.
-
You object to the processing and there are no overriding legitimate grounds for the processing, or you object pursuant to Article 21 (2) GDPR.
-
Your personal data is being processed unlawfully.
-
The erasure is necessary to fulfill a legal obligation under Union law or the law of the Member State to which we are subject.
-
The personal data was collected in relation to information society services offered in accordance with Article 8 (1) GDPR.
Please note that the above reasons do not apply if processing is necessary:
-
For exercising the right to freedom of expression and information;
-
For compliance with a legal obligation or to perform a task carried out in the public interest to which we are subject;
-
For reasons of public interest in the area of public health;
-
For archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes; and for the establishment, exercise, or defense of legal claims.
5. Right to data portability (Article 20 GDPR)
You have the right to receive your personal data in a structured, common, and machine-readable format or to request that it be transmitted to another controller.
6. Right to object to certain data processing (Article 21 GDPR)
You have the right to object at any time to the processing of personal data concerning you based on Article 6 (1) (e) or (f) GDPR, for reasons related to your particular situation. This also applies to profiling based on these provisions.
If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purposes of such advertising; this also applies to profiling insofar as it is related to such direct marketing.
7. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of personal data concerning you violates the GDPR.
The supervisory authority with which the complaint was submitted will inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.
A list of the locally competent supervisory authorities in Germany can be found on the website of the Federal Commissioner for Data Protection at the following link: https://www.bfdi.bund.de/EN/Service/Anschriften/Laender/Laender-node.html
Provision of the website and creation of log files
1. Description and scope of data processing
Every time our website is accessed, our system automatically collects data and information from the accessing computer's system.
The following data is collected:
-
Information about the browser type and version used
-
The user's operating system
-
The user's Internet service provider
-
Date and time of access
-
Websites from which the user's system accesses our website
This data is stored in our system's log files. This data is not stored together with other personal data of the user.
2. Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the user's IP address must be stored for the duration of the session.
Saving in log files is done to ensure the functionality of the website. Furthermore, the data helps us optimize the website and ensure the security of our information technology systems. The data is not evaluated for marketing purposes in this context.
3. Legal basis for data processing
The legal basis for the temporary storage of the data and log files is Art. 6 (1) (f) GDPR.
4. Duration of storage
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. If the data is collected to provide the website, this is the case when the respective session ends.
If the data is stored in log files, this occurs after a maximum of seven days. Longer storage is possible. In this case, the users' IP addresses will be deleted or distorted so that the accessing client can no longer be identified.
5. Exercising your rights
The collection of data to provide the website and the storage of data in log files is essential for the operation of the website. The user can object to this. Whether the objection is successful will be determined by weighing up the interests of the respective users.
Use of cookies
1. Description and scope of data processing
When you visit our website, we use technical tools for various functions, in particular cookies, which can be stored on your device. When you visit our website and at any time later, you have the choice whether you generally allow cookies or which individual additional functions you would like to select. You can make changes in your browser settings or via our Consent Manager.
Cookies are text files or information in a database that are stored on your hard drive and assigned to the browser you use, so that certain information can be sent to the location that sets the cookie. Below we describe the types of cookies we use:
We use technically necessary cookies, which are required for the technical structure of the website. Without these cookies, our website cannot be displayed (fully correctly) or the support functions are not possible.
The following data is stored and transmitted by technically necessary cookies:
-
Language settings
-
Log-in information
-
Frequency of page views
We use cookies on our website that are not technically necessary. Non-technically necessary cookies are text files that not only serve to ensure the functionality of the website but also collect other data.
By setting non-technically necessary cookies, the following data is processed:
-
IP address
-
Location of the internet user
-
Date and time of the website visit
-
Tracking of surfing behavior
2. Purpose of data processing
The purpose of using technically necessary cookies is to ensure the functionality of our website. Some functions of our website cannot be offered without the use of cookies. For these functions, it is necessary that the browser is recognized even after changing pages.
We require technically necessary cookies for the following applications:
-
Implementation of language settings
-
Website functionality
The use of technically non-necessary cookies is intended to improve the quality of our website, its content, and thus our reach and profitability. By setting these cookies, we learn how the website is used and can thus continuously optimize our offering. In particular, these cookies serve the following purposes:
Technically non-necessary cookies are used for analytical purposes to better understand user behavior on our website and to continuously improve our content and user-friendliness.
3. Legal basis for data processing
The provisions of the Telecommunications Digital Services Data Protection Act (TDDDG) apply to the storage of information on the end user's terminal equipment and/or access to information already stored on the end user's terminal equipment. If the setting and reading of cookies is technically necessary, this is done to ensure the functionality of our website. In this case, the storage of and access to cookies on your terminal equipment is based on Section 25 (2) No. 2 TDDDG. This storage of and access to information on your terminal equipment serves to make it easier for you to use our website and to be able to offer you our services as you request. Some functions of our website do not work without the use of these cookies and therefore cannot be offered. Cookies are generally deleted after the end of the session (e.g., logging out or closing the browser) or after a specified period of time. Information about different storage periods for cookies can be found in the following sections of this privacy policy.
If cookies are used that are not technically necessary, this is done on the basis of your express consent, which you can grant via the cookie banner. In this case, the basis for storing and accessing information is Section 25 (1) TDDDG in conjunction with Article 6 (1) (a) and Article 7 GDPR. You can revoke your consent at any time with future effect or subsequently grant it again by configuring your cookie settings accordingly. Alternatively, you can prevent cookies from being stored by adjusting your browser software accordingly. Please note that the browser settings you make only apply to the browser you are using. If personal data is processed on your device following the storage of and access to the information, the provisions of the GDPR apply. Information on this can be found in the following sections of this privacy policy.
4. Exercising your rights
You can revoke your consent to the use of cookies at any time and manage your consent preferences at the following link: https://app.sync.blue/change-cookie/
Email contact
1. Description and scope of data processing
Contact can be made via the email address provided on our website. In this case, the user's personal data transmitted with the email will be stored.
The data will be used exclusively for processing the conversation.
2. Purpose of data processing
In the case of contact via email, this also constitutes the necessary legitimate interest in processing the data.
3. Legal Basis for data processing
The legal basis for processing the data transmitted when sending an email is Art. 6 (1) (f) GDPR. Our legitimate interest is to optimally respond to your inquiry, which you send via email.
If the email contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR.
4. Duration of storage
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data sent via email, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
5. Exercising your rights
If the user contacts us via email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.
The revocation of consent and the objection to the storage of data can be made at any time. Users can do this via the corresponding settings on our website or by sending us an email.
All personal data stored during the contact process will be deleted in this case.
Application by email and application form
Our website has an application form that can be used for electronic applications. If an applicant chooses this option, the data entered in the input form will be transmitted to us and stored. This data includes:
-
Title
-
Last name
-
First name
-
Address
-
Telephone/mobile number
-
Email address
-
Salary expectations
-
Information about your education and training
-
Language skills
-
CV
-
Certificates
-
Photo
Alternatively, you can send us your application by email. In this case, we will record your email address and the information you provide in the email.
After submitting your application, you will receive an email from us confirming receipt of your application documents.
Your data will not be shared with third parties. The data will be used exclusively for processing your application.
2. Purpose of data processing
The processing of personal data from the application form serves solely to process your application. If you contact us by email, this also constitutes the necessary legitimate interest in processing the data.
The other personal data processed during the submission process serves to prevent misuse of the application form and to ensure the security of our information technology systems.
3. Legal basis for data processing
The legal basis for processing your data is the initiation of a contract, which takes place at the request of the data subject, Art. 6 (1) (b) Alt. 1 GDPR and Section 26 (1) (1) BDSG.
4. Duration of storage
After the application process has been completed, the data will be stored for up to 6 months. Your data will be deleted after 6 months at the latest. In the event of a legal obligation, the data will be stored in accordance with the applicable regulations.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
Company appearances
YouTube
YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, United States
On our company page, we provide information and offer YouTube users the opportunity to communicate. If you perform an action on our YouTube corporate page (e.g., comments, posts, likes, etc.), you may thereby make personal data (e.g., your real name or photo from your user profile) public.
However, since we generally or largely have no influence on the processing of your personal data by YouTube, we cannot make any binding statements about the purpose and scope of the processing of your data.
We use our corporate page on social networks for communication and information exchange with (potential) customers. In particular, we use the corporate page for:
Our corporate page on YouTube serves to inform users about news from our company and new features of our products. We provide current developments, relevant industry information, and updates to our services.
Publications about the company's website may contain the following content:
-
Information about products
-
Information about services
-
Advertising
-
Customer contact
Each user is free to publish personal data through activities.
If we process your personal data to evaluate your online behavior, offer you competitions, or conduct lead campaigns, this is done on the basis of your express declaration of consent, Art. 6 (1) (a) and Art. 7 GDPR.
The legal basis for the processing of personal data for the purpose of communicating with customers and interested parties is Art. 6 (1) (f) GDPR. Our legitimate interest lies in being able to respond to your inquiry as effectively as possible and to provide the requested information.
If the contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR.
For the processing of your personal data in third countries, we have provided appropriate safeguards in the form of standard data protection clauses in accordance with Art. 46 (2) (c) GDPR. A copy of the standard data protection clauses can be requested from us.
You can object to the processing of your personal data, which we collect as part of your use of our company presence, at any time and assert your rights as a data subject, as set out in the "Your Rights" section of this Privacy Policy. To do so, send us an informal email to [email protected]. You can find further information on the processing of your personal data by YouTube and the corresponding options for objection here:
YouTube: https://policies.google.com/privacy?gl=DE&hl=en
1. Scope of data processing
The company website is used for applications, information/PR, and active sourcing. We have no information about the processing of your personal data by the companies jointly responsible for the company website. Further information can be found in the privacy policy of:
-
LinkedIn
On our website, we provide information and offer users the opportunity to communicate.
The company website is used for applications, information/PR, and active sourcing.
We have no information about the processing of your personal data by the companies jointly responsible for the company website. Further information can be found in the privacy policy of:
LinkedIn: https://www.linkedin.com/legal/privacy-policy
If you perform an action on our company website (e.g., comments, posts, likes, etc.), you may thereby make personal data (e.g., your real name or photo of your user profile) public.
2. Legal basis for data processing
The legal basis for the processing of personal data for the purpose of communicating with customers and interested parties is Art. 6 (1) (f) GDPR. Our legitimate interest lies in being able to respond to your inquiry as effectively as possible and to provide the requested information.
If the purpose of contacting us is to conclude a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR.
3. Purpose of data processing
Our corporate website serves to inform users about our services. Users are free to publish personal data through activities.
4. Duration of storage
The data generated by the corporate website is not stored in our own systems.
5. Exercising your rights
You can object to the processing of your personal data, which we collect as part of your use of our corporate website, at any time and assert your rights as a data subject, as set out in the "Your Rights" section of this Privacy Policy. To do so, send us an informal email to the email address provided in this Privacy Policy.
Further information on exercising your rights can be found here:
LinkedIn: https://www.linkedin.com/legal/privacy-policy
Provision of the website
The website is hosted on servers operated by a service provider commissioned by us.
The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The stored information includes:
-
Information about the browser type and version used
-
The user's operating system
-
The user's Internet service provider
-
Date and time of access
-
Websites from which the user's system accesses our website
This data will not be merged with other data sources. This data is collected on the basis of Art. 6 (1) (f) GDPR. Our legitimate interest in processing this data is to display our website error-free and to optimize its functions.
Web app: app.sync.blue and sync.blue/<de|en>/<apps|sync>
We use the service NETWAYS Managed Services GmbH to host our web app app.sync.blue and the information websites: sync.blue/<de|en>/<apps|sync>. The provider is NETWAYS Managed Services GmbH, Deutschherrnstr. 15-19, 90429 Nuremberg, Germany.
Further information about the processing of personal data by NETWAYS Managed Services GmbH can be found at: https://netways.de/en/gdpr/
Information website: sync.blue
We use the service Wix to host our information website sync.blue. The provider is Wix.com Ltd., 40 Namal Tel Aviv Street, Tel Aviv 6701101, Israel.
Further information about the processing of personal data by Wix.com can be found at: https://www.wix.com/about/privacy
Since Zendesk is based in Israel, data may be transferred to a third country. This transfer is based on EU standard contractual clauses and other safeguards pursuant to Art. 46 GDPR.
Help Center: help.sync.blue
We use the Zendesk service to host our help center, help.sync.blue. The provider is Zendesk, Inc., 989 Market Street, San Francisco, CA 94103, USA.
Further information about the processing of personal data by Wix.com can be found at:
https://www.zendesk.de/company/agreements-and-terms/privacy-notice/
Since Zendesk is based in the USA, data may be transferred to a third country. This transfer is based on EU standard contractual clauses and other safeguards in accordance with Art. 46 GDPR.
Registration
1. Description and scope of data processing
On our website, we offer users the opportunity to register by providing personal data. The data is entered into an input mask and transmitted to us and stored. The data is not shared with third parties. The following data is collected during the registration process:
-
Email address
-
Last name
-
First name
-
IP address of the accessing computer
-
Date and time of registration
During the registration process, the user's consent to the processing of this data is obtained.
2. Purpose of data processing
User registration is necessary to fulfill a contract with the user or to carry out pre-contractual measures.
3. Legal basis for data processing
If the registration serves to fulfill a contract to which the user is a party or to carry out pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 (1) (b) GDPR.
If the user has given their consent, the legal basis for the processing of the data is Art. 6 (1) (a) GDPR.
4. Duration of storage
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected.
This is the case for data collected during the registration process for the fulfillment of a contract or for the implementation of pre-contractual measures if the data is no longer required for the execution of the contract. Even after the conclusion of the contract, it may be necessary to store the contractual partner's personal data in order to comply with contractual or legal obligations.
5. Exercising your rights
As a user, you have the option to cancel your registration at any time. You can have the data stored about you modified at any time.
You can request deletion in the following ways: Users can delete their account or change their data by following the procedure described in our Help Center. Detailed instructions for account deletion can be found at the following link: https://help.sync.blue/hc/de/articles/6985951156754
If the data is required to fulfill a contract or to carry out pre-contractual measures, premature deletion of the data is only possible if contractual or legal obligations do not prevent deletion.
Content delivery networks
Wix.com
1. Description and scope of data processing
We use features of the content delivery network Wix.com on our website, provided by Wix.com, 40 Namal Tel-Aviv Street, Tel Aviv-Yafo, Israel. A content delivery network (CDN) is a network of regionally distributed servers connected via the Internet, used to deliver content—especially large media files such as videos. Wix.com offers web optimization and security services that we use to improve the loading times of our website and to protect it from misuse. When you visit our website, a connection is established to the Wix.com servers, for example, to retrieve content. This may result in personal data being stored and evaluated in server log files, especially user activity (especially which pages have been visited) and device and browser information (especially the IP address and operating system).
2. Purpose of data processing
The use of Wix.com's features serves to deliver and accelerate online applications and content.
3. Legal basis for data processing
This data is collected on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website – for this purpose, the server log files must be recorded.
4. Duration of storage
Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law.
5. Exercising your rights
Information on exercising your rights vis-à-vis Wix.com can be found at: www.wix.com/about/privacy.
Integrated third-party services
We use various service providers to provide the services we offer on the Website.
Generally, we have a legitimate interest in sharing your data with the relevant service providers if these services are essential to providing the basic service offered on the Website.
If such services are required for additional services, enhanced features, or additional purposes, your personal data will only be shared with service providers if you provide your consent.
You can withdraw your consent to the use of integrated third-party services and manage your consent settings at any time here: https://app.sync.blue/change-cookie/
Use of Google Analytics 4 (GA 4)
1. Scope of processing of personal data
We use Google Analytics, a web analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as Google).
Google Analytics examines, among other things, how website visitors use our website. Google places cookies on your device. During the visit, user behavior is recorded in the form of "events." This allows personal data to be stored and evaluated, including:
-
First visit to the website
-
Interaction with the website, usage path
-
Clicks on external links
-
Video usage
-
File downloads
-
Advertising impressions and clicks
-
Scrolling behavior (if to the end of the page)
-
Searches on the website
-
Language selection
-
Page visits
-
Location (region)
-
Your IP address (in abbreviated form)
-
Technical information about your browser and the devices you use (e.g.,
-
Language setting, screen resolution)
-
Your internet service provider
-
Referrer URL
We use the User ID function. Using the User ID, we can assign a unique, permanent ID to one or more sessions (and the activities within these sessions) and analyze user behavior across devices.
IP address anonymization is enabled by default in GA 4. This means that your IP address will be shortened by Google within the member states of the European Union or other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google states that the IP address transmitted by your browser will not be merged with other Google data for the purposes of Google Analytics.
Further information on how Google processes data can be found here:
https://policies.google.com/privacy
2. Purpose of data processing
We use GA 4 to evaluate the use of our online presence and to generate reports on the activities on our website. The reports are used to analyze the performance of our website and to target advertising to people who have already expressed initial interest by visiting the site.
3. Legal basis for the processing of personal data
The legal basis for the processing of users' personal data is generally the user's consent in accordance with Art. 6 (1) (a) GDPR.
4. Duration of storage
After two months, your personal data will be deleted. This deletion occurs automatically once a month.
5. Exercising your rights
You have the right to revoke your consent to data protection at any time. Revoking your consent does not affect the legality of the processing carried out on the basis of the consent until the revocation. You can revoke your consent using our Cookie Consent Tool. You can prevent Google from collecting and processing your personal data by blocking third-party cookies from being stored on your computer, using the "Do Not Track" feature of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net) or Ghostery (https://www.ghostery.com) in your browser.
Further information on opting out and removing data from Google can be found at:
https://policies.google.com/technologies/partner-sites
You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en
You can deactivate Google's use of your personal data using the following link: https://myadcenter.google.com/home
Use of YouTube
1. Scope of processing of personal data
We use the YouTube plug-in operated by Google, YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, and its representative in the Union, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as Google). We use the YouTube plug-in to embed YouTube videos on our website. When you visit our website, your browser establishes a connection to YouTube's servers. This allows personal data to be stored and evaluated, especially user activity (in particular, which pages were visited and which elements were clicked on) as well as device and browser information (in particular, the IP address and operating system).
We have no influence on the content of the plug-in. If you are logged into your YouTube account during your visit, YouTube can assign your online presence visit to this account. By interacting with this plug-in, the corresponding information is transmitted directly to YouTube and stored there.
Further information on how Google processes data can be found here:
https://policies.google.com/privacy?gl=EN&hl=en
2. Purpose of data processing
The use of the YouTube plug-in serves to improve user-friendliness and ensure an appealing presentation of our online presence.
3. Legal basis for the processing of personal data
The legal basis for the processing of users' personal data is generally the user's
consent in accordance with Art. 6 (1) (a) GDPR.
4. Duration of storage
Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g., for tax and accounting purposes.
5. Exercising your rights
You have the right to revoke your consent to data protection at any time. Revoking your consent does not affect the legality of the processing carried out on the basis of your consent until the revocation.
You can prevent Google from collecting and processing your personal data by preventing third-party cookies from being stored on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can deactivate the use of your personal data by Google using the following link:
https://myadcenter.google.com/home
Further information on objection and removal options with Google can be found at:
https://policies.google.com/privacy?gl=EN&hl=en
Use of Google Tag Manager
1. Scope of processing of personal data
We use Google Tag Manager (https://marketingplatform.google.com/intl/en/about/tag-manager/) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and its representative in the European Union, Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as Google). Google Tag Manager allows tags from Google and third-party services to be managed and embedded in a bundled manner on an online presence. Tags are small code elements on an online presence that are used, among other things, to measure visitor numbers and behavior, record the impact of online advertising and social channels, implement remarketing and target audience targeting, and test and optimize online presences. When a user visits the online presence, the current tag configuration is sent to the user's browser. It contains instructions on which tags should be triggered. Google Tag Manager triggers other tags, which in turn may collect data. Information about this can be found in the sections on the use of the corresponding services in this privacy policy. Google Tag Manager does not access this data.
Further information about Google Tag Manager can be found at https://support.google.com/tagmanager/?hl=en#topic=15191151 and in Google's privacy policy: https://policies.google.com/privacy?hl=en
2. Purpose of data processing
The purpose of processing personal data is to ensure clear, comprehensive management and efficient integration of third-party services.
3. Legal basis for the processing of personal data
The legal basis for the processing of users' personal data is generally the user's consent in accordance with Art. 6 (1) (a) GDPR.
4. Duration of storage
Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law. Advertising data in server logs is anonymized by deleting parts of the IP address and cookie information after 9 or 18 months, respectively.
5. Exercising your rights
You have the right to revoke your consent to data protection at any time. Revoking your consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
You can prevent Google from collecting and processing your personal data by preventing third-party cookies from being stored on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en
You can deactivate Google's use of your personal data using the following link:
https://myadcenter.google.com/
Further information on opting out and removing Google cookies can be found at:
https://policies.google.com/privacy?gl=EN&hl=en
Use of Hotjar
We use the web analytics service Hotjar provided by Hotjar Ltd, Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville, St. Julian's STJ 3141, Malta. Hotjar enables us to anonymously analyze user behavior on our website (e.g., mouse movements, clicks, scrolling behavior) in order to make our website more user-friendly.
Legal basis: The processing is based on your consent in accordance with Art. 6 (1) (a) GDPR, which you can grant via our consent banner.
Data processing & recipients: Hotjar receives information about your IP address (truncated), device type, browser information, operating system, and website usage behavior during use.
Storage period: The data is stored pseudonymously and automatically deleted after 365 days.
Revocation: You can revoke your consent at any time via our cookie banner. In addition, Hotjar offers an opt-out option at the following link: https://www.hotjar.com/legal/compliance/opt-out
Use of Cloudflare
Our website uses services from Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA, to increase the security and performance of the website (e.g., through CDN, protection against DDoS attacks).
Legal basis: The processing is carried out to protect our legitimate interests in the secure and efficient provision of our website in accordance with Art. 6 (1) (f) GDPR.
Data processing & recipients: Cloudflare processes, among other things, your IP address and other technical data necessary for communication between your browser and our server.
Data transfer to third countries: The transfer is based on EU standard contractual clauses concluded with Cloudflare. Therefore, certification under the Data Privacy Framework has been obtained.
Storage period: Cloudflare only stores personal data for as long as necessary for the stated purposes.
Further information: https://www.cloudflare.com/privacypolicy/
Use of CookieChimp
We use the consent management tool CookieChimp (Identity Square Limited), Lytchett House, 13 Freeland Park, Wareham Road, Poole, Dorset, BH16 6FA, United Kingdom, to manage your consent to the use of cookies and tracking technologies.
Legal basis: The processing is based on our legitimate interest pursuant to Art. 6 (1) (f) GDPR to ensure the collection and documentation of your consent in compliance with data protection regulations.
Data processing & recipients: CookieChimp stores your consent decision, including the timestamp, the device and browser used, as well as your IP address in abbreviated form.
Storage period: The consent data is stored for 1 year or until you revoke your consent.
Revocation: You can change your consent at any time using the following link: https://app.sync.blue/change-cookie/.
This privacy policy was created with the support of DataGuard.
Note: This privacy policy has been translated into English with the greatest possible care. In the event of discrepancies or questions of interpretation, only the original German version is legally binding.
