We use essential cookies for some core functions and as a security feature. We use optional cookies to measure site performance and for some convenience features.
Privacy - Cookies - Imprint

Privacy

Welcome to this website. The protection of your personal data is very important to us. Therefore, we inform you about the processing of personal data and all data subject rights in connection with the use of this website. If you have any questions about data protection or the processing of personal data, you will find further information in the [link to relevant section]. Imprint The contact details of the responsible person or entity. We have concluded a data processing agreement with each of the providers named below and fully comply with the strict requirements of the German data protection authorities when using their services.

Summary: We take data protection very seriously and adhere to the principle of data minimization at all levels. All internal and external technical processes, server-client communication, and backups of this website are encrypted. All additional components and plugins used on this website are selected with great care. These additional plugins undergo regular, rigorous auditing. For external data processing services, such as backup storage and invoice creation, we exclusively use reputable providers who are fully GDPR-compliant and demonstrably undergo regular security audits, preferably from within the European Economic Area.

Data processing

This website can be used without providing personal data. If personal data (such as names or email addresses) is collected on our site, this is done on a voluntary basis, unless it is strictly necessary for providing a service. As a general rule, all collected data will not be shared with third parties without your explicit consent.

As a responsible company, we have implemented numerous technical, conceptual, and organizational measures to ensure the most comprehensive possible protection of the data collected and processed via this website. As a responsible company, we consciously refrain from automated decision-making or profiling.

Furthermore, the responsible body within the meaning of the General Data Protection Regulation, the data protection laws of the Member States of the European Union and other regulations with a data protection character is clearly defined and valid.

scope

This privacy policy applies to all personal data processed on this website and its associated systems, as well as to all personal data processed by companies commissioned by us (data processors). We have also concluded a data processing agreement (DPA) with all data processors. Personal data, as defined in Article 4 No. 1 of the GDPR, includes information such as names, email addresses, IP addresses, and postal addresses. The processing of personal data enables us to offer and bill for our services and products, both online and offline. This privacy policy applies to the following services. The specific services used may vary over time:

  • Our online presence: websites or online shops
  • Customer communication via email or messenger
  • Social media presence
  • Newsletters or other mailings
  • Apps for mobile devices
  • Online billing systems
  • Encrypted backups in cloud storage services

Legal basis

We process your data exclusively on the basis of the following legal grounds.

  • Legitimate interests (Article 6 paragraph 1 lit. f GDPR): If legitimate interests require it, the processing of data without active consent is possible, e.g. to deliver the website to your computer.
  • Consent (Article 6 paragraph 1 lit. a GDPR): Your consent allows us to process data for a specific purpose, e.g. when you enter information into a form.
  • Contract (Article 6 paragraph 1 lit. b GDPR): We may also process your data to fulfill a contract or pre-contractual obligations with you, e.g. for invoicing.
  • Legal obligation (Article 6 paragraph 1 lit. c GDPR): We also process your data if we have a legal requirement to fulfill, e.g. the statutory retention obligation for invoices.

Data subject rights according to the GDPR

You have the right to access, rectification, erasure, restriction of processing, data portability, and objection. Further information on the GDPR: https://eur-lex.europa.eu/legal-content/DE/ALL/?uri=celex%3A32016R0679.

  • Right of access (Article 15 GDPR): You have the right to know whether we process your data. If this is the case, you have the right to obtain a copy of the data as well as information about the purpose of the processing, the categories of data processed, the recipients (including any transfers to third countries), the storage period, your right to rectification, erasure, restriction of processing and objection, the right to lodge a complaint with a supervisory authority (link to the authority below), the origin of the data (if not collected from you), and the possible profiling.
  • Right to rectification (Article 16 GDPR): You have the right to have incorrect data corrected.
  • Right to erasure (Article 17 GDPR – „Right to be forgotten“): You can request the deletion of your data.
  • Right to restriction of processing (Article 18 GDPR): Under certain circumstances, we are only allowed to store your data, but not process it further.
  • Right to data portability (Article 20 GDPR): Upon request, we will provide your data in a common format.
  • Right to object (Article 21 GDPR): You can object to processing based on public interest or legitimate interest. We will review whether we can comply with your objection.
  • Right to object to direct marketing and profiling: You can object to the use of your data for direct marketing or profiling at any time.
  • Automated decisions (Article 22 GDPR): Under certain circumstances, you have the right not to be subject to measures based solely on automated decision-making.
  • Right to lodge a complaint (Article 77 GDPR): You have the right to lodge a complaint with the data protection authority if you believe that the processing of your data violates the GDPR.

To exercise these rights, please contact us. If you have a complaint about how we handle your data, we would like to hear from you, but you also have the right to lodge a complaint with the relevant supervisory authority (the data protection authority).

Data transfer to the USA

Our website uses tools from companies based in the USA. When these tools are active, your personal data may be transferred to the US servers of the respective companies. Please note that the USA is not considered a safe third country under EU data protection law. US companies are legally obligated to disclose personal data to security authorities without you, as the data subject, having any legal recourse. Therefore, it cannot be ruled out that US authorities (e.g., intelligence agencies) may process, analyze, and permanently store your data located on US servers for surveillance purposes. We have no control over these processing activities.

Storage duration

The data processed during your use of our website will be deleted as soon as the purpose for which it was stored no longer applies. This is provided that no legal retention obligations prevent deletion and that no differing information regarding specific processing procedures exists. In some cases, we are legally obligated to store certain data even after the original purpose has ceased to exist, for example, due to tax regulations.

Revocation of your consent to data processing

Many data processing operations are only possible with the explicit consent of the data subjects. You can revoke your consent at any time. The lawfulness of the data processing carried out before the revocation remains unaffected by the revocation.

Cookies

Our website uses cookies. Cookies are small text files that are stored on your computer and saved by your browser. We use cookies to make using our website easier and to carry out statistical analyses. You can prevent cookies from being stored by adjusting your browser settings accordingly. Further information about the cookies used, their respective purposes, and their storage duration can be found in our [link to cookie policy]. Cookie Policy.

Web hosting

To display a website, the visitor's browser must connect to a web server and retrieve the website's code. Operating a web server is a complex and resource-intensive task. Therefore, we rely on professional providers and server systems that are high-performing, redundant, secure, and reliable. Data transmission from the web server to your local network and ultimately to your browser may involve the processing of personal data. Your computer stores the received data, and the web server must also store your data in order to send it to you. Below, we provide information about the type and scope of the data stored and the protective measures we have implemented.

This website is hosted by an external service provider (host). The personal data collected on this website is stored on the host's servers. This may include, in particular, IP addresses, contact requests, metadata and communication data, contract data, contact information, names, website access data, and other data generated via a website. The host is used for the purpose of fulfilling our contractual obligations to our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast, and efficient provision of our online services by a professional provider (Art. 6 para. 1 lit. f GDPR). Our host will only process your data to the extent necessary to fulfill its contractual obligations and will comply with our instructions regarding this data.

Server log files

Each time you access our website, information is automatically collected by the web hosting provider and stored in so-called server log files. This information includes:

  • IP address
  • Date and time of access
  • Name of the page accessed
  • Referrer URL (the previously visited page)
  • Amount of data transferred
  • Browser type and browser version
  • operating system

The processing of this data is technically necessary for us to deliver the website to you; it is therefore based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. The data is used exclusively for statistical analysis and to improve the website. The IP addresses are stored for 30 days in a so-called log rotation and then deleted.

SSL encryption

We use SSL certificates for secure technical communication between the client and the website. This is particularly important when transmitting confidential data, such as form entries. Therefore, this page uses SSL/TLS encryption. An encrypted connection is easily recognizable by the fact that the browser's address bar displays "https://" and usually also a colored padlock icon. By using this SSL/TLS encryption, the data you transmit cannot be intercepted by third parties.

Core Services

Content management system (WordPress)

Our website is based on the open-source content management system WordPress. The system is installed locally on our server. No data processing by the WordPress core services takes place outside the secure server environment. If you have a login and log in to the site, WordPress processes personal data such as your email address or name for authentication purposes. WordPress uses cookies to ensure the website's functionality. You can find more information about this in the WordPress privacy policy and in our [Privacy Policy/Data Protection Statement]. Cookie Policy.

Comment function (WordPress)

Visitors can comment on posts on this website. When a comment is written, it, along with its metadata, is stored indefinitely. This allows us to facilitate discussions and automatically moderate comments. For example, a follow-up comment is automatically approved if a previous comment by an author has already been approved. Authors are identified by their email address. The criterion for the duration of storage of other personal data is the respective statutory retention period. After this period expires, the corresponding data is routinely deleted, unless it is still required for contract fulfillment or initiation. Comments posted on our blog can also be subscribed to by third parties. In particular, a commenter can subscribe to subsequent comments on a specific blog post. If a data subject chooses to subscribe to comments, the data controller sends an automatic confirmation email to verify, using a double opt-in procedure, that the owner of the specified email address has indeed opted for this service. The option to subscribe to comments can be cancelled at any time.

Registration function (WordPress)

We offer you the option to register on our website. The data you enter during this registration process, which is visible in the registration form, is collected and stored solely for the purpose of using our services. When you register on our site, we also store your IP address and the date and time of your registration. This serves as a safeguard for us in the event that a third party misuses your data and registers on our site without your knowledge. This data will not be shared with third parties. Furthermore, the data collected in this way will not be compared with data that may be collected by other components of our website.

For users who register on our website, we also store the personal information they provide in their user profiles. All users can view, modify, or delete their personal information at any time (the username cannot be changed). Website administrators can also view and modify this information.

The data controller will provide any data subject, upon request, with information about what personal data concerning them is stored. Furthermore, the data controller will rectify or erase personal data at the request or instruction of the data subject, provided that no statutory retention obligations prevent this. Export of the technically stored data is possible at any time and can be requested by email. The data subject's email address serves as the identifier. For the purposes of legitimation, this email address must also match the sender's email address.

Plesk server administration

We use the web server management software Plesk to administer our server services. This is a server administration system. The EU Commission has determined, via an adequacy decision pursuant to Article 45 of the GDPR, that Switzerland, as a third country, offers an adequate level of protection compared to the usual scope of application of the GDPR. You can find the corresponding decision here. here

Applicant Services

We offer you the opportunity to apply to us by email or via our online application form. Below, we inform you about the type, scope, and purpose of the personal data collected during the application process. The collection, processing, and use of data is carried out in accordance with applicable data protection law and all relevant legal provisions. Data records are transmitted and stored in encrypted form.

  • Your personal data will only be shared within our company with individuals involved in processing your application.
  • If your application is successful, the data you have submitted will be stored in our data processing systems on the basis of Section 26 BDSG-neu and Article 6 Paragraph 1 Letter b GDPR for the purpose of carrying out the employment relationship.
  • If we are unable to offer you a position, you decline a job offer or withdraw your application, we reserve the right to retain the data you have submitted for up to 6 months from the end of the application process (rejection or withdrawal of the application) based on our legitimate interests (Art. 6 para. 1 lit. f GDPR).

Microsoft Teams

Microsoft Teams: Messenger and conference software.

Tracking

We use web analytics software on our website that anonymously logs and analyzes visitor actions such as clicks and input. We use these services to improve the performance of our website. The respective system collects and processes anonymized data and provides us with analyses of user behavior. The tools also offer testing options, such as A/B testing, where two versions of content are tested to see which version leads to more acquisitions. In such tests or other analyses, anonymous user profiles may be created and data may be stored in cookies.

Consent Manager

We use SEOPress as our system for cookie compliance management. Read more. For further information, please see the WordPress Privacy Policy read.

Matomo

We use Matomo for anonymous visitor tracking. Read more. The use of web analytics requires your consent, which we have obtained through our cookie compliance system. According to Article 6(1)(a) of the GDPR, this consent constitutes the legal basis for the processing of personal data, such as that which may occur when collected by web analytics tools.

With the help of web analytics systems, we can see which content is accessed how frequently, how long visitors stay on the site, which device they use to access the website, and their geographical origin. These statistics help us improve the efficiency of our services. The legal basis for this is Article 6 Paragraph 1 Letter f GDPR (Legitimate Interests). We make every technical effort to avoid using cookies for this purpose. Please see our [Privacy Policy/Data Protection Statement] for further information. Cookie Policy.

Plugins

Contact form (Forminator)

We use Forminator, a form system for securely collecting user inquiries, on our website. When you send us data via a contact form, your information from the inquiry form, including the contact details you provide, is stored for processing the inquiry and in case of follow-up questions. We will not share this data without your consent. The data is automatically deleted after 30 days. If you use the "Continue Later" function in one of our forms, your previous form entries will be stored locally in a cookie.

Transactional emails

We use Mailgun, an email API service for transactional email communication, on our website. The service provider is the American company Mailgun Technologies. Mailgun processes your data, including in the USA.

Spam protection (hCaptcha)

We use a technology to prevent spam from form submissions on our website. The service provider is the American company Intuition Machines Inc. hCaptcha processes your data, including in the USA.

Social Media

We maintain online presences within social networks and platforms to communicate with customers, prospects, and users active there and to inform them about our services. We would like to point out that user data may be processed outside the European Union. This may pose risks for users, as it could, for example, make it more difficult to enforce their rights. With regard to US providers certified under the Privacy Shield, we would like to point out that they are thereby obligated to comply with EU data protection standards. Furthermore, user data is generally processed for market research and advertising purposes. For example, user profiles can be created based on usage patterns and the resulting user interests. These user profiles can then be used to display advertisements, both on and off the platforms, that are likely to correspond to the users' interests. For these purposes, cookies are typically stored on users' computers, recording their usage patterns and interests. Furthermore, data can also be stored in the usage profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).

The processing of users' personal data is based on our legitimate interests in effectively informing and communicating with users, pursuant to Article 6(1)(f) GDPR. If users are asked by the respective providers for their consent to data processing (i.e., by giving their consent, for example, by ticking a checkbox or clicking a button), the legal basis for the processing is Article 6(1)(a) and Article 7 GDPR.

For a detailed description of the respective data processing activities and the options to object (opt-out), please refer to the information provided by the respective providers, linked below. Regarding requests for information and the assertion of user rights, we would also like to point out that these can be most effectively addressed directly with the providers. Only the providers have access to user data and can take appropriate action and provide information directly. Should you still require assistance, you can contact us.

Google My Business

We maintain an external business profile on Google. We only link to this profile and do not use any plugins from the platform on our website.

Bing Places for Business

We maintain an external business profile on Bing. We simply link to this profile and do not use any of the platform's plugins on our website.

LinkedIn

We maintain an external company profile on LinkedIn. We simply link to this profile and do not use any of the platform's plugins on our website.

Last updated: November 20, 2025

Back To Top