§ 1 General
(1) In the following, we inform you about the processing of personal data when using our website. Personal data is all data that relates or can be related to you personally, e.g., your name, address, or email address (cf. Art. 4 No. 1 GDPR).
(3) Our data protection contact person Stephan Haus (firstname.lastname@example.org) is available at all times to answer any questions you may have and to act as your key contact on the subject of data protection at our company.
§ 2 Your Rights
(1) You have the following rights pursuant to Art. 12 et seq. GDPR with regard to the personal data concerning you:
- Right to information (Art. 15 GDPR)
- Right to rectification or erasure (Art. 16 f. GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to withdraw consent (Art. 7 GDPR)
(2) Insofar as processing is based on Art. 6 (1) lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR at any time for reasons arising from your particular situation. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.
(3) You also have the right to complain to a data protection supervisory authority about our processing of your personal data. For this purpose, you may contact the authority in the Member State of your habitual residence, place of work or place of the alleged infringement. The right of appeal is without prejudice to any other administrative or judicial remedy.
§ 3 Processing of Personal Data when Visiting our Website
(1) In case of mere informational use of the website, i.e., if you do not register or otherwise transmit information to us, we only collect personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure its stability and security:
- IP address
- Date and time of the request
- Time zone difference from Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request came
- Browser (language and version of the browser software)
- Operating system and its interface (Language and version of the operating system)
The legal basis is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the technically flawless presentation of our website, which would not be possible without the processing of this data. Furthermore, cookies are used on our website. You will find more detailed explanations under § 6 of this document.
(2) We store these log files for a period of 12 month to ensure system security and stability, in particular to be able to investigate and prevent any IT security incidents in the future. The legal basis for this is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in ensuring a high level of technical security for our website. As a matter of principle, data is only stored on our servers in Germany, subject to any transfer that may take place in accordance with the regulations in § 9. If the storage period expires, the personal data is blocked or deleted unless further storage by us is necessary and there is a legal basis for this.
§ 4 Online Account and E-learnings
(1) If you use an Online Account on our webpage or our E-Learnings, your account information and learning status, including the contact details you have provided there, will be stored by us in order to process the request or any follow-up questions. The legal basis for this is Art. 6 para. 1 lit. b GDPR.
(2) The data you enter in your Online Account or E-Learnings will be retained until you request us to delete it or the purpose for storing the data no longer applies (e.g., after we have completed processing your request). Mandatory legal provisions – in particular retention periods (e.g., from § 257 HGB, § 147 AO) – remain unaffected. As a matter of principle, data is only stored on our servers in Germany, subject to any transfer in accordance with the regulations in § 9.
§ 5 Contact Form
(1) If you send us a request via the contact form, your details from the contact form, including the contact details you have provided there, will be stored by us in order to process the request and any follow-up questions. The legal basis for this is Art. 6 para. 1 lit. b GDPR.
(2) The data you enter in the contact form will be retained until you request us to delete it or the purpose for storing the data no longer applies (e.g., after we have completed processing your request). Mandatory legal provisions – in particular retention periods (e.g., from § 257 HGB, § 147 AO) – remain unaffected. As a matter of principle, data is only stored on our servers in Germany, subject to any transfer in accordance with the regulations in § 9.
(2) You can configure your browser settings according to your preferences and, for example, refuse to accept cookies. Please note that you will then not be able to use all the functions of this website.Cookie Settings
(3) First party cookies are cookies set by the website you’re visiting. Only that website can read them. In addition, a website might potentially use external services, which also set their own cookies, known as third-party cookies.
(4) Technically necessary cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested are set on the basis of Art. 6 (1) lit. f GDPR. We have a legitimate interest in storing cookies for the technically flawless and optimized provision of our services
(6) The cookies integrated by us serve the following purposes:
- Analytics: Analysis cookies collect information anonymously. This information helps us to understand how our visitors use our website.
- Personalization: Personalization cookies are used by third parties or publishers, amongst other things, to display personalized advertisements and to personalize and optimize the service and user experience.
- External Media: Content from video and social media platforms is blocked by default. If cookies from external media are accepted, access to this content no longer requires manual consent.
§ 7 Data Security
(1) We use appropriate technical and organizational security measures (Art. 32 GDPR) to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties (e.g. TLS/SSL encryption for our website), taking into account the state of the art, the implementation costs and the nature, scope, context and purpose of the processing as well as the existing risks of a data breach (including its probability and impact) for the data subject.
(2) Our security measures are continuously improved in line with technological developments. We will be happy to provide you with more detailed information on request. Please contact our above-mentioned contact person.
§ 8 Cooperation with Processors
As with any larger company, we also use external domestic and foreign service providers (e.g., for IT and telecommunications) to process our business transactions. These service providers only act on our instructions and are contractually obliged to comply with the data protection regulations in accordance with Art. 28 GDPR. Key processors are:
- Raidboxes, hosting provider
- Strato, hosting and domain provider
- Next Software Solutions, e-learning software
- Calendly, meeting scheduling software
- Sendinblue, marketing automation software
§ 9 Conditions for the Transfer of Personal Data to Third Countries
(1) As a rule, your data will not be transferred to recipients in countries outside the European Economic Area (EEA). If, in exceptional cases, such a transfer should occur, this will be done in compliance with the conditions set out in Art. 44 et seq. GDPRR. Please contact us if you would like to receive more detailed information on this.
§ 10 Further Data Protection Measures
We share information with third parties who help us provide our services, including: