Privacy policy
We are pleased that you are visiting our websites. The protection and security of your personal information when using our website and the services we provide is very important to us. Therefore, we would like to inform you at this point about which of your personal data we process and for what purposes it is used.
Who is responsible and how do I contact you?
Person in charge
for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)
edoc solutions ag
Metternicher Str. 4
53919 Weilerswist
Germany
+49 2254 9643 0
datenschutz@edoc.de
Data Protection Officer
We have appointed a data protection officer who can be reached via the e-mail address datenschutz@edoc.de or via the contact details mentioned above. Please provide postal messages to the data protection officer with the addition "Data protection – personal / confidential".
What is it about?
This privacy policy meets the legal requirements for transparency in the processing of personal data. This is any information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, e-mail address, IP address or user behaviour when visiting a website. Information for which we cannot (or only with a disproportionate effort) relate to your person, e.g. through anonymization, is not personal data. The processing of personal data (e.g. collection, retrieval, use, storage or transmission) always requires a legal basis and a defined purpose.
Stored personal data will be deleted as soon as the purpose of the processing has been achieved and there are no legitimate reasons for further storage of the data. We inform you in the individual processing operations about the specific storage periods or criteria for storage. Irrespective of this, we store your personal data in individual cases to assert, exercise or defend legal claims and in the presence of statutory retention obligations.
Who gets my data?
We only pass on your personal data, which we process on our website, to third parties if this is necessary for the fulfilment of the purposes and is covered by the legal basis (e.g. consent or protection of legitimate interests) in individual cases. In addition, we pass on personal data to third parties in individual cases if this serves the establishment, exercise or defence of legal claims. Possible recipients can then be, for example, law enforcement authorities, lawyers, auditors, courts, etc.
Insofar as we use service providers for the operation of our website who process personal data on our behalf in accordance with Art. 28 GDPR, they may be recipients of your personal data. Further information on the use of processors and web services can be found in the overview of the individual processing operations.
Cookiefirst
Type and scope of processing
We have integrated Cookiefirst on our website. Cookiefirst is a consent solution of Digital Data Solutions B.V., Plantagemiddenlaan 42A, 1018 DH Amsterdam, The Netherlands, with which consent to the storage of cookies can be obtained and documented. Cookiefirst uses cookies or other web technologies to recognize users and to store the consent given or revoked.
Purpose and legal basis
The use of the service is based on the legally required consent to obtain the use of cookies in accordance with Art. 6 para. 1 lit. c. GDPR.
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by Digital Data Solutions B.V. Further information can be found in the privacy policy for Cookiefirst: cookiefirst.com/legal/data-processing-agreement/.
What rights do I have?
Under the conditions of the statutory provisions of the General Data Protection Regulation (GDPR), you as a data subject have the following rights:
Information pursuant to Article 15 GDPR about the data stored about you in the form of meaningful information on the details of the processing and a copy of your data;
Correction pursuant to Article 16 GDPR of incorrect or incomplete data stored by us;
Deletion in accordance with Article 17 GDPR of the data stored by us, insofar as the processing is not necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
Restriction of processing in accordance with Article 18 GDPR, insofar as the accuracy of the data is disputed, the processing is unlawful, we no longer need the data and you reject its deletion because you need it to assert, exercise or defend legal claims or you have objected to the processing pursuant to Article 21 GDPR.
Data portability pursuant to Art. 20 GDPR, insofar as you have provided us with personal data within the scope of consent pursuant to Art. 6 para. 1 lit. a GDPR or on the basis of a contract pursuant to Art. 6 para. 1 lit. b GDPR and these have been processed by us using automated procedures. You will receive your data in a structured, common and machine-readable format or we will transmit the data directly to another person responsible, as far as this is technically feasible.
Objection pursuant to Art. 21 GDPR against the processing of your personal data, insofar as this is based on Art. 6 para. 1 lit. e, f GDPR and there are reasons for this arising from your particular situation or the objection is directed against direct advertising. The right to object does not exist if overriding, compelling legitimate grounds for the processing are proven or the processing is carried out to assert, exercise or defend legal claims. Insofar as the right to object to individual processing operations does not exist, this is stated there.
Revocation in accordance with Article 7 (3) GDPR of your consent with effect for the future.
Complaint pursuant to Article 77 GDPR to a supervisory authority if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or our company headquarters.
How is my data processed in detail?
Below we inform you about the individual processing operations, the scope and purpose of data processing, the legal basis, the obligation to provide your data and the respective storage period. An automated decision in individual cases, including profiling, does not take place.
Provision of the website
Type and scope of processing
When you access and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:
IP address of the requesting computer
Date and time of access
Name and URL of the retrieved file
Website from which access is made (referrer URL)
Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider
Our website is not hosted by ourselves, but by a service provider who uses the aforementioned data on our behalf pursuant to Art. 28 GDPR.
Purpose and legal basis
The processing takes place to safeguard our overriding legitimate interest in displaying our website and ensuring security and stability on the basis of Art. 6 para. lit. f GDPR. The collection of data and the storage in log files is absolutely necessary for the operation of the website. A right of objection to the processing exists due to the exception according to Art. 21 para. 1 GDPR. Insofar as the further storage of the log files is required by law, the processing is carried out on the basis of Art. 6 para. 1 lit. c GDPR. There is no legal or contractual obligation to provide the data, but it is technically not possible to access our website without providing the data.
Storage period
Unless a more specific storage period is stated within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, the data will be deleted once these reasons no longer apply.
Contact
Type and scope of processing
On our website we offer you to contact us via a form provided. The information collected via mandatory fields is required to process the request. In addition, you can voluntarily provide additional information that you believe is necessary for processing the contact request.
Purpose and legal basis
The processing of your data by using our contact form takes place for the purpose of communication and processing of your request on the basis of your consent pursuant to Art. 6 para. 1 lit. a GDPR. Insofar as your request relates to an existing contractual relationship with us, the processing for the purpose of fulfilling the contract is carried out on the basis of Art. 6 para. 1 lit. b GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to process your request without providing the information in the mandatory fields. If you do not wish to provide this data, please contact us by other means.
Storage period
We store the data you enter in the contact form until you revoke your consent to storage, submit a request for deletion or the purpose for the processing no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.
Contact form for applicants
Type and scope of processing
On our website, we offer you the opportunity to submit an application to us using a form provided. The information collected via mandatory fields is required to process the request. In addition, you can voluntarily provide additional information that you believe is necessary for processing the contact request. If you have given us your separate consent, which is independent of the use of the application form, we will forward your application to our affiliated companies. Apart from our affiliated companies, the application form is not passed on to third parties.
Your request will be processed by a processor used by us in accordance with Art. 28 GDPR.
Purpose and legal basis
The processing of your data on the basis of the use of the application form takes place for the purpose of processing your application and deciding on the establishment of an employment relationship on the basis of § 26 BDSG. There is no legal or contractual obligation to provide your data, but it is not possible to process your application without providing the information in the mandatory fields. If you do not wish to provide this data, please use other ways of applying to us.
Storage period
We store the collected data for the duration of the application process and, in the event of non-employment, for a period of six months from the date of rejection.
Personio for the application process
We use the "Personio" service. The provider is Personio GmbH & Co. KG, Rundfunkplatz 4, 80335 Munich.
Purpose of data processing
We use Personio to integrate job advertisements into our homepage. When you access our job advertisements, a connection is established between your browser and the company Personio. Personio stores a cookie required to display the website in your browser, which is deleted at the end of the session. Cookies are text files that are stored on your computer and enable an analysis of your use of the website. You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
Legal basis for data processing
The use of Personio on our homepage is based on our legitimate interest (Art. 6 para. 1 f GDPR). We have a legitimate interest in presenting our job advertisements as reliably as possible. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.
Information on data protection at Personio and for the application process can be found via the following link: www.personio.de/datenschutzerklaerung/ https://edocag.jobs.personio.de/privacy-policy?language=de
We have concluded an order processing contract (DPA) with the above-mentioned provider. This is a contract prescribed by data protection law that ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
Storage period
Application documents will be deleted no later than 6 months after rejection. If the storage is based on your consent, we will delete your personal data if you revoke your consent.
Contacting You by Email (Newsletter, Blog Subscriptions, Whitepapers, …)
Type and scope of processing
If you provide us with your data on our website (e.g., for a newsletter), we collect your email address and, if applicable, other data for the purposes stated in the form. We store this information along with the date of registration and your IP address. Subsequently, you will receive an email in which you must confirm the registration for contact (Double-Opt-in).
To send our email messages, we use a service provider that processes your personal data on our behalf in accordance with Art. 28 GDPR. Your data will not be shared with third parties.
Purpose and legal basis
We process your data for the purpose of marketing contact based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. By unsubscribing from the newsletter, you can revoke your consent at any time with future effect in accordance with Art. 7 para. 3 GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to send the aforementioned emails without providing your data.
Storage period
After signing up for the newsletter, we store the data until confirmation of the registration at most. After successful confirmation, we store your data until you revoke your consent (unsubscribe).
Registration of a customer account
Type and scope of processing
As part of the order processing, we collect your personal data to register a customer account. You can choose whether you want to order as a guest or register a permanent user account. The information collected during registration via the mandatory fields is identical in both cases and is required for the processing of the order in the online shop. When registering a permanent user account, we also collect a password of your own choosing. In addition, you can voluntarily provide additional information that you believe is necessary for the processing of the order.
A transfer of your personal data to third parties (e.g. payment service providers, shipping service providers, freight forwarders) and processors pursuant to Art. 28 GDPR only takes place insofar as this is necessary for the processing of the order.
Purpose and legal basis
We process your personal data for the purpose of registering a customer account to fulfil a contract with you in accordance with Art. 6 para. 1 lit. b GDPR. There is a contractual obligation to provide your data as far as it relates to the mandatory fields, as this information is required to identify you personally and to fulfil the contract on our part. There is no legal obligation to provide the data. Without the provision of this information, the order in our online shop and thus a contract conclusion is not possible. There is no obligation to provide the additional information voluntarily provided. The order in our online shop is also possible without the disclosure of the voluntary information.
The additional processing of your password for the registration of the permanent user account takes place for the purpose of providing a customer account and for displaying your previous purchases as well as for storing your purchase-related data (e.g. storage of billing address, different delivery addresses) on the basis of your consent pursuant to Art. 6 para. 1 lit. a GDPR. By deleting your customer account, you can revoke your revocation at any time with effect for the future in accordance with Art. 7 (3) GDPR.
Storage period
If you order as a guest, your personal data will be stored until your order has been completed (end of contract). When registering a permanent customer account, we store the purchase-related data beyond the end of the contract, until the revocation of your consent (deletion of the customer account). In both cases, your data will only be stored further if there are statutory retention obligations (e.g. tax and commercial law).
Google Services
Google Analytics
Type and scope of processing
We use Google Analytics from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as an analysis service for the statistical evaluation of our online offer. This includes, for example, the number of visits to our online offer, visited subpages and the length of stay of visitors.
Google Analytics uses cookies and other browser technologies to evaluate user behavior and recognize users.
This information is used, among other things, to compile reports on website activity.
Purpose and legal basis
We process data with the help of Google Analytics for the purpose of optimizing our website and for marketing purposes.
The use is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our website as reliably as possible. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Analytics: policies.google.com/privacy.
Google DoubleClick
Type and scope of processing
We have integrated components of DoubleClick by Google on our website. DoubleClick is a brand of Google, under which mainly special online marketing solutions are marketed to advertising agencies and publishers. DoubleClick by Google transfers data to the DoubleClick server with every impression, click, or other activity.
Each of these data transmissions triggers a cookie request to the data subject's browser. If the browser accepts this request, DoubleClick places a cookie in your browser.
DoubleClick uses a cookie ID, which is required to handle the technical procedure. The cookie ID is required, for example, to display an advertisement in a browser. DoubleClick can also use the cookie ID to record which advertisements have already been displayed in a browser in order to avoid duplication. Furthermore, it is possible for DoubleClick to record conversions through the cookie ID. Conversions are recorded, for example, if a user has previously been shown a DoubleClick advertisement and subsequently makes a purchase on the advertiser's website using the same Internet browser.
A DoubleClick cookie does not contain any personal data, but may contain additional campaign identifiers. A campaign identifier is used to identify campaigns with which you have already been in contact on other websites. As part of this service, Google gains knowledge of data that Google also uses to create commission statements. Among other things, Google can understand that you have clicked on certain links on our website. In this case, your data will be passed on to the operator of DoubleClick, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Further information and the applicable data protection provisions of DoubleClick by Google can be found at policies.google.com/privacy.
Purpose and legal basis
We process your data with the help of the double-click cookie for the purpose of optimizing and displaying advertising on the basis of your consent pursuant to Art. 6 para. 1 lit. a GDPR. You give your consent by setting the use of cookies (cookie banner / consent manager), with which you can also revoke your revocation at any time with effect for the future in accordance with Art. 7 (3) GDPR. The cookie is used, among other things, to place and display user-relevant advertising and to create reports on advertising campaigns or to improve them. Furthermore, the cookie serves to avoid multiple displays of the same advertisement. Each time you visit one of the individual pages of our website on which a DoubleClick component has been integrated, your browser is automatically prompted by the respective DoubleClick component to transmit data to Google for the purpose of online advertising and the settlement of commissions. There is no legal or contractual obligation to provide your data. If you do not give us your consent, it is possible to visit our website without restriction, but not all functions may be fully available.
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. For more information, see the privacy policy for Google DoubleClick: policies.google.com/privacy.
Google Tag Manager
Type and scope of processing
We use the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags through an interface and allows us to control the exact integration of services on our website
This allows us to flexibly integrate additional services to evaluate user access to our website.
Purpose and legal basis
The use is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our website as reliably as possible. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. For more information, see the privacy policy for Google Tag Manager: marketingplatform.google.com/about/analytics/tag-manager/use-policy/.
Hubspot
HubSpot API
Type and scope of processing
We use HubSpot API from HubSpot, Inc., Cambridge, Massachusetts, US to access other HubSpot, Inc. services and data. Your IP address is transmitted to HubSpot, Inc. Please note that a separate section of this Privacy Policy is located for each additional service we use from HubSpot, Inc.
Purpose and legal basis
The use is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our website as reliably as possible. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by HubSpot, Inc. For more information, see the HubSpot API Privacy Statement: legal.hubspot.com/privacy-policy.
HubSpot Analytics
Type and scope of processing
We use HubSpot Analytics from HubSpot, Inc., Cambridge, Massachusetts, US, as an analysis service for the statistical evaluation of our online offer. This includes, for example, the number of visits to our online offer, visited subpages and the length of stay of visitors.
HubSpot Analytics uses cookies and other browser technologies to evaluate user behavior and recognize users.
This information is used, among other things, to compile reports on website activity.
Purpose and legal basis
We process data with the help of HubSpot Analytics for the purpose of optimizing our website and for marketing purposes. The use is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our website as reliably as possible. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by HubSpot, Inc. For more information, see the HubSpot Analytics Privacy Statement: legal.hubspot.com/privacy-policy.
HubSpot CDN
Type and scope of processing
We use HubSpot CDN to properly provide the content of our website. HubSpot CDN is a service of HubSpot, Inc., which acts as a content delivery network (CDN) on our website to ensure the functionality of other HubSpot, Inc. services. For said services, you will find a separate section in this Privacy Policy. This section is only about using the CDN.
A CDN helps to make content of our online offer, especially files such as graphics or scripts, available faster with the help of regionally or internationally distributed servers. When you access this content, you connect to servers of HubSpot, Inc., Cambridge, Massachusetts, US, transmitting your IP address and, if applicable, browser data such as your user agent. This data is processed solely for the purposes set out above and to maintain the security and functionality of HubSpot CDN.
Purpose and legal basis
The use of the Content Delivery Network is based on our legitimate interests, i.e. interest in secure and efficient provision as well as the optimization of our online offer. The use is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our website as reliably as possible. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by HubSpot, Inc. For more information, see the HubSpot CDN Privacy Statement: legal.hubspot.com/de/privacy-policy.
HubSpot Chat
Type and scope of processing
We have integrated components of the customer communication platform HubSpot Chat on our website. HubSpot Chat is a service of HubSpot, Inc. and offers us the opportunity to communicate with visitors to our website via chat and to provide targeted help with questions. HubSpot Chat uses cookies and other browser technologies to evaluate user behavior and recognize users. HubSpot Chat is also used to store and transmit data entered into chats using cookies, including your IP address. In this case, your data will be passed on to the operator of HubSpot Chat, HubSpot, Inc., Cambridge, Massachusetts, US.
Purpose and legal basis
The use of HubSpot Chat is based on our legitimate interests, i.e. interest in optimizing our online offer. The use is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our website as reliably as possible. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by HubSpot, Inc. For more information, see the HubSpot Chat Privacy Statement: legal.hubspot.com/privacy-policy.
HubSpot Cookie Banner
Type and scope of processing
We have integrated HubSpot cookie banners on our website. HubSpot Cookie Banner is a consent solution provided by HubSpot, Inc., Cambridge, Massachusetts, US, with which consent to the storage of cookies can be obtained and documented. HubSpot Cookie Banner uses cookies or other web technologies to recognize users and store consent given or withdrawn.
Purpose and legal basis
The use of the service is based on the legally required consent to obtain the use of cookies in accordance with Art. 6 para. 1 lit. c. GDPR.
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by HubSpot, Inc. For more information, see the HubSpot Cookie Banner Privacy Statement: legal.hubspot.com/privacy-policy.
HubSpot Forms
Type and scope of processing
We have integrated HubSpot Forms on our website. HubSpot Forms is a service of HubSpot, Inc. and provides marketing automation software for marketing services and products, including SEO and content creation, lead management, email marketing, and web analytics.
HubSpot Forms is used to store data entered in forms, e.g. when contacting us via contact form. The data provided may be stored in our Customer Relationship Management System (CRM System).
In this case, your data will be passed on to the operator of HubSpot Forms, HubSpot, Inc., Cambridge, Massachusetts, US.
Purpose and legal basis
We process your data with the help of HubSpot Forms for the purpose of processing the contact request and its processing in accordance with Art. 6 para. 1 lit. b. GDPR.
The use of HubSpot Forms and the integrated services is subject to our legitimate interest according to Art. 6 para. 1 lit. f. GDPR, the optimization of our marketing measures and the improvement of our service quality on the website.
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by HubSpot, Inc. For more information, see the HubSpot Forms Privacy Statement: legal.hubspot.com/privacy-policy.
Google reCAPTCHA
HubSpot Forms use “Google reCAPTCHA” (hereinafter referred to as “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA is to determine whether data entered on this website (e.g., information entered into a contact form) is being provided by a human user or by an automated program. To determine this, reCAPTCHA analyzes the behavior of the website visitors based on a variety of parameters. This analysis is triggered automatically as soon as the website visitor enters the site. For this analysis, reCAPTCHA evaluates a variety of data (e.g., IP address, time the website visitor spent on the site or cursor movements initiated by the user). The data tracked during such analyses are forwarded to Google.
reCAPTCHA analyses run entirely in the background. Website visitors are not alerted that an analysis is underway.
Data are stored and analyzed on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the protection of the operator’s websites against abusive automated spying and against SPAM. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.
For more information about Google reCAPTCHA please refer to the Google Data Privacy Declaration and Terms Of Use under the following links: policies.google.com/privacy and https://policies.google.com/terms?hl=en.
Google Fonts
To ensure that fonts used on this website are uniform, this website uses so-called Google Fonts provided by Google. When you access a page on our website, your browser will load the required fonts into your browser cache to correctly display text and fonts.
To do this, the browser you use will have to establish a connection with Google’s servers. As a result, Google will learn that your IP address was used to access this website. The use of Google Fonts is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in a uniform presentation of the font on the operator’s website. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.
If your browser should not support Google Fonts, a standard font installed on your computer will be used.
For more information on Google Fonts, please follow this link: developers.google.com/fonts/faq and consult Google’s Data Privacy Declaration under: policies.google.com/privacy.
HubSpot LeadFlow
Type and scope of processing
We have integrated HubSpot LeadFlow on our website. HubSpot LeadFlow is a service of HubSpot, Inc., Cambridge, Massachusetts, US, that identifies anonymous website visitors, provides full contact information and insight into the visit history.
HubSpot LeadFlow uses cookies and other browser technologies to evaluate user behavior and recognize users.
Among other things, HubSpot LeadFlow shows us which companies have visited our website, determines the history of your visit, including all pages you have visited and viewed, and the length of your stay on this website.
HubSpot LeadFlow collects and processes data about companies such as company name, phone number, address, web address, industry, company profile, revenue, and key people on LinkedIn.
Purpose and legal basis
We process your data with the help of HubSpot LeadFlow for the purpose of optimising our website and for marketing purposes based on our legitimate interest. The use is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our website as reliably as possible. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by HubSpot, Inc. For more information, see the HubSpot LeadFlow Privacy Statement: legal.hubspot.com/privacy-policy.
HubSpot Pixel
Type and scope of processing
We use HubSpot Pixel from HubSpot, Inc., Cambridge, Massachusetts, US, to create so-called Custom Audiences, i.e. to segment visitor groups of our online offer, to determine conversion rates and then to optimize them. This happens especially when you interact with advertisements that we have served with HubSpot, Inc.
Purpose and legal basis
We process your data with the help of HubSpot Pixel for the purpose of optimizing our website and for marketing purposes. The use is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our website as reliably as possible. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by HubSpot, Inc. For more information, see the HubSpot Pixel Privacy Statement: legal.hubspot.com/privacy-policy.
Leadinfo and Leadinfo CDN
Type and scope of processing
We have integrated Leadinfo on our website as a tool for customer intelligence. Leadinfo is a service of Leadinfo B.V., Rotterdam, Netherlands, which identifies website visitors and, if necessary, enriches existing contact data. Leadinfo uses cookies and other browser technologies to evaluate user behavior and recognize users.
Among other things, Leadinfo recognizes visits by companies to our website based on IP addresses and shows us publicly available information, such as company names or addresses. In addition, Leadinfo sets two first-party cookies to evaluate user behavior on our website and processes domains from form entries (e.g. "leadinfo.com") in order to correlate IP addresses with companies and to improve the services. For more information, see www.leadinfo.com. On this page: www.leadinfo.com/en/opt-out you have an opt-out option. In the event of an opt-out, your data will no longer be collected by Leadinfo.
Purpose and legal basis
We process your data with the help of Leadinfo for the purpose of optimising our website and for marketing purposes on the basis of our legitimate interest. The use is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our website as reliably as possible. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by Leadinfo. Further information can be found in the privacy policy for Leadinfo: www.leadinfo.com
GoToWebinar
We use GoToWebinar. The provider is LogMeIn, Inc., 320 Summer Street, Boston, MA 02210, USA. For details on data processing, please refer to the GoToMeeting privacy policy: https://www.goto.com/company/legal/privacy. The data transfer to the USA is based on the EU Commission's standard contractual clauses. For details, see: https://www.goto.com/-/media/pdfs/trust---resource-center/goto-customer-dpa.pdf
Data Processing Agreement
We have concluded a data processing agreement (DPA) for the use of the aforementioned service. This is a data protection legally required contract that ensures the service provider processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.
LinkedIn Ads
Type and scope of processing
We have integrated LinkedIn Ads on our website. LinkedIn Ads is a service provided by LinkedIn Corporation that displays targeted advertising to users. LinkedIn Ads uses cookies and other browser technologies to evaluate user behavior and recognize users. LinkedIn Ads collects information about visitor behavior on various websites. This information is used to optimize the relevance of advertising. LinkedIn Ads also delivers targeted advertising based on behavioral profiles and geographic location. Your IP address and other identification features such as your user agent are transmitted to the provider. In this case, your data will be passed on to the operator of LinkedIn Ads, LinkedIn Corporation, Sunnyvale, California, US.
Web tracking technologies are used to create pseudonymised user profiles. These profiles cannot be merged with you as a natural person, but are used, for example, for segmentation when displaying advertisements.
Purpose and legal basis
The use of LinkedIn Ads is based on your consent in accordance with Art. 6 para. 1 lit. a. DSGVO and § 25 para. 1 TTDSG.
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by LinkedIn Corporation. Further information can be found in the privacy policy for LinkedIn Ads: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy
LinkedIn Insight-Tag
Type and scope of processing
We use LinkedIn Insight Tag from LinkedIn Corporation, Sunnyvale, California, US, to create target groups, segment visitor groups of our online offering, determine conversion rates and then optimize them. This happens in particular when you interact with advertisements that we have served with LinkedIn Corporation. For this purpose, LinkedIn Corporation offers retargeting for website visitors in order to display targeted advertising outside our website.
LinkedIn Insight Tag collects data about visits to our website, including URL, referrer URL, IP address, device and browser properties (user agent), and timestamps. This data is used to provide anonymous reports on the website audience and ad performance.
Purpose and legal basis
The use of LinkedIn Insight Tag is based on your consent in accordance with Art. 6 para. 1 lit. a. DSGVO and § 25 para. 1 TTDSG.
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by LinkedIn Corporation. For more information, see the LinkedIn Insight Tag Privacy Policy: https://www.linkedin.com/legal/privacy-policy
YouTube Video
Type and scope of processing
We have integrated YouTube video on our website. YouTube Video is a component of YouTube, LLC's video platform where users can upload content, share it over the Internet, and receive detailed statistics.
YouTube Video allows us to integrate content from the platform into our website.
YouTube Video uses cookies and other browser technologies to evaluate user behavior, recognize users and create user profiles. This information is used, among other things, to analyze the activity of the listened content and to create reports. If a user is registered with YouTube, LLC, YouTube Video can associate the videos played with the profile.
When you access this content, you establish a connection to servers of YouTube, LLC, Google Ireland Limited, Gordon House, Barrow Street Dublin 4 Ireland, whereby your IP address and, if applicable, browser data such as your user agent are transmitted.
Purpose and legal basis
The use of the service is based on your consent in accordance with Art. 6 para. 1 lit. a. DSGVO and § 25 para. 1 TTDSG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. In cases where there is no adequacy decision of the European Commission (e.g. in the USA), we have other suitable guarantees within the meaning of Art. 44 ff. GDPR. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of 4 June 2021. A copy of these Standard Contractual Clauses can be viewed at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE.
In addition, prior to such a third country transfer, we obtain your consent in accordance with Art. 49 para. 1 sentence 1 lit. a. GDPR, which you give via the consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that in the case of transfers to third countries, risks unknown in detail (e.g. data processing by security authorities of the third country, the exact scope and consequences of which we do not know for you, over which we have no influence and of which you may not be aware) may exist.
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by YouTube, LLC. For more information, see the privacy policy for YouTube video: https://policies.google.com/privacy.
Supademo
This website uses plugins from the Supademo portal. The provider is Supademo Inc., New York, New York, United States.
When you visit one of our pages equipped with Supademo plugins, a connection to Supademo's servers is established. This informs the Supademo server about which of our pages you have visited. Additionally, Supademo obtains your IP address.
The use of Supademo is for the purpose of presenting our online offerings in an appealing manner. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR. If consent has been requested, processing will be carried out exclusively based on Art. 6(1)(a) GDPR; consent can be revoked at any time.
According to Supademo, data transmission outside the European Economic Area (EEA) is based on the EU Commission's Standard Contractual Clauses: "We ensure that any transfer of personal data from countries within the European Economic Area (EEA) to countries outside the EEA is protected by appropriate safeguards, such as the use of European Commission approved Standard Contractual Clauses, Binding Corporate Rules or other legally recognized means."
For more information on how Supademo handles user data, please refer to Supademo's privacy policy at: https://supademo.com/privacy.
edoc system control
Type and Scope of Processing
Through our system-control websites, employees of edoc solutions ag, as well as other registered partners and customers, can manage customer systems.
Purpose and Legal Basis
The use of the service is intended for purposes such as monitoring and administering the systems. This constitutes a contractual basis pursuant to Art. 6(1)(b) GDPR.
Storage period
The specific storage duration of the processed data is not within our control but is determined by the customer.
Microsoft Azure
We use Microsoft Azure for edoc system control. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA.
The use of this tool is based on Art. 6(1)(b) GDPR. If consent has been requested, processing will be carried out exclusively based on Art. 6(1)(a) GDPR; consent can be revoked at any time.
System Control is hosted via an Azure Kubernetes Service in the North Europe region. Authentication is done through Microsoft Entra ID. Assignment of users (customers) to individual systems is done via a Microsoft Entra ID account.
For more information, please refer to Microsoft's privacy policy at: [privacy.microsoft.com/de-de/privacystatement](https://privacy.microsoft.com/de-de/privacystatement).
Conclusion of a Data Processing Agreement
We have concluded a data processing agreement with Microsoft and fully implement the strict requirements of the German data protection authorities when using Microsoft.
Presence on social media platforms
We maintain publicly accessible profiles on social networks. The social networks we use in detail can be found below.
Social networks such as Facebook etc. can usually comprehensively analyze your user behavior when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media presences triggers numerous data protection-relevant processing operations. In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your device or by collecting your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, interest-based advertising can be displayed on all devices on which you are logged in or were logged in.
Please also note that we cannot track all processing operations on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and data protection provisions of the respective social media portals.
Legal basis
Our social media appearances are intended to ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases that must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a GDPR).
Controller and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both vis-à-vis us and .dem operators of the respective social media portal (e.g. Facebook).
Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are largely based on the corporate policy of the respective provider.
Storage period
The data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose for its storage no longer applies, you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your device until you delete them. Mandatory legal provisions – esp. Retention periods – remain unaffected.
We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).
Facebook page
We have a profile on Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the collected data will also be transferred to the USA and other third countries.
We have entered into a joint processing agreement with Facebook (Controller Addendum). This agreement specifies which data processing operations we or Facebook are responsible for when you visit our Facebook page. This agreement can be viewed at the following link: https://www.facebook.com/legal/terms/page_controller_addendum. In accordance with its Data Policy (https://www.facebook.com/about/privacy), Facebook processes personal data on the following legal bases: "- as necessary to comply with our Facebook Terms of Service or the Instagram Terms of Service; in accordance with your consent, which you can withdraw at any time through Facebook Settings and Instagram Settings; as necessary to comply with our legal obligations; to protect your vital interests or those of others; as required in the public interest; and as necessary for our legitimate interests (as well as those of others), including our interest in providing innovative, personalised, secure and profitable services to our users and partners, except where those interests are overridden by your interests or fundamental rights and freedoms that require the protection of personal data." Facebook uses this information acc. https://www.facebook.com/about/privacy to "provide, personalize and improve our products, provide measurement, analytics and other business services, promote safety, integrity and security, communicate with you, research and innovation for social purposes."
The rights of data subjects vis-à-vis Facebook Ireland can be exercised under the Facebook Ireland Privacy Policy under www.facebook.com/about/privacy. You can adjust your advertising settings independently in your user account. To do this, click on the following link and log in: https://www.facebook.com/settings?tab=ads.
Details can be found in Facebook's privacy policy: https://www.facebook.com/about/privacy/.
Instagram page
We have a profile on Instagram. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. Details on how they handle your personal data can be found in Instagram's privacy policy: https://help.instagram.com/519522125107875.
LinkedIn page
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn is certified according to the EU-US Privacy Shield. LinkedIn uses advertising cookies.
If you wish to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Details on how they handle your personal data can be found in LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.
XING page
We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. Details on how they handle your personal data can be found in XING's privacy policy: https://privacy.xing.com/de/datenschutzerklaerung
Handling of applicant data
We offer you the opportunity to apply to us (e.g. by e-mail or post). In the following we inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data is carried out in accordance with applicable data protection law and all other legal provisions and that your data will be treated as strictly confidential.
Scope and purpose of data collection
If you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes in the context of job interviews, etc.) insofar as this is necessary to decide on the establishment of an employment relationship. The legal basis for this is § 26 BDSG-neu according to German law (initiation of an employment relationship), Art. 6 para. 1 lit. b GDPR (general contract initiation) and – if you have given your consent – Art. 6 para. 1 lit. a GDPR. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.
If the application is successful, the data submitted by you will be processed on the basis of § 26 BDSG-neu and Art. 6 para. 1 lit. b GDPR for the purpose of carrying out the employment relationship in our data processing systems.
Data retention period
If we are unable to make you a job offer, reject a job offer or withdraw your application, we reserve the right to store the data transmitted by you on the basis of our legitimate interests (Art. 6 para. 1 lit. f GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application). Subsequently, the data will be deleted and the physical application documents destroyed. The storage serves in particular for purposes of proof in the event of a legal dispute. If it can be seen that the data will be required after expiry of the 6-month period (e.g. due to an imminent or pending legal dispute), deletion will only take place when the purpose for further storage no longer applies.
Longer storage may also take place if you have given your consent (Art. 6 para. 1 lit. a GDPR) or if statutory storage obligations preclude deletion.
Handling of data of business partners (customers, interested parties, suppliers)
We collect personal data for the purpose of executing the contract, fulfilling contractual and pre-contractual obligations and for direct advertising. The data collection and data processing is necessary for the execution of the contract and is based on Article 6 (1) (b) GDPR. The use of personal data for advertising purposes represents a legitimate interest of our company (Art. 6 para. 1 f) GDPR). A transfer of the data to third parties takes place if this is necessary for the fulfillment of the order (e.g. complaints). The data will be deleted as soon as they are no longer necessary for the purpose of their processing. You have the right to object to the use of your data for direct marketing purposes at any time. In addition, you are entitled to request information about the data stored by us about you and to request the correction of the data in the event of inaccuracy or, in the event of inadmissible data storage, the deletion of the data. To assert your rights, please use the above contact details.
Microsoft services
We use Microsoft services to organize our business processes. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland and Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA and/or Microsoft Online Inc.,
12012 Sunset Hills Road, Reston VA 20190, USA. The use of Microsoft services is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in processing data for the purpose of simplifying the organization of our company. The data may also be processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the performance of a contract or is necessary in order to take steps prior to entering into a contract. If we previously obtained your consent, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 of the German Telecommunications Digital Services Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information on the user’s device within the meaning of the TTDSG. This consent can be revoked at any time. We collect data from you when you use our services. The type of data collected depends on the services you use and your settings.
You can find more details in Microsoft’s privacy policy at: https://privacy.microsoft.com/en-us/privacystatement. Please see below for more detailed explanations of the Microsoft services we use.
Storage period
The data processed using Microsoft services will remain with us until you ask us to delete it, until you revoke your consent to the storage, or until the purpose for storing the data no longer applies (e.g. once your request has been processed). Mandatory statutory provisions, in particular regarding retention periods, remain unaffected by this.
Conclusion of a data processing agreement
We have concluded a data processing agreement with Microsoft, and we fully comply with the strict requirements of the German data protection authorities when using Microsoft services.
Data transmission
Data may be transferred to entities located in countries outside the EU or the European Economic Area (EEA), known as third countries, if this is necessary for the execution of an order/contract, if this is required by law, if there is a legitimate interest for doing so, or if corresponding consent has been given. It is possible that personal data may be processed in a third country, insofar as service providers are commissioned to carry out the data processing. If there is no decision by the EU Commission on whether the level of data protection in the country in question is adequate, EU data protection regulations ensure that appropriate contracts are concluded to ensure that the rights and freedoms of business partners and interested parties are adequately protected and guaranteed.
Microsoft Forms
We use Microsoft Forms for registrations. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.
Microsoft Forms is a service for evaluating responses in forms. The data you enter for the purpose of obtaining income tax information is stored on the servers of Microsoft USA or Microsoft Ireland.
The use of this tool is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in processing the data for the purpose of simplifying contract fulfillment, for marketing purposes or for making contact with you. The data may also be processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the performance of a contract or is necessary in order to take steps prior to entering into a contract. If we previously obtained your consent, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 of the German Telecommunications Digital Services Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information on the user’s device within the meaning of the TTDSG. This consent can be revoked at any time. You can find more details in Microsoft’s privacy policy at: https://privacy.microsoft.com/en-us/privacystatement.
Note on data transfer to the USA
Your personal data may be transferred to Microsoft’s servers in the United States. We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are obliged to disclose personal data to security authorities without you, the data subject, having any legal recourse to prevent this. It therefore cannot be ruled out that US authorities (e.g. intelligence services) may process, evaluate and permanently store your data on US servers for surveillance purposes. We have no control over these processing activities. The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. Furthermore, Microsoft is certified in accordance with the EU-U.S. Data Privacy Framework (EU-US DPF) (https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000KzNaAAK&status=Active).
Storage period
The data you enter in the form will remain with us until you ask us to delete it, until you revoke your consent to the storage, or until the purpose for storing the data no longer applies (e.g. once your request has been processed). Mandatory statutory provisions, in particular regarding retention periods, remain unaffected by this.
Conclusion of a data processing agreement
We have concluded a data processing agreement with Microsoft, and we fully comply with the strict requirements of the German data protection authorities when using Microsoft services.
Data transmission
Data may be transferred to entities located in countries outside the EU or the European Economic Area (EEA), known as third countries, if this is necessary for the execution of an order/contract, if this is required by law, if there is a legitimate interest for doing so, or if corresponding consent has been given. It is possible that personal data may be processed in a third country, insofar as service providers are commissioned to carry out the data processing. If there is no decision by the EU Commission on whether the level of data protection in the country in question is adequate, EU data protection regulations ensure that appropriate contracts are concluded to ensure that the rights and freedoms of business partners and interested parties are adequately protected and guaranteed.
Cookies
The Microsoft Forms site sometimes uses cookies. These cookies include:
Name | Recipient |
MUID | .office.com |
MS0 | .microsoft.com |
fptctx2 | .microsoft.com |
MicrosoftApplicationsTelemetryDeviceId | forms.microsoft.com |
bm_sv | .microsoft.com |
ak_bmsc | .microsoft.com |
MSFPC | forms.microsoft.com |
ai_session | forms.microsoft.com |
RpsAuthNonce | forms.microsoft.com |
__RequestVerificationToken | forms.microsoft.com |
FormsWebSessionId | forms.microsoft.com |
RpsAuthNonce | .forms.microsoft.com |
_ga_KF2MST0C8W | .microsoft.com |
_ga_2V1LWVMFEQ | .microsoft.com |
_ga | .microsoft.com |
MC1 | .microsoft.com |
MSCC | .microsoft.com |
You can set your browser to notify you whenever cookies are set and to only allow cookies in individual cases, to reject cookies in general or for specific cases, and to automatically delete cookies when the browser is closed. If cookies are disabled, the functionality of this website may be restricted.
Cookies that are required to carry out electronic communication or to provide certain functions you have requested are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in storing cookies to ensure the optimal and error-free provision of its services.
Microsoft Teams
We use Microsoft Teams. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Details on data processing can be found in the Microsoft Teams privacy policy: privacy.microsoft.com/en-us/privacystatement.
Note on data transfer to the USA
Your personal data may be transferred to Microsoft’s servers in the United States. We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are obliged to disclose personal data to security authorities without you, the data subject, having any legal recourse to prevent this. It therefore cannot be ruled out that US authorities (e.g. intelligence services) may process, evaluate and permanently store your data on US servers for surveillance purposes. We have no control over these processing activities. The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. Furthermore, Microsoft is certified in accordance with the EU-U.S. Data Privacy Framework (EU-US DPF) (https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000KzNaAAK&status=Active).
Storage period
The data processed with Microsoft Teams will remain with us until you ask us to delete it, until you revoke your consent to the storage, or until the purpose for storing the data no longer applies (e.g. once your request has been processed). Mandatory statutory provisions, in particular regarding retention periods, remain unaffected by this.
Conclusion of a data processing agreement
We have concluded a data processing agreement with the provider of Microsoft Teams, and we fully comply with the strict requirements of the German data protection authorities when using Microsoft services.
Data transmission
Data may be transferred to entities located in countries outside the EU or the European Economic Area (EEA), known as third countries, if this is necessary for the execution of an order/contract, if this is required by law, if there is a legitimate interest for doing so, or if corresponding consent has been given. It is possible that personal data may be processed in a third country, insofar as service providers are commissioned to carry out the data processing. If there is no decision by the EU Commission on whether the level of data protection in the country in question is adequate, EU data protection regulations ensure that appropriate contracts are concluded to ensure that the rights and freedoms of business partners and interested parties are adequately protected and guaranteed.
Microsoft Bookings
We use Microsoft Bookings to manage appointments and operate a callback service. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
Microsoft Bookings is a service for requesting appointments and submitting product queries. The data you enter for the purpose of your query (name, e-mail address, telephone number, address, website URL and your notes/query) are stored on the servers of Microsoft USA or Microsoft Ireland.
The use of this tool is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in managing appointments and products in order to optimize our services. The data may also be processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the performance of a contract or is necessary in order to take steps prior to entering into a contract. If we previously obtained your consent, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 of the German Telecommunications Digital Services Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information on the user’s device within the meaning of the TTDSG. This consent can be revoked at any time.
You can find more details in Microsoft's privacy policy at: privacy.microsoft.com/en-us/privacystatement.
Conclusion of a data processing agreement
We have concluded a data processing agreement with Microsoft, and we fully comply with the strict requirements of the German data protection authorities when using Microsoft Bookings.
Note on data transfer to the USA
Your personal data may be transferred to Microsoft’s servers in the United States. We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are obliged to disclose personal data to security authorities without you, the data subject, having any legal recourse to prevent this. It therefore cannot be ruled out that US authorities (e.g. intelligence services) may process, evaluate and permanently store your data on US servers for surveillance purposes. We have no control over these processing activities. The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. Furthermore, Microsoft is certified in accordance with the EU-U.S. Data Privacy Framework (EU-US DPF) (https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000KzNaAAK&status=Active).
Storage period
The data processed with Microsoft Bookings will remain with us until you ask us to delete it, until you revoke your consent to the storage, or until the purpose for storing the data no longer applies (e.g. once your request has been processed). Mandatory statutory provisions, in particular regarding retention periods, remain unaffected by this.
Conclusion of a data processing agreement
We have concluded a data processing agreement with Microsoft, and we fully comply with the strict requirements of the German data protection authorities when using Microsoft services.
Data transmission
Data may be transferred to entities located in countries outside the EU or the European Economic Area (EEA), known as third countries, if this is necessary for the execution of an order/contract, if this is required by law, if there is a legitimate interest for doing so, or if corresponding consent has been given. It is possible that personal data may be processed in a third country, insofar as service providers are commissioned to carry out the data processing. If there is no decision by the EU Commission on whether the level of data protection in the country in question is adequate, EU data protection regulations ensure that appropriate contracts are concluded to ensure that the rights and freedoms of business partners and interested parties are adequately protected and guaranteed.
Cookies
The Microsoft Bookings site sometimes uses cookies. These cookies include:
Name | Expiration date of the cookie | Recipient |
MC1 | 1 year | .microsoft.com |
OIDC | 6 months | outlook.office365.com |
MS0 | Session | .microsoft.com |
ClientId | 1 year | outlook.office365.com |
Microsoft FindTime
We use Microsoft FindTime for scheduling and managing appointments. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
Microsoft FindTime is a service for scheduling appointments. The data you enter for the purpose of voting (preferences, confirmation and/or rejection of suggested appointments, and suggestions for alternate times) as well as the personal data provided by us (e-mail address, first and last name, possibly the subject and location of the appointment) are stored on the servers of Microsoft USA or Microsoft Ireland. The polling data is stored in the organizer’s mailbox and encrypted by Microsoft.
You can use the “Show availability” function to allow your own appointments to be displayed in FindTime; you do this by logging in with your Microsoft account; we are not responsible for this processing.
The use of this tool is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in finding and managing appointments in order to optimize our processes. The data may also be processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the performance of a contract or is necessary in order to take steps prior to entering into a contract. If we previously obtained your consent, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 of the German Telecommunications Digital Services Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information on the user’s device within the meaning of the TTDSG. This consent can be revoked at any time.
You can find more details in Microsoft's privacy policy at: privacy.microsoft.com/en-us/privacystatement or https://support.microsoft.com/en-us/office/scheduling-poll-articles-7b5ff6c7-4f65-48e6-89b8-3f053c40e382.
Note on data transfer to the USA
Your personal data may be transferred to Microsoft’s servers in the United States. We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are obliged to disclose personal data to security authorities without you, the data subject, having any legal recourse to prevent this. It therefore cannot be ruled out that US authorities (e.g. intelligence services) may process, evaluate and permanently store your data on US servers for surveillance purposes. We have no control over these processing activities. The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. Furthermore, Microsoft is certified in accordance with the EU-U.S. Data Privacy Framework (EU-US DPF) (https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000KzNaAAK&status=Active).
Storage period
The data processed with Microsoft FindTime will remain with us until you ask us to delete it, until you revoke your consent to the storage, or until the purpose for storing the data no longer applies (e.g. once your request has been processed). Mandatory statutory provisions, in particular regarding retention periods, remain unaffected by this.
Conclusion of a data processing agreement
We have concluded a data processing agreement with Microsoft, and we fully comply with the strict requirements of the German data protection authorities when using Microsoft services.
Data transmission
Data may be transferred to entities located in countries outside the EU or the European Economic Area (EEA), known as third countries, if this is necessary for the execution of an order/contract, if this is required by law, if there is a legitimate interest for doing so, or if corresponding consent has been given. It is possible that personal data may be processed in a third country, insofar as service providers are commissioned to carry out the data processing. If there is no decision by the EU Commission on whether the level of data protection in the country in question is adequate, EU data protection regulations ensure that appropriate contracts are concluded to ensure that the rights and freedoms of business partners and interested parties are adequately protected and guaranteed.
Cookies
The Microsoft FindTime pages sometimes use cookies. These cookies include:
Name | Expiration date of the cookie | Recipient
|
OutlookSession | Session | outlook.office.com
|
ShCLSessionID | Session | outlook.office.com
|
OpenIdConnect.nonce.v3 | 1 day | outlook.office.com
|
OIDC | 173 days | outlook.office.com
|
X-OWA-RedirectHistory | 2 days | outlook.office.com
|
ClientId | 357 days | outlook.office.com
|
You can set your browser to notify you whenever cookies are set and to only allow cookies in individual cases, to reject cookies in general or for specific cases, and to automatically delete cookies when the browser is closed. If cookies are disabled, the functionality of this website may be restricted. Cookies that are required to carry out electronic communication or to provide certain functions you have requested are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in storing cookies to ensure the optimal and error-free provision of its services.
PowerAutomate
We use Microsoft PowerAutomate to optimize business processes. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
PowerAutomate is a platform that allows us to create automated workflows that connect different applications and services. We use PowerAutomate to optimize our business processes, to increase our productivity and better serve our customers. We use PowerAutomate to send e-mails, update databases, generate documents, receive notifications and much more. PowerAutomate offers us a simple and flexible way to get our work done without the need for programming skills. The use of this tool is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in optimizing business processes. The data may also be processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the performance of a contract or is necessary in order to take steps prior to entering into a contract. If we previously obtained your consent, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 of the German Telecommunications Digital Services Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information on the user’s device within the meaning of the TTDSG. This consent can be revoked at any time.
Note on data transfer to the USA
Your personal data may be transferred to Microsoft’s servers in the United States. We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are obliged to disclose personal data to security authorities without you, the data subject, having any legal recourse to prevent this. It therefore cannot be ruled out that US authorities (e.g. intelligence services) may process, evaluate and permanently store your data on US servers for surveillance purposes. We have no control over these processing activities. The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. Furthermore, Microsoft is certified in accordance with the EU-U.S. Data Privacy Framework (EU-US DPF) (https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000KzNaAAK&status=Active).
Storage period
The data processed with PowerAutomate will remain with us until you ask us to delete it, until you revoke your consent to the storage, or until the purpose for storing the data no longer applies (e.g. once your request has been processed). Mandatory statutory provisions, in particular regarding retention periods, remain unaffected by this.
Conclusion of a data processing agreement
We have concluded a data processing agreement with Microsoft, and we fully comply with the strict requirements of the German data protection authorities when using Microsoft services.
Data transmission
Data may be transferred to entities located in countries outside the EU or the European Economic Area (EEA), known as third countries, if this is necessary for the execution of an order/contract, if this is required by law, if there is a legitimate interest for doing so, or if corresponding consent has been given. It is possible that personal data may be processed in a third country, insofar as service providers are commissioned to carry out the data processing. If there is no decision by the EU Commission on whether the level of data protection in the country in question is adequate, EU data protection regulations ensure that appropriate contracts are concluded to ensure that the rights and freedoms of business partners and interested parties are adequately protected and guaranteed.
Azure Logic Apps
We use Azure Logic Apps as a Platform-as-a-Service (iPaaS). The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
Azure Logic Apps is a leading integration Platform-as-a-Service (iPaaS) based on a containerized runtime. We use Logic Apps to create and execute workflows in any location to improve scalability and portability. We also automate all business-critical workflows. This platform enables us to create and execute automated workflows with little to no code. By using the visual designer and selecting from preconfigured processes, we can quickly create a workflow that integrates and manages your apps, data, services and systems. The use of this tool is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in implementing workflows. The data may also be processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the performance of a contract or is necessary in order to take steps prior to entering into a contract. If we previously obtained your consent, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 of the German Telecommunications Digital Services Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information on the user’s device within the meaning of the TTDSG. This consent can be revoked at any time.
Note on data transfer to the USA
Your personal data may be transferred to Microsoft’s servers in the United States. We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are obliged to disclose personal data to security authorities without you, the data subject, having any legal recourse to prevent this. It therefore cannot be ruled out that US authorities (e.g. intelligence services) may process, evaluate and permanently store your data on US servers for surveillance purposes. We have no control over these processing activities. The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. Furthermore, Microsoft is certified in accordance with the EU-U.S. Data Privacy Framework (EU-US DPF) (https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000KzNaAAK&status=Active).
Storage period
The data processed with Azure Logic Apps will remain with us until you ask us to delete it, until you revoke your consent to the storage, or until the purpose for storing the data no longer applies (e.g. once your request has been processed). Mandatory statutory provisions, in particular regarding retention periods, remain unaffected by this.
Conclusion of a data processing agreement
We have concluded a data processing agreement with Microsoft, and we fully comply with the strict requirements of the German data protection authorities when using Microsoft services.
Data transmission
Data may be transferred to entities located in countries outside the EU or the European Economic Area (EEA), known as third countries, if this is necessary for the execution of an order/contract, if this is required by law, if there is a legitimate interest for doing so, or if corresponding consent has been given. It is possible that personal data may be processed in a third country, insofar as service providers are commissioned to carry out the data processing. If there is no decision by the EU Commission on whether the level of data protection in the country in question is adequate, EU data protection regulations ensure that appropriate contracts are concluded to ensure that the rights and freedoms of business partners and interested parties are adequately protected and guaranteed.
Microsoft Stream
We use Microsoft Stream to provide videos. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
Microsoft Stream is a platform for managing, presenting and sharing videos in Microsoft 365. With Stream we can record explainer videos, conduct meetings, find chapters and transcripts, perform analyses and more. The use of this tool is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in providing videos. The data may also be processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the performance of a contract or is necessary in order to take steps prior to entering into a contract. If we previously obtained your consent, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 of the German Telecommunications Digital Services Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information on the user’s device within the meaning of the TTDSG. This consent can be revoked at any time.
Note on data transfer to the USA
Your personal data may be transferred to Microsoft’s servers in the United States. We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are obliged to disclose personal data to security authorities without you, the data subject, having any legal recourse to prevent this. It therefore cannot be ruled out that US authorities (e.g. intelligence services) may process, evaluate and permanently store your data on US servers for surveillance purposes. We have no control over these processing activities. The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. Furthermore, Microsoft is certified in accordance with the EU-U.S. Data Privacy Framework (EU-US DPF) (https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000KzNaAAK&status=Active).
Storage period
The data processed with Microsoft Stream will remain with us until you ask us to delete it, until you revoke your consent to the storage, or until the purpose for storing the data no longer applies (e.g. once your request has been processed). Mandatory statutory provisions, in particular regarding retention periods, remain unaffected by this.
Conclusion of a data processing agreement
We have concluded a data processing agreement with Microsoft, and we fully comply with the strict requirements of the German data protection authorities when using Microsoft services.
Data transmission
Data may be transferred to entities located in countries outside the EU or the European Economic Area (EEA), known as third countries, if this is necessary for the execution of an order/contract, if this is required by law, if there is a legitimate interest for doing so, or if corresponding consent has been given. It is possible that personal data may be processed in a third country, insofar as service providers are commissioned to carry out the data processing. If there is no decision by the EU Commission on whether the level of data protection in the country in question is adequate, EU data protection regulations ensure that appropriate contracts are concluded to ensure that the rights and freedoms of business partners and interested parties are adequately protected and guaranteed.
Microsoft Dynamics 365 Business Central
We use Business Central for enterprise resource planning (ERP). The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
Microsoft Dynamics 365 Business Central is a comprehensive enterprise resource planning (ERP) solution for small and medium-sized enterprises. The use of this tool is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in enterprise resource planning. The data may also be processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the performance of a contract or is necessary in order to take steps prior to entering into a contract. If we previously obtained your consent, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 of the German Telecommunications Digital Services Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information on the user’s device within the meaning of the TTDSG. This consent can be revoked at any time.
Note on data transfer to the USA
Your personal data may be transferred to Microsoft’s servers in the United States. We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are obliged to disclose personal data to security authorities without you, the data subject, having any legal recourse to prevent this. It therefore cannot be ruled out that US authorities (e.g. intelligence services) may process, evaluate and permanently store your data on US servers for surveillance purposes. We have no control over these processing activities. The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. Furthermore, Microsoft is certified in accordance with the EU-U.S. Data Privacy Framework (EU-US DPF) (https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000KzNaAAK&status=Active).
Storage period
The data processed with Business Central will remain with us until you ask us to delete it, until you revoke your consent to the storage, or until the purpose for storing the data no longer applies (e.g. once your request has been processed). Mandatory statutory provisions, in particular regarding retention periods, remain unaffected by this.
Conclusion of a data processing agreement
We have concluded a data processing agreement with Microsoft, and we fully comply with the strict requirements of the German data protection authorities when using Microsoft services.
Data transmission
Data may be transferred to entities located in countries outside the EU or the European Economic Area (EEA), known as third countries, if this is necessary for the execution of an order/contract, if this is required by law, if there is a legitimate interest for doing so, or if corresponding consent has been given. It is possible that personal data may be processed in a third country, insofar as service providers are commissioned to carry out the data processing. If there is no decision by the EU Commission on whether the level of data protection in the country in question is adequate, EU data protection regulations ensure that appropriate contracts are concluded to ensure that the rights and freedoms of business partners and interested parties are adequately protected and guaranteed.
The following information is provided and updated by Consent Management - CookieFirst: